You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2020/10/05 13:29:00 UTC

[jira] [Updated] (KARAF-6733) Inject values from files in config files

     [ https://issues.apache.org/jira/browse/KARAF-6733?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jean-Baptiste Onofré updated KARAF-6733:
----------------------------------------
    Fix Version/s:     (was: 4.2.10)
                   4.2.11

>  Inject values from files in config files
> -----------------------------------------
>
>                 Key: KARAF-6733
>                 URL: https://issues.apache.org/jira/browse/KARAF-6733
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf
>    Affects Versions: 4.2.8
>            Reporter: Alex Soto
>            Assignee: Jean-Baptiste Onofré
>            Priority: Minor
>             Fix For: 4.3.0, 4.2.11
>
>
> Currently, I can have the following in a configuration file:
>   
>       org.ops4j.pax.web.ssl.password={color:#2a00ff}${env:MYPASSWORD}{color}
>   
>  And,  as the documentation states:
> {quote}Environment variables can be referenced inside configuration files using the syntax {{$\{env:<name>}}} (e.g. {{property=$\{env:FOO}}} will set "property" to the value of the enviroment variable "FOO"). 
> {quote}
>  
>  Karaf will use the value from the environment variable. It's all good, but... 
>   
>  When used with Docker secrets, this forces you to copy the secret from the default location "/run/secrets/" to an environment variable. 
>   
>  This is a proposal to add a Karaf mechanism to inject values from files in config files. For example: 
>   
>      org.ops4j.pax.web.ssl.password={color:#2a00ff}${[file:/run/secrets/mypassword|file:///run/secrets/mypassword]}{color}
>   
>  So, when Karaf’s see the prefix _$[file:_|file:///_]  it will get the content of the file and use it as the value of the configuration key.
>   
>  This way:
>   
>    1) I don’t have to write a complex script to copy the secret into the environment variable, and
>    2) the secret is only in one place.
>   
>   
>  (prefix "file" is just for illustration, it can be something else)
>   
> See discussion here:  [http://karaf.922171.n3.nabble.com/Using-Docker-Secrets-in-Karaf-Configuration-td4058215.html]
>   



--
This message was sent by Atlassian Jira
(v8.3.4#803005)