You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2020/10/05 13:29:00 UTC
[jira] [Updated] (KARAF-6733) Inject values from files in config
files
[ https://issues.apache.org/jira/browse/KARAF-6733?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jean-Baptiste Onofré updated KARAF-6733:
----------------------------------------
Fix Version/s: (was: 4.2.10)
4.2.11
> Inject values from files in config files
> -----------------------------------------
>
> Key: KARAF-6733
> URL: https://issues.apache.org/jira/browse/KARAF-6733
> Project: Karaf
> Issue Type: Improvement
> Components: karaf
> Affects Versions: 4.2.8
> Reporter: Alex Soto
> Assignee: Jean-Baptiste Onofré
> Priority: Minor
> Fix For: 4.3.0, 4.2.11
>
>
> Currently, I can have the following in a configuration file:
>
> org.ops4j.pax.web.ssl.password={color:#2a00ff}${env:MYPASSWORD}{color}
>
> And, as the documentation states:
> {quote}Environment variables can be referenced inside configuration files using the syntax {{$\{env:<name>}}} (e.g. {{property=$\{env:FOO}}} will set "property" to the value of the enviroment variable "FOO").
> {quote}
>
> Karaf will use the value from the environment variable. It's all good, but...
>
> When used with Docker secrets, this forces you to copy the secret from the default location "/run/secrets/" to an environment variable.
>
> This is a proposal to add a Karaf mechanism to inject values from files in config files. For example:
>
> org.ops4j.pax.web.ssl.password={color:#2a00ff}${[file:/run/secrets/mypassword|file:///run/secrets/mypassword]}{color}
>
> So, when Karaf’s see the prefix _$[file:_|file:///_] it will get the content of the file and use it as the value of the configuration key.
>
> This way:
>
> 1) I don’t have to write a complex script to copy the secret into the environment variable, and
> 2) the secret is only in one place.
>
>
> (prefix "file" is just for illustration, it can be something else)
>
> See discussion here: [http://karaf.922171.n3.nabble.com/Using-Docker-Secrets-in-Karaf-Configuration-td4058215.html]
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)