I am running a spring boot app on a docker swarm stack and would would like to use docker secrets for token secrets, api keys, etc... It was no problem to create the secrets and make them available in my running docker container with the following compose file:
version: "3.7"
services:
app:
image: myimage
environment:
tokenSecret: /run/secrets/tokenSecret
apiKey: /run/secrets/apiKey
secrets:
- tokenSecret
- apiKey
frontend:
.....
db:
.....
secrets:
tokenSecret:
external: true
apiKey:
external: true
The secrets were created by printf some_secret | docker secret create tokenSecret -
Before using docker secrets, I was storing the properties in my application.properties file:
tokenSecret: some_secret
apiKey: some_key
and could access them by:
@Component
public class AppProperties {
private Environment environment;
@Autowired
public void setEnvironment(Environment environment) {
this.environment = environment;
}
public String getTokenSecret(){
return environment.getProperty("tokenSecret");
}
public String getApiKey(){
return environment.getProperty("apiKey");
}
}
Now, using docker secrets and deleting the application.properties, the getTokenSecret and getApiKey methods are returning the file location of the secrets in the docker container: "/run/secrets/tokenSecret" instead of the secret's content. It seems to be an easy task to load the secret's content from the container file system into my application but I have still no idea what would be the best way to do it.
