0

I got a list in yml - credentials. And supposedly each bank has to have a different password that needs to be encrypted. What would be the right way to specify that? As of now I got it configured like this, but that doesn't work.

This is the config.yml

infopoint:
  endpoint: https://test.test.com/ws/SSS/Somthing.pl
  system: TEST
  mock: false
  credentials:
    - bank: 1111
      user: LSSER
      existingSecret:
        name: infopoint-creds-s1-hb
    - bank: 2222
      user: TESSER
      existingSecret:
        name: infopoint-creds-s1
envFrom:       
 - secretRef:
     name: infopoint-creds-s1-hb
 - secretRef:
     name: infopoint-creds-s1

This is how I created both secret keys on the server.

C:\Users\mks\IdeaProjects>kubectl.exe create secret generic infopoint-creds-s1-hb --from-literal=INFOPOINT_CREDENTIALS_PASSWORD=SOMEPASS -o yaml -n test-env --dry-run=client | kubeseal -o yaml --scope namespace-wide > infopoint-creds-s1-hb.yaml

C:\Users\mks\IdeaProjects>kubectl.exe create secret generic infopoint-creds-s1 --from-literal=INFOPOINT_CREDENTIALS_PASSWORD=SOMEPASS -o yaml -n test-env --dry-run=client | kubeseal -o yaml --scope namespace-wide > infopoint-creds-s1.yaml

This is my Spring configuration.

@Configuration
@ConfigurationProperties(prefix = "infopoint")
class InfopointAPIConfiguration {

    lateinit var endpoint: String

    var proxyServerName: String? = null

    var proxyPortNumber: String? = null

    lateinit var system: String

    lateinit var mock: String

    lateinit var credentials: List<Credentials>

    data class Credentials(
        var bank: String? = null,
        var user: String? = null,
        var password: String? = null
    )

    fun credentialsByBank(bank: Int): Credentials {
        return credentials.firstOrNull { it.bank == bank.toString() }
            ?: error("Could not load credential for bank $bank")
    }
}
JavaGeek
  • 335
  • 1
  • 2
  • 11

1 Answers1

1

Kubernetes secrets can be used or configured in applications in multiple ways for example configmaps, sealed secrets and environment variables. Since you got struck with the sealed secrets part I am providing an answer related to the same.

First we need to create a sealed secret in the same namespace with the same name for preventing other users on the same cluster from using your sealed secret. For more information related to sealed secrets please go through this document.

Now we have our secret created, all we need to do is to use it in our application. The secret which we created needs to be referenced in the yaml file. There is a detailed description on how to configure secrets in a spring boot application along with a sample project available here.

Kranthiveer Dontineni
  • 1,056
  • 1
  • 10