Hello, I’m currently working on my own connector and I guess I didn’t get the secrets mechanism. So here is what I understood so far:
- If you want to use secrets in the out-of-the-box connectors you can add them as connector secrets in your c8 cluster UI
- this is not working for a custom outbound connector, since they have a separate runtime, so the secrets have to be put into the runtime somehow
Here is where I stumble. I use the local connector runtime and try to set secrets as env variables, but it doesn’t work. Also I cannot find a tutorial about this. What is currently the best way to get your secrets into a Springboot application? I saw that one can put them into a docker image but I’m not that far yet and want to get it to work locally first.
Thanks in advance
You should have a
connector-secrets.txt in your local runtime. It starts with the 2 following lines:
# add secrets per line in the format NAME=VALUE
# WARNING: ensure not to commit changes to this file
Thanks for your response. I’m using the local SpringBoot connector runtime and added the file to my resources and classpath without any success. I did also the following from different sources in the docs:
Is it possible that maybe the wrong SecretsProvider is loaded which just doesn’t look in the right place?
EDIT: okay so apparently when I add them as env variables to the java call it works. But isn’t there a re Springy approach available?
Hi @itsmestefanjay, we specify the connector secrets file in the docker-compose like so:
env_file: connector-secrets.txt. Sorry, unfortunately we don’t have more insights into secrets yet, we just found that this worked for us.
Currently there’s no Springy approach available out-of-the-box. In our Connector Runtime, we only provide one default way to resolve secrets - environment variables. In the Docker environment, you can also make use of the
connector-secrets.txt file, as mentioned above.
Docs reference: Connectors configuration # Secrets
You can achieve more by implementing your custom Secret Provider. In your custom Connector Runtime bundle, you can extend the
SecretProvider interface. In this implementation you can, for example, source the secrets from configuration properties.
In a Spring environment (given that you use our
spring-boot-starter-camunda-connectors), you can simply declare your
SecretProvider as a Spring bean with a
@Primary annotation, and it will be picked up by the Runtime. Alternatively, you can wire it up using the special file that is read by Java Service Loader.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.