Managing Email Connector Configuration in a sane way

we are looking for a sane way to handle email username/passwords both in development and in testing.

Those secrets should not reside in our version control but rather they should be passed as environment variables, however there are some complexities:

  • The camunda BPMN mail core uses as a configuration a plain java old properties file, which doesn’t support using environment variables placeholders (One could use Apache Commons Config, but you would have to re-build the plugn)
  • Because the properties are read from file, any property passed to the JVM with -Dmail.some_param will be ignored

What are reasonable ways to handle secrets and environment configuration for unit testing and production when using the connector?

We found a reasonable solution that enjoys the current API, which initialize connectors through reflection. Each connectors initialize its configuration from the MailConfigurationFactory so one can simply access the singleton instance and inject properties.

In our case we are using lightbend config which uses Hocon and allows overrides from environment variables, which fits the need of passing the secrets from environment variables:

      val config = ConfigFactory.load()
      val properties = MailConfigurationFactory.getConfiguration.getProperties
      properties.setProperty("mail.user", config.getString("email.smtp.username"))