I have encrypted two database passwords with kubeseal, but I am not sure how exactly to mount them in my configuration file assuming I am using Spring Boot.
The application keeps complaining about missing placeholder password. Could not resolve placeholder 'datasources.eco.password'
Here is the generated secret :
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
annotations:
sealedsecrets.bitnami.com/namespace-wide: "true"
creationTimestamp: null
name: database-keys
namespace: eco-test
spec:
encryptedData:
ecoadmin: AgBPqs07GicbU4eyYXfQrVoRHCkfPHH8jxN8...sefwfs4fse
ecodb: AgAHYRYpk5j+ZCyIDpYr89d8pYLJ6E8S...sr3245sefsf
template:
data: null
metadata:
annotations:
sealedsecrets.bitnami.com/namespace-wide: "true"
creationTimestamp: null
name: database-keys
namespace: eco-test
Here is where I try to mount the secret in my properties file:
datasources:
eco:
#url: jdbc:oracle:thin:@10.246...
url: jdbc:oracle:thin:@12.234...
username: ECO
password:
secretKeyRef:
name: database-keys
key: ecodb
minPoolSize: 5
maxPoolSize: 20
edition: 'REL_2021_12_06'
ecoadmin:
#url: jdbc:oracle:thin:@10.246...
url: jdbc:oracle:thin:@21.32...
username: ECOADM
password:
secretKeyRef:
name: database-keys
key: ecoadmin
not sure if you are confusing plattform (k8s) with service (springboot) features here.
when you configure your springboot app to expect a value at "datasources.eco.password", you cannot use the kubernetes method of mounting values from secrets there because it expects something like
i assume that you can reference ENVs in your properties file, so one way to go would be to mount the secretsvalue as a ENV and reference that in your properties file.
properties file:
deployment.yaml:
references: