How to expose SPLUNK_ACCESS_TOKEN in spring boot application

Question

I have a spring boot application, in which I have imported the Splunk OTEL library(Splunk open telemetry jar file https://github.com/signalfx/splunk-otel-java) for tracing and matrices. So a Splunk authentication token i.e Splunk access token is needed to export data directly to Splunk Observability Cloud. Currently, I have exposed the Splunk access token in Kubernetes.yaml file as an env variable. But I don't want to expose this token by using Kubernetes.yaml or using a properties file. So I just want to know, is there any other way to expose or store the splunk_acces_token apart from Kubernetes.yaml or properties file?

For example: there is a flag variable "OTEL_JAVAAGENT_ENABLED" used by the Splunk OTEL library and I have stored this value to "true" in kubernetes.yaml file. So by this config OTEL jar is able to access it.

Answer 1

You can use kubernetes secrets, but this is also kind of storing it in kubernetes.yaml file, but its definitely better.

Answer 2

In these cases it's common for developers to use some type of key vault to encrypt keys and store small secrets like passwords.

Here's how I use Azure tooling to achieve this:

• Create an Azure Key Vault using Azure CLI
• Add accessToken secret and configure access to Azure Key Vault
• Use accessToken in your pipeline

This depends on the stack you're using, for example in AWS you could store the secret in AWS Secrets Manager and pass it to CodePipeline.