I am running Spring Cloud Dataflow on Kubernetes runtime. Currently, I am using K8 secrets to manage secrets for the dataflow server, and skipper server. Going forward I want to use Spring Cloud Vault as a secrets manager.
Is there any support to configure vault secrets in dataflow and skipper servers?
SCDF Version: springcloud/spring-cloud-dataflow-server:2.10.0
Skipper Version: springcloud/spring-cloud-skipper-server:2.9.0
I enabled following configuration in
application.yaml
vault:
enabled: true
authentication: KUBERNETES
uri: http://<vault_host>
backend: secret
application-name: scdf-server
kubernetes:
role: internal-app
bootstrap.yaml
spring:
application:
name: scdf-server
I was expecting scdf-server to inject secrets from the vault kV backend, but it seems it's not activating the vault config.
Spring Cloud Vault isn't in the classpath of the standard build. You can follow these instructions to add jar files to the containers.