Class SystemAndEnvSecretStoreHeaplet

  • All Implemented Interfaces:
    Heaplet

    public class SystemAndEnvSecretStoreHeaplet
    extends GenericHeaplet
    This heaplet represents an instance of a PropertyResolverSecretStore resolving properties in system then in environment variables.
     {
           "type": "SystemAndEnvSecretStore",
           "config": {
             "format":                    expression(enum)             [OPTIONAL - PLAIN or BASE64, default is base64.]
             "mappings":[                 array                        [OPTIONAL - secrets mappings.]
               {                          object
                 "secretId":                expression                   [REQUIRED - The label of the secret to map.]
                 "format":                  reference                    [REQUIRED - a reference to a
                                                                                     {@link SecretPropertyFormat} object.]
               }
             ]
             "leaseExpiry":               expression<duration>         [ OPTIONAL - defaults to 5 minutes.]
           }
        }
     

    Example:

     {
           "type": "SystemAndEnvSecretStore",
           "config": {
             "format": "BASE64"
           }
        }
     
     
    Note that the EnvironmentVariableResolver transforms the keys from dot notations according specific rules.
    See Also:
    EnvironmentVariableResolver
    • Constructor Detail

      • SystemAndEnvSecretStoreHeaplet

        public SystemAndEnvSecretStoreHeaplet()
    • Method Detail

      • newBase64SysEnvSecretStore

        public static SecretStore<Secret> newBase64SysEnvSecretStore()
        Returns a new instance of a SecretStore that reads base64-encoded secrets (passwords or symmetric keys) from system properties and environment variables.
        Returns:
        new system and environment base64-enabled SecretStore instance