Add jdbcPasswordFile config parameter

This is to support Docker secrets.
Evolveum · Aug 9, 2018 · 1b9943e · 1b9943e
1 parent 55e12b2
commit 1b9943e
Showing 1 changed file with 21 additions and 2 deletions.
diff --git a/...epo-sql-impl/src/main/java/com/evolveum/midpoint/repo/sql/SqlRepositoryConfiguration.java b/...epo-sql-impl/src/main/java/com/evolveum/midpoint/repo/sql/SqlRepositoryConfiguration.java
@@ -24,13 +24,14 @@
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
 import org.apache.commons.configuration.Configuration;
+import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang.StringUtils;
 import org.h2.Driver;
 import org.hibernate.dialect.*;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
-import java.io.File;
+import java.io.*;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
@@ -210,6 +211,7 @@ public enum WrongSchemaAction {
     public static final String PROPERTY_HIBERNATE_HBM2DDL = "hibernateHbm2ddl";
     public static final String PROPERTY_HIBERNATE_DIALECT = "hibernateDialect";
     public static final String PROPERTY_JDBC_PASSWORD = "jdbcPassword";
+    public static final String PROPERTY_JDBC_PASSWORD_FILE = "jdbcPasswordFile";
     public static final String PROPERTY_JDBC_USERNAME = "jdbcUsername";
     public static final String PROPERTY_JDBC_URL = "jdbcUrl";
     public static final String PROPERTY_DATASOURCE = "dataSource";
@@ -358,7 +360,17 @@ public SqlRepositoryConfiguration(Configuration configuration) {
 
         hibernateHbm2ddl = configuration.getString(PROPERTY_HIBERNATE_HBM2DDL, getDefaultHibernateHbm2ddl(database));
         jdbcUsername = configuration.getString(PROPERTY_JDBC_USERNAME, embedded ? DEFAULT_EMBEDDED_H2_JDBC_USERNAME : null);
-	    jdbcPassword = configuration.getString(PROPERTY_JDBC_PASSWORD, embedded ? DEFAULT_EMBEDDED_H2_JDBC_PASSWORD : null);
+
+	    String jdbcPasswordFile = configuration.getString(PROPERTY_JDBC_PASSWORD_FILE);
+	    if (jdbcPasswordFile != null) {
+		    try {
+			    jdbcPassword = readFile(jdbcPasswordFile);
+		    } catch (IOException e) {
+			    throw new SystemException("Couldn't read JDBC password from specified file '" + jdbcPasswordFile + "': " + e.getMessage(), e);
+		    }
+	    } else {
+		    jdbcPassword = configuration.getString(PROPERTY_JDBC_PASSWORD, embedded ? DEFAULT_EMBEDDED_H2_JDBC_PASSWORD : null);
+	    }
         port = configuration.getInt(PROPERTY_PORT, DEFAULT_EMBEDDED_H2_PORT);
         tcpSSL = configuration.getBoolean(PROPERTY_TCP_SSL, false);
         dropIfExists = configuration.getBoolean(PROPERTY_DROP_IF_EXISTS, false);
@@ -396,6 +408,13 @@ public SqlRepositoryConfiguration(Configuration configuration) {
         initializationFailTimeout = configuration.getLong(PROPERTY_INITIALIZATION_FAIL_TIMEOUT, 1L);
     }
 
+	private String readFile(String filename) throws IOException {
+		try (FileReader reader = new FileReader(filename)) {
+			List<String> lines = IOUtils.readLines(reader);
+			return String.join("\n", lines);
+		}
+	}
+
 	private String getDefaultEmbeddedJdbcUrl() {
 		return getDefaultEmbeddedJdbcUrlPrefix()
 				+ ";MVCC=FALSE"                // Turn off MVCC, revert to table locking.