Replies: 2 comments
-
Could also be CONFIG_SERVER to fetch the config from. |
Beta Was this translation helpful? Give feedback.
-
Another consideration is that everything/most data needed to deploy should be contained in the repository to have as less moving parts as possible. This may not always be possible or allowed especially for secrets. Thinking about secrets in particular we currently provide a default encryption implementation using the Google Tink library. Another implementation candidate would be Vault, no need to think about things being in Git. Could be a company policy (just guessing at this point). environmentConfig("location[secret name]", VAULT)
// or
environmentConfig("vault:location[secret name]") This would also require some convention to have a location per environment. That needs to be configurable in the Gradle build file. kuberig {
secrets {
vault {
locationMapper = { environmentName, location ->
"this-app/$environmentName/$location"
}
}
}
} |
Beta Was this translation helpful? Give feedback.
-
Currently the environment configuration can only be retrieved from the environments directory for files or from the environments properties file.
The current source could be the ENV_DIRECTORY provider.
Another provider could be VAULT for centrally managed secrets.
Beta Was this translation helpful? Give feedback.
All reactions