K
Q

Best Practice For Getting Credentials in to Spring boot app from gitlab

12/16/2019

I have a project in which I use the following technologies mysql spring boot (including spring jdbc template) docker kubernetes gitlab (ci/cd).

As per the spring boot standard, I pass database credentials in as environment variables. These credentials obviously need to be secure, out of source code, and vary based on region, so I would like to keep them externalized as far away from the application as possible (I would like to keep them stored as gitlab secrets, if possible). As of right now, I can successfully pass them as environment variables from my yaml file defining both my kubernetes deployment and service, which gets picked up by my Dockerfile and passed to my spring boot app. Is there any way to pass from gitlab to kubernetes (avoiding kubectl run, which is bad practice and going to be deprecated)?

Thanks, Connor

-- Connor Butch
docker
docker-secrets
gitlab
kubernetes
kubernetes-secrets

Similar Questions

Can a Pod be managed by two different ReplicaSets?
K8s service unreachable via master IP
Why is a pod in my GKE cluster receiving repeated requests to the root path of web server?
Kubernetes Declarative Management and Manual Commands risks
Accessing Istio enabled K8S pod from a service outside of the mesh
Error: `pod has unbound immediate PersistentVolumeClaims` while deploying microservices on local machine
How do I use kubernetes volumeMounts: mountPath and hostPath in helm charts?
run multi-threading processes in aws instances
Openstack Magnum kube_master: Went to status ERROR due to "Message: Exceeded maximum number of retries

1 Answer

12/25/2019

In case anyone was wondering, I solved this using envsubstr. If anyone is curious, I can paste the full example below

-- Connor Butch
Source: StackOverflow