Best Practice For Getting Credentials in to Spring boot app from gitlab

12/16/2019

I have a project in which I use the following technologies mysql spring boot (including spring jdbc template) docker kubernetes gitlab (ci/cd).

As per the spring boot standard, I pass database credentials in as environment variables. These credentials obviously need to be secure, out of source code, and vary based on region, so I would like to keep them externalized as far away from the application as possible (I would like to keep them stored as gitlab secrets, if possible). As of right now, I can successfully pass them as environment variables from my yaml file defining both my kubernetes deployment and service, which gets picked up by my Dockerfile and passed to my spring boot app. Is there any way to pass from gitlab to kubernetes (avoiding kubectl run, which is bad practice and going to be deprecated)?

Thanks, Connor

-- Connor Butch
docker
docker-secrets
gitlab
kubernetes
kubernetes-secrets

1 Answer

12/25/2019

In case anyone was wondering, I solved this using envsubstr. If anyone is curious, I can paste the full example below

-- Connor Butch
Source: StackOverflow