Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Keeping secrets secret

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Keeping secrets secret

Chronological Thread 
  • From: Alex Poulos <>
  • To: Darren Boss <>
  • Cc: " Mailing List" <>
  • Subject: Re: [grouper-users] Keeping secrets secret
  • Date: Mon, 27 Apr 2020 10:51:33 -0400

You can use env variables and read from these within a config file. Here's an example:

hibernate.connection.password.elConfig =  ${java.lang.System.getenv().get('DATABASE_PASSWORD')}

(Note the .elConfig at the end of the config parameter: this lets you use JEXL).

You can then populate DATABASE_PASSWORD however you wish (k8s secret e.g.)

On Mon, Apr 27, 2020 at 10:42 AM Darren Boss <> wrote:
Is there any documentation or guidance on pulling out secrets from Grouper configuration files?

I found which is what I'm doing now by placing properties files that contain secrets into Kubernetes secrets but ideally I'd like to have these files under version control and only store the passwords in a system like K8s secrets or something like Hashicorp Vault.

Darren Boss
Senior Programmer/Analyst
Programmeur-analyste principal

Archive powered by MHonArc 2.6.19.

Top of Page