Skip to content

Commit

Permalink
Add support for AWS Secrets Manager
Browse files Browse the repository at this point in the history
  • Loading branch information
EliasJorgensen committed Sep 25, 2024
1 parent 4bc8a26 commit 02fc144
Show file tree
Hide file tree
Showing 9 changed files with 29 additions and 20 deletions.
7 changes: 6 additions & 1 deletion .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,9 @@ MSID_SECRET=
MSID_TENANT=common

KEYSTORE_PRIVATE_KEY_PASSWORD=pk-password
KEYSTORE_PASSWORD=keystore-password
KEYSTORE_PASSWORD=keystore-password

AWS_REGION=
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
ENABLE_SECRETS_MANAGER=false
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
FROM amazoncorretto:21

ADD build/distributions/heimdall-optimized-0.1.tar ./
RUN chmod a+rw heimdall-optimized-0.1
WORKDIR ./heimdall-optimized-0.1
ADD build/distributions/heimdall-0.1.tar ./
RUN chmod a+rw heimdall-0.1
WORKDIR ./heimdall-0.1
EXPOSE 8080

ENV TZ="UTC"
Expand Down
14 changes: 1 addition & 13 deletions build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ plugins {
alias(libs.plugins.ksp)
alias(libs.plugins.johnrengelman.shadow)
alias(libs.plugins.micronaut.application)
alias(libs.plugins.micronaut.aot)
alias(libs.plugins.kotlinter)
}

Expand All @@ -21,6 +20,7 @@ dependencies {
compileOnly(libs.micronaut.http.client)
implementation(libs.micronaut.jackson.databind)
implementation(libs.micronaut.kotlin.runtime)
implementation(libs.micronaut.aws.secretsmanager)

implementation(libs.kotlin.reflect)
implementation(libs.kotlin.stdlib)
Expand Down Expand Up @@ -57,18 +57,6 @@ micronaut {
incremental(true)
annotations("com.qualitive.*")
}
aot {
// Please review carefully the optimizations enabled below
// Check https://micronaut-projects.github.io/micronaut-aot/latest/guide/ for more details
optimizeServiceLoading = false
convertYamlToJava = false
precomputeOperations = true
cacheEnvironment = true
optimizeClassLoading = true
deduceEnvironment = true
optimizeNetty = true
replaceLogbackXml = true
}
}

tasks.test {
Expand Down
4 changes: 4 additions & 0 deletions docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,9 @@ services:
- HEIMDALL_MSID_TENANT=${MSID_TENANT}
- KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}
- KEYSTORE_PRIVATE_KEY_PASSWORD=${KEYSTORE_PRIVATE_KEY_PASSWORD}
- AWS_REGION=${AWS_REGION}
- AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
- ENABLE_SECRETS_MANAGER=${ENABLE_SECRETS_MANAGER}
volumes:
- ./heimdall-storage:/var/lib/heimdall
1 change: 1 addition & 0 deletions gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ micronaut-http-validation = { module = "io.micronaut:micronaut-http-validation",
micronaut-jackson-databind = { module = "io.micronaut:micronaut-jackson-databind", version.ref = "micronautVersion" }
micronaut-kotlin-runtime = { module = "io.micronaut.kotlin:micronaut-kotlin-runtime", version.ref = "micronautVersion" }
micronaut-http-client = { module = "io.micronaut:micronaut-http-client", version.ref = "micronautVersion" }
micronaut-aws-secretsmanager = { module = "io.micronaut.aws:micronaut-aws-secretsmanager", version.ref = "micronautVersion" }

kotlin-reflect = { module = "org.jetbrains.kotlin:kotlin-reflect", version.ref = "kotlinVersion" }
kotlin-stdlib = { module = "org.jetbrains.kotlin:kotlin-stdlib-jdk8", version.ref = "kotlinVersion" }
Expand Down
2 changes: 0 additions & 2 deletions src/main/resources/application.properties
Original file line number Diff line number Diff line change
@@ -1,6 +1,4 @@
#Fri Jun 07 20:58:35 UTC 2024
micronaut.application.name=heimdall

heimdall.url=${HEIMDALL_URL}
heimdall.success-url=${HEIMDALL_SUCCESS}
heimdall.failure-url=${HEIMDALL_FAILURE}
Expand Down
10 changes: 10 additions & 0 deletions src/main/resources/bootstrap.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
micronaut.application.name=heimdall

micronaut.config-client.enabled=true
aws.distributed-configuration.search-active-environments=false
aws.distributed-configuration.search-common-application=false

# If enabled, will resolve secret with name /config/heimdall/secrets
aws.secretsmanager.enabled=${ENABLE_SECRETS_MANAGER:false}
aws.secretsmanager.secrets[0].prefix=""
aws.secretsmanager.secrets[0].secret-name="secrets"
1 change: 1 addition & 0 deletions src/main/resources/logback.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,5 @@
<appender-ref ref="jsonstdout"/>
</root>
<logger name="io.netty" level="INFO"/>
<logger name="io.micronaut.aws.distributedconfiguration" level="TRACE"/>
</configuration>
4 changes: 3 additions & 1 deletion src/test/resources/application-test.properties
Original file line number Diff line number Diff line change
Expand Up @@ -12,4 +12,6 @@ heimdall.msid.secret=secret
heimdall.msid.tenant=common

keystore.private-key-password=private-key-password
keystore.keystore-password=keystore-password
keystore.keystore-password=keystore-password

micronaut.config-client.enabled=false

0 comments on commit 02fc144

Please sign in to comment.