I found using Docker Secrets a convenient a way to protect passwords when
running Docker containers. I know I can reference an environment variables in
Karaf's config files, but that is not very secure, or at least less secure than
secrets. For example, to configure a key store in the Pax Web config file:
org.ops4j.pax.web.cfg one would need to provide a value for key
org.ops4j.pax.web.ssl.password. The problem is how to reference a secret,
which is a file, as the value of this property? In other words, I am looking
for something like:
org.ops4j.pax.web.ssl.password=$(cat /run/secrets/keystorepass)
Is there anything similar or planned?
(Same would be useful to configure the JAAS users in users.properties, etc.)
Best regards,
Alex soto
