I am using HashiCorp Vault in conjunction with the org.springframework.cloud:spring-cloud-starter-vault-config library for Spring and I need some help.
I'd like to use the AppRole auth method, and I'd like to know what's the best way to provide the role-id and secret-id for a Spring app which runs in Docker. The Spring documentation does hardcoding into the application properties, which is not an option for me.
spring.cloud.vault:
authentication: APPROLE
app-role:
role-id: 00000000-0000-0000-0000-000000000000
secret-id: 00000000-0000-0000-0000-000000000000
role: my-role
app-role-path: approle
With the TOKEN method, it's possible to provide the token as a file named .vault-token in the classpath. Unfortunately, I wasn't able to find out if this is possible too for the secret-id when using AppRole. That would be my preferred approach, as I don't have a good method yet to provide it dynamically.
