Home > Enterprise >  mounting secrets in Openshift
mounting secrets in Openshift

Time:04-27

I'm trying to move java SpringBoot application to Openshift. I have keystore file defined in the application.yaml like this:

platform:
  messaging:
    mq:
      keystore-path: classpath:certificates/spid_S116807_T.p12
      keystore-password: xxx
      keystore-type: pkcs12

I thought if I create volumemount and secret like this I could use the keystore. lapc-spid contains spid_S116807_T.p12.

          volumeMounts:
            - mountPath: /certificates
              name: lapc-spid-n3jcy
              readOnly: true

      volumes:
        - name: lapc-spid-n3jcy
          secret:
            defaultMode: 420
            secretName: lapc-spid

Unfortunatley I get the following error:

Caused by: java.io.FileNotFoundException: class path resource [certificates/spid_S116807_T.p12] cannot be resolved to absolute file path because it does not reside in the file system: jar:file:/cs/app/app.jar!/BOOT-INF/classes!/certificates/spid_S116807_T.p12

What am I missing here? How can I mount the secret to my container?

CodePudding user response:

Maybe it would be useful for someone.

I modified the application.yaml configuration like this:

platform:
  messaging:
    mq:
      keystore-path: file:/p12/spid_S116807_T.p12
      keystore-password: xxx
      keystore-type: pkcs12

and I mounted it to folder p12

  volumeMounts:
    - mountPath: /p12
      name: lapc-spid-a168z
      readOnly: true

  volumes:
    - name: lapc-spid-a168z
      secret:
        defaultMode: 420
        secretName: lapc-spid

and it works.

Page link:https//www.codepudding.com/Enterprise/386970.html

Prev:Start one pod at a time when replica is greater than one
Next:Beautiful Soup HTML Not Matching 'View Page Source' in Browser
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding