Skip to content

Latest commit

 

History

History
79 lines (61 loc) · 3.36 KB

README.md

File metadata and controls

79 lines (61 loc) · 3.36 KB
Raw

Cerberus Spring Boot Client

Download codecov

A Spring Boot client library for Cerberus for Spring Boot applications.

To learn more about Cerberus, please see the Cerberus website.

Quickstart for EC2

  1. Start with the quick start guide.
  2. Add the Cerberus Spring Boot Client dependency to your build (e.g. Maven, Gradle)
  3. Provide an authentication mechanism.
    • For local development it is easiest to export a CERBERUS_TOKEN that you copied from the Cerberus dashboard. When running in AWS, your application will not need this environmetal variable, instead it will automatically authenticate using its IAM role. Alternatively, set a cerberus.token System property.
    • If you would like to test IAM authentication locally, you can do that by assuming a role.
  4. Configure the Cerberus URL and region, e.g. in your application.properties
    cerberus.url=https://test.cerberus.example.com/
    cerberus.region=us-west-2
  1. Ensure CerberusClientSpringBootConfiguration is registered in your ApplicationContext. E.g.
    @Configuration
    @Import(CerberusClientSpringBootConfiguration.class)
    public class MyAppSpringConfig {
    }
  1. Access secrets from Cerberus using Java client
    @Autowired
    CerberusClient cerberusClient;
    
    String path = "/app/my-sdb-name"; // path from Cerberus dashboard
    Map<String,String> secrets = cerberusClient.read(path).getData();
    String secret = secrets.get("propname");  // property name from Cerberus dashboard

Development

Run Integration Tests

First, make sure you have a safe deposit box created in the cerberus environment you plan to run the tests against. The credentials you plan to use to execute the tests with must have write permissions to this SDB.

Second, make sure the following environment variables are set before running the Cerberus Spring Boot Client integration tests:

    export CERBERUS_URL=https://example.cerberus.com
    export CERBERUS_REGION=us-west-2
    export SDB_ROOT_PATH=app/integration-test-sdb/

Then, make sure AWS credentials have been loaded into the default credential profile or a cerberus token has been exported to the "CERBERUS_TOKEN" environment variable.

One method of obtaining credentials is by running gimme-aws-creds:

    gimme-aws-creds

Next, in the project directory run:

    ./gradlew integration

License

Cerberus client is released under the Apache License, Version 2.0