0

So far I'm able to pull the config-repo files from gitlab using simple username/password in my local system and it works well. Now I'm moving stuffs to AWS-ECS(Fargate).

native profile works well, but I want to use git-uri and for that I must provide credentials to connect.

    spring:
      profiles: dev
      cloud:
        config:
          server:
              git:
                uri: https://gitlab.com/<group>/<project>.git
                clone-on-start: true
                default-label: gitlabci-test
                searchPaths: '{profile}'
                username: ${gitlab-username}
                password: ${gitlab-password}

How can I configure the config-server to pull credentials from AWS Parameter store or secret-manager? Any help would be appreciated.

4

1 回答 1

0
  1. Create a new Policy named GetParameters and attach it to current task role.

IAM -> create policy -> select 'System Manager' as service -> 'GetParameters' as Action(read type only) -> all Resources and create policy.

  1. Go to Systems Manager -> Parameter Store for storing sensitive details as SecureString.

  2. Go to Task -> Container Definitions -> Environment Variables: provide

  3. The value should be in the form for arn:aws:ssm:<your-aws-acccount-region>:<aws-user-id>:parameter/name

  • GITLAB_USERNAME, ValueFrom , arn:aws:ssm:::parameter/dev/my-config-server/GITLAB_USERNAME
  • GITLAB_PASSWORD, ValueFrom , arn:aws:ssm:::parameter/dev/my-config-server/GITLAB_PASSWORD

As per convention Name should be in the form of /<environment>/<service>/<attribute-name>

And that's it. You are done. Wait for task to be provisioned and config-server would be able to connect to your remote repo.

        spring:
          profiles: dev
          cloud:
            config:
              server:
                  git:
                    uri: https://gitlab.com/<group>/<project>.git
                    clone-on-start: true
                    default-label: gitlabci-test
                    searchPaths: '{profile}'
                    username: ${GITLAB_USERNAME}
                    password: ${GITLAB_PASSWORD}
于 2020-03-22T17:13:44.370 回答