Skip to content

Use variables in scripts to ease secret externalisation

Use variables for all templated values (just like in templates/scripts/init-keycloak file).

I will also open the possible externalisation of secrets management. Indeed, it would be easy to replace all lines defining a variable with a hardcoded secret by a call to an external tools that will provide the secret at runtime.

For example, replacing:

clientSecret="mybestsecret"

by

clientSecret=$(get_secret_for(nextcloud, keycloackSecret))

Merge request reports

Loading