So far I'm able to pull the config-repo files from gitlab using simple username/password in my local system and it works well. Now I'm moving stuffs to AWS-ECS(Fargate).
native profile works well, but I want to use git-uri and for that I must provide credentials to connect.
spring:
profiles: dev
cloud:
config:
server:
git:
uri: https://gitlab.com/<group>/<project>.git
clone-on-start: true
default-label: gitlabci-test
searchPaths: '{profile}'
username: ${gitlab-username}
password: ${gitlab-password}
How can I configure the config-server to pull credentials from AWS Parameter store or secret-manager? Any help would be appreciated.
GetParameters and attach it to current task role.IAM -> create policy -> select 'System Manager' as service -> 'GetParameters' as Action(read type only) -> all Resources and create policy.
Go to Systems Manager -> Parameter Store for storing sensitive details as SecureString.
Go to Task -> Container Definitions -> Environment Variables: provide
The value should be in the form for arn:aws:ssm:<your-aws-acccount-region>:<aws-user-id>:parameter/name
As per convention Name should be in the form of /<environment>/<service>/<attribute-name>
And that's it. You are done. Wait for task to be provisioned and config-server would be able to connect to your remote repo.
spring:
profiles: dev
cloud:
config:
server:
git:
uri: https://gitlab.com/<group>/<project>.git
clone-on-start: true
default-label: gitlabci-test
searchPaths: '{profile}'
username: ${GITLAB_USERNAME}
password: ${GITLAB_PASSWORD}