Skip to content
Browse files

Fixed bad JEXL/elConfig example in

The JEXL/elConfig example in the documentation will not work
to read the database password from a file path pointed to by an
environment variable because the first argument to must be an instance
of and not String. This commit fixes that with an example
that is tested to work with Grouper 2.4.x.
  • Loading branch information...
skoranda committed Jun 8, 2019
1 parent 469f8ed commit 3ca9108b3da4b0b56119fb257e236f63748ce41e
Showing with 1 addition and 1 deletion.
  1. +1 −1
@@ -168,7 +168,7 @@ For passing full files into the container, this container will make any secrets
Docker Secrets can also be used to pass in strings, such as a database connection string password, into the component config. To pass in the Grouper database connection string, one might set the property and value as such:

hibernate.connection.password.elConfig = ${java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD_FILE') != null ?'GROUPER_DATABASE_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD') }
hibernate.connection.password.elConfig = ${java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD_FILE') != null ?"", java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD_FILE')), "utf-8") : java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD') }

Note that the default property name has been changed by appending `.elConfig`. (This causes Grouper to evaluate the string before saving the value.) The expression allows deployers to use a file containing only the database password as a Docker Secret and reference the file name via the `GROUPER_DATABASE_PASSWORD_FILE` environment property. This allows the config files to be baked into the image, if desired. Also, but not recommended, the database password could just be set in the Docker Service definition as an environment variable, `GROUPER_DATABASE_PASSWORD`. (Technically the expression can be broken up and just the desired functionality used.) Of course, using Grouper's MorphString functionality is supported and likely is the best option, but does require more effort in setting it up.

0 comments on commit 3ca9108

Please sign in to comment.
You can’t perform that action at this time.