secret management

Author: marcel-dempers

docker-compose.yaml

@@ -10,14 +10,15 @@ services:
     - ./c#/src/:/work/
     ports:
       - 5000:5000
-  golang: #docker run -it -v ${PWD}:/go/src/work -v ${PWD}/golang/configs/:/configs -p 5001:5000 -p 2345:2345 --security-opt "seccomp:unconfined" aimvector/golang:1.0.0
+  golang: #docker run -it -v ${PWD}:/go/src/work -v ${PWD}/golang/configs/:/configs -v ${PWD}/golang/secrets/:/secrets  -p 5001:5000 -p 2345:2345 --security-opt "seccomp:unconfined" aimvector/golang:1.0.0
     container_name: golang
     image: aimvector/golang:1.0.0
     build: 
       context: ./golang
       target: prod
     volumes:
     - ./golang/configs:/configs/
+    - ./golang/secrets:/secrets/
     - ./golang/src/:/go/src/work/
     ports:
       - 5001:5000

golang/secrets/secret.json

@@ -0,0 +1,3 @@
+{
+    "api_key" : "somesecretgoeshere"
+}

golang/src/main.go

@@ -11,6 +11,7 @@ import (
 )
 
 var configuration []byte
+var secret []byte
 
 func Response(ctx *fasthttp.RequestCtx) {
 	fmt.Fprintf(ctx, "Hello") 
@@ -32,10 +33,23 @@ func ReadConfig(){
 
 }
 
+func ReadSecret(){
+	fmt.Println("reading secret...")
+	s, e := ioutil.ReadFile("/secrets/secret.json")
+	if e != nil {
+		fmt.Printf("Error reading secret file: %v\n", e)
+		os.Exit(1)
+	}
+	secret = s
+	fmt.Println("secret loaded!")
+
+}
+
 func main() {
 
 	fmt.Println("starting...")
 	ReadConfig()
+	ReadSecret()
 	router := fasthttprouter.New()
 	router.GET("/", Response)
 	router.GET("/status", Status)