🤔 Description
...
To distinguish the Secure Properties key from all other variables, the Secure Property keys are prefixed with secret.
As a user, you You can define when the variable is looked up in the key store by setting the environment variable to ACLI_SECURE_PROPERTIES_SAFE_MODE=false, the key store is always checked.
Using Secure Properties consists in three main steps:
...
The key store file path can be overridden to point to an alternative location through the use of the environment variable ACLI_SECURE_PROPERTIES. This can be useful if you need to work with multiple key stores or multiple installations of ACLI.
When the Secure Properties is set, ACLI:
First prompts for the value of the secret to be stored.
Prompts for the new key store file password (with confirmation).
To create a key store, run the action setSecureProperty, as shown in the example:
...
The value for the --secret parameter, provided in the example, is - This The value set to - indicates that the value should be obtained via an interactive prompt (or read from stdin if not connected to a tty).
We strongly recommend that you use this method to provide sensitive values to avoid they are not accidentally recorded in your shell history, where they would end up existing in plain text anyway!
The sequence in ACLI is:
...
First ACLI prompts for the value of the secret to be stored.
...
| Note |
|---|
The key store requires a non-blank password. Once created, do not forget the password! Key store passwords cannot be recovered by ACLI support. If your password is ever compromised, you should consider the contents of the key store to also be compromised and rotate any secrets it contains accordingly. |
Referencing secrets in acli.properties
...