Description
This is a new feature, which looks to allow GCP secrets manager to be used as a config source for Payara.
Documentation
https://github.com/payara/Payara-Community-Documentation/pull/88
Notes for Reviewers
Note that although this doesn't perfectly follow the design for an extension, the design is such that moving this provider to an extension would be quite simple. As such a new service is implemented that registers and dynamically updates the config sources. A proxy class is injected to ensure that disabling a config source disables it without requiring a restart
Currently only the JSON key file (and not the p12) is supported, and it's copied into the config directory for synchronisation. Note that in future, it would be good to encrypt these files in a similar fashion to the datagrid-key file.
The OAuth2 client in the oauth security module wasn't quite what was needed, so I've implemented a new OAuth2 client and made both modules use it. The OAuth2 security module might need testing to confirm it still works as intended.
该提问来源于开源项目:payara/Payara
