Local file (for Development)

Detailed information on the local file secret store component

This Dapr secret store component reads plain text JSON from a given file and does not use authentication.

Warning

This approach to secret management is not recommended for production environments.

Component format

To setup local file based secret store create a component of type secretstores.local.file. Create a file with the following content in your ./components directory:

  1. apiVersion: dapr.io/v1alpha1
  2. kind: Component
  3. metadata:
  4. name: local-secret-store
  5. namespace: default
  6. spec:
  7. type: secretstores.local.file
  8. version: v1
  9. metadata:
  10. - name: secretsFile
  11. value: [path to the JSON file]
  12. - name: nestedSeparator
  13. value: ":"
  14. - name: multiValued
  15. value: "false"

Spec metadata fields

FieldRequiredDetailsExample
secretsFileYThe path to the file where secrets are stored“path/to/file.json”
nestedSeparatorNUsed by the store when flattening the JSON hierarchy to a map. Defaults to “:”“:”
multiValuedNAllows one level of multi-valued key/value pairs before flattening JSON hierarchy. Defaults to “false”“true”

Setup JSON file to hold the secrets

Given the following JSON loaded from secretsFile:

  1. {
  2. "redisPassword": "your redis password",
  3. "connectionStrings": {
  4. "sql": "your sql connection string",
  5. "mysql": "your mysql connection string"
  6. }
  7. }

If multiValued is "false", the store will load the file and create a map with the following key value pairs:

flattened keyvalue
“redis”“your redis password”
“connectionStrings:sql”“your sql connection string”
“connectionStrings:mysql”“your mysql connection string”

Use the flattened key (connectionStrings:sql) to access the secret. The following JSON map returned:

  1. {
  2. "connectionStrings:sql": "your sql connection string"
  3. }

If multiValued is "true", you would instead use the top level key. In this example, connectionStrings would return the following map:

  1. {
  2. "sql": "your sql connection string",
  3. "mysql": "your mysql connection string"
  4. }

Nested structures after the top level will be flattened. In this example, connectionStrings would return the following map:

JSON from secretsFile:

  1. {
  2. "redisPassword": "your redis password",
  3. "connectionStrings": {
  4. "mysql": {
  5. "username": "your mysql username",
  6. "password": "your mysql password"
  7. }
  8. }
  9. }

Response:

  1. {
  2. "mysql:username": "your mysql username",
  3. "mysql:password": "your mysql password"
  4. }

This is useful in order to mimic secret stores like Vault or Kubernetes that return multiple key/value pairs per secret key.

Last modified February 18, 2022: Update setup-jetstream.md (#2200) (428d8c2)