Remove user, pw and database connect infos from git source and access via keyvault

[akrguda]

As a stakeholder I want that every confidential parts in the software is outsourced in the security keyvault file so that nowbody outside the team can gets information about username, password, database connects and the github source is clean about confidential parts.

DoR:

• [x] No DoR required

Acceptance Criteria:

• [ ] AC1: The confidential parts in the software is found and doumented
• [ ] AC2: The knowhow how to handle azure keyvault files is build up
• [ ] AC3: A prove of concept with the team and André Hirter is done and commited
• [ ] AC4: The confidential part in the software is removed out of the github and stored in the keyvault file
• [ ] AC5: The software works finaly on the integration stage as it was working with the confidential part in it and keyvault is in use
• [ ] AC6: The knowhow how to handle keyvault is documented and shared with the team in a meeting

DoD:

• [ ] No confidential code can be found in the github
• [ ] The keyvault technic is in use
• [ ] The knowhow how to handle it is documented and shared with the project team

[akrguda]

André Hirter has knowhow and some ideas are at Marius site. Please contact them.

[ghost]

Positions: Evaluated positions, where a key can / should be created (depending on code, handling of these possible keys in the code): KeyVaultValues.xlsx

Sources: https://learn.microsoft.com/en-us/azure/key-vault/ https://learn.microsoft.com/en-us/azure/key-vault/keys/quick-create-java?tabs=azure-cli https://azure.github.io/azure-sdk-for-java/keyvault.html

Azure platform: https://portal.azure.com/#view/HubsExtension/RecentResources.ReactView

Created test applications:

1. Application using an user environment variable (unauthorized error): KeyVaultDemoApplication.tar.gz
2. Test application to check if azure is accessible (unauthorized error): testAppKeyvault.tar.gz