DVT connection configurations are file based and require multiple secret manager entries to keep them secure

[sundar-mudupalli-work]

Hi,

DVT's usage of secret manager poses two issues:

1. DVT stores connection configurations in a file. This means that when we create a container image, we need to bake in the connections into the image.
2. DVT stores the secret manager information and the name of the secrets in the connections configuration. Each configuration parameter (host, port, username, password) has to be its own secret. This is difficult to use.

A better approach would be to store the entire connection configuration as a JSON object in the secret manager. Every command that uses a connection will need to be updated to provide an option to access the connection configuration from the secret manager rather than the filesystem.

Sundar Mudupalli

[manojredward]

Hello @sundar-mudupalli-work and @helensilva14 I am working on connecting DB2 and BQ and created a connection json for DB2 like below { "source_type":"DB2", "secret_manager_type":"GCP", "secret_manager_project_id":"12345678910", "host":"", "port":"", "user":"secret_name.user'", "password":"secret_name.password", "database":"" }

I have a secret name like 'secret_name' in the project with values as json like below, projects/12345678910/secrets/secret_name value: { user: 'XXXX', password: 'password' }

When i hardcoded the user name and password and add the connection.json in bucket and i am able to connect DB2 and BQ. However when i tried to use the secret manager i am unable to connect. Could you please guide me on this?