Configuration schema
The schema of the JSON configuration file as expected by the Gateway Framework is provided with the package.
|
Documentation tips
The schemas for the supported service types and sharedConfig types must be defined and documented by application developers, to enable users to define a valid configuration.
|
Configuration secrets
| It is recommended to not expose any sensitive information such as passwords as plain text on the Diffusion console. |
To ensure this, application developers can specify any configuration parameter defined by them for services, sharedConfigs, or global configuration, as "hidden" in the JSON schema of the configuration. With such schema defined for an application configuration; once a user starts a Gateway application with the required configuration, the value of any hidden fields in the configuration will be hidden and replaced by "****" on the Diffusion console.
If an application doesn’t hide a configuration field in its JSON schema, sensitive information can still be obscured by setting the values as environment variables or system properties. When configuring the application, sensitive configuration values can be set in the form of $SECRET_VARIABLE in the configuration file, or when adding a service via the Diffusion console. The actual value can then be set as a system property or environment variable for the used secret variable name. This prevents any exposure of sensitive information in the configuration file and the Diffusion console.
For example, the configuration snippet below uses a secret variable as its value:
"application": {
"url": "http://localhost:8080",
"password": "$PASSWORD"
}To use this configuration, a system property or environment variable called PASSWORD should be set in the environment where the application is deployed with the above configuration.