Using Substitution Variable in the Password Field

For the following shared resources, the password is part of the inline credentials, which do not accept substitution variables.

For the following shared resources, the password is a keystore password or key alias password. The passwords are stored in resource instance configuration files (runtime) in obfuscated format. These fields accept substitution variables.

All the password fields have substitution variable validation. If a valid substitution variable in the format %%svar-name%% is provided in the password field, which does not accept substitution variable, then the validation error is displayed while saving resource in the Application Configurator, while validating configuration, and while generating runtime image.

If the invalid substitution variable is provided (for example, %%pass) in the password field, which does not accept the substitution variable, the validation error is not displayed. Use of characters '%%' is allowed in the password field, provided that the password does not match the valid substitution variable format.

You can use container environment variables as alternatives to substitution variables to update inline credentials. For more information, see Docker Run Command Reference.

For example:

docker run -d -p 8931:8931 -e sr.NewSMTPResource.username=username -e sr.NewSMTPResource.password=obfuscatedPassword --name bookstore bookstore:v1

For more information about creating an obfuscated password, see Creating an Encrypted Password.

Also, you can update substitution variable for keystore password or key alias password by using container environment variables.

For example:

docker run -d -p 10104:10104 -e svar.sr.SVAR1.4_keyAlias=amx  -e svar.sr.SVAR1.4_keyPassword=test123 --name bookstore bookstore:v1

If you are running an application in Kubernetes, you can use ConfigMaps to pass substitution variables to the applications. You can also use Kubernetes Secrets to store passwords. For more information, seeUsing Kubernetes Secrets.