Flyway Enterprise

Description

An array of paths to key-value secrets in Vault that contain Flyway configurations. This must start with the name of the engine and end with the name of the secret.

The resulting form is {engine_name}/data/{path}/{to}/{secret_name} for the key-value V2 engine, and {engine_name}/{path}/{to}/{secret_name} for the key-value V1 engine. If multiple secrets specify the same configuration parameter, then the last secret takes precedence.

Example: kv/data/flyway/flywayConfig

Type

String array

Default

none

Usage

Flyway Desktop

This can't be set in a config file via Flyway Desktop, although it will be honoured, and it can be configured as an advanced parameter in operations on the Migrations page.

Command-line

./flyway -vault.secrets="kv/data/flyway/flywayConfig1,kv/flyway/flywayConfig2" info

TOML Configuration File

[flyway.vault]
secrets = ["kv/data/flyway/flywayConfig1", "kv/flyway/flywayConfig2"]

Configuration File

flyway.vault.secrets=kv/data/flyway/flywayConfig1,kv/flyway/flywayConfig2

Environment Variable

FLYWAY_VAULT_SECRETS=kv/data/flyway/flywayConfig1,kv/flyway/flywayConfig2

API

VaultConfigurationExtension vaultConfigurationExtension = configuration.getPluginRegister().getPlugin(VaultConfigurationExtension.class)
vaultConfigurationExtension.setVaultSecrets("kv/data/flyway/flywayConfig1", "kv/flyway/flywayConfig2");

Gradle

flyway {
    pluginConfiguration = [
      vaultSecrets: ['kv/data/flyway/flywayConfig1', 'kv/flyway/flywayConfig2']
    ]
}

Maven

<configuration>
    <pluginConfiguration>
      <vaultSecrets>kv/data/flyway/flywayConfig1,kv/flyway/flywayConfig2</vaultSecrets>
    </pluginConfiguration>
</configuration>