Description
Is your feature request related to a problem? Please describe.
Currently, when externalizing secrets from the git backend to a secret manager (such as Vault or AWS Secret Manager) in a Spring ConfigServer setup, the need to duplicate secrets across multiple microservices can be cumbersome. Each microservice requests its configuration from ConfigServer using the microservice name as the application, leading to redundancy when a secret is shared among several microservices.
Describe the solution you'd like
I would like to propose an enhancement that allows for more efficient management of shared secrets. Specifically, the ability to extend the {cipher} prefix to introduce a new prefix, let's call it {secret}, and include the path to the secret in the secret manager. For example: {secret}/secret/myservice/live:apipassword=test. This modification would enable the reuse of the same secret across multiple microservices, improving efficiency and easing the process of updating shared secrets during refactoring.
Describe alternatives you've considered
One alternative could be to continue with the current approach of duplicating secrets for each microservice, but this leads to redundancy, increased maintenance efforts, and potential issues during updates. The proposed {secret} prefix offers a more streamlined and scalable solution for managing shared secrets.
Additional context
Our infrastructure consists of approximately 500 microservices, and there are scenarios where a secret, such as an API password, needs to be shared among many microservices. The introduction of the {secret} prefix would not only enhance the flexibility of managing shared secrets but also contribute to a more efficient and scalable configuration setup for large microservices architectures.
Contributions
I am available and willing to create a pull request to implement this feature once the proposal is reviewed and accepted by the Spring ConfigServer project maintainers.