tweak boilerplate config

config/application.yml

@@ -8,7 +8,7 @@ micronaut:
         context:
           server: 'ldap://ldap.forumsys.com:389'
           managerDn: 'cn=read-only-admin,dc=example,dc=com'
-          managerPassword: 'password'
+          managerPassword:
         search:
           base: "dc=example,dc=com"
         groups:
@@ -28,7 +28,7 @@ micronaut:
         signatures:
           secret:
             generator:
-              secret: pleasechangeme
+              secret:
 
   server:
     context-path: "" # if behind a reverse proxy, path to akhq without trailing slash (optional). Example: akhq is
@@ -56,41 +56,41 @@ akhq:
         url: "http://schema-registry:8085" # schema registry url (optional)
         type: "confluent" # schema registry type (optional). Supported types are "confluent" (default) or "tibco"
         # Basic Auth user / pass
-        basic-auth-username: basic-auth-user
-        basic-auth-password: basic-auth-pass
+        basic-auth-username: ${UN}
+        basic-auth-password: ${PW}
         properties: # standard kafka properties (optional)
           ssl.protocol: TLS
       connect:
         - name: connect-1
           url: "http://connect:8083"
           # Basic Auth user / pass (optional)
-          basic-auth-username: basic-auth-user
-          basic-auth-password: basic-auth-pass
+          basic-auth-username: ${UN}
+          basic-auth-password: ${PW}
           # ssl store configuration (optional)
           ssl-trust-store: /app/truststore.jks
-          ssl-trust-store-password: trust-store-password
+          ssl-trust-store-password: ${PW}
           ssl-key-store: /app/truststore.jks
-          ssl-key-store-password: key-store-password
+          ssl-key-store-password: ${PW}
         - name: connect-2
           url: "http://connect:8084"
           # Basic Auth user / pass (optional)
-          basic-auth-username: basic-auth-user
-          basic-auth-password: basic-auth-pass
+          basic-auth-username: ${UN}
+          basic-auth-password: ${PW}
           # ssl store configuration (optional)
           ssl-trust-store: /app/truststore.jks
-          ssl-trust-store-password: trust-store-password
+          ssl-trust-store-password: ${PW}
           ssl-key-store: /app/truststore.jks
-          ssl-key-store-password: key-store-password
+          ssl-key-store-password: ${PW}
       deserialization:
         protobuf:
           # (optional) if descriptor-file properties are used
           descriptors-folder: "/app/protobuf_desc"
           topics-mapping:
             - topic-regex: "album.*"
-              descriptor-file-base64: "Cs4BCgthbGJ1bS5wcm90bxIXY29tLm5ldGNyYWNrZXIucHJvdG9idWYidwoFQWxidW0SFAoFdGl0bGUYASABKAlSBXRpdGxlEhYKBmFydGlzdBgCIAMoCVIGYXJ0aXN0EiEKDHJlbGVhc2VfeWVhchgDIAEoBVILcmVsZWFzZVllYXISHQoKc29uZ190aXRsZRgEIAMoCVIJc29uZ1RpdGxlQiUKF2NvbS5uZXRjcmFja2VyLnByb3RvYnVmQgpBbGJ1bVByb3RvYgZwcm90bzM="
+              descriptor-file-base64: "" #Base64
               value-message-type: "Album"
             - topic-regex: "film.*"
-              descriptor-file-base64: "CuEBCgpmaWxtLnByb3RvEhRjb20uY29tcGFueS5wcm90b2J1ZiKRAQoERmlsbRISCgRuYW1lGAEgASgJUgRuYW1lEhoKCHByb2R1Y2VyGAIgASgJUghwcm9kdWNlchIhCgxyZWxlYXNlX3llYXIYAyABKAVSC3JlbGVhc2VZZWFyEhoKCGR1cmF0aW9uGAQgASgFUghkdXJhdGlvbhIaCghzdGFycmluZxgFIAMoCVIIc3RhcnJpbmdCIQoUY29tLmNvbXBhbnkucHJvdG9idWZCCUZpbG1Qcm90b2IGcHJvdG8z"
+              descriptor-file-base64: "" #Base64
               value-message-type: "Film"
             - topic-regex: "test.*"
               descriptor-file: "other.desc"
@@ -110,22 +110,22 @@ akhq:
         bootstrap.servers: "kafka:9093"
         security.protocol: SSL
         ssl.truststore.location: /app/truststore.jks
-        ssl.truststore.password: password
+        ssl.truststore.password: ${PW}
         ssl.keystore.location: /app/keystore.jks
-        ssl.keystore.password: password
-        ssl.key.password: password
+        ssl.keystore.password: ${PW}
+        ssl.key.password: ${PW}
 
     my-cluster-sasl:
       properties:
         bootstrap.servers: "kafka:9094"
         security.protocol: SASL_SSL
         sasl.mechanism: SCRAM-SHA-256
-        sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="admin" password="password";
+        sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="${UN}" password="${PW}";
         ssl.truststore.location: /app/truststore.jks
-        ssl.truststore.password: password
+        ssl.truststore.password: ${PW}
         ssl.keystore.location: /app/keystore.jks
-        ssl.keystore.password: password
-        ssl.key.password: password
+        ssl.keystore.password: ${PW}
+        ssl.key.password: ${PW}
 
   pagination:
     page-size: 25 # number of elements per page (default : 25)
@@ -210,8 +210,8 @@ akhq:
 
     # Basic auth configuration
     basic-auth:
-      - username: user # Username
-        password: pass # Password in sha256
+      - username: ${UN} # Username
+        password: ${PW} # Password in sha256
         groups: # Groups for the user
           - admin
           - topic-reader
@@ -227,10 +227,10 @@ akhq:
           groups:
             - admin
       users:
-        - username: riemann # ldap user id
+        - username: ${UN} # ldap user id
           groups: # Akhq groups list
             - topic-reader
-        - username: einstein
+        - username: ${UN}
           groups:
             - admin
 
@@ -240,7 +240,7 @@ akhq:
       providers:
         oidc:
           label: "Login with OIDC"
-          username-field: preferred_username
+          username-field: ${UN}
           groups-field: roles
           default-group: topic-reader
           groups:
@@ -248,6 +248,6 @@ akhq:
               groups:
                 - admin
           users:
-            - username: einstein
+            - username: ${UN}
               groups:
                 - admin