HikariCP
HikariCP copied to clipboard
Make HikariConfig able to retrieve passwords dynamically from a password supplier
#1196
Adds a passwordSupplier property with setter and getter Refactors the password property to use a built-in passwordSupplier If setting the password directly, the passwordSupplier property returns NULL
This pull request addresses the changes requested by Brett.
My particular use case is using Hashicorp Vault to manage MySQL account passwords... Performing a rotation of the MySQL account passwords in Vault would push the new password to MySQL, the existing connections (created with the old password) will be closed, then Hikari will try to obtain new connections and for that it will call the supplier that will fetch the new password from Vault.
Regarding the issue about the supplier making frequent calls to the system where the password is stored, in our case Vault, calls will be made only when needing to create a new connection, which would typically happen on startup of when an existing connection fails. Said that is up to the supplier implementation to try to be nice by caching if that is acceptable in the specific use case.