# Secret Type - PROPERTIES

The PROPERTIES-Type is for rendering property-files based on secrets stored in HashiCorp Vault in the mountpoints for kv-1 or kv-2.

### How To

First store some secrets in HashiCorp Vault:

```bash
$ vault write datasource/host host=localhost
$ vault kv put database/root username=root password=verysecure
```

After this create the following Vault-Resource and apply it to Kubernetes:

```yaml
apiVersion: "koudingspawn.de/v1"
kind: Vault
metadata:
  name: properties-example
spec:
  type: "PROPERTIES"
  propertiesConfiguration:
    files:
      application.properties: |
        datasource.username={{ vault.lookupV2('database/root').get('username') }}
        datasource.password={{ vault.lookupV2('database/root').get('password') }}
        datasource.host={{ vault.lookup('datasource/host', 'host') }}
```

Now you should see, that the secret gets rendered and stored in Kubernetes and the Vault resource is also available:

```
$ kubectl get vault properties-example
NAME                  AGE
properties-example    10s
```

```
$ kubectl get secret properties-example
NAME                                   TYPE                                  DATA      AGE
properties-example                     Opaque                                1         9s
```

### Rendering Options

The following expressions are available for rendering secrets stored in HashiCorp Vault:

| Method                                               | returns      | Description                                                                                                                      |
| ---------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------- |
| vault.lookup(String path)                            | Java:HashMap | Looks inside a KV-1 Store for stored key-value pairs. The secrets are now available via .get('key')                              |
| vault.lookup(String path, String key)                | String       | Looks inside a KV-1 Store for stored key in key-value path.                                                                      |
| vault.lookupV2(String path)                          | Java:HashMap | Looks inside a KV-2 Store for stored key-value pairs. The secrets are now available via .get('key'). It uses the latest version. |
| vault.lookupV2(String path, String key)              | String       | Looks inside a KV-2 Store for stored key in key-value path. It uses the latest version.                                          |
| vault.lookupV2(String path, int version, String key) | String       | Looks inside a KV-2 Store for stored key in key-value path with a specific version.                                              |

### Change Adjustment Callback

For more details please see [Change Detection](https://vault.koudingspawn.de/change-detection)!