Secret Management ๐
This document explains how sensitive configuration and secrets are managed securely in ShopVerse.
Secret management is critical for protecting credentials, tokens, and third-party integrations in a production-ready microservices system.
๐ฏ Why Secret Management Mattersโ
Secrets include:
- JWT signing keys
- Database passwords
- Kafka credentials
- Razorpay API keys
- OAuth / third-party tokens
If exposed, they can lead to:
- Account compromise
- Data breaches
- Financial loss
- Full system takeover
ShopVerse follows industry best practices to mitigate these risks.
๐ง Core Principlesโ
ShopVerse secret management follows these principles:
- Secrets never live in source code
- Secrets are environment-specific
- Secrets are injected at runtime
- Least privilege access
- Easy rotation without code changes
๐ฆ Types of Secrets in ShopVerseโ
| Secret Type | Examples |
|---|---|
| Authentication | JWT secret key |
| Database | PostgreSQL, MongoDB passwords |
| Messaging | Kafka credentials |
| Payments | Razorpay key & secret |
| Infrastructure | Service registry credentials |
๐ How Secrets Are Storedโ
โ Environment Variables (Primary)โ
All secrets are injected via environment variables.
Example:
JWT_SECRET=shopverse_jwt_secret_key
DB_PASSWORD=strong_db_password
RAZORPAY_KEY=rzp_test_xxxxx
RAZORPAY_SECRET=xxxxxx
Spring Boot automatically resolves these values.
๐งพ Spring Configuration Exampleโ
jwt:
secret: ${JWT_SECRET}
spring:
datasource:
password: ${DB_PASSWORD}
razorpay:
key: ${RAZORPAY_KEY}
secret: ${RAZORPAY_SECRET}
No secret values appear in application.yml.
๐ณ Docker & Docker Composeโ
Secrets are passed to containers via environment variables.
services:
payment-service:
environment:
- RAZORPAY_KEY=${RAZORPAY_KEY}
- RAZORPAY_SECRET=${RAZORPAY_SECRET}
Secrets remain outside the image.
๐ Environment Separationโ
ShopVerse maintains separate secrets per environment:
| Environment | Purpose |
|---|---|
local | Development |
test | Testing |
prod | Production |
Each environment uses different credentials.
๐ JWT Secret Handlingโ
- JWT secret is stored as an environment variable
- Only Auth Service & API Gateway require access
- Services never expose or log the secret
- JWT secret rotation supported via redeploy
๐ณ Razorpay Secret Handlingโ
- Razorpay secret is never sent to frontend
- Used only in Payment Service
- Webhook signatures are verified using the secret
- Secrets differ for test & production modes
๐ก๏ธ What NOT to Do (Avoided in ShopVerse)โ
โ Commit secrets to GitHub โ Hardcode secrets in code โ Share secrets between services unnecessarily โ Log secret values โ Use same secret across environments
๐ Secret Rotation Strategyโ
ShopVerse supports safe secret rotation:
- Update secret in environment
- Restart affected service
- Old tokens naturally expire
- No code changes required
This ensures zero downtime rotation.
๐ง Future-Ready Improvementsโ
For advanced setups, ShopVerse can integrate with:
- HashiCorp Vault
- AWS Secrets Manager
- Azure Key Vault
- Kubernetes Secrets
The current design allows plug-and-play migration.
๐ Security Auditing & Debuggingโ
- Secrets are masked in logs
- Configuration files are reviewed before commits
.envfiles are ignored via.gitignore- CI/CD pipelines inject secrets securely
๐ง Interview Explanation (One-Liner)โ
โWe manage all secrets using environment variables, never commit them to source control, and inject them at runtime to support secure rotation and environment isolation.โ
๐ Summaryโ
ShopVerse secret management ensures:
- Strong protection of sensitive data
- Clean separation between code and configuration
- Environment-specific security
- Production-ready operational practices
Secret management is treated as a first-class security concern.