The documentation you are viewing is for Dapr v1.8 which is an older version of Dapr. For up-to-date documentation, see the latest version.

Define a component

Create a component definition file to interact with the secrets building block

When building an app, you’d most likely create your own component file definitions, depending on the building block and specific component that you’d like to use.

In this tutorial, you will create a component definition file to interact with the secrets building block API:

  • Create a local JSON secret store.
  • Register the secret store with Dapr using a component definition file.
  • Obtain the secret using the Dapr HTTP API.

Step 1: Create a JSON secret store

Dapr supports many types of secret stores, but for this tutorial, create a local JSON file named mysecrets.json with the following secret:

{
   "my-secret" : "I'm Batman"
}

Step 2: Create a secret store Dapr component

  1. Create a new directory named my-components to hold the new component file:

    mkdir my-components
    
  2. Navigate into this directory.

    cd my-components
    
  3. Create a new file localSecretStore.yaml with the following contents:

    apiVersion: dapr.io/v1alpha1
    kind: Component
    metadata:
      name: my-secret-store
      namespace: default
    spec:
      type: secretstores.local.file
      version: v1
      metadata:
      - name: secretsFile
        value: <PATH TO SECRETS FILE>/mysecrets.json
      - name: nestedSeparator
        value: ":"
    

In the above file definition:

  • type: secretstores.local.file tells Dapr to use the local file component as a secret store.
  • The metadata fields provide component-specific information needed to work with this component. In this case, the secret store JSON path is relative to where you call dapr run.

Step 3: Run the Dapr sidecar

Launch a Dapr sidecar that will listen on port 3500 for a blank application named myapp:

dapr run --app-id myapp --dapr-http-port 3500 --components-path ./my-components

Step 4: Get a secret

In a separate terminal, run:


curl http://localhost:3500/v1.0/secrets/my-secret-store/my-secret

Invoke-RestMethod -Uri 'http://localhost:3500/v1.0/secrets/my-secret-store/my-secret'

Output:

{"my-secret":"I'm Batman"}
Next step: Set up a Pub/sub broker >>