Spring Boot Secret Properties: How to store secrets in your Configuration Properties
Vložit
- čas přidán 13. 03. 2022
- In this tutorial, you will learn how to use Spring Boot secret properties in your next application. When you define your own configuration properties you need to find a way to set secret properties. You can do this through command-line arguments or environment variables, but I often forget that they are there.
Spring Boot 2.4 gave us the ability to import additional configuration files. In this demo, you will set the secret values in a file called secret.properties and ignore it from Git, so it doesn't get checked in. To wrap this up I will show you how to deploy this project to Heroku and override those secret properties using config vars.
🔗Resources & Links mentioned in this video:
Github Repo: github.com/danvega/spring-boo...
👋🏻Connect with me:
Website: www.danvega.dev
Twitter: / therealdanvega
Github: github.com/danvega
LinkedIn: / danvega
Newsletter: www.danvega.dev/newsletter
SUBSCRIBE TO MY CHANNEL: bit.ly/2re4GH0 ❤️ - Věda a technologie
Super helpful, thanks for showing the production method, cleared all my doubts ❤
Be aware that unless you take certain steps, if you build your archive from IDE your secrets.yml file will be packaged in the final application archive.
thank you so much for this comment, there is a huge chance I wouldn't notice if not for your comment
which step need to be taken
This was super helpful. I have been looking for a way to have .env files within Java and Spring boot. Coming from javascript as well its sooo easy. But you have made it so easy on this language as well. Thank You!
Great video!! Been looking for this and by far the best explanation.
Glad it was helpful!
Thanks a ton! This is helpful! I really did not know how to deploy in production as a personal project. This gives me new horizons to explore and learn!
Glad it helped!
Great video sir... was searching for this kind of mechanism... Thank you Sir
That was crazy helpful! Thanks a lot
Glad it helped!
Thank you so much!
This is great! Didn't know that such thing exists before this. I have just create new profile application file and put git ignore that file or pass those variables as environment variable 😅
Hi, this is really gold, thank you
Thank you
Thank you too!
Big thumbs up!
Thank you a lot!!!
as always great content, can you please in the future make videos about testing integration and e2e pleasee, and please we need more content
very usefull, thanks you
Thank you!
Basically if I do the same with aws/azure cloud provider , I just need to make sure to have those properties in env , is that understanding correct ?
saved my day, thanks alot
You're welcome!
Hi!, nice video, it was useful for me, but I want to know if you have a similiar video where explain how to convert aws secrets in a configuration properties to use. Thanks
If you have multiple devs working on the project how do you set them up with all of the secrets? Doesn't it become unmanageable?
Thank you 🎉🎉.
in our team with the help of spring-config-location , its operation group that would put config file near jars .
We never have operational environment config during coding . Imo its not good practice.
This is a great tutorial. Learnt a lot from this. Thanks a lot.
One curious question: From where did you get this animated picture of your face? I want to generate too :) Can you share the link please?
How to solve my Java With Maven CI build fail because it can't resolve those variables?
@Dan Vega
Thank you for wonderful Video on Spring boot secrets with Java 17 version,
Could you help me how can we do same example for Java 8 version where we do not have record type is not present
How do you deal with Github workflows not working after doing this?
Can you show us the vault integration?
Previously I just created a prod profile, set it as active before creating the jar, or add it to the command line args on production. If I didn't want to make those configs/credentials public, just ignored the prod file in gitignore
Including properties files is quite a nice addition, I might even use this to organize configurations in different files
fire🔥
My spring.config.import=optional:secrets.properties is not importing, not working. Is not seeing it, returns NullException and pointing at the main class where I declare (map) the configuration properties. How can I resolve it please?
Check spring boot version. I think spring.config.import is only since like 2.4.0 or smth.
Yes I want to go with you
is it possible to use classpath: or file: besides that optional: option?
You can use classpath or file to locate a file but optional is used to tell Spring not to fall over if its not found.
why not use jasypt?
Thanks for the video, what about the case when we build a Docker image ? In real life, our DevOps "Philosophy" regarding containers, is to build and image independently from the environment (DEV, UAT or PROD) and to add the config (with secrets) later when deploying.
You can set an environment variable in docker, you're just overriding that.
I use Jasypt to encrypt these secrets
Where do you store jasypt encrypt/decrypt key?