Configuration Properties

The Config Server can serve configuration properties from either Git or HashiCorp Vault configuration sources. Configuration properties can be applicable to all applications that use the Config Server, specific to an application, or specific to a Spring application profile, and can be stored in encrypted form.

See below for information about the structure and format of configuration properties to be served by the Config Server.

Git

If using a Git configuration source, you must store properties in YAML or Java .properties files.

Global Configuration

You can store configuration properties so that they are served to all applications which use the Config Server. In the configuration repository, a file named application.yml or application.properties contains configuration which will be served to all applications that access the Config Server.

Using YAML

An example of a global application.yml file:

message: Hi there!

Using a Properties File

An example of a global application.properties file:

message=Hi there!

Application-Specific Configuration

You can store configuration properties so that they are served only to a specific application. In the configuration repository, a file named [APP-NAME].yml or [APP-NAME].properties, where [APP-NAME] is the name of an application, contains configuration which will be served only to the APP-NAME application.

Using YAML

An example of an application-specific cook.yml file:

server:
  port: 80

cook:
  special: Fried Salamander

Using a Properties File

An example of an application-specific cook.properties file:

server.port=80

cook.special=Fried Salamander

Profile-Specific Configuration

You can store configuration properties so that they are served only to applications which have activated a specific Spring application profile. In the configuration repository, a file named [APP-NAME]-[PROFILE-NAME].yml or [APP-NAME]-[PROFILE-NAME].properties, where [APP-NAME] is the name of an application and [PROFILE-NAME] is the name of an application profile, contains configuration which will be served only to the APP-NAME application running with the [PROFILE-NAME] profile activated. Within a YAML file named [APP-NAME].yml, a document that begins by setting the spring.profiles property contains configuration which will be served only to the APP-NAME application running with the profile specified by the spring.profiles property.

Using YAML

An example of a profile-specific cook-dev.yml file:

server:
  port: 8080

cook:
  special: Birdfeather Tea

An example of a profile-specific YAML document within a cook.yml file:

---
spring:
  profiles: dev

server:
  port: 8080

cook:
  special: Birdfeather Tea

Using a Properties File

An example of a profile-specific cook-dev.properties file:

server.port=8080

cook.special=Birdfeather Tea

Encrypted Configuration

You can store configuration properties in encrypted form and have these properties decrypted by the Config Server before they are served to applications. In a file within the configuration repository, properties whose values are prefixed with {cipher} will be decrypted before they are served to client applications. To use this feature, you must configure the Config Server with an encryption key as described in the Encryption and Encrypted Values section of the Configuring with Git topic.

Using YAML

In a YAML file, an encrypted property value must be surrounded by single quotes.

An example of an encrypted property value in an application.yml file:

secretMenu: '{cipher}AQA90Q3GIRAMu6ToMqwS++En2iFzMXIWX99G66yaZFRHrQNq64CntqOzWymd3xE7uJp
ZKQc9XBIkfyRz/HUGhXRdf3KZQ9bqclwmR5vkiLmN9DHlAxS+6biT+7f8ptKo3fzQ0gGOBaR4kTnWLBxmVaIkjq1
Qze4aIgsgUWuhbEek+3znkH9+Mc+5zNPvwN8hhgDMDVzgZLB+4YnvWJAq3Au4wEevakAHHxVY0mXcxj1Ro+H+Zel
IzfF8K2AvC3vmvlmxy9Y49Zjx0RhMzUx17eh3mAB8UMMRJZyUG2a2uGCXmz+UunTA5n/dWWOvR3VcZyzXPFSFkhN
ekw3db9XZ7goceJSPrRN+5s+GjLCPr+KSnhLmUt1XAScMeqTieNCHT5I='

Using a Properties File

An example of an encrypted property value in an application.properties file:

secretMenu={cipher}AQA90Q3GIRAMu6ToMqwS++En2iFzMXIWX99G66yaZFRHrQNq64CntqOzWymd3xE7uJpZK
Qc9XBIkfyRz/HUGhXRdf3KZQ9bqclwmR5vkiLmN9DHlAxS+6biT+7f8ptKo3fzQ0gGOBaR4kTnWLBxmVaIkjq1Qz
e4aIgsgUWuhbEek+3znkH9+Mc+5zNPvwN8hhgDMDVzgZLB+4YnvWJAq3Au4wEevakAHHxVY0mXcxj1Ro+H+ZelIz
fF8K2AvC3vmvlmxy9Y49Zjx0RhMzUx17eh3mAB8UMMRJZyUG2a2uGCXmz+UunTA5n/dWWOvR3VcZyzXPFSFkhNek
w3db9XZ7goceJSPrRN+5s+GjLCPr+KSnhLmUt1XAScMeqTieNCHT5I=

Vault

If using a HashiCorp Vault configuration source, you must write secrets to the Vault server using the vault Command Line Interface (CLI) tool.

Global Configuration

You can store configuration properties so that they are served to all applications which use the Config Server. A secret written to the secret/application path will be served to all applications that access the Config Server.

An example of setting a global configuration property:

$ vault write secret/application message=Greetings

Application-Specific Configuration

You can store configuration properties so that they are served only to a specific application. A secret written to the secret/[APP-NAME] path contains configuration which will be served only to the APP-NAME application.

An example of setting an application-specific configuration property:

$ vault write secret/cook message=Hi

Profile-Specific Configuration

You can store configuration properties so that they are served only to applications which have activated a specific Spring application profile. A secret written to the secret/[APP-NAME],[PROFILE-NAME] path, where [APP-NAME] is the name of an application and [PROFILE-NAME] is the name of an application profile, contains configuration which will be served only to the APP-NAME application running with the [PROFILE-NAME] profile activated.

An example of setting a profile-specific configuration property:

$ vault write secret/cook,dev message=Ho
Create a pull request or raise an issue on the source for this page in GitHub