3

So my application.properties would look like:

spring.datasource.url=jdbc:sqlserver://localhost:1433;databaseName=mydb
spring.datasource.username=user
spring.datasource.password=123456
spring.jpa.database-platform=org.hibernate.dialect.SQLServer2012Dialect

I don't want others to be able to see my user and password when they go into my application.properties file.

Is there an alternative way to push values to cloud foundry? Something like manifest.yml?

Attempt to create manifest.yml

I tried to make a manifest file so I can bind it with my application on cloud foundry.

VCAP_SERVICES =
{
  "oraclesql": [
    {
      "name": "OrcaleDb",
      "label": "oraclesql",
      "tags": [
        "oracledb",
        "oracle",
        "relational"
      ],
      "plan": "free",
      "credentials": {
        "uri": "jdbc:sqlserver://localhost:1433;databaseName=mydb",
        "username": "user",
        "password": "123456"        
      }
    }
  ]
}

Created application.yml

//this works
    spring:
        application:
            name: tester
        datasource:
            driverClassName: jdbc:sqlserver://localhost:1433;databaseName=mydb
            username: user
            password: 123456
            initialize: false
        jpa:
            databasePlatform: org.hiberate.dialect.Oracle10gDialect
JayC
  • 2,144
  • 8
  • 42
  • 77
  • Possible duplicate of [Spring Boot how to hide passwords in properties file](http://stackoverflow.com/questions/37404703/spring-boot-how-to-hide-passwords-in-properties-file) – dustin.schultz Feb 20 '17 at 17:30
  • If you just want them out of application.properties, take a look at the docs on externalizing configuration for Spring Boot -> https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html. An option that works well with CF is to set environment variables. You can set them through manifest.yml too. – Daniel Mikusa Feb 20 '17 at 18:14
  • Can you provide me a link on how to set them through manifest.yml? @DanielMikusa That is what I want to do. Switch from app.properties to manifest. – JayC Feb 20 '17 at 18:35

2 Answers2

4

Yes and no. Unfortunately the manifest.yml doesn't work quite like that. The file provides the settings that will be used for cf push. It's application agnostic and doesn't know anything about Spring, Java, your programming language or your application framework of choice. Thus it cannot make changes to your application.properties file or other framework specific configuration.

Fortunately, there are many ways to configure Spring Boot (see here) and one of them is via environment variables. What's fortunate about this is that you can set environment variables via manifest.yml. Thus if you set the proper environment variables in manifest.yml, you can configure your application.

For reference, here are instructions for setting env variables in manifest.yml.

https://docs.cloudfoundry.org/devguide/deploy-apps/manifest.html#env-block

It looks roughly like this:

---
  ...
  env:
    ENV_1: val_1
    ENV_2: val_2

Spring Boot will map environment variables to properties using the rules explained here. A basic example would be SPRING_DATASOURCE_USERNAME maps to spring.datasource.username in application.properties.

Daniel Mikusa
  • 13,716
  • 1
  • 22
  • 28
  • With manifest.yml my password would be hardcoded as a ENV and the value will be passed into application.properies, Correct? – JayC Feb 22 '17 at 18:38
  • Yes. It's not passed in though, so much as it overrides what's set in application.properties. If you have ENV_1 env variable, it will override env.1 in the properties file. Look at Spring Boot docs (link in my post) for order of these overrides. – Daniel Mikusa Feb 22 '17 at 22:03
  • How would I be able to rewrite this as a manifest.yml VCap services? I posted my attempt it dont seem to work. – JayC Feb 23 '17 at 18:10
  • That's a different question altogether. What you're asking now is how to pull credentials from a bound service. There's a lot of ways to do this in Spring. Some are covered here: https://docs.cloudfoundry.org/buildpacks/java/spring-service-bindings.html. I also found this blog to be very helpful, it explains the different options well: https://spring.io/blog/2015/04/27/binding-to-data-services-with-spring-boot-in-cloud-foundry – Daniel Mikusa Feb 23 '17 at 22:07
0

What you actually want to do here is have your database connection as a cloud foundry service rather than defined in your application.properties. As Daniel's answer suggests, Spring can pick up ENV variables, but setting connection details in the manifest is not the idiomatic way to do this.

By having a service, the connection details are stored in the VCAP_SERVICES variable when bound to the application - spring can read from there. The spring-music app shows the prototypical way of doing this.

Robert
  • 8,406
  • 9
  • 38
  • 57