The Spring Cloud Services Config Server can serve configuration properties from either Git or HashiCorp Vault configuration sources. Configuration properties can be applicable to all apps that use the Config Server, specific to an app, or specific to a Spring application profile.
Git
If using a Git configuration source, you must store properties in YAML or Java .properties files.
Global configuration
You can store configuration properties so that they are served to all apps which use the Config Server. In the configuration repository, a file named application.yml or application.properties contains configuration which will be served to all apps that access the Config Server.
Using YAML
An example of a global application.yml file:
message: Hi there!
Using a properties file
An example of a global application.properties file:
message=Hi there!
Application-specific configuration
You can store configuration properties so that they are served only to a specific app. In the configuration repository, a file named [APP-NAME].yml or [APP-NAME].properties, where [APP-NAME] is the name of an app, contains configuration which will be served only to the APP-NAME app.
Using YAML
An example of an app-specific cook.yml file:
server:
port: 80
cook:
special: Fried Salamander
Using a properties file
An example of an app-specific cook.properties file:
server.port=80
cook.special=Fried Salamander
Profile-specific configuration
You can store configuration properties so that they are served only to apps which have activated a specific Spring application profile. In the configuration repository, a file named [APP-NAME]-[PROFILE-NAME].yml or [APP-NAME]-[PROFILE-NAME].properties, where [APP-NAME] is the name of an app and [PROFILE-NAME] is the name of an application profile, contains configuration which will be served only to the APP-NAME app running with the [PROFILE-NAME] profile activated. Within a YAML file named [APP-NAME].yml, a document that begins by setting the spring.profiles property contains configuration which will be served only to the APP-NAME app running with the profile specified by the spring.profiles property.
Using YAML
An example of a profile-specific cook-dev.yml file:
server:
port: 8080
cook:
special: Birdfeather Tea
An example of a profile-specific YAML document within a cook.yml file:
---
spring:
profiles: dev
server:
port: 8080
cook:
special: Birdfeather Tea
Using a properties file
An example of a profile-specific cook-dev.properties file:
server.port=8080
cook.special=Birdfeather Tea
Encrypted configuration
Note: Support for decrypting encrypted configuration was added in Spring Cloud Services for VMware Tanzu v3.1.6.
You can store configuration properties in encrypted form and have these properties decrypted by the Config Server before they are served to apps. In a file within the configuration repository, properties whose values are prefixed with {cipher} will be decrypted before they are served to client apps. To use this feature, you must configure the Config Server with an encryption key as described in Encryption and Encrypted Values.
Using YAML
In a YAML file, an encrypted property value must be surrounded by single quotes.
An example of an encrypted property value in an application.yml file:
secretMenu: '{cipher}AQA90Q3GIRAMu6ToMqwS++En2iFzMXIWX99G66yaZFRHrQNq64CntqOzWymd3xE7uJp
ZKQc9XBIkfyRz/HUGhXRdf3KZQ9bqclwmR5vkiLmN9DHlAxS+6biT+7f8ptKo3fzQ0gGOBaR4kTnWLBxmVaIkjq1
Qze4aIgsgUWuhbEek+3znkH9+Mc+5zNPvwN8hhgDMDVzgZLB+4YnvWJAq3Au4wEevakAHHxVY0mXcxj1Ro+H+Zel
IzfF8K2AvC3vmvlmxy9Y49Zjx0RhMzUx17eh3mAB8UMMRJZyUG2a2uGCXmz+UunTA5n/dWWOvR3VcZyzXPFSFkhN
ekw3db9XZ7goceJSPrRN+5s+GjLCPr+KSnhLmUt1XAScMeqTieNCHT5I='
Using a properties file
An example of an encrypted property value in an application.properties file:
secretMenu={cipher}AQA90Q3GIRAMu6ToMqwS++En2iFzMXIWX99G66yaZFRHrQNq64CntqOzWymd3xE7uJpZK
Qc9XBIkfyRz/HUGhXRdf3KZQ9bqclwmR5vkiLmN9DHlAxS+6biT+7f8ptKo3fzQ0gGOBaR4kTnWLBxmVaIkjq1Qz
e4aIgsgUWuhbEek+3znkH9+Mc+5zNPvwN8hhgDMDVzgZLB+4YnvWJAq3Au4wEevakAHHxVY0mXcxj1Ro+H+ZelIz
fF8K2AvC3vmvlmxy9Y49Zjx0RhMzUx17eh3mAB8UMMRJZyUG2a2uGCXmz+UunTA5n/dWWOvR3VcZyzXPFSFkhNek
w3db9XZ7goceJSPrRN+5s+GjLCPr+KSnhLmUt1XAScMeqTieNCHT5I=
Plain text configuration
You can store configuration in files of other file types. The Spring Cloud Services Config Client library includes a PlainTextConfigClient that can be used to retrieve the contents of a plain text file as a Spring Resource.
For more information about using the Config Server to serve plain text files to a client app, see the Use Plain Text Configuration Files section of Writing Client Applications.
HashiCorp Vault
If using a HashiCorp Vault configuration source, you must write secrets to the Vault server using the vault Command Line Interface (CLI) tool. For more information about the Vault CLI tool, see the HashiCorp Vault documentation.
Global configuration
You can store configuration properties so that they are served to all apps which use the Config Server. A secret written to the secret/application path will be served to all apps that access the Config Server.
An example of setting a global configuration property:
$ vault write secret/application message=Greetings
Application-specific configuration
You can store configuration properties so that they are served only to a specific app. A secret written to the secret/[APP-NAME] path contains configuration which will be served only to the APP-NAME app.
An example of setting an app-specific configuration property:
$ vault write secret/cook message=Hi
Profile-specific configuration
You can store configuration properties so that they are served only to apps which have activated a specific Spring application profile. A secret written to the secret/[APP-NAME],[PROFILE-NAME] path, where [APP-NAME] is the name of an app and [PROFILE-NAME] is the name of an application profile, contains configuration which will be served only to the APP-NAME app running with the [PROFILE-NAME] profile activated.
An example of setting a profile-specific configuration property:
$ vault write secret/cook,dev message=Ho
