Antora migration

This commit is contained in:
spencergibb
2023-09-19 12:19:19 -04:00
parent 10a5f611c0
commit adaf9ee6bb
45 changed files with 206 additions and 351 deletions

View File

@@ -10,15 +10,11 @@ image::https://codecov.io/gh/spring-cloud/spring-cloud-config/branch/master/grap
image::https://api.codacy.com/project/badge/Grade/f064024a072c477e97dca6ed5a70fccd?branch=master["Codacy code quality", link="https://www.codacy.com/app/Spring-Cloud/spring-cloud-config?branch=master&utm_source=github.com&utm_medium=referral&utm_content=spring-cloud/spring-cloud-config&utm_campaign=Badge_Grade"]
Spring Cloud Config provides server-side and client-side support for externalized configuration in a distributed system. With the Config Server, you have a central place to manage external properties for applications across all environments.
The concepts on both client and server map identically to the Spring `Environment` and `PropertySource` abstractions, so they fit very well with Spring applications but can be used with any application running in any language.
As an application moves through the deployment pipeline from dev to test and into production, you can manage the configuration between those environments and be certain that applications have everything they need to run when they migrate.
The default implementation of the server storage backend uses git, so it easily supports labelled versions of configuration environments as well as being accessible to a wide range of tooling for managing the content.
It is easy to add alternative implementations and plug them in with Spring configuration.
[[features]]
= Features
== Features
=== Spring Cloud Config Server
[[spring-cloud-config-server]]
== Spring Cloud Config Server
Spring Cloud Config Server offers the following benefits:
@@ -26,7 +22,8 @@ Spring Cloud Config Server offers the following benefits:
* Encrypt and decrypt property values (symmetric or asymmetric)
* Embeddable easily in a Spring Boot application using `@EnableConfigServer`
=== Spring Cloud Config Client
[[spring-cloud-config-client]]
== Spring Cloud Config Client
Specifically for Spring applications, Spring Cloud Config Client lets you:
@@ -40,203 +37,12 @@ Specifically for Spring applications, Spring Cloud Config Client lets you:
** `/pause` and `/resume` for calling the `Lifecycle` methods (`stop()` and `start()` on the `ApplicationContext`).
* Bootstrap application context: a parent context for the main application that can be trained to do anything (by default, it binds to the Config Server and decrypts property values).
== Quick Start
[[quick-start]]
= Quick Start
This quick start walks through using both the server and the client of Spring Cloud Config Server.
First, start the server, as follows:
----
$ cd spring-cloud-config-server
$ ../mvnw spring-boot:run
----
The server is a Spring Boot application, so you can run it from your IDE if you prefer to do so (the main class is `ConfigServerApplication`).
Next try out a client, as follows:
----
$ curl localhost:8888/foo/development
{
"name": "foo",
"profiles": [
"development"
]
....
"propertySources": [
{
"name": "https://github.com/spring-cloud-samples/config-repo/foo-development.properties",
"source": {
"bar": "spam",
"foo": "from foo development"
}
},
{
"name": "https://github.com/spring-cloud-samples/config-repo/foo.properties",
"source": {
"foo": "from foo props",
"democonfigclient.message": "hello spring io"
}
},
....
----
The default strategy for locating property sources is to clone a git repository (at `spring.cloud.config.server.git.uri`) and use it to initialize a mini `SpringApplication`.
The mini-application's `Environment` is used to enumerate property sources and publish them at a JSON endpoint.
The HTTP service has resources in the following form:
----
/{application}/{profile}[/{label}]
/{application}-{profile}.yml
/{label}/{application}-{profile}.yml
/{application}-{profile}.properties
/{label}/{application}-{profile}.properties
----
For example:
----
curl localhost:8888/foo/development
curl localhost:8888/foo/development/master
curl localhost:8888/foo/development,db/master
curl localhost:8888/foo-development.yml
curl localhost:8888/foo-db.properties
curl localhost:8888/master/foo-db.properties
----
where `application` is injected as the `spring.config.name` in the `SpringApplication` (what is normally `application` in a regular Spring Boot app), `profile` is an active profile (or comma-separated list of properties), and `label` is an optional git label (defaults to `master`.)
Spring Cloud Config Server pulls configuration for remote clients from various sources. The following example gets configuration from a git repository (which must be provided), as shown in the following example:
[source,yaml]
----
spring:
cloud:
config:
server:
git:
uri: https://github.com/spring-cloud-samples/config-repo
----
Other sources are any JDBC compatible database, Subversion, Hashicorp Vault, Credhub and local filesystems.
=== Client Side Usage
To use these features in an application, you can build it as a Spring Boot application that depends on spring-cloud-config-client (for an example, see the test cases for the config-client or the sample application).
The most convenient way to add the dependency is with a Spring Boot starter `org.springframework.cloud:spring-cloud-starter-config`.
There is also a parent pom and BOM (`spring-cloud-starter-parent`) for Maven users and a Spring IO version management properties file for Gradle and Spring CLI users. The following example shows a typical Maven configuration:
[source,xml,indent=0]
.pom.xml
----
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>{spring-boot-docs-version}</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>{spring-cloud-version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
<!-- repositories also needed for snapshots and milestones -->
----
Now you can create a standard Spring Boot application, such as the following HTTP server:
----
@SpringBootApplication
@RestController
public class Application {
@RequestMapping("/")
public String home() {
return "Hello World!";
}
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
----
When this HTTP server runs, it picks up the external configuration from the default local config server (if it is running) on port 8888.
To modify the startup behavior, you can change the location of the config server by using `application.properties` as shown in the following example:
----
spring.config.import=optional:configserver:http://myconfigserver.com
----
By default, if no application name is set, `application` will be used. To modify the name, the following property can be added to the `application.properties` file:
----
spring.application.name: myapp
----
NOTE: When setting the property `${spring.application.name}` do not prefix your app name with the reserved word `application-` to prevent issues resolving the correct property source.
The Config Server properties show up in the `/env` endpoint as a high-priority property source, as shown in the following example.
----
$ curl localhost:8080/env
{
"activeProfiles": [],
{
"name": "servletContextInitParams",
"properties": {}
},
{
"name": "configserver:https://github.com/spring-cloud-samples/config-repo/foo.properties",
"properties": {
"foo": {
"value": "bar",
"origin": "Config Server https://github.com/spring-cloud-samples/config-repo/foo.properties:2:12"
}
}
},
...
}
----
A property source called `configserver:<URL of remote repository>/<file name>` contains the `foo` property with a value of `bar`.
NOTE: The URL in the property source name is the git repository, not the config server URL.
WARNING: If you use Spring Cloud Config Client, you need to set the `spring.config.import` property in order to bind to Config Server. You can read more about it https://docs.spring.io/spring-cloud-config/docs/current/reference/html/#config-data-import[in the Spring Cloud Config Reference Guide].
=== Sample Application
[[sample-application]]
== Sample Application
You can find a sample application https://github.com/spring-cloud/spring-cloud-config/tree/master/spring-cloud-config-sample[here].
It is a Spring Boot application, so you can run it by using the usual mechanisms (for instance, `mvn spring-boot:run`).
@@ -262,11 +68,13 @@ sampleValue
The refresh endpoint reports that the "sample" property changed.
== Building
[[building]]
= Building
:jdkversion: 17
=== Basic Compile and Test
[[basic-compile-and-test]]
== Basic Compile and Test
To build the source you will need to install JDK {jdkversion}.
@@ -293,31 +101,36 @@ source control.
The projects that require middleware (i.e. Redis) for testing generally
require that a local instance of [Docker](https://www.docker.com/get-started) is installed and running.
=== Documentation
[[documentation]]
== Documentation
The spring-cloud-build module has a "docs" profile, and if you switch
that on it will try to build asciidoc sources from
`src/main/asciidoc`. As part of that process it will look for a
`README.adoc` and process it by loading all the includes, but not
that on it will try to build asciidoc sources using https://docs.antora.org/antora/latest/[Antora] from
`modules/ROOT/`.
As part of that process it will look for a
`docs/src/main/asciidoc/README.adoc` and process it by loading all the includes, but not
parsing or rendering it, just copying it to `${main.basedir}`
(defaults to `${basedir}`, i.e. the root of the project). If there are
(defaults to `$\{basedir}`, i.e. the root of the project). If there are
any changes in the README it will then show up after a Maven build as
a modified file in the correct place. Just commit it and push the change.
=== Working with the code
[[working-with-the-code]]
== Working with the code
If you don't have an IDE preference we would recommend that you use
https://www.springsource.com/developer/sts[Spring Tools Suite] or
https://eclipse.org[Eclipse] when working with the code. We use the
https://eclipse.org/m2e/[m2eclipse] eclipse plugin for maven support. Other IDEs and tools
should also work without issue as long as they use Maven 3.3.3 or better.
==== Activate the Spring Maven profile
[[activate-the-spring-maven-profile]]
=== Activate the Spring Maven profile
Spring Cloud projects require the 'spring' Maven profile to be activated to resolve
the spring milestone and snapshot repositories. Use your preferred IDE to set this
profile to be active, or you may experience build errors.
==== Importing into eclipse with m2eclipse
[[importing-into-eclipse-with-m2eclipse]]
=== Importing into eclipse with m2eclipse
We recommend the https://eclipse.org/m2e/[m2eclipse] eclipse plugin when working with
eclipse. If you don't already have m2eclipse installed it is available from the "eclipse
marketplace".
@@ -331,7 +144,8 @@ add the "spring" profile to your `settings.xml`. Alternatively you can
copy the repository settings from the "spring" profile of the parent
pom into your `settings.xml`.
==== Importing into eclipse without m2eclipse
[[importing-into-eclipse-without-m2eclipse]]
=== Importing into eclipse without m2eclipse
If you prefer not to use m2eclipse you can generate eclipse project metadata using the
following command:
@@ -344,7 +158,8 @@ The generated eclipse projects can be imported by selecting `import existing pro
from the `file` menu.
=== JCE
[[jce]]
== JCE
If you get an exception due to "Illegal key size" and you are using Suns JDK, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.
See the following links for more information:
@@ -357,17 +172,20 @@ https://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.h
Extract the JCE files into the `JDK/jre/lib/security` folder for whichever version of JRE/JDK x64/x86 you use.
== Contributing
[[contributing]]
= Contributing
:spring-cloud-build-branch: master
:spring-cloud-build-branch: main
Spring Cloud is released under the non-restrictive Apache 2.0 license,
and follows a very standard Github development process, using Github
tracker for issues and merging pull requests into master. If you want
tracker for issues and merging pull requests into main. If you want
to contribute even something trivial please do not hesitate, but
follow the guidelines below.
=== Sign the Contributor License Agreement
[[sign-the-contributor-license-agreement]]
== Sign the Contributor License Agreement
Before we accept a non-trivial patch or pull request we will need you to sign the
https://cla.pivotal.io/sign/spring[Contributor License Agreement].
Signing the contributor's agreement does not grant anyone commit rights to the main
@@ -375,19 +193,21 @@ repository, but it does mean that we can accept your contributions, and you will
author credit if we do. Active contributors might be asked to join the core team, and
given the ability to merge pull requests.
=== Code of Conduct
This project adheres to the Contributor Covenant https://github.com/spring-cloud/spring-cloud-build/blob/master/docs/src/main/asciidoc/code-of-conduct.adoc[code of
[[code-of-conduct]]
== Code of Conduct
This project adheres to the Contributor Covenant https://github.com/spring-cloud/spring-cloud-build/blob/main/docs/src/main/asciidoc/code-of-conduct.adoc[code of
conduct]. By participating, you are expected to uphold this code. Please report
unacceptable behavior to spring-code-of-conduct@pivotal.io.
=== Code Conventions and Housekeeping
[[code-conventions-and-housekeeping]]
== Code Conventions and Housekeeping
None of these is essential for a pull request, but they will all help. They can also be
added after the original pull request but before a merge.
* Use the Spring Framework code format conventions. If you use Eclipse
you can import formatter settings using the
`eclipse-code-formatter.xml` file from the
https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/spring-cloud-dependencies-parent/eclipse-code-formatter.xml[Spring
https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/main/spring-cloud-dependencies-parent/eclipse-code-formatter.xml[Spring
Cloud Build] project. If using IntelliJ, you can use the
https://plugins.jetbrains.com/plugin/6546[Eclipse Code Formatter
Plugin] to import the same file.
@@ -400,13 +220,14 @@ added after the original pull request but before a merge.
than cosmetic changes).
* Add some Javadocs and, if you change the namespace, some XSD doc elements.
* A few unit tests would help a lot as well -- someone has to do it.
* If no-one else is using your branch, please rebase it against the current master (or
* If no-one else is using your branch, please rebase it against the current main (or
other target branch in the main project).
* When writing a commit message please follow https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html[these conventions],
if you are fixing an existing issue please add `Fixes gh-XXXX` at the end of the commit
message (where XXXX is the issue number).
=== Checkstyle
[[checkstyle]]
== Checkstyle
Spring Cloud Build comes with a set of checkstyle rules. You can find them in the `spring-cloud-build-tools` module. The most notable files under the module are:
@@ -424,7 +245,8 @@ Spring Cloud Build comes with a set of checkstyle rules. You can find them in th
<2> File header setup
<3> Default suppression rules
==== Checkstyle configuration
[[checkstyle-configuration]]
=== Checkstyle configuration
Checkstyle rules are *disabled by default*. To add checkstyle to your project just define the following properties and plugins.
@@ -483,16 +305,18 @@ If you need to suppress some rules (e.g. line length needs to be longer), then i
It's advisable to copy the `${spring-cloud-build.rootFolder}/.editorconfig` and `${spring-cloud-build.rootFolder}/.springformat` to your project. That way, some default formatting rules will be applied. You can do so by running this script:
```bash
$ curl https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/.editorconfig -o .editorconfig
$ curl https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/main/.editorconfig -o .editorconfig
$ touch .springformat
```
=== IDE setup
[[ide-setup]]
== IDE setup
==== Intellij IDEA
[[intellij-idea]]
=== Intellij IDEA
In order to setup Intellij you should import our coding conventions, inspection profiles and set up the checkstyle plugin.
The following files can be found in the https://github.com/spring-cloud/spring-cloud-build/tree/master/spring-cloud-build-tools[Spring Cloud Build] project.
The following files can be found in the https://github.com/spring-cloud/spring-cloud-build/tree/main/spring-cloud-build-tools[Spring Cloud Build] project.
.spring-cloud-build-tools/
----
@@ -515,13 +339,13 @@ The following files can be found in the https://github.com/spring-cloud/spring-c
.Code style
image::https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/{spring-cloud-build-branch}/docs/src/main/asciidoc/images/intellij-code-style.png[Code style]
image::cloud-build:ROOT:intellij-code-style.png[Code style]
Go to `File` -> `Settings` -> `Editor` -> `Code style`. There click on the icon next to the `Scheme` section. There, click on the `Import Scheme` value and pick the `Intellij IDEA code style XML` option. Import the `spring-cloud-build-tools/src/main/resources/intellij/Intellij_Spring_Boot_Java_Conventions.xml` file.
.Inspection profiles
image::https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/{spring-cloud-build-branch}/docs/src/main/asciidoc/images/intellij-inspections.png[Code style]
image::cloud-build:ROOT:intellij-inspections.png[Code style]
Go to `File` -> `Settings` -> `Editor` -> `Inspections`. There click on the icon next to the `Profile` section. There, click on the `Import Profile` and import the `spring-cloud-build-tools/src/main/resources/intellij/Intellij_Project_Defaults.xml` file.
@@ -529,21 +353,23 @@ Go to `File` -> `Settings` -> `Editor` -> `Inspections`. There click on the icon
To have Intellij work with Checkstyle, you have to install the `Checkstyle` plugin. It's advisable to also install the `Assertions2Assertj` to automatically convert the JUnit assertions
image::https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/{spring-cloud-build-branch}/docs/src/main/asciidoc/images/intellij-checkstyle.png[Checkstyle]
image::cloud-build:ROOT:intellij-checkstyle.png[Checkstyle]
Go to `File` -> `Settings` -> `Other settings` -> `Checkstyle`. There click on the `+` icon in the `Configuration file` section. There, you'll have to define where the checkstyle rules should be picked from. In the image above, we've picked the rules from the cloned Spring Cloud Build repository. However, you can point to the Spring Cloud Build's GitHub repository (e.g. for the `checkstyle.xml` : `https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/spring-cloud-build-tools/src/main/resources/checkstyle.xml`). We need to provide the following variables:
Go to `File` -> `Settings` -> `Other settings` -> `Checkstyle`. There click on the `+` icon in the `Configuration file` section. There, you'll have to define where the checkstyle rules should be picked from. In the image above, we've picked the rules from the cloned Spring Cloud Build repository. However, you can point to the Spring Cloud Build's GitHub repository (e.g. for the `checkstyle.xml` : `https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/main/spring-cloud-build-tools/src/main/resources/checkstyle.xml`). We need to provide the following variables:
- `checkstyle.header.file` - please point it to the Spring Cloud Build's, `spring-cloud-build-tools/src/main/resources/checkstyle-header.txt` file either in your cloned repo or via the `https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/spring-cloud-build-tools/src/main/resources/checkstyle-header.txt` URL.
- `checkstyle.suppressions.file` - default suppressions. Please point it to the Spring Cloud Build's, `spring-cloud-build-tools/src/checkstyle/checkstyle-suppressions.xml` file either in your cloned repo or via the `https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/spring-cloud-build-tools/src/checkstyle/checkstyle-suppressions.xml` URL.
- `checkstyle.header.file` - please point it to the Spring Cloud Build's, `spring-cloud-build-tools/src/main/resources/checkstyle-header.txt` file either in your cloned repo or via the `https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/main/spring-cloud-build-tools/src/main/resources/checkstyle-header.txt` URL.
- `checkstyle.suppressions.file` - default suppressions. Please point it to the Spring Cloud Build's, `spring-cloud-build-tools/src/checkstyle/checkstyle-suppressions.xml` file either in your cloned repo or via the `https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/main/spring-cloud-build-tools/src/checkstyle/checkstyle-suppressions.xml` URL.
- `checkstyle.additional.suppressions.file` - this variable corresponds to suppressions in your local project. E.g. you're working on `spring-cloud-contract`. Then point to the `project-root/src/checkstyle/checkstyle-suppressions.xml` folder. Example for `spring-cloud-contract` would be: `/home/username/spring-cloud-contract/src/checkstyle/checkstyle-suppressions.xml`.
IMPORTANT: Remember to set the `Scan Scope` to `All sources` since we apply checkstyle rules for production and test sources.
=== Duplicate Finder
[[duplicate-finder]]
== Duplicate Finder
Spring Cloud Build brings along the `basepom:duplicate-finder-maven-plugin`, that enables flagging duplicate and conflicting classes and resources on the java classpath.
==== Duplicate Finder configuration
[[duplicate-finder-configuration]]
=== Duplicate Finder configuration
Duplicate finder is *enabled by default* and will run in the `verify` phase of your Maven build, but it will only take effect in your project if you add the `duplicate-finder-maven-plugin` to the `build` section of the projecst's `pom.xml`.

View File

@@ -1,6 +1,6 @@
name: cloud-config
version: true
title: spring-cloud-config
title: Spring Cloud Config
nav:
- modules/ROOT/nav.adoc
ext:

View File

@@ -1,41 +1,37 @@
* xref:index.adoc[]
* xref:spring-cloud-config.adoc[]
** xref:spring-cloud-config/quick-start.adoc[]
** xref:spring-cloud-config/server.adoc[]
*** xref:spring-cloud-config/server/environment-repository.adoc[]
**** xref:spring-cloud-config/server/environment-repository/git-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/version-control-backend-filesystem-use.adoc[]
**** xref:spring-cloud-config/server/environment-repository/file-system-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/vault-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/accessing-backends-through-a-proxy.adoc[]
**** xref:spring-cloud-config/server/environment-repository/sharing-configuration-with-all-applications.adoc[]
**** xref:spring-cloud-config/server/environment-repository/aws-secrets-manager.adoc[]
**** xref:spring-cloud-config/server/environment-repository/aws-parameter-store.adoc[]
**** xref:spring-cloud-config/server/environment-repository/jdbc-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/redis-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/aws-s3-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/aws-parameter-store-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/aws-secrets-manager-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/credhub-backend.adoc[]
**** xref:spring-cloud-config/server/environment-repository/composite-repositories.adoc[]
**** xref:spring-cloud-config/server/environment-repository/property-overrides.adoc[]
**** xref:spring-cloud-config/server/environment-repository/using-bootstrap-to-override-properties.adoc[]
**** xref:spring-cloud-config/server/environment-repository/overriding-properties-using-placeholders.adoc[]
**** xref:spring-cloud-config/server/environment-repository/overriding-properties-using-profiles.adoc[]
*** xref:spring-cloud-config/server/health-indicator.adoc[]
*** xref:spring-cloud-config/server/security.adoc[]
*** xref:spring-cloud-config/server/actuator-and-security.adoc[]
*** xref:spring-cloud-config/server/encryption-and-decryption.adoc[]
*** xref:spring-cloud-config/server/key-management.adoc[]
*** xref:spring-cloud-config/server/creating-a-key-store-for-testing.adoc[]
*** xref:spring-cloud-config/server/using-multiple-keys-and-key-rotation.adoc[]
*** xref:spring-cloud-config/server/serving-encrypted-properties.adoc[]
*** xref:spring-cloud-config/server/serving-alternative-formats.adoc[]
*** xref:spring-cloud-config/server/serving-plain-text.adoc[]
*** xref:spring-cloud-config/server/serving-binary-files.adoc[]
*** xref:spring-cloud-config/server/embedding-the.adoc[]
*** xref:spring-cloud-config/server/push-notifications-and-bus.adoc[]
*** xref:spring-cloud-config/server/-aot-and-native-image-support.adoc[]
** xref:spring-cloud-config/client.adoc[]
* xref:intro.adoc[]
* xref:quickstart.adoc[]
* xref:index.adoc[Introduction]
* xref:server.adoc[]
** xref:server/environment-repository.adoc[]
*** xref:server/environment-repository/git-backend.adoc[]
*** xref:server/environment-repository/version-control-backend-filesystem-use.adoc[]
*** xref:server/environment-repository/file-system-backend.adoc[]
*** xref:server/environment-repository/vault-backend.adoc[]
*** xref:server/environment-repository/accessing-backends-through-a-proxy.adoc[]
*** xref:server/environment-repository/sharing-configuration-with-all-applications.adoc[]
*** xref:server/environment-repository/aws-secrets-manager.adoc[]
*** xref:server/environment-repository/aws-parameter-store.adoc[]
*** xref:server/environment-repository/jdbc-backend.adoc[]
*** xref:server/environment-repository/redis-backend.adoc[]
*** xref:server/environment-repository/aws-s3-backend.adoc[]
*** xref:server/environment-repository/aws-parameter-store-backend.adoc[]
*** xref:server/environment-repository/aws-secrets-manager-backend.adoc[]
*** xref:server/environment-repository/credhub-backend.adoc[]
*** xref:server/environment-repository/composite-repositories.adoc[]
*** xref:server/environment-repository/property-overrides.adoc[]
*** xref:server/environment-repository/using-bootstrap-to-override-properties.adoc[]
*** xref:server/environment-repository/overriding-properties-using-placeholders.adoc[]
*** xref:server/environment-repository/overriding-properties-using-profiles.adoc[]
** xref:server/health-indicator.adoc[]
** xref:server/security.adoc[]
** xref:server/actuator-and-security.adoc[]
** xref:server/encryption-and-decryption.adoc[]
** xref:server/key-management.adoc[]
** xref:server/creating-a-key-store-for-testing.adoc[]
** xref:server/using-multiple-keys-and-key-rotation.adoc[]
** xref:server/serving-encrypted-properties.adoc[]
** xref:server/serving-alternative-formats.adoc[]
** xref:server/serving-plain-text.adoc[]
** xref:server/serving-binary-files.adoc[]
** xref:server/embedding.adoc[]
** xref:server/push-notifications-and-bus.adoc[]
** xref:server/aot-and-native-image-support.adoc[]
* xref:client.adoc[]

View File

@@ -42,7 +42,7 @@ The net result of this behavior is that all client applications that want to con
[[discovery-first-bootstrap]]
=== Discovery First Lookup
WARNING: Unless you are using xref:spring-cloud-config/client.adoc#config-first-bootstrap[config first bootstrap], you will need to have a `spring.config.import` property in your configuration properties with an `optional:` prefix.
WARNING: Unless you are using xref:client.adoc#config-first-bootstrap[config first bootstrap], you will need to have a `spring.config.import` property in your configuration properties with an `optional:` prefix.
For example, `spring.config.import=optional:configserver:`.
If you use a `DiscoveryClient` implementation, such as Spring Cloud Netflix and Eureka Service Discovery or Spring Cloud Consul, you can have the Config Server register with the Discovery Service.
@@ -113,7 +113,7 @@ This sets `spring.cloud.config.fail-fast=true` (notice the missing prefix above)
[[locating-remote-configuration-resources]]
== Locating Remote Configuration Resources
The Config Service serves property sources from `/{application}/{profile}/{label}`, where the default bindings in the client app are as follows:
The Config Service serves property sources from `/\{application}/\{profile}/\{label}`, where the default bindings in the client app are as follows:
* "application" = `${spring.application.name}`
* "profile" = `${spring.profiles.active}` (actually `Environment.getActiveProfiles()`)
@@ -211,7 +211,7 @@ spring:
The `spring.cloud.config.tls.enabled` needs to be true to enable config client side TLS. When `spring.cloud.config.tls.trust-store` is omitted, a JVM default trust store is used. The default value for `spring.cloud.config.tls.key-store-type` and `spring.cloud.config.tls.trust-store-type` is PKCS12. When password properties are omitted, empty password is assumed.
If you use another form of security, you might need to xref:spring-cloud-config/client.adoc#custom-rest-template[provide a `RestTemplate`] to the `ConfigServicePropertySourceLocator` (for example, by grabbing it in the bootstrap context and injecting it).
If you use another form of security, you might need to xref:client.adoc#custom-rest-template[provide a `RestTemplate`] to the `ConfigServicePropertySourceLocator` (for example, by grabbing it in the bootstrap context and injecting it).
[[health-indicator]]
=== Health Indicator
@@ -327,12 +327,12 @@ String name = "World";
The preceding code would sets the value of the `name` variable to `appAsecret`.
[[-aot-and-native-image-support]]
[[aot-and-native-image-support]]
== AOT and Native Image Support
Since `4.0.0`, Spring Cloud Config Client supports Spring AOT transformations and GraalVM native images.
WARNING: AOT and native image support is not available for xref:spring-cloud-config/client.adoc#config-first-bootstrap[config first bootstrap] (with `spring.config.use-legacy-processing=true`).
WARNING: AOT and native image support is not available for xref:client.adoc#config-first-bootstrap[config first bootstrap] (with `spring.config.use-legacy-processing=true`).
WARNING: Refresh scope is not supported with native images. If you are going to run your config client application as a native image, make sure to set `spring.cloud.refresh.enabled` property to `false`.
@@ -344,7 +344,7 @@ WARNING: Since Config Client connects to a running data source (such as Config S
ifndef::releaseTrain[]
[[appendix]]
= Appendices
== Appendices
include:../:_observability.adoc[]
endif::[]

View File

@@ -0,0 +1 @@
include::intro.adoc[Introduction]

View File

@@ -1,6 +1,10 @@
[[spring-cloud-config]]
= Spring Cloud Config
Spring Cloud Config provides server-side and client-side support for externalized configuration in a distributed system. With the Config Server, you have a central place to manage external properties for applications across all environments.
The concepts on both client and server map identically to the Spring `Environment` and `PropertySource` abstractions, so they fit very well with Spring applications but can be used with any application running in any language.
As an application moves through the deployment pipeline from dev to test and into production, you can manage the configuration between those environments and be certain that applications have everything they need to run when they migrate.
The default implementation of the server storage backend uses git, so it easily supports labelled versions of configuration environments as well as being accessible to a wide range of tooling for managing the content.
It is easy to add alternative implementations and plug them in with Spring configuration.
*{spring-cloud-version}*

View File

@@ -1,3 +1,6 @@
[[quickstart]]
= Quick Start
This quick start walks through using both the server and the client of Spring Cloud Config Server.
First, start the server, as follows:
@@ -43,11 +46,11 @@ The mini-application's `Environment` is used to enumerate property sources and p
The HTTP service has resources in the following form:
----
/{application}/{profile}[/{label}]
/{application}-{profile}.yml
/{label}/{application}-{profile}.yml
/{application}-{profile}.properties
/{label}/{application}-{profile}.properties
/\{application}/\{profile}[/\{label}]
/\{application}-\{profile}.yml
/\{label}/\{application}-\{profile}.yml
/\{application}-\{profile}.properties
/\{label}/\{application}-\{profile}.properties
----
For example:
@@ -78,7 +81,7 @@ spring:
Other sources are any JDBC compatible database, Subversion, Hashicorp Vault, Credhub and local filesystems.
[[client-side-usage]]
= Client Side Usage
== Client Side Usage
To use these features in an application, you can build it as a Spring Boot application that depends on spring-cloud-config-client (for an example, see the test cases for the config-client or the sample application).
The most convenient way to add the dependency is with a Spring Boot starter `org.springframework.cloud:spring-cloud-starter-config`.

View File

@@ -0,0 +1,6 @@
[[actuator-and-security]]
= Actuator and Security
:page-section-summary-toc: 1
IMPORTANT: Some platforms configure health checks or something similar and point to `/actuator/health` or other actuator endpoints. If actuator is not a dependency of config server, requests to `/actuator/**` would match the config server API `/\{application}/\{label}` possibly leaking secure information. Remember to add the `spring-boot-starter-actuator` dependency in this case and configure the users such that the user that makes calls to `/actuator/**` does not have access to the config server API at `/\{application}/\{label}`.

View File

@@ -1,4 +1,4 @@
[[-aot-and-native-image-support]]
[[aot-and-native-image-support]]
= AOT and Native Image Support
:page-section-summary-toc: 1

View File

@@ -8,7 +8,7 @@ An optional property named `spring.cloud.config.server.bootstrap` can be useful
It is a flag to indicate whether the server should configure itself from its own remote repository.
By default, the flag is off, because it can delay startup.
However, when embedded in another application, it makes sense to initialize the same way as any other application.
When setting `spring.cloud.config.server.bootstrap` to `true` you must also use a xref:spring-cloud-config/server/environment-repository/composite-repositories.adoc[composite environment repository configuration].
When setting `spring.cloud.config.server.bootstrap` to `true` you must also use a xref:server/environment-repository/composite-repositories.adoc[composite environment repository configuration].
For example
[source,yaml]

View File

@@ -4,7 +4,7 @@
IMPORTANT: To use the encryption and decryption features you need the full-strength JCE installed in your JVM (it is not included by default).
You can download the "`Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files`" from Oracle and follow the installation instructions (essentially, you need to replace the two policy files in the JRE lib/security directory with the ones that you downloaded).
If the remote property sources contain encrypted content (values starting with `{cipher}`), they are decrypted before sending to clients over HTTP.
If the remote property sources contain encrypted content (values starting with `\{cipher}`), they are decrypted before sending to clients over HTTP.
The main advantage of this setup is that the property values need not be in plain text when they are "`at rest`" (for example, in a git repository).
If a value cannot be decrypted, it is removed from the property source and an additional property is added with the same key but prefixed with `invalid` and a value that means "`not applicable`" (usually `<n/a>`).
This is largely to prevent cipher text being used as a password and accidentally leaking.
@@ -50,9 +50,9 @@ $ curl localhost:8888/decrypt -s -d 682bc583f4641835fa2db009355293665d2647dade33
mysecret
----
Take the encrypted value and add the `{cipher}` prefix before you put it in the YAML or properties file and before you commit and push it to a remote (potentially insecure) store.
Take the encrypted value and add the `\{cipher}` prefix before you put it in the YAML or properties file and before you commit and push it to a remote (potentially insecure) store.
The `/encrypt` and `/decrypt` endpoints also both accept paths in the form of `/*/{application}/{profiles}`, which can be used to control cryptography on a per-application (name) and per-profile basis when clients call into the main environment resource.
The `/encrypt` and `/decrypt` endpoints also both accept paths in the form of `/*/\{application}/\{profiles}`, which can be used to control cryptography on a per-application (name) and per-profile basis when clients call into the main environment resource.
NOTE: To control the cryptography in this granular way, you must also provide a `@Bean` of type `TextEncryptorLocator` that creates a different encryptor per name and profiles.
The one that is provided by default does not do so (all encryptions use the same key).

View File

@@ -7,11 +7,11 @@ This `Environment` is a shallow copy of the domain from the Spring `Environment`
The `Environment` resources are parametrized by three variables:
* `{application}`, which maps to `spring.application.name` on the client side.
* `{profile}`, which maps to `spring.profiles.active` on the client (comma-separated list).
* `{label}`, which is a server side feature labelling a "versioned" set of config files.
* `\{application}`, which maps to `spring.application.name` on the client side.
* `\{profile}`, which maps to `spring.profiles.active` on the client (comma-separated list).
* `\{label}`, which is a server side feature labelling a "versioned" set of config files.
Repository implementations generally behave like a Spring Boot application, loading configuration files from a `spring.config.name` equal to the `{application}` parameter, and `spring.profiles.active` equal to the `{profiles}` parameter.
Repository implementations generally behave like a Spring Boot application, loading configuration files from a `spring.config.name` equal to the `\{application}` parameter, and `spring.profiles.active` equal to the `\{profiles}` parameter.
Precedence rules for profiles are also the same as in a regular Spring Boot application: Active profiles take precedence over defaults, and, if there are multiple profiles, the last one wins (similar to adding entries to a `Map`).
The following sample client application has this bootstrap configuration:

View File

@@ -3,7 +3,7 @@
The configuration server can access a Git or Vault backend through an HTTP or HTTPS proxy.
This behavior is controlled for either Git or Vault by settings under `proxy.http` and `proxy.https`.
These settings are per repository, so if you are using a xref:spring-cloud-config/server/environment-repository/composite-repositories.adoc[composite environment repository] you must configure proxy settings for each backend in the composite individually.
These settings are per repository, so if you are using a xref:server/environment-repository/composite-repositories.adoc[composite environment repository] you must configure proxy settings for each backend in the composite individually.
If using a network which requires separate proxy servers for HTTP and HTTPS URLs, you can configure both the HTTP and the HTTPS proxy settings for a single backend: in this case `http` access will use `http` proxy and `https` access the `https` one.
Also, you may specify one sole proxy that will be used for both protocols using the proxy definition protocol between application and proxy.

View File

@@ -34,7 +34,7 @@ It is also possible to specify an AWS URL to link:https://aws.amazon.com/blogs/d
Credentials are found using the link:https://docs.aws.amazon.com/sdk-for-java/v2/developer-guide/credentials.html[Default Credential Provider Chain]. Versioned and encrypted buckets are supported without further configuration.
Configuration files are stored in your bucket as `{application}-{profile}.properties`, `{application}-{profile}.yml` or `{application}-{profile}.json`. An optional label can be provided to specify a directory path to the file.
Configuration files are stored in your bucket as `\{application}-\{profile}.properties`, `\{application}-\{profile}.yml` or `\{application}-\{profile}.json`. An optional label can be provided to specify a directory path to the file.
NOTE: When no profile is specified `default` will be used.

View File

@@ -35,7 +35,7 @@ secret value =
AWS Secrets Manager repository allows to keep labelled versions of the configuration environments the same way Git backend does.
The repository implementation maps the `{label}` parameter of the HTTP resource to https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version[AWS Secrets Manager secret's staging label^]. To create a labelled secret, create a secret or update its content and define a staging label for it (sometimes it's called version stage in the AWS documentation). For example:
The repository implementation maps the `\{label}` parameter of the HTTP resource to https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version[AWS Secrets Manager secret's staging label^]. To create a labelled secret, create a secret or update its content and define a staging label for it (sometimes it's called version stage in the AWS documentation). For example:
[source,sh]
----
@@ -76,5 +76,5 @@ spring:
Note that if the default label is not set and a request does not define a label, the repository will use secrets as if labelled version support is disabled. Also, the default label will be used only if the labelled support is enabled. Otherwise, defining this property is pointless.
Note that if the staging label contains a slash (`/`), then the label in the HTTP URL should instead be specified with the special string `({special-string})` (to avoid ambiguity with other URL paths) the same way <<_git_backend,Git backend's section>> describes it.
Note that if the staging label contains a slash (`/`), then the label in the HTTP URL should instead be specified with the special string `(\{special-string})` (to avoid ambiguity with other URL paths) the same way <<_git_backend,Git backend's section>> describes it.

View File

@@ -54,7 +54,7 @@ You can use the `order` property to specify the priority order for all your repo
The lower the numerical value of the `order` property, the higher priority it has.
The priority order of a repository helps resolve any potential conflicts between repositories that contain values for the same properties.
NOTE: If your composite environment includes a Vault server as in the previous example, you must include a Vault token in every request made to the configuration server. See xref:spring-cloud-config/server/environment-repository/vault-backend.adoc[Vault Backend].
NOTE: If your composite environment includes a Vault server as in the previous example, you must include a Vault token in every request made to the configuration server. See xref:server/environment-repository/vault-backend.adoc[Vault Backend].
NOTE: Any type of failure when retrieving values from an environment repository results in a failure for the entire composite environment.
If you would like the composite to continue even when a repository fails you can set `spring.cloud.config.server.failOnCompositeError` to `false`.

View File

@@ -15,11 +15,11 @@ This does not expose the `application.properties` from the server to all clients
TIP: A filesystem backend is great for getting started quickly and for testing.
To use it in production, you need to be sure that the file system is reliable and shared across all instances of the Config Server.
The search locations can contain placeholders for `{application}`, `{profile}`, and `{label}`.
The search locations can contain placeholders for `\{application}`, `\{profile}`, and `\{label}`.
In this way, you can segregate the directories in the path and choose a strategy that makes sense for you (such as subdirectory per application or subdirectory per profile).
If you do not use placeholders in the search locations, this repository also appends the `{label}` parameter of the HTTP resource to a suffix on the search path, so properties files are loaded from each search location *and* a subdirectory with the same name as the label (the labelled properties take precedence in the Spring Environment).
Thus, the default behaviour with no placeholders is the same as adding a search location ending with `/{label}/`.
For example, `file:/tmp/config` is the same as `file:/tmp/config,file:/tmp/config/{label}`.
If you do not use placeholders in the search locations, this repository also appends the `\{label}` parameter of the HTTP resource to a suffix on the search path, so properties files are loaded from each search location *and* a subdirectory with the same name as the label (the labelled properties take precedence in the Spring Environment).
Thus, the default behaviour with no placeholders is the same as adding a search location ending with `/\{label}/`.
For example, `file:/tmp/config` is the same as `file:/tmp/config,file:/tmp/config/\{label}`.
This behavior can be disabled by setting `spring.cloud.config.server.native.addLabelLocations=false`.

View File

@@ -7,10 +7,10 @@ If you set it with a `file:` prefix, it should work from a local repository so t
To scale the Config Server up and make it highly available, you need to have all instances of the server pointing to the same repository, so only a shared file system would work.
Even in that case, it is better to use the `ssh:` protocol for a shared filesystem repository, so that the server can clone it and use a local working copy as a cache.
This repository implementation maps the `{label}` parameter of the HTTP resource to a git label (commit id, branch name, or tag).
If the git branch or tag name contains a slash (`/`), then the label in the HTTP URL should instead be specified with the special string `({special-string})` (to avoid ambiguity with other URL paths).
For example, if the label is `foo/bar`, replacing the slash would result in the following label: `foo({special-string})bar`.
The inclusion of the special string `({special-string})` can also be applied to the `{application}` parameter.
This repository implementation maps the `\{label}` parameter of the HTTP resource to a git label (commit id, branch name, or tag).
If the git branch or tag name contains a slash (`/`), then the label in the HTTP URL should instead be specified with the special string `(\{special-string})` (to avoid ambiguity with other URL paths).
For example, if the label is `foo/bar`, replacing the slash would result in the following label: `foo(\{special-string})bar`.
The inclusion of the special string `(\{special-string})` can also be applied to the `\{application}` parameter.
If you use a command-line client such as curl, be careful with the brackets in the URL -- you should escape them from the shell with single quotes ('').
[[skipping-ssl-certificate-validation]]
@@ -48,7 +48,7 @@ spring:
[[placeholders-in-git-uri]]
== Placeholders in Git URI
Spring Cloud Config Server supports a git repository URL with placeholders for the `{application}` and `{profile}` (and `{label}` if you need it, but remember that the label is applied as a git label anyway).
Spring Cloud Config Server supports a git repository URL with placeholders for the `\{application}` and `\{profile}` (and `\{label}` if you need it, but remember that the label is applied as a git label anyway).
So you can support a "`one repository per application`" policy by using a structure similar to the following:
[source,yaml]
@@ -58,13 +58,13 @@ spring:
config:
server:
git:
uri: https://github.com/myorg/{application}
uri: https://github.com/myorg/\{application}
----
You can also support a "`one repository per profile`" policy by using a similar pattern but with
`{profile}`.
`\{profile}`.
Additionally, using the special string "({special-string})" within your `{application}` parameters can enable support for multiple
Additionally, using the special string "(\{special-string})" within your `\{application}` parameters can enable support for multiple
organizations, as shown in the following example:
[source,yaml]
@@ -74,17 +74,17 @@ spring:
config:
server:
git:
uri: https://github.com/{application}
uri: https://github.com/\{application}
----
where `{application}` is provided at request time in the following format: `organization({special-string})application`.
where `\{application}` is provided at request time in the following format: `organization(\{special-string})application`.
[[pattern-matching-and-multiple-repositories]]
== Pattern Matching and Multiple Repositories
Spring Cloud Config also includes support for more complex requirements with pattern
matching on the application and profile name.
The pattern format is a comma-separated list of `{application}/{profile}` names with wildcards (note that a pattern beginning with a wildcard may need to be quoted), as shown in the following example:
The pattern format is a comma-separated list of `\{application}/\{profile}` names with wildcards (note that a pattern beginning with a wildcard may need to be quoted), as shown in the following example:
[source,yaml]
----
@@ -104,7 +104,7 @@ spring:
uri: file:/home/configsvc/config-repo
----
If `{application}/{profile}` does not match any of the patterns, it uses the default URI defined under `spring.cloud.config.server.git.uri`.
If `\{application}/\{profile}` does not match any of the patterns, it uses the default URI defined under `spring.cloud.config.server.git.uri`.
In the above example, for the "`simple`" repository, the pattern is `simple/\*` (it only matches one application named `simple` in all profiles). The "`local`" repository matches all application names beginning with `local` in all profiles (the `/*` suffix is added automatically to any pattern that does not have a profile matcher).
NOTE: The "`one-liner`" short cut used in the "`simple`" example can be used only if the only property to be set is the URI.
@@ -256,7 +256,7 @@ If the `software.amazon.awssdk:auth` jar is not on your classpath, the AWS Code
Spring Cloud Config Server also supports authenticating against https://cloud.google.com/source-repositories/[Google Cloud Source] repositories.
If your Git URI uses the `http` or `https` protocol and the domain name is `source.developers.google.com`, the Google Cloud Source credentials provider will be used. A Google Cloud Source repository URI has the format `https://source.developers.google.com/p/${GCP_PROJECT}/r/${REPO}`. To obtain the URI for your repository, click on "Clone" in the Google Cloud Source UI, and select "Manually generated credentials". Do not generate any credentials, simply copy the displayed URI.
If your Git URI uses the `http` or `https` protocol and the domain name is `source.developers.google.com`, the Google Cloud Source credentials provider will be used. A Google Cloud Source repository URI has the format `https://source.developers.google.com/p/$\{GCP_PROJECT}/r/$\{REPO}`. To obtain the URI for your repository, click on "Clone" in the Google Cloud Source UI, and select "Manually generated credentials". Do not generate any credentials, simply copy the displayed URI.
The Google Cloud Source credentials provider will use Google Cloud Platform application default credentials. See https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login[Google Cloud SDK documentation] on how to create application default credentials for a system. This approach will work for user accounts in dev environments and for service accounts in production environments.
@@ -344,7 +344,7 @@ The following table describes the SSH configuration properties.
[[placeholders-in-git-search-paths]]
== Placeholders in Git Search Paths
Spring Cloud Config Server also supports a search path with placeholders for the `{application}` and `{profile}` (and `{label}` if
Spring Cloud Config Server also supports a search path with placeholders for the `\{application}` and `\{profile}` (and `\{label}` if
you need it), as shown in the following example:
[source,yaml]
@@ -355,7 +355,7 @@ spring:
server:
git:
uri: https://github.com/spring-cloud-samples/config-repo
search-paths: '{application}'
search-paths: '\{application}'
----
The preceding listing causes a search of the repository for files in the same name as the directory (as well as the top level).

View File

@@ -11,7 +11,7 @@ You can disable autoconfiguration for `JdbcEnvironmentRepository` by setting the
The database needs to have a table called `PROPERTIES` with columns called `APPLICATION`, `PROFILE`, and `LABEL` (with the usual `Environment` meaning), plus `KEY` and `VALUE` for the key and value pairs in `Properties` style.
All fields are of type String in Java, so you can make them `VARCHAR` of whatever length you need.
Property values behave in the same way as they would if they came from Spring Boot properties files named `{application}-{profile}.properties`, including all the encryption and decryption, which will be applied as post-processing steps (that is, not in the repository implementation directly).
Property values behave in the same way as they would if they came from Spring Boot properties files named `\{application}-\{profile}.properties`, including all the encryption and decryption, which will be applied as post-processing steps (that is, not in the repository implementation directly).
NOTE: The default label used for JDBC is `master`. You can change that by setting `spring.cloud.config.server.jdbc.defaultLabel`.

View File

@@ -3,8 +3,8 @@
Sharing configuration between all applications varies according to which approach you take, as described in the following topics:
* xref:spring-cloud-config/server/environment-repository/sharing-configuration-with-all-applications.adoc#spring-cloud-config-server-file-based-repositories[File Based Repositories]
* xref:spring-cloud-config/server/environment-repository/sharing-configuration-with-all-applications.adoc#spring-cloud-config-server-vault-server[Vault Server]
* xref:server/environment-repository/sharing-configuration-with-all-applications.adoc#spring-cloud-config-server-file-based-repositories[File Based Repositories]
* xref:server/environment-repository/sharing-configuration-with-all-applications.adoc#spring-cloud-config-server-vault-server[Vault Server]
[[spring-cloud-config-server-file-based-repositories]]
== File Based Repositories
@@ -12,7 +12,7 @@ Sharing configuration between all applications varies according to which approac
With file-based (git, svn, and native) repositories, resources with file names in `application*` (`application.properties`, `application.yml`, `application-*.properties`, and so on) are shared between all client applications.
You can use resources with these file names to configure global defaults and have them be overridden by application-specific files as necessary.
The xref:spring-cloud-config/server/environment-repository/property-overrides.adoc[property overrides] feature can also be used for setting global defaults, with placeholders applications
The xref:server/environment-repository/property-overrides.adoc[property overrides] feature can also be used for setting global defaults, with placeholders applications
allowed to override them locally.
TIP: With the "`native`" profile (a local file system backend) , you should use an explicit search location that is not part of the server's own configuration.

View File

@@ -2,7 +2,7 @@
= Using Bootstrap To Override Properties
:page-section-summary-toc: 1
If you enable xref:spring-cloud-config/client.adoc#config-first-bootstrap[config first bootstrap], you can allow client applications to override configuration from the config server by placing two properties within
If you enable xref:client.adoc#config-first-bootstrap[config first bootstrap], you can allow client applications to override configuration from the config server by placing two properties within
the applications configuration coming from the config server.
[source,properties]

View File

@@ -13,8 +13,8 @@ However, by default, it looks for changes in files that match the application na
The strategy to use when you want to override the behavior is `PropertyPathNotificationExtractor`, which accepts the request headers and body as parameters and returns a list of file paths that changed.
The default configuration works out of the box with Github, Gitlab, Gitea, Gitee, Gogs or Bitbucket.
In addition to the JSON notifications from Github, Gitlab, Gitee, or Bitbucket, you can trigger a change notification by POSTing to `/monitor` with form-encoded body parameters in the pattern of `path={application}`.
Doing so broadcasts to applications matching the `{application}` pattern (which can contain wildcards).
In addition to the JSON notifications from Github, Gitlab, Gitee, or Bitbucket, you can trigger a change notification by POSTing to `/monitor` with form-encoded body parameters in the pattern of `path=\{application}`.
Doing so broadcasts to applications matching the `\{application}` pattern (which can contain wildcards).
NOTE: The `RefreshRemoteApplicationEvent` is transmitted only if the `spring-cloud-bus` is activated in both the Config Server and in the client application.

View File

@@ -3,7 +3,7 @@
:page-section-summary-toc: 1
Instead of using the `Environment` abstraction (or one of the alternative representations of it in YAML or properties format), your applications might need generic plain-text configuration files that are tailored to their environment.
The Config Server provides these through an additional endpoint at `/{application}/{profile}/{label}/{path}`, where `application`, `profile`, and `label` have the same meaning as the regular environment endpoint, but `path` is a path to a file name (such as `log.xml`).
The Config Server provides these through an additional endpoint at `/\{application}/\{profile}/\{label}/\{path}`, where `application`, `profile`, and `label` have the same meaning as the regular environment endpoint, but `path` is a path to a file name (such as `log.xml`).
The source files for this endpoint are located in the same way as for the environment endpoints.
The same search path is used for properties and YAML files.
However, instead of aggregating all matching resources, only the first one to match is returned.
@@ -21,6 +21,6 @@ At present, Spring Cloud Config can serve plaintext for git, SVN, native backend
The support for git, SVN, and native backends is identical. AWS S3 works a bit differently.
The following sections show how each one works:
* xref:spring-cloud-config/server/serving-binary-files.adoc#spring-cloud-config-serving-plain-text-git-svn-native-backends[Git, SVN, and Native Backends]
* xref:spring-cloud-config/server/serving-binary-files.adoc#spring-cloud-config-serving-plain-text-aws-s3[AWS S3]
* xref:server/serving-binary-files.adoc#spring-cloud-config-serving-plain-text-git-svn-native-backends[Git, SVN, and Native Backends]
* xref:server/serving-binary-files.adoc#spring-cloud-config-serving-plain-text-aws-s3[AWS S3]

View File

@@ -2,14 +2,14 @@
= Using Multiple Keys and Key Rotation
:page-section-summary-toc: 1
In addition to the `{cipher}` prefix in encrypted property values, the Config Server looks for zero or more `{name:value}` prefixes before the start of the (Base64 encoded) cipher text.
In addition to the `\{cipher}` prefix in encrypted property values, the Config Server looks for zero or more `{name:value}` prefixes before the start of the (Base64 encoded) cipher text.
The keys are passed to a `TextEncryptorLocator`, which can do whatever logic it needs to locate a `TextEncryptor` for the cipher.
If you have configured a keystore (`encrypt.keystore.location`), the default locator looks for keys with aliases supplied by the `key` prefix, with a cipher text like resembling the following:
[source,yaml]
----
foo:
bar: `{cipher}{key:testkey}...`
bar: `\{cipher}{key:testkey}...`
----
The locator looks for a key named "testkey".

View File

@@ -1,6 +0,0 @@
[[quick-start]]
= Quick Start
:page-section-summary-toc: 1
include:../:quickstart.adoc[]

View File

@@ -1,6 +0,0 @@
[[actuator-and-security]]
= Actuator and Security
:page-section-summary-toc: 1
IMPORTANT: Some platforms configure health checks or something similar and point to `/actuator/health` or other actuator endpoints. If actuator is not a dependency of config server, requests to `/actuator/**` would match the config server API `/{application}/{label}` possibly leaking secure information. Remember to add the `spring-boot-starter-actuator` dependency in this case and configure the users such that the user that makes calls to `/actuator/**` does not have access to the config server API at `/{application}/{label}`.

View File

@@ -0,0 +1,31 @@
|===
|Name | Default | Description
|spring.cloud.config.allow-override | `+++true+++` | Flag to indicate that {@link #isOverrideSystemProperties() systemPropertiesOverride} can be used. Set to false to prevent users from changing the default accidentally. Default true.
|spring.cloud.config.discovery.enabled | `+++false+++` | Flag to indicate that config server discovery is enabled (config server URL will be looked up via discovery).
|spring.cloud.config.discovery.service-id | `+++configserver+++` | Service id to locate config server.
|spring.cloud.config.enabled | `+++true+++` | Flag to say that remote configuration is enabled. Default true;
|spring.cloud.config.fail-fast | `+++false+++` | Flag to indicate that failure to connect to the server is fatal (default false).
|spring.cloud.config.headers | | Additional headers used to create the client request.
|spring.cloud.config.initialize-on-context-refresh | `+++false+++` | Flag to initialize bootstrap configuration on context refresh event. Default false.
|spring.cloud.config.label | | The label name to use to pull remote configuration properties. The default is set on the server (generally "main" for a git based server).
|spring.cloud.config.media-type | | The Accept header media type to send to config server.
|spring.cloud.config.multiple-uri-strategy | | The strategy to use when call to server fails and there are multiple URLs configured on the uri property (default {@link MultipleUriStrategy#ALWAYS}).
|spring.cloud.config.name | | Name of application used to fetch remote properties.
|spring.cloud.config.override-none | `+++false+++` | Flag to indicate that when {@link #setAllowOverride(boolean) allowOverride} is true, external properties should take lowest priority and should not override any existing property sources (including local config files). Default false. This will only have an effect when using config first bootstrap.
|spring.cloud.config.override-system-properties | `+++true+++` | Flag to indicate that the external properties should override system properties. Default true.
|spring.cloud.config.password | | The password to use (HTTP Basic) when contacting the remote server.
|spring.cloud.config.profile | `+++default+++` | The default profile to use when fetching remote configuration (comma-separated). Default is "default".
|spring.cloud.config.request-connect-timeout | `+++0+++` | timeout on waiting to connect to the Config Server.
|spring.cloud.config.request-read-timeout | `+++0+++` | timeout on waiting to read data from the Config Server.
|spring.cloud.config.retry.initial-interval | `+++1000+++` | Initial retry interval in milliseconds.
|spring.cloud.config.retry.max-attempts | `+++6+++` | Maximum number of attempts.
|spring.cloud.config.retry.max-interval | `+++2000+++` | Maximum interval for backoff.
|spring.cloud.config.retry.multiplier | `+++1.1+++` | Multiplier for next interval.
|spring.cloud.config.send-state | `+++true+++` | Flag to indicate whether to send state. Default true.
|spring.cloud.config.tls | | TLS properties.
|spring.cloud.config.token | | Security Token passed thru to underlying environment repository.
|spring.cloud.config.uri | `+++[http://localhost:8888]+++` | The URI of the remote server (default http://localhost:8888).
|spring.cloud.config.username | | The username to use (HTTP Basic) when contacting the remote server.
|===