我应该在Spring Boot项目上的哪里存储开发凭证? [英] Where should I store development credentials on a Spring Boot project?
问题描述
我应该在哪里将开发凭据存储在Spring Boot项目中,以便不将其提交到存储库中?最标准的方法是什么?
Where should I store development credentials on a Spring Boot project so that they are not committed to the repository? What's the most standard way?
在其他框架(Rails,Clojure)中,我曾经有一个文件,我没有将该文件提交到该信息所在的存储库中.诸如辅助application.properties之类的东西被合并并且永远不会提交.这样的东西存在吗?
In other frameworks (Rails, Clojure) I'm used to have a file that I do not commit to the repo where that information goes. Something like a secondary application.properties that gets merged and it's never committed. Does such a thing exist?
我正在部署到Heroku,它在Spring可以获取的环境变量中提供凭据,因此,这一部分已解决.如果我将其部署到其他地方,它将是一个类似的配置.
I'm deploying to Heroku, which provides credentials in environment variables that Spring can pick up, so, that part is solved. If I deploy somewhere else, it'll be a similar config.
在 Spring Boot中文档,第24章,外部化配置,其中列出了定义属性的所有位置.我遍历了该列表,试图找到合适的凭据位置,但找不到:
In the Spring Boot Docs, chapter 24, Externalized Configuration, there's a list of all the places where properties are defined. I went through that list trying to find the appropriate place for credentials and I couldn't find it:
主目录上的Devtools全局设置属性 (在devtools处于活动状态时,〜/.spring-boot-devtools.properties).
Devtools global settings properties on your home directory (~/.spring-boot-devtools.properties when devtools is active).
这不是devtools的事情,因为您可能想在本地开发禁用的洪水.
It's not a devtools thing, as you could want to develop locally disabling devloots.
测试中的@TestPropertySource批注.
@TestPropertySource annotations on your tests.
这与测试无关
测试中的@ SpringBootTest#properties批注属性.
@SpringBootTest#properties annotation attribute on your tests.
再次,不是测试.
命令行参数.
Command line arguments.
我宁愿在命令行中没有凭据,因为那些凭据通常在计算机中公开,因此,另一个程序可以将其获取.但是除此之外,开发时我没有运行命令.我正在从IntelliJ触发应用程序.
I'd rather not have credentials in command lines as those tend to be public in the computer, so, another program could pick them up. But besides that, I'm not running a command when development; I'm triggering the app from IntelliJ.
SPRING_APPLICATION_JSON中的属性(嵌入在环境变量或系统属性中的内联JSON)
Properties from SPRING_APPLICATION_JSON (inline JSON embedded in an environment variable or system property)
与下面的环境变量/系统属性相同.
Same as environment variable/system properties bellow.
ServletConfig初始化参数. ServletContext的初始化参数. 来自java:comp/env的JNDI属性.
ServletConfig init parameters. ServletContext init parameters. JNDI attributes from java:comp/env.
那些在开发本地生成jar时似乎根本不适用
Those seem not to apply at all when developing local generating a jar,
Java系统属性(System.getProperties()).
Java System properties (System.getProperties()).
我不确定设置它们的合适方法是什么,但是这很费力.
I'm not sure what would be the appropriate way of setting them up, but it feels laborious.
OS环境变量.
OS environment variables.
我将它们设置在对新开发人员不透明的操作系统上,或者将它们设置在IntelliJ运行配置文件中,这使它们成为存储库的一部分,这是我要避免的事情.
I either set them on my OS, which is opaque to new developers, or I set them inside the IntelliJ run profile, which makes them part of the repository, which is what I'm trying to avoid.
仅具有随机属性的RandomValuePropertySource.*.
A RandomValuePropertySource that only has properties in random.*.
它们不是随机的.
打包的jar之外的特定于配置文件的应用程序属性(application- {profile} .properties和YAML变体)
Profile-specific application properties outside of your packaged jar (application-{profile}.properties and YAML variants)
可能是,但是我不确定该文件应该驻留在哪里.
This could be, but I'm not sure where that file should reside.
打包在jar中的特定于配置文件的应用程序属性(application- {profile} .properties和YAML变体)
Profile-specific application properties packaged inside your jar (application-{profile}.properties and YAML variants)
我希望能够将配置文件特定的应用程序属性提交到存储库,因此,我无法在这些文件中存储凭据.
I want to be able to commit profile specific application properties to the repo, so, I cannot store credentials in these files.
打包的jar之外的应用程序属性(application.properties和YAML变体).
Application properties outside of your packaged jar (application.properties and YAML variants).
可能是,但是我不确定该文件应该驻留在哪里.
This could be, but I'm not sure where that file should reside.
打包在jar中的应用程序属性(application.properties和YAML变体).
Application properties packaged inside your jar (application.properties and YAML variants).
我要提交该文件,因此,我无法在其中存储凭据.
I want to commit that file, so, I cannot store credentials there.
@Configuration类上的@PropertySource批注.默认属性 (使用SpringApplication.setDefaultProperties指定).
@PropertySource annotations on your @Configuration classes. Default properties (specified using SpringApplication.setDefaultProperties).
使用这样的东西,我可以做我自己的事情,从一个未提交的文件中选择属性,但是我有兴趣遵循Spring Boot的最佳和通用做法,而不是自己做.特别是在我刚开始的时候.
Using something like this, I could make my own thing, picking properties from a file that's not committed, but I'm interested in following Spring Boot's best and common practices, not making my own; specially as I'm just getting started.
推荐答案
Spring-boot允许您在不同位置外部化配置.对于上述情况,可以将application.properties文件放在${PROJECT_ROOT}/config/下.
这些属性将覆盖任何其他定义的属性.
在这种情况下,它不会打包在可部署的工件中.
看看
Spring-boot allows you to externalize your configuration in different places. For the scenario in question, one could place an application.properties file under ${PROJECT_ROOT}/config/.
Those properties will override any other defined properties.
In this case, it is not packaged within a deployable artifact.
Take a look at Application property files for further details.
在config/application.properties.example下提供一个示例配置文件作为一个很好的起点.该文件可以受版本控制.
为避免意外提交,请忽略其他所有内容.
Provide a sample configuration file under config/application.properties.example as a good starting point. That file could be version controlled.
To avoid unintentional commits ignore everything else.
使用git,忽略文件可能包含以下代码段(忽略以.example和README.md结尾的文件,所有内容除外):
Using git, an ignore file could contain the following snippet (ignores everything but files ending with .example and a README.md):
.gitignore :
/config/*
!/config/README.md
!/config/*.example
这篇关于我应该在Spring Boot项目上的哪里存储开发凭证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
