search

ulisesbocchio / jasypt-spring-boot

Jasypt integration for Spring boot
MIT License
2.91k stars 522 forks source link

Passing in an active spring profile does not encrypt values in application-{profile}.properties file #266

Closed belgoros closed 3 years ago

belgoros commented 3 years ago

I defined the application-prod.properties file with some key/values to encrypt:

my.key=DEC(key-123)

Is it a normal behaviour that when running the suggested command for a spring profile:

mvn jasypt:encrypt -Dspring.profiles.active=prod -Djasypt.encryptor.password="the password"

didn't modify the values to be encrypted and specified in the corresponding application-prod.properties file? The plugin was still looking for them in the application.properties file:

INFO] The following profiles are active: prod
[INFO] Post-processing PropertySource instances
[INFO] Converting PropertySource configurationProperties [org.springframework.boot.context.properties.source.ConfigurationPropertySourcesPropertySource] to AOP Proxy
[INFO] Converting PropertySource systemProperties [org.springframework.core.env.PropertiesPropertySource] to EncryptableMapPropertySourceWrapper
[INFO] Converting PropertySource systemEnvironment [org.springframework.boot.env.SystemEnvironmentPropertySourceEnvironmentPostProcessor$OriginAwareSystemEnvironmentPropertySource] to EncryptableSystemEnvironmentPropertySourceWrapper
[INFO] Converting PropertySource random [org.springframework.boot.env.RandomValuePropertySource] to EncryptablePropertySourceWrapper
[INFO] Property Filter custom Bean not found with name 'encryptablePropertyFilter'. Initializing Default Property Filter
[INFO] Started MavenCli in 1.01 seconds (JVM running for 2.601)
[INFO] Active Profiles: prod
[INFO] Encrypting file src/main/resources/application.properties
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  1.632 s
[INFO] Finished at: 2021-03-16T14:02:27+01:00

When passing the path to the file explicitly as follows:

mvn jasypt:encrypt -Djasypt.plugin.path="file:src/main/resources/application-prod.properties" -Djasypt.encryptor.password="the password"

it worked. What am I missing?

ulisesbocchio commented 3 years ago

The profiles work as you would except to pick up your Spring config but I haven't find a reliable way to get the Spring configuration file(s) used from Spring itself without reverse-engineering (or re-implementing) the Spring algorithm. You can however point the maven plugin to whatever config file you want: https://github.com/ulisesbocchio/jasypt-spring-boot#changing-the-file-path

ulisesbocchio commented 3 years ago

3.0.4 released

huangyfGG commented 11 months ago

except select specific file name, any other way can select file in a flexable way ?