{"id":21553596,"url":"https://github.com/v1ncnet/secrets-spring-boot","last_synced_at":"2026-02-14T10:33:50.760Z","repository":{"id":52978442,"uuid":"354547991","full_name":"V1ncNet/secrets-spring-boot","owner":"V1ncNet","description":"Spring Boot Secrets is ideal for resolving Docker Secrets and making them accessible to the Spring Boot application.","archived":false,"fork":false,"pushed_at":"2024-10-01T20:33:21.000Z","size":583,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"develop","last_synced_at":"2025-09-10T10:28:22.566Z","etag":null,"topics":["api","collection","docker-secrets","docker-swarm","spring-boot"],"latest_commit_sha":null,"homepage":"https://v1ncnet.github.io/secrets-spring-boot/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/V1ncNet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-04T13:16:37.000Z","updated_at":"2024-10-01T20:33:25.000Z","dependencies_parsed_at":"2024-11-16T05:30:35.632Z","dependency_job_id":"e1548fe5-f042-4090-a1ca-abb12a426c35","html_url":"https://github.com/V1ncNet/secrets-spring-boot","commit_stats":null,"previous_names":["v1ncnet/spring-boot-secrets"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/V1ncNet/secrets-spring-boot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/V1ncNet%2Fsecrets-spring-boot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/V1ncNet%2Fsecrets-spring-boot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/V1ncNet%2Fsecrets-spring-boot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/V1ncNet%2Fsecrets-spring-boot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/V1ncNet","download_url":"https://codeload.github.com/V1ncNet/secrets-spring-boot/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/V1ncNet%2Fsecrets-spring-boot/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29442754,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-14T10:17:46.583Z","status":"ssl_error","status_checked_at":"2026-02-14T10:17:22.534Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","collection","docker-secrets","docker-swarm","spring-boot"],"created_at":"2024-11-24T07:11:21.727Z","updated_at":"2026-02-14T10:33:50.745Z","avatar_url":"https://github.com/V1ncNet.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"Spring Boot Secrets\n===================\n\nSpring Boot Secrets is a collection of environment post-processors with which\nfiles with sensitive content, so-called secrets, can be loaded and added to\nthe Spring configuration.\n\nThe project currently provides four sophisticated post-processors. These can\neither be used individually or concurrently. If you want to implement your\nown post-processor, use the API artifact, which is available separately.\n\nSpring Boot Secrets is ideal for resolving **Docker Secrets** and making them\naccessible to the Spring Boot application.\n\n**Note:** Compatible with Spring Boot 3. Check out the [v1.x] releases for a\nSpring Boot 2-compatible version of this project.\n\n[v1.x]: https://github.com/V1ncNet/secrets-spring-boot/tree/v1.1.1\n\n\nFeatures\n--------\n\n* 4 configurable post-processors\n* separated API artifact\n\n\nUsage\n-----\n\nIn order to activate one or, if necessary, several post processors, the\n`META-INF/spring.factories` file must be created in the `resources/` folder.\nOne or more post-processors can then be added to this file as required.\n\n```properties\norg.springframework.boot.env.EnvironmentPostProcessor=\\\n  de.vinado.boot.secrets.FilenameConfigDataSecretsEnvironmentPostProcessor,\\\n  de.vinado.boot.secrets.EnvironmentConfigDataSecretsEnvironmentPostProcessor,\\\n  de.vinado.boot.secrets.FilenameSecretsEnvironmentPostProcessor,\\\n  de.vinado.boot.secrets.EnvironmentSecretsPropertyEnvironmentPostProcessor\n```\n\nThe post-processors have an order of execution which can be taken from the\nexample above. It should be noted that the post-processors can overwrite the\nset values of the previously executed ones if they set the same property. The\norder is fixed and cannot be changed.\n\n### API Package\n\nWith the API package, new post-processors can be implemented quickly and easily.\nThe API provides the `SecretsEnvironmentPostProcessor` class, which only has to\nbe inherited from.\n\n```java\npublic class DockerSecretProcessor extends SecretsEnvironmentPostProcessor {\n\n    public DockerSecretProcessor(DeferredLogFactory logFactory) {\n        super(logFactory);\n    }\n\n    @Override\n    protected PropertyIndexSupplier getPropertyIndexSupplier(ConfigurableEnvironment environment) {\n        Map\u003cString, String\u003e envProperties = new HashMap\u003c\u003e();\n        envProperties.put(\"spring.datasource.username\", \"DATABASE_USER_FILE\");\n        envProperties.put(\"spring.datasource.password\", \"DATABASE_PASSWORD_FILE\");\n        envProperties.put(\"spring.mail.username\", \"SMTP_USER_FILE\");\n        envProperties.put(\"spring.mail.password\", \"SMTP_PASSWORD_FILE\");\n        PropertyIndexSupplier env = PropertyIndexSupplier.from(envProperties);\n\n        Map\u003cString, String\u003e fileProperties = new HashMap\u003c\u003e();\n        fileProperties.put(\"spring.mail.username\", \"/run/secrets/smtp_username\");\n        fileProperties.put(\"spring.mail.password\", \"/run/secrets/smtp_password\");\n\n        return CompositePropertyIndexSupplier.overriding()\n            .add(env)\n            .add(fileProperties)\n            .buildAndSubstitute(environment);\n    }\n}\n```\n\nspring.factories\n```properties\norg.springframework.boot.env.EnvironmentPostProcessor=package.of.your.DockerSecretProcessor\n```\n\n### Maven Configuration\n\nThe collection is available under following coordinates:\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ede.vinado.boot\u003c/groupId\u003e\n    \u003cartifactId\u003esecrets\u003c/artifactId\u003e\n    \u003cversion\u003e2.0.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\nor use the following coordinates if you just wish to implement your own\npost-processors:\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ede.vinado.boot\u003c/groupId\u003e\n    \u003cartifactId\u003esecrets-api\u003c/artifactId\u003e\n    \u003cversion\u003e2.0.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n\nAvailable Post-Processors\n---------------------------\n\n### `FilenameConfigDataSecretsEnvironmentPostProcessor`\n\nThis post-processor loads the properties already set by Spring Boot from the\n`application.{properties|yml}` file. All file names prefixed with\n`secrets.file.properties` are processed.\n\n```properties\nsecrets.file.properties.spring.mail.host=classpath:spring_mail_host\nsecrets.file.properties.spring.datasource.username=/run/secrets/spring.datasource.username\nsecrets.file.properties.spring.datasource.password=file:/run/secrets/spring.datasource.password\n```\n\nAs with the following post-processor, the values can be specified using an\nabsolute path or URI.\n\n### `EnvironmentConfigDataSecretsEnvironmentPostProcessor`\n\nThis component works similarly to the\n`FilenameConfigDataSecretsEnvironmentPostProcessor`. The prefix for all\nproperties to be processed is `secrets.env.properties`. However, this\npost-processor expects system properties or environment variables, which are\nadditionally substituted before they are made available to the application.\n\n```properties\nsecrets.file.properties.spring.mail.host=SMTP_USER_FILE_LOCATION\nsecrets.file.properties.spring.datasource.username=EMPTY_SECRET_FILE\n```\n\n### `FilenameSecretsEnvironmentPostProcessor`\n\nThe `FilenameSecretsEnvironmentPostProcessor` is interesting for those who\ndeploy their Spring Boot application in Docker Swarm Mode and want to use\nDocker Secrets. By default, all files located under `/run/secrets` are resolved\nand added to the Spring configuration.\n\nHowever, all file names must follow a certain syntax so that they can then be\nassigned to the correct configuration. The file with the name\n`spring.datasource.password` becomes the property `spring.datasource.password`\nand the content of the file, its value.\n\nThe base directory and separator can be configured. The separator can\nalternatively take the value `_` and will be replaced by a point during\nprocessing.\n\n### `EnvironmentSecretsPropertyEnvironmentPostProcessor`\n\nThis post processor is also for those who use Docker Secrets. All environment\nvariables ending with `_FILE` are processed. The name of the variable forms the\nname of the property to be set with its suffixed stripped off. Again, the\nunderscores are replaced by dots.\n\n#### Example\n\n```shell\necho /run/secrets/database_password \u003e foo\nexport SPRING_DATASOURCE_PASSWORD_FILE=/run/secrets/database_password\n```\n\nbecomes\n\n```properties\nspring.datasource.password=foo\n```\n\n\nConfiguration\n-------------\n\n| application.properties  | Data Type  | Default Value  | Example                                                              | Post-Processor                                         |\n|-------------------------|------------|----------------|----------------------------------------------------------------------|--------------------------------------------------------|\n| secrets.file.properties | _`Map`_    |                | `spring.datasource.username=/run/secrets/spring.datasource.username` | `FilenameConfigDataSecretsEnvironmentPostProcessor`    |\n| secrets.file.base-dir   | _`String`_ | `/run/secrets` | `/some/base/directory`                                               | `FilenameSecretsEnvironmentPostProcessor`              |\n| secrets.file.separator  | _`String`_ | `.`            | Only `.` or `_`                                                      | `FilenameSecretsEnvironmentPostProcessor`              |\n| secrets.env.properties  | _`Map`_    |                | `spring.mail.host=SMTP_USER_FILE`                                    | `EnvironmentConfigDataSecretsEnvironmentPostProcessor` |\n\n\nLicence\n-------\n\nApache License 2.0 - [Vinado](https://vinado.de) - Built with :heart: in Dresden\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fv1ncnet%2Fsecrets-spring-boot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fv1ncnet%2Fsecrets-spring-boot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fv1ncnet%2Fsecrets-spring-boot/lists"}