spring-bootliquibaseliquibase-hibernatespring-cloud-vault-config

How to read liquibase.properties dynamically from password hashicorp vault


In my Spring Boot project, I am trying to setup liquibase and use it between dev, test and production databases. Everything seems to be working fine, except passing credentials to liquibase.properties file from HashiCorp Vault. I am able to access credentials in application.properties without any issues, but I can't in liquibase.properties file. I have the following file and I would like pass URLs and credentials dynamically from password vault.

liquibase.properties

changeLogFile=src/main/resources/liquibase-changeLog.xml
url=jdbc:mysql://localhost:3306/oauth_reddit
username=tutorialuser
password=tutorialmy5ql
driver=com.mysql.jdbc.Driver
referenceUrl=hibernate:spring:org.baeldung.persistence.model
  ?dialect=org.hibernate.dialect.MySQLDialect
diffChangeLogFile=src/main/resources/liquibase-diff-changeLog.xml

Solution

  • liquibase.properties is used by liquibase directly. I'm not sure that spring is somehow modifying the liquibase.properties, it's probably used only by maven plugin. So you will need to create some additional parser in liquibase which is able to use Vault or just forget about liquibase.properties and use spring's properties.