springspring-bootgithubgithub-actionscicd

How to manage application.properties in Github CI/CD


I have a Spring API, and I am setting up my CI/CD pipeline to run tests after each push to the master branch.

I have an application-test.properties file that I use for my tests, but I avoid pushing this file to my repository because it contains sensitive information. To manage this, I’ve created secrets in my repository settings to store this data.

I understand that I can map these secrets to my application.properties file using the following syntax:

env: 
SPRING_DATA_MONGODB_URI: ${{ secrets.MONGODB_URI }}

However, since I don’t push my application.properties files to the repository, I cannot use this approach.

My question is: Is it considered good practice to include application.properties files in a repository? If so, how can I manage the situation where local development lacks data due to the use of ${{ secrets.xxx }}?

I can't find a clear answer to this question about best practice.


Solution

  • to achieve that, you can try to change your application-test.properties to a dynamic configuration, for example:

    myapp.database.username=${DATABASE_USERNAME}
    myapp.database.password=${DATABASE_PASSWORD}
    

    and then you have to register the value as env variables to your workflows file, for example:

    name: CI Workflow
    
    on: [push]
    
    jobs:
      build:
        runs-on: ubuntu-latest
        env:
          DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }}
          DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
        steps:
          - name: Check out repository
            uses: actions/checkout@v2
    ....
    

    and don't forget to add your secrets variable on your github repository.

    for local situation, you can register your env variables on Run/Debug Configurations if you use intellij idea, for example:

    local env configuration