Properties Logger is a module for Spring Boot 3+ apps which early logs properties detected by Spring Boot and their values resolved by Spring Boot.
The properties Logger module is designed to work with :
- Spring Boot 3.3+ (an so java 17+)
- Servlet web application
- Reactive web application (not tested)
- Batch application application (not tested)
- CommandLineRunner application (not tested)
- Spring boot version < 3.3 (not tested)
Usage is simple : just add this dependency inside your pom.xml :
<dependency>
<groupId>fr.insee</groupId>
<artifactId>boot-properties-logger-starter</artifactId>
<version>1.1.0</version>
</dependency>
NB :
- the lib is not deployed on maven central for the moment so you must install it locally before using it :
$ git clone https://github.com/FBibonne/Properties-Logger.git --depth=1 --branch=master
$ mvn install -f Properties-Logger/pom.xml
Now ou can also download it from the github project packages
- The module module Properties Logger logs its message with properties and their values at the info level : so its log level must be at least INFO. DEBUG (or TRACE) give (much) more informations.
You should see this kind of output in your log (in the console by default in a Spring Boot app) :
2024-06-25T12:01:00.858+02:00 INFO 42091 --- [ main] fr.insee.boot.PropertiesLogger :
================================================================================
Values of properties from sources :
- Config resource 'class path resource [application.properties]' via location 'optional:classpath:/'
====
springdoc.show-actuator = true
springdoc.swagger-ui.path = /
springdoc.pathsToMatch = /**
springdoc.swagger-ui.oauth.clientId =
server.forward-headers-strategy = framework
spring.security.oauth2.resourceserver.jwt.jwk-set-uri =
spring.datasource.username = user
spring.datasource.password = ******
springdoc.swagger-ui.syntax-highlight.activated = false
management.endpoint.health.show-details = always
logging.level.root = INFO
================================================================================
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v3.3.1)
The first part of the log message generated by the module (before the separator ====
)
lists the sources from wich properties keys are collected : only the property sources
which are enumerable and which are not excluded are listed there
The second part of the log message (after the separator ====
) lists collected properties
key which starts with one element of the prefix list
and its value resolved by Spring Boot. The displayed value is not necessarily the one
which is defined in the property source where Spring Boot encoutered the key, neither one
of the values defined in other displayed property source but the real one that Spring Boot
would provide to your application (for example in a @Value
annotation) following its
property resolver algorithm
For example, given the property key spring.datasource.username
. If it is defined in the
application.properties file with user_dev
value :
spring.datasource.username=user_dev
But the environement variable SPRING_DATASOURCE_USERNAME
is also defined with the value
user_prod
.
The Properties Logger module will display the property spring.datasource.username
(because
by default the keys listed in the application.properties file ar listed) but with the value of
user_prod
as resolved by Spring Boot due to the environment variable. The environment variable
is not listed because by default the property keys in the system environment property source (systemEnvironment
)
are not displayed.
Values of properties with secrets are hidden when they are printed :
******
is displayed instead. For example spring.datasource.password = ******
. To be hidden, the
property key must contain one of the words from the list properties with secrets.
We describe here configurations which can be applied to the module Properties Logger via
properties prefixed by properties.logger
. They are three of them:
properties.logger.sources-ignored
properties.logger.prefix-for-properties
properties.logger.with-hidden-values
Related Property | Default value |
---|---|
properties.logger.sources-ignored |
systemProperties, systemEnvironment |
At starting, Spring Boot can process many property sources and not all of them provide values for
the properties used in your application. Particularly the system properties (java properties which
can be read with System#getProperty
) and the OS environment variables (can be read with System#getenv
)
contain many key-value pairs which you do not directly use in your application : displaying
them make the log too much verbose. So you can exclude the properties key exclusively defined by these property
sources listing them in the properties.logger.sources-ignored
.
By default the system properties (systemProperties
) and the environment variables(systemEnvironment
)
are excluded. You can exclude more properties source by adding their names to the list.
For example, to not not take into account property keys from :
- the file application.properties
- a file with a relative path
../secrets/secret.properties
- the command line arguments
- the
properties
attribute of@SpringBootTest
and others @*Test annotations, > you should set these values :
properties.logger.sources-ignored=systemProperties, systemEnvironment,\
[application.properties],\
../secrets/secret.properties,\
commandLineArgs,\
Inlined\ Test\ Properties
At first line, set default exclusions (RECOMMENDED) then add others exclusions :
- at second line, for the the application.properties file,
- at third line for ../secrets/secret.properties file
- at fourth line for command line arguments
- at fifth line for then properties attributes for tests
NB :
When you exclude a property source, you do not exclude property values of this source since if the property is present in an other source not excluded and if the value for this property is resolved to the value of the excluded source, the value of the excluded source will be displayed in logs. Furthermore, when you exclude a property source you do not exclude properties which are also listed at least in one another not excluded property source.
Related Property | Default value |
---|---|
properties.logger.prefix-for-properties |
debug, trace, info, logging, spring, server, management, springdoc, properties |
Only the properties whose keys start with one of the prefix listed in properties.logger.prefix-for-properties
will be
displayed
(if they ar also in a non excluded property source). If you set properties.logger.prefix-for-properties
to empty, no
property will be displayed. It is recommended to set the value of properties.logger.prefix-for-properties
to the
default
plus the beginning of your company name to display the properties for your application.
Properties with hidden values
Related Property | Default value |
---|---|
properties.logger.with-hidden-values |
password, pwd, token, secret, credential, pw |
When a property is displayed, there is a filter which avoid to leak secrets in logs : all properties whose key contains
one of the token in properties.logger.with-hidden-values
will be displayed with the value ******
instead of the actual value.
The default value of properties.logger.with-hidden-values
contains the most common tokens for secrets but you should
add the specific ones you may have in your application.
The Properties-Logger library cannot access to the property source of @DynamicPropertySource
methods because
the properties logger library runs before the @DynamicPropertySource
methods are executed. Therefore, neither the properties
keys exclusively defined in @DynamicPropertySource
methods, neither the values defined in this methods, whatever the
property key is, will be displayed even if @DynamicPropertySource
methods property source is not excluded.
@DynamicPropertySource
methods are a specific mecanism dedicated to test which let you define or overrride properties values
very late so it is not in the scope of the Properties Logger library which aims to display properties at the earliest time
in the application lifecycle. It is strongly recommended to not define in other place properties from @DynamicPropertySource
methods. If you have no other choice (make sure you had a complete look to
the numerous ways to override properties in Spring Boot )
that defining @DynamicPropertySource
methods to override properties in a test and you want to check the value of the
overrided property, consider logging it yourself or write an assertion in your test