Ever found yourself accidentally committing sensitive keys or passwords to your Git repo? It's a common slip-up. In Spring Boot, the easiest way to avoid this for things like API keys or database credentials is to keep them out of your main application.properties or application.yml.
Instead, use environment variables. Spring Boot automatically picks them up. For example, if you have a property app.external.api.key, you can set an environment variable named APP_EXTERNAL_API_KEY.
Your application.properties would still declare it:
app.external.api.key=${EXTERNAL_API_KEY:default_fallback_key}
This way, your code is clean, your repo is safe and you can manage your secrets per environment (dev staging prod) without touching the codebase.
Top comments (0)