Spring-Boot: How to load a keystore resource file either from the classpath or from the file system?

Question

My spring-boot application requires access to private keys via a Java keystore. For testing, I would like to use a test keystore that is available on the classpath (so I can easily execute the application as part of an integration test), while in production I would like to use a keystore from some external volume (e.g., mounted inside a container as k8 secret).

I know that the spring-boot @Value annotation allows me to inject a resource. However, I don't see how it can be made dynamic to respect the spring environment (e.g., test or production). Does spring-boot provide an out-of-the-box way to solve the above problem, or do I need to write my own bean to load the correct keystore depending on the deployment environment?

dekkard · Accepted Answer · 2022-05-19T11:03:06.740

2

You can use a property for the resource path and set that property values in your application props differently based on an active profile.

@Value("${my.resource.path:#{null}}")
private Resource myResource;

application.yml:

spring:
    config:
        activate:
            on-profile: test
my.resource.path: 'classpath:test/path/keystore.jks'

---
spring:
    config:
        activate:
            on-profile: prod
my.resource.path: 'file:prod/path/keystore.jks'

edited May 19 '22 at 11:03

answered May 19 '22 at 10:40

dekkard

6,121
1
16
26

Thanks for the answer. Would that method work to select either a classpath resource or a file on the file system? – Ulrich Schuster May 19 '22 at 10:43
Oops, forgot the 'file:' prefix for the file system resource. Fixed. – dekkard May 19 '22 at 11:04

Spring-Boot: How to load a keystore resource file either from the classpath or from the file system?

1 Answers1