Master Spring Cloud Config: Logging, RefreshScope, Encryption & Custom Properties

Environment: SpringBoot2.7.12 + SpringCloud2021.0.7

1. Log Configuration

When configuring logging in Spring Boot, place the settings in bootstrap.yml or bootstrap.properties so they apply to all events. Note: Do not use custom prefixes because Spring Cloud cannot recognize them during initialization.

2. Configuration Changes

The application listens for EnvironmentChangeEvent and reacts in two standard ways:

Rebind beans annotated with @ConfigurationProperties using ConfigurationPropertiesRebinder .

Set logger levels for any logging.level.* property using LoggingRebinder .

You can also define a custom listener for EnvironmentChangeEvent:

@Component
public class PackApplicationEventListener implements ApplicationListener<EnvironmentChangeEvent> {
    @Override
    public void onApplicationEvent(EnvironmentChangeEvent event) {
        System.out.println(event.getKeys());
    }
}

3. @RefreshScope Limitations

The @RefreshScope annotation only works on beans that can be re‑initialized. For beans that are immutable, you must either annotate them with @RefreshScope or specify the full class name in the configuration:

spring:
  cloud:
    refresh:
      extra-refreshable: com.pack.PackUser

Note: If you use HikariDataSource as the data source, it cannot be refreshed because it is listed in spring.cloud.refresh.never-refreshable by default. Choose a different data source implementation if refresh is required.

4. Encryption and Decryption

Spring Cloud includes an environment pre‑processor that decrypts values wrapped with {cipher} before the main application context is created. Add spring-security-rsa to the classpath (Maven coordinate org.springframework.security:spring-security-rsa).

encrypt:
  key: aaaabbbbccccdddd
  salt: dead
db:
  password: '{cipher}6c05a3e62aa1f71b814fd283fc15197ec18a83b67d9da27dcb63c1b3925d68c1'

The default algorithm is AES. Example encryption code:

TextEncryptor textEncryptor = new EncryptorFactory("xxx").create("xxxx");
textEncryptor.encrypt(...);

5. Actuator Endpoints

Spring Boot Actuator provides additional management endpoints:

POST /actuator/env – update the environment and rebind @ConfigurationProperties and logger levels (enable with management.endpoint.env.post.enabled=true). /actuator/refresh – reload the bootstrap context and refresh @RefreshScope beans. /actuator/restart – shut down the ApplicationContext and restart it (disabled by default). /actuator/pause and /actuator/resume – invoke lifecycle methods stop() and start() on the ApplicationContext.

6. Custom Property Source

Add a PropertySourceLocator bean via spring.factories to introduce additional property sources:

public class CustomPropertySourceLocator implements PropertySourceLocator {
    @Override
    public PropertySource<?> locate(Environment environment) {
        Map<String, Object> values = new HashMap<>();
        values.put("config.mq.queue", "pack.test.queue");
        MapPropertySource source = new MapPropertySource("PACK", values);
        return source;
    }
}

Register it in spring.factories:

org.springframework.cloud.bootstrap.BootstrapConfiguration=\
com.pack.CustomPropertySourceLocator

That concludes the article. Hope it helps!