Configuration Overview
This section documents how the Inventory Service is configured through Spring Boot, property files, environment variables, and Java configuration classes. Configuration drives behavior across environments (local, test, production) without code changes.
What is Configuration?
In Spring Boot, configuration means:
- Property files
(
application.yml,application-prod.yml, etc.) define environment-specific values - Java classes with
@Configurationand@ConfigurationPropertiescreate beans and bind properties - Environment variables override properties at runtime (highest priority)
- Profiles select which property files and beans are active
Configuration Layers
Environment Variables (highest priority)
β
application-{profile}.yml
β
application.yml (base defaults)
β
Java Configuration Classes (@Configuration)
β
Default Values (lowest priority)Directory Structure
Configuration sources are organized across two main areas:
Property Files
(src/main/resources/)
src/main/resources/
βββ application.yml # Base config, shared across all environments
βββ application-prod.yml # Production overrides
βββ application-test.yml # Test/CI overrides
βββ application.properties # App name (used by Spring Boot)Java
Configuration (src/main/java/.../config/)
src/main/java/com/smartsupplypro/inventory/config/
βββ AppProperties.java # Custom app properties (demo mode, frontend URLs)
βββ SecurityConfig.java # OAuth2 and method-level security setup
βββ SecurityAuthorizationHelper.java # Authorization rules for endpoints
βββ SecurityEntryPointHelper.java # Authentication failure handling
βββ SecurityFilterHelper.java # API vs browser request detection
βββ SecuritySpelBridgeConfig.java # SpEL bridge for security expressionsQuick Links
Configuration by Topic
| Topic | File | Purpose |
|---|---|---|
| Spring Config Classes | spring-config-classes.md | Beans, mappers, security setup |
| Property Files | application-config-files.md | YAML/properties structure |
| Profiles & Environments | profiles-and-environments.md | How profiles control behavior |
| Database & Oracle | database-and-oracle-wallet.md | Connection, wallet, credentials |
| Logging & Monitoring | logging-and-monitoring.md | Log levels, output paths |
| Feature Flags | feature-flags-and-demo-mode.md | Demo mode, custom flags |
| External Services | external-services-and-secrets.md | OAuth2, secret injection |
Common Configuration Tasks
Running with Different Profiles
# Local development (default, no profile)
mvn spring-boot:run
# With test profile (H2 in-memory DB)
mvn spring-boot:run -Dspring-boot.run.arguments="--spring.profiles.active=test"
# With prod profile (Oracle DB)
mvn spring-boot:run -Dspring-boot.run.arguments="--spring.profiles.active=prod"Setting Environment Variables
Configuration priorities (highest to lowest):
# 1. Environment variables override everything
export DB_URL="jdbc:oracle:thin:@..."
export APP_DEMO_READONLY="true"
# 2. Profile-specific files (application-prod.yml)
# Use these for profile defaults
# 3. Base config file (application.yml)
# Use for shared defaults
# 4. Java defaults in code
# Use as fallbackKey Environment Variables
These are the primary knobs for runtime configuration:
| Variable | Default | Purpose |
|---|---|---|
SPRING_PROFILES_ACTIVE |
(none) | Which profile(s) to activate |
DB_URL |
(required in prod) | Oracle database URL |
DB_USER |
(required in prod) | Database username |
DB_PASS |
(required in prod) | Database password |
APP_DEMO_READONLY |
true |
Enable read-only demo mode |
APP_FRONTEND_BASE_URL |
https://localhost:5173 |
Frontend redirect URL for OAuth2 |
APP_ADMIN_EMAILS |
(empty) | Comma-separated admin email list |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_ID |
(required) | Google OAuth2 client ID |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_SECRET |
(required) | Google OAuth2 secret |
How Configuration Flows Through the App
Environment Variables
β
Spring Boot loads properties
β
@ConfigurationProperties classes bind values
β
@Configuration classes create beans
β
Controllers & Services @Autowired inject beans
β
Application behavior adapts to configExample: Demo Mode
- Config value:
APP_DEMO_READONLY=true(environment variable) - Binding:
AppProperties.isDemoReadonlyfield receives value - Bean creation:
SecurityConfigusesprops.isDemoReadonly()when building filter chain - Authorization:
SecurityAuthorizationHelper.configureAuthorization()permits GET requests without login - Result: Public can read inventory without login; writes still require admin role
Configuration Profiles Used
| Profile | Database | Use Case | When Active |
|---|---|---|---|
| (default) | PostgreSQL/Oracle | Local dev (requires .env setup) | When SPRING_PROFILES_ACTIVE is not set |
test |
H2 in-memory | CI/CD, unit tests | In test environments |
prod |
Oracle | Production (Fly.io, cloud) | SPRING_PROFILES_ACTIVE=prod |
Related Documentation
- Architecture Overview
- Layers Overview
- Security Overview
- Deployment Docs β For production environment setup