My problem is, that my Spring-Boot Actuator endpoint for env actually replaces some properties with starts like this:
"applicationConfig: [classpath:/config/application.properties]" : {
"rest.baseurl" : "http://85.214.247.80:9912",
"projectKey" : "******",
And I have no clue why. I did not have any hint in my application thats he should hide it. I guess there is some heuristic to hide it based on the property name.
any Ideas how to avoid the masking?
By default the /env endpoint will hide the value of any property with a key that, ignoring case, ends with password, secret, or key. You can customize this using the endpoints.env.keys-to-sanitize property. The value of this property should be a comma-separated list of suffixes or regexes to match against property names. For example, if you don't care about keys ending in key you could set it to:
endpoints.env.keys-to-sanitize=password,secret
This is what the documentation says:
endpoints.env.keys-to-sanitize=password,secret,key,token,.credentials.,vcap_services
Keys that should be sanitized. Keys can be simple strings that the property ends with or regex expressions.