Spring boot - how to decrypt env variables in yaml file?

Context

I got spring boot app. I'm passing to it variables like this:

    ...
      datasource:
          url: jdbc:postgresql://${DB_SERVER_AND_PORT}/my_db
          username: ${DB_USER}
          password: ${DB_USER_PASSWORD}

Challenge

This env variables can be easily read because they are in plain text. I want to increase security with symmetric encryption.

I looking for something that I can use in my yaml file.

    # example how I want to use it:
    ...
     datasource:
          url: jdbc:postgresql://#{decrypt(${DB_SERVER_AND_PORT}}/my_db

The only requirement for encryption is ease of doing it from shell (gitlab pipeline)

Question

If this is possible, how to do this spring boot or spring?

Solution

Check out jasypt which provides encryption support for property sources in Spring Boot Applications:

https://github.com/ulisesbocchio/jasypt-spring-boot

Search from database and display it in web page using spring boot + html
Find/Remove in @DBref list items in MongoDB for Spring
Spring Boot control target JAR file name
Name for argument of type [java.lang.String] not specified, and parameter name information not available via reflection
Cannot load configs from Config Server - No suitable HttpMessageConverter
How to prevent Spring Boot/Hibernate from converting entity column names from PascalCase to snake_case?
How to specify target architecture when using Spring Boot gradle task bootBuildImage
Error executing DDL "create table in Spring Data JPA?
not able to call upload file API using RestTemplate
How to Add JVM Arguments in Azure Application Service?
How to handle microservice Interaction when one of the microservice is down
Lombok classes not generated
LdapCtxFactory because module java.naming does not export com.sun.jndi.ldap to unnamed module
Is it possible to use @Transactional and kotlin coroutines in spring boot?
How to convert spring boot app with Okta to read okta groups
How to add Header - Authorization for swagger 3, spring boot
SpringBoot RestTemplate ignores spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS = false
Spring Boot 1.5.1 caches JSP
How does Spring Boot control Tomcat cache?
How can I change the default location of log4j2.xml in Java Spring Boot?
Spring Boot application is encountering a NullPointerException after running for a while
Problem connecting springboot to mysql with docker-compose
Map as parameter in RestAPI Post request
Cause ERROR Recursive call to appender. Is there a way to solve it?
Swagger-ui keeps showing example petstore instead of my API
Apache Spark with Spring boot - failed to start exception Factory method 'javaSparkContext' threw exception with message: javax/servlet/Servlet
Reactive Mongo secondaryPreferred
Flyway: Found non-empty schema(s) "public" without schema history table! Use baseline() - on Empty database
Spring boot not loading log4j2.xml
@Repository not necessary when implementing JpaRepository?