Automatically create Keystore with Maven

Let Maven automatically create a keystore if missing. Credentials and dname
can be configured in the pom.xml. Use the Maven properties for application.yml.

Author: KarstenSchnitter

sample-spring-boot/pom.xml

@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.hcp.cf.logging</groupId>
 		<artifactId>cf-java-logging-support-parent</artifactId>
-		<version>3.2.1</version>
+		<version>3.3.0</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 
@@ -19,6 +19,15 @@
 		<maven.compiler.source>11</maven.compiler.source>
 		<maven.compiler.target>11</maven.compiler.target>
 		<spring.boot.version>2.3.4.RELEASE</spring.boot.version>
+		<keytool.plugin.version>1.5</keytool.plugin.version>
+		<keystore.token.store_password>0bzhBRNUXBR5
+		</keystore.token.store_password>
+		<keystore.token.key_password>0bzhBRNUXBR5
+		</keystore.token.key_password>
+		<keystore.token.key_alias>jwt-token</keystore.token.key_alias>
+		<keystore.token.dname>CN=cf-java-logging-support, OU=None, O=SAP,
+			L=Unknown, ST=Unknown, C=Unknown
+		</keystore.token.dname>
 	</properties>
 
 	<dependencyManagement>
@@ -68,7 +77,7 @@
 			<artifactId>spring-security-test</artifactId>
 			<scope>test</scope>
 		</dependency>
-		
+
 		<!-- We're using the Servlet Filter instrumentation -->
 		<dependency>
 			<groupId>com.sap.hcp.cf.logging</groupId>
@@ -90,10 +99,21 @@
 	</dependencies>
 
 	<build>
+		<resources>
+			<resource>
+				<directory>src/main/resources</directory>
+				<filtering>true</filtering>
+			</resource>
+			<resource>
+				<directory>target/generated-resources/keystore</directory>
+			</resource>
+		</resources>
+
 		<plugins>
 			<plugin>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-maven-plugin</artifactId>
+				<version>${spring.boot.version}</version>
 				<executions>
 					<execution>
 						<goals>
@@ -106,12 +126,51 @@
 	</build>
 
 	<profiles>
+		<profile>
+			<id>initialze-keystore</id>
+			<activation>
+				<file>
+					<missing>target/generated-resources/keystore/token_keystore.jks
+					</missing>
+				</file>
+			</activation>
+			<build>
+				<plugins>
+					<plugin>
+						<groupId>org.codehaus.mojo</groupId>
+						<artifactId>keytool-maven-plugin</artifactId>
+						<version>${keytool.plugin.version}</version>
+						<executions>
+							<execution>
+								<id>create-key-pair</id>
+								<goals>
+									<goal>generateKeyPair</goal>
+								</goals>
+								<phase>generate-resources</phase>
+							</execution>
+						</executions>
+						<configuration>
+							<keystore>target/generated-resources/keystore/token_keystore.jks
+							</keystore>
+							<storepass>${keystore.token.store_password}</storepass>
+							<keypass>${keystore.token.key_password}</keypass>
+							<alias>${keystore.token.key_alias}</alias>
+							<dname>${keystore.token.dname}</dname>
+							<sigalg>SHA256withRSA</sigalg>
+							<ext></ext>
+							<validity>100</validity>
+							<keyalg>RSA</keyalg>
+							<keysize>2048</keysize>
+						</configuration>
+					</plugin>
+				</plugins>
+			</build>
+		</profile>
 		<profile>
 			<id>logback</id>
 			<activation>
 				<activeByDefault>true</activeByDefault>
 			</activation>
-
 			<dependencies>
 				<dependency>
 					<groupId>org.springframework.boot</groupId>
@@ -129,7 +188,6 @@
 			<activation>
 				<activeByDefault>false</activeByDefault>
 			</activation>
-
 			<dependencies>
 				<dependency>
 					<groupId>org.springframework.boot</groupId>

sample-spring-boot/src/main/resources/application.yml

@@ -3,9 +3,9 @@ keystore:
   token:
     type: jks
     location: "classpath:token_keystore.jks"
-    password: "0bzhBRNUXBR5"
-    keyAlias: jwt-token
-    keyPassword: "0bzhBRNUXBR5"
+    password: ${keystore.token.store_password}
+    keyAlias: ${keystore.token.key_alias}
+    keyPassword: ${keystore.token.key_password}
 defaults:
   token:
     expiration: P2D