This challenge is about how to not use the spring boot actuator, by hiding an API key in the audit events: - [ ] Add an `AuditEventRepository` - [ ] Add an APIkey received event at AuditEventRepository which is randomly generated - [ ] enable `management.endpoints.web.exposure.include=auditevents` in `application.properties` - [ ] Create a challenge using the secret at this endpoint and explain why you need to be careful with Actuator configurations
This challenge is about how to not use the spring boot actuator, by hiding an API key in the audit events:
AuditEventRepositorymanagement.endpoints.web.exposure.include=auditeventsinapplication.properties