fix(sap-demo): default DB URL to 127.0.0.1 + sslmode=disable for keploy-friendly local dev

slayerjain · claude · slayerjain · commit 35d9987fb57f · 2026-04-22T18:34:00.000+05:30
Spring Boot's default JDBC URL (jdbc:postgresql://localhost:5432/customer360)
resolves to ::1 on most Linux stacks and opts in to SSL negotiation. Both
break Keploy's eBPF proxy: the v6 connection is not hooked, and the SSL
negotiation fails with EOF during the enableSSL packet exchange under the
proxy's MITM.

Default now binds the v4 loopback and disables SSL so out-of-the-box
`keploy record` works without env overrides. Compose (`hostname: postgres`)
and the k8s manifests already supply SPRING_DATASOURCE_URL, so the change
is invisible to those flows.

Reproduction:
  SPRING_DATASOURCE_URL unset, postgres on localhost → app boots but
  keploy record sees no v4 traffic → no postgres mocks captured.

Root cause:
  localhost → ::1 on Debian/Ubuntu; postgresql driver negotiates SSL by
  default.

Fix:
  127.0.0.1 + ?sslmode=disable as the built-in default; SPRING_DATASOURCE_URL
  still overrides it.

Co-Authored-By: Claude Opus 4.7 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/sap-demo-java/src/main/resources/application.yml b/sap-demo-java/src/main/resources/application.yml
@@ -12,7 +12,15 @@ spring:
   # for the demo we use stock Postgres, which Keploy's OSS core can record
   # and replay at the wire-protocol level.
   datasource:
-    url: ${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/customer360}
+    # Default to IPv4 (127.0.0.1) + sslmode=disable so Keploy's eBPF proxy
+    # can capture the Postgres wire protocol cleanly on the host. The
+    # `localhost` hostname resolves to ::1 on most modern Linux stacks, and
+    # the eBPF hooks currently attach only to the v4 path; additionally
+    # the default postgres driver opts in to SSL negotiation, which fails
+    # with EOF mid-handshake under the proxy. Compose and k8s override this
+    # via SPRING_DATASOURCE_URL (hostname: postgres) where those concerns
+    # don't apply.
+    url: ${SPRING_DATASOURCE_URL:jdbc:postgresql://127.0.0.1:5432/customer360?sslmode=disable}
     username: ${SPRING_DATASOURCE_USERNAME:customer360}
     password: ${SPRING_DATASOURCE_PASSWORD:customer360}
     hikari:
