Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to fetch properties via spring cloud vault using username and password #719

Open
ENate opened this issue Jan 31, 2024 · 0 comments
Open

Unable to fetch properties via spring cloud vault using username and password #719

ENate opened this issue Jan 31, 2024 · 0 comments

Comments

@ENate
Copy link

ENate commented Jan 31, 2024
edited

I am working on a microservices spring boot application using spring cloud config as a centralized properties server. I decided to add a database backend to the spring config server so that services can connect using a username and password before fetching properties from the config server. I also decided to save secrets (username, password, etc) for all services on Hashicorp vault. Everything works fine if I pass the actual values (for my username and passwords) via spring.config.import or spring.config.uri. But I am unable to fetch the properties when I replace the actual username and password values with their corresponding keys (stored in the Hashicorp Vault Secrets). The configurations on my spring config server ```application.yml`` are:

erver:
    port: 8888
    error:
        include-message: always
        include-binding-errors: always

spring:
    profiles:
        active: git, vault
    # security config
    data:
        mongodb:
            uri: mongodb+srv://${DB_NAME}:${DB_PASS}@host:port

    # application name
    application:
        name: config-server
    cloud:
        config:
            server:
                vault:
                    host: 127.0.0.1
                    port: 8200
                    scheme: http
                    authentication: TOKEN
                    token: 
                    order: 1
                    # kv:
                    # enabled: true
                    profile-separator: '/'
                    backend: secret
                    kvVersion: 2
                git:
                    uri: https://github.com/ENate/repo-config-server
                    default-label: main
                    username: ${GIT_USER}
                    password: ${GIT_PASSWORD}
                    order: 2

While on a spring boot microservice, I am unable to connect or fetch properties if I use:

spring:
    # profiles:
    #    active: git
    application:
        name: spring-boot-service
    cloud:
        # vault:
        #    authentication: TOKEN
        #    token: hvs.mytokenvalue
        config:
            username: ${CONFIG_SERVER_USR}
            password: ${CONFIG_SERVER_PWD}
            fail-fast: true
            retry:
                initial-interval: 3000
                multiplier: 1.3
                max-interval: 10000
                max-attempts: 20
            # uri: http://${CONFIG_SERVER_USR}:${CONFIG_SERVER_PWD}@${app.config-server.host}:${app.config-server.port}
    config:
        import: configserver:http://${CONFIG_SERVER_USR}:${CONFIG_SERVER_PWD}@${app.config-server.host}:${app.config-server.port}

But passing the username and password directly like so:

spring:
    config:
        import: configserver:http://myUsername:myPassword@localhost:8888

seem to work. How can I fix this issue: so as to pass the keys (for username and password) I saved in the Vault server instead of hard coding their values in the bootstrap.yml and/or ```application.yml`` files? Thanks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ENate