# azure-keyvault-secrets-spring-boot-starter can't load secrets from keyvault properly when using config server to host application.properties

[superrdean]

Environment

• Spring boot starter:

  • key vault spring boot starter

• OS Type: Windows/Linux/MacOS

• Java version:

  • 1.8

Summary

It is caused by the loading order of KeyvaultPropertySource and config client. One thing needs to be noticed that is that the logic of loading secrets from keyvault is async which can also cause some magic symptom although the order is right. I think the init load should be sync which can avoid a lot of problems advancely

Reproduce steps

1. prepare a keyvault and add some secrets into it.
2. put the application.properties on config server.
3. start the application.

There are the sample codes in my Git, you can refer to it. https://github.com/neuqlz/ConfigClientDemo https://github.com/neuqlz/ConfigServerDemo

Expected Results

secrets can be loaded into spring env properly from keyvault.

Actual Results

secrets aren't loaded.

[yiliuTo]

Thanks for reaching out, we will look into it.

[chenrujun]

1. spring cloud property source is added here: https://github.com/spring-projects/spring-boot/blob/v2.3.1.RELEASE/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/SpringApplication.java#L308

2. key-vault property source is added here: https://github.com/spring-projects/spring-boot/blob/v2.3.1.RELEASE/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/SpringApplication.java#L314

We can use ApplicationContextInitializer to make key-vault property source added latter than spring cloud property source. But is it necessary?

What if we need save spring cloud connection items in key-vault?

[chenrujun]

I'll close this issue because we do not have enough reason to save key-vault's property items in spring-cloud.