Vault configuration in composite profile is not picked up.

[kvmw]

Describe the bug Any vault configuration in composite profile is ignored and instead default values are used.

Given following configuration for config-server:

spring:
  profiles:
    active: composite
  cloud:
    config:
      server:
        composite:
          - type: vault
            host: my-vault-server
            port: 5555

When executing curl -H "X-Config-Token: token" localhost:8888/cook/default config-server should call vault at http://my-vault-server:5555 but instead it calls http://127.0.0.1:8200.

Sample log

2024-10-16T12:08:27.258+02:00  WARN 69385 --- [configserver] [nio-8888-exec-1] o.s.c.c.s.e.EnvironmentController        : Error getting the Environment with name=cook profiles=default label=null includeOrigin=false

org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://127.0.0.1:8200/v1/secret/cook": Connect to http://127.0.0.1:8200 [/127.0.0.1] failed: Connection refused
    at org.springframework.web.client.RestTemplate.createResourceAccessException(RestTemplate.java:926) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:906) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:801) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:712) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
    at org.springframework.vault.core.VaultKeyValueAccessor.lambda$doRead$1(VaultKeyValueAccessor.java:133) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.vault.core.VaultKeyValueAccessor.lambda$doRead$2(VaultKeyValueAccessor.java:166) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.vault.core.VaultTemplate.doWithSession(VaultTemplate.java:451) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:163) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:132) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:107) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.vault.core.VaultKeyValue1Template.get(VaultKeyValue1Template.java:69) ~[spring-vault-core-3.1.2.jar:3.1.2]
    at org.springframework.cloud.config.server.environment.vault.SpringVaultEnvironmentRepository.read(SpringVaultEnvironmentRepository.java:55) ~[classes/:na]
    at org.springframework.cloud.config.server.environment.AbstractVaultEnvironmentRepository.findOne(AbstractVaultEnvironmentRepository.java:107) ~[classes/:na]

NOTE: the behaviour is correct when using vault profile, instead of composite.

spring:
  profiles:
    active: vault
  cloud:
    config:
      server:
        vault:
            host: my-vault-server
            port: 5555

[ryanjbaxter]

I could have swore there was an issue around this already...but I can't seem to find it.

I seem to remember looking into something similar a while back and discovering that Vault wasn't supported by composite environment repositories (or some properties in the configuration were not supported). I can't seem to find the issue though.

[ryanjbaxter]

Probably need to debug here to start https://github.com/spring-cloud/spring-cloud-config/blob/4841d800951a52aba4add1e856bdf7a6e7421291/spring-cloud-config-server/src/main/java/org/springframework/cloud/config/server/composite/CompositeEnvironmentBeanFactoryPostProcessor.java#L51

Let me know if you have time to take a look. If not I will put it on my list

[kvmw]

@ryanjbaxter I'll take a look and try to find a fix.