Failure to load spring.cloud.vault.token when running with spring boot 2.3+

spring-cloud / spring-cloud-vault

Configuration Integration with HashiCorp Vault

http://cloud.spring.io/spring-cloud-vault/

Apache License 2.0

274 stars 152 forks source link

Failure to load spring.cloud.vault.token when running with spring boot 2.3+ #556

Closed nterry-mc closed 3 years ago

nterry-mc commented 3 years ago

Describe the bug When starting up, spring throws an exception java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty. This is with a hard-coded token. I also tried setting it with a system property directly.

Debugging shows that the appropriate setter for the token field in org.springframework.cloud.vault.config.VaultProperties is never called.

The issue is present in spring boot 2.3 and 2.4. It works with spring boot 2.2.

Sample Create a simple spring boot app with spring initializr or similar with 2.3+. The exception will be thrown.

Here is my bootstrap.yaml (redacted, of course):

spring:
  application:
    name: myApp

  cloud:
    vault:
      uri: https://vault.sample.url
      authentication: token
      token: 'abcd.1234'
      kv:
        enabled: true
        application-name: myApp

adamhrosenberg commented 3 years ago

I saw this in 2.4.0.release. ditto

baraths84 commented 3 years ago

Same Issue here. Is there a specific recommendation we should follow or is it bug. Please advise. cc: @mp911de

mp911de commented 3 years ago

With Spring Cloud Vault 3.0, we've moved away from the bootstrap context. The bootstrap context is deprecated and requires opt-in. Please define your properties in the application.(properties|yaml) file instead.

baraths84 commented 3 years ago

Hi @mp911de - Thank you for the note on the deprecation. I tried simple example workflow spinning up a local vault following the reference here but updating with versions to refer the latest stable releases. (noted below).

I was not able to retrieve the secrets and debug logs are not helping. Can you please suggest on what may be possibly wrong in my config. (Sample : Repo

<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.2</version>

  <groupId>org.springframework.cloud</groupId>
  <artifactId>spring-cloud-dependencies</artifactId>
  <version>2020.0.0</version>

Vault : for Dev profile : vault kv put secret/test-app/dev example.username=demodevuser example.password=demopassword for Prod profile : vault kv put secret/test-app/prod example.username=demoproduser example.password=demoprodpassword2021!

mp911de commented 3 years ago

This is likely caused by #566. Can you upgrade to Spring Cloud Vault snapshots (3.0.1-SNAPSHOT)? A Spring Cloud release is imminent.

baraths84 commented 3 years ago

@mp911de tried with 3.0.1-SNAPSHOT but still unable to resolve the secrets.I used the same example previously noted. Tried enabling

<artifactId>spring-cloud-starter-vault-config</artifactId>
<version>3.0.1-SNAPSHOT</version>

mp911de commented 3 years ago

Please use spring-cloud-vault-config as artifact Id as the starter just pulls in spring-cloud-vault-config and dependency management forces version 3.0.0.

mp911de commented 3 years ago

Closing due to lack of activity. If you would like us to look at this issue, please provide additional information and we will re-open the issue.