search

spring-cloud / spring-cloud-vault

Configuration Integration with HashiCorp Vault
http://cloud.spring.io/spring-cloud-vault/
Apache License 2.0
272 stars 151 forks source link

VaultConfiguration - Class Loading Issue #584

Closed buyukim closed 3 years ago

buyukim commented 3 years ago

Getting what appears to be a class loading issue when using the latest spring cloud + boot + spring-cloud-starter-vault-config versions:


***************************\nAPPLICATION FAILED TO START\n***************************\n\nDescription:\n\nAn attempt
 was made to call a method that does not exist. The attempt was made from the following location:\n\n 
 org.springframework.cloud.vault.config.VaultConfiguration.createSslConfiguration(VaultConfiguration.java:101)\n\nThe 
 following method did not exist:

 'void org.springframework.vault.support.SslConfiguration.<init>(org.springframework.vault.support.SslConfiguration$KeyStoreConfiguration,org.springframework.vault.support.SslConfiguration$KeyStoreConfiguration, java.util.List, java.util.List)'

 The method's class, org.springframework.vault.support.SslConfiguration, is available from the following locations:

 jar:file:/app.jar!/BOOT-INF/lib/spring-vault-core-2.3.0.jar!/org/springframework/vault/support/SslConfiguration.class

 The class hierarchy was loaded from the following locations:

 org.springframework.vault.support.SslConfiguration: 
 jar:file:/app.jar!/BOOT-INF/lib/spring-vault-core-2.3.0.jar!/\n\n\nAction:\n\nCorrect the classpath of your application
 so that it contains a single, compatible version of org.springframework.vault.support.SslConfiguration

Spring Cloud: 2020.0.2 Spring Boot: 2.4.4 Gradle config for vault (org.springframework.cloud:spring-cloud-vault-config:3.0.2 right now): runtimeOnly 'org.springframework.cloud:spring-cloud-starter-vault-config'

I cannot provide our application, unfortunately. I am confused as to why this constructor is being called, since I am unable to find a version of org.springframework.vault.support.SslConfiguration that has this constructor.

buyukim commented 3 years ago

Okay, looks like I need to manually bump up spring-vault-core from 2.3.0 to 2.3.2

mp911de commented 3 years ago

Using Spring Vault 2.3.2 solves the issue. We added additional API to support cipher suites/protocols configuration. I'm not sure what component pulls in an older Spring Vault version. As per Spring Cloud Vault, we refer to the correct version:

https://github.com/spring-cloud/spring-cloud-vault/blob/v3.0.2/spring-cloud-vault-dependencies/pom.xml#L23

buyukim commented 3 years ago

d'oh, looks like one of our internal shared libraries is somehow forcing the downgrade. sorry about that. closing

mp911de commented 3 years ago

Thanks a lot for the update.

alexduch commented 3 years ago

Hi,

I just ran into the same issue, and it turns out the spring-cloud-config-dependencies BOM (version 3.0.3) defines the version of the spring-vault-core as 2.3.0. That BOM is imported in the spring-cloud-dependencies BOM (version 2020.0.2) before the spring-cloud-vault-dependencies BOM (version 3.0.2), and seems to take precedence.

Is this worth reporting in the spring cloud config repository, or at the spring cloud dependencies level ?

Edit: I just found out it was already tackled in spring-cloud/spring-cloud-config#1841