search

spring-cloud / spring-cloud-vault

Configuration Integration with HashiCorp Vault
http://cloud.spring.io/spring-cloud-vault/
Apache License 2.0
275 stars 152 forks source link

Resource class path resource [etc/cf-instance-credentials/instance.crt] does not exist on PCF authentication #595

Closed AdhritMadhav closed 3 years ago

AdhritMadhav commented 3 years ago

Pivotal CloudFoundry authentication with vault getting below error.

Note: I have ssh to other working container and verified could able to see the certification and key in the specified path.

Observation, For time being added the certificates to the class path under resources , I’m getting connected to the vault.

org.springframework.boot spring-boot-starter-parent 2.2.6.RELEASE org.springframework.cloud spring-cloud-starter-vault-config 3.0.2 vault: host: ** port: 443 scheme: https connection-timeout: 5000 read-timeout: 15000 authentication: PCF pcf: role: poc pcf-path: pcf instance-certificate: /etc/cf-instance-credentials/instance.crt instance-key: /etc/cf-instance-credentials/instance.key

java.lang.IllegalArgumentException: Resource class path resource [etc/cf-instance-credentials/instance.crt] does not exist 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at org.springframework.util.Assert.isTrue(Assert.java:136) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at org.springframework.vault.authentication.ResourceCredentialSupplier.(ResourceCredentialSupplier.java:71) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at org.springframework.cloud.vault.config.ClientAuthenticationFactory.pcfAuthentication(ClientAuthenticationFactory.java:440) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at org.springframework.cloud.vault.config.ClientAuthenticationFactory.createClientAuthentication(ClientAuthenticationFactory.java:140) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at org.springframework.cloud.vault.config.VaultBootstrapConfiguration.clientAuthentication(VaultBootstrapConfiguration.java:248) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 2021-04-28T10:28:47.608-04:00 [APP/PROC/WEB/0] [OUT] at java.lang.reflect.Method.invoke(Method.java:498)

Sample If possible, please provide a test case or sample application that reproduces the problem. This makes it much easier for us to diagnose the problem and to verify that we have fixed it.

mp911de commented 3 years ago

Please make sure to prefix your resource with file:// otherwise resources are considered to exist on the class path. Please also note that Spring Cloud Vault defaults to resolving CF_INSTANCE_CERT and CF_INSTANCE_KEY env variables if the path is not configured which is typically a better approach.