Closed pavankjadda closed 3 years ago
Spring Cloud Vault isn't the one that performs property placeholder expansion. That's rather something related to Spring Boot. Can you file the ticket there?
@mp911de I did ask this in Spring Boot ticket. See Phils response here, see the second from the last comment(I couldn't get a link for the comment, strange). He suggested to raise an issue here.
Thanks for letting us know. Reopening this ticket for further investigation.
I wasn't able to reproduce the issue first, but after adding a trailing slash to import: vault://secret/app/customers
which renders import: vault://secret/app/customers/
is causing the issue. I'm currently not sure how to be more lenient. Maybe we can do something about it.
Validating the location makes right now the most sense as importing Vault directories as context path isn't supported.
I wasn't able to reproduce the issue first, but after adding a trailing slash to
import: vault://secret/app/customers
which rendersimport: vault://secret/app/customers/
is causing the issue. I'm currently not sure how to be more lenient. Maybe we can do something about it.
So when you start the application and go to URL http://localhost:8081 you see placeholders being replaced with vault values? Because I still can't see it. I see ${customers.elk.logging.rabbitmq.username}
and ${customers.elk.logging.rabbitmq.password}
in console.
Yes. I basically replicated your sample and I missed the trailing slash in the first variant. After adding the trailing slash, I was able to reproduce the issue with non-replaced placeholders.
Yes. I basically replicated your sample and I missed the trailing slash in the first variant. After adding the trailing slash, I was able to reproduce the issue with non-replaced placeholders.
Now I am confused. You were able reproduce the issue regarding place holders, meaning your code doesn't replace the values but still closed the ticket? Isn't it supposed to replace place holders with values from vault?
And I see the issue with trailing slash which you are working on now.
I was able to reproduce the problem by adding a trailing slash. Without the trailing slash on the vault path, the problem goes away. The ticket is resolved by adding path validation so that trailing slashes are reported with an exception instead of going unnoticed. Users can then fix the path on their side.
Does this make sense?
@mp911de understood. My original issue was Properties file place holders are not being replaced with values from Vault and then you changed the title reflecting the issue with Spring Cloud vault. I thought we were talking my issue. Anyway I felt my issue belong in StackOverFlow, so I created new issue there. This stops me from adopting new Spring Boot config API.
There are maybe two sides:
Describe the bug In my spring boot project, I use this library to get and replace profile specific properties from vault with App Role authentication. After changes in Spring Boot 2.4, I started testing the new format. Here is the issue I see when using with Spring Boot 2.4 and 2.5. Properties file(dev.yml or prod.yml) place holders are not being replaced with values from Vault.
Here is an example based on 2.4 config. I have application.yml, dev.yml or prod.yml files. When the application starts, properties in dev.yml or prod.yml (based on active profile) should be replaced with actual values from Vault. But they are not
application.yml
dev.yml
prod.yml
Sample See this Github repo https://github.com/pavankjadda/ProfileTest for sample app