search

spring-projects / spring-vault

Provides familiar Spring abstractions for HashiCorp Vault
https://spring.io/projects/spring-vault
Apache License 2.0
283 stars 186 forks source link

Update google-api-services-iam to v2-rev20230119-2.0.0 #787

Closed whchang10 closed 1 year ago

whchang10 commented 1 year ago

Please help update google-api-services-iam to v2-rev20230119-2.0.0.

com.google.apis google-api-services-iam v2-rev20230119-2.0.0

https://github.com/GoogleCloudPlatform/spring-cloud-gcp https://mvnrepository.com/artifact/com.google.cloud/spring-cloud-gcp-dependencies/4.0.0 I checked the bom. spring-cloud-gcp 4.x uses google-api-client 2.x not 1.x. However, spring-vault uses v1-rev316-1.25.0 with google-api-client 1.25.0.

Using google-api-client 1.25.0 is incompatible with spring-cloud-gcp 4.x ! According to spring-cloud-gcp github page, spring-cloud-gcp 4.x is required to support Spring Boot 3.x and Spring Framework 6.x.

whchang10 commented 1 year ago

Using spring-vault 3.0.2 + google-api-services-iam v2-rev20230119-2.0.0 + google-api-client 2.2.0, I got "java.lang.ClassNotFoundException: com.google.api.services.iam.v1.Iam$Builder" java.lang.NoClassDefFoundError: com/google/api/services/iam/v1/Iam$Builder at org.springframework.vault.authentication.GcpIamAuthentication.signJwt(GcpIamAuthentication.java:125) at org.springframework.vault.authentication.GcpIamAuthentication.login(GcpIamAuthentication.java:114) at org.springframework.vault.authentication.LifecycleAwareSessionManager.doGetSessionToken(LifecycleAwareSessionManager.java:292) at org.springframework.vault.authentication.LifecycleAwareSessionManager.getSessionToken(LifecycleAwareSessionManager.java:275) at org.springframework.vault.core.VaultTemplate.lambda$getSessionInterceptor$1(VaultTemplate.java:253) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:87) at org.springframework.vault.client.RestTemplateBuilder.lambda$createTemplate$4(RestTemplateBuilder.java:239) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:87) at org.springframework.vault.client.VaultClients.lambda$createRestTemplate$0(VaultClients.java:117) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:87) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:71) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:862) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:764) at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:378) at org.springframework.vault.core.VaultTemplate.lambda$doRead$5(VaultTemplate.java:461) at org.springframework.vault.core.VaultTemplate.doWithSession(VaultTemplate.java:448) at org.springframework.vault.core.VaultTemplate.doRead(VaultTemplate.java:458) at org.springframework.vault.core.VaultTemplate.read(VaultTemplate.java:353) at org.springframework.vault.core.util.KeyValueDelegate.doGetMountInfo(KeyValueDelegate.java:111) at org.springframework.vault.core.util.KeyValueDelegate.getMountInfo(KeyValueDelegate.java:128) at org.springframework.vault.core.util.KeyValueDelegate.isVersioned(KeyValueDelegate.java:62) at org.springframework.vault.core.lease.SecretLeaseContainer.doGetSecrets(SecretLeaseContainer.java:617) at org.springframework.vault.core.lease.SecretLeaseContainer.doStart(SecretLeaseContainer.java:366) at org.springframework.vault.core.lease.SecretLeaseContainer.start(SecretLeaseContainer.java:356) at org.springframework.vault.core.lease.SecretLeaseContainer.addRequestedSecret(SecretLeaseContainer.java:319) at org.springframework.vault.core.env.LeaseAwareVaultPropertySource.loadProperties(LeaseAwareVaultPropertySource.java:176) at org.springframework.vault.core.env.LeaseAwareVaultPropertySource.<init>(LeaseAwareVaultPropertySource.java:161) at org.springframework.vault.core.env.LeaseAwareVaultPropertySource.<init>(LeaseAwareVaultPropertySource.java:119) at org.springframework.cloud.vault.config.LeasingVaultPropertySourceLocator.createVaultPropertySource(LeasingVaultPropertySourceLocator.java:146) at org.springframework.cloud.vault.config.LeasingVaultPropertySourceLocator.createVaultPropertySourceFailFast(LeasingVaultPropertySourceLocator.java:122) at org.springframework.cloud.vault.config.LeasingVaultPropertySourceLocator.createVaultPropertySource(LeasingVaultPropertySourceLocator.java:80) at org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport.doCreatePropertySources(VaultPropertySourceLocatorSupport.java:122) at org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport.createCompositePropertySource(VaultPropertySourceLocatorSupport.java:101) at org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport.locate(VaultPropertySourceLocatorSupport.java:76) at org.springframework.cloud.bootstrap.config.PropertySourceLocator.locateCollection(PropertySourceLocator.java:50) at org.springframework.cloud.bootstrap.config.PropertySourceLocator.locateCollection(PropertySourceLocator.java:46) at org.springframework.cloud.bootstrap.config.PropertySourceBootstrapConfiguration.initialize(PropertySourceBootstrapConfiguration.java:95) at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:605) at org.springframework.boot.SpringApplication.prepareContext(SpringApplication.java:385) at org.springframework.boot.SpringApplication.run(SpringApplication.java:309) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1304) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1293) ... Caused by: java.lang.ClassNotFoundException: com.google.api.services.iam.v1.Iam$Builder at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:445) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:587) at org.springframework.boot.loader.LaunchedURLClassLoader.loadClass(LaunchedURLClassLoader.java:149) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:520) ... 53 common frames omitted

whchang10 commented 1 year ago

Using spring-vault 3.0.2 + google-api-services-iam v1-rev316-1.25.0 + google-api-client 2.2.0, I got "java.lang.IllegalStateException: You are currently running with version 2.2.0 of google-api-client. You need at least version 1.15 of google-api-client to run version 1.25.0 of the Identity and Access Management (IAM) API library." java.lang.ExceptionInInitializerError: null at com.google.api.services.iam.v1.Iam$Builder.build(Iam.java:7728) at org.springframework.vault.authentication.GcpIamAuthentication.signJwt(GcpIamAuthentication.java:126) at org.springframework.vault.authentication.GcpIamAuthentication.login(GcpIamAuthentication.java:114) at org.springframework.vault.authentication.LifecycleAwareSessionManager.doGetSessionToken(LifecycleAwareSessionManager.java:292) at org.springframework.vault.authentication.LifecycleAwareSessionManager.getSessionToken(LifecycleAwareSessionManager.java:275) at org.springframework.vault.core.VaultTemplate.lambda$getSessionInterceptor$1(VaultTemplate.java:253) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:87) at org.springframework.vault.client.RestTemplateBuilder.lambda$createTemplate$4(RestTemplateBuilder.java:239) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:87) at org.springframework.vault.client.VaultClients.lambda$createRestTemplate$0(VaultClients.java:117) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:87) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:71) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:862) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:764) at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:378) at org.springframework.vault.core.VaultTemplate.lambda$doRead$5(VaultTemplate.java:461) at org.springframework.vault.core.VaultTemplate.doWithSession(VaultTemplate.java:448) at org.springframework.vault.core.VaultTemplate.doRead(VaultTemplate.java:458) at org.springframework.vault.core.VaultTemplate.read(VaultTemplate.java:353) at org.springframework.vault.core.util.KeyValueDelegate.doGetMountInfo(KeyValueDelegate.java:111) at org.springframework.vault.core.util.KeyValueDelegate.getMountInfo(KeyValueDelegate.java:128) at org.springframework.vault.core.util.KeyValueDelegate.isVersioned(KeyValueDelegate.java:62) at org.springframework.vault.core.lease.SecretLeaseContainer.doGetSecrets(SecretLeaseContainer.java:617) at org.springframework.vault.core.lease.SecretLeaseContainer.doStart(SecretLeaseContainer.java:366) at org.springframework.vault.core.lease.SecretLeaseContainer.start(SecretLeaseContainer.java:356) at org.springframework.vault.core.lease.SecretLeaseContainer.addRequestedSecret(SecretLeaseContainer.java:319) at org.springframework.vault.core.env.LeaseAwareVaultPropertySource.loadProperties(LeaseAwareVaultPropertySource.java:176) at org.springframework.vault.core.env.LeaseAwareVaultPropertySource.<init>(LeaseAwareVaultPropertySource.java:161) at org.springframework.vault.core.env.LeaseAwareVaultPropertySource.<init>(LeaseAwareVaultPropertySource.java:119) at org.springframework.cloud.vault.config.LeasingVaultPropertySourceLocator.createVaultPropertySource(LeasingVaultPropertySourceLocator.java:146) at org.springframework.cloud.vault.config.LeasingVaultPropertySourceLocator.createVaultPropertySourceFailFast(LeasingVaultPropertySourceLocator.java:122) at org.springframework.cloud.vault.config.LeasingVaultPropertySourceLocator.createVaultPropertySource(LeasingVaultPropertySourceLocator.java:80) at org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport.doCreatePropertySources(VaultPropertySourceLocatorSupport.java:122) at org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport.createCompositePropertySource(VaultPropertySourceLocatorSupport.java:101) at org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport.locate(VaultPropertySourceLocatorSupport.java:76) at org.springframework.cloud.bootstrap.config.PropertySourceLocator.locateCollection(PropertySourceLocator.java:50) at org.springframework.cloud.bootstrap.config.PropertySourceLocator.locateCollection(PropertySourceLocator.java:46) at org.springframework.cloud.bootstrap.config.PropertySourceBootstrapConfiguration.initialize(PropertySourceBootstrapConfiguration.java:95) at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:605) at org.springframework.boot.SpringApplication.prepareContext(SpringApplication.java:385) at org.springframework.boot.SpringApplication.run(SpringApplication.java:309) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1304) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1293) ... Caused by: java.lang.IllegalStateException: You are currently running with version 2.2.0 of google-api-client. You need at least version 1.15 of google-api-client to run version 1.25.0 of the Identity and Access Management (IAM) API library. at com.google.common.base.Preconditions.checkState(Preconditions.java:534) at com.google.api.client.util.Preconditions.checkState(Preconditions.java:113) at com.google.api.services.iam.v1.Iam.<clinit>(Iam.java:48) ... 54 common frames omitted

whchang10 commented 1 year ago

Using spring-vault 3.0.2 + google-api-services-iam v1-rev316-1.25.0 + google-api-client 1.25.0. The service config map (a yaml file) on GKE didn't apply to service properly and causing a bean not found issue at service staring up.

whchang10 commented 1 year ago

I found a new version of google-api-services-iam on https://cloud.google.com/iam/docs/reference/libraries#iam-install Not sure its compatible with spring-cloud-gcp 4.x or not

<dependency>
  <groupId>com.google.apis</groupId>
  <artifactId>google-api-services-iam</artifactId>
  <version>v1-rev20230406-2.0.0</version>
</dependency>