堆栈内存溢出
  简体   繁体   English

无法从Spring Cloud配置或环境变量解密属性

[英]Can't decrypt property from spring cloud config or environment variable

 原文  2019-09-18 02:58:48       java/ spring-boot/ spring-cloud-config/ google-cloud-run/ google-cloud-kms

问题描述

I'm trying to get my KMS library, found here , to decrypt items from my application.yml that come from either the google cloud config server or an environment variable. 我试图获取我的KMS库(可在此处找到) ,以解密来自Google Cloud配置服务器或环境变量的application.yml中的项目。

In playing around I've tried a number of scenarios to get this to work. 在游戏中,我尝试了多种方案来使其正常工作。 Ideally I'd like to be able to do something like: 理想情况下,我希望能够执行以下操作:

username: '{cipher}${db_username} where ${db_username} is either a property I read in from google cloud config or an environment variable. username: '{cipher}${db_username} ,其中${db_username}是我从Google云配置读取的属性或环境变量。

So far what I've tried: 到目前为止,我已经尝试过:

username: ${username} -> Successfully reads the plain text property from either the cloud config or environment variable successfully. username: ${username} ->成功从云配置或环境变量成功读取纯文本属性。 (no encryption) (不加密)

username: '{cipher}MyEncodedString' -> Success - decodes the provided inline string username: '{cipher}MyEncodedString' ->成功-解码提供的内联字符串

❗️ username: '{cipher}${username}' -> I believe this is trying to use the literal string ${username} username: '{cipher}${username}' ->我相信这是在尝试使用文字字符串${username}

❗️ username: '{cipher}'${username} -> invalid format / can't read ❗️ username: '{cipher}'${username} ->格式无效/无法读取

Since I can see that my decode is working when I put the string inline I don't believe this to be an issue with the decoder. 因为当我将字符串插入行中时可以看到我的解码正常,所以我认为这与解码器无关。

I may also be dumb and this is not a scenario I'd ever want to do, but it seems logical to me that I'd store these in a config area and let the application / profile pull in and decrypt what it needs. 我可能也很愚蠢,这不是我想做的事情,但是对我来说,将它们存储在配置区域中并让应用程序/配置文件插入并解密所需内容似乎是合乎逻辑的。

If it makes a difference, and at this point I don't feel it does, I'm attempting to do all of this on Google Cloud Run + Java + Jib 如果它有所作为,但目前为止我还没有意识到,我正在尝试在Google Cloud Run + Java + Jib上进行所有操作

1 个解决方案

解决方案1
 0  2019-09-24 20:35:51

can you try to use properties file. 您可以尝试使用属性文件吗? properties file doesn't require single quotes for {cipher}. 属性文件不需要{cipher}的单引号。 less chances but can work. 机会较少,但可以工作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法使用非对称加密解密Spring Cloud配置中的配置属性 - Unable to decrypt config property in Spring Cloud config using asymmetric encryption 无法从Spring Cloud配置服务器接收值 - can't receive values from spring cloud config server Jasypt 无法使用 Spring 从系统环境变量中解密密码 - Jasypt not able to decrypt password from system environment variable with Spring 使用 Spring 从环境变量中获取 map 属性 - Getting a map property from environment variable with Spring Cloud Config Server不会解密值 - Cloud Config Server doesn't decrypt values Spring Cloud配置中的spring.profiles.include属性 - spring.profiles.include property from spring cloud config 无法在 Spring 云配置服务器中从 GIT 读取属性源 - Unable to read property source from GIT in Spring cloud config server Spring Cloud Config Server环境变量的优先级 - Spring Cloud Config Server Priority of Environment Variables 使用环境覆盖Spring Cloud Config值 - Override Spring Cloud Config values with environment 如何从环境变量将 spring 属性设置为 null 值 - How to set spring property to a null value from an environment variable
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM