在 Springboot 应用程序中从 Azure Key Vault 获取机密时面临问题

Question

i am facing some issue while fetching secrets from azure key vault in a springboot project.我在 springboot 项目中从 azure key vault 获取机密时遇到了一些问题。 I have created a sample springboot project and for that it is working fine but in my actual application it is not working as it is showing null for the secret values.我创建了一个示例 springboot 项目，为此它工作正常，但在我的实际应用程序中它不工作，因为它显示 null 作为秘密值。

The actual application is different as it connects to the database.实际的应用程序是不同的，因为它连接到数据库。 I don't have a controller in my actual application.我实际应用中没有controller。 I am new to this key vault concept.我是这个密钥保管库概念的新手。 My main aim is to get the DB credentials running from the key vault only but I am not able to fetch a sample value only in my actual project.我的主要目标是仅从密钥保管库中获取运行的数据库凭据，但我无法仅在我的实际项目中获取样本值。 Guide me how I can achieve this/what am I doing wrong指导我如何实现这个/我做错了什么

Sample project application.property file have this code示例项目 application.property 文件具有此代码

server.port=8090
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id= xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=https:xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxxx

Controller Controller

@SpringBootApplication
@RestController
public class DatafeedKeyvaultApplication implements CommandLineRunner{
    
    @Value("${connectionString}")
    private String connectionString;
    public static void main(String[] args) {
        SpringApplication.run(DatafeedKeyvaultApplication.class, args);
    }
    
    @GetMapping("get")
    public String get() {
        return connectionString;
    }

    public void run(String... varl) throws Exception {
        System.out.println(String.format("\nConnection String stored in Azure Key Vault:\n%s\n",connectionString));
    }

}

here im able to fetch the value from the keyvault.在这里我能够从密钥库中获取值。

but in my actual project application it is not happening, it is returning me null values only.但在我的实际项目应用程序中它没有发生，它只返回 null 值。

#azure.keyvault.enabled=true
#spring.cloud.azure.keyvault.secret.property-sources[0].enabled=true

spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxx
server.port=8090

spring.jpa.properties.hibernate.default_schema=acn
spring.jpa.properties.hibernate.format_sql = false
spring.jpa.show-sql=false
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.jpa.hibernate.ddl-auto = update
spring.jackson.default-property-inclusion = NON_NULL
spring.main.web-application-type=NONE
spring.main.banner-mode = off
logging.level.root=error
    
################ MSPS DB Configuration ################
INTEGRATION_MSPS_DBSERVER_URL=xxxxxxx
MSPS_DB_INTEGRATED_SECURTY =false
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.datasource.url=jdbc:sqlserver://${INTEGRATION_MSPS_DBSERVER_URL};databaseName=ACN_MSPSJiraInteg;integratedSecurity=${MSPS_DB_INTEGRATED_SECURTY};
spring.datasource.username= xxxxx
spring.datasource.password=xxxxx

I have checked the java version, dependencies, the credentials in property file everything is correct but still im not able to fetch the keyvault value in my actual project.我已经检查了 java 版本、依赖项、属性文件中的凭据，一切都是正确的，但我仍然无法在我的实际项目中获取 keyvault 值。

@SpringBootApplication
public class JiraMspsUtilityApplication implements CommandLineRunner {
    
    @Value("${datafeed-sample-value}")
     private static String keyvault_value;

    private static final Logger loggerForWorkitemMetrics = LoggerFactory.getLogger("metricsUpdatAppender");
    private static final Logger LoggerForSharedPlanUpdate = LoggerFactory.getLogger("sharedPlanUpdateAppender");

    @Autowired
    ConfigProperties configProp;

    @Autowired
    JIRAMSPSService jiraMspsService;

    private static final Logger logger = LoggerFactory.getLogger("JiraMspsUtilityApplication");

    static {
        
        System.out.println("key vault value "+ keyvault_value);
        logger.info("key vault value "+ keyvault_value);
        
        boolean isExistEC = false;
        Provider[] providers = Security.getProviders();
        for (Provider provider : providers) {
            logger.info("CRYPTO provider: " + provider.getName().toString());
            Set<Provider.Service> services = provider.getServices();
            for (Provider.Service service : services) {
                logger.info("CRYPTO algorithm: " + service.getAlgorithm());
                if (service.getAlgorithm().equals("EC")) {
                    isExistEC = true;
                }
            }
        }
        if (isExistEC) {
            logger.info("BC security provider not added for EC algorithm as JRE already able to find it");
        } else {
            Security.addProvider(new BouncyCastleProvider());
            logger.info("BC security provider added for EC algorithm");
        }
    }
    
    public static void main(String[] args) {
        SpringApplication app = new SpringApplication(JiraMspsUtilityApplication.class);

        app.run(args);
        
        System.out.println(String.format("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
        logger.info("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);
        
    }

    @Override
    public void run(String... args) throws IOException {

     System.out.println(String.format("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
         
         logger.info("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);

        if (args.length == 0) {
            loggerForWorkitemMetrics.info("There were no commandline arguments passed");
            LoggerForSharedPlanUpdate.info("There were no commandline arguments passed");
            System.exit(1);
        } else if (args.length > 1) {
            loggerForWorkitemMetrics.info("More than one argument passed");
            LoggerForSharedPlanUpdate.info("More than one argument passed");
            System.exit(1);
        } else {

            if (Integer.parseInt(args[0]) == 0) {
                boolean flag = jiraMspsService.updateWorkRequestMetricsInJira();
                if (flag) {
                    System.exit(0);
                } else {
                    loggerForWorkitemMetrics.info("WORK REQUEST METRICS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
                }
            } else if (Integer.parseInt(args[0]) == 1) {
                boolean flag = jiraMspsService.updateSharedWorkplanEntries();
                if (flag) {
                    System.exit(0);
                } else {
                    LoggerForSharedPlanUpdate.info("SHARED PLANS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
                }

            } else {
                loggerForWorkitemMetrics.info(
                        "Invalid argument(s) passed.");
                LoggerForSharedPlanUpdate.info(
                        "Invalid argument(s) passed.");
                System.exit(1);

            }
        }
    }
}

Answer 1

try adding the endpoint of the resource:尝试添加资源端点：

spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=

I hope it is useful我希望它有用

在 Springboot 应用程序中从 Azure Key Vault 获取机密时面临问题

问题描述

1 个解决方案

解决方案1
-1 2022-11-24 03:22:46

在 Springboot 应用程序中从 Azure Key Vault 获取机密时面临问题

问题描述

1 个解决方案

解决方案1 -1 2022-11-24 03:22:46

解决方案1
-1 2022-11-24 03:22:46