Facing issue with getting secrets from Azure Key Vault in a Springboot Application

Question

i am facing some issue while fetching secrets from azure key vault in a springboot project. I have created a sample springboot project and for that it is working fine but in my actual application it is not working as it is showing null for the secret values.

The actual application is different as it connects to the database. I don't have a controller in my actual application. I am new to this key vault concept. My main aim is to get the DB credentials running from the key vault only but I am not able to fetch a sample value only in my actual project. Guide me how I can achieve this/what am I doing wrong

Sample project application.property file have this code

server.port=8090
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id= xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=https:xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxxx

Controller

@SpringBootApplication
@RestController
public class DatafeedKeyvaultApplication implements CommandLineRunner{
    
    @Value("${connectionString}")
    private String connectionString;
    public static void main(String[] args) {
        SpringApplication.run(DatafeedKeyvaultApplication.class, args);
    }
    
    @GetMapping("get")
    public String get() {
        return connectionString;
    }

    public void run(String... varl) throws Exception {
        System.out.println(String.format("\nConnection String stored in Azure Key Vault:\n%s\n",connectionString));
    }

}

here im able to fetch the value from the keyvault.

but in my actual project application it is not happening, it is returning me null values only.

#azure.keyvault.enabled=true
#spring.cloud.azure.keyvault.secret.property-sources[0].enabled=true

spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxx
server.port=8090

spring.jpa.properties.hibernate.default_schema=acn
spring.jpa.properties.hibernate.format_sql = false
spring.jpa.show-sql=false
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.jpa.hibernate.ddl-auto = update
spring.jackson.default-property-inclusion = NON_NULL
spring.main.web-application-type=NONE
spring.main.banner-mode = off
logging.level.root=error
    
################ MSPS DB Configuration ################
INTEGRATION_MSPS_DBSERVER_URL=xxxxxxx
MSPS_DB_INTEGRATED_SECURTY =false
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.datasource.url=jdbc:sqlserver://${INTEGRATION_MSPS_DBSERVER_URL};databaseName=ACN_MSPSJiraInteg;integratedSecurity=${MSPS_DB_INTEGRATED_SECURTY};
spring.datasource.username= xxxxx
spring.datasource.password=xxxxx

I have checked the java version, dependencies, the credentials in property file everything is correct but still im not able to fetch the keyvault value in my actual project.

@SpringBootApplication
public class JiraMspsUtilityApplication implements CommandLineRunner {
    
    @Value("${datafeed-sample-value}")
     private static String keyvault_value;

    private static final Logger loggerForWorkitemMetrics = LoggerFactory.getLogger("metricsUpdatAppender");
    private static final Logger LoggerForSharedPlanUpdate = LoggerFactory.getLogger("sharedPlanUpdateAppender");

    @Autowired
    ConfigProperties configProp;

    @Autowired
    JIRAMSPSService jiraMspsService;

    private static final Logger logger = LoggerFactory.getLogger("JiraMspsUtilityApplication");

    static {
        
        System.out.println("key vault value "+ keyvault_value);
        logger.info("key vault value "+ keyvault_value);
        
        boolean isExistEC = false;
        Provider[] providers = Security.getProviders();
        for (Provider provider : providers) {
            logger.info("CRYPTO provider: " + provider.getName().toString());
            Set<Provider.Service> services = provider.getServices();
            for (Provider.Service service : services) {
                logger.info("CRYPTO algorithm: " + service.getAlgorithm());
                if (service.getAlgorithm().equals("EC")) {
                    isExistEC = true;
                }
            }
        }
        if (isExistEC) {
            logger.info("BC security provider not added for EC algorithm as JRE already able to find it");
        } else {
            Security.addProvider(new BouncyCastleProvider());
            logger.info("BC security provider added for EC algorithm");
        }
    }
    
    public static void main(String[] args) {
        SpringApplication app = new SpringApplication(JiraMspsUtilityApplication.class);

        app.run(args);
        
        System.out.println(String.format("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
        logger.info("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);
        
    }

    @Override
    public void run(String... args) throws IOException {

     System.out.println(String.format("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
         
         logger.info("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);

        if (args.length == 0) {
            loggerForWorkitemMetrics.info("There were no commandline arguments passed");
            LoggerForSharedPlanUpdate.info("There were no commandline arguments passed");
            System.exit(1);
        } else if (args.length > 1) {
            loggerForWorkitemMetrics.info("More than one argument passed");
            LoggerForSharedPlanUpdate.info("More than one argument passed");
            System.exit(1);
        } else {

            if (Integer.parseInt(args[0]) == 0) {
                boolean flag = jiraMspsService.updateWorkRequestMetricsInJira();
                if (flag) {
                    System.exit(0);
                } else {
                    loggerForWorkitemMetrics.info("WORK REQUEST METRICS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
                }
            } else if (Integer.parseInt(args[0]) == 1) {
                boolean flag = jiraMspsService.updateSharedWorkplanEntries();
                if (flag) {
                    System.exit(0);
                } else {
                    LoggerForSharedPlanUpdate.info("SHARED PLANS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
                }

            } else {
                loggerForWorkitemMetrics.info(
                        "Invalid argument(s) passed.");
                LoggerForSharedPlanUpdate.info(
                        "Invalid argument(s) passed.");
                System.exit(1);

            }
        }
    }
}

    
    
    
    
    
  

Answer 1

try adding the endpoint of the resource:

spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=

I hope it is useful