[英]Facing issue with getting secrets from Azure Key Vault in a Springboot Application
我在 springboot 项目中从 azure key vault 获取机密时遇到了一些问题。 我创建了一个示例 springboot 项目,为此它工作正常,但在我的实际应用程序中它不工作,因为它显示 null 作为秘密值。
实际的应用程序是不同的,因为它连接到数据库。 我实际应用中没有controller。 我是这个密钥保管库概念的新手。 我的主要目标是仅从密钥保管库中获取运行的数据库凭据,但我无法仅在我的实际项目中获取样本值。 指导我如何实现这个/我做错了什么
示例项目 application.property 文件具有此代码
server.port=8090
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id= xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=https:xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxxx
Controller
@SpringBootApplication
@RestController
public class DatafeedKeyvaultApplication implements CommandLineRunner{
@Value("${connectionString}")
private String connectionString;
public static void main(String[] args) {
SpringApplication.run(DatafeedKeyvaultApplication.class, args);
}
@GetMapping("get")
public String get() {
return connectionString;
}
public void run(String... varl) throws Exception {
System.out.println(String.format("\nConnection String stored in Azure Key Vault:\n%s\n",connectionString));
}
}
在这里我能够从密钥库中获取值。
但在我的实际项目应用程序中它没有发生,它只返回 null 值。
#azure.keyvault.enabled=true
#spring.cloud.azure.keyvault.secret.property-sources[0].enabled=true
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxx
server.port=8090
spring.jpa.properties.hibernate.default_schema=acn
spring.jpa.properties.hibernate.format_sql = false
spring.jpa.show-sql=false
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.jpa.hibernate.ddl-auto = update
spring.jackson.default-property-inclusion = NON_NULL
spring.main.web-application-type=NONE
spring.main.banner-mode = off
logging.level.root=error
################ MSPS DB Configuration ################
INTEGRATION_MSPS_DBSERVER_URL=xxxxxxx
MSPS_DB_INTEGRATED_SECURTY =false
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.datasource.url=jdbc:sqlserver://${INTEGRATION_MSPS_DBSERVER_URL};databaseName=ACN_MSPSJiraInteg;integratedSecurity=${MSPS_DB_INTEGRATED_SECURTY};
spring.datasource.username= xxxxx
spring.datasource.password=xxxxx
我已经检查了 java 版本、依赖项、属性文件中的凭据,一切都是正确的,但我仍然无法在我的实际项目中获取 keyvault 值。
@SpringBootApplication
public class JiraMspsUtilityApplication implements CommandLineRunner {
@Value("${datafeed-sample-value}")
private static String keyvault_value;
private static final Logger loggerForWorkitemMetrics = LoggerFactory.getLogger("metricsUpdatAppender");
private static final Logger LoggerForSharedPlanUpdate = LoggerFactory.getLogger("sharedPlanUpdateAppender");
@Autowired
ConfigProperties configProp;
@Autowired
JIRAMSPSService jiraMspsService;
private static final Logger logger = LoggerFactory.getLogger("JiraMspsUtilityApplication");
static {
System.out.println("key vault value "+ keyvault_value);
logger.info("key vault value "+ keyvault_value);
boolean isExistEC = false;
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
logger.info("CRYPTO provider: " + provider.getName().toString());
Set<Provider.Service> services = provider.getServices();
for (Provider.Service service : services) {
logger.info("CRYPTO algorithm: " + service.getAlgorithm());
if (service.getAlgorithm().equals("EC")) {
isExistEC = true;
}
}
}
if (isExistEC) {
logger.info("BC security provider not added for EC algorithm as JRE already able to find it");
} else {
Security.addProvider(new BouncyCastleProvider());
logger.info("BC security provider added for EC algorithm");
}
}
public static void main(String[] args) {
SpringApplication app = new SpringApplication(JiraMspsUtilityApplication.class);
app.run(args);
System.out.println(String.format("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
logger.info("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);
}
@Override
public void run(String... args) throws IOException {
System.out.println(String.format("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
logger.info("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);
if (args.length == 0) {
loggerForWorkitemMetrics.info("There were no commandline arguments passed");
LoggerForSharedPlanUpdate.info("There were no commandline arguments passed");
System.exit(1);
} else if (args.length > 1) {
loggerForWorkitemMetrics.info("More than one argument passed");
LoggerForSharedPlanUpdate.info("More than one argument passed");
System.exit(1);
} else {
if (Integer.parseInt(args[0]) == 0) {
boolean flag = jiraMspsService.updateWorkRequestMetricsInJira();
if (flag) {
System.exit(0);
} else {
loggerForWorkitemMetrics.info("WORK REQUEST METRICS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
}
} else if (Integer.parseInt(args[0]) == 1) {
boolean flag = jiraMspsService.updateSharedWorkplanEntries();
if (flag) {
System.exit(0);
} else {
LoggerForSharedPlanUpdate.info("SHARED PLANS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
}
} else {
loggerForWorkitemMetrics.info(
"Invalid argument(s) passed.");
LoggerForSharedPlanUpdate.info(
"Invalid argument(s) passed.");
System.exit(1);
}
}
}
}
尝试添加资源端点:
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=
我希望它有用
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.