[英]Facing issue with getting secrets from Azure Key Vault in a Springboot Application
我在 springboot 項目中從 azure key vault 獲取機密時遇到了一些問題。 我創建了一個示例 springboot 項目,為此它工作正常,但在我的實際應用程序中它不工作,因為它顯示 null 作為秘密值。
實際的應用程序是不同的,因為它連接到數據庫。 我實際應用中沒有controller。 我是這個密鑰保管庫概念的新手。 我的主要目標是僅從密鑰保管庫中獲取運行的數據庫憑據,但我無法僅在我的實際項目中獲取樣本值。 指導我如何實現這個/我做錯了什么
示例項目 application.property 文件具有此代碼
server.port=8090
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id= xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=https:xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxxx
Controller
@SpringBootApplication
@RestController
public class DatafeedKeyvaultApplication implements CommandLineRunner{
@Value("${connectionString}")
private String connectionString;
public static void main(String[] args) {
SpringApplication.run(DatafeedKeyvaultApplication.class, args);
}
@GetMapping("get")
public String get() {
return connectionString;
}
public void run(String... varl) throws Exception {
System.out.println(String.format("\nConnection String stored in Azure Key Vault:\n%s\n",connectionString));
}
}
在這里我能夠從密鑰庫中獲取值。
但在我的實際項目應用程序中它沒有發生,它只返回 null 值。
#azure.keyvault.enabled=true
#spring.cloud.azure.keyvault.secret.property-sources[0].enabled=true
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-secret=xxxx
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=xxxxxx
spring.cloud.azure.keyvault.secret.property-sources[0].profile.tenant-id=xxxxx
server.port=8090
spring.jpa.properties.hibernate.default_schema=acn
spring.jpa.properties.hibernate.format_sql = false
spring.jpa.show-sql=false
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.jpa.hibernate.ddl-auto = update
spring.jackson.default-property-inclusion = NON_NULL
spring.main.web-application-type=NONE
spring.main.banner-mode = off
logging.level.root=error
################ MSPS DB Configuration ################
INTEGRATION_MSPS_DBSERVER_URL=xxxxxxx
MSPS_DB_INTEGRATED_SECURTY =false
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.datasource.url=jdbc:sqlserver://${INTEGRATION_MSPS_DBSERVER_URL};databaseName=ACN_MSPSJiraInteg;integratedSecurity=${MSPS_DB_INTEGRATED_SECURTY};
spring.datasource.username= xxxxx
spring.datasource.password=xxxxx
我已經檢查了 java 版本、依賴項、屬性文件中的憑據,一切都是正確的,但我仍然無法在我的實際項目中獲取 keyvault 值。
@SpringBootApplication
public class JiraMspsUtilityApplication implements CommandLineRunner {
@Value("${datafeed-sample-value}")
private static String keyvault_value;
private static final Logger loggerForWorkitemMetrics = LoggerFactory.getLogger("metricsUpdatAppender");
private static final Logger LoggerForSharedPlanUpdate = LoggerFactory.getLogger("sharedPlanUpdateAppender");
@Autowired
ConfigProperties configProp;
@Autowired
JIRAMSPSService jiraMspsService;
private static final Logger logger = LoggerFactory.getLogger("JiraMspsUtilityApplication");
static {
System.out.println("key vault value "+ keyvault_value);
logger.info("key vault value "+ keyvault_value);
boolean isExistEC = false;
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
logger.info("CRYPTO provider: " + provider.getName().toString());
Set<Provider.Service> services = provider.getServices();
for (Provider.Service service : services) {
logger.info("CRYPTO algorithm: " + service.getAlgorithm());
if (service.getAlgorithm().equals("EC")) {
isExistEC = true;
}
}
}
if (isExistEC) {
logger.info("BC security provider not added for EC algorithm as JRE already able to find it");
} else {
Security.addProvider(new BouncyCastleProvider());
logger.info("BC security provider added for EC algorithm");
}
}
public static void main(String[] args) {
SpringApplication app = new SpringApplication(JiraMspsUtilityApplication.class);
app.run(args);
System.out.println(String.format("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
logger.info("\n1. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);
}
@Override
public void run(String... args) throws IOException {
System.out.println(String.format("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value));
logger.info("\n2. Key Valut value stored in Azure Key Vault:\n%s\n",keyvault_value);
if (args.length == 0) {
loggerForWorkitemMetrics.info("There were no commandline arguments passed");
LoggerForSharedPlanUpdate.info("There were no commandline arguments passed");
System.exit(1);
} else if (args.length > 1) {
loggerForWorkitemMetrics.info("More than one argument passed");
LoggerForSharedPlanUpdate.info("More than one argument passed");
System.exit(1);
} else {
if (Integer.parseInt(args[0]) == 0) {
boolean flag = jiraMspsService.updateWorkRequestMetricsInJira();
if (flag) {
System.exit(0);
} else {
loggerForWorkitemMetrics.info("WORK REQUEST METRICS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
}
} else if (Integer.parseInt(args[0]) == 1) {
boolean flag = jiraMspsService.updateSharedWorkplanEntries();
if (flag) {
System.exit(0);
} else {
LoggerForSharedPlanUpdate.info("SHARED PLANS UPDATE PROCESS INCOMPLETE DUE TO ERROR");
}
} else {
loggerForWorkitemMetrics.info(
"Invalid argument(s) passed.");
LoggerForSharedPlanUpdate.info(
"Invalid argument(s) passed.");
System.exit(1);
}
}
}
}
嘗試添加資源端點:
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=
我希望它有用
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.