spring-cloud-config icon indicating copy to clipboard operation
spring-cloud-config copied to clipboard

Published 20 hours ago verified publisher icon spring-cloud

Git Backend makes first request to repo without credentials

Open epignosisx opened this issue 3 years ago • 10 comments

Describe the bug We are running Spring Cloud Config with the Git backend and we've identified that when we call /actuator/health it's first making a call to the git repo and receiving a 401 (Unauthorized), and right away a call that succeeds. It appears as if the first request is not sending the credentials, but the second is.

This doesn't seem right, am I missing something? I'm using a version a bit old (2.1.2.RELEASE), I looked through the issues but couldn't find any issue related to this.

Here is a screenshot of the outgoing calls that /actuator/health makes depicting the issue:

image

Notice how this is not an isolated incident, but rather, each failed attempt is followed by a successful one:

image

epignosisx avatar Oct 08 '20 19:10 epignosisx

I'd say it's all up to your configuration. Can you share?

spencergibb avatar Oct 08 '20 20:10 spencergibb

Thanks for the quick reply. We are running it inside a container, here are the environment variables we are setting:

SPRING_CLOUD_CONFIG_SERVER_GIT_USERNAME=some-username SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD=some-password SPRING_CLOUD_CONFIG_SERVER_GIT_URI=https://[email protected]/some-org/some-project/_git/app-config SPRING_CLOUD_CONFIG_SERVER_GIT_FORCE-PULL=true SPRING_CLOUD_CONFIG_SERVER_GIT_BASEDIR=/opt/app-config ENCRYPT_KEY=some-key MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE=health

epignosisx avatar Oct 08 '20 20:10 epignosisx

what version?

Seems odd that you have the username in the uri and env vars

spencergibb avatar Oct 08 '20 20:10 spencergibb

what version?

2.1.2.RELEASE

Seems odd that you have the username in the uri and env vars

Indeed. I haven't noticed that. Let me check if there is a reason for it and remove it to see if it makes a difference.

epignosisx avatar Oct 08 '20 21:10 epignosisx

That's an old version and I would suggest updating to Hoxton.SR8

spencergibb avatar Oct 08 '20 22:10 spencergibb

Updated the git url to exclude the username, it did not make a difference. I'm in the process of updating the app to the latest version. I'll share the results.

epignosisx avatar Oct 09 '20 14:10 epignosisx

We upgraded to the latest versions, but no luck: spring-boot-starter-parent from 2.1.5 to 2.3.4 spring-cloud-config-server from 2.1.2 to 2.2.5

Here is the whole pom file.

It does not seem to be a problem with just the /actuator/health endpoint, it also happens when requesting the configuration like /some-app/some-profile/some-label

image

epignosisx avatar Oct 09 '20 15:10 epignosisx

@OlgaMaciaszek and @spencergibb any progress on this issue- I still see it happening 2020.0.4. any progress on that?

avnerstr avatar Jan 21 '22 19:01 avnerstr

@spencergibb any update on that?

avnerstr avatar Apr 11 '22 21:04 avnerstr