spring-cloud
Vault configuration in composite profile is not picked up.
Describe the bug
Any vault configuration in composite profile is ignored and instead default values are used.
Given following configuration for config-server:
spring:
profiles:
active: composite
cloud:
config:
server:
composite:
- type: vault
host: my-vault-server
port: 5555
When executing curl -H "X-Config-Token: token" localhost:8888/cook/default config-server should call vault at http://my-vault-server:5555 but instead it calls http://127.0.0.1:8200.
Sample log
2024-10-16T12:08:27.258+02:00 WARN 69385 --- [configserver] [nio-8888-exec-1] o.s.c.c.s.e.EnvironmentController : Error getting the Environment with name=cook profiles=default label=null includeOrigin=false
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://127.0.0.1:8200/v1/secret/cook": Connect to http://127.0.0.1:8200 [/127.0.0.1] failed: Connection refused
at org.springframework.web.client.RestTemplate.createResourceAccessException(RestTemplate.java:926) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:906) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:801) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:712) ~[spring-web-6.2.0-20241016.082823-965.jar:6.2.0-SNAPSHOT]
at org.springframework.vault.core.VaultKeyValueAccessor.lambda$doRead$1(VaultKeyValueAccessor.java:133) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.vault.core.VaultKeyValueAccessor.lambda$doRead$2(VaultKeyValueAccessor.java:166) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.vault.core.VaultTemplate.doWithSession(VaultTemplate.java:451) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:163) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:132) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:107) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.vault.core.VaultKeyValue1Template.get(VaultKeyValue1Template.java:69) ~[spring-vault-core-3.1.2.jar:3.1.2]
at org.springframework.cloud.config.server.environment.vault.SpringVaultEnvironmentRepository.read(SpringVaultEnvironmentRepository.java:55) ~[classes/:na]
at org.springframework.cloud.config.server.environment.AbstractVaultEnvironmentRepository.findOne(AbstractVaultEnvironmentRepository.java:107) ~[classes/:na]
NOTE: the behaviour is correct when using vault profile, instead of composite.
spring:
profiles:
active: vault
cloud:
config:
server:
vault:
host: my-vault-server
port: 5555
I could have swore there was an issue around this already...but I can't seem to find it.
I seem to remember looking into something similar a while back and discovering that Vault wasn't supported by composite environment repositories (or some properties in the configuration were not supported). I can't seem to find the issue though.
Probably need to debug here to start https://github.com/spring-cloud/spring-cloud-config/blob/4841d800951a52aba4add1e856bdf7a6e7421291/spring-cloud-config-server/src/main/java/org/springframework/cloud/config/server/composite/CompositeEnvironmentBeanFactoryPostProcessor.java#L51
Let me know if you have time to take a look. If not I will put it on my list
@ryanjbaxter I think this issue can be closed. The PR has been merged and the fix is shipped with the latest release of Spring Cloud.