Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Overriding configuration in profile specific files does not seem to work #697

Open
rohithkk opened this issue Aug 7, 2023 · 3 comments
Open

Comments

@rohithkk
Copy link

rohithkk commented Aug 7, 2023

I'm trying to integrate my Spring Boot app with Vault for loading secrets. The app runs on PCF environment so the main configuration file (application.properties) is configured appropriately. For local development, the vault authentication is done via a regular token. So I have created application-local.properties file with appropriate configuration for local development. Then I set the "Active Profiles" value to "local" under the run/debug configuration.

Problem is that when I try to start the app in IDEA, I get the following error. So it's clear that the vault related properties mentioned in application-local.properties are not being picked up during startup.


23:32:40.289 [main] ERROR org.springframework.boot.SpringApplication - Application run failed
java.lang.IllegalArgumentException: Illegal character in path at index 1: ${VAULT_ADDR}
    at java.base/java.net.URI.create(URI.java:906)
    at org.springframework.cloud.vault.config.VaultConfiguration.createVaultEndpoint(VaultConfiguration.java:121)
    at org.springframework.cloud.vault.config.VaultConfigDataLoader$ImperativeInfrastructure.<init>(VaultConfigDataLoader.java:445)
    at org.springframework.cloud.vault.config.VaultConfigDataLoader.registerImperativeInfrastructure(VaultConfigDataLoader.java:177)

Here is the complete pom and main application.properties and application-local.properties files.

I have generated the deployment artifact using command mvn clean install and then tried to run the app using java -jar demo-0.0.0.1-snapshot.jar -Dspring.profiles.active=local.

Since I'm passing the profile, I was expecting that configuration from the application-local.properties file will be picked up but from the stacktrace it seems like the main configuration file is being read.

pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>2.7.14</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>
	<groupId>com.example</groupId>
	<artifactId>demo</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>demo</name>
	<description>Demo project for Spring Boot</description>
	<properties>
		<java.version>17</java.version>
		<spring-cloud.version>2021.0.8</spring-cloud.version>
	</properties>
	<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-webflux</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-starter-vault-config</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
		<dependency>
			<groupId>io.projectreactor</groupId>
			<artifactId>reactor-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>
	<dependencyManagement>
		<dependencies>
			<dependency>
				<groupId>org.springframework.cloud</groupId>
				<artifactId>spring-cloud-dependencies</artifactId>
				<version>${spring-cloud.version}</version>
				<type>pom</type>
				<scope>import</scope>
			</dependency>
		</dependencies>
	</dependencyManagement>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>

</project>
application-local.properties
spring.application.name=sbvaultapp
spring.main.allow-bean-definition-overriding=true
spring.main.web-application-type= reactive
spring.main.lazy-initialization= false
spring.profiles.group.dev=cloud
spring.profiles.group.qa=cloud
spring.profiles.group.uat=cloud
spring.profiles.group.prod=cloud
spring.config.import=optional:vault://
spring.cloud.vault.enabled=true
spring.cloud.vault.reactive.enabled=true
spring.cloud.vault.authentication= PCF
spring.cloud.vault.uri= ${VAULT_ADDR}
spring.cloud.vault.namespace= ${VAULT_NAMESPACE}
spring.cloud.vault.pcf.role= ${VAULT_CF_ROLE}
spring.cloud.vault.pcf.pcf-path= ${VAULT_CF_PATH}
spring.cloud.vault.kv.enabled= true
spring.cloud.vault.kv.backend= kv
spring.cloud.vault.kv.default-context=${spring.application.name}
application-local.properties
spring.application.name=sbvaultapp
spring.main.allow-bean-definition-overriding=true
spring.main.web-application-type= reactive
spring.main.lazy-initialization= false
spring.profiles.group.dev=cloud
spring.profiles.group.qa=cloud
spring.profiles.group.uat=cloud
spring.profiles.group.prod=cloud
spring.config.import=optional:vault://
spring.cloud.vault.enabled=true
spring.cloud.vault.reactive.enabled=true
spring.cloud.vault.authentication= token
spring.cloud.vault.token='Xxxxxxxxx'
spring.cloud.vault.uri= 'https://vault.myvault.org:8200'
spring.cloud.vault.namespace= 'apps'
spring.cloud.vault.scheme=https
spring.cloud.vault.kv.enabled= true
spring.cloud.vault.kv.backend= kv
spring.cloud.vault.kv.default-context=${spring.application.name}
spring.cloud.vault.kv.profiles=dev
@mp911de
Copy link
Member

mp911de commented Aug 8, 2023

Profile selection is subject to Spring Boot. Spring Cloud Vault uses Boot's ConfigData API and the failures in bootstrapping the Vault Client are a consequence of the provided configuration.

You're mentioning application-local.properties twice. With a application.properties and a application-local.properties along with -Dspring.profiles.active=local, I can successfully select the desired profile.

If you would like us to spend some more time helping you to diagnose the problem, please provide a minimal yet complete sample that reproduces the problem.
You can share it with us by pushing it to a separate repository on GitHub or by zipping it up and attaching it to this issue.

@rmvc-mirza
Copy link

Hi there, I've noticed that I'm having the same issue, ie. i run my app with the flag -Dspring.profiles.active=staging but the app still reads the config from the default application.properties. I'm attaching a demo project on which the issue is present
demo.zip

@thuhlig
Copy link

thuhlig commented Jun 29, 2024

I had the same issue. Setting the spring.config.activate.on-profile property solved the problem.

So try to add spring.config.activate.on-profile=default to your application.properties and spring.config.activate.on-profile=local to your application-local.properties.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants