在我的Vault和Consul集成中,我有以下秘密引擎问题
[root@user ConsulSetup]# vault secrets list -detailed
Path Plugin Accessor Default TTL Max TTL Force No Cache Replication Seal Wrap Options Description
---- ------ -------- ----------- ------- -------------- ----------- --------- ------- -----------
cubbyhole/ cubbyhole cubbyhole_f6352b88 n/a n/a false local false map[] per-token private secret storage
identity/ identity identity_9ba1824c system system false replicated false map[] identity store
kv/ kv kv_864b2492 system system false replicated false map[version:2] n/a
sys/ system system_0064db30 n/a n/a false replicated false map[] system endpoints used for control, policy and debugging
此后,我从此命令中添加了键/值
vault kv put kv/demo/dev spring.datasource.username=demo-user-dev spring.datasource.password=demo-pass-dev
现在我想通过SpringBoot应用程序读取这些值,所以这是我的bootstrap.yml文件
spring:
cloud:
# Configuration for a vault server running in dev mode
vault:
scheme: http
host: <HOSTIP>
port: 8200
connection-timeout: 5000
read-timeout: 15000
authentication: TOKEN
token: <TOKEN>
kv.enabled: true
generic:
enabled: true
backend: kv
profile-separator: '/'
logging:
level:
ROOT: WARN
现在我正在尝试运行代码
package com.example.demo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import javax.annotation.PostConstruct;
import javax.sql.DataSource;
import java.sql.SQLException;
import static org.springframework.util.Assert.isTrue;
@SpringBootApplication
public class DemoApplication {
@Value("${spring.profiles.active:#{null}}")
private String profiles;
@Value("${spring.datasource.username}")
private String username;
@Value("${spring.datasource.password}")
private String password;
@Value("${other.username}")
private String other;
@Autowired
private DataSource dataSource;
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
@PostConstruct
private void postConstruct() throws SQLException {
System.out.println("##########################");
System.out.println("profile(s): " + profiles);
System.out.println("username: " + username);
System.out.println("password: " + password);
System.out.println("other: " + other);
dataSource.getConnection();
System.out.println("Successfully connected to database");
System.out.println("##########################");
isTrue (!username.equals("to-be-overwritten-by-vault-value"), "Username " + username);
isTrue (!password.equals("to-be-overwritten-by-vault-value"), "Password " + password);
}
}
以以下错误结尾
####################配置文件:空用户名:要由Vault值覆盖的密码:由保险库值其他覆盖: 成功被保管库值覆盖
#################### 2019-05-30 15:31:39.147 WARN 18680 --- [main] s.c.a.AnnotationConfigApplicationContext:遇到异常在上下文初始化期间-取消刷新尝试: org.springframework.beans.factory.BeanCreationException:错误 创建名称为“ demoApplication”的bean:初始化方法的调用 失败嵌套的异常是java.lang.IllegalArgumentException: Vault值将覆盖的用户名2019-05-30 15:31:39.178 错误18680 --- [main] o.s.boot.SpringApplication
:应用程序启动失败org.springframework.beans.factory.BeanCreationException:错误 创建名称为“ demoApplication”的bean:初始化方法的调用 失败嵌套的异常是java.lang.IllegalArgumentException: 用户名将被Vault中的值覆盖 org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:137) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:409) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1620) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractBeanFactory $ 1.getObject(AbstractBeanFactory.java:306) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867) 〜[spring-context-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543) 〜[spring-context-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693) [spring-boot-1.5.4.RELEASE.jar:1.5.4.RELEASE]位于 org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360) [spring-boot-1.5.4.RELEASE.jar:1.5.4.RELEASE]位于 org.springframework.boot.SpringApplication.run(SpringApplication.java:303) [spring-boot-1.5.4.RELEASE.jar:1.5.4.RELEASE]位于 org.springframework.boot.SpringApplication.run(SpringApplication.java:1118) [spring-boot-1.5.4.RELEASE.jar:1.5.4.RELEASE]位于 org.springframework.boot.SpringApplication.run(SpringApplication.java:1107) [spring-boot-1.5.4.RELEASE.jar:1.5.4.RELEASE]位于 com.example.demo.DemoApplication.main(DemoApplication.java:33) [classes /:na]原因:java.lang.IllegalArgumentException:用户名 将被Vault中的值覆盖 org.springframework.util.Assert.isTrue(Assert.java:92) 〜[spring-core-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 com.example.demo.DemoApplication.postConstruct(DemoApplication.java:48) [classes /:na]位于sun.reflect.NativeMethodAccessorImpl.invoke0(Native 方法)〜[na:1.8.0_171]在 sun.reflect.NativeMethodAccessorImpl.invoke(未知来源) 〜[na:1.8.0_171]在 sun.reflect.DelegatingMethodAccessorImpl.invoke(未知来源) 〜[na:1.8.0_171],位于java.lang.reflect.Method.invoke(未知源) 〜[na:1.8.0_171]在 org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor $ LifecycleElement.invoke(InitDestroyAnnotationBeanPostProcessor.java:366) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor $ LifecycleMetadata.invokeInitMethods(InitDestroyAnnotationBeanPostProcessor.java:311) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE]在 org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:134) 〜[spring-beans-4.3.9.RELEASE.jar:4.3.9.RELEASE] ... 17个常见框架 省略
当我将Vault与文件系统集成时,时间路径就像secret\key一样,在此新更改下它可以正常工作了。
答案 0 :(得分:0)
该异常实际上似乎与Vault无关。它说
java.lang.IllegalArgumentException: Username to-be-overwritten-by-vault-value
在属性文件中定义的默认值中是否有空格?