我们正在将数据库秘密移至Hashicorp保险库。 Springboot能够连接到Vault并自动在Postgres中创建角色。
当我第一次运行该应用程序时,“ ddl.auto”设置允许Springboot在Postgres中自动创建表。问题是这些表在Postgre中具有临时用户作为表所有者。重新启动应用程序时,即使新用户有权访问该表,它也没有读取该表的权限。
如何为数据库机密和ddl自动设置配置带有Vault的spring boot?
spring.cloud.vault:
fail-fast: true
uri: http://localhost:8200
authentication: APPROLE
app-role:
role-id: a1f62274-145c-3d10-dc8a-790a83995adc
secret-id: d5032c0f-a8f3-be23-531a-a444994ff5f5
generic:
enabled: false
database:
enabled: true
role: test-app-role
backend: database
username-property: spring.datasource.username
password-property: spring.datasource.password
spring:
jpa:
hibernate.ddl-auto: "update"
例外
"Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'appListInitializer': Invocation of init method failed; nested exception is org.springframework.dao.InvalidDataAccessResourceUsageException: could not extract ResultSet; SQL [n/a]; nested exception is org.hibernate.exception.SQLGrammarException: could not extract ResultSet","logger_name":"org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext","thread_name":"restartedMain","level":"WARN","level_value":30000}