spring Vault位置[机密/我的应用程序]不可解析:未找到
我想连接到vault服务器并在spring应用程序中读取我的机密 vault配置:spring Vault位置[机密/我的应用程序]不可解析:未找到,spring,spring-vault,Spring,Spring Vault,我想连接到vault服务器并在spring应用程序中读取我的机密 vault配置: spring: application: name: inquiry profiles: active: dev cloud: vault: kv: enabled: true backend: secret profile-separator: '/' application-name: inquir
spring:
application:
name: inquiry
profiles:
active: dev
cloud:
vault:
kv:
enabled: true
backend: secret
profile-separator: '/'
application-name: inquiry
host: development
port: 8200
scheme: https
authentication: token
token: my-token
ssl:
trust-store: development-truststore.jks
trust-store-password: pass
在保险库中,我有查询策略向其添加附件查询令牌
vault policy read inquiry
path "secret/*" {
capabilities = ["read", "list"]
}
path "secret/data/inquiry/*" {
capabilities = ["read", "create", "update"]
}
curl --header "X-Vault-Token:my-token" -k https://localhost:8200/v1/secret/data/inquiry/dev
返回我的数据
{"request_id":"35548b9e-3422-201b-6243-a600d7f61fc3","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":{"DBPassword":"pass","DBUser":"user"},"metadata":{"created_time":"2020-07-08T09:02:42.237713857Z","deletion_time":"","destroyed":false,"version":1}},"wrap_info":null,"warnings":null,"auth":null}
但在春天,我犯了一个错误:
2020-07-08 13:55:50.131 INFO 83792 --- [ main] o.s.v.a.LifecycleAwareSessionManager : Scheduling Token renewal
2020-07-08 13:55:50.159 INFO 83792 --- [ main] o.s.v.c.e.LeaseAwareVaultPropertySource : Vault location [secret/inquiry] not resolvable: Not found
2020-07-08 13:55:50.167 INFO 83792 --- [ main] o.s.v.c.e.LeaseAwareVaultPropertySource : Vault location [secret/application/dev] not resolvable: Not found
2020-07-08 13:55:50.174 INFO 83792 --- [ main] o.s.v.c.e.LeaseAwareVaultPropertySource : Vault location [secret/application] not resolvable: Not found
2020-07-08 13:55:50.175 INFO 83792 --- [ main] b.c.PropertySourceBootstrapConfiguration : Located property source: [BootstrapPropertySource {name='bootstrapProperties-secret/inquiry/dev'}, BootstrapPropertySource {name='bootstrapProperties-secret/inquiry'}, BootstrapPropertySource {name='bootstrapProperties-secret/application/dev'}, BootstrapPropertySource {name='bootstrapProperties-secret/application'}]
2020-07-08 13:55:50.181 INFO 83792 --- [ main] i.c.i.sepam.inquiry.InquiryApplication : The following profiles are active: dev
我使用jdk14。
我如何解决它,谢谢你这个问题在你的保险库政策中
path "secret/data/inquiry/*" {
capabilities = ["read", "create", "update"]
}
删除尾随的/
,只需执行secret/data/inquiry*
Spring希望在查询时访问k/v存储,而不是在子目录中
Spring请求访问位于secret/app name
、secret/application
和secret/app name/Spring活动配置文件的k/v商店。对于每个路径,它都需要一个包含所有机密的k/v存储
我假设这一问题不久前就被海报解决了,但当我遇到一个不熟悉spring设置我的应用程序权限的人时,我遇到了完全相同的问题。这方面有什么更新吗?我们面临着同样的问题。我们是否对此有任何更新,我们也面临着类似的问题?您能否将您的spring vault配置与“kv”值共享?我们面临着类似的问题,我们的代码使用的是“非版本控制(版本1)”部分,然后当我们迁移到“版本控制(KV或版本2)”部分时,它停止工作,并出现上述日志中描述的相同问题。