Comments (9)
Sorry for not replying earlier. I'm going to work on PR. Just need more time.
from spring-cloud-config.
So you are basically asking if no label is provided in the request and no default label is set via a property you don't want to supply a version in GetSecretValueRequest
? What happens is label
is null
?
from spring-cloud-config.
What I'm asking for is when label is provided as part of request such as
GET /foo/test/foo-1.0.0 HTP/1.1
do not forward that label to AWS Secrets Manager
.versionStage(label)
Whether it is going to be configurable or by extending the repository class.
from spring-cloud-config.
I am not sure why you would supply a label and not want to use it...
But you should be able to provide and use your own AwsSecretsManagerEnvironmentRepository
from spring-cloud-config.
The way AwsSecretsManagerEnvironmentRepository
is created at the moment is by calling AwsSecretsManagerEnvironmentRepositoryFactory.build()
method which has hardcoded
return new AwsSecretsManagerEnvironmentRepository(...)
This method depends on AwsClientBuilderConfigurer.configureClientBuilder(...)
static method as well which is not visible outside of org.springframework.cloud.config.server.environment
package.
So in order to do what you're suggesting (if I want to leverage existing process) I need to
- Make a copy of
AwsClientBuilderConfigurer
. - Make a copy of
AwsSecretsManagerEnvironmentRepositoryFactory
. Use copy ofAwsClientBuilderConfigurer
. Changenew AwsSecretsManagerEnvironmentRepository
tonew FooAwsSecretsManagerEnvironmentRepository
. - Make a copy of
AwsSecretsManagerEnvironmentRepository
and delete.versionStage(label)
.
This is not ideal and I'm looking for better option.
The reason why I supply label is that I want to use it when reading properties from Git repository but want to ignore it when reading secrets from Secrets Manager as
- I'm only interested in valid / up-to-date secrets such as database passwords etc. When rolling back my application from version 2.0 to previous version 1.0 it makes no sense to use password labeled as 1.0 which is not valid anymore (because it has changed since then due to rotation etc).
- Limitation of AWS Secrets Manager. Having 100 applications each one deployed with a different version I'm able to create as many Git tags as required. However when labeling global secrets such as /secret/application/ I'm limited to 20 labels.
from spring-cloud-config.
AwsSecretsManagerEnvironmentRepositoryFactory
should only be used if there isn't already a bean of type AwsSecretsManagerEnvironmentRespository
https://github.com/spring-cloud/spring-cloud-config/blob/4.0.x/spring-cloud-config-server/src/main/java/org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration.java#L444
If you create your own bean of type AwsSecretsManagerEnvironmentRespository
you should be able to customize it how you please.
If you want to make things easier, any PRs would be welcome to enhance the code.
from spring-cloud-config.
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
from spring-cloud-config.
Let me know what do you this of this idea #2357.
from spring-cloud-config.
Closing due to #2358.
from spring-cloud-config.
Related Issues (20)
- Config Server Backend Source HA requirement HOT 6
- Applying common configuration to app level configuration or any feasibility HOT 1
- Ability to customize the default ObservationEnvironmentRepositoryObservationConvention HOT 4
- After upgrading spring-cloud-config-client from 4.0.2 to 4.1.0 and Spring Boot from 3.1.5 to 3.2.0 properties from application.yml are missing
- AWS Parameter Store Environment Repository returns profiles in the wrong order
- spring.main.allow-circular-references=true does not work HOT 1
- Spring Profile Active is not setting
- Incorrect prioritizing of profile specific property sources HOT 20
- Process AOT - Error with "composite" profile in Spring Cloud Config Server generating Native Image HOT 3
- Moving spring cloud config server with s3 backend from bootstrap.yml to application.yml
- Using scheduler and refresh scope HOT 3
- Question: resolving maps by properties/yml endpoint HOT 5
- Enable force refresh by forceRefresh query parameter regardless of refreshRate HOT 1
- Spring Cloud Config client not able to connect to the Spring Cloud Config server HOT 5
- Upgrade the bcprov-jdk18on dependency to 1.78 HOT 1
- Pass JWT token to spring cloud config server HOT 2
- [Refactoring] Introduce RequestContext to easily pass new parameters to downstream methods
- Spring Boot Cloud Config Unable to Decrypt Password even symetric key is being provided via Yml Config
- Allow Users To Customize HttpClient HOT 1
- [Issue] Spring Cloud Starter Config(spring cloud config client) prevents loading of vault secrets HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-cloud-config.