Fixes the SpringVaultEnvironmentRepository issue with composite profile

Signed-off-by: kvmw <[email protected]>
spring-cloud · Oct 18, 2024 · 5c40de6 · 5c40de6
1 parent 3a041d3
commit 5c40de6
Show file tree

Hide file tree

Showing 4 changed files with 119 additions and 13 deletions.
diff --git a/...va/org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration.java b/...va/org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration.java
@@ -85,12 +85,15 @@
 import org.springframework.cloud.config.server.environment.VaultEnvironmentProperties;
 import org.springframework.cloud.config.server.environment.VaultEnvironmentRepository;
 import org.springframework.cloud.config.server.environment.VaultEnvironmentRepositoryFactory;
+import org.springframework.cloud.config.server.environment.vault.SpringVaultClientAuthenticationProvider;
 import org.springframework.cloud.config.server.environment.vault.SpringVaultClientConfiguration;
 import org.springframework.cloud.config.server.environment.vault.SpringVaultEnvironmentRepository;
 import org.springframework.cloud.config.server.environment.vault.SpringVaultEnvironmentRepositoryFactory;
+import org.springframework.cloud.config.server.environment.vault.SpringVaultTemplateBuilder;
 import org.springframework.cloud.config.server.support.GitCredentialsProviderFactory;
 import org.springframework.cloud.config.server.support.GoogleCloudSourceSupport;
 import org.springframework.cloud.config.server.support.TransportConfigCallbackFactory;
+import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
@@ -312,11 +315,16 @@ public VaultEnvironmentRepositoryFactory.VaultRestTemplateFactory vaultRestTempl
 	@Import(SpringVaultClientConfiguration.class)
 	static class SpringVaultFactoryConfig {
 
+		@Bean
+		public SpringVaultTemplateBuilder springVaultTemplateBuilder(ConfigTokenProvider configTokenProvider,
+				List<SpringVaultClientAuthenticationProvider> authProviders, ApplicationContext applicationContext) {
+			return new SpringVaultTemplateBuilder(configTokenProvider, authProviders, applicationContext);
+		}
+
 		@Bean
 		public SpringVaultEnvironmentRepositoryFactory vaultEnvironmentRepositoryFactory(
-				ObjectProvider<HttpServletRequest> request, EnvironmentWatch watch,
-				SpringVaultClientConfiguration vaultClientConfiguration) {
-			return new SpringVaultEnvironmentRepositoryFactory(request, watch, vaultClientConfiguration);
+				ObjectProvider<HttpServletRequest> request, EnvironmentWatch watch, SpringVaultTemplateBuilder springVaultTemplateBuilder) {
+			return new SpringVaultEnvironmentRepositoryFactory(request, watch, springVaultTemplateBuilder);
 		}
 
 	}

diff --git a/...mework/cloud/config/server/environment/vault/SpringVaultEnvironmentRepositoryFactory.java b/...mework/cloud/config/server/environment/vault/SpringVaultEnvironmentRepositoryFactory.java
@@ -37,18 +37,28 @@ public class SpringVaultEnvironmentRepositoryFactory
 
 	private final EnvironmentWatch watch;
 
-	private final SpringVaultClientConfiguration clientConfiguration;
+	private SpringVaultClientConfiguration clientConfiguration;
 
+	private SpringVaultTemplateBuilder vaultTemplateBuilder;
+
+	@Deprecated
 	public SpringVaultEnvironmentRepositoryFactory(ObjectProvider<HttpServletRequest> request, EnvironmentWatch watch,
 			SpringVaultClientConfiguration clientConfiguration) {
 		this.request = request;
 		this.watch = watch;
 		this.clientConfiguration = clientConfiguration;
 	}
 
+	public SpringVaultEnvironmentRepositoryFactory(ObjectProvider<HttpServletRequest> request, EnvironmentWatch watch, SpringVaultTemplateBuilder vaultTemplateBuilder) {
+		this.request = request;
+		this.watch = watch;
+		this.vaultTemplateBuilder = vaultTemplateBuilder;
+	}
+
 	@Override
 	public SpringVaultEnvironmentRepository build(VaultEnvironmentProperties vaultProperties) {
-		VaultTemplate vaultTemplate = clientConfiguration.vaultTemplate();
+		VaultTemplate vaultTemplate = this.vaultTemplateBuilder != null
+				? this.vaultTemplateBuilder.build(vaultProperties) : clientConfiguration.vaultTemplate();
 
 		VaultKeyValueOperations accessStrategy = buildVaultAccessStrategy(vaultProperties, vaultTemplate);
 

diff --git a/...org/springframework/cloud/config/server/environment/vault/SpringVaultTemplateBuilder.java b/...org/springframework/cloud/config/server/environment/vault/SpringVaultTemplateBuilder.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2018-2019 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.cloud.config.server.environment.vault;
+
+import java.util.List;
+
+import org.springframework.cloud.config.server.environment.ConfigTokenProvider;
+import org.springframework.cloud.config.server.environment.VaultEnvironmentProperties;
+import org.springframework.context.ApplicationContext;
+import org.springframework.vault.core.VaultTemplate;
+
+/**
+ * @author Kaveh Shamsi
+ */
+public class SpringVaultTemplateBuilder {
+
+	private final ConfigTokenProvider configTokenProvider;
+
+	private final List<SpringVaultClientAuthenticationProvider> authProviders;
+
+	private final ApplicationContext applicationContext;
+
+	public SpringVaultTemplateBuilder(ConfigTokenProvider configTokenProvider,
+			List<SpringVaultClientAuthenticationProvider> authProviders, ApplicationContext applicationContext) {
+
+		this.configTokenProvider = configTokenProvider;
+		this.authProviders = authProviders;
+		this.applicationContext = applicationContext;
+	}
+
+	public VaultTemplate build(VaultEnvironmentProperties vaultProperties) {
+		SpringVaultClientConfiguration clientConfiguration = new SpringVaultClientConfiguration(vaultProperties,
+				configTokenProvider, authProviders);
+		clientConfiguration.setApplicationContext(applicationContext);
+		return clientConfiguration.vaultTemplate();
+	}
+
+}
diff --git a/...k/cloud/config/server/environment/vault/SpringVaultEnvironmentRepositoryFactoryTests.java b/...k/cloud/config/server/environment/vault/SpringVaultEnvironmentRepositoryFactoryTests.java
@@ -30,46 +30,82 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoMoreInteractions;
 import static org.mockito.Mockito.when;
 
 /**
  * @author Scott Frederick
  */
 public class SpringVaultEnvironmentRepositoryFactoryTests {
 
+	private final SpringVaultClientConfiguration clientConfiguration = mock(SpringVaultClientConfiguration.class);
+
+	private final SpringVaultTemplateBuilder vaultTemplateBuilder = mock(SpringVaultTemplateBuilder.class);
+
+	private final VaultTemplate vaultTemplate = new VaultTemplate(VaultEndpoint.create("localhost", 8200),
+			new TokenAuthentication("token"));
+
 	@Test
 	public void buildForVersion1() {
 		VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
+		when(clientConfiguration.vaultTemplate()).thenReturn(vaultTemplate);
 
 		SpringVaultEnvironmentRepository environmentRepository = new SpringVaultEnvironmentRepositoryFactory(
-				mockHttpRequest(), new EnvironmentWatch.Default(), mockClientConfiguration())
+				mockHttpRequest(), new EnvironmentWatch.Default(), clientConfiguration)
 			.build(properties);
 
 		VaultKeyValueOperations keyValueTemplate = environmentRepository.getKeyValueTemplate();
 		assertThat(keyValueTemplate.getApiVersion()).isEqualTo(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1);
+		verify(clientConfiguration).vaultTemplate();
+		verifyNoMoreInteractions(clientConfiguration, vaultTemplateBuilder);
+	}
+
+	@Test
+	public void buildForVersion1WithVaultTemplateBuilder() {
+		VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
+		when(vaultTemplateBuilder.build(properties)).thenReturn(vaultTemplate);
+
+		SpringVaultEnvironmentRepository environmentRepository = new SpringVaultEnvironmentRepositoryFactory(
+				mockHttpRequest(), new EnvironmentWatch.Default(), vaultTemplateBuilder)
+			.build(properties);
+
+		VaultKeyValueOperations keyValueTemplate = environmentRepository.getKeyValueTemplate();
+		assertThat(keyValueTemplate.getApiVersion()).isEqualTo(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1);
+		verify(vaultTemplateBuilder).build(properties);
+		verifyNoMoreInteractions(clientConfiguration, vaultTemplateBuilder);
 	}
 
 	@Test
 	public void buildForVersion2() {
 		VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
 		properties.setKvVersion(2);
+		when(clientConfiguration.vaultTemplate()).thenReturn(vaultTemplate);
 
 		SpringVaultEnvironmentRepository environmentRepository = new SpringVaultEnvironmentRepositoryFactory(
-				mockHttpRequest(), new EnvironmentWatch.Default(), mockClientConfiguration())
+				mockHttpRequest(), new EnvironmentWatch.Default(), clientConfiguration)
 			.build(properties);
 
 		VaultKeyValueOperations keyValueTemplate = environmentRepository.getKeyValueTemplate();
 		assertThat(keyValueTemplate.getApiVersion()).isEqualTo(VaultKeyValueOperationsSupport.KeyValueBackend.KV_2);
+		verify(clientConfiguration).vaultTemplate();
+		verifyNoMoreInteractions(clientConfiguration, vaultTemplateBuilder);
 	}
 
-	private SpringVaultClientConfiguration mockClientConfiguration() {
-		VaultTemplate vaultTemplate = new VaultTemplate(VaultEndpoint.create("localhost", 8200),
-				new TokenAuthentication("token"));
+	@Test
+	public void buildForVersion2WithVaultTemplateBuilder() {
+		VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
+		properties.setKvVersion(2);
+		when(vaultTemplateBuilder.build(properties)).thenReturn(vaultTemplate);
 
-		SpringVaultClientConfiguration clientConfiguration = mock(SpringVaultClientConfiguration.class);
-		when(clientConfiguration.vaultTemplate()).thenReturn(vaultTemplate);
+		SpringVaultEnvironmentRepository environmentRepository = new SpringVaultEnvironmentRepositoryFactory(
+				mockHttpRequest(), new EnvironmentWatch.Default(), vaultTemplateBuilder)
+			.build(properties);
 
-		return clientConfiguration;
+		VaultKeyValueOperations keyValueTemplate = environmentRepository.getKeyValueTemplate();
+		assertThat(keyValueTemplate.getApiVersion()).isEqualTo(VaultKeyValueOperationsSupport.KeyValueBackend.KV_2);
+		verify(vaultTemplateBuilder).build(properties);
+		verifyNoMoreInteractions(clientConfiguration, vaultTemplateBuilder);
 	}
 
 	@SuppressWarnings("unchecked")