将 Micronaut 与 Hashicorp Vault 连接起来
Connect Micronaut with Hashicorp Vault
我需要一些帮助来使用 Vault 配置 Micronaut。我正在尝试从 Micronaut 的 application.yml 属性上加载本地 Vault 中的秘密。
我已经下载了 Vault CLI 并启动了一个开发服务器,在此之前,我已经使用 vault kv put secret/application SECRET_GENERATOR_JWT=foobar
在 kv 秘密引擎中配置了一个秘密
对于 Micronaut,我正在阅读 official documentation 来配置与 Vault 的连接,但是当我在本地启动应用程序时,我收到以下错误:
ERROR io.micronaut.runtime.Micronaut - Error starting Micronaut server: Bean definition [io.micronaut.security.token.jwt.signature.secret.SecretSignatureConfiguration] could not be loaded: Error instantiating bean of type [io.micronaut.security.token.jwt.signature.secret.SecretSignatureConfiguration]: Could not resolve placeholder ${SECRET_GENERATOR_JWT}
如何使用 Vault 解决这个问题?
这是我的 Micronaut 的 application.yml
micronaut:
application:
name: hello
config-client:
enabled: true
security:
authentication: bearer
token:
jwt:
signatures:
secret:
generator:
secret: ${SECRET_GENERATOR_JWT}
vault:
client:
token: s.pkUenRJ2TCNOPYghsd5an0Iw
uri: http://127.0.0.1:8200
config:
enabled: true
secret-engine-name: secret
这是 Maven 的依赖项 部分:
<dependencies>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-inject</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-http-server-netty</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.micronaut.test</groupId>
<artifactId>micronaut-test-junit5</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.micronaut.security</groupId>
<artifactId>micronaut-security-jwt</artifactId>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-discovery-client</artifactId>
</dependency>
</dependencies>
还有我的 annotationProcessorPaths:
<configuration>
<annotationProcessorPaths>
<path>
<!-- must precede micronaut-inject-java -->
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>${lombok.version}</version>
</path>
<path>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-inject-java</artifactId>
<version>${micronaut.version}</version>
</path>
<path>
<groupId>io.micronaut.security</groupId>
<artifactId>micronaut-security-annotations</artifactId>
<version>${micronaut.security.version}</version>
</path>
</annotationProcessorPaths>
<compilerArgs>
<arg>-Amicronaut.processing.group=hello.world.cli.maven</arg>
<arg>-Amicronaut.processing.module=hello-world-cli-maven</arg>
</compilerArgs>
</configuration>
Micronaut 版本:2.3.2
要使其正常工作,您需要提供环境变量或设置默认值。
第一个选项是像这样设置变量环境:
$ export SECRET_GENERATOR_JWT="superSecreteGeneratorJWT"
$ ./mvnw mn:run
第二个选项是像这样配置您的 application.yml:
micronaut:
application:
name: hello
config-client:
enabled: true
security:
authentication: bearer
token:
jwt:
signatures:
secret:
generator:
secret: ${SECRET_GENERATOR_JWT:`superSecreteGeneratorJWT`}
通过这种方式,您将正确设置环境变量。
更多信息https://docs.micronaut.io/latest/guide/index.html#propertySource
然后你必须像这样注入它:
import io.micronaut.context.annotation.Value;
import javax.inject.Singleton;
@Singleton
public class YourServices {
private final String secret;
YourServices(@Value("${micronaut.security.token.jwt.signatures.secret.generator.secret}") String secret) {
this.secret = secret;
}
}
更多信息:https://docs.micronaut.io/latest/guide/index.html#valueAnnotation
我需要一些帮助来使用 Vault 配置 Micronaut。我正在尝试从 Micronaut 的 application.yml 属性上加载本地 Vault 中的秘密。
我已经下载了 Vault CLI 并启动了一个开发服务器,在此之前,我已经使用 vault kv put secret/application SECRET_GENERATOR_JWT=foobar
对于 Micronaut,我正在阅读 official documentation 来配置与 Vault 的连接,但是当我在本地启动应用程序时,我收到以下错误:
ERROR io.micronaut.runtime.Micronaut - Error starting Micronaut server: Bean definition [io.micronaut.security.token.jwt.signature.secret.SecretSignatureConfiguration] could not be loaded: Error instantiating bean of type [io.micronaut.security.token.jwt.signature.secret.SecretSignatureConfiguration]: Could not resolve placeholder ${SECRET_GENERATOR_JWT}
如何使用 Vault 解决这个问题?
这是我的 Micronaut 的 application.yml
micronaut:
application:
name: hello
config-client:
enabled: true
security:
authentication: bearer
token:
jwt:
signatures:
secret:
generator:
secret: ${SECRET_GENERATOR_JWT}
vault:
client:
token: s.pkUenRJ2TCNOPYghsd5an0Iw
uri: http://127.0.0.1:8200
config:
enabled: true
secret-engine-name: secret
这是 Maven 的依赖项 部分:
<dependencies>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-inject</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-http-server-netty</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.micronaut.test</groupId>
<artifactId>micronaut-test-junit5</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.micronaut.security</groupId>
<artifactId>micronaut-security-jwt</artifactId>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-discovery-client</artifactId>
</dependency>
</dependencies>
还有我的 annotationProcessorPaths:
<configuration>
<annotationProcessorPaths>
<path>
<!-- must precede micronaut-inject-java -->
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>${lombok.version}</version>
</path>
<path>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-inject-java</artifactId>
<version>${micronaut.version}</version>
</path>
<path>
<groupId>io.micronaut.security</groupId>
<artifactId>micronaut-security-annotations</artifactId>
<version>${micronaut.security.version}</version>
</path>
</annotationProcessorPaths>
<compilerArgs>
<arg>-Amicronaut.processing.group=hello.world.cli.maven</arg>
<arg>-Amicronaut.processing.module=hello-world-cli-maven</arg>
</compilerArgs>
</configuration>
Micronaut 版本:2.3.2
要使其正常工作,您需要提供环境变量或设置默认值。
第一个选项是像这样设置变量环境:
$ export SECRET_GENERATOR_JWT="superSecreteGeneratorJWT"
$ ./mvnw mn:run
第二个选项是像这样配置您的 application.yml:
micronaut:
application:
name: hello
config-client:
enabled: true
security:
authentication: bearer
token:
jwt:
signatures:
secret:
generator:
secret: ${SECRET_GENERATOR_JWT:`superSecreteGeneratorJWT`}
通过这种方式,您将正确设置环境变量。
更多信息https://docs.micronaut.io/latest/guide/index.html#propertySource
然后你必须像这样注入它:
import io.micronaut.context.annotation.Value;
import javax.inject.Singleton;
@Singleton
public class YourServices {
private final String secret;
YourServices(@Value("${micronaut.security.token.jwt.signatures.secret.generator.secret}") String secret) {
this.secret = secret;
}
}
更多信息:https://docs.micronaut.io/latest/guide/index.html#valueAnnotation