I have updated the Spring boot from 2.0.9.RELEASE to 2.4.3, and I am using the package to get the AWS Secrets version 2.2.5.RELEASE. When I deploy the code, it looks like it didn't find the credentials, and the database connection can't be closed.
bootstrap.properties
spring.application.name=myapp
aws.secretsmanager.region=eu-central-1
With Spring Boot 2.4.0 Bootstrap phase was deprecated, that is why nothing is happening.
Because of deprecation and giving users more control over specifying which secrets they want, a new way of loading secrets was introduced in 2.3.0.
More about the new way and prefered way of loading secrets with spring.config.import can be found on here.
However, if you would still like to use old way of loading secrets with bootstrap phase, please add following dependency:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-bootstrap</artifactId>
<version>{spring-cloud-version}</version>
</dependency>
Related
I am trying to update an application which already pulls in the kitchen sink (or perhaps a few, they're joined at the hip) and I am sorting through version conflicts.
I want to update to Spring Boot 2.5+ and also use Spring Cloud Consul - I am attempting to pull in:
spring-cloud-starter-consul-discovery:3.0.3
spring-boot:2.5.4
For bonus points, within spring-cloud-starter-consul-discovery, I am seeing that it pulls in reactor-core:3.4.6 and at the same time reactor-extra:3.4.3 (which pulls in reactor-core:3.4.5). The list goes on and on ...
https://search.maven.org/artifact/org.springframework.cloud/spring-cloud-starter-consul-discovery/3.0.3/jar - original point of contention is that it pulls in spring boot 2.4.6 ... it was advertised as supporting 2.5+, then shouldn't the version reference 2.5+?
https://search.maven.org/artifact/org.springframework.cloud/spring-cloud-loadbalancer/3.0.3/jar - this to me is just plain laziness, right below reactor-core is reactor-extra, why wouldn't the Spring developers make extra pull in the same version of core? See: https://search.maven.org/artifact/io.projectreactor.addons/reactor-extra/3.4.3/jar
While this is a trivial problem to solve, it shouldn't be my problem. Am I missing something, or is this just the way it is and I shouldn't expect more?
First of all, you need to look at this compatibility matrix between cloud and boot dependencies. Then, you need (for example) to generate your bom, where you import
the correct cloud dependencies bom
spring boot dependencies bom
These boms, internally, either import other boms, like for example consul, the one you are interested in, which is at version 2.2.8.RELEASE. Look in the properties tag in that file and see this:
<spring-cloud-consul.version>2.2.8.RELEASE</spring-cloud-consul.version>
specifically:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-consul-dependencies</artifactId>
<version>${spring-cloud-consul.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
You can then look at the specific consul bom and see that the version consul-discovery is:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-consul-discovery</artifactId>
<version>${project.version}</version>
</dependency>
Same pattern to find out what version is where can be done for reactor dependencies.
From my 10 minutes investing into this, I don't see a version of spring-cloud-starter-consul-discovery:3.0.3 that would be included in a cloud-dependecies.
You could still try to force a certain version of a dependency. We just recently had such a problem in spring-cloud-kubernetes, internally.
This may or may not work, though.
I have implemented shutdown API in my spring-boot project by setting following values in application.properties:
management.endpoint.shutdown.enabled=true
management.endpoint.info.enabled=true
management.endpoints.web.exposure.include=*
Now I want to disable the shutdown API dynamically with help of database like I will have those above configurations as key, value pair that I can change anytime.
On its change, the application should get also updated with the new config values thereby shutdown API gets disabled.
You could use Netflix Archaius
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-archaius</artifactId>
</dependency>
You don't need to use #Value annotation here.
Usage
DynamicStringProperty dynamicProperty = DynamicPropertyFactory.getInstance().getStringProperty("management.endpoint.shutdown.enabled", "default value here");
String propertyCurrentValue = dynamicProperty.get();
If the data changes in property file at any point, Archaius will detect it at runtime and will start retrieving the new values.
Useful references
Archaius Girhub info
Archaius with Various Database Configurations
Archaius for Property Management - Basics
I'm trying to in corporate Spring Actuator to my application. I have added the dependency in my pom.xml:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
<version>1.4.2.RELEASE</version>
</dependency>
But I get a 404 when trying to access the /health endpoint. After looking online, I've read that I need to also have the spring-boot-starter-web dependency in my POM. I was under the assumption that I only need the actuator dependency in order to get it working
Yes web is needed if you want to access via HTTP (otherwise only JMX is available).
The documentation for actuator states
"Click Dependencies and select Spring Web and Spring Boot Actuator."
Actuator "sensitive" endpoints secure since 1.5.x version, is it possible to specify user in properties or yml file and access these endpoints without adding spring security into project?
I know that there's property management.security.enabled can be set to false to expose endpoints, but want to keep them secure:)
Yes you can do it.
Just add the below lines in src/main/resources/application.properties file.
management.security.enabled=true
security.user.name=admin
security.user.password=admin1
management.security.roles=SUPERUSER
After this, add below dependency in your application pom.xml file.
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Restart your application and try to access any sensetive actuator. You will be prompted to enter username and password. Enter the username and password that you configured in application.priperties.
After entering you will be able to access the sentive actuators.
Hope this helps.
Happy coding
I am currently working with Spring Boot with a number of starter packs, such as the web MVC framework, Thymeleaf templates and security.
Each of these packages have a lot of different configuration options. I have mainly been using the source from the Auto-configuration package to figure out which beans need to be wired up and how to do that.
However, Is there any easy way to find a list of expected beans/classes that are needed by a given Spring package?
To view the beans you can you spring boot actuator
To Enable actuator, you can simply add the actuator starter dependency to your project.
For Gradle
compile("'org.springframework.boot:spring-boot-starter-actuator:1.3.1.RELEASE'
")
For Maven
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
<version>1.3.1.RELEASE</version>
</dependency>
You can skip the version if you are using spring boot parent pom
Now you can rebuild your application make get request to http://server:port/beans if local and port is 8080 then
http://localhost:8080/beans
If you want to access using CURL command line tool you can
curl http://localhost:8080/beans
For more information visit
http://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html