提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档
前言
What is Vault?
Secure, store, and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data using a UI, CLI, or HTTP API.
一、Maven依赖
<dependency>
<groupId>org.springframework.vault</groupId>
<artifactId>spring-vault-core</artifactId>
<version>2.3.2</version>
</dependency>
二、使用步骤
1.启动vault服务 docker启动
docker run -p 8200:8200 -e 'VAULT_DEV_ROOT_TOKEN_ID=dev-only-token' vault
2. vault启动会提供root token
3.vault 配置类
package com.example.demo.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.vault.authentication.ClientAuthentication;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.config.AbstractVaultConfiguration;
@Configuration
public class AppConfig extends AbstractVaultConfiguration {
/**
* Specify an endpoint for connecting to Vault.
*/
@Override
public VaultEndpoint vaultEndpoint() {
VaultEndpoint vaultEndpoint = new VaultEndpoint();
vaultEndpoint.setScheme("http");//默认是HTTPS url默认是localhost
vaultEndpoint.setPort(8200);
return vaultEndpoint;
}
/**
* Configure a client authentication.
* Please consider a more secure authentication method
* for production use.
*/
@Override
public ClientAuthentication clientAuthentication() {
return new TokenAuthentication("hvs.lrwTwnevOx6PNUuPwP7AEmTO");//vault提供的token
}
}
4.给vault添加数据 secret/config
export VAULT_ADDR=http://127.0.0.1:8200
export VAULT_TOKEN=hvs.lrwTwnevOx6PNUuPwP7AEmTO
vault kv put secret/config example.username=user example.password=password
=== Secret Path ===
secret/data/config
======= Metadata =======
Key Value
--- -----
created_time 2022-08-29T02:28:55.8615766Z
custom_metadata <nil>
deletion_time n/a
destroyed false
version 1
/ #
5.example类
@VaultPropertySource(value = "secret/config")
@ConfigurationProperties("example")
public class MyConfiguration {
// @Value("${example.username}")
private String username;
// @Value("${example.password}")
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
6.启动类
@SpringBootApplication
@EnableConfigurationProperties(MyConfiguration.class)
public class SpringValutApplication implements CommandLineRunner {
private final MyConfiguration configuration;
public SpringValutApplication(MyConfiguration configuration) {
this.configuration = configuration;
}
public static void main(String[] args) {
SpringApplication.run(SpringValutApplication.class, args);
}
@Override
public void run(String... args) throws Exception {
System.out.println("----------------------------------------");
System.out.println("Configuration properties");
System.out.println(" example.username is "+ configuration.getUsername());
System.out.println(" example.password is "+ configuration.getPassword());
System.out.println("----------------------------------------");
}
}