spring - 在使用 Spring Boot EnvironmentPostProcessor 加载 application.yml 之前获取 Azure Key Vault 值

问题描述

我需要在加载配置（application.yml）之前从密钥库中获取一个值，因为该密钥用于解密配置文件中的敏感值。

从 EnvironmentPostProcessor 访问 Azure 密钥保管库时，它将显示如下错误消息。但是在其他过程（不是后处理器）中，它可以成功访问。

javax.naming.ServiceUnavailableException：身份验证结果为空

下面是 EnvironmentPostProcessor 中的代码。

public class LocalSettingsEnvironmentPostProcessor implements EnvironmentPostProcessor {
    protected static final Logger LOGGER = LoggerFactory.getLogger(LocalSettingsEnvironmentPostProcessor.class);
    private String keyVaultName = "......";
    private String tenantId = "......";
    private String clientId = "......";
    private String clientKey = "......";
    private String keyName = "......";
    private String keyVersion = "......";

    @Override
    public void postProcessEnvironment(ConfigurableEnvironment configurableEnvironment, SpringApplication springApplication) {
        MutablePropertySources propertySources = configurableEnvironment.getPropertySources();
        String baseUrl = "https://" + keyVaultName + ".vault.azure.cn:{port}/secrets/";
        String url = baseUrl + keyName + "/" + keyVersion;
        try {
            Properties properties = new Properties();
            LOGGER.info("postProcessor get key from keyvault: ", KeyVaultClient.getInstance().getKeyVal(clientId, clientKey, tenantId, url));
            properties.setProperty("jasypt.encryptor.password", KeyVaultClient.getInstance().getKeyVal(clientId, clientKey, tenantId, url));
            propertySources.addFirst(new PropertiesPropertySource("Config", properties));
            return;
        } catch (Exception e) {
            LOGGER.error("postProcessEnvironment error:", e);
            System.exit(0);
        }
    }
}

还是有另一种方法可以在加载配置之前从密钥库中获取值？

标签： springazurespring-bootspring-cloudazure-keyvault