Using the following:
I rebuilt the spring-cloud-dataflow-server-cloudfoundry with the additional dependency to enable its binding with Spring Cloud Config server as the instructions provide. It seems to be working as expected, so that's great.
The issue is arising now, when I attempt to define a stream with a custom module I developed, where the environment variables for the module (specifically ENCRYPT_KEY) are in a manifest YML file in my git repo.
The name of the manifest file is customapp-dev.yml. The manifest looks like this:
applications:
- name: customapp
env:
ENCRYPT_KEY: keyForEncryption
The name of the properties file is customapp-dev.properties. The properties file looks like this:
customapp.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
customapp.ldap.provider.url=ldap://directory.xyz.com:389/dc=xyz,dc=com
customapp.username=ldap_user
customapp.password={cipher}958f87532ebba83cd81b7b0e9a0a0cc
The application has a properties file in the boot jar called application.properties. It looks like this:
spring.application.name=customapp
Finally, when I deploy my stream, I provide one additional property in the command line like this:
--properties app.customapp.SPRING_PROFILES_ACTIVE=dev
Tailing the logs of the app's deployment, I can see that the config server instance is being read, and that the app name and profile are being correctly resolved. The config client is mapping both the YML manifest, and the properties file from my git repo.
However, the error is indicating there is no possible decryption for the placeholder customapp.password.
2016-08-26T13:40:46.62-0600 [APP/0] OUT . ____ _ __ _ _
2016-08-26T13:40:46.62-0600 [APP/0] OUT /\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
2016-08-26T13:40:46.62-0600 [APP/0] OUT ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
2016-08-26T13:40:46.62-0600 [APP/0] OUT \\/ ___)| |_)| | | | | || (_| | ) ) ) )
2016-08-26T13:40:46.62-0600 [APP/0] OUT ' |____| .__|_| |_|_| |_\__, | / / / /
2016-08-26T13:40:46.62-0600 [APP/0] OUT =========|_|==============|___/=/_/_/_/
2016-08-26T13:40:46.63-0600 [APP/0] OUT :: Spring Boot :: (v1.3.5.RELEASE)
2016-08-26T13:40:46.65-0600 [APP/0] OUT Fetching config from server at: https://config-dfcc3100-7514-47e6-b30e-a0eefcf4929d.dev.xyz.com
2016-08-26T13:40:48.13-0600 [APP/0] OUT Located environment: name=customapp, profiles=[dev, cloud], label=master, version=null
2016-08-26T13:40:48.13-0600 [APP/0] OUT Located property source: CompositePropertySource [name='configService', propertySources=[MapPropertySource [name='https://user@bitbucket.xyz.com/scm/project/app-config.git/dev/customapp-dev.yml'], MapPropertySource [name='https://user@bitbucket.xyz.com/scm/project/app-config.git/dev/customapp-dev.properties']]]
2016-08-26T13:40:48.16-0600 [APP/0] OUT Application startup failed
2016-08-26T13:40:48.16-0600 [APP/0] OUT java.lang.IllegalStateException: Cannot decrypt: key=customapp.password
If I explicitly set the ENCRYPT_KEY environment variable for the deployed (crashed) application, and restage it, it starts up fine and works like a charm.
Is there another way for me to specify the environment variables for a stream app at deployment time?
So, I RTFM'd and found a useful excerpt in the existing documentation.
The command line specification at deploy time will work, but I was using the wrong syntax. Instead of:
app.customapp.ENCRYPT_KEY=keyForEncryption
I should use:
app.customapp.encrypt.key=keyForEncryption