I'm pretty bad with java and trying to get an older spring boot app moved into GCP. I have a proof of concept app working using spring-boot 3.0.1 and spring-cloud-gcp-starter-secretmanager@3.4.1. It runs fine and pulls secrets from Secret manager like a charm.
Pom snippet:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.0.1</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>edu.mayo</groupId>
<artifactId>secret-manager-poc</artifactId>
<version>1.0.0</version>
<name>secret-manager-poc</name>
<description>Spring boot POC with GCP secret manager</description>
<properties>
<java.version>17</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>spring-cloud-gcp-starter-secretmanager</artifactId>
<version>3.4.1</version>
</dependency>
</dependencies>
I'm trying to do the same thing in my older spring-boot app and getting really confused. Here is what I have for dependancies:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.14</version>
<relativePath></relativePath>
</parent>
...
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gcp-starter-secretmanager</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>2020.0.6</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
When I started loooking at what versions of the secretmanager starter I should use I came across this: https://spring.io/projects/spring-cloud Which makes it looks like I should used 2020.0.6 but then I've noticed that there are two groupIds org.springframework.cloud vs com.google.cloud, and I've been searching through posts and articles but I'm confused as hell. When I try run mvn clean install I get this message:
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[ERROR] 'dependencies.dependency.version' for org.springframework.cloud:spring-cloud-gcp-starter-secretmanager:jar is missing. @ line 158, column 15
Its complaining bout the version attribute being missing on the starter library, but all the docs I'm reading say that this should work.
mvn --version
Apache Maven 3.8.7 (b89d5959fcde851dcb1c8946a785a163f14e1e29)
Maven home: C:\Program Files\apache-maven-3.8.7-bin\apache-maven-3.8.7
Java version: 17.0.5, vendor: Microsoft, runtime: C:\Program Files\Microsoft\jdk-17.0.5.8-hotspot
Default locale: en_US, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"
Which dependencies and versions should someone use to connect to GCP secret manager from a springboot 2.5.14 app?
EDIT / UPDATE.
Currently able to start Spring boot with these dependancies with spring-boot 2.5.14:
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>spring-cloud-gcp-starter-secretmanager</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-bootstrap</artifactId>
<version>4.0.0</version>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>spring-cloud-gcp-dependencies</artifactId>
<version>4.0.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
however my properties aren't being retreived from secret manager. I have this property file:
# General settings
api.version: @project.version@
# Akana settings
akana.secret.name=akana-shared-secret
akana.secret.hash=${sm://mde-akana-secret-hash}
...
But after spring-boot starts and I go to manage/env to print the env variables I see this:
"akana.secret.hash":{"value":"//mde-akana-secret-hash"}
all of the properties that are defined like this:
prop.name=${sm://sm-key}
are loaded into context like this:
prop.name=//sm-key
any idea what I'm missing?
Which dependencies and versions should someone use to connect to GCP secret manager from a springboot 2.5.14 app?
None.
After wasting today trying to figure out which dependency versions of both google and spring provided dependencies I needed to get spring boot to talk to GCP secrets manger, I happened across this random video. https://youtu.be/mRSJmHlkzck. After pausing it and transposing parts of the pom, I finally got the app to kick over and generate this lovely message:
***************************
APPLICATION FAILED TO START
***************************
Description:
Your project setup is incompatible with our requirements due to following reasons:
- Spring Boot [2.5.14] is not compatible with this Spring Cloud release train
Action:
Consider applying the following actions:
- Change Spring Boot version to one of the following versions [2.3.x, 2.4.x] .
You can find the latest Spring Boot versions here [https://spring.io/projects/spring-boot#learn].
If you want to learn more about the Spring Cloud Release train compatibility, you can visit this page [https://spring.io/projects/spring-cloud#overview] and check the [Release Trains] section.
If you want to disable this check, just set the property [spring.cloud.compatibility-verifier.enabled=false]
So I downgraded to springboot 2.4.13 and got it to work. Here are the relevant dependencies and versions:
<properties>
...
<spring-cloud-gcp.version>2.0.5</spring-cloud-gcp.version>
<spring-cloud.version>2020.0.1</spring-cloud.version>
</properties>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>spring-cloud-gcp-starter-secretmanager</artifactId>
</dependency>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>spring-cloud-gcp-starter</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>spring-cloud-gcp-dependencies</artifactId>
<version>${spring-cloud-gcp.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
Then you'll need this in a bootstrap.properties file:
spring.cloud.gcp.secretmanager.bootstrap.enabled=true
spring.cloud.gcp.secretmanager.secret-name-prefix=sm://