Search code examples
javaspringspring-bootazurespring-cloud-azure

azure-spring-boot-starter-keyvault-secrets autoconfiguration of SecretClient does not work with spring-boot 2.7.17

I set up connection between spring-boot and AKV and everything works fine when @Bean SecretClient is added explicitly. I have looked across various code samples and for azure-spring-boot-starter-keyvault-secrets this should work automatically and set @Bean should not be necessary.

This is version of spring-boot and spring-cloud-azure I use

<spring.boot.version>2.7.17</spring.boot.version>
<spring-cloud-azure.version>4.12.0</spring-cloud-azure.version>

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>com.azure.spring</groupId>
            <artifactId>spring-cloud-azure-dependencies</artifactId>
            <version>${spring-cloud-azure.version}</version>
            <scope>import</scope>
            <type>pom</type>
        </dependency>
    </dependencies>
</dependencyManagement>

<dependency>
    <groupId>com.azure.spring</groupId>
    <artifactId>spring-cloud-azure-starter-keyvault</artifactId>
</dependency>

and this is my application.yml configuration

spring:
  cloud:
    azure:
      keyvault:
        secret:
          property-sources[0]:
            endpoint: ${ENDPOINT_URL}
            credential:
              client-secret: ${AZURE_CLIENT_SECRET}
              client-id: ${AZURE_CLIENT_ID}
            profile:
              tenant-id: ${AZURE_TENANT_ID}

If I remove @Bean from my config

@Bean
public SecretClient secretClient() {
    return new SecretClientBuilder()
            .vaultUrl("akv-url")
            .credential(new DefaultAzureCredentialBuilder().build())
            .buildClient();
}

I see spring bean exception:

Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'com.azure.security.keyvault.secrets.SecretClient' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {}

No idea what the problem is, I checked for version compatibility and they should be compatible. Any ideas?

Solution

  • I was able to solve this by looking at the this class -

    com.azure.spring.cloud.autoconfigure.keyvault.secrets.AzureKeyVaultSecretAutoConfiguration

    there is @ConditionOnAnyProperty annotation which checks the presence of "spring.cloud.azure.keyvault.secret.endpoint" in application.yml

    So apparently property-sources[0] is unnecessary for this version, which is quite strange, because it was included in every tutorial and documentation on azure and version 4.12.0 is currently one of the latest for spring-boot below 3.0.0

    Anyway - I might have thought earlier to look into the classes that configure this automatically, but at least now it works correctly and maybe it will help someone solve a similar problem more quickly.