Add couchbase database plugin to spring-cloud-vault#408
Closed
fhitchen wants to merge 20 commits into
Closed
Conversation
mp911de
requested changes
Jun 23, 2020
Member
mp911de
left a comment
mp911de
left a comment
There was a problem hiding this comment.
Thanks for your pull request. This PR requires some cleanup and should not touch the buildfile at all. Please check out the comments.
…r the couchbase plugin.
Author
|
Hi Mark,
I made the changes you requested and asked for a new review. I have not
seen any activity so I wondered if I had not done something else that
needed to be done?
regards, Francis.
…On Tue, Jun 23, 2020 at 1:55 AM Mark Paluch ***@***.***> wrote:
***@***.**** requested changes on this pull request.
Thanks for your pull request. This PR requires some cleanup and should not
touch the buildfile at all. Please check out the comments.
------------------------------
In pom.xml
<#408 (comment)>
:
> @@ -235,7 +235,8 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
- <version>2.21.0</version>
+ <!-- version>2.21.0</versioni-->
+ <version>2.21.0</version>
Please refrain from pom.xml changes. This issue is about the Couchbase
database plugin. We can sort out any checkstyle warnings later on.
------------------------------
In spring-cloud-vault-config-databases/pom.xml
<#408 (comment)>
:
> @@ -95,6 +95,11 @@
<artifactId>spring-boot-starter-jdbc</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>com.couchbase.client</groupId>
+ <artifactId>java-client</artifactId>
+ <version>3.0.5</version>
+ </dependency>
This dependency goes into test scope. The version should be inherited
from Spring Boot.
------------------------------
In
spring-cloud-vault-config-databases/src/main/java/org/springframework/cloud/vault/config/databases/VaultCouchbaseProperties.java
<#408 (comment)>
:
> +public class VaultCouchbaseProperties implements DatabaseSecretProperties {
+
+ /**
+ * Enable couchbase backend usage.
+ */
+ private boolean enabled = false;
+
+ /**
+ * Role name for credentials.
+ */
+ private String role;
+
+ /**
+ * Enable static role usage.
+ *
+ * @SInCE 2.2
Note: @SInCE should go into the class documentation.
------------------------------
In
spring-cloud-vault-config-databases/src/test/java/org/springframework/cloud/vault/config/databases/CouchbaseSecretIntegrationTests.avaj
<#408 (comment)>
:
> @@ -0,0 +1,113 @@
+/*
+ * Copyright 2016-2020 the original author or authors.
The file suffix is avaj.
------------------------------
In
spring-cloud-vault-config-databases/src/test/java/org/springframework/cloud/vault/config/databases/VaultConfigCouchbaseDatabaseStaticTests.java
<#408 (comment)>
:
> + @value("${spring.data.couchbase.password}")
+ String password;
+
+ Cluster cluster;
+
+ /**
+ * Initialize the couchbase secret backend.
+ */
+ @BeforeClass
+ public static void beforeClass() {
+
+ VaultRule vaultRule = new VaultRule();
+ vaultRule.before();
+
+ assumeTrue(CanConnect.to(new InetSocketAddress(COUCHBASE_HOST, COUCHBASE_PORT)));
+ assumeTrue(vaultRule.prepare().getVersion()
In which version did Vault add Couchbase support? These guards are in
place as we run tests against multiple Vault versions.
------------------------------
In
spring-cloud-vault-config-databases/src/test/java/org/springframework/cloud/vault/config/databases/VaultConfigCouchbaseDatabaseTests.java
<#408 (comment)>
:
> + @value("${spring.data.couchbase.password}")
+ String password;
+
+ Cluster cluster;
+
+ /**
+ * Initialize the couchbase secret backend.
+ */
+ @BeforeClass
+ public static void beforeClass() {
+
+ VaultRule vaultRule = new VaultRule();
+ vaultRule.before();
+
+ assumeTrue(CanConnect.to(new InetSocketAddress(COUCHBASE_HOST, COUCHBASE_PORT)));
+ assumeTrue(vaultRule.prepare().getVersion()
See the previous file's version note for further details.
------------------------------
In src/test/bash/create_certificates.sh
<#408 (comment)>
:
> @@ -67,7 +67,7 @@ chmod 400 ${CA_DIR}/private/localhost.decrypted.key.pem
echo "[INFO] Generating server certificate request"
openssl req -config <(cat ${DIR}/openssl.cnf \
- <(printf "\n[SAN]\nsubjectAltName=DNS:localhost,IP:127.0.0.1")) \
+ <(printf "\n[SAN]\nsubjectAltName=DNS:localhost,IP:127.0.0.1,DNS:chanchan2")) \
Care to elaborate on why this change is?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#408 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABML24DAX6F2ZCKZL6GRGFLRYBGWDANCNFSM4OFDGUXA>
.
|
Member
|
I was waiting for the signal from your side that you're done. It's not obvious from occasional commits flying into the PR. |
Author
|
Yes, well I'm learning about spring cloud.
i just realized I should use the ...
@Autowired
private CouchbaseTemplate couchbaseTemplate;
Instead of directly coding to the Couchbase SDK in the tests. I will fix
that as soon as possible.
Thanks for your patience and "stay safe" as they say here.
regards, Francis.
…On Tue, Jul 14, 2020 at 2:18 AM Mark Paluch ***@***.***> wrote:
I was waiting for the signal from your side that you're done. It's not
obvious from occasional commits flying into the PR.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#408 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABML24CHDO3WWEWOOUQIXBTR3QBDZANCNFSM4OFDGUXA>
.
|
Author
|
Hi Mark,
I'm stuck using the spring-data-couchbase stuff instead of the Couchbase
SDK.
I have to add the @SpringBootApplication annotation to get the dependency
injection to work, but then I hit this error...
[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0.031 s <<< FAILURE! - in org.springframework.cloud.vault.config.databases.
Vault
ConfigCouchbaseDatabaseStaticTests
[ERROR]
initializationError(org.springframework.cloud.vault.config.databases.VaultConfigCouchbaseDatabaseStaticTests)
Time elapsed: 0.005 s <<< ERROR!
java.lang.IllegalStateException: Test classes cannot include @bean methods
Can you help me, I'm stuck. I tried to create my own bean in an inner class
but to be honest, I don't really know what I am doing. Can you point me in
the correct direction?
regards, Francis.
…On Tue, Jul 14, 2020 at 9:46 AM Francis Hitchens ***@***.***> wrote:
Yes, well I'm learning about spring cloud.
i just realized I should use the ...
@Autowired
private CouchbaseTemplate couchbaseTemplate;
Instead of directly coding to the Couchbase SDK in the tests. I will fix
that as soon as possible.
Thanks for your patience and "stay safe" as they say here.
regards, Francis.
On Tue, Jul 14, 2020 at 2:18 AM Mark Paluch ***@***.***>
wrote:
> I was waiting for the signal from your side that you're done. It's not
> obvious from occasional commits flying into the PR.
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub
> <#408 (comment)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/ABML24CHDO3WWEWOOUQIXBTR3QBDZANCNFSM4OFDGUXA>
> .
>
|
Member
|
Generally speaking, all |
Author
|
Hi, I still have not managed to get the tests to work with the @Autowired dependencies. A simple app does mind you so it is just my lack of knowledge about Spring Boot Annotations etc. that is a fault. I have been busy working on getting the Couchbase database plugin into the Hashicorp Git repo. It is finally there if you want to take a look at it here. However I am truly stuck now as the build process is not working any more. Once Spencer Gibb has fixed it I will start working on it again. |
To fix broken build
Member
|
Any update on this pull request? |
Author
|
Hi, yes, I just got the maven build to work again (have been busy with Hashicorp getting the plugin into their Git repo) and will try and write a proper test as soon as i figure out the issue i am having with injected dependencies. |
Author
|
Hi Mark, I am seeing this in the Couchbase surefire test logs and have no idea why it would be happening. com.mongodb.MongoSocketOpenException: Exception opening socket
at com.mongodb.internal.connection.SocketStream.open(SocketStream.java:70) ~[mongodb-driver-core-4.1.0.jar:na]
at com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:143) ~[mongodb-driver-co>
at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.lookupServerDescription(DefaultServerMoni>
at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:144) ~[mong>
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.net.ConnectException: Connection refused (Connection refused) |
mp911de
requested changes
Aug 14, 2020
Member
mp911de
left a comment
mp911de
left a comment
There was a problem hiding this comment.
I left a comment about the dependencies. Please also squash your changes into a single commit.
Author
|
Hi, Should I |
Member
|
No need to squash, we can do it when it is merged |
Author
|
Ok thanks. To test it against an official couchbase db, after you have installed the plugin, instructions here, spin up this docker container using the following command... $ docker run -d --name db -p 18091-18096:18091-18096 -p 11207:11207 -p 8091-8094:8091-8094 -p 11210:11210 couchbase/server-sandbox:6.5.0 |
Author
|
Are you waiting on anything from me here? |
Member
|
Mark is on leave right now |
Author
|
Ok, thanks.
…On Mon, Aug 24, 2020 at 10:04 AM Spencer Gibb ***@***.***> wrote:
Mark is on leave right now
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#408 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABML24AXF2Z2YN3KXIBUSDTSCJ6QZANCNFSM4OFDGUXA>
.
|
Member
|
I'm going to take this PR from here and merge it for 3.0-M4 |
Member
|
This pull request is pretty much a mess. The Couchbase integration with Spring Boot never worked as the property names don't match and |
mp911de
pushed a commit
that referenced
this pull request
Sep 21, 2020
Original pull request: gh-408.
Member
|
That's merged and polished now. |
spencergibb
pushed a commit
that referenced
this pull request
Sep 14, 2023
Original pull request: gh-408.
spencergibb
pushed a commit
that referenced
this pull request
Sep 14, 2023
Fix property names to spring.couchbase instead of spring.data.couchbase. Fix VaultConfigCouchbaseTests to make it work with Couchbase instead of using Cassandra. Add CouchbaseSecretIntegrationTests to verify interaction through VaultConfigTemplate. Remove property overrides for username/password so that Vault PropertySources are used. Use unique role name to avoid clashes with other tests. Enable VaultConfigCouchbaseDatabaseTests for ConfigData API by importing vault://. Update reference documentation. Resolves gh-408.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hi,
I have added a couchbase database plugin, Hashicorp are reviewing it and will make it available at https://github.com/hashicorp/vault-plugin-database-couchbase when ready and I also added it to this package.
Note: this plugin is a database plugin, not a secrets plugin.
To run the two tests, you will need a 6.5.0 or newer Couchbase DB with an additional username "vault-static" added for the second static role test.
Use this command to start Couchbase container
docker run -d --name db -p 18091-18096:18091-18096 -p 11207:11207 -p 8091-8094:8091-8094 -p 11210:11210 fhitchen/vault-couchbase
This container already has the Administrator user configured and a test "bucket" added. The tests do not make use of the bucket.
The plugin is available from my own repo https://github.com/fhitche/vault-plugin-database-couchbase and needs to be build and registered in the sys/plugins/catalog/database/ before the tests will pass.
I had to disable the checkstyle plugin or I got these errors...
I could not regenerate the README.adoc as I was unable to locate ./docs/src/main/ruby/generate_readme.sh?
I hope you will be able to approve this pull request.