当我从IntelliJ运行我的应用程序时,我得到一个warning / error
虽然应用程序构建正常并运行所有测试,这是我应该忽略的东西,还是可以解决这个问题?
Kubernetes secret用于创建随机密码,因此我有一个占位符用于该特定变量。
2019-02-26 19:45:29.600 INFO 38918 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2019-02-26 19:45:29.684 WARN 38918 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'actuatorSecurity': Injection of autowired dependencies failed; nested exception is java.lang.IllegalArgumentException: Could not resolve placeholder 'ACTUATOR_PASSWORD' in value "${ACTUATOR_PASSWORD}"
2019-02-26 19:45:29.685 INFO 38918 --- [ main] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
2019-02-26 19:45:29.685 INFO 38918 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown initiated...
2019-02-26 19:45:29.707 INFO 38918 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown completed.
2019-02-26 19:45:29.713 INFO 38918 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
qronicle-deployment.yaml
apiVersion: v1
kind: Secret
metadata:
name: actuator
namespace: {{ .Release.Namespace }}
type: Opaque
data:
actuator-password: {{ randAlphaNum 10 | b64enc | quote }}
....
- name: ACTUATOR_PASSWORD
valueFrom:
secretKeyRef:
name: actuator
key: actuator-password
application.properties
# spring boot actuator access control
management.endpoints.web.exposure.include=*
security.user.actuator-username=admin
security.user.actuator-password=${ACTUATOR_PASSWORD}
ACTUATOR_PASSWORD
在这里消费
@Configuration
@EnableWebSecurity
class ActuatorSecurity : WebSecurityConfigurerAdapter() {
@Value("\${security.user.actuator-username}")
private val actuatorUsername: String? = null
@Value("\${security.user.actuator-password}")
private val actuatorPassword: String? = null
....
}
通常,对于秘密,您将把它安装在部署yaml之外。
在这里,您可以在节点将要运行的k8上下文下运行kubectl create secret generic <secret_name> --from-literal <secret_key> ='<password>'
。
这将在那里创建一个秘密,你上面的部署yaml将它映射到环境变量。
这就是application.properties
文件中的技巧
security.user.password = $ {ACTUATOR_PASSWORD:为admin123}
如果没有提供env var,将使用admin123