637 cache key vault values

azure-spring-boot-samples/azure-keyvault-secrets-spring-boot-sample/src/main/java/sample/keyvault/SampleApplication.java

@@ -6,28 +6,23 @@
 
 package sample.keyvault;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 @SpringBootApplication
 public class SampleApplication implements CommandLineRunner {
-    private static final Logger LOGGER = LoggerFactory.getLogger(SampleApplication.class);
 
     @Value("${yourSecretPropertyName}")
-    private String mySecretProperty;
+    private String yourSecretPropertyName;
 
     public static void main(String[] args) {
         SpringApplication.run(SampleApplication.class, args);
     }
 
-    public void run(String... varl) throws Exception {
-        LOGGER.info("property yourSecretPropertyName in Azure Key Vault: {}", mySecretProperty);
-
-        System.out.println("property yourSecretPropertyName in Azure Key Vault: " + mySecretProperty);
+    public void run(String[] args) throws Exception {
+        System.out.println("property yourSecretPropertyName value is: " + yourSecretPropertyName);
     }
 
 }

azure-spring-boot-tests/azure-spring-boot-test-keyvault/src/test/java/com/microsoft/azure/test/keyvault/KeyVaultIT.java

@@ -54,15 +54,21 @@
  */
 @Slf4j
 public class KeyVaultIT {
-  
+
     private static ClientSecretAccess access;
     private static Vault vault;
     private static String resourceGroupName;
     private static RestTemplate restTemplate;
     private static final String prefix = "test-keyvault";
     private static final String VM_USER_NAME = "deploy";
     private static final String VM_USER_PASSWORD = "12NewPAwX0rd!";
-    private static final String KEY_VAULT_VALUE = "value";
+    private static final String KEY_VAULT_SECRET_NAME = "key-vault-secret-name";
+    private static final String KEY_VAULT_SECRET_VALUE = "key-vault-secret-value";
+    private static final String APP_PROPERTY_NAME = "app.property.name";
+    private static final String APP_PROPERTY_VALUE = "app.property.value";
+    private static final String APP_PROPERTY_NAME_WITH_SPEL_IN_VALUE = "app.property.name.with.spel.in.value";
+    private static final String KEY_VAULT_SECRET_NAME_WITH_SPEL_IN_VALUE = "key-vault-secret-name-with-spel-in-value";
+    private static final String AZURE_COSMOSDB_KEY = "azure-cosmosdb-key";
     private static final String TEST_KEY_VAULT_JAR_FILE_NAME = "app.jar";
     private static final int DEFAULT_MAX_RETRY_TIMES = 3;
     private static String TEST_KEYVAULT_APP_JAR_PATH;
@@ -74,8 +80,12 @@ public static void createKeyVault() throws IOException {
         resourceGroupName = SdkContext.randomResourceName(ConstantsHelper.TEST_RESOURCE_GROUP_NAME_PREFIX, 30);
         final KeyVaultTool tool = new KeyVaultTool(access);
         vault = tool.createVaultInNewGroup(resourceGroupName, prefix);
-        vault.secrets().define("key").withValue(KEY_VAULT_VALUE).create();
-        vault.secrets().define("azure-cosmosdb-key").withValue(KEY_VAULT_VALUE).create();
+        vault.secrets().define(KEY_VAULT_SECRET_NAME).withValue(KEY_VAULT_SECRET_VALUE).create();
+        vault.secrets()
+                .define(KEY_VAULT_SECRET_NAME_WITH_SPEL_IN_VALUE)
+                .withValue(String.format("${%s}", APP_PROPERTY_NAME))
+                .create();
+        vault.secrets().define(AZURE_COSMOSDB_KEY).withValue(KEY_VAULT_SECRET_VALUE).create();
         restTemplate = new RestTemplate();
 
         TEST_KEYVAULT_APP_JAR_PATH = new File(System.getProperty("keyvault.app.jar.path")).getCanonicalPath();
@@ -84,7 +94,7 @@ public static void createKeyVault() throws IOException {
         log.info("keyvault.app.zip.path={}", TEST_KEYVAULT_APP_ZIP_PATH);
         log.info("--------------------->resources provision over");
     }
-    
+
     @AfterClass
     public static void deleteResourceGroup() {
         final ResourceGroupTool tool = new ResourceGroupTool(access);
@@ -109,7 +119,7 @@ public void keyVaultAsPropertySource() {
                         .getSource().getClass() + "\n");
             }
 
-            assertEquals(KEY_VAULT_VALUE, app.getProperty("key"));
+            assertEquals(KEY_VAULT_SECRET_VALUE, app.getProperty(KEY_VAULT_SECRET_NAME));
             app.close();
             log.info("--------------------->test over");
         }
@@ -123,10 +133,52 @@ public void keyVaultAsPropertySourceWithSpecificKeys() {
             app.property("azure.keyvault.client-id", access.clientId());
             app.property("azure.keyvault.client-key", access.clientSecret());
             app.property("azure.keyvault.tenant-id", access.tenant());
-            app.property("azure.keyvault.secret.keys", "key , azure-cosmosdb-key");
+            app.property(
+                    "azure.keyvault.secret.keys",
+                    String.join(",",
+                            KEY_VAULT_SECRET_NAME,
+                            AZURE_COSMOSDB_KEY
+                    )
+            );
 
             app.start();
-            assertEquals(KEY_VAULT_VALUE, app.getProperty("key"));
+            assertEquals(KEY_VAULT_SECRET_VALUE, app.getProperty(KEY_VAULT_SECRET_NAME));
+            app.close();
+            log.info("--------------------->test over");
+        }
+    }
+
+    @Test
+    public void keyVaultAsPropertySourceWithSpELInValue() {
+        try (AppRunner app = new AppRunner(DumbApp.class)) {
+            app.property("azure.keyvault.enabled", "true");
+            app.property("azure.keyvault.uri", vault.vaultUri());
+            app.property("azure.keyvault.client-id", access.clientId());
+            app.property("azure.keyvault.client-key", access.clientSecret());
+            app.property("azure.keyvault.tenant-id", access.tenant());
+            app.property(
+                    "azure.keyvault.secret.keys",
+                    String.join(",",
+                            KEY_VAULT_SECRET_NAME,
+                            AZURE_COSMOSDB_KEY,
+                            KEY_VAULT_SECRET_NAME_WITH_SPEL_IN_VALUE
+                    )
+            );
+            app.property(APP_PROPERTY_NAME, APP_PROPERTY_VALUE);
+            app.property(
+                    APP_PROPERTY_NAME_WITH_SPEL_IN_VALUE,
+                    String.format("${%s}", KEY_VAULT_SECRET_NAME)
+            );
+
+            app.start();
+            assertEquals(
+                    KEY_VAULT_SECRET_VALUE,
+                    app.getProperty(APP_PROPERTY_NAME_WITH_SPEL_IN_VALUE)
+            );
+            assertEquals(
+                    APP_PROPERTY_VALUE,
+                    app.getProperty(KEY_VAULT_SECRET_NAME_WITH_SPEL_IN_VALUE)
+            );
             app.close();
             log.info("--------------------->test over");
         }
@@ -174,7 +226,7 @@ public void keyVaultWithAppServiceMSI() {
         final ResponseEntity<String> response = curlWithRetry(resourceUrl, 3, 120_000, String.class);
 
         assertEquals(HttpStatus.OK, response.getStatusCode());
-        assertEquals(KEY_VAULT_VALUE, response.getBody());
+        assertEquals(KEY_VAULT_SECRET_VALUE, response.getBody());
         log.info("--------------------->test app service with MSI over");
     }
 
@@ -206,13 +258,12 @@ public void keyVaultWithVirtualMachineMSI() throws Exception {
         final List<String> commands = new ArrayList<>();
         commands.add(String.format("cd /home/%s", VM_USER_NAME));
         commands.add(
-                String.
-                format("nohup java -jar -Xdebug " +
+                String.format("nohup java -jar -Xdebug " +
                                 "-Xrunjdwp:server=y,transport=dt_socket,address=4000,suspend=n " +
                                 "-Dazure.keyvault.uri=%s %s &" +
-                                " >/log.txt  2>&1"
-                        , vault.vaultUri(),
-                TEST_KEY_VAULT_JAR_FILE_NAME));
+                                " >/log.txt  2>&1",
+                        vault.vaultUri(),
+                        TEST_KEY_VAULT_JAR_FILE_NAME));
         vmTool.runCommandOnVM(vm, commands);
 
         final ResponseEntity<String> response = curlWithRetry(
@@ -222,15 +273,17 @@ public void keyVaultWithVirtualMachineMSI() throws Exception {
                 String.class);
 
         assertEquals(HttpStatus.OK, response.getStatusCode());
-        assertEquals(KEY_VAULT_VALUE, response.getBody());
+        assertEquals(KEY_VAULT_SECRET_VALUE, response.getBody());
         log.info("key vault value is: {}", response.getBody());
         log.info("--------------------->test virtual machine with MSI over");
     }
 
-    private static <T> ResponseEntity<T> curlWithRetry(String resourceUrl,
-                                                    final int retryTimes,
-                                                    int sleepMills,
-                                                    Class<T> clazz) {
+    private static <T> ResponseEntity<T> curlWithRetry(
+            String resourceUrl,
+            final int retryTimes,
+            int sleepMills,
+            Class<T> clazz
+    ) {
         HttpStatus httpStatus = HttpStatus.BAD_REQUEST;
         ResponseEntity<T> response = ResponseEntity.of(Optional.empty());
         int rt = retryTimes;
@@ -252,5 +305,6 @@ private static <T> ResponseEntity<T> curlWithRetry(String resourceUrl,
     }
 
     @SpringBootApplication
-    public static class DumbApp {}
+    public static class DumbApp {
+    }
 }