We are using config server with Vault backend to fetch application secrets.
Config server project is using spring-vault-core
dependency and spring-vault-dependencies
dependency management for Vault.
Vault related config in application yml file is as follows:
spring:
cloud:
config:
server:
vault:
order: 0
uri: <complete URI>
connection-timeout: 5000
read-timeout: 15000
kvVersion: 2
backend: secret
defaultKey: config
This works fine and fetches me the Vault secrets in secret/config
.
I am unable to add secret fetching from multiple paths in Vault (secret/config
+ secret/customFolder
). I have tried adding comma separated application-name etc as suggested across various posts but does not work. Has anyone tried something similar?
You can take a look to the composite
profile.
There are a lot of additional questions - what exactly you are trying to do, and why do you want to have this?
For us, for example, it was important to split infra services configurations and also split, actually, microservices configurations by itself. And, important requirement, to be able to "overwrite" it (in case of migrations, for instance).
We have achieve that with two things:
composite
configuration (with exactly the same type
and uri
, but little bit different backend
and keys
),spring.cloud.config.name
property (coma separated list).