This project includes a demo on how to consume Vault KVs and Dynamic MySQL database credentials in a Spring App using annotations.
- Start Vault and MySQL
cd ./scripts
./start-vault.sh
./start-mysql.sh
cd ../
- Configure Vault
./configure-vault.sh
- Get the root token from the output file
cat /tmp/vault-output.txt | grep "Root Token"
Copy the root token to the spring.cloud.vault.token
file in
./src/main/resources/bootstrap.properties
file.
This repo will be updated soon to use other authentication methods
- Run the build
./gradlew bootRun
There are a few endpoints you can use to see the KV, credentials, and database data.
/getdbcredentials
Will output the dynamically generated database user
. This demonstrates that
the dynamic user is generated using the Vault configurations in bootstrap.yml
in conjunction with the Autowired DataSource.
/getkvdata
Will output the KV data entered during the vault configuration step above. This demonstrates how to use Value bean annotations to map data in the Vault KV.
/getdbdata
Will output data entered into the database during the MySQL start above. This demonstrates that the dynamically generated database credentials can be used to successfully pull data from the database and map to a Spring Model.
- Cleanup the Vault deployment by running
./scripts/cleanup.sh