fix actuator security config

admin-ch · Oct 12, 2021 · 91da0a2 · 91da0a2
1 parent 40c1115
commit 91da0a2
Showing 1 changed file with 3 additions and 41 deletions.
diff --git a/.../ch/admin/bag/covidcertificate/backend/verification/check/ws/config/ActuatorSecurity.java b/.../ch/admin/bag/covidcertificate/backend/verification/check/ws/config/ActuatorSecurity.java
@@ -17,13 +17,11 @@
 import org.springframework.boot.actuate.info.InfoEndpoint;
 import org.springframework.boot.actuate.logging.LoggersEndpoint;
 import org.springframework.boot.actuate.metrics.export.prometheus.PrometheusScrapeEndpoint;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
-import org.springframework.core.env.Environment;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -38,53 +36,17 @@
 public class ActuatorSecurity extends WebSecurityConfigurerAdapter {
 
     private static final String PROMETHEUS_ROLE = "PROMETHEUS";
-    @Autowired Environment environment;
 
     @Value("${ws.monitor.prometheus.user}")
     private String user;
 
-    // region Actuator Passwords
-    // ----------------------------------------------------------------------------------------------------------------------------------
-    @Bean
-    @Profile("cloud-dev")
-    ActuatorSecurityConfig passwordCloudDev() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_dev.credentials.password"));
-    }
-
-    @Bean
-    @Profile("cloud-test")
-    ActuatorSecurityConfig passwordCloudTest() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_test.credentials.password"));
-    }
-
-    @Bean
-    @Profile("cloud-abn")
-    ActuatorSecurityConfig passwordCloudAbn() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_abn.credentials.password"));
-    }
-
-    @Bean
-    @Profile("cloud-prod")
-    ActuatorSecurityConfig passwordProdAbn() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_prod.credentials.password"));
-    }
+    @Value("${ws.monitor.prometheus.password}")
+    private String password;
 
     @Bean
-    @ConditionalOnMissingBean
     ActuatorSecurityConfig passwordDefault() {
-        return new ActuatorSecurityConfig(
-                user, environment.getProperty("ws.monitor.prometheus.password"));
+        return new ActuatorSecurityConfig(user, password);
     }
-    // ----------------------------------------------------------------------------------------------------------------------------------
-    // endregion
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {