load config from vault

yeahbutstill · Oct 5, 2024 · 80565fe · 80565fe
1 parent 7dc50e0
commit 80565fe
Show file tree

Hide file tree

Showing 15 changed files with 801 additions and 13 deletions.
diff --git a/.gitignore b/.gitignore
@@ -34,3 +34,4 @@ build/
 
 ### Docker ###
 /restful-api-contact-management-data/
+/db-contact-management/
diff --git a/README.md b/README.md
@@ -15,8 +15,46 @@ atau dengan command line ini, tapi hapus dulu dependency spring-boot-composer ya
 docker run --rm --name restful-api-contact-management -e POSTGRES_DB=contact_management_db -e POSTGRES_USER=dani -e POSTGRES_PASSWORD=dani -e PGDATA=/var/lib/postgresql/data/pgdata -v "$PWD/restful-api-contact-management-data:/var/lib/postgresql/data" -p 5432:5432 postgres:15
 ```
 
+## Jalankan Vault
+```shell
+# Masuk ke container vault
+docker exec -it contact-management-vault-1 sh 
+export VAULT_ADDR='http://127.0.0.1:8288'
+export VAULT_TOKEN='root-token-for-dev-purpose-only'
+```
+
+## Jalankan Terraform
+Buka terminal baru
+```shell
+cd tf-provisioner
+terraform init
+terraform apply
+```
+
+## Baca Secret, Root-ID, tulis Secret-ID
+Balik lagi ke terminal container vault
+```shell
+vault kv get secret/aplikasi/contact-management
+
+# jalankan ini ambil datanya untuk nanti dimasukan ke application.properties
+vault read auth/approle/role/jawasundapadangbetawi/role-id
+vault write -force auth/approle/role/jawasundapadangbetawi/secret-id
+
+# masuk ke application.properties lalu isi role-id dan secret-id
+# spring.cloud.vault.app-role.role-id=b830f1e1-63fc-0ce5-46e1-21f79c048513
+# spring.cloud.vault.app-role.secret-id=48e63ee2-f596-6e2f-cebe-466251dae922
+```
+
+
 ## Login psql
+masuk ke container DB nya
+```shell
+docker exec -it contact-management-db-contact-management-1 sh
+psql -U dani -d contact_management_db
+select * from flyway_schema_history;
+```
 
+Atau kalau sudah install client PSQL bisa pakai ini:
 ```shell
 psql -h 127.0.0.1 -U dani contact_management_db
 \x ## Expanded display is on. like \G on MySQL

diff --git a/compose.yaml b/compose.yaml
@@ -1,5 +1,5 @@
 services:
-  postgresdb:
+  db-contact-management:
     image: 'postgres:16.3-alpine3.20'
     restart: always
     # set shared memory limit when using docker-compose
@@ -12,12 +12,21 @@ services:
     #      size: 134217728 # 128*2^20 bytes = 128Mb
     environment:
       - 'POSTGRES_DB=contact_management_db'
-      - 'POSTGRES_USER=zvZnK2CJAo0Xw'
-      - 'POSTGRES_PASSWORD=nljMTxE2XU1Zp'
+      - 'POSTGRES_USER=dani'
+      - 'POSTGRES_PASSWORD=dani'
       - 'PGDATA=/var/lib/postgresql/data/pgdata'
     volumes:
-      - '$PWD/restful-api-contact-management-data:/var/lib/postgresql/data'
+      - '$PWD/db-contact-management:/var/lib/postgresql/data'
     ports:
       - '5432:5432'
     expose:
-      - '5432'
+      - '5432'
+
+  vault:
+    image: hashicorp/vault
+    restart: always
+    command: ['vault', 'server', '-dev', '-dev-listen-address=0.0.0.0:8288']
+    environment:
+      VAULT_DEV_ROOT_TOKEN_ID: 'root-token-for-dev-purpose-only'
+    ports:
+      - '8288:8288'
diff --git a/pom.xml b/pom.xml
@@ -5,19 +5,37 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.3.0</version>
+        <version>3.3.4</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
     <groupId>com.yeahbutstill</groupId>
     <artifactId>contact-management-api</artifactId>
     <version>0.0.1-SNAPSHOT</version>
     <name>contact-management-api</name>
     <description>Demo project for Spring Boot RESTful API Contact Management</description>
+    <url/>
+    <licenses>
+        <license/>
+    </licenses>
+    <developers>
+        <developer/>
+    </developers>
+    <scm>
+        <connection/>
+        <developerConnection/>
+        <tag/>
+        <url/>
+    </scm>
     <properties>
-        <java.version>22</java.version>
-        <spring-modulith.version>1.2.0</spring-modulith.version>
+        <java.version>21</java.version>
+        <spring-modulith.version>1.2.4</spring-modulith.version>
+        <spring-cloud.version>2023.0.3</spring-cloud.version>
     </properties>
     <dependencies>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-vault-config</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-jpa</artifactId>
@@ -99,9 +117,21 @@
             <artifactId>postgresql</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.testcontainers</groupId>
+            <artifactId>vault</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
     <dependencyManagement>
         <dependencies>
+            <dependency>
+                <groupId>org.springframework.cloud</groupId>
+                <artifactId>spring-cloud-dependencies</artifactId>
+                <version>${spring-cloud.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
             <dependency>
                 <groupId>org.springframework.modulith</groupId>
                 <artifactId>spring-modulith-bom</artifactId>
@@ -117,7 +147,7 @@
             <plugin>
                 <groupId>io.github.deweyjose</groupId>
                 <artifactId>graphqlcodegen-maven-plugin</artifactId>
-                <version>1.50</version>
+                <version>1.61.5</version>
                 <executions>
                     <execution>
                         <id>dgs-codegen</id>

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -1,11 +1,27 @@
+spring.application.name=aplikasi-contact-management
 server.port=8181
 spring.datasource.driver-class-name=org.postgresql.Driver
-spring.datasource.url=jdbc:postgresql://localhost:5432/contact_management_db
-spring.datasource.username=dani
-spring.datasource.password=dani
+
+# Nanti ini diambil dari Vault
+#spring.datasource.url=jdbc:postgresql://localhost:5432/contact_management_db
+#spring.datasource.username=dani
+#spring.datasource.password=dani
+
 spring.datasource.type=com.zaxxer.hikari.HikariDataSource
 spring.datasource.hikari.minimum-idle=10
 spring.datasource.hikari.maximum-pool-size=50
 spring.jpa.properties.hibernate.format_sql=true
 spring.jpa.properties.hibernate.show_sql=true
-spring.jpa.hibernate.ddl-auto=create-drop
+spring.jpa.hibernate.ddl-auto=create-drop
+
+spring.cloud.vault.fail-fast=true
+spring.cloud.vault.host=localhost
+spring.cloud.vault.port=8288
+spring.cloud.vault.scheme=http
+spring.cloud.vault.uri=http://localhost:8288
+spring.cloud.vault.connection-timeout=5000
+spring.cloud.vault.read-timeout=15000
+spring.cloud.vault.config.order=-10
+spring.cloud.vault.authentication=APPROLE
+spring.cloud.vault.app-role.role-id=e26d0199-34d2-ce03-fc4d-a72f0cf147c3
+spring.cloud.vault.app-role.secret-id=2c11b21b-eaaf-c154-72a2-27e3a5cfc591
diff --git a/tf-provisioner/.terraform.lock.hcl b/tf-provisioner/.terraform.lock.hcl
Original file line number	Diff line number	Diff line change
Expand Up		@@ -34,3 +34,4 @@ build/

		### Docker ###
		/restful-api-contact-management-data/
		/db-contact-management/