K
Q

Variable from kubernetes yaml causes: Could not resolve placeholder 'ACTUATOR_PASSWORD' in value "${ACTUATOR_PASSWORD}"

2/26/2019

When I run my application from IntelliJ, I get a warning / error though application builds fine and runs all tests through, is this something that I should ignore, or can this be handled fixed?

Kubernetes secret is used to create a random password, therefor I have a placeholder for that particular variable.

2019-02-26 19:45:29.600  INFO 38918 --- [           main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2019-02-26 19:45:29.684  WARN 38918 --- [           main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'actuatorSecurity': Injection of autowired dependencies failed; nested exception is java.lang.IllegalArgumentException: Could not resolve placeholder 'ACTUATOR_PASSWORD' in value "${ACTUATOR_PASSWORD}"
2019-02-26 19:45:29.685  INFO 38918 --- [           main] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
2019-02-26 19:45:29.685  INFO 38918 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown initiated...
2019-02-26 19:45:29.707  INFO 38918 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown completed.
2019-02-26 19:45:29.713  INFO 38918 --- [           main] o.apache.catalina.core.StandardService   : Stopping service [Tomcat]

qronicle-deployment.yaml

apiVersion: v1
kind: Secret
metadata:
  name: actuator
  namespace: {{ .Release.Namespace }}
type: Opaque
data:
  actuator-password: {{ randAlphaNum 10 | b64enc | quote }}
....
- name: ACTUATOR_PASSWORD
  valueFrom:
    secretKeyRef:
      name: actuator
      key: actuator-password

application.properties

# spring boot actuator access control
management.endpoints.web.exposure.include=*
security.user.actuator-username=admin
security.user.actuator-password=${ACTUATOR_PASSWORD}

ACTUATOR_PASSWORD is consumed here

@Configuration
@EnableWebSecurity
class ActuatorSecurity : WebSecurityConfigurerAdapter() {
    @Value("\${security.user.actuator-username}")
    private val actuatorUsername: String? = null

    @Value("\${security.user.actuator-password}")
    private val actuatorPassword: String? = null

    ....
}
-- JonB
kotlin
kubernetes
spring-boot
spring-security

Similar Questions

Kubernetes, simple SpringBoot app OOMKilled
Openshift deployment validation - QA
Service with both selector and explicit endpoints?
Running “kubectl proxy” for a single request
Connecting to a Postgres DB running in K8s (Docker Desktop)

2 Answers

2/27/2019

Usually for secrets you will mount it outside of the deployment yaml.

Here you could run kubectl create secret generic <secret_name> --from-literal <secret_key> ='<password>' under the k8 context where the nodes are going to be running.

This will create a secret there and the deployment yaml you have above will map it to an environment variable.

-- Creamstout10
Source: StackOverflow
2/27/2019

this does the trick in the application.properties file

security.user.password=${ACTUATOR_PASSWORD:admin123}

where admin123 will be used if the env var is not provided

-- JonB
Source: StackOverflow