Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

.yml files with {cipher} tokens, without quotes, breaks the config service #1

Open
marcellodesales opened this issue Dec 7, 2017 · 0 comments
Open

.yml files with {cipher} tokens, without quotes, breaks the config service #1

marcellodesales opened this issue Dec 7, 2017 · 0 comments

Comments

@marcellodesales
Copy link
Member

marcellodesales commented Dec 7, 2017
edited
Loading

Problem

If a configuration property starts with {cipher}, but without single/double-quotes, the configuration service breaks. This is specific to .yml files.

Example at marcellodesales/config-repo@3243ff4

Config Server API Output

$ curl config-server:8888/app/default
Error: Failed to load property source from location 'file:/tmp/config-repo-2392906881014410043/application.yml'

Config Server Error Logs

config-server_1           | 	... 87 common frames omitted
config-server_1           |
config-server_1           | 2017-12-07 07:50:05.983 ERROR 1 --- [nio-8888-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.IllegalStateException: Failed to load property source from location 'file:/tmp/config-repo-2392906881014410043/application.yml'] with root cause
config-server_1           |
config-server_1           | org.yaml.snakeyaml.parser.ParserException: while parsing a block mapping
config-server_1           |  in 'reader', line 5, column 3:
config-server_1           |       password: {cipher}AQBdTe9vjgOqAN ...
config-server_1           |       ^
config-server_1           | expected <block end>, but found Scalar
config-server_1           |  in 'reader', line 5, column 21:
config-server_1           |       password: {cipher}AQBdTe9vjgOqANyfi+Ke5HYmhFJnuvsG ...
config-server_1           |                         ^
config-server_1           |
config-server_1           | 	at org.yaml.snakeyaml.parser.ParserImpl$ParseBlockMappingKey.produce(ParserImpl.java:569) ~[snakeyaml-1.17.jar!/:na]
config-server_1           | 	at org.yaml.snakeyaml.parser.ParserImpl.peekEvent(ParserImpl.java:157) ~[snakeyaml-1.17.jar!/:na]
config-server_1           | 	at org.yaml.snakeyaml.parser.ParserImpl.checkEvent(ParserImpl.java:147) ~[snakeyaml-1.17.jar!/:na]
config-server_1           | 	at org.yaml.snakeyaml.composer.Composer.composeMappingNode(Composer.java:224) ~[snakeyaml-1.17.jar!/:na]

Proposed Solution

  • Verify if the value of keys contains the valid tokens for secrets such as {cipher} and {secret} contains quotes (single or double) to make sure secrets are correctly set.
@marcellodesales marcellodesales changed the title {cipher} tokens, without quotes, breaks the config service .yml files with {cipher} tokens, without quotes, breaks the config service Dec 7, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@marcellodesales