From f778da3089e272bfe5950d7303a184fe8df85eea Mon Sep 17 00:00:00 2001 From: Kalpa Vidusha Pathirana Date: Tue, 16 Dec 2025 00:13:30 +0530 Subject: [PATCH] Integrate HashiCorp Vault & Secure Database Configs - Downgraded Spring Boot to 3.2.5 to support Spring Cloud Vault. - Added 'spring-cloud-starter-vault-config' dependency. - Migrated 'application.properties' to 'application.yml'. - Externalized database credentials to HashiCorp Vault to implement Zero Trust security. --- pom.xml | 206 +++++++++++----------- src/main/resources/application.properties | 18 -- src/main/resources/application.yml | 54 ++++++ 3 files changed, 153 insertions(+), 125 deletions(-) delete mode 100644 src/main/resources/application.properties create mode 100644 src/main/resources/application.yml diff --git a/pom.xml b/pom.xml index 803fd33..2fc66b7 100644 --- a/pom.xml +++ b/pom.xml @@ -1,70 +1,75 @@ - 4.0.0 - - org.springframework.boot - spring-boot-starter-parent - 4.0.0 - - - com.CSO2 - order-service - 0.0.1-SNAPSHOT - order-service - order-service of CSO2 - - - - - - - - - - - - - - - 17 - 2025.1.0 - 1.18.42 - - - - org.springframework.boot - spring-boot-starter-data-jpa - - - org.springframework.boot - spring-boot-starter-web - + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> + 4.0.0 + + org.springframework.boot + spring-boot-starter-parent + 3.2.5 + + com.CSO2 + order-service + 0.0.1-SNAPSHOT + order-service + order-service of CSO2 - - org.postgresql - postgresql - runtime - - - org.projectlombok - lombok - ${lombok.version} - true - - - org.springframework.boot - spring-boot-starter-test - test - - - org.springframework.cloud - spring-cloud-starter-openfeign - - - org.springframework.cloud - spring-cloud-starter-loadbalancer - + + 17 + 2023.0.0 1.18.42 + + + + + + org.springframework.cloud + spring-cloud-dependencies + ${spring-cloud.version} + pom + import + + + + + + + org.springframework.cloud + spring-cloud-starter-vault-config + + + + org.springframework.boot + spring-boot-starter-data-jpa + + + org.springframework.boot + spring-boot-starter-web + + + org.postgresql + postgresql + runtime + + + + org.springframework.cloud + spring-cloud-starter-openfeign + + + org.springframework.cloud + spring-cloud-starter-loadbalancer + + + + org.projectlombok + lombok + ${lombok.version} + true + + + org.springframework.boot + spring-boot-starter-test + test + org.springframework.boot spring-boot-starter-actuator @@ -85,46 +90,33 @@ - - - - org.springframework.cloud - spring-cloud-dependencies - ${spring-cloud.version} - pom - import - - - - - - - - org.apache.maven.plugins - maven-compiler-plugin - - - - org.projectlombok - lombok - ${lombok.version} - - - - - - org.springframework.boot - spring-boot-maven-plugin - - - - org.projectlombok - lombok - - - - - - - - + + + + org.apache.maven.plugins + maven-compiler-plugin + + + + org.projectlombok + lombok + ${lombok.version} + + + + + + org.springframework.boot + spring-boot-maven-plugin + + + + org.projectlombok + lombok + + + + + + + \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties deleted file mode 100644 index 8dd7287..0000000 --- a/src/main/resources/application.properties +++ /dev/null @@ -1,18 +0,0 @@ -spring.application.name=order-service -server.port=${SERVER_PORT:8083} - -# PostgreSQL Configuration (override via env vars in production) -spring.datasource.url=${DATABASE_URL:jdbc:postgresql://localhost:5432/CSO2_order_service} -spring.datasource.username=${DATABASE_USERNAME:cso2} -spring.datasource.password=${DATABASE_PASSWORD:password123} -spring.datasource.driver-class-name=org.postgresql.Driver - -# JPA / Hibernate -spring.jpa.hibernate.ddl-auto=update -spring.jpa.show-sql=${JPA_SHOW_SQL:true} -spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect -spring.jpa.properties.hibernate.format_sql=true - -# Feign Client Service URLs (override via env vars in production) -catalog.service.url=${CATALOG_SERVICE_URL:http://localhost:8082} -cart.service.url=${CART_SERVICE_URL:http://localhost:8084} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml new file mode 100644 index 0000000..a0b9df6 --- /dev/null +++ b/src/main/resources/application.yml @@ -0,0 +1,54 @@ +# --- Order Service Configuration --- +spring: + application: + name: order-service + + # 1. Config Import: Load properties from Vault first + config: + import: "optional:vault://" + + # 2. Vault Configuration + cloud: + vault: + enabled: true + uri: http://localhost:8200 + token: my-root-token + kv: + enabled: true + backend: kv + default-context: cs02-app + authentication: TOKEN + + # 3. Data Source Configuration + datasource: + url: jdbc:postgresql://localhost:5432/CSO2_order_service + driver-class-name: org.postgresql.Driver + username: ${db_username} + password: ${db_password} + + # 4. JPA / Hibernate + jpa: + hibernate: + ddl-auto: update + show-sql: ${JPA_SHOW_SQL:true} + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQLDialect + format_sql: true + +# --- Server Port --- +server: + port: 8083 + +# --- Feign Clients --- +spring.cloud.openfeign.client.config.default: + connectTimeout: 5000 + readTimeout: 5000 + +# --- Custom Service URLs --- +catalog: + service: + url: ${CATALOG_SERVICE_URL:http://localhost:8082} +cart: + service: + url: ${CART_SERVICE_URL:http://localhost:8084} \ No newline at end of file