Cannot add several AwsSecretsManagerPropertySourceLocator in a project

[anthony-foulfoin]

Enhancement

Suppose you have several AWS Secrets you want to add in your application. I did it the same way for having multiple datasources in Spring Boot.

These 2 AWS Secrets are for instance:

• my-app-rds-dev
• salesforce-dev

They are separated because some apps might want the salesforce credentials, without the rds which is specific to each app. To do so I modified the bootstrap.yml to add a new level which is the name of the secret source:

aws:
  secretsmanager:
    rds:
      default-context: my-app-rds-dev
    salesforce:
      default-context: salesforce-dev

Of course the AwsSecretsManagerBootstrapConfiguration would crash with this because it doesn't match the expected AwsSecretsManagerProperties.

So I overloaded the beans this way in an @Configuration class:

@Configuration
public class AwsSecretsManagerBootstrapConfiguration {

	@Bean
	@ConfigurationProperties("aws.secretsmanager.rds")
	AwsSecretsManagerProperties rdsSecretsProperties() {
		return new AwsSecretsManagerProperties();
	}

	@Bean
	AwsSecretsManagerPropertySourceLocator salesforceSecretsManagerPropertySourceLocator(AWSSecretsManager smClient, AwsSecretsManagerProperties salesforceSecretsProperties) {
		return new AwsSecretsManagerPropertySourceLocator(smClient, salesforceSecretsProperties);
	}

	@Bean
	@ConfigurationProperties("aws.secretsmanager.salesforce")
	AwsSecretsManagerProperties salesforceSecretsProperties() {
		return new AwsSecretsManagerProperties();
	}

	@Bean
	AwsSecretsManagerPropertySourceLocator rdsSecretsManagerPropertySourceLocator(AWSSecretsManager smClient, AwsSecretsManagerProperties rdsSecretsProperties) {
		return new AwsSecretsManagerPropertySourceLocator(smClient, rdsSecretsProperties);
	}

	@Bean
	@ConditionalOnMissingBean
	AWSSecretsManager smClient() {
		return AWSSecretsManagerClientBuilder.defaultClient();
	}
}

Creating 2 PropertySourceLocator beans should work because PropertySourceBootstrapConfiguration creates a composite CompositePropertySource from all the PropertySourceLocator it finds.

But it doesn't work, for a very simple reason: in CompositePropertySource the sources are stored in a Set. The hashCode of a PropertySource is the hash of its name.

Which leads to the issue: in AwsSecretsManagerPropertySourceLocator.locate() the CompositePropertySource name is always set to "aws-secrets-manager". If you create 2 AwsSecretsManagerPropertySourceLocator they will have the same name, and then the same hashCode that will be considered as a duplicate in the Set of CompositePropertySource.

The solution is easy and straightforward: allow to set the PropertySourceLocator name in the constructor so you can have 2 different names (first constructor property):

	@Bean
	AwsSecretsManagerPropertySourceLocator salesforceSecretsManagerPropertySourceLocator(AWSSecretsManager smClient, AwsSecretsManagerProperties salesforceSecretsProperties) {
		return new AwsSecretsManagerPropertySourceLocator("aws-secrets-manager-rds", smClient, salesforceSecretsProperties);
	}

	@Bean
	AwsSecretsManagerPropertySourceLocator rdsSecretsManagerPropertySourceLocator(AWSSecretsManager smClient, AwsSecretsManagerProperties rdsSecretsProperties) {
		return new AwsSecretsManagerPropertySourceLocator("aws-secrets-manager-sf", smClient, rdsSecretsProperties);
	}

Problem solved !

[maciejwalkowiak]

@anthofo thanks for reporting an issue and PR. Since it stays backward compatible we can merge it now to branch 2.2.x but i am wondering if it would make sense to support an example you provided out of the box:

aws:
  secretsmanager:
    rds:
      default-context: my-app-rds-dev
    salesforce:
      default-context: salesforce-dev