AwsSecretsManagerEnvironmentRepository reads secrets as
GetSecretValueRequest.builder().secretId(path).versionStage(label).build()
When secret does not exist it throws ResourceNotFoundException which is handled by catch block. However when secret is marked for deletion it throws InvalidRequestException which is not handled and the whole request to Config Sever fails.
HTTP/1.1 500
{
"timestamp": "2023-11-06T08:12:00.040+00:00",
"status": 500,
"error": "Internal Server Error",
"message": "You can't perform this operation on the secret because it was marked for deletion. (Service: SecretsManager, Status Code: 400, Request ID: ...)",
"path": "..."
}
Comment From: ryanjbaxter
So we just need to add InvalidRequestException to this catch block?
https://github.com/spring-cloud/spring-cloud-config/blob/22159980ca1dd30563d13a0fde8c0e9d23e11f0b/spring-cloud-config-server/src/main/java/org/springframework/cloud/config/server/environment/AwsSecretsManagerEnvironmentRepository.java#L158-L161
Interested in submitting a RP with a test?
Comment From: ojecborec
I'd love to but I cannot compile this project. The README.adoc file says that ./mvnw install should work but all I'm getting is
[ERROR] Errors:
[ERROR] AwsS3IntegrationTests » ExceptionInInitializer
[ERROR] AwsParameterStoreEnvironmentRepositoryTests » ExceptionInInitializer
[ERROR] AwsS3EnvironmentRepositoryTests » ExceptionInInitializer
[ERROR] AwsSecretsManagerEnvironmentRepositoryTests » ExceptionInInitializer
[ERROR] RedisEnvironmentRepositoryIntegrationTests » IllegalState Previous attempts to...
2023-11-08T09:23:31.675+01:00 DEBUG 169438 --- [-auto-38-exec-1] o.s.c.c.s.e.SvnKitEnvironmentRepository : Checking out file:////.../spring-cloud-config/spring-cloud-config-server/target/repos/svn-config-repo to: /tmp/config-repo-12403763819772435982
2023-11-08T09:23:32.104+01:00 INFO 169438 --- [-auto-38-exec-1] o.s.c.c.s.e.NativeEnvironmentRepository : Adding property source: Config resource 'file [/tmp/config-repo-12403763819772435982/trunk/application.yml]' via location 'file:/tmp/config-repo-12403763819772435982/trunk/'
2023-11-08T09:23:32.113+01:00 DEBUG 169438 --- [-auto-38-exec-2] o.s.c.c.s.e.SvnKitEnvironmentRepository : Repo already checked out - updating instead.
2023-11-08T09:23:32.120+01:00 DEBUG 169438 --- [-auto-38-exec-2] o.s.c.c.s.e.SvnKitEnvironmentRepository : Could not update remote for trunk (current local=/tmp/config-repo-12403763819772435982), remote: file:////.../spring-cloud-config/spring-cloud-config-server/target/repos/svn-config-repo)
org.tmatesoft.svn.core.SVNException: svn: E180001: Unable to open repository 'file:///.../spring-cloud-config/spring-cloud-config-server/target/repos/svn-config-repo'
svn: E180001: Unable to connect to a repository at URL 'file:///.../spring-cloud-config/spring-cloud-config-server/target/repos/svn-config-repo'
svn: E180001: Unable to open repository 'file:///.../spring-cloud-config/spring-cloud-config-server/target/repos/svn-config-repo'
Comment From: ojecborec
I've managed to run tests inside IntelliJ Idea at least. However I'm getting 403 when trying to push my local branch.
14:32:59.071: [spring-cloud-config] git ... origin refs/heads/marked-for-deletion:refs/heads/marked-for-deletion --set-upstream
remote: Permission to spring-cloud/spring-cloud-config.git denied to ojecborec.
fatal: unable to access 'https://github.com/spring-cloud/spring-cloud-config.git/': The requested URL returned error: 403
Comment From: ryanjbaxter
You should be pushing to your own fork and then submitting a PR from that fork
Comment From: ojecborec
PR for 4.0.x branch submitted https://github.com/spring-cloud/spring-cloud-config/pull/2350. Is it going to be automatically synchronized with the main branch once approved or do I have to create one for the main branch (Spring Cloud Config 4.1) as well?
Comment From: ryanjbaxter
Yup I merged it forward, thanks!