Describe the bug
We are running Spring Cloud Config with the Git backend and we've identified that when we call /actuator/health it's first making a call to the git repo and receiving a 401 (Unauthorized), and right away a call that succeeds. It appears as if the first request is not sending the credentials, but the second is.
This doesn't seem right, am I missing something? I'm using a version a bit old (2.1.2.RELEASE), I looked through the issues but couldn't find any issue related to this.
Here is a screenshot of the outgoing calls that /actuator/health makes depicting the issue:
Notice how this is not an isolated incident, but rather, each failed attempt is followed by a successful one:
Comment From: spencergibb
I'd say it's all up to your configuration. Can you share?
Comment From: epignosisx
Thanks for the quick reply. We are running it inside a container, here are the environment variables we are setting:
SPRING_CLOUD_CONFIG_SERVER_GIT_USERNAME=some-username SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD=some-password SPRING_CLOUD_CONFIG_SERVER_GIT_URI=https://some-org@dev.azure.com/some-org/some-project/_git/app-config SPRING_CLOUD_CONFIG_SERVER_GIT_FORCE-PULL=true SPRING_CLOUD_CONFIG_SERVER_GIT_BASEDIR=/opt/app-config ENCRYPT_KEY=some-key MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE=health
Comment From: spencergibb
what version?
Seems odd that you have the username in the uri and env vars
Comment From: epignosisx
what version?
2.1.2.RELEASE
Seems odd that you have the username in the uri and env vars
Indeed. I haven't noticed that. Let me check if there is a reason for it and remove it to see if it makes a difference.
Comment From: spencergibb
That's an old version and I would suggest updating to Hoxton.SR8
Comment From: epignosisx
Updated the git url to exclude the username, it did not make a difference. I'm in the process of updating the app to the latest version. I'll share the results.
Comment From: epignosisx
We upgraded to the latest versions, but no luck: spring-boot-starter-parent from 2.1.5 to 2.3.4 spring-cloud-config-server from 2.1.2 to 2.2.5
It does not seem to be a problem with just the /actuator/health endpoint, it also happens when requesting the configuration like /some-app/some-profile/some-label
Comment From: avnerstr
@OlgaMaciaszek and @spencergibb any progress on this issue- I still see it happening 2020.0.4. any progress on that?
Comment From: avnerstr
@spencergibb any update on that?
Comment From: mdiskin
On springboot 3.3.1 SpringCloud 2023.0.2 Java21
cloud: config: server: bootstrap: ${CONFIGSERVER_BOOTSTRAP:true} encrypt: enabled: ${CONFIGSERVER_ENCRYPTENABLED:true} git: uri: https://gitlab.com/arctravel/arc-settlement/config/default-config.git basedir: ${CONFIGSERVER_BASEDIR}/default clone-on-start: ${CONFIGSERVER_CLONEONSTART} force-pull: ${CONFIGSERVER_FORCEPULL} username: ${GIT_USER} password: ${GIT_TOKEN}
Comment From: mdiskin
@spencergibb is there anymore research I can provide to help in getting a fix for this one? This does limit our able to monitor for true production issues
