Skip to content

[BUG] spring boot 3.4.5 containers hang at starting up for keyvault property-source with managed identity #45263

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
3 tasks done
raja-anbazhagan opened this issue May 8, 2025 · 6 comments
Open
3 tasks done

[BUG] spring boot 3.4.5 containers hang at starting up for keyvault property-source with managed identity #45263

raja-anbazhagan opened this issue May 8, 2025 · 6 comments
Assignees
@saragluna
Labels
azure-spring All azure-spring related issues azure-spring-keyvault Spring keyvault related issues. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Milestone
2025-07

Comments

@raja-anbazhagan
Copy link

raja-anbazhagan commented May 8, 2025
edited
Loading

Describe the bug
Containers hang at starting up since upgrading from 3.0.7 to 3.4.5. Container starts fine if property source is disabled.

Exception or Stack Trace

13:03:42.327 [main] INFO com.example.redacted.ReweighJobApplication -- Starting ReweighJobApplication...
13:11:02.127 [main] ERROR org.springframework.boot.SpringApplication -- Application run failed
java.lang.IllegalStateException: Failed to configure KeyVault property source 'azure-key-vault-secret-property-source-0'
        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySource(KeyVaultEnvironmentPostProcessor.java:146)
        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySourceList(KeyVaultEnvironmentPostProcessor.java:130)
        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.postProcessEnvironment(KeyVaultEnvironmentPostProcessor.java:93)
        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEnvironmentPreparedEvent(EnvironmentPostProcessorApplicationListener.java:132)
        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEvent(EnvironmentPostProcessorApplicationListener.java:115)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:185)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:178)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:156)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:138)
        at org.springframework.boot.context.event.EventPublishingRunListener.multicastInitialEvent(EventPublishingRunListener.java:136)
        at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:81)
        at org.springframework.boot.SpringApplicationRunListeners.lambda$environmentPrepared$2(SpringApplicationRunListeners.java:64)
        at java.base/java.lang.Iterable.forEach(Unknown Source)
        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:118)
        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:112)
        at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:63)
        at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:353)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:313)
        at com.example.redacted.ReweighJobApplication.main(ReweighJobApplication.java:18)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:102)
        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:64)
        at org.springframework.boot.loader.launch.JarLauncher.main(JarLauncher.java:40)
Caused by: com.azure.identity.CredentialUnavailableException: Managed Identity authentication is not available.
        at com.azure.identity.implementation.IdentityClient.lambda$getTokenFromMsalMIClient$28(IdentityClient.java:535)
        at reactor.core.publisher.Mono.lambda$onErrorMap$29(Mono.java:3862)
        at reactor.core.publisher.FluxOnErrorResume$ResumeSubscriber.onError(FluxOnErrorResume.java:94)
        at reactor.core.publisher.MonoFlatMap$FlatMapMain.secondError(MonoFlatMap.java:241)
        at reactor.core.publisher.MonoFlatMap$FlatMapInner.onError(MonoFlatMap.java:315)
        at reactor.core.publisher.MonoCompletionStage$MonoCompletionStageSubscription.apply(MonoCompletionStage.java:115)
        at reactor.core.publisher.MonoCompletionStage$MonoCompletionStageSubscription.apply(MonoCompletionStage.java:67)
        at java.base/java.util.concurrent.CompletableFuture.uniHandle(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture$UniHandle.tryFire(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture.postComplete(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(Unknown Source)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
        at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
        at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.base/java.lang.Thread.run(Unknown Source)
        Suppressed: java.lang.Exception: #block terminated with an error
                at reactor.core.publisher.BlockingSingleSubscriber.blockingGet(BlockingSingleSubscriber.java:104)
                at reactor.core.publisher.Mono.block(Mono.java:1779)
                at com.azure.core.credential.TokenCredential.getTokenSync(TokenCredential.java:110)
                at com.azure.core.implementation.AccessTokenCache.lambda$new$2(AccessTokenCache.java:65)
                at com.azure.core.implementation.AccessTokenCache.lambda$retrieveTokenSync$11(AccessTokenCache.java:230)
                at com.azure.core.implementation.AccessTokenCache.getTokenSync(AccessTokenCache.java:93)
                at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderHelperSync(BearerTokenAuthenticationPolicy.java:220)
                at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderSync(BearerTokenAuthenticationPolicy.java:207)
                at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.authorizeRequestSync(KeyVaultCredentialPolicy.java:241)
                at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.processSync(KeyVaultCredentialPolicy.java:373)
                at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:217)
                at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:233)
                at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:233)
                at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:233)
                at com.azure.core.http.policy.RetryPolicy.processSync(RetryPolicy.java:161)
                at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                at com.azure.core.http.policy.AddHeadersPolicy.processSync(AddHeadersPolicy.java:66)
                at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                at com.azure.core.http.policy.HttpPipelineSyncPolicy.processSync(HttpPipelineSyncPolicy.java:51)
                at com.azure.core.http.policy.UserAgentPolicy.processSync(UserAgentPolicy.java:174)
                at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                at com.azure.core.http.HttpPipeline.sendSync(HttpPipeline.java:138)
                at com.azure.core.implementation.http.rest.SyncRestProxy.send(SyncRestProxy.java:62)
                at com.azure.core.implementation.http.rest.SyncRestProxy.invoke(SyncRestProxy.java:83)
                at com.azure.core.implementation.http.rest.RestProxyBase.invoke(RestProxyBase.java:124)
                at com.azure.core.http.rest.RestProxy.invoke(RestProxy.java:95)
                at jdk.proxy2/jdk.proxy2.$Proxy11.getSecretsSync(Unknown Source)
                at com.azure.security.keyvault.secrets.implementation.SecretClientImpl.getSecretsSinglePage(SecretClientImpl.java:1083)
                at com.azure.security.keyvault.secrets.SecretClient.lambda$listPropertiesOfSecrets$16(SecretClient.java:871)
                at com.azure.core.http.rest.PagedIterable.lambda$new$5(PagedIterable.java:193)
                at com.azure.core.util.paging.ContinuablePagedByIteratorBase.requestPage(ContinuablePagedByIteratorBase.java:104)
                at com.azure.core.util.paging.ContinuablePagedByPageIterable$ContinuablePagedByPageIterator.<init>(ContinuablePagedByPageIterable.java:82)
                at com.azure.core.util.paging.ContinuablePagedByPageIterable.iterator(ContinuablePagedByPageIterable.java:58)
                at java.base/java.lang.Iterable.spliterator(Unknown Source)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.lambda$listSecrets$0(KeyVaultOperation.java:49)
                at java.base/java.util.Optional.map(Unknown Source)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.listSecrets(KeyVaultOperation.java:49)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.loadProperties(KeyVaultPropertySource.java:77)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.<init>(KeyVaultPropertySource.java:71)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySource(KeyVaultEnvironmentPostProcessor.java:144)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySourceList(KeyVaultEnvironmentPostProcessor.java:130)
                at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.postProcessEnvironment(KeyVaultEnvironmentPostProcessor.java:93)
                at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEnvironmentPreparedEvent(EnvironmentPostProcessorApplicationListener.java:132)
                at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEvent(EnvironmentPostProcessorApplicationListener.java:115)
                at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:185)
                at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:178)
                at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:156)
                at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:138)
                at org.springframework.boot.context.event.EventPublishingRunListener.multicastInitialEvent(EventPublishingRunListener.java:136)
                at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:81)
                at org.springframework.boot.SpringApplicationRunListeners.lambda$environmentPrepared$2(SpringApplicationRunListeners.java:64)
                at java.base/java.lang.Iterable.forEach(Unknown Source)
                at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:118)
                at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:112)
                at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:63)
                at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:353)
                at org.springframework.boot.SpringApplication.run(SpringApplication.java:313)
                at com.example.redacted.ReweighJobApplication.main(ReweighJobApplication.java:18)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
                at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
                at java.base/java.lang.reflect.Method.invoke(Unknown Source)
                at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:102)
                at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:64)
                at org.springframework.boot.loader.launch.JarLauncher.main(JarLauncher.java:40)
        Suppressed: com.azure.identity.CredentialUnavailableException: Managed Identity authentication is not available.
                ... 17 common frames omitted
                Suppressed: java.lang.Exception: #block terminated with an error
                        at reactor.core.publisher.BlockingSingleSubscriber.blockingGet(BlockingSingleSubscriber.java:104)
                        at reactor.core.publisher.Mono.block(Mono.java:1779)
                        at com.azure.core.credential.TokenCredential.getTokenSync(TokenCredential.java:110)
                        at com.azure.core.implementation.AccessTokenCache.lambda$new$2(AccessTokenCache.java:65)
                        at com.azure.core.implementation.AccessTokenCache.lambda$retrieveTokenSync$11(AccessTokenCache.java:230)
                        at com.azure.core.implementation.AccessTokenCache.getTokenSync(AccessTokenCache.java:93)
                        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderHelperSync(BearerTokenAuthenticationPolicy.java:220)
                        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderSync(BearerTokenAuthenticationPolicy.java:207)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.authorizeRequestOnChallengeSync(KeyVaultCredentialPolicy.java:340)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.handleChallengeSync(KeyVaultCredentialPolicy.java:415)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.processSync(KeyVaultCredentialPolicy.java:379)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:217)
                        at com.azure.core.http.policy.RetryPolicy.processSync(RetryPolicy.java:161)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.AddHeadersPolicy.processSync(AddHeadersPolicy.java:66)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.HttpPipelineSyncPolicy.processSync(HttpPipelineSyncPolicy.java:51)
                        at com.azure.core.http.policy.UserAgentPolicy.processSync(UserAgentPolicy.java:174)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.HttpPipeline.sendSync(HttpPipeline.java:138)
                        at com.azure.core.implementation.http.rest.SyncRestProxy.send(SyncRestProxy.java:62)
                        at com.azure.core.implementation.http.rest.SyncRestProxy.invoke(SyncRestProxy.java:83)
                        at com.azure.core.implementation.http.rest.RestProxyBase.invoke(RestProxyBase.java:124)
                        at com.azure.core.http.rest.RestProxy.invoke(RestProxy.java:95)
                        at jdk.proxy2/jdk.proxy2.$Proxy11.getSecretsSync(Unknown Source)
                        at com.azure.security.keyvault.secrets.implementation.SecretClientImpl.getSecretsSinglePage(SecretClientImpl.java:1083)
                        at com.azure.security.keyvault.secrets.SecretClient.lambda$listPropertiesOfSecrets$16(SecretClient.java:871)
                        at com.azure.core.http.rest.PagedIterable.lambda$new$5(PagedIterable.java:193)
                        at com.azure.core.util.paging.ContinuablePagedByIteratorBase.requestPage(ContinuablePagedByIteratorBase.java:104)
                        at com.azure.core.util.paging.ContinuablePagedByPageIterable$ContinuablePagedByPageIterator.<init>(ContinuablePagedByPageIterable.java:82)
                        at com.azure.core.util.paging.ContinuablePagedByPageIterable.iterator(ContinuablePagedByPageIterable.java:58)
                        at java.base/java.lang.Iterable.spliterator(Unknown Source)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.lambda$listSecrets$0(KeyVaultOperation.java:49)
                        at java.base/java.util.Optional.map(Unknown Source)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.listSecrets(KeyVaultOperation.java:49)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.loadProperties(KeyVaultPropertySource.java:77)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.<init>(KeyVaultPropertySource.java:71)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySource(KeyVaultEnvironmentPostProcessor.java:144)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySourceList(KeyVaultEnvironmentPostProcessor.java:130)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.postProcessEnvironment(KeyVaultEnvironmentPostProcessor.java:93)
                        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEnvironmentPreparedEvent(EnvironmentPostProcessorApplicationListener.java:132)
                        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEvent(EnvironmentPostProcessorApplicationListener.java:115)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:185)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:178)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:156)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:138)
                        at org.springframework.boot.context.event.EventPublishingRunListener.multicastInitialEvent(EventPublishingRunListener.java:136)
                        at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:81)
                        at org.springframework.boot.SpringApplicationRunListeners.lambda$environmentPrepared$2(SpringApplicationRunListeners.java:64)
                        at java.base/java.lang.Iterable.forEach(Unknown Source)
                        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:118)
                        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:112)
                        at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:63)
                        at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:353)
                        at org.springframework.boot.SpringApplication.run(SpringApplication.java:313)
                        at com.example.redacted.ReweighJobApplication.main(ReweighJobApplication.java:18)
                        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
                        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
                        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
                        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:102)
                        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:64)
                        at org.springframework.boot.loader.launch.JarLauncher.main(JarLauncher.java:40)
        Caused by: com.microsoft.aad.msal4j.MsalServiceException: [Managed Identity] Unexpected exception occurred when parsing the response, HttpStatusCode: 500, Error message: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
 at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 1, column: 1]
                at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.handleResponse(AbstractManagedIdentitySource.java:66)
                at com.microsoft.aad.msal4j.IMDSManagedIdentitySource.handleResponse(IMDSManagedIdentitySource.java:117)
                at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.getManagedIdentityResponse(AbstractManagedIdentitySource.java:46)
                at com.microsoft.aad.msal4j.ManagedIdentityClient.getManagedIdentityResponse(ManagedIdentityClient.java:48)
                at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.fetchNewAccessTokenAndSaveToCache(AcquireTokenByManagedIdentitySupplier.java:90)
                at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.execute(AcquireTokenByManagedIdentitySupplier.java:70)
                at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:69)
                at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:18)
                ... 7 common frames omitted
        Suppressed: com.azure.identity.CredentialUnavailableException: Managed Identity authentication is not available.
                ... 17 common frames omitted
                Suppressed: java.lang.Exception: #block terminated with an error
                        at reactor.core.publisher.BlockingSingleSubscriber.blockingGet(BlockingSingleSubscriber.java:104)
                        at reactor.core.publisher.Mono.block(Mono.java:1779)
                        at com.azure.core.credential.TokenCredential.getTokenSync(TokenCredential.java:110)
                        at com.azure.core.implementation.AccessTokenCache.lambda$new$2(AccessTokenCache.java:65)
                        at com.azure.core.implementation.AccessTokenCache.lambda$retrieveTokenSync$11(AccessTokenCache.java:230)
                        at com.azure.core.implementation.AccessTokenCache.getTokenSync(AccessTokenCache.java:93)
                        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderHelperSync(BearerTokenAuthenticationPolicy.java:220)
                        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderSync(BearerTokenAuthenticationPolicy.java:207)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.authorizeRequestSync(KeyVaultCredentialPolicy.java:241)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.processSync(KeyVaultCredentialPolicy.java:373)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:217)
                        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:233)
                        at com.azure.core.http.policy.RetryPolicy.processSync(RetryPolicy.java:161)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.AddHeadersPolicy.processSync(AddHeadersPolicy.java:66)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.HttpPipelineSyncPolicy.processSync(HttpPipelineSyncPolicy.java:51)
                        at com.azure.core.http.policy.UserAgentPolicy.processSync(UserAgentPolicy.java:174)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.HttpPipeline.sendSync(HttpPipeline.java:138)
                        at com.azure.core.implementation.http.rest.SyncRestProxy.send(SyncRestProxy.java:62)
                        at com.azure.core.implementation.http.rest.SyncRestProxy.invoke(SyncRestProxy.java:83)
                        at com.azure.core.implementation.http.rest.RestProxyBase.invoke(RestProxyBase.java:124)
                        at com.azure.core.http.rest.RestProxy.invoke(RestProxy.java:95)
                        at jdk.proxy2/jdk.proxy2.$Proxy11.getSecretsSync(Unknown Source)
                        at com.azure.security.keyvault.secrets.implementation.SecretClientImpl.getSecretsSinglePage(SecretClientImpl.java:1083)
                        at com.azure.security.keyvault.secrets.SecretClient.lambda$listPropertiesOfSecrets$16(SecretClient.java:871)
                        at com.azure.core.http.rest.PagedIterable.lambda$new$5(PagedIterable.java:193)
                        at com.azure.core.util.paging.ContinuablePagedByIteratorBase.requestPage(ContinuablePagedByIteratorBase.java:104)
                        at com.azure.core.util.paging.ContinuablePagedByPageIterable$ContinuablePagedByPageIterator.<init>(ContinuablePagedByPageIterable.java:82)
                        at com.azure.core.util.paging.ContinuablePagedByPageIterable.iterator(ContinuablePagedByPageIterable.java:58)
                        at java.base/java.lang.Iterable.spliterator(Unknown Source)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.lambda$listSecrets$0(KeyVaultOperation.java:49)
                        at java.base/java.util.Optional.map(Unknown Source)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.listSecrets(KeyVaultOperation.java:49)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.loadProperties(KeyVaultPropertySource.java:77)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.<init>(KeyVaultPropertySource.java:71)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySource(KeyVaultEnvironmentPostProcessor.java:144)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySourceList(KeyVaultEnvironmentPostProcessor.java:130)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.postProcessEnvironment(KeyVaultEnvironmentPostProcessor.java:93)
                        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEnvironmentPreparedEvent(EnvironmentPostProcessorApplicationListener.java:132)
                        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEvent(EnvironmentPostProcessorApplicationListener.java:115)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:185)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:178)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:156)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:138)
                        at org.springframework.boot.context.event.EventPublishingRunListener.multicastInitialEvent(EventPublishingRunListener.java:136)
                        at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:81)
                        at org.springframework.boot.SpringApplicationRunListeners.lambda$environmentPrepared$2(SpringApplicationRunListeners.java:64)
                        at java.base/java.lang.Iterable.forEach(Unknown Source)
                        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:118)
                        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:112)
                        at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:63)
                        at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:353)
                        at org.springframework.boot.SpringApplication.run(SpringApplication.java:313)
                        at com.example.redacted.ReweighJobApplication.main(ReweighJobApplication.java:18)
                        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
                        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
                        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
                        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:102)
                        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:64)
                        at org.springframework.boot.loader.launch.JarLauncher.main(JarLauncher.java:40)
        Caused by: com.microsoft.aad.msal4j.MsalServiceException: [Managed Identity] Unexpected exception occurred when parsing the response, HttpStatusCode: 500, Error message: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
 at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 1, column: 1]
                at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.handleResponse(AbstractManagedIdentitySource.java:66)
                at com.microsoft.aad.msal4j.IMDSManagedIdentitySource.handleResponse(IMDSManagedIdentitySource.java:117)
                at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.getManagedIdentityResponse(AbstractManagedIdentitySource.java:46)
                at com.microsoft.aad.msal4j.ManagedIdentityClient.getManagedIdentityResponse(ManagedIdentityClient.java:48)
                at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.fetchNewAccessTokenAndSaveToCache(AcquireTokenByManagedIdentitySupplier.java:90)
                at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.execute(AcquireTokenByManagedIdentitySupplier.java:70)
                at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:69)
                at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:18)
                ... 7 common frames omitted
        Suppressed: com.azure.identity.CredentialUnavailableException: Managed Identity authentication is not available.
                ... 17 common frames omitted
                Suppressed: java.lang.Exception: #block terminated with an error
                        at reactor.core.publisher.BlockingSingleSubscriber.blockingGet(BlockingSingleSubscriber.java:104)
                        at reactor.core.publisher.Mono.block(Mono.java:1779)
                        at com.azure.core.credential.TokenCredential.getTokenSync(TokenCredential.java:110)
                        at com.azure.core.implementation.AccessTokenCache.lambda$new$2(AccessTokenCache.java:65)
                        at com.azure.core.implementation.AccessTokenCache.lambda$retrieveTokenSync$11(AccessTokenCache.java:230)
                        at com.azure.core.implementation.AccessTokenCache.getTokenSync(AccessTokenCache.java:93)
                        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderHelperSync(BearerTokenAuthenticationPolicy.java:220)
                        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderSync(BearerTokenAuthenticationPolicy.java:207)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.authorizeRequestSync(KeyVaultCredentialPolicy.java:241)
                        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.processSync(KeyVaultCredentialPolicy.java:373)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:217)
                        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:233)
                        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:233)
                        at com.azure.core.http.policy.RetryPolicy.processSync(RetryPolicy.java:161)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.AddHeadersPolicy.processSync(AddHeadersPolicy.java:66)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.policy.HttpPipelineSyncPolicy.processSync(HttpPipelineSyncPolicy.java:51)
                        at com.azure.core.http.policy.UserAgentPolicy.processSync(UserAgentPolicy.java:174)
                        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:53)
                        at com.azure.core.http.HttpPipeline.sendSync(HttpPipeline.java:138)
                        at com.azure.core.implementation.http.rest.SyncRestProxy.send(SyncRestProxy.java:62)
                        at com.azure.core.implementation.http.rest.SyncRestProxy.invoke(SyncRestProxy.java:83)
                        at com.azure.core.implementation.http.rest.RestProxyBase.invoke(RestProxyBase.java:124)
                        at com.azure.core.http.rest.RestProxy.invoke(RestProxy.java:95)
                        at jdk.proxy2/jdk.proxy2.$Proxy11.getSecretsSync(Unknown Source)
                        at com.azure.security.keyvault.secrets.implementation.SecretClientImpl.getSecretsSinglePage(SecretClientImpl.java:1083)
                        at com.azure.security.keyvault.secrets.SecretClient.lambda$listPropertiesOfSecrets$16(SecretClient.java:871)
                        at com.azure.core.http.rest.PagedIterable.lambda$new$5(PagedIterable.java:193)
                        at com.azure.core.util.paging.ContinuablePagedByIteratorBase.requestPage(ContinuablePagedByIteratorBase.java:104)
                        at com.azure.core.util.paging.ContinuablePagedByPageIterable$ContinuablePagedByPageIterator.<init>(ContinuablePagedByPageIterable.java:82)
                        at com.azure.core.util.paging.ContinuablePagedByPageIterable.iterator(ContinuablePagedByPageIterable.java:58)
                        at java.base/java.lang.Iterable.spliterator(Unknown Source)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.lambda$listSecrets$0(KeyVaultOperation.java:49)
                        at java.base/java.util.Optional.map(Unknown Source)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultOperation.listSecrets(KeyVaultOperation.java:49)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.loadProperties(KeyVaultPropertySource.java:77)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultPropertySource.<init>(KeyVaultPropertySource.java:71)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySource(KeyVaultEnvironmentPostProcessor.java:144)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.buildKeyVaultPropertySourceList(KeyVaultEnvironmentPostProcessor.java:130)
                        at com.azure.spring.cloud.autoconfigure.implementation.keyvault.environment.KeyVaultEnvironmentPostProcessor.postProcessEnvironment(KeyVaultEnvironmentPostProcessor.java:93)
                        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEnvironmentPreparedEvent(EnvironmentPostProcessorApplicationListener.java:132)
                        at org.springframework.boot.env.EnvironmentPostProcessorApplicationListener.onApplicationEvent(EnvironmentPostProcessorApplicationListener.java:115)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:185)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:178)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:156)
                        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:138)
                        at org.springframework.boot.context.event.EventPublishingRunListener.multicastInitialEvent(EventPublishingRunListener.java:136)
                        at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:81)
                        at org.springframework.boot.SpringApplicationRunListeners.lambda$environmentPrepared$2(SpringApplicationRunListeners.java:64)
                        at java.base/java.lang.Iterable.forEach(Unknown Source)
                        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:118)
                        at org.springframework.boot.SpringApplicationRunListeners.doWithListeners(SpringApplicationRunListeners.java:112)
                        at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:63)
                        at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:353)
                        at org.springframework.boot.SpringApplication.run(SpringApplication.java:313)
                        at com.example.redacted.ReweighJobApplication.main(ReweighJobApplication.java:18)
                        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
                        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
                        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
                        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:102)
                        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:64)
                        at org.springframework.boot.loader.launch.JarLauncher.main(JarLauncher.java:40)
        Caused by: com.microsoft.aad.msal4j.MsalServiceException: [Managed Identity] Unexpected exception occurred when parsing the response, HttpStatusCode: 500, Error message: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
 at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 1, column: 1]
                at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.handleResponse(AbstractManagedIdentitySource.java:66)
                at com.microsoft.aad.msal4j.IMDSManagedIdentitySource.handleResponse(IMDSManagedIdentitySource.java:117)
                at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.getManagedIdentityResponse(AbstractManagedIdentitySource.java:46)
                at com.microsoft.aad.msal4j.ManagedIdentityClient.getManagedIdentityResponse(ManagedIdentityClient.java:48)
                at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.fetchNewAccessTokenAndSaveToCache(AcquireTokenByManagedIdentitySupplier.java:90)
                at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.execute(AcquireTokenByManagedIdentitySupplier.java:70)
                at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:69)
                at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:18)
                ... 7 common frames omitted
Caused by: com.microsoft.aad.msal4j.MsalServiceException: [Managed Identity] Unexpected exception occurred when parsing the response, HttpStatusCode: 500, Error message: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
 at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 1, column: 1]
        at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.handleResponse(AbstractManagedIdentitySource.java:66)
        at com.microsoft.aad.msal4j.IMDSManagedIdentitySource.handleResponse(IMDSManagedIdentitySource.java:117)
        at com.microsoft.aad.msal4j.AbstractManagedIdentitySource.getManagedIdentityResponse(AbstractManagedIdentitySource.java:46)
        at com.microsoft.aad.msal4j.ManagedIdentityClient.getManagedIdentityResponse(ManagedIdentityClient.java:48)
        at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.fetchNewAccessTokenAndSaveToCache(AcquireTokenByManagedIdentitySupplier.java:90)
        at com.microsoft.aad.msal4j.AcquireTokenByManagedIdentitySupplier.execute(AcquireTokenByManagedIdentitySupplier.java:70)
        at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:69)
        at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:18)
        ... 7 common frames omitted

To Reproduce
Steps to reproduce the behavior: Not sure Yet. Will update on finding

Code Snippet
Add the code snippet that causes the issue.

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Setup (please complete the following information):

  • OS: AKS container
  • IDE: Intellij But the problem is with containers running on AKS
  • Library/Libraries: com.azure.spring:spring-cloud-azure-starter-keyvault:5.22.0
  • Java version: 17
  • App Server/Environment: [e.g. Tomcat, WildFly, Azure Function, Apache Spark, Databricks, IDE plugin or anything special]
  • Frameworks: [e.g. Spring Boot, Micronaut, Quarkus, etc]

If you suspect a dependency version mismatch (e.g. you see NoClassDefFoundError, NoSuchMethodError or similar), please check out Troubleshoot dependency version conflict article first. If it doesn't provide solution for the problem, please provide:

Additional context
Add any other context about the problem here.
Here is the process inside the container
Image

Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

  • Bug Description Added
  • Repro Steps Added
  • Setup information Added
@github-actions github-actions bot added customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels May 8, 2025
@raja-anbazhagan
Copy link
Author

The app works fine with 3.0.7. It was a straight forward version upgrade where I updated spring boot from 3.0.7 to 3.4.5 and their respective Azure cloud libraries as per documentation.

@raja-anbazhagan
Copy link
Author

This is a sample config I am using

spring.cloud.azure.keyvault.secret.property-source-enabled=true
spring.cloud.azure.keyvault.secret.property-sources[0].credential.managed-identity-enabled=true
spring.cloud.azure.keyvault.secret.property-sources[0].credential.client-id=xxxxxx-yyyy-zzzz-0000-ce5c4ba05982
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=https://kv-app-name.vault.azure.net:443/
spring.datasource.username=${kv-db-username}
spring.datasource.password=${kv-db-password}

and here is a screenshot from the AKS vmss managed identity setup.

Image

Here, the first managed identity is given RBAC secret user access to kv.

Image

And most importantly the existing code just works with older version. Getting above exception every time with new spring boot and azure cloud version.

@raja-anbazhagan
Copy link
Author

here is the full pom file.

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>3.4.5</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>
	<groupId>com.example.example</groupId>
	<artifactId>app</artifactId>
	<version>1.0.1-TEST</version>
	<name>app</name>
	<description>app</description>
	<url/>
	<licenses>
		<license/>
	</licenses>
	<developers>
		<developer/>
	</developers>
	<scm>
		<connection/>
		<developerConnection/>
		<tag/>
		<url/>
	</scm>

	<properties>
		<encoding>UTF-8</encoding>
		<java.version>17</java.version>
		<maven.compiler.source>17</maven.compiler.source>
		<maven.compiler.target>17</maven.compiler.target>
		<sonar.projectKey>example.example.app</sonar.projectKey>
		<sonar.host.url>https://sonarqube.example.com</sonar.host.url>
		<sonar.junit.reportPaths>target/surefire-reports</sonar.junit.reportPaths>
		<sonar.coverage.exclusions>
			src/main/java/com/example/example/app/mapper/**,
			src/main/java/com/example/example/app/configuration/EncryptionConfig.java,
			src/main/java/com/example/example/app/configuration/SftpPollingConfiguration.java,
			src/main/java/com/example/example/app/configuration/SftpConfigParams.java,
			src/main/java/com/example/example/app/configuration/SftpOutboundConfigParams.java,
			src/main/java/com/example/example/app/appJobApplication.java,
			src/main/java/com/example/example/app/intmodel/**,
			src/main/java/com/example/example/app/filter/**,
		</sonar.coverage.exclusions>
		<sonar.coverage.jacoco.xmlReportPaths>target/site/jacoco/jacoco.xml</sonar.coverage.jacoco.xmlReportPaths>
		<sonar.dependencyCheck.jsonReportPath>target/dependency-check-report.json</sonar.dependencyCheck.jsonReportPath>
		<sonar.dependencyCheck.htmlReportPath>target/dependency-check-report.html</sonar.dependencyCheck.htmlReportPath>
	</properties>

	<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-integration</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.integration</groupId>
			<artifactId>spring-integration-sftp</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-data-jpa</artifactId>
		</dependency>
		<dependency>
			<groupId>org.projectlombok</groupId>
			<artifactId>lombok</artifactId>
			<optional>true</optional>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
			<exclusions>
				<exclusion>
					<groupId>org.assertj</groupId>
					<artifactId>assertj-core</artifactId>
				</exclusion>
				<exclusion>
					<groupId>org.yaml</groupId>
					<artifactId>snakeyaml</artifactId>
				</exclusion>
			</exclusions>
		</dependency>
		<dependency>
			<groupId>jakarta.xml.bind</groupId>
			<artifactId>jakarta.xml.bind-api</artifactId>
		</dependency>
		<dependency>
			<groupId>org.postgresql</groupId>
			<artifactId>postgresql</artifactId>
		</dependency>
		<dependency>
			<groupId>org.apache.commons</groupId>
			<artifactId>commons-lang3</artifactId>
		</dependency>
		<dependency>
			<groupId>org.apache.commons</groupId>
			<artifactId>commons-compress</artifactId>
			<version>1.27.1</version>
			<exclusions>
				<exclusion>
					<groupId>commons-codec</groupId>
					<artifactId>commons-codec</artifactId>
				</exclusion>
				<exclusion>
					<groupId>commons-io</groupId>
					<artifactId>commons-io</artifactId>
				</exclusion>
			</exclusions>
		</dependency>
		<dependency>
			<groupId>org.jasypt</groupId>
			<artifactId>jasypt</artifactId>
			<version>1.9.3</version>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.retry</groupId>
			<artifactId>spring-retry</artifactId>
		</dependency>
		<dependency>
			<groupId>org.mapstruct</groupId>
			<artifactId>mapstruct</artifactId>
			<version>1.6.3</version>
		</dependency>

		<dependency>
			<groupId>org.apache.commons</groupId>
			<artifactId>commons-csv</artifactId>
			<version>1.14.0</version>
			<exclusions>
				<exclusion>
					<groupId>commons-io</groupId>
					<artifactId>commons-io</artifactId>
				</exclusion>
			</exclusions>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-actuator</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-mail</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-cache</artifactId>
		</dependency>
		<dependency>
			<groupId>com.azure.spring</groupId>
			<artifactId>spring-cloud-azure-starter-keyvault</artifactId>
            <exclusions>
                <exclusion>
                <groupId>com.microsoft.azure</groupId>
                <artifactId>msal4j</artifactId>
                </exclusion>
            </exclusions>
		</dependency>
        <dependency>
            <groupId>com.microsoft.azure</groupId>
            <artifactId>msal4j</artifactId>
			<version>1.19.1</version>
        </dependency>

	</dependencies>
	<dependencyManagement>
		<dependencies>
			<dependency>
				<groupId>com.azure.spring</groupId>
				<artifactId>spring-cloud-azure-dependencies</artifactId>
				<version>5.22.0</version>
				<type>pom</type>
				<scope>import</scope>
			</dependency>
		</dependencies>
	</dependencyManagement>
	<build>
		<plugins>
			<plugin>
				<groupId>org.apache.maven.plugins</groupId>
				<artifactId>maven-compiler-plugin</artifactId>
				<configuration>
					<annotationProcessorPaths>
						<path>
							<groupId>org.projectlombok</groupId>
							<artifactId>lombok</artifactId>
						</path>
						<path>
							<artifactId>mapstruct-processor</artifactId>
							<groupId>org.mapstruct</groupId>
							<version>1.6.3</version>
						</path>
					</annotationProcessorPaths>
				</configuration>
			</plugin>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
				<executions>
					<execution>
						<goals>
							<goal>build-info</goal>
						</goals>
					</execution>
				</executions>
				<configuration>
					<excludes>
						<exclude>
							<groupId>org.projectlombok</groupId>
							<artifactId>lombok</artifactId>
						</exclude>
					</excludes>
				</configuration>
			</plugin>
			<plugin>
				<groupId>org.apache.cxf</groupId>
				<artifactId>cxf-xjc-plugin</artifactId>
				<version>4.1.0</version>
				<executions>
					<execution>
						<id>generate-sources</id>
						<phase>generate-sources</phase>
						<goals>
							<goal>xsdtojava</goal>
						</goals>
						<configuration>
							<sourceRoot>${basedir}/target/generated-sources/src/main/java</sourceRoot>
							<xsdOptions>
								<xsdOption>
									<xsd>src/main/resources/exampleXml_5.0.xsd</xsd>
									<packagename>com.example.example.model.dcgff</packagename>
								</xsdOption>
							</xsdOptions>
						</configuration>
					</execution>
				</executions>
			</plugin>
			<plugin>
				<groupId>org.jacoco</groupId>
				<artifactId>jacoco-maven-plugin</artifactId>
				<version>0.8.10</version>
				<configuration>
					<excludes>
						<exclude>com/example/payment/service/asd/model/**</exclude>
						<exclude>com/example/example/app/configuration/SftpPollingConfiguration</exclude>
					</excludes>
				</configuration>
				<executions>
					<execution>
						<id>prepare-agent</id>
						<goals>
							<goal>prepare-agent</goal>
						</goals>
					</execution>
					<execution>
						<id>report</id>
						<phase>test</phase>
						<goals>
							<goal>report</goal>
						</goals>
						<configuration>
							<formats>
								<format>XML</format>
								<format>HTML</format>
							</formats>
						</configuration>
					</execution>
				</executions>
			</plugin>
			<plugin>
				<groupId>org.owasp</groupId>
				<artifactId>dependency-check-maven</artifactId>
				<version>12.1.0</version>
				<configuration>
					<formats>
						<format>HTML</format>
						<format>JSON</format>
						<format>XML</format>
					</formats>
					<ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled>
					<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
					<retireJsUrl>https://artifactory.example.com/artifactory/nvd-local/jsrepository.json</retireJsUrl>
					<nvdDatafeedUrl>https://artifactory.example.com/artifactory/nvd-local/nvdcve-{0}.json.gz</nvdDatafeedUrl>
					<knownExploitedUrl>https://artifactory.example.com/artifactory/nvd-local/known_exploited_vulnerabilities.json</knownExploitedUrl>
				</configuration>
			</plugin>
			<plugin>
				<groupId>org.apache.maven.plugins</groupId>
				<artifactId>maven-checkstyle-plugin</artifactId>
				<version>3.2.2</version>
				<configuration>
					<configLocation>${project.basedir}/checkstyle.xml</configLocation>
					<consoleOutput>true</consoleOutput>
				</configuration>
			</plugin>
			<plugin>
				<groupId>org.jsonschema2pojo</groupId>
				<artifactId>jsonschema2pojo-maven-plugin</artifactId>
				<version>1.2.2</version>
				<configuration>
					<inclusionLevel>NON_EMPTY</inclusionLevel>
					<annotationStyle>jackson2</annotationStyle>
					<includeGeneratedAnnotation>true</includeGeneratedAnnotation>
				</configuration>
				<executions>
					<execution>
						<id>jcmreferencedatagenrqstv4001</id>
						<goals>
							<goal>generate</goal>
						</goals>
						<configuration>
							<sourceType>jsonschema</sourceType>
							<sourceDirectory>src/main/resources/jcmreferencedatagenrqstv4001</sourceDirectory>
							<outputDirectory>${basedir}/target/generated-sources/src/main/java</outputDirectory>
							<targetPackage>com.example.json.cm.referencedatagenrqst.v4001</targetPackage>
						</configuration>
					</execution>
					<execution>
						<id>jcmreferencedatagenrspv4000</id>
						<goals>
							<goal>generate</goal>
						</goals>
						<configuration>
							<sourceType>jsonschema</sourceType>
							<sourceDirectory>src/main/resources/jcmreferencedatagenrspv4000</sourceDirectory>
							<outputDirectory>${basedir}/target/generated-sources/src/main/java</outputDirectory>
							<targetPackage>com.example.json.cm.referencedatagenrsp.v4000</targetPackage>
						</configuration>
					</execution>
				</executions>
			</plugin>
			<plugin>
				<groupId>io.github.git-commit-id</groupId>
				<artifactId>git-commit-id-maven-plugin</artifactId>
				<configuration>
					<failOnNoGitDirectory>false</failOnNoGitDirectory>
				</configuration>
			</plugin>
		</plugins>
	</build>

</project>

@raja-anbazhagan
Copy link
Author

raja-anbazhagan commented May 10, 2025
edited
Loading

Here are my findings after a tiring debug session.

Apparently I have to exclude this IMDS endpoint in my -Dhttp.nonProxyHosts list for the kv to authenticate properly.

          env:
            - name: JAVA_TOOL_OPTIONS
              value: |
                -Djava.security.egd=file:/dev/./urandom
                -Dhttps.proxyHost=proxy.example.com
                -Dhttps.proxyPort=8080
                -Dhttp.nonProxyHosts=169.254.169.254|*.vault.azure.net|*.example.com|localhost
                -Dlogs.dir=/appl/logs

If possible, Kindly update this tutorial page with information related to the IMDC endpoint

Plus, a proper error message for the Exception I mentioned above would help as well. I believe there is another item that tracks it at AzureAD/microsoft-authentication-library-for-java#907

@joshfree joshfree added azure-spring All azure-spring related issues azure-spring-keyvault Spring keyvault related issues. labels May 12, 2025
@github-actions github-actions bot removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label May 12, 2025
@joshfree
Copy link
Member

@saragluna could you follow up with this issue from @raja-anbazhagan

@raja-anbazhagan thanks for the detailed issue

@saragluna saragluna added this to the 2025-07 milestone May 29, 2025
@saragluna
Copy link
Member

We'll update our doc for it. Thanks for your help @raja-anbazhagan!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@saragluna saragluna

Labels
azure-spring All azure-spring related issues azure-spring-keyvault Spring keyvault related issues. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Projects
Spring Cloud Azure
Status: Todo
Milestone
2025-07
Development

No branches or pull requests
3 participants
@joshfree @raja-anbazhagan @saragluna