OCI Vault (#47)

* OCI Vault
---------

Signed-off-by: Anders Swanson <anders.swanson@oracle.com>

Author: anders-swanson

pom.xml

@@ -57,6 +57,7 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or
         <module>spring-cloud-oci-logging</module>
         <module>spring-cloud-oci-function</module>
         <module>spring-cloud-oci-streaming</module>
+        <module>spring-cloud-oci-vault</module>
         <module>spring-cloud-oci-queue</module>
         <module>docs</module>
     </modules>

spring-cloud-oci-autoconfigure/pom.xml

@@ -99,6 +99,11 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or
             <artifactId>spring-cloud-oci-streaming</artifactId>
             <optional>true</optional>
         </dependency>
+        <dependency>
+            <groupId>com.oracle.cloud.spring</groupId>
+            <artifactId>spring-cloud-oci-vault</artifactId>
+            <optional>true</optional>
+        </dependency>
         <dependency>
             <groupId>com.oracle.cloud.spring</groupId>
             <artifactId>spring-cloud-oci-queue</artifactId>

spring-cloud-oci-autoconfigure/src/main/java/com/oracle/cloud/spring/vault/VaultAutoConfiguration.java

@@ -0,0 +1,78 @@
+// Copyright (c) 2024, Oracle and/or its affiliates.
+// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
+package com.oracle.cloud.spring.vault;
+
+
+import com.oracle.bmc.auth.RegionProvider;
+import com.oracle.bmc.secrets.Secrets;
+import com.oracle.bmc.secrets.SecretsClient;
+import com.oracle.bmc.vault.Vaults;
+import com.oracle.bmc.vault.VaultsClient;
+import com.oracle.cloud.spring.autoconfigure.core.CredentialsProvider;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.AutoConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.context.annotation.Bean;
+
+import static com.oracle.cloud.spring.autoconfigure.core.CredentialsProviderAutoConfiguration.credentialsProviderQualifier;
+import static com.oracle.cloud.spring.autoconfigure.core.RegionProviderAutoConfiguration.regionProviderQualifier;
+
+/**
+ * Auto-configuration for initializing the OCI Vault component.
+ *  Depends on {@link com.oracle.cloud.spring.autoconfigure.core.CredentialsProviderAutoConfiguration} and
+ *  {@link com.oracle.cloud.spring.autoconfigure.core.RegionProviderAutoConfiguration}
+ *  for loading the Authentication configuration
+ *
+ * @see Vault
+ */
+@AutoConfiguration
+@ConditionalOnClass({Vault.class})
+@EnableConfigurationProperties(VaultProperties.class)
+@ConditionalOnProperty(name = "spring.cloud.oci.vault.enabled", havingValue = "true", matchIfMissing = true)
+public class VaultAutoConfiguration {
+    private final VaultProperties properties;
+
+    public VaultAutoConfiguration(VaultProperties properties) {
+        this.properties = properties;
+    }
+
+    @Bean
+    @RefreshScope
+    @ConditionalOnMissingBean(Vault.class)
+    public Vault vault(Vaults vaults, Secrets secrets) {
+        return new VaultImpl(vaults, secrets, properties.getVaultId(), properties.getCompartment());
+    }
+
+    @Bean
+    @RefreshScope
+    @ConditionalOnMissingBean
+    public Vaults vaults(@Qualifier(regionProviderQualifier) RegionProvider regionProvider,
+                         @Qualifier(credentialsProviderQualifier)
+                         CredentialsProvider cp) {
+        Vaults vaults = VaultsClient.builder()
+                .build(cp.getAuthenticationDetailsProvider());
+        if (regionProvider.getRegion() != null) {
+            vaults.setRegion(regionProvider.getRegion());
+        }
+        return vaults;
+    }
+
+    @Bean
+    @RefreshScope
+    @ConditionalOnMissingBean
+    public Secrets secrets(@Qualifier(regionProviderQualifier) RegionProvider regionProvider,
+                          @Qualifier(credentialsProviderQualifier)
+                         CredentialsProvider cp) {
+        Secrets secrets = SecretsClient.builder()
+                .build(cp.getAuthenticationDetailsProvider());
+        if (regionProvider.getRegion() != null) {
+            secrets.setRegion(regionProvider.getRegion());
+        }
+        return secrets;
+    }
+}
+

spring-cloud-oci-autoconfigure/src/main/java/com/oracle/cloud/spring/vault/VaultProperties.java

@@ -0,0 +1,29 @@
+// Copyright (c) 2024, Oracle and/or its affiliates.
+// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
+package com.oracle.cloud.spring.vault;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(prefix = VaultProperties.PREFIX)
+public class VaultProperties {
+    public static final String PREFIX = "spring.cloud.oci.vault";
+
+    private String compartment;
+    private String vaultId;
+
+    public String getCompartment() {
+        return compartment;
+    }
+
+    public void setCompartment(String compartment) {
+        this.compartment = compartment;
+    }
+
+    public String getVaultId() {
+        return vaultId;
+    }
+
+    public void setVaultId(String vaultId) {
+        this.vaultId = vaultId;
+    }
+}

spring-cloud-oci-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -48,6 +48,12 @@
       "description": "Auto-configure OCI Cloud streaming components.",
       "defaultValue": true
     },
+    {
+      "name": "spring.cloud.oci.vault.enabled",
+      "type": "java.lang.Boolean",
+      "description": "Auto-configure OCI Cloud vault components.",
+      "defaultValue": true
+    },
     {
       "name": "spring.cloud.oci.queue.enabled",
       "type": "java.lang.Boolean",

spring-cloud-oci-autoconfigure/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -8,3 +8,4 @@ com.oracle.cloud.spring.function.FunctionAutoConfiguration
 com.oracle.cloud.spring.streaming.StreamingAutoConfiguration
 com.oracle.cloud.spring.queue.QueueAutoConfiguration
 com.oracle.cloud.spring.genai.GenAIAutoConfiguration
+com.oracle.cloud.spring.vault.VaultAutoConfiguration

spring-cloud-oci-dependencies/pom.xml

@@ -70,6 +70,11 @@
                 <artifactId>spring-cloud-oci-storage</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>com.oracle.cloud.spring</groupId>
+                <artifactId>spring-cloud-oci-vault</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>com.oracle.cloud.spring</groupId>
                 <artifactId>spring-cloud-oci-function</artifactId>
@@ -105,6 +110,11 @@
                 <artifactId>spring-cloud-oci-starter-streaming</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>com.oracle.cloud.spring</groupId>
+                <artifactId>spring-cloud-oci-starter-vault</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>com.oracle.cloud.spring</groupId>
                 <artifactId>spring-cloud-oci-starter-storage</artifactId>

spring-cloud-oci-samples/pom.xml

@@ -21,6 +21,7 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or
         <module>spring-cloud-oci-gen-ai-sample</module>
         <module>spring-cloud-oci-logging-sample</module>
         <module>spring-cloud-oci-streaming-sample</module>
+        <module>spring-cloud-oci-vault-sample</module>
         <module>spring-cloud-oci-queue-sample</module>
         <module>spring-cloud-oci-function-sample</module>
     </modules>

spring-cloud-oci-samples/spring-cloud-oci-vault-sample/pom.xml

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Copyright (c) 2024, Oracle and/or its affiliates.
+Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<parent>
+		<groupId>com.oracle.cloud.spring</groupId>
+		<artifactId>spring-cloud-oci-samples</artifactId>
+		<version>1.1.0-SNAPSHOT</version>
+		</parent>
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>com.oracle.cloud.spring.sample.genai</groupId>
+	<artifactId>spring-cloud-oci-vault-sample</artifactId>
+	<name>spring-cloud-oci-vault-sample</name>
+	<description>spring-cloud-oci-vault-sample</description>
+	<licenses>
+		<license>
+			<name>The Universal Permissive License (UPL), Version 1.0</name>
+			<url>https://oss.oracle.com/licenses/upl/</url>
+			<distribution>repo</distribution>
+		</license>
+	</licenses>
+	<properties>
+		<java.version>17</java.version>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>com.oracle.cloud.spring</groupId>
+			<artifactId>spring-cloud-oci-starter-vault</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.oracle.cloud.spring.sample.common</groupId>
+			<artifactId>spring-cloud-oci-common-samples-utils</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.oracle.cloud.spring.sample.common</groupId>
+			<artifactId>spring-cloud-oci-common-samples-utils</artifactId>
+			<type>test-jar</type>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+
+
+</project>

spring-cloud-oci-samples/spring-cloud-oci-vault-sample/src/main/java/com/oracle/cloud/spring/sample/vault/springcloudocivaultsample/SpringCloudOciVaultSampleApplication.java

@@ -0,0 +1,13 @@
+// Copyright (c) 2024, Oracle and/or its affiliates.
+// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
+package com.oracle.cloud.spring.sample.vault.springcloudocivaultsample;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class SpringCloudOciVaultSampleApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(SpringCloudOciVaultSampleApplication.class, args);
+    }
+}