From 8975670d8ec4a4ea9c192fa3fe3a1ad243c492f6 Mon Sep 17 00:00:00 2001
From: Fabien Crespel <fabien@crespel.net>
Date: Sat, 16 Mar 2024 19:32:00 +0100
Subject: [PATCH] Add Secret Manager support on GCP (#142)

---
 pom.xml                                       | 49 ++++++-------------
 src/main/appengine/app.yaml                   |  2 +-
 src/main/appengine/files/.gitignore           |  1 -
 .../appengine/files/application.example.yml   | 18 -------
 src/main/resources/application-gcp.yml        | 25 ++++++++++
 src/main/resources/application.yml            |  4 ++
 6 files changed, 45 insertions(+), 54 deletions(-)
 delete mode 100644 src/main/appengine/files/.gitignore
 delete mode 100644 src/main/appengine/files/application.example.yml
 create mode 100644 src/main/resources/application-gcp.yml

diff --git a/pom.xml b/pom.xml
index 8e178e5..7996ee4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -40,7 +40,6 @@
 		<!-- Dependency properties -->
 		<commons-csv.version>1.10.0</commons-csv.version>
 		<guava.version>32.1.3-jre</guava.version>
-		<mysql-socket-factory.version>1.13.1</mysql-socket-factory.version>
 		<node.version>v18.19.0</node.version>
 		<npm.version>10.2.3</npm.version>
 		<socketio-client.version>1.0.1</socketio-client.version>
@@ -117,7 +116,19 @@
 		</dependency>
 		<dependency>
 			<groupId>com.google.cloud</groupId>
-			<artifactId>spring-cloud-gcp-logging</artifactId>
+			<artifactId>spring-cloud-gcp-starter-logging</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.google.cloud</groupId>
+			<artifactId>spring-cloud-gcp-starter-secretmanager</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.google.cloud</groupId>
+			<artifactId>spring-cloud-gcp-starter-sql-mysql</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.google.cloud</groupId>
+			<artifactId>spring-cloud-gcp-starter-sql-postgresql</artifactId>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.session</groupId>
@@ -172,17 +183,13 @@
 			<groupId>com.h2database</groupId>
 			<artifactId>h2</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.postgresql</groupId>
-			<artifactId>postgresql</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>com.mysql</groupId>
 			<artifactId>mysql-connector-j</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>com.google.cloud.sql</groupId>
-			<artifactId>mysql-socket-factory-connector-j-8</artifactId>
+			<groupId>org.postgresql</groupId>
+			<artifactId>postgresql</artifactId>
 		</dependency>
 
 		<!-- Tests -->
@@ -210,11 +217,6 @@
 				<artifactId>guava</artifactId>
 				<version>${guava.version}</version>
 			</dependency>
-			<dependency>
-				<groupId>com.google.cloud.sql</groupId>
-				<artifactId>mysql-socket-factory-connector-j-8</artifactId>
-				<version>${mysql-socket-factory.version}</version>
-			</dependency>
 			<dependency>
 				<groupId>io.socket</groupId>
 				<artifactId>socket.io-client</artifactId>
@@ -512,27 +514,6 @@
 							</execution>
 						</executions>
 					</plugin>
-					<plugin>
-						<groupId>org.apache.maven.plugins</groupId>
-						<artifactId>maven-resources-plugin</artifactId>
-						<executions>
-							<execution>
-								<id>appengine-resources</id>
-								<phase>package</phase>
-								<goals>
-									<goal>copy-resources</goal>
-								</goals>
-								<configuration>
-									<outputDirectory>${appengine.build.directory}</outputDirectory>
-									<resources>
-										<resource>
-											<directory>${appengine.src.directory}/files</directory>
-										</resource>
-									</resources>
-								</configuration>
-							</execution>
-						</executions>
-					</plugin>
 					<plugin>
 						<groupId>com.google.cloud.tools</groupId>
 						<artifactId>appengine-maven-plugin</artifactId>
diff --git a/src/main/appengine/app.yaml b/src/main/appengine/app.yaml
index 3ac4b65..4d9f062 100644
--- a/src/main/appengine/app.yaml
+++ b/src/main/appengine/app.yaml
@@ -21,7 +21,7 @@ handlers:
     script: auto
 env_variables:
   JAVA_TOOL_OPTIONS: "-XX:MaxRAM=1024m -Xms512m -Xmx512m -Xverify:none -XX:+TieredCompilation -XX:TieredStopAtLevel=1"
-  SPRING_PROFILES_ACTIVE: "gcp,appengine"
+  SPRING_PROFILES_ACTIVE: "gcp"
 automatic_scaling:
   min_instances: 0
   max_instances: 3
diff --git a/src/main/appengine/files/.gitignore b/src/main/appengine/files/.gitignore
deleted file mode 100644
index 3bed397..0000000
--- a/src/main/appengine/files/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-application.yml
diff --git a/src/main/appengine/files/application.example.yml b/src/main/appengine/files/application.example.yml
deleted file mode 100644
index d14fcc3..0000000
--- a/src/main/appengine/files/application.example.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-spring:
-  datasource:
-    username: karaplan
-    password: "toComplete"
-    url: "jdbc:mysql:///karaplan?useSSL=false&socketFactory=com.google.cloud.sql.mysql.SocketFactory&cloudSqlInstance=toComplete"
-  security:
-    oauth2:
-      client:
-        registration:
-          google:
-            client-id: "toComplete"
-            client-secret: "toComplete"
-          github:
-            client-id: "toComplete"
-            client-secret: "toComplete"
-          facebook:
-            client-id: "toComplete"
-            client-secret: "toComplete"
diff --git a/src/main/resources/application-gcp.yml b/src/main/resources/application-gcp.yml
new file mode 100644
index 0000000..5552350
--- /dev/null
+++ b/src/main/resources/application-gcp.yml
@@ -0,0 +1,25 @@
+spring:
+  cloud:
+    gcp:
+      sql:
+        enabled: true
+        instance-connection-name: "${sm://${SECRET_PREFIX:karaplan}-db-instance}"
+        database-name: "${sm://${SECRET_PREFIX:karaplan}-db-name}"
+  config:
+    import: sm://
+  datasource:
+    username: "${sm://${SECRET_PREFIX:karaplan}-db-username}"
+    password: "${sm://${SECRET_PREFIX:karaplan}-db-password}"
+  security:
+    oauth2:
+      client:
+        registration:
+          google:
+            client-id: "${sm://${SECRET_PREFIX:karaplan}-google-client-id}"
+            client-secret: "${sm://${SECRET_PREFIX:karaplan}-google-client-secret}"
+          github:
+            client-id: "${sm://${SECRET_PREFIX:karaplan}-github-client-id}"
+            client-secret: "${sm://${SECRET_PREFIX:karaplan}-github-client-secret}"
+          facebook:
+            client-id: "${sm://${SECRET_PREFIX:karaplan}-facebook-client-id}"
+            client-secret: "${sm://${SECRET_PREFIX:karaplan}-facebook-client-secret}"
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index d9acdd2..963bc05 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -4,6 +4,10 @@ spring:
   cache:
     jcache:
       config: classpath:ehcache.xml
+  cloud:
+    gcp:
+      sql:
+        enabled: false
   h2:
     console:
       enabled: false