Retry mechanism

docs/src/main/asciidoc/_configprops.adoc

@@ -118,6 +118,10 @@
 |spring.cloud.vault.rabbitmq.role |  | Role name for credentials.
 |spring.cloud.vault.rabbitmq.username-property | `spring.rabbitmq.username` | Target property for the obtained username.
 |spring.cloud.vault.read-timeout | `15000` | Read timeout.
+|spring.cloud.vault.retry.initial-interval | `1000` | Initial retry interval in milliseconds.
+|spring.cloud.vault.retry.multiplier | `1.1` | Multiplier for next interval.
+|spring.cloud.vault.retry.max-interval | `2000` | Maximum interval for backoff.
+|spring.cloud.vault.retry.max-attempts | `6` | Maximum number of attempts.
 |spring.cloud.vault.scheme | `https` | Protocol scheme. Can be either "http" or "https".
 |spring.cloud.vault.session.lifecycle.enabled | `true` | Enable session lifecycle management.
 |spring.cloud.vault.session.lifecycle.expiry-threshold | `7s` | The expiry threshold for a {@link LoginToken}. The threshold represents a minimum TTL duration to consider a login token as valid. Tokens with a shorter TTL are considered expired and are not used anymore. Should be greater than {@code refreshBeforeExpiry} to prevent token expiry.
@@ -134,4 +138,4 @@
 |spring.cloud.vault.token |  | Static vault token. Required if {@link #authentication} is {@code TOKEN}.
 |spring.cloud.vault.uri |  | Vault URI. Can be set with scheme, host and port.
 
-|===
+|===

docs/src/main/asciidoc/other-topics.adoc

@@ -35,6 +35,15 @@ spring.cloud.vault:
 ----
 ====
 
+[[vault.config.retry]]
+== Vault Client Retry
+
+If you expect that the config server may occasionally be unavailable when your application starts, you can make it keep trying after a failure. 
+First, you need to set `spring.cloud.vault.fail-fast=true`.
+Then you need to add `spring-retry` to your classpath.
+The default behavior is to retry six times with an initial backoff interval of 1000ms and an exponential multiplier of 1.1 for subsequent backoffs. 
+You can configure these properties by setting the `spring.cloud.config.retry.*` configuration properties.
+
 [[vault.config.namespaces]]
 == Vault Enterprise Namespace Support
 

spring-cloud-vault-config/pom.xml

@@ -59,6 +59,12 @@
 			<optional>true</optional>
 		</dependency>
 
+		<dependency>
+			<groupId>org.springframework.retry</groupId>
+			<artifactId>spring-retry</artifactId>
+			<optional>true</optional>
+		</dependency>
+
 		<!-- HTTP Client Libraries -->
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
@@ -187,6 +193,13 @@
 			<artifactId>junit-vintage-engine</artifactId>
 			<scope>test</scope>
 		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.cloud</groupId>
+			<artifactId>spring-cloud-test-support</artifactId>
+			<version>${spring-cloud-commons.version}</version>
+			<scope>test</scope>
+		</dependency>
 	</dependencies>
 
 	<build>

spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/RetryProperties.java

@@ -0,0 +1,81 @@
+/*
+ * Copyright 2014-2019 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.cloud.vault.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(RetryProperties.PREFIX)
+public class RetryProperties {
+
+	/**
+	 * ConfigurationProperties prefix.
+	 */
+	public static final String PREFIX = "spring.cloud.vault.retry";
+
+	/**
+	 * Initial retry interval in milliseconds.
+	 */
+	long initialInterval = 1000;
+
+	/**
+	 * Multiplier for next interval.
+	 */
+	double multiplier = 1.1;
+
+	/**
+	 * Maximum interval for backoff.
+	 */
+	long maxInterval = 2000;
+
+	/**
+	 * Maximum number of attempts.
+	 */
+	int maxAttempts = 6;
+
+	public long getInitialInterval() {
+		return this.initialInterval;
+	}
+
+	public void setInitialInterval(long initialInterval) {
+		this.initialInterval = initialInterval;
+	}
+
+	public double getMultiplier() {
+		return this.multiplier;
+	}
+
+	public void setMultiplier(double multiplier) {
+		this.multiplier = multiplier;
+	}
+
+	public long getMaxInterval() {
+		return this.maxInterval;
+	}
+
+	public void setMaxInterval(long maxInterval) {
+		this.maxInterval = maxInterval;
+	}
+
+	public int getMaxAttempts() {
+		return this.maxAttempts;
+	}
+
+	public void setMaxAttempts(int maxAttempts) {
+		this.maxAttempts = maxAttempts;
+	}
+
+}

spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/RetryableClientHttpRequest.java

@@ -0,0 +1,67 @@
+/*
+ * Copyright 2016-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.cloud.vault.config;
+
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.client.ClientHttpRequest;
+import org.springframework.http.client.ClientHttpResponse;
+import org.springframework.retry.RetryOperations;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.URI;
+
+/**
+ * {@link ClientHttpRequest} configured with retry support
+ */
+class RetryableClientHttpRequest implements ClientHttpRequest {
+
+	private final ClientHttpRequest delegateRequest;
+
+	private final RetryOperations retryOperations;
+
+	RetryableClientHttpRequest(ClientHttpRequest request, RetryOperations retryOperations) {
+		this.delegateRequest = request;
+		this.retryOperations = retryOperations;
+	}
+
+	@Override
+	public ClientHttpResponse execute() throws IOException {
+		return retryOperations.execute(retryContext -> delegateRequest.execute());
+	}
+
+	@Override
+	public OutputStream getBody() throws IOException {
+		return delegateRequest.getBody();
+	}
+
+	@Override
+	public String getMethodValue() {
+		return delegateRequest.getMethodValue();
+	}
+
+	@Override
+	public URI getURI() {
+		return delegateRequest.getURI();
+	}
+
+	@Override
+	public HttpHeaders getHeaders() {
+		return delegateRequest.getHeaders();
+	}
+
+}

spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultAutoConfiguration.java

@@ -19,7 +19,10 @@
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.DisposableBean;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.ObjectFactory;
@@ -37,8 +40,10 @@
 import org.springframework.core.annotation.Order;
 import org.springframework.core.task.AsyncTaskExecutor;
 import org.springframework.http.client.ClientHttpRequestFactory;
+import org.springframework.retry.support.RetryTemplate;
 import org.springframework.scheduling.TaskScheduler;
 import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler;
+import org.springframework.util.ClassUtils;
 import org.springframework.vault.authentication.ClientAuthentication;
 import org.springframework.vault.authentication.LifecycleAwareSessionManager;
 import org.springframework.vault.authentication.SessionManager;
@@ -64,14 +69,20 @@
  */
 @Configuration(proxyBeanMethods = false)
 @ConditionalOnProperty(name = "spring.cloud.vault.enabled", matchIfMissing = true)
-@EnableConfigurationProperties(VaultProperties.class)
+@EnableConfigurationProperties({ VaultProperties.class, RetryProperties.class })
 @Order(Ordered.LOWEST_PRECEDENCE - 5)
 public class VaultAutoConfiguration {
 
+	private final Log log = LogFactory.getLog(getClass());
+
+	private static final String RETRY_TEMPLATE = "org.springframework.retry.support.RetryTemplate";
+
 	private final ConfigurableApplicationContext applicationContext;
 
 	private final VaultProperties vaultProperties;
 
+	private final RetryProperties retryProperties;
+
 	private final VaultConfiguration configuration;
 
 	private final VaultEndpointProvider endpointProvider;
@@ -81,12 +92,13 @@ public class VaultAutoConfiguration {
 	private final List<RestTemplateRequestCustomizer<?>> requestCustomizers;
 
 	public VaultAutoConfiguration(ConfigurableApplicationContext applicationContext, VaultProperties vaultProperties,
-			ObjectProvider<VaultEndpointProvider> endpointProvider,
+			RetryProperties retryProperties, ObjectProvider<VaultEndpointProvider> endpointProvider,
 			ObjectProvider<List<RestTemplateCustomizer>> customizers,
 			ObjectProvider<List<RestTemplateRequestCustomizer<?>>> requestCustomizers) {
 
 		this.applicationContext = applicationContext;
 		this.vaultProperties = vaultProperties;
+		this.retryProperties = retryProperties;
 		this.configuration = new VaultConfiguration(vaultProperties);
 
 		VaultEndpointProvider provider = endpointProvider.getIfAvailable();
@@ -129,7 +141,21 @@ protected RestTemplateBuilder restTemplateBuilder(ClientHttpRequestFactory reque
 	@Bean
 	@ConditionalOnMissingBean
 	public ClientFactoryWrapper clientHttpRequestFactoryWrapper() {
-		return new ClientFactoryWrapper(this.configuration.createClientHttpRequestFactory());
+		ClientHttpRequestFactory clientHttpRequestFactory = this.configuration.createClientHttpRequestFactory();
+		if (ClassUtils.isPresent(RETRY_TEMPLATE, getClass().getClassLoader()) && this.vaultProperties.isFailFast()) {
+			Map<String, RetryTemplate> beans = applicationContext.getBeansOfType(RetryTemplate.class);
+			if (!beans.isEmpty()) {
+				Map.Entry<String, RetryTemplate> existingBean = beans.entrySet().stream().findFirst().get();
+				log.info("Using existing RestTemplate '" + existingBean.getKey() + "' for vault retries");
+				clientHttpRequestFactory = VaultRetryUtil
+						.createRetryableClientHttpRequestFactory(existingBean.getValue(), clientHttpRequestFactory);
+			}
+			else {
+				clientHttpRequestFactory = VaultRetryUtil.createRetryableClientHttpRequestFactory(retryProperties,
+						clientHttpRequestFactory);
+			}
+		}
+		return new ClientFactoryWrapper(clientHttpRequestFactory);
 	}
 
 	/**

spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultBootstrapConfiguration.java

@@ -38,16 +38,17 @@
  * {@code @EnableAutoConfiguration}.
  */
 @ConditionalOnProperty(name = "spring.cloud.vault.enabled", matchIfMissing = true)
-@EnableConfigurationProperties(VaultProperties.class)
+@EnableConfigurationProperties({ VaultProperties.class, RetryProperties.class })
 @Order(Ordered.LOWEST_PRECEDENCE - 5)
 @Deprecated
 public class VaultBootstrapConfiguration extends VaultAutoConfiguration {
 
 	public VaultBootstrapConfiguration(ConfigurableApplicationContext applicationContext,
-			VaultProperties vaultProperties, ObjectProvider<VaultEndpointProvider> endpointProvider,
+			VaultProperties vaultProperties, RetryProperties retryProperties,
+			ObjectProvider<VaultEndpointProvider> endpointProvider,
 			ObjectProvider<List<RestTemplateCustomizer>> customizers,
 			ObjectProvider<List<RestTemplateRequestCustomizer<?>>> requestCustomizers) {
-		super(applicationContext, vaultProperties, endpointProvider, customizers, requestCustomizers);
+		super(applicationContext, vaultProperties, retryProperties, endpointProvider, customizers, requestCustomizers);
 	}
 
 }