[FEATURE REQ] Prevent KeyVault refresh Timer from blocking application termination #19978
Closed
2 tasks done
Labels
azure-spring
All azure-spring related issues
azure-spring-keyvault
Spring keyvault related issues.
Client
This issue points to a problem in the data-plane of the library.
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
feature-request
This issue requires a new behavior in the product in order be resolved.
Milestone
Is your feature request related to a problem? Please describe.
We've recently noticed our Spring applications hanging around in a failed state after an unhandled exception tearing down the SpringApplication, without terminating properly. We've traced this back to a change introducing a dependency on
azure-spring-boot-starter-keyvault-secrets
to sync secrets from Azure KeyVault. Further investigation shows that, when a refreshInterval is configured, theKeyVaultOperation
class usesjava.util.Timer
to set up a task to refresh the secrets.As stated in the docs, the task execution thread used by
Timer
does not run as a daemon thread:The result is that we see applications being kept alive by this timer thread, despite everything else being torn down. I had considered filing this as a bug, but I'm not sure if this is intentional. We don't see it as a valid use case.
Describe the solution you'd like
Use a daemon thread for the refresh timer tasks. E.g. by creating new
Timer
objects inKeyVaultOperation
setting the daemon flag totrue
: https://docs.oracle.com/javase/7/docs/api/java/util/Timer.html#Timer(boolean)Describe alternatives you've considered
There are a couple of options that can be implemented instead:
KeyVaultProperties
to make it configurable for the consumer.cancel()
the timer.Additional context
Related artifact:
azure-spring-boot-starter-keyvault-secrets
Observed on version
3.1.0
Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report
The text was updated successfully, but these errors were encountered: