Skip to content

shashankkhasare/effective-fiesta

Repository files navigation

effective-fiesta

This repository contains the sample implementation for the multi-tenant spring-boot application. The code uses the discriminator column with DB row-level security to achieve isolation of tenants on the shared database. The HashiCorp vault has the feature to rotate the database credentials for improving database security. The application uses the spring vault to fetch the DB credentials periodically from the HashiCorp vault. The spring-boot application uses PostgreSQL as a database.

Information

Usage

  1. Use the following command to start the services required by the spring-boot application.

    $ docker-compose up -d
  2. Check the status of the services with the following command. Wait till all containers are in a healthy state.

    $ docker-compose ps
  3. Unseal the vault using the following command.

    $ sh unseal-vault-enable-approle-databases.sh
  4. Export the root token for the vault.

    $ export VAULT_ROOT_TOKEN=...
  5. Run the following script.

    $ sh setup-spring-vault-approle-postgresql.sh
  6. Run the DB script to create the tables and policies.

    $ psql -U spring -h localhost -p 7358 -d springvault -f db_script.sql
  7. Use the following command to run the spring-boot application.

    $ ./mvnw spring-boot:run
  8. Add a student to the database for tenant1.

    $ curl 'http://localhost:8080/api/students' \
    --header 'X-TenantID: tenant1' \
    --header 'Content-Type: application/json' \
    --data-raw '{ "firstName" : "John", "lastName": "Doe"}'
  9. Fetch all students of tenant1.

    $ curl --location --request GET 'http://localhost:8080/api/students' \
    --header 'X-TenantID: tenant1'
  10. Fetch all students of tenant2.

    $ curl --location --request GET 'http://localhost:8080/api/students' \
    --header 'X-TenantID: tenant2'
  11. To stop the docker-compose deployment, use the following command.

    $ docker-compose down -v

References

  1. https://callistaenterprise.se/blogg/teknik/2020/10/24/multi-tenancy-with-spring-boot-part6/
  2. https://github.com/ivangfr/springboot-vault-examples
  3. https://www.citusdata.com/blog/2018/02/13/using-hibernate-and-spring-to-build-multitenant-java-apps/

About

The repository contains a sample implementation of a tenant-aware spring-boot application having shared PostgreSQL DB secured with HashiCorp Vault.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published