From c0150cf6089fb9889532036d18c5b8d0b255e1f5 Mon Sep 17 00:00:00 2001 From: Mark Paluch Date: Fri, 7 Apr 2017 17:38:51 +0200 Subject: [PATCH] Explain current generic secret backend lease behavior in documentation. See gh-68. --- src/main/asciidoc/reference/getting-started.adoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/asciidoc/reference/getting-started.adoc b/src/main/asciidoc/reference/getting-started.adoc index 23a930c2..0b975baa 100644 --- a/src/main/asciidoc/reference/getting-started.adoc +++ b/src/main/asciidoc/reference/getting-started.adoc @@ -483,6 +483,8 @@ public class AppConfig { ---- ==== +NOTE: Secrets obtained from `generic` secret backends are associated with a TTL (`refresh_interval`) but not a lease Id. Spring Vault's ``PropertySource`` is not refreshing/flushing these secrets once the TTL expires despite the requested `Renewal` mode. + In certain situations, it may not be possible or practical to tightly control property source ordering when using `@VaultPropertySource` annotations. For example, if the `@Configuration` classes above were registered via