How does Spring Boot client app call Config Server in "Azure Spring Apps"?

Question

I am researching using the managed Spring Cloud Config Server in Azure Spring Apps. I don't believe my organization is using Azure Spring Apps yet, so I have no experience with it. I've read all the MS documentation that I could find about setting up to use Spring Cloud Config Server. I also read a couple of non-MS tutorials. But I have not read anything regarding these:

1. How is the client Spring App configured to reach the Config Server? I saw no specific mention of that. However, I do see that the spring.config.import property is automatically injected to the client. Is that how the URI is provided?

2. What is used on ConfigServer side to authenticate incoming requests from the client Spring apps? If none by default (which is extremely likely), is there a way to inject authentication layer? Is authentication considered to not be needed because the Config Server is only reachable by the other apps running in your Azure Spring Apps instance?

3. Would it be doable and reasonable to set up Config Server in Azure Spring Apps, then have external Spring apps (running in K8s or Azure VM) access it? That could allow for easier management of the Config Server and allow for migrating apps to Azure Spring Apps in an iterative manner instead of big bang.

Answer 1

1. Please follow this doc. In general, you only need to include the config server client starter.
2. Azure Spring Apps platform will take care of authentication.
3. You can do it yourselves for sure. However, it is also supported to let apps external Spring Apps instance to visit Config Server by some extra steps. Please check doc for more details.

Answer 2

1. If you are using Enterprise tier, Configuration service is managed by Tanzu Application Configuration Service. You can make entries in Tanzu Config Service through Azure portal or Azure CLI and each entry is tied down to a config pattern. During deployment, you have the option to use any pattern that you have configured to be used as part of app deployment. There is no need to pass any spring boot properties as part of your deployment. More Info - https://learn.microsoft.com/en-us/azure/spring-apps/how-to-enterprise-application-configuration-service?tabs=Portal

2. If you using Github to store your config, you need to configure your Config server to authenticate via Github personal token(which you need to provide in Tanzu Configuration Service)

3. It is perfectly doable and reasonable and very easy to manage