Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to inject data from externally crafted secrets #1261

Closed
nicolaferraro opened this issue Feb 11, 2020 · 4 comments · Fixed by apache/camel-k-runtime#240
Closed

Allow to inject data from externally crafted secrets #1261

nicolaferraro opened this issue Feb 11, 2020 · 4 comments · Fixed by apache/camel-k-runtime#240
Assignees
@lburgazzoli
Milestone
1.0.0-RC2

Comments

@nicolaferraro
Copy link
Member

Let's say a broker is installed inside the same namespace as my integration. The broker is secured and provides a secret with authentication data: username and password.

Can I inject those two fields in my integration?
Afaik, currently we can inject only secrets containing a "xxx.properties" file.

Is this the case?
@jamesnetherton , @lburgazzoli , @astefanutti
@nicolaferraro nicolaferraro added this to the 1.0.0-RC2 milestone Feb 11, 2020
@lburgazzoli
Copy link
Contributor

We now support only properties but it won't be to complex to load any kind of property however some additional properties may still be required, like to set those properties to a component:

camel.component.jms.connection-factory.host = {{my-other-property}}

Mind opening an issue on camel-k-runtime ?

@nicolaferraro
Copy link
Member Author

Yeah, we can still load automatically .properties files in the secrets, plus make the content of each entry of a secret available in a secrets namespace, so users can reference them by name, e.g.

camel.component.xxx.password = {{secrets.broker.authToken}}

Thinking big (for the far future), we can also provide an addon module where we add auto-configuration for connecting to known systems.. this require some effort to be maintained, but a user would be able to do:

kamel run integration.groovy --connect activemq:mybroker

... and have all camel.component.activemq.xxx properties set.

@nicolaferraro
Copy link
Member Author

Ref: apache/camel-k-runtime#239

@lburgazzoli
Copy link
Contributor

lburgazzoli commented Feb 11, 2020
edited
Loading

Yeah, we can still load automatically .properties files in the secrets, plus make the content of each entry of a secret available in a secrets namespace, so users can reference them by name, e.g.

camel.component.xxx.password = {{secrets.broker.authToken}}

We can use properties functions like

{{secret:secret-name:property-name}}

so your example will become:

camel.component.xxx.password = {{secret:broker:authToken}}

I did it in the past for Karaf and blueprints, need to resurrect that code :)

@lburgazzoli lburgazzoli self-assigned this Feb 11, 2020
lburgazzoli added a commit to lburgazzoli/apache-camel-k that referenced this issue Feb 11, 2020
@lburgazzoli
Allow to inject data from externally crafted secrets apache#1261 (cam…
81b2733 
…el-k bits)
lburgazzoli added a commit that referenced this issue Feb 11, 2020
@lburgazzoli
Allow to inject data from externally crafted secrets #1261 (camel-k b…
ddcc1b6 
…its)
@lburgazzoli lburgazzoli mentioned this issue Feb 11, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lburgazzoli lburgazzoli

Labels
None yet
Projects
None yet
Milestone
1.0.0-RC2
2 participants
@lburgazzoli @nicolaferraro