This is an automated email from the ASF dual-hosted git repository. davsclaus pushed a commit to branch secret in repository https://gitbox.apache.org/repos/asf/camel.git
commit a5f09e495e2e0d549a010513ee84e2bb9594da57 Author: Claus Ibsen <[email protected]> AuthorDate: Wed Sep 7 10:49:37 2022 +0200 CAMEL-18454: Allow to enable secret refresh from vault. (AWS) --- .../apache/camel/vault/AwsVaultConfiguration.java | 38 ++++++++++++++++++++++ .../AwsVaultConfigurationPropertiesConfigurer.java | 18 ++++++++++ .../camel-main-configuration-metadata.json | 3 ++ core/camel-main/src/main/docs/main.adoc | 5 ++- .../main/AwsVaultConfigurationProperties.java | 24 ++++++++++++++ 5 files changed, 87 insertions(+), 1 deletion(-) diff --git a/core/camel-api/src/main/java/org/apache/camel/vault/AwsVaultConfiguration.java b/core/camel-api/src/main/java/org/apache/camel/vault/AwsVaultConfiguration.java index 2104de6cebc..5ad4b67752a 100644 --- a/core/camel-api/src/main/java/org/apache/camel/vault/AwsVaultConfiguration.java +++ b/core/camel-api/src/main/java/org/apache/camel/vault/AwsVaultConfiguration.java @@ -31,6 +31,12 @@ public class AwsVaultConfiguration extends VaultConfiguration { private String region; @Metadata private boolean defaultCredentialsProvider; + @Metadata + private boolean refreshEnabled; + @Metadata(defaultValue = "30000") + private long refreshPeriod = 30000; + @Metadata + private String secrets; public String getAccessKey() { return accessKey; @@ -76,4 +82,36 @@ public class AwsVaultConfiguration extends VaultConfiguration { this.defaultCredentialsProvider = defaultCredentialsProvider; } + public boolean isRefreshEnabled() { + return refreshEnabled; + } + + /** + * Whether to automatically reload Camel upon secrets being updated in AWS. + */ + public void setRefreshEnabled(boolean refreshEnabled) { + this.refreshEnabled = refreshEnabled; + } + + public long getRefreshPeriod() { + return refreshPeriod; + } + + /** + * The period (millis) between checking AWS for updated secrets. + */ + public void setRefreshPeriod(long refreshPeriod) { + this.refreshPeriod = refreshPeriod; + } + + public String getSecrets() { + return secrets; + } + + /** + * Specify the secret names (or pattern) to check for updates. Multiple secrets can be separated by comma. + */ + public void setSecrets(String secrets) { + this.secrets = secrets; + } } diff --git a/core/camel-main/src/generated/java/org/apache/camel/main/AwsVaultConfigurationPropertiesConfigurer.java b/core/camel-main/src/generated/java/org/apache/camel/main/AwsVaultConfigurationPropertiesConfigurer.java index ec08e5e822f..614950cfbe2 100644 --- a/core/camel-main/src/generated/java/org/apache/camel/main/AwsVaultConfigurationPropertiesConfigurer.java +++ b/core/camel-main/src/generated/java/org/apache/camel/main/AwsVaultConfigurationPropertiesConfigurer.java @@ -33,10 +33,16 @@ public class AwsVaultConfigurationPropertiesConfigurer extends org.apache.camel. case "GcpVaultConfiguration": target.setGcpVaultConfiguration(property(camelContext, org.apache.camel.vault.GcpVaultConfiguration.class, value)); return true; case "hashicorpvaultconfiguration": case "HashicorpVaultConfiguration": target.setHashicorpVaultConfiguration(property(camelContext, org.apache.camel.vault.HashicorpVaultConfiguration.class, value)); return true; + case "refreshenabled": + case "RefreshEnabled": target.setRefreshEnabled(property(camelContext, boolean.class, value)); return true; + case "refreshperiod": + case "RefreshPeriod": target.setRefreshPeriod(property(camelContext, long.class, value)); return true; case "region": case "Region": target.setRegion(property(camelContext, java.lang.String.class, value)); return true; case "secretkey": case "SecretKey": target.setSecretKey(property(camelContext, java.lang.String.class, value)); return true; + case "secrets": + case "Secrets": target.setSecrets(property(camelContext, java.lang.String.class, value)); return true; default: return false; } } @@ -56,10 +62,16 @@ public class AwsVaultConfigurationPropertiesConfigurer extends org.apache.camel. case "GcpVaultConfiguration": return org.apache.camel.vault.GcpVaultConfiguration.class; case "hashicorpvaultconfiguration": case "HashicorpVaultConfiguration": return org.apache.camel.vault.HashicorpVaultConfiguration.class; + case "refreshenabled": + case "RefreshEnabled": return boolean.class; + case "refreshperiod": + case "RefreshPeriod": return long.class; case "region": case "Region": return java.lang.String.class; case "secretkey": case "SecretKey": return java.lang.String.class; + case "secrets": + case "Secrets": return java.lang.String.class; default: return null; } } @@ -80,10 +92,16 @@ public class AwsVaultConfigurationPropertiesConfigurer extends org.apache.camel. case "GcpVaultConfiguration": return target.getGcpVaultConfiguration(); case "hashicorpvaultconfiguration": case "HashicorpVaultConfiguration": return target.getHashicorpVaultConfiguration(); + case "refreshenabled": + case "RefreshEnabled": return target.isRefreshEnabled(); + case "refreshperiod": + case "RefreshPeriod": return target.getRefreshPeriod(); case "region": case "Region": return target.getRegion(); case "secretkey": case "SecretKey": return target.getSecretKey(); + case "secrets": + case "Secrets": return target.getSecrets(); default: return null; } } diff --git a/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json b/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json index 4356af10528..3c49d0982d8 100644 --- a/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json +++ b/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json @@ -207,8 +207,11 @@ { "name": "camel.threadpool.timeUnit", "description": "Sets the default time unit used for keep alive time", "sourceType": "org.apache.camel.main.ThreadPoolConfigurationProperties", "type": "object", "javaType": "java.util.concurrent.TimeUnit" }, { "name": "camel.vault.aws.accessKey", "description": "The AWS access key", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, { "name": "camel.vault.aws.defaultCredentialsProvider", "description": "Define if we want to use the AWS Default Credentials Provider or not", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "boolean", "javaType": "boolean", "defaultValue": "false" }, + { "name": "camel.vault.aws.refreshEnabled", "description": "Whether to automatically reload Camel upon secrets being updated in AWS.", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "boolean", "javaType": "boolean", "defaultValue": "false" }, + { "name": "camel.vault.aws.refreshPeriod", "description": "The period (millis) between checking AWS for updated secrets.", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "integer", "javaType": "long", "defaultValue": 30000 }, { "name": "camel.vault.aws.region", "description": "The AWS region", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, { "name": "camel.vault.aws.secretKey", "description": "The AWS secret key", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, + { "name": "camel.vault.aws.secrets", "description": "Specify the secret names (or pattern) to check for updates. Multiple secrets can be separated by comma.", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, { "name": "camel.vault.azure.clientId", "description": "The client Id for accessing Azure Key Vault", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, { "name": "camel.vault.azure.clientSecret", "description": "The client Secret for accessing Azure Key Vault", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, { "name": "camel.vault.azure.tenantId", "description": "The Tenant Id for accessing Azure Key Vault", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" }, diff --git a/core/camel-main/src/main/docs/main.adoc b/core/camel-main/src/main/docs/main.adoc index 389c7e7517b..821bc36b5bc 100644 --- a/core/camel-main/src/main/docs/main.adoc +++ b/core/camel-main/src/main/docs/main.adoc @@ -207,15 +207,18 @@ The camel.rest supports 25 options, which are listed below. |=== === Camel AWS Vault configurations -The camel.vault.aws supports 4 options, which are listed below. +The camel.vault.aws supports 7 options, which are listed below. [width="100%",cols="2,5,^1,2",options="header"] |=== | Name | Description | Default | Type | *camel.vault.aws.accessKey* | The AWS access key | | String | *camel.vault.aws.default{zwsp}CredentialsProvider* | Define if we want to use the AWS Default Credentials Provider or not | false | boolean +| *camel.vault.aws.refreshEnabled* | Whether to automatically reload Camel upon secrets being updated in AWS. | false | boolean +| *camel.vault.aws.refreshPeriod* | The period (millis) between checking AWS for updated secrets. | 30000 | long | *camel.vault.aws.region* | The AWS region | | String | *camel.vault.aws.secretKey* | The AWS secret key | | String +| *camel.vault.aws.secrets* | Specify the secret names (or pattern) to check for updates. Multiple secrets can be separated by comma. | | String |=== === Camel GCP Vault configurations diff --git a/core/camel-main/src/main/java/org/apache/camel/main/AwsVaultConfigurationProperties.java b/core/camel-main/src/main/java/org/apache/camel/main/AwsVaultConfigurationProperties.java index 68775496dfc..ce7b852e001 100644 --- a/core/camel-main/src/main/java/org/apache/camel/main/AwsVaultConfigurationProperties.java +++ b/core/camel-main/src/main/java/org/apache/camel/main/AwsVaultConfigurationProperties.java @@ -81,4 +81,28 @@ public class AwsVaultConfigurationProperties extends AwsVaultConfiguration imple return this; } + /** + * Whether to automatically reload Camel upon secrets being updated in AWS. + */ + public AwsVaultConfigurationProperties withRefreshEnabled(boolean refreshEnabled) { + setRefreshEnabled(refreshEnabled); + return this; + } + + /** + * The period (millis) between checking AWS for updated secrets. + */ + public AwsVaultConfigurationProperties withRefreshPeriod(long refreshPeriod) { + setRefreshPeriod(refreshPeriod); + return this; + } + + /** + * Specify the secret names (or pattern) to check for updates. Multiple secrets can be separated by comma. + */ + public AwsVaultConfigurationProperties withSecrets(String secrets) { + setSecrets(secrets); + return this; + } + }
