This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new eac8e303e97 Add documentation about Kubernetes Secret Properties
Function to Secret Component (#15253)
eac8e303e97 is described below
commit eac8e303e97a760e8f445d7eb2175d691148871a
Author: Andrea Cosentino <anco...@gmail.com>
AuthorDate: Wed Aug 21 14:29:17 2024 +0200
Add documentation about Kubernetes Secret Properties Function to Secret
Component (#15253)
Signed-off-by: Andrea Cosentino <anco...@gmail.com>
---
.../main/docs/kubernetes-secrets-component.adoc | 74 +++++++++++++++++++++-
1 file changed, 73 insertions(+), 1 deletion(-)
diff --git
a/components/camel-kubernetes/src/main/docs/kubernetes-secrets-component.adoc
b/components/camel-kubernetes/src/main/docs/kubernetes-secrets-component.adoc
index 5cb4bdc60e8..bbdb04575ef 100644
---
a/components/camel-kubernetes/src/main/docs/kubernetes-secrets-component.adoc
+++
b/components/camel-kubernetes/src/main/docs/kubernetes-secrets-component.adoc
@@ -80,6 +80,78 @@ from("direct:listByLabels").process(new Processor() {
This operation returns a list of Secrets from your cluster using a label
selector (with key1 and key2, with value value1 and value2)
-
+== Using secrets properties function with Kubernetes
+
+The `camel-kubernetes` component include the following secrets related
functions:
+
+* `secret` - A function to lookup the string property from Kubernetes Secrets.
+* `secret-binary` - A function to lookup the binary property from Kubernetes
Secrets.
+
+Camel reads Secrets from the Kubernetes API Server. And when RBAC is enabled
on the cluster,
+the ServiceAccount that is used to run the application needs to have the
proper permissions for such access.
+
+Before the Kubernetes property placeholder functions can be used they need to
be configured with either (or both)
+
+- path - A _mount path_ that must be mounted to the running pod, to load the
configmaps or secrets from local disk.
+- kubernetes client - *Autowired* An
`io.fabric8.kubernetes.client.KubernetesClient` instance to use for connecting
to the Kubernetes API server.
+
+Camel will first use _mount paths_ (if configured) to lookup, and then
fallback to use the `KubernetesClient`.
+
+A secret named `mydb` could contain username and passwords to connect to a
database such as:
+
+[source,properties]
+----
+myhost = killroy
+myport = 5555
+myuser = scott
+mypass = tiger
+----
+
+This can be used in Camel with for example the Postrgres Sink Kamelet:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:rome"/>
+ <setBody>
+ <constant>{ "username":"oscerd", "city":"Rome"}</constant>
+ </setBody>
+ <to uri="kamelet:postgresql-sink?serverName={{secret:mydb/myhost}}
+ &serverPort={{secret:mydb/myport}}
+ &username={{secret:mydb/myuser}}
+ &password={{secret:mydb/mypass}}
+ &databaseName=cities
+ &query=INSERT INTO accounts (username,city) VALUES
(:#username,:#city)"/>
+ </route>
+</camelContext>
+----
+
+The postgres-sink Kamelet can also be configured in `application.properties`
which reduces the configuration
+in the route above:
+
+[source,properties]
+----
+camel.component.kamelet.postgresql-sink.databaseName={{secret:mydb/myhost}}
+camel.component.kamelet.postgresql-sink.serverPort={{secret:mydb/myport}}
+camel.component.kamelet.postgresql-sink.username={{secret:mydb/myuser}}
+camel.component.kamelet.postgresql-sink.password={{secret:mydb/mypass}}
+----
+
+Which reduces the route to:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:rome"/>
+ <setBody>
+ <constant>{ "username":"oscerd", "city":"Rome"}</constant>
+ </setBody>
+ <to uri="kamelet:postgresql-sink?databaseName=cities
+ &query=INSERT INTO accounts (username,city) VALUES
(:#username,:#city)"/>
+ </route>
+</camelContext>
+----
include::spring-boot:partial$starter.adoc[]
