This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
commit b3b1695f384dbdf152100bcc4ab9433d4c642fbd
Author: Andrea Cosentino <anco...@gmail.com>
AuthorDate: Thu Sep 22 17:50:08 2022 +0200
Camel Google Secret Manager: Added docs related to Secret Refresh and camel
context reload
---
.../main/docs/google-secret-manager-component.adoc | 49 +++++++++++++++++++++-
1 file changed, 47 insertions(+), 2 deletions(-)
diff --git
a/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
b/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
index 6889d3ca727..65d5e5b565e 100644
---
a/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
+++
b/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
@@ -230,12 +230,57 @@ This approach will return the route secret value with
version '1' or default val
This approach will return the username field of the database secret with
version '1' or admin in case the secret doesn't exist or the version doesn't
exist.
-NOTE: For the moment we are not considering the rotation function, if any will
be applied, but it is in the work to be done.
-
There are only two requirements:
- Adding `camel-google-secret-manager` JAR to your Camel application.
- Give the service account used permissions to do operation at secret
management level (for example accessing the secret payload, or being admin of
secret manager service)
+=== Automatic Camel context reloading on Secret Refresh
+
+Being able to reload Camel context on a Secret Refresh, could be done by
specifying the usual credentials (the same used for Google Secret Manager
Property Function).
+
+With Environment variables:
+
+[source,bash]
+----
+export $CAMEL_VAULT_GCP_USE_DEFAULT_INSTANCE=true
+export $CAMEL_VAULT_GCP_PROJECT_ID=projectId
+----
+
+or as plain Camel main properties:
+
+[source,properties]
+----
+camel.vault.gcp.useDefaultInstance = true
+camel.vault.aws.projectId = projectId
+----
+
+Or by specifying a path to a service account key file, instead of using the
default instance.
+
+To enable the automatic refresh you'll need additional properties to set:
+
+[source,properties]
+----
+camel.vault.gcp.projectId= projectId
+camel.vault.gcp.refreshEnabled=true
+camel.vault.gcp.refreshPeriod=60000
+camel.vault.gcp.secrets=hello*
+camel.vault.gcp.subscriptionName=subscriptionName
+camel.main.context-reload-enabled = true
+----
+
+where `camel.vault.gcp.refreshEnabled` will enable the automatic context
reload, `camel.vault.gcp.refreshPeriod` is the interval of time between two
different checks for update events and `camel.vault.gcp.secrets` is a regex
representing the secrets we want to track for updates.
+
+Note that `camel.vault.gcp.secrets` is not mandatory: if not specified the
task responsible for checking updates events will take into accounts or the
properties with an `gcp:` prefix.
+
+The `camel.vault.gcp.subscriptionName` is the subscription name created in
relation to the Google PubSub topic associated with the tracked secrets.
+
+This mechanism while make use of the notification system related to Google
Secret Manager: through this feature, every secret could be associated to one
up to ten Google Pubsub Topics. These topics will receive
+events related to life cycle of the secret.
+
+There are only two requirements:
+- Adding `camel-google-secret-manager` JAR to your Camel application.
+- Give the service account used permissions to do operation at secret
management level (for example accessing the secret payload, or being admin of
secret manager service and also have permission over the Pubsub service)
+
=== Google Secret Manager Producer operations
Google Functions component provides the following operation on the producer
side:
