This is an automated email from the ASF dual-hosted git repository.

acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git

commit b3b1695f384dbdf152100bcc4ab9433d4c642fbd
Author: Andrea Cosentino <anco...@gmail.com>
AuthorDate: Thu Sep 22 17:50:08 2022 +0200

    Camel Google Secret Manager: Added docs related to Secret Refresh and camel 
context reload
---
 .../main/docs/google-secret-manager-component.adoc | 49 +++++++++++++++++++++-
 1 file changed, 47 insertions(+), 2 deletions(-)

diff --git 
a/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
 
b/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
index 6889d3ca727..65d5e5b565e 100644
--- 
a/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
+++ 
b/components/camel-google/camel-google-secret-manager/src/main/docs/google-secret-manager-component.adoc
@@ -230,12 +230,57 @@ This approach will return the route secret value with 
version '1' or default val
 
 This approach will return the username field of the database secret with 
version '1' or admin in case the secret doesn't exist or the version doesn't 
exist.
 
-NOTE: For the moment we are not considering the rotation function, if any will 
be applied, but it is in the work to be done.
-
 There are only two requirements: 
 - Adding `camel-google-secret-manager` JAR to your Camel application.
 - Give the service account used permissions to do operation at secret 
management level (for example accessing the secret payload, or being admin of 
secret manager service)
 
+=== Automatic Camel context reloading on Secret Refresh
+
+Being able to reload Camel context on a Secret Refresh, could be done by 
specifying the usual credentials (the same used for Google Secret Manager 
Property Function).
+
+With Environment variables:
+
+[source,bash]
+----
+export $CAMEL_VAULT_GCP_USE_DEFAULT_INSTANCE=true
+export $CAMEL_VAULT_GCP_PROJECT_ID=projectId
+----
+
+or as plain Camel main properties:
+
+[source,properties]
+----
+camel.vault.gcp.useDefaultInstance = true
+camel.vault.aws.projectId = projectId
+----
+
+Or by specifying a path to a service account key file, instead of using the 
default instance.
+
+To enable the automatic refresh you'll need additional properties to set:
+
+[source,properties]
+----
+camel.vault.gcp.projectId= projectId
+camel.vault.gcp.refreshEnabled=true
+camel.vault.gcp.refreshPeriod=60000
+camel.vault.gcp.secrets=hello*
+camel.vault.gcp.subscriptionName=subscriptionName
+camel.main.context-reload-enabled = true
+----
+
+where `camel.vault.gcp.refreshEnabled` will enable the automatic context 
reload, `camel.vault.gcp.refreshPeriod` is the interval of time between two 
different checks for update events and `camel.vault.gcp.secrets` is a regex 
representing the secrets we want to track for updates.
+
+Note that `camel.vault.gcp.secrets` is not mandatory: if not specified the 
task responsible for checking updates events will take into accounts or the 
properties with an `gcp:` prefix.
+
+The `camel.vault.gcp.subscriptionName` is the subscription name created in 
relation to the Google PubSub topic associated with the tracked secrets.
+
+This mechanism while make use of the notification system related to Google 
Secret Manager: through this feature, every secret could be associated to one 
up to ten Google Pubsub Topics. These topics will receive 
+events related to life cycle of the secret.
+
+There are only two requirements: 
+- Adding `camel-google-secret-manager` JAR to your Camel application.
+- Give the service account used permissions to do operation at secret 
management level (for example accessing the secret payload, or being admin of 
secret manager service and also have permission over the Pubsub service)
+
 === Google Secret Manager Producer operations
 
 Google Functions component provides the following operation on the producer 
side:

Reply via email to