Class KubernetesCredentialFactory
- All Implemented Interfaces:
ICredentialFactory
CredentialFactory for Kubernetes Credentials. Fetches credentials from Kubernetes secrets.
The credentials are stored in Kubernetes secrets, which are base64 encoded. The keys used for the secrets are "username" and "password".
The `KubernetesCredentialFactory` class uses several properties to configure its behavior. These properties are set in the
credentialproperties.properties file and are used to customize the connection to the Kubernetes cluster and the namespace from which secrets are
fetched. Here's a description of the properties:
credentialFactory.kubernetes.username- the username for authenticating with the Kubernetes clustercredentialFactory.kubernetes.password- the password for authenticating with the Kubernetes clustercredentialFactory.kubernetes.masterUrl- the master URL of the Kubernetes clustercredentialFactory.kubernetes.namespace- the namespace from which secrets should be fetched (default value: 'default')
Example configuration:
credentialFactory.kubernetes.username=admin
credentialFactory.kubernetes.password=example-password
credentialFactory.kubernetes.masterUrl=http://localhost:8080
credentialFactory.kubernetes.namespace=my-namespace
By setting these properties, you can control how the `KubernetesCredentialFactory` interacts with the Kubernetes cluster and retrieves credentials.
Adding a Kubernetes secret can be done by executing:
kubectl create secret generic db-alias-name \
--from-literal=username=admin --from-literal=password='example-password'
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidclose()Close Kubernetes clientprotected static StringdecodeFromSecret(io.fabric8.kubernetes.api.model.Secret secret, String key) return a list of all configured aliases, or null if such a list cannot be provided.protected List<Credentials> getCredentials(String alias, Supplier<String> defaultUsernameSupplier, Supplier<String> defaultPasswordSupplier) booleanhasCredentials(String alias) voidinitialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.
-
Field Details
-
log
-
USERNAME_KEY
- See Also:
-
PASSWORD_KEY
- See Also:
-
DEFAULT_NAMESPACE
- See Also:
-
namespace
-
-
Constructor Details
-
KubernetesCredentialFactory
public KubernetesCredentialFactory()
-
-
Method Details
-
initialize
public void initialize()Description copied from interface:ICredentialFactoryinitialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.- Specified by:
initializein interfaceICredentialFactory
-
hasCredentials
- Specified by:
hasCredentialsin interfaceICredentialFactory
-
getCredentials
public ICredentials getCredentials(String alias, Supplier<String> defaultUsernameSupplier, Supplier<String> defaultPasswordSupplier) - Specified by:
getCredentialsin interfaceICredentialFactory
-
getConfiguredAliases
Description copied from interface:ICredentialFactoryreturn a list of all configured aliases, or null if such a list cannot be provided.- Specified by:
getConfiguredAliasesin interfaceICredentialFactory
-
getCredentials
-
decodeFromSecret
-
close
public void close()Close Kubernetes client
-