org.frankframework.credentialprovider.AbstractKubernetesCredentialProvider

org.frankframework.credentialprovider.KubernetesCredentialFactory

All Implemented Interfaces:: ISecretProvider

public class KubernetesCredentialFactory extends AbstractKubernetesCredentialProvider

CredentialFactory for Kubernetes Secret. Fetches credentials from Kubernetes secrets.

The credentials are stored in Kubernetes secrets, which are base64 encoded. The keys used for the secrets are "username" and "password".

The `KubernetesCredentialFactory` class uses several properties to configure its behavior. These properties are set in the credentialproperties.properties file and are used to customize the connection to the Kubernetes cluster and the namespace from which secrets are fetched. Here's a description of the properties:

credentialFactory.kubernetes.username - the username for authenticating with the Kubernetes cluster
credentialFactory.kubernetes.password - the password for authenticating with the Kubernetes cluster
credentialFactory.kubernetes.masterUrl - the master URL of the Kubernetes cluster
credentialFactory.kubernetes.namespace - the namespace from which secrets should be fetched (default value: 'current-namespace')

Example configuration:

credentialFactory.kubernetes.username=admin
credentialFactory.kubernetes.password=example-password
credentialFactory.kubernetes.masterUrl=http://localhost:8080
credentialFactory.kubernetes.namespace=my-namespace

By setting these properties, you can control how the `KubernetesCredentialFactory` interacts with the Kubernetes cluster and retrieves credentials.

Adding a Kubernetes secret can be done by executing:

kubectl create secret generic db-alias-name \
--from-literal=username=admin --from-literal=password='example-password'

Field Summary

Fields inherited from class AbstractKubernetesCredentialProvider
client, DEFAULT_NAMESPACE, namespace
Constructor Summary

Constructors

Constructor

Description

KubernetesCredentialFactory()
Method Summary

Modifier and Type

Method

Description

Collection<String>

getConfiguredAliases()

Return a list of all configured aliases, should provide an empty list if none can be provided.

ISecret

getSecret(@NonNull CredentialAlias alias)

protected List<io.fabric8.kubernetes.api.model.Secret>

getSecretsFromKubernetes()

protected void

postInitialize(CredentialConstants appConstants)

Methods inherited from class AbstractKubernetesCredentialProvider
close, hasSecret, initialize, isAliasNameValid, warnIfAliasNameInvalid

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- KubernetesCredentialFactory
  
  public KubernetesCredentialFactory()
Method Details
- postInitialize
  
  protected void postInitialize(CredentialConstants appConstants)
  
  Specified by:
  
  postInitialize in class AbstractKubernetesCredentialProvider
- getSecret
  
  public ISecret getSecret(@NonNull CredentialAlias alias) throws NoSuchElementException
  
  Throws:
  
  NoSuchElementException
- getConfiguredAliases
  
  public Collection<String> getConfiguredAliases()
  
  Description copied from interface: ISecretProvider
  
  Return a list of all configured aliases, should provide an empty list if none can be provided.
- getSecretsFromKubernetes
  
  protected List<io.fabric8.kubernetes.api.model.Secret> getSecretsFromKubernetes()

Class KubernetesCredentialFactory

Field Summary

Fields inherited from class AbstractKubernetesCredentialProvider

Constructor Summary

Method Summary

Methods inherited from class AbstractKubernetesCredentialProvider

Methods inherited from class Object

Constructor Details

KubernetesCredentialFactory

Method Details

postInitialize

getSecret

getConfiguredAliases

getSecretsFromKubernetes