Package org.frankframework.credentialprovider

Class KubernetesCredentialFactory

java.lang.Object

org.frankframework.credentialprovider.KubernetesCredentialFactory

All Implemented Interfaces:

ISecretProvider

public class KubernetesCredentialFactory
extends Object
implements ISecretProvider

CredentialFactory for Kubernetes Secret. Fetches credentials from Kubernetes secrets.

The credentials are stored in Kubernetes secrets, which are base64 encoded. The keys used for the secrets are "username" and "password".

The `KubernetesCredentialFactory` class uses several properties to configure its behavior. These properties are set in the credentialproperties.properties file and are used to customize the connection to the Kubernetes cluster and the namespace from which secrets are fetched. Here's a description of the properties:

• credentialFactory.kubernetes.username - the username for authenticating with the Kubernetes cluster
• credentialFactory.kubernetes.password - the password for authenticating with the Kubernetes cluster
• credentialFactory.kubernetes.masterUrl - the master URL of the Kubernetes cluster
• credentialFactory.kubernetes.namespace - the namespace from which secrets should be fetched (default value: 'default')

Example configuration:

 credentialFactory.kubernetes.username=admin
 credentialFactory.kubernetes.password=example-password
 credentialFactory.kubernetes.masterUrl=http://localhost:8080
 credentialFactory.kubernetes.namespace=my-namespace
 

By setting these properties, you can control how the `KubernetesCredentialFactory` interacts with the Kubernetes cluster and retrieves credentials.

Adding a Kubernetes secret can be done by executing:

 kubectl create secret generic db-alias-name \
 --from-literal=username=admin --from-literal=password='example-password'
 

Field Summary

Fields

Modifier and Type	Field	Description
static final String	DEFAULT_NAMESPACE
protected String	namespace

Constructor Summary

Constructors

Constructor	Description
KubernetesCredentialFactory()

Method Summary

Modifier and Type	Method	Description
void	close()	Close Kubernetes client
Collection<String>	getConfiguredAliases()	return a list of all configured aliases, or null if such a list cannot be provided.
ISecret	getSecret(CredentialAlias alias)
protected List<io.fabric8.kubernetes.api.model.Secret>	getSecretsFromKubernetes()
boolean	hasSecret(CredentialAlias alias)
void	initialize()	initialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

DEFAULT_NAMESPACE

public static final String DEFAULT_NAMESPACE

See Also:

• Constant Field Values

namespace

protected String namespace

Constructor Details

KubernetesCredentialFactory

public KubernetesCredentialFactory()

Method Details

initialize

public void initialize()

Description copied from interface: ISecretProvider

initialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.

Specified by:

initialize in interface ISecretProvider

hasSecret

public boolean hasSecret(@Nonnull
 CredentialAlias alias)

Specified by:

hasSecret in interface ISecretProvider

getSecret

public ISecret getSecret(@Nonnull
 CredentialAlias alias)
                  throws NoSuchElementException

Specified by:

getSecret in interface ISecretProvider

Throws:

NoSuchElementException

getConfiguredAliases

public Collection<String> getConfiguredAliases()

Description copied from interface: ISecretProvider

return a list of all configured aliases, or null if such a list cannot be provided.

Specified by:

getConfiguredAliases in interface ISecretProvider

getSecretsFromKubernetes

protected List<io.fabric8.kubernetes.api.model.Secret> getSecretsFromKubernetes()

close

public void close()

Close Kubernetes client