This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-spring-boot.git
The following commit(s) were added to refs/heads/main by this push:
new 5aed3059098 CAMEL-21265 - Create ApplicationEnvironmentPreparedEvent
for Vault components - Google Secret Manager (#1256)
5aed3059098 is described below
commit 5aed30590987a5508d0b3c7875e8af9b882c0750
Author: Andrea Cosentino <[email protected]>
AuthorDate: Wed Oct 16 16:21:24 2024 +0200
CAMEL-21265 - Create ApplicationEnvironmentPreparedEvent for Vault
components - Google Secret Manager (#1256)
* CAMEL-21265 - Create ApplicationEnvironmentPreparedEvent for Vault
components - Google Secret Manager
Signed-off-by: Andrea Cosentino <[email protected]>
* CAMEL-21265 - Create ApplicationEnvironmentPreparedEvent for Vault
components - Google Secret Manager
Signed-off-by: Andrea Cosentino <[email protected]>
---------
Signed-off-by: Andrea Cosentino <[email protected]>
---
.../camel-google-secret-manager-starter/pom.xml | 12 +++
...ingBootGoogleSecretManagerPropertiesParser.java | 92 ++++++++++++++++
.../src/main/resources/META-INF/spring.factories | 2 +
.../springboot/EarlyResolvedPropertiesTest.java | 117 +++++++++++++++++++++
.../src/test/resources/application.properties | 2 +
5 files changed, 225 insertions(+)
diff --git a/components-starter/camel-google-secret-manager-starter/pom.xml
b/components-starter/camel-google-secret-manager-starter/pom.xml
index f7234b80895..684ad144fb2 100644
--- a/components-starter/camel-google-secret-manager-starter/pom.xml
+++ b/components-starter/camel-google-secret-manager-starter/pom.xml
@@ -38,6 +38,18 @@
<artifactId>camel-google-secret-manager</artifactId>
<version>${camel-version}</version>
</dependency>
+ <!-- for testing -->
+ <dependency>
+ <groupId>org.awaitility</groupId>
+ <artifactId>awaitility</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <version>${spring-boot-version}</version>
+ <scope>test</scope>
+ </dependency>
<!--START OF GENERATED CODE-->
<dependency>
<groupId>org.apache.camel.springboot</groupId>
diff --git
a/components-starter/camel-google-secret-manager-starter/src/main/java/org/apache/camel/component/google/secret/manager/springboot/SpringBootGoogleSecretManagerPropertiesParser.java
b/components-starter/camel-google-secret-manager-starter/src/main/java/org/apache/camel/component/google/secret/manager/springboot/SpringBootGoogleSecretManagerPropertiesParser.java
new file mode 100644
index 00000000000..979ce6087cf
--- /dev/null
+++
b/components-starter/camel-google-secret-manager-starter/src/main/java/org/apache/camel/component/google/secret/manager/springboot/SpringBootGoogleSecretManagerPropertiesParser.java
@@ -0,0 +1,92 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.google.secret.manager.springboot;
+
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceSettings;
+import org.apache.camel.RuntimeCamelException;
+import
org.apache.camel.component.google.secret.manager.GoogleSecretManagerPropertiesFunction;
+import org.apache.camel.util.ObjectHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import
org.springframework.boot.context.event.ApplicationEnvironmentPreparedEvent;
+import org.springframework.boot.origin.OriginTrackedValue;
+import org.springframework.context.ApplicationListener;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.PropertiesPropertySource;
+import org.springframework.core.env.PropertySource;
+
+import java.io.IOException;
+import java.util.Properties;
+
+public class SpringBootGoogleSecretManagerPropertiesParser implements
ApplicationListener<ApplicationEnvironmentPreparedEvent> {
+ private static final Logger LOG =
LoggerFactory.getLogger(SpringBootGoogleSecretManagerPropertiesParser.class);
+
+ @Override
+ public void onApplicationEvent(ApplicationEnvironmentPreparedEvent event) {
+ SecretManagerServiceClient client;
+ ConfigurableEnvironment environment = event.getEnvironment();
+ String projectId;
+ if
(Boolean.parseBoolean(environment.getProperty("camel.component.google-secret-manager.early-resolve-properties")))
{
+ projectId = environment.getProperty("camel.vault.gcp.projectId");
+ boolean useDefaultInstance =
Boolean.parseBoolean(environment.getProperty("camel.vault.gcp.useDefaultInstance"));
+ if (useDefaultInstance && ObjectHelper.isNotEmpty(projectId)) {
+ SecretManagerServiceSettings settings = null;
+ try {
+ settings =
SecretManagerServiceSettings.newBuilder().build();
+ client = SecretManagerServiceClient.create(settings);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ } else {
+ throw new RuntimeCamelException(
+ "Using the GCP Secret Manager Properties Function in
Spring Boot early resolver mode requires setting GCP project Id as application
properties and use default instance option to true");
+ }
+ GoogleSecretManagerPropertiesFunction
secretsManagerPropertiesFunction = new
GoogleSecretManagerPropertiesFunction(client, projectId);
+ final Properties props = new Properties();
+ for (PropertySource mutablePropertySources :
event.getEnvironment().getPropertySources()) {
+ if (mutablePropertySources instanceof MapPropertySource
mapPropertySource) {
+ mapPropertySource.getSource().forEach((key, value) -> {
+ String stringValue = null;
+ if ((value instanceof OriginTrackedValue
originTrackedValue &&
+ originTrackedValue.getValue() instanceof
String v)) {
+ stringValue = v;
+ } else if (value instanceof String v) {
+ stringValue = v;
+ }
+ if (stringValue != null &&
+ stringValue.startsWith("{{gcp:") &&
+ stringValue.endsWith("}}")) {
+ LOG.debug("decrypting and overriding property {}",
key);
+ try {
+ String element =
secretsManagerPropertiesFunction.apply(stringValue
+ .replace("{{gcp:", "")
+ .replace("}}", ""));
+ props.put(key, element);
+ } catch (Exception e) {
+ // Log and do nothing
+ LOG.debug("failed to parse property {}. This
exception is ignored.", key, e);
+ }
+ }
+ });
+ }
+ }
+ environment.getPropertySources().addFirst(new
PropertiesPropertySource("overridden-camel-google-secret-manager-properties",
props));
+ }
+ }
+}
diff --git
a/components-starter/camel-google-secret-manager-starter/src/main/resources/META-INF/spring.factories
b/components-starter/camel-google-secret-manager-starter/src/main/resources/META-INF/spring.factories
new file mode 100644
index 00000000000..055b6b93c35
--- /dev/null
+++
b/components-starter/camel-google-secret-manager-starter/src/main/resources/META-INF/spring.factories
@@ -0,0 +1,2 @@
+org.springframework.context.ApplicationListener=\
+
org.apache.camel.component.google.secret.manager.springboot.SpringBootGoogleSecretManagerPropertiesParser
\ No newline at end of file
diff --git
a/components-starter/camel-google-secret-manager-starter/src/test/java/org/apache/camel/component/google/secret/manager/springboot/EarlyResolvedPropertiesTest.java
b/components-starter/camel-google-secret-manager-starter/src/test/java/org/apache/camel/component/google/secret/manager/springboot/EarlyResolvedPropertiesTest.java
new file mode 100644
index 00000000000..c2ae93ea7ec
--- /dev/null
+++
b/components-starter/camel-google-secret-manager-starter/src/test/java/org/apache/camel/component/google/secret/manager/springboot/EarlyResolvedPropertiesTest.java
@@ -0,0 +1,117 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.google.secret.manager.springboot;
+
+import com.google.cloud.secretmanager.v1.ProjectName;
+import com.google.cloud.secretmanager.v1.Replication;
+import com.google.cloud.secretmanager.v1.Secret;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceSettings;
+import com.google.cloud.secretmanager.v1.SecretName;
+import com.google.cloud.secretmanager.v1.SecretPayload;
+import com.google.protobuf.ByteString;
+import org.apache.camel.spring.boot.CamelAutoConfiguration;
+import org.apache.camel.test.spring.junit5.CamelSpringBootTest;
+import org.assertj.core.api.Assertions;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable;
+import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariables;
+import org.junit.jupiter.api.condition.EnabledIfSystemProperties;
+import org.junit.jupiter.api.condition.EnabledIfSystemProperty;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.AutoConfigureBefore;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.test.annotation.DirtiesContext;
+
+import java.io.IOException;
+
+@CamelSpringBootTest
+@DirtiesContext
+@SpringBootApplication
+@SpringBootTest(
+ classes = { EarlyResolvedPropertiesTest.TestConfiguration.class },
+ properties = {
+
"camel.component.google-secret-manager.early-resolve-properties=true",
+ "early.resolved.property.simple={{gcp:databaseTestPassword}}"
+ })
+
+// Must be manually tested. Provide your own projectId using
-Dcamel.vault.test.gcp.projectId and -Dcamel.vault.test.gcp.useDefaultInstance
+@EnabledIfSystemProperties({
+ @EnabledIfSystemProperty(named = "camel.vault.test.gcp.projectId",
matches = ".*",
+ disabledReason = "Access key not provided"),
+ @EnabledIfSystemProperty(named =
"camel.vault.test.gcp.useDefaultInstance", matches = ".*",
+ disabledReason = "Secret key not provided"),
+})
+@EnabledIfEnvironmentVariables({
+ @EnabledIfEnvironmentVariable(named="GOOGLE_APPLICATION_CREDENTIALS",
matches = ".*", disabledReason = "No environment variables for google
credentials set")
+})
+public class EarlyResolvedPropertiesTest {
+
+ static SecretManagerServiceClient client;
+ static String secretId;
+
+ @BeforeAll
+ public static void setup() throws IOException {
+ String projectId =
System.getProperty("camel.vault.test.gcp.projectId");
+ String useDefaultInstance =
System.getProperty("camel.vault.test.gcp.useDefaultInstance");
+ System.setProperty("camel.vault.gcp.projectId", projectId);
+ System.setProperty("camel.vault.gcp.useDefaultInstance",
useDefaultInstance);
+
+ SecretManagerServiceSettings settings =
SecretManagerServiceSettings.newBuilder().build();
+ client = SecretManagerServiceClient.create(settings);
+ Secret secret = Secret.newBuilder()
+ .setReplication(
+ Replication.newBuilder()
+
.setAutomatic(Replication.Automatic.newBuilder().build())
+ .build())
+ .build();
+
+ Secret createdSecret = client.createSecret(ProjectName.of(projectId),
"databaseTestPassword", secret);
+
+ SecretPayload payload = SecretPayload.newBuilder()
+ .setData(ByteString.copyFromUtf8("string")).build();
+ client.addSecretVersion(createdSecret.getName(), payload);
+ }
+
+ @AfterAll
+ public static void teardown() throws IOException {
+ String projectId =
System.getProperty("camel.vault.test.gcp.projectId");
+
+ client.deleteSecret(SecretName.of(projectId, "databaseTestPassword"));
+ }
+
+ @Value("${early.resolved.property}")
+ private String earlyResolvedProperty;
+
+ @Value("${early.resolved.property.simple}")
+ private String earlyResolvedPropertySimple;
+
+ @Test
+ public void testEarlyResolvedProperties() {
+ Assertions.assertThat(earlyResolvedProperty).isEqualTo("string");
+ Assertions.assertThat(earlyResolvedPropertySimple).isEqualTo("string");
+ }
+
+ @Configuration
+ @AutoConfigureBefore(CamelAutoConfiguration.class)
+ public static class TestConfiguration {
+ }
+}
diff --git
a/components-starter/camel-google-secret-manager-starter/src/test/resources/application.properties
b/components-starter/camel-google-secret-manager-starter/src/test/resources/application.properties
new file mode 100644
index 00000000000..a71fcaf48fa
--- /dev/null
+++
b/components-starter/camel-google-secret-manager-starter/src/test/resources/application.properties
@@ -0,0 +1,2 @@
+# Needed by EarlyResolvedPropertiesTest
+early.resolved.property = {{gcp:databaseTestPassword}}
\ No newline at end of file
