This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new ce7a11dcbc5 CAMEL-21822 - Camel-IBM-Secrets-Manager: Documentation for
properties function (#17336)
ce7a11dcbc5 is described below
commit ce7a11dcbc56a0274680969a4fbb1b2e05452b6c
Author: Andrea Cosentino <[email protected]>
AuthorDate: Mon Mar 3 14:29:28 2025 +0100
CAMEL-21822 - Camel-IBM-Secrets-Manager: Documentation for properties
function (#17336)
Signed-off-by: Andrea Cosentino <[email protected]>
---
.../main/docs/ibm-secrets-manager-component.adoc | 134 +++++++++++++++++++++
1 file changed, 134 insertions(+)
diff --git
a/components/camel-ibm-secrets-manager/src/main/docs/ibm-secrets-manager-component.adoc
b/components/camel-ibm-secrets-manager/src/main/docs/ibm-secrets-manager-component.adoc
index 5921c3991dc..eca357347f6 100644
---
a/components/camel-ibm-secrets-manager/src/main/docs/ibm-secrets-manager-component.adoc
+++
b/components/camel-ibm-secrets-manager/src/main/docs/ibm-secrets-manager-component.adoc
@@ -56,5 +56,139 @@ The component supports operations at the producer level.
Specifically, it provid
* `getSecret`
* `deleteSecret`
+== Examples
+
+=== Using IBM Secrets Manager Vault Property Function
+
+To use this function, you'll need to provide credentials for IBM Secrets
Manager vault as environment variables:
+
+[source,bash]
+----
+export CAMEL_VAULT_IBM_TOKEN=token
+export CAMEL_VAULT_IBM_SERVICE_URL=serviceUrl
+----
+
+You can also configure the credentials in the `application.properties` file
such as:
+
+[source,properties]
+----
+camel.vault.ibm.token = token
+camel.vault.ibm.serviceUrl = serviceUrl
+----
+
+NOTE: if you're running the application on a Kubernetes based cloud platform,
you can initialize the environment variables from a Secret or Configmap to
enhance security. You can also enhance security by
xref:manual::using-propertyplaceholder.adoc#_resolving_property_placeholders_on_cloud[setting
a Secret property placeholder] which will be initialized at application
runtime only.
+
+NOTE: `camel.vault.ibm` configuration only applies to the IBM Secrets Manager
Vault properties function (E.g when resolving properties).
+When using the `operation` option to create, get, list secrets etc., you
should provide the `token` and `serviceUrl` options.
+
+At this point, you'll be able to reference a property in the following way:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <to uri="{{ibm:default:route}}"/>
+ </route>
+</camelContext>
+----
+
+Where route will be the name of the secret stored in the IBM Secrets Manager
Vault instance, in the 'default' secret group.
+
+You could specify a default value in case the secret is not present on IBM
Secrets Manager Vault instance:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <to uri="{{ibm:default:route:default}}"/>
+ </route>
+</camelContext>
+----
+
+In this case, if the secret doesn't exist in the 'default' secret group, the
property will fall back to "default" as value.
+
+Also, you are able to get a particular field of the secret, if you have, for
example, a secret named database of this form:
+
+[source,bash]
+----
+{
+ "username": "admin",
+ "password": "password123",
+ "engine": "postgres",
+ "host": "127.0.0.1",
+ "port": "3128",
+ "dbname": "db"
+}
+----
+
+You're able to do get single secret value in your route, in the 'default'
secret group, like for example:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <log message="Username is {{ibm:default:database#username}}"/>
+ </route>
+</camelContext>
+----
+
+Or re-use the property as part of an endpoint.
+
+You could specify a default value in case the particular field of secret is
not present on IBM Secrets Manager Vault instance, in the 'secret' engine:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <log message="Username is {{ibm:default:database#username:admin}}"/>
+ </route>
+</camelContext>
+----
+
+In this case, if the secret doesn't exist or the secret exists (in the
'default' secret group) but the username field is not part of the secret, the
property will fall back to "admin" as value.
+
+There is also the syntax to get a particular version of the secret for both
the approaches, with field/default value specified or only with secret:
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <to uri="{{ibm:default:route@2}}"/>
+ </route>
+</camelContext>
+----
+
+This approach will return the RAW route secret with version '2', in the
'default' secret group.
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <to uri="{{ibm:default:route:default@2}}"/>
+ </route>
+</camelContext>
+----
+
+This approach will return the route secret value with version '2' or default
value in case the secret doesn't exist or the version doesn't exist (in the
'default' secret group).
+
+[source,xml]
+----
+<camelContext>
+ <route>
+ <from uri="direct:start"/>
+ <log message="Username is {{ibm:default:database#username:admin@2}}"/>
+ </route>
+</camelContext>
+----
+
+This approach will return the username field of the database secret with
version '2' or admin in case the secret doesn't exist or the version doesn't
exist (in the 'default' secret group).
+
+The only requirement is adding the camel-ibm-secrets-manager jar to your Camel
application.
include::spring-boot:partial$starter.adoc[]
