Kamelet file parameters #2080
Comments
|
The service account file for google cloud are basically json or p12. We could add a list of options and then create the service account key file on the fly to be used, but it would be a mess in terms of camel options, so for me encoding the kamelet binding parameters into secrets is the best solution. |
|
To me, this relates to #2003. Maybe we should define the type of such option as |
|
Not sure if the component has recently been updated, but I can see that the I like Luca's idea of marking the option as a resource to indicate its something that is loaded as an external resource. And Camel typically support loading via classpath, file, http. We may think about turning off http as you can potentially use a ENV variable override and then load the resource from some malicious external http server. |
|
Yes, Google storage has that features, the other google cloud components rely on an env variable pointing to service account file |
|
Would something like this work (apparently json-schema 7 compatible) ? spec:
definition:
title: "Google cloud stuff"
properties:
token:
title: Token
description: The Token file
type: string
contentEncoding: base64
contentMediaType: "application/json"
x-camel-type: resourceAt the end of the day, the configuration of a Kamelet is a JSON object and need to be validated by the schema. The Still we need to define how the file location can be accessed at runtime in the kamelet loader. |
|
do we need the contentEncoding & contentMediaType ? as it is a resource, we know that is should be either a binary config map or a secret so I guess the encoding can be implicit. With #2003, then will be multiple options to load from a location:
|
I know it, but the "resource" is "x-camel" specific metadata, while the Kamelet is supposed to tell an user (or a configuration UI) how to build a valid configuration object, without mentioning configmaps or secrets, which are Kubernetes concepts.
The problem is that a Kamelet can be used multiple times in an integration, and so you might have multiple files with a location that is different on each instance of the template. We need something instance-specific on top of the features above... |
|
I was thinking only about the runtime but yes the About the other issue, there are some JIRA to track work that could help: |
|
From Camel 3.10 we can use |
|
Ref: apache/camel#5569 |
Suppose that I want to create a Kamelet that uses this component under the hood.
The component accepts a parameter that is a path that points to some credentials provided as a JSON file by the cloud provider (all Google cloud components behave the same).
Obviously this does not map 1:1 with the current Kamelet model, but I wonder how can we make it fit.
Should we change the component to accept the credentials directly (is it possible?), or make something different?
E.g. we can use a parameter of "type" = "binary" that may indicate this scenario
The CLI + operator can make sure the parameter is e.g. expected to be passed encoded (b64?) in a KameletBinding and the property
{{myparam}}can evaluate to the file location at runtime.This seems a bit too custom as solution. Do you see a better one?
cc: @squakez , @astefanutti , @lburgazzoli , @oscerd , @davsclaus , @christophd
Should we instead define a general encoding of KameletBinding parameters into secrets, so that all properties are eventually stored into files and we can get
{{theparam}}value, or{{file:theparam}}file?The text was updated successfully, but these errors were encountered: