Gcp Secret Manager Trait

The Google Secret Manager trait can be used to use secrets from Google Secret Manager

The Google Secret Manager trait is disabled by default.

For more information about how to use secrets from Google Secret Manager take a look at the components docs: AWS Secrets Manager component

A sample execution of this trait, would require the following trait options: -t gpc-secret-manager.enabled=true -t gpc-secret-manager.project-id="project-id" -t gpc-secret-manager.service-account-key="file:serviceaccount.json"

To enable the automatic context reload on secrets updates you should define the following trait options: -t gpc-secret-manager.enabled=true -t gpc-secret-manager.project-id="project-id" -t gpc-secret-manager.service-account-key="file:serviceaccount.json" -t gcp-secret-manager.subscription-name="pubsub-sub" -t gcp-secret-manager.context-reload-enabled="true" -t gcp-secret-manager.refresh-enabled="true" -t gcp-secret-manager.refresh-period="30000" -t gcp-secret-manager.secrets="test*"

This trait is available in the following profiles: Kubernetes, Knative, OpenShift.

Configuration

Trait properties can be specified when running any integration with the CLI:

$ kamel run --trait gcp-secret-manager.[key]=[value] --trait gcp-secret-manager.[key2]=[value2] integration.yaml

The following configuration options are available:

Property Type Description

Property	Type	Description
`gcp-secret-manager.enabled`	`bool`	Can be used to enable or disable a trait. All traits share this common property.
`gcp-secret-manager.auto`	`bool`	Enables automatic configuration of the trait.
`gcp-secret-manager.project-id`	`string`	The Project Id from Google Cloud
`gcp-secret-manager.service-account-key`	`string`	The Path to a service account Key File to use secrets from Google Secret Manager
`gcp-secret-manager.use-default-instance`	`bool`	Define if we want to use the Default Instance approach for accessing the Google Secret Manager service
`gcp-secret-manager.context-reload-enabled`	`bool`	Define if we want to use the Camel Context Reload feature or not
`gcp-secret-manager.refresh-enabled`	`bool`	Define if we want to use the Refresh Feature for secrets
`gcp-secret-manager.refresh-period`	`string`	If Refresh is enabled, this defines the interval to check the refresh event
`gcp-secret-manager.secrets`	`string`	If Refresh is enabled, the regular expression representing the secrets we want to track
`gcp-secret-manager.subscription-name`	`string`	If Refresh is enabled, this defines the subscription name to the Google PubSub topic used to keep track of updates

gcp-secret-manager.enabled

bool

Can be used to enable or disable a trait. All traits share this common property.

gcp-secret-manager.auto

bool

Enables automatic configuration of the trait.

gcp-secret-manager.project-id

string

The Project Id from Google Cloud

gcp-secret-manager.service-account-key

string

The Path to a service account Key File to use secrets from Google Secret Manager

gcp-secret-manager.use-default-instance

bool

Define if we want to use the Default Instance approach for accessing the Google Secret Manager service

gcp-secret-manager.context-reload-enabled

bool

Define if we want to use the Camel Context Reload feature or not

gcp-secret-manager.refresh-enabled

bool

Define if we want to use the Refresh Feature for secrets

gcp-secret-manager.refresh-period

string

If Refresh is enabled, this defines the interval to check the refresh event

gcp-secret-manager.secrets

string

If Refresh is enabled, the regular expression representing the secrets we want to track

gcp-secret-manager.subscription-name

string

If Refresh is enabled, this defines the subscription name to the Google PubSub topic used to keep track of updates