-
Bug
-
Resolution: Obsolete
-
Critical
-
camel-K-M2, camel-K-M3
-
None
-
False
-
False
-
%
-
Undefined
-
Some people may be bothered, that the secret value, for example AWS secretkey is visible in plaintext in the logs. Especially in OpenShift environment, you hide the secrets in Secret object, but then it is displayed in plain text in the pod:
oc create secret generic aws2-sqs --from-file=./config/openshift/aws2-sqs-cred.properties
secret/aws2-sqs created
Then use the properties in the connector:
camel.component.aws2-s3.accessKey: ${file:/opt/kafka/external-configuration/aws-credentials/aws2-sqs-cred.properties:accessKey}
camel.component.aws2-s3.secretKey: ${file:/opt/kafka/external-configuration/aws-credentials/aws2-sqs-cred.properties:secretKey}
camel.component.aws2-s3.region: ${file:/opt/kafka/external-configuration/aws-credentials/aws2-sqs-cred.properties:region}
The values are then printed at info level:
oc logs my-connect-cluster-connect-3-v9lqq | grep secret
camel.component.aws2-sqs.secretKey = <my secret here>
camel.source.endpoint.secretKey = null
2020-10-22 14:09:58,756 INFO Setting initial properties in Camel context: [{connector.class=org.apache.camel.kafkaconnector.aws2sqs.CamelAws2sqsSourceConnector, camel.source.maxPollDuration=10000, camel.component.aws2-sqs.region=eu-west-1, topics=sqs-topic, tasks.max=1, camel.component.aws2-sqs.secretKey=<my secret here>, camel.source.component=aws2-sqs, task.class=org.apache.camel.kafkaconnector.aws2sqs.CamelAws2sqsSourceTask, camel.source.path.queueNameOrArn=camel-connector-test, name=sqs-source-connector, value.converter=org.apache.kafka.connect.storage.StringConverter, key.converter=org.apache.kafka.connect.storage.StringConverter, camel.component.aws2-sqs.accessKey=<my access key here>}] (org.apache.camel.kafkaconnector.utils.CamelMainSupport) [task-thread-sqs-source-connector-0]
- is related to
-
-
- Closed
-