You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by "djetelina (via GitHub)" <gi...@apache.org> on 2023/05/10 18:24:11 UTC
[GitHub] [camel-k] djetelina opened a new issue, #4359: Keda integration not working with mounted secrets
djetelina opened a new issue, #4359:
URL: https://github.com/apache/camel-k/issues/4359
Hi, as I've mentioned in #2875 I've encountered a problem concerning secrets and Keda integration.
Keda integration (in our case with RabbitMQ) works great, if the password lives inside spec.source.properties directly, but when pulling the password through mounted secret and a properties file, the generated Keda TriggerAuthentication doesn't have the password inside.
I've minified our custom Kamelet to include just the important parts, let me know if need the full length Kamelet to reproduce the issue.
```
apiVersion: camel.apache.org/v1alpha1
kind: Kamelet
metadata:
name: custom-spring-rabbitmq-source
namespace: camel-k-operator
annotations:
camel.apache.org/kamelet.group: "Spring RabbitMQ"
camel.apache.org/keda.type: "rabbitmq"
camel.apache.org/keda.authentication.host: "amqp://{{.username}}:{{.password}}@{{.hostname}}:{{.port}}/{{.vhost}}"
camel.apache.org/keda.metadata.mode: "QueueLength"
camel.apache.org/keda.metadata.value: "150"
labels:
camel.apache.org/kamelet.type: "source"
spec:
definition:
title: "Spring RabbitMQ Source"
description: |-
Receive data from a RabbitMQ Broker.
required:
- username
- password
- hostname
- port
- vhost
type: object
properties:
hostname:
title: Hostname
description: The hostname for the RabbitMQ broker
type: string
example: "localhost"
port:
title: Port
description: The port number for the RabbitMQ broker
type: int
example: "localhost"
username:
title: Username
description: The username to access the RabbitMQ server
type: string
x-descriptors:
- urn:camel:group:credentials
password:
title: Password
description: The password to access the RabbitMQ server
type: string
format: password
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:password
- urn:camel:group:credentials
vhost:
title: Virtual Host
description: The vhost for the channel
type: string
default: "/"
dependencies:
- "camel:spring-rabbitmq"
- "camel:kamelet"
```
Then in a secret there's a properties file with the following:
```
camel.kamelet.custom-spring-rabbitmq-source.password=${rmq-password}
```
Which is then loaded through a trait annotation into a KameletBinding
```yaml
"trait.camel.apache.org/mount.configs": "secret:my-secret/my.properties"
```
The results are that pods can connect to RabbitMQ, but ScaledObject cannot access it, because in it's secret used by the TriggerAuthentication (`secretTargetRef` ...) under host there's the following
```
amqp://my-user:@my-host:my-port/my-vhost
```
instead of
```
amqp://my-user:my-password@my-host:my-port/my-vhost
```
I hope I've provided all the necessary parts and bits in order to make it reproducible, but like I wrote above, if there's anything missing, let me know, I just didn't want to make the snippets too long so that the information gets lost :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k] squakez commented on issue #4359: Keda integration not working with mounted secrets
Posted by "squakez (via GitHub)" <gi...@apache.org>.
squakez commented on issue #4359:
URL: https://github.com/apache/camel-k/issues/4359#issuecomment-1543469428
Thanks for the reproducer. We'll have a look asap. In the while, feel free to go ahead with any parallel analysis and feel free to contribute with any fix if you happen to find it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org