org.frankframework.credentialprovider.AbstractKubernetesCredentialProvider

All Implemented Interfaces:: ISecretProvider

Direct Known Subclasses:: KubernetesCredentialFactory, KubernetesNamedSecretProvider

public abstract class AbstractKubernetesCredentialProvider extends Object implements ISecretProvider

Abstract base class for Kubernetes-backed credential providers.

Handles shared concerns: building and configuring the KubernetesClient, verifying connectivity to the cluster, and validating alias names against the Kubernetes RFC 1123 naming rules (must start and end with an alphanumeric character).

Subclasses implement postInitialize(CredentialConstants) to perform their own startup work after the client is ready, and must provide implementations of ISecretProvider.getSecret(CredentialAlias) and ISecretProvider.getConfiguredAliases().

The following properties are read from CredentialConstants during initialization:

"credentialFactory.kubernetes.masterUrl" — override the Kubernetes API server URL
"credentialFactory.kubernetes.username" — optional username for cluster authentication
"credentialFactory.kubernetes.password" — optional password for cluster authentication
"credentialFactory.kubernetes.namespace" — namespace to operate in (defaults to "default")

Field Summary

Fields

Modifier and Type

Field

Description

protected io.fabric8.kubernetes.client.KubernetesClient

client

static final String

DEFAULT_NAMESPACE

protected String

namespace
Constructor Summary

Constructors

Constructor

Description

AbstractKubernetesCredentialProvider()
Method Summary

Modifier and Type

Method

Description

void

close()

boolean

hasSecret(@NonNull CredentialAlias alias)

final void

initialize()

initialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.

protected boolean

isAliasNameValid(CredentialAlias alias)

A Kubernetes secret name must start and end with an alphanumeric character (RFC 1123).

protected abstract void

postInitialize(CredentialConstants appConstants)

protected void

warnIfAliasNameInvalid(CredentialAlias alias)

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface ISecretProvider
getConfiguredAliases, getSecret

Field Details
- DEFAULT_NAMESPACE
  public static final String DEFAULT_NAMESPACE
  
  See Also:
  
  Constant Field Values
- namespace
  
  protected String namespace
- client
  
  protected io.fabric8.kubernetes.client.KubernetesClient client
Constructor Details
- AbstractKubernetesCredentialProvider
  
  public AbstractKubernetesCredentialProvider()
Method Details
- initialize
  
  public final void initialize()
  
  Description copied from interface: ISecretProvider
  
  initialize() of an implementation can throw an exception when the credentialFactory cannot be properly configured and used.
  
  Specified by:
  
  initialize in interface ISecretProvider
- postInitialize
  
  protected abstract void postInitialize(CredentialConstants appConstants)
- hasSecret
  
  public boolean hasSecret(@NonNull CredentialAlias alias)
  
  Specified by:
  
  hasSecret in interface ISecretProvider
- isAliasNameValid
  
  protected boolean isAliasNameValid(CredentialAlias alias)
  
  A Kubernetes secret name must start and end with an alphanumeric character (RFC 1123). Allowed characters are already validated by CredentialAlias, so we only check the boundaries.
- warnIfAliasNameInvalid
  
  protected void warnIfAliasNameInvalid(CredentialAlias alias)
- close
  
  public void close()

Class AbstractKubernetesCredentialProvider

Field Summary

Constructor Summary

Method Summary

Methods inherited from class Object

Methods inherited from interface ISecretProvider

Field Details

DEFAULT_NAMESPACE

namespace

client

Constructor Details

AbstractKubernetesCredentialProvider

Method Details

initialize

postInitialize

hasSecret

isAliasNameValid

warnIfAliasNameInvalid

close