Class KubernetesNamedSecretProvider

java.lang.Object
org.frankframework.credentialprovider.AbstractKubernetesCredentialProvider
org.frankframework.credentialprovider.KubernetesNamedSecretProvider
All Implemented Interfaces:
ISecretProvider
public class KubernetesNamedSecretProvider extends AbstractKubernetesCredentialProvider
Credential provider that resolves auth aliases from a fixed set of named Kubernetes secrets.

Unlike KubernetesCredentialFactory, which maps one Kubernetes secret to one alias, this provider expects each configured secret to hold credentials for multiple aliases using a dot-prefixed key convention. For example, a secret containing the keys myalias.username and myalias.password exposes the alias myalias with fields username and password.

The names of the Kubernetes secrets to read from must be specified via the property "credentialFactory.kubernetes.secretNames" as a comma-separated list. Secrets are searched in order; the first secret that contains any key with the requested alias prefix is used.

Both individual secrets and the full alias discovery result are cached for 60000 ms to limit calls to the Kubernetes API.

The credentials are cached for 60 seconds to prevent unnecessary calls to the Kubernetes API.