in components-starter/camel-aws-secrets-manager-starter/src/main/java/org/apache/camel/component/aws/secretsmanager/springboot/SpringBootAwsSecretsManagerPropertiesParser.java [44:107]
public void onApplicationEvent(ApplicationEnvironmentPreparedEvent event) {
SecretsManagerClient client;
ConfigurableEnvironment environment = event.getEnvironment();
if (Boolean.parseBoolean(environment.getProperty("camel.component.aws-secrets-manager.early-resolve-properties"))) {
String accessKey = environment.getProperty("camel.vault.aws.accessKey");
String secretKey = environment.getProperty("camel.vault.aws.secretKey");
String region = environment.getProperty("camel.vault.aws.region");
boolean useDefaultCredentialsProvider = Boolean.parseBoolean(environment.getProperty("camel.vault.aws.defaultCredentialsProvider"));
boolean useProfileCredentialsProvider = Boolean.parseBoolean(environment.getProperty("camel.vault.aws.profileCredentialsProvider"));
String profileName = environment.getProperty("camel.vault.aws.profileName");
if (ObjectHelper.isNotEmpty(accessKey) && ObjectHelper.isNotEmpty(secretKey) && ObjectHelper.isNotEmpty(region)) {
SecretsManagerClientBuilder clientBuilder = SecretsManagerClient.builder();
AwsBasicCredentials cred = AwsBasicCredentials.create(accessKey, secretKey);
clientBuilder = clientBuilder.credentialsProvider(StaticCredentialsProvider.create(cred));
clientBuilder.region(Region.of(region));
client = clientBuilder.build();
} else if (useDefaultCredentialsProvider && ObjectHelper.isNotEmpty(region)) {
SecretsManagerClientBuilder clientBuilder = SecretsManagerClient.builder();
clientBuilder.region(Region.of(region));
client = clientBuilder.build();
} else if (useProfileCredentialsProvider && ObjectHelper.isNotEmpty(profileName)) {
SecretsManagerClientBuilder clientBuilder = SecretsManagerClient.builder();
clientBuilder.credentialsProvider(ProfileCredentialsProvider.create(profileName));
clientBuilder.region(Region.of(region));
client = clientBuilder.build();
} else {
throw new RuntimeCamelException(
"Using the AWS Secrets Manager Properties Function requires setting AWS credentials as application properties or environment variables");
}
SecretsManagerPropertiesFunction secretsManagerPropertiesFunction = new SecretsManagerPropertiesFunction(client);
final Properties props = new Properties();
for (PropertySource mutablePropertySources : event.getEnvironment().getPropertySources()) {
if (mutablePropertySources instanceof MapPropertySource mapPropertySource) {
mapPropertySource.getSource().forEach((key, value) -> {
String stringValue = null;
if ((value instanceof OriginTrackedValue originTrackedValue &&
originTrackedValue.getValue() instanceof String v)) {
stringValue = v;
} else if (value instanceof String v) {
stringValue = v;
}
if (stringValue != null &&
stringValue.startsWith("{{aws:") &&
stringValue.endsWith("}}")) {
LOG.debug("decrypting and overriding property {}", key);
try {
String element = secretsManagerPropertiesFunction.apply(stringValue
.replace("{{aws:", "")
.replace("}}", ""));
props.put(key, element);
} catch (Exception e) {
// Log and do nothing
LOG.debug("failed to parse property {}. This exception is ignored.", key, e);
}
}
});
}
}
environment.getPropertySources().addFirst(new PropertiesPropertySource("overridden-camel-aws-secrets-manager-properties", props));
}
}