/** * Decode from Base64 a keyed value from a Secret * * @param secret Secret from which decoding the value * @param key Key of the value to decode * @return decoded value */ protected byte[] decodeFromSecret(Secret secret, String key) { return Base64.getDecoder().decode(secret.getData().get(key)); }
public void maybeGeneratePassword(PasswordGenerator generator, Secret userSecret) { if (userSecret != null) { // Secret already exists -> lets verify if it has a password String password = userSecret.getData().get(KEY_PASSWORD); if (password != null && !password.isEmpty()) { this.scramSha512Password = new String(Base64.getDecoder().decode(password), Charset.forName("US-ASCII")); return; } } log.debug("Generating user password"); this.scramSha512Password = generator.generate(); }
static X509Certificate cert(Secret secret, String key) { if (secret == null || secret.getData() == null || secret.getData().get(key) == null) { return null; } Base64.Decoder decoder = Base64.getDecoder(); byte[] bytes = decoder.decode(secret.getData().get(key)); try { return x509Certificate(bytes); } catch (CertificateException e) { throw new RuntimeException("Certificate in data." + key.replace(".", "\\.") + " of Secret " + secret.getMetadata().getName(), e); } }
public byte[] currentCaKey() { Base64.Decoder decoder = Base64.getDecoder(); return decoder.decode(caKeySecret().getData().get(CA_KEY)); }
public byte[] currentCaCertBytes() { Base64.Decoder decoder = Base64.getDecoder(); return decoder.decode(caCertSecret().getData().get(CA_CRT)); }
public UserCredentials getKeycloakCredentials() { Secret creds = client.secrets().inNamespace(globalNamespace).withName("keycloak-credentials").get(); if (creds != null) { String username = new String(Base64.getDecoder().decode(creds.getData().get("admin.username"))); String password = new String(Base64.getDecoder().decode(creds.getData().get("admin.password"))); return new UserCredentials(username, password); } else { return null; } }
public String getServiceaccountToken(String name, String namespace) { return new String(Base64.getDecoder().decode(client.secrets().inNamespace(namespace).list().getItems().stream() .filter(secret -> secret.getMetadata().getName().contains(name + "-token")).collect(Collectors.toList()) .get(0).getData().get("token")), StandardCharsets.UTF_8); } }
/** * Set the {@code strimzi.io/force-renew} annotation on the given {@code caCert} if the given {@code caKey} has * the given {@code key}. * * This is used to force certificate renewal when upgrading from a Strimzi 0.6.0 Secret. */ protected static Secret forceRenewal(Secret caCert, Secret caKey, String key) { if (caCert != null && caKey != null && caKey.getData() != null && caKey.getData().containsKey(key)) { caCert = new SecretBuilder(caCert).editMetadata().addToAnnotations(ANNO_STRIMZI_IO_FORCE_RENEW, "true").endMetadata().build(); } return caCert; }
protected static Secret forceReplacement(Secret caCert, Secret caKey, String key) { if (caCert != null && caKey != null && caKey.getData() != null && caKey.getData().containsKey(key)) { caKey = new SecretBuilder(caKey).editMetadata().addToAnnotations(ANNO_STRIMZI_IO_FORCE_REPLACE, "true").endMetadata().build(); } return caKey; }
@Override public String getCert(String secretName) { Secret secret = client.secrets().inNamespace(namespace).withName(secretName).get(); if (secret == null) { throw new InternalServerErrorException("Cannot get secret " + secretName); } Map<String, String> caData = secret.getData(); return new String(Base64.getDecoder().decode(caData.get("tls.crt")), StandardCharsets.UTF_8); }
@Override Map<String, String> getData(KubernetesClient client, String name) { Secret resource = client.secrets().withName(name).get(); return (resource != null) ? resource.getData() : null; }
public SecretBuilder( SecretFluent<?> fluent , Secret instance ){ this.fluent = fluent; fluent.withApiVersion(instance.getApiVersion()); fluent.withData(instance.getData()); fluent.withKind(instance.getKind()); fluent.withMetadata(instance.getMetadata()); fluent.withType(instance.getType()); } public SecretBuilder( Secret instance ){
public SecretBuilder(Secret instance,Boolean validationEnabled){ this.fluent = this; this.withApiVersion(instance.getApiVersion()); this.withData(instance.getData()); this.withKind(instance.getKind()); this.withMetadata(instance.getMetadata()); this.withStringData(instance.getStringData()); this.withType(instance.getType()); this.validationEnabled = validationEnabled; }
public SecretFluentImpl(Secret instance){ this.withApiVersion(instance.getApiVersion()); this.withData(instance.getData()); this.withKind(instance.getKind()); this.withMetadata(instance.getMetadata()); this.withStringData(instance.getStringData()); this.withType(instance.getType()); }
public SecretBuilder(SecretFluent<?> fluent,Secret instance,Boolean validationEnabled){ this.fluent = fluent; fluent.withApiVersion(instance.getApiVersion()); fluent.withData(instance.getData()); fluent.withKind(instance.getKind()); fluent.withMetadata(instance.getMetadata()); fluent.withStringData(instance.getStringData()); fluent.withType(instance.getType()); this.validationEnabled = validationEnabled; } public SecretBuilder(Secret instance){