From a012db8c06c5d37f4443e7b5631f14c0efc745e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Mathieu?= Date: Mon, 11 Sep 2023 13:06:48 +0200 Subject: [PATCH] Allow disabled the secret manager --- .../common/GcpBootstrapConfiguration.java | 6 ++++++ .../main/src/main/resources/application.properties | 4 +++- .../runtime/config/SecretManagerConfigSource.java | 12 +++++++++--- 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/common/runtime/src/main/java/io/quarkiverse/googlecloudservices/common/GcpBootstrapConfiguration.java b/common/runtime/src/main/java/io/quarkiverse/googlecloudservices/common/GcpBootstrapConfiguration.java index aa565539..bbd94422 100644 --- a/common/runtime/src/main/java/io/quarkiverse/googlecloudservices/common/GcpBootstrapConfiguration.java +++ b/common/runtime/src/main/java/io/quarkiverse/googlecloudservices/common/GcpBootstrapConfiguration.java @@ -52,4 +52,10 @@ public interface GcpBootstrapConfiguration { */ @WithDefault("true") boolean accessTokenEnabled(); + + /** + * Whether to enable the secret manager + */ + @WithDefault("true") + boolean secretManagerEnabled(); } diff --git a/integration-tests/main/src/main/resources/application.properties b/integration-tests/main/src/main/resources/application.properties index 778d1988..a2d1e85f 100644 --- a/integration-tests/main/src/main/resources/application.properties +++ b/integration-tests/main/src/main/resources/application.properties @@ -17,7 +17,9 @@ # Secret Manager Demo # You can load secrets from Google Cloud Secret Manager with the ${sm//} syntax. -my.database.password=${sm//integration-test} +%prod.my.database.password=${sm//integration-test} +%test.my.database.password=test +%test.quarkus.google.cloud.secret-manager-enabled=false ## Logging config %dev.quarkus.google.cloud.logging.enabled=false diff --git a/secret-manager/runtime/src/main/java/io/quarkiverse/googlecloudservices/secretmanager/runtime/config/SecretManagerConfigSource.java b/secret-manager/runtime/src/main/java/io/quarkiverse/googlecloudservices/secretmanager/runtime/config/SecretManagerConfigSource.java index e834ee31..e8f6bdf4 100644 --- a/secret-manager/runtime/src/main/java/io/quarkiverse/googlecloudservices/secretmanager/runtime/config/SecretManagerConfigSource.java +++ b/secret-manager/runtime/src/main/java/io/quarkiverse/googlecloudservices/secretmanager/runtime/config/SecretManagerConfigSource.java @@ -9,6 +9,7 @@ import java.util.Set; import java.util.concurrent.atomic.AtomicBoolean; +import com.google.api.gax.core.FixedCredentialsProvider; import com.google.auth.oauth2.GoogleCredentials; import com.google.cloud.secretmanager.v1.AccessSecretVersionResponse; import com.google.cloud.secretmanager.v1.SecretManagerServiceClient; @@ -32,8 +33,13 @@ public class SecretManagerConfigSource extends AbstractConfigSource { public SecretManagerConfigSource(final GcpBootstrapConfiguration gcpConfig, final String projectId) { super(CONFIG_SOURCE_NAME, SECRET_MANAGER_ORDINAL); this.projectId = projectId; - this.client = createClient(gcpConfig, projectId); - this.closed = new AtomicBoolean(false); + if (gcpConfig.secretManagerEnabled()) { + this.client = createClient(gcpConfig, projectId); + this.closed = new AtomicBoolean(false); + } else { + this.client = null; + this.closed = new AtomicBoolean(true); + } } @Override @@ -75,7 +81,7 @@ private static SecretManagerServiceClient createClient( return SecretManagerServiceClient.create( SecretManagerServiceSettings.newBuilder() .setQuotaProjectId(projectId) - .setCredentialsProvider(() -> credentials(gcpConfig)) + .setCredentialsProvider(FixedCredentialsProvider.create(credentials(gcpConfig))) .build()); } catch (IOException e) { throw new RuntimeException(e);