This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
The following commit(s) were added to refs/heads/main by this push:
new 4d74a7d897 fixes #6660: azure-key-vault refresh context coverage
4d74a7d897 is described below
commit 4d74a7d8973d52ba1ee21d4c3037f18ea88b7b51
Author: Jiri Ondrusek <ondrusek.j...@gmail.com>
AuthorDate: Tue Feb 4 09:50:19 2025 +0100
fixes #6660: azure-key-vault refresh context coverage
---
integration-test-groups/azure/README.adoc | 1 +
.../azure/azure-key-vault/README.adoc | 64 ++++++++++
.../azure/azure-key-vault/key-vault-resources.sh | 78 ++++++++++++
.../azure/key/vault/it/AzureKeyVaultResource.java | 17 +++
.../azure/key/vault/it/AzureKeyVaultRoutes.java | 32 ++---
.../azure/key/vault/it/AzureKeyVaultTest.java | 137 +++++++++++++++++----
.../key/vault/it/ContextReloadTestProfile.java | 37 ++++++
integration-test-groups/azure/azure-resources.sh | 14 ++-
8 files changed, 336 insertions(+), 44 deletions(-)
diff --git a/integration-test-groups/azure/README.adoc
b/integration-test-groups/azure/README.adoc
index e99566ebbf..0800acd62d 100644
--- a/integration-test-groups/azure/README.adoc
+++ b/integration-test-groups/azure/README.adoc
@@ -8,6 +8,7 @@ or skipped, if the given service is not supported by Azurite.
Unsupported by Azurite:
* `azure-eventhubs`
+* `azure-key-vault`
=== Real Azure API
diff --git a/integration-test-groups/azure/azure-key-vault/README.adoc
b/integration-test-groups/azure/azure-key-vault/README.adoc
new file mode 100644
index 0000000000..829a674560
--- /dev/null
+++ b/integration-test-groups/azure/azure-key-vault/README.adoc
@@ -0,0 +1,64 @@
+== Azure key vault isolated integration tests
+
+=== Real Azure API
+
+Prerequisites:
+
+* A
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&tabs=azure-portal[general-purpose
v2 Azure storage account] and
+https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal[create
a container]
+* The
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-change-feed?tabs=azure-portal#enable-and-disable-the-change-feed[change
feed] is enabled on your storage account
+* View the
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#view-account-access-keys[account
keys] and set the following environment variables
+* An https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-create[Azure
Event Hub]
+* An
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-get-connection-string[Event
Hubs connection string]
+* A https://learn.microsoft.com/en-us/azure/key-vault/general/overview[Key
Vault] configured in your Azure account
+
+To add resources required for key-vault tests, you can use
`key-vault-resources.sh` script as follows. Ensure that you have installed (and
logged in) the https://docs.microsoft.com/en-us/cli/azure/[Azure CLI]
beforehand.
+The script prerequisites are permissions, resource group and event hub
namespace.
+If you need such resources created as well, please follow instructions from
the parent module.
+
+[source,shell]
+----
+$ ./key-vault-resources.sh create
+----
+
+The script outputs a set of export commands that you may want to paste to your
shell.
+
+Here are the environment variables you need to set:
+
+[source,shell]
+----
+export RESOURCE_GROUP=<existing-resource-group>
+export ZONE=<your-zone>
+export EH_NAMESPACE=<existing event hub namespace>
+export AZURE_STORAGE_ACCOUNT_NAME=<existing event hub storage account name>
+----
+
+To clean up, run
+
+[source,shell]
+----
+$ ./key-vault-resources.sh delete
+----
+
+=== What is created by the script
+
+* eventhub used for testing context reload
+* storage container required for storing position of eventhub consumer
+
+Following properties are generated by the script and are required for the test
execution:
+[source,shell]
+----
+ export AZURE_EVENT_HUBS_BLOB_CONTAINER_NAME=<container for storing
position of eventhub consumer>
+ export AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING=<connection string for
eventhub>
+ export AZURE_STORAGE_ACCOUNT_KEY=<storage account key required for context
refresh configuration>
+----
+
+Following properties have to be set manually before test execution
+
+[source,shell]
+----
+export AZURE_CLIENT_ID=<your-azure-app-client-id>
+export AZURE_CLIENT_SECRET=<your-azure-app-client-secret>
+export AZURE_TENANT_ID=<your-azure-app-tenant-id>
+export AZURE_VAULT_NAME=<your-azure-key-vault-name>
+----
\ No newline at end of file
diff --git
a/integration-test-groups/azure/azure-key-vault/key-vault-resources.sh
b/integration-test-groups/azure/azure-key-vault/key-vault-resources.sh
new file mode 100755
index 0000000000..96ef816784
--- /dev/null
+++ b/integration-test-groups/azure/azure-key-vault/key-vault-resources.sh
@@ -0,0 +1,78 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#script to create/delete all resources required for key-vault refresh test.
+#In comparison with ../azure-resources/sh, the script is not creating any
permissions, resource groups, ...
+#Following properties has to be se upon running the script
+#export RESOURCE_GROUP=<existing-resource-group>
+#export ZONE=<your-zone>
+#export EH_NAMESPACE=<existing event hub namespace>
+#export AZURE_STORAGE_ACCOUNT_NAME=<existing event hub storage account name>
+
+if ! which az > /dev/null 2>&1; then
+ echo "$(basename $0) requires the Azure CLI."
+ echo
+ echo "https://docs.microsoft.com/en-us/cli/azure/";
+ echo
+ exit 1
+fi
+
+suffix="$(az ad signed-in-user show --query displayName -o tsv | tr
'[:upper:]' '[:lower:]' | tr -cd '[:alnum:]' | cut -c-12)"
+suffix="${suffix}4"
+
+export AZURE_VAULT_REFRESH_EH_NAME=camel-quarkus-secret-refresh-hub-${suffix}
+export AZURE_BLOB_CONTAINER_NAME=cq-container-${suffix}
+
+function createResources() {
+ set -e
+ set -x
+ AZURE_EVENT_HUBS_CONNECTION_STRING=$(az eventhubs namespace
authorization-rule keys list --resource-group ${RESOURCE_GROUP}
--namespace-name ${EH_NAMESPACE} --name RootManageSharedAccessKey --query
primaryConnectionString -o tsv)
+
+ az storage container create --account-name ${AZURE_STORAGE_ACCOUNT_NAME}
--name ${AZURE_BLOB_CONTAINER_NAME} --auth-mode login
+
+ AZURE_STORAGE_ACCOUNT_KEY=$(az storage account keys list --account-name
${AZURE_STORAGE_ACCOUNT_NAME} --query '[0].value' -o tsv)
+
+ az eventhubs eventhub create --name ${AZURE_VAULT_REFRESH_EH_NAME}
--resource-group ${RESOURCE_GROUP} --namespace-name ${EH_NAMESPACE}
--cleanup-policy Delete --partition-count 1 --retention-time 1
+
+ set +x
+ echo "Add the following to your environment:"
+ echo 'export
AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME="'${AZURE_BLOB_CONTAINER_NAME}'"'
+ echo 'export
AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING="'$AZURE_EVENT_HUBS_CONNECTION_STRING';EntityPath='${AZURE_VAULT_REFRESH_EH_NAME}'"'
+ echo 'export AZURE_STORAGE_ACCOUNT_KEY="'${AZURE_STORAGE_ACCOUNT_KEY}'"'
+}
+
+
+function deleteResources() {
+ set -x
+ set +e
+
+ az storage container delete --account-name ${AZURE_STORAGE_ACCOUNT_NAME}
--name ${AZURE_BLOB_CONTAINER_NAME} --auth-mode login
+
+ az eventhubs eventhub delete --name ${AZURE_VAULT_REFRESH_EH_NAME}
--resource-group ${RESOURCE_GROUP} --namespace-name ${EH_NAMESPACE}
+}
+
+case "$1" in
+create) echo "Creating Azure resources"
+ createResources
+ ;;
+delete) echo "Deleting Azure resources"
+ deleteResources
+ ;;
+*) echo "usage: $0 [create|delete]"
+ ;;
+esac
diff --git
a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java
b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java
index 3251da5c43..61a77d9fcd 100644
---
a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java
+++
b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java
@@ -16,8 +16,11 @@
*/
package org.apache.camel.quarkus.component.azure.key.vault.it;
+import java.util.concurrent.atomic.AtomicBoolean;
+
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.event.Observes;
import jakarta.inject.Inject;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
@@ -30,6 +33,7 @@ import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import org.apache.camel.ProducerTemplate;
import org.apache.camel.component.azure.key.vault.KeyVaultConstants;
+import org.apache.camel.impl.event.CamelContextReloadedEvent;
@Path("/azure-key-vault")
@ApplicationScoped
@@ -37,6 +41,12 @@ public class AzureKeyVaultResource {
@Inject
ProducerTemplate producerTemplate;
+ static final AtomicBoolean contextReloaded = new AtomicBoolean(false);
+
+ void onReload(@Observes CamelContextReloadedEvent event) {
+ contextReloaded.set(true);
+ }
+
@Path("/secret/{secretName}")
@POST
@Consumes(MediaType.TEXT_PLAIN)
@@ -76,4 +86,11 @@ public class AzureKeyVaultResource {
public String getSecretFromPropertyPlaceholder() {
return producerTemplate.requestBody("direct:propertyPlaceholder",
null, String.class);
}
+
+ @Path("/context/reload")
+ @GET
+ @Produces(MediaType.TEXT_PLAIN)
+ public boolean contextReloadStatus() {
+ return contextReloaded.get();
+ }
}
diff --git
a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java
b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java
index a29c9a07f3..534aea1b40 100644
---
a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java
+++
b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java
@@ -16,9 +16,7 @@
*/
package org.apache.camel.quarkus.component.azure.key.vault.it;
-import org.apache.camel.Exchange;
import org.apache.camel.Message;
-import org.apache.camel.Processor;
import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.spi.PropertiesComponent;
@@ -26,33 +24,35 @@ public class AzureKeyVaultRoutes extends RouteBuilder {
@Override
public void configure() throws Exception {
from("direct:createSecret")
- .to(azureKeyVault("createSecret"));
+ .to(azureKeyVault("createSecret", true));
from("direct:getSecret")
- .to(azureKeyVault("getSecret"));
+ .to(azureKeyVault("getSecret", false));
from("direct:deleteSecret")
- .to(azureKeyVault("deleteSecret"));
+ .to(azureKeyVault("deleteSecret", true));
from("direct:purgeDeletedSecret")
- .to(azureKeyVault("purgeDeletedSecret"));
+ .to(azureKeyVault("purgeDeletedSecret", false));
from("direct:propertyPlaceholder")
- .process(new Processor() {
- @Override
- public void process(Exchange exchange) throws Exception {
- Message message = exchange.getMessage();
- PropertiesComponent component =
exchange.getContext().getPropertiesComponent();
-
component.resolveProperty("azure:camel-quarkus-secret").ifPresent(message::setBody);
- }
+ .process(exchange -> {
+ Message message = exchange.getMessage();
+ PropertiesComponent component =
exchange.getContext().getPropertiesComponent();
+
component.resolveProperty("azure:camel-quarkus-secret").ifPresent(message::setBody);
});
}
- private String azureKeyVault(String operation) {
- return "azure-key-vault://{{camel.vault.azure.vaultName}}" +
+ private String azureKeyVault(String operation, boolean useIdentity) {
+ StringBuilder sb = new
StringBuilder("azure-key-vault://{{camel.vault.azure.vaultName}}" +
"?clientId=RAW({{camel.vault.azure.clientId}})" +
"&clientSecret=RAW({{camel.vault.azure.clientSecret}})" +
"&tenantId=RAW({{camel.vault.azure.tenantId}})" +
- "&operation=" + operation;
+ "&operation=" + operation);
+
+ if (useIdentity) {
+ sb.append("&credentialType=AZURE_IDENTITY");
+ }
+ return sb.toString();
}
}
diff --git
a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java
b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java
index 74c2431466..da255ac0d7 100644
---
a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java
+++
b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java
@@ -16,12 +16,24 @@
*/
package org.apache.camel.quarkus.component.azure.key.vault.it;
+import java.util.LinkedList;
+import java.util.List;
import java.util.UUID;
+import java.util.concurrent.TimeUnit;
+import com.azure.messaging.eventhubs.EventData;
+import com.azure.messaging.eventhubs.EventHubClientBuilder;
+import com.azure.messaging.eventhubs.EventHubConsumerAsyncClient;
+import com.azure.messaging.eventhubs.EventHubProducerClient;
+import com.azure.messaging.eventhubs.models.EventPosition;
import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.junit.TestProfile;
import io.restassured.RestAssured;
+import org.hamcrest.CoreMatchers;
+import org.jboss.logging.Logger;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable;
+import org.testcontainers.shaded.org.awaitility.Awaitility;
import static org.hamcrest.Matchers.is;
@@ -30,8 +42,21 @@ import static org.hamcrest.Matchers.is;
@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+")
@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+")
@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+")
+@TestProfile(ContextReloadTestProfile.class)
@QuarkusTest
class AzureKeyVaultTest {
+
+ private static final org.jboss.logging.Logger LOG =
Logger.getLogger(AzureKeyVaultTest.class);
+ private static final String SECRET_NAME_FOR_REFRESH =
"cq-secret-context-refresh-" + UUID.randomUUID();
+ private static final String AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING =
"AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING";
+
+ private static String generateRefreshEvent(String secretName) {
+ return "[{\n" +
+ " \"subject\": \"" + SECRET_NAME_FOR_REFRESH + "-.*\",\n" +
+ " \"eventType\":
\"Microsoft.KeyVault.SecretNewVersionCreated\"\n" +
+ "}]";
+ }
+
@Test
void secretCreateRetrieveDeletePurge() {
String secretName = UUID.randomUUID().toString();
@@ -53,23 +78,7 @@ class AzureKeyVaultTest {
.statusCode(200)
.body(is(secret));
} finally {
- // Delete secret
- RestAssured.given()
- .delete("/azure-key-vault/secret/{secretName}", secretName)
- .then()
- .statusCode(200);
-
- // Purge secret
- RestAssured.given()
- .delete("/azure-key-vault/secret/{secretName}/purge",
secretName)
- .then()
- .statusCode(200);
-
- // Confirm deletion
- RestAssured.given()
- .get("/azure-key-vault/secret/{secretName}", secretName)
- .then()
- .statusCode(500);
+ deleteSecretImmediately(secretName);
}
}
@@ -94,23 +103,97 @@ class AzureKeyVaultTest {
.statusCode(200)
.body(is(secret));
} finally {
- // Delete secret
- RestAssured.given()
- .delete("/azure-key-vault/secret/{secretName}", secretName)
- .then()
- .statusCode(200);
+ deleteSecretImmediately(secretName);
+ }
+ }
- // Purge secret
+ @EnabledIfEnvironmentVariable(named = "AZURE_STORAGE_ACCOUNT_KEY", matches
= ".+")
+ @EnabledIfEnvironmentVariable(named =
AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING, matches = ".+")
+ @Test
+ void contextRefresh() {
+ String secretName = SECRET_NAME_FOR_REFRESH;
+ String secretValue = "Hello Camel Quarkus Azure Key Vault From
Refresh";
+ try {
+ // Create secret
RestAssured.given()
- .delete("/azure-key-vault/secret/{secretName}/purge",
secretName)
+ .body(secretValue)
+ .post("/azure-key-vault/secret/{secretName}", secretName)
.then()
- .statusCode(200);
+ .statusCode(200)
+ .body(is(secretName));
- // Confirm deletion
+ // Retrieve secret
RestAssured.given()
.get("/azure-key-vault/secret/{secretName}", secretName)
.then()
- .statusCode(500);
+ .statusCode(200);
+
+ //force reload by sending a msg
+ try (EventHubProducerClient client = new EventHubClientBuilder()
+
.connectionString(System.getenv(AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING))
+ .buildProducerClient()) {
+
+ EventData eventData = new
EventData(generateRefreshEvent(secretName).getBytes());
+ List<EventData> finalEventData = new LinkedList<>();
+ finalEventData.add(eventData);
+ client.send(finalEventData);
+ } catch (Exception e) {
+ LOG.info("Failed to send a refresh message", e);
+ }
+
+ //await context reload
+ Awaitility.await().pollInterval(10, TimeUnit.SECONDS).atMost(1,
TimeUnit.MINUTES).untilAsserted(
+ () -> {
+ RestAssured.get("/azure-key-vault/context/reload")
+ .then()
+ .statusCode(200)
+ .body(CoreMatchers.is("true"));
+ });
+ } finally {
+
+ //move cursor of events to ignore old ones (old events are deleted
after 1 hour)
+ try {
+ String connectionString =
System.getenv(AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING);
+ String consumerGroup =
EventHubClientBuilder.DEFAULT_CONSUMER_GROUP_NAME;
+
+ try (EventHubConsumerAsyncClient consumer = new
EventHubClientBuilder()
+ .connectionString(connectionString)
+ .consumerGroup(consumerGroup)
+ .buildAsyncConsumerClient()) {
+
+ // Move consumer to the latest position, skipping old
messages
+ consumer.receiveFromPartition("0", EventPosition.latest())
+ .subscribe(event -> {
+ System.out.println("Processing new event: " +
event.toString());
+ }, error -> {
+ System.err.println("Error receiving events: "
+ error);
+ });
+ }
+ } catch (Exception e) {
+ LOG.info("Failed to clear event hub.", e);
+ }
+
+ deleteSecretImmediately(secretName);
}
}
+
+ private static void deleteSecretImmediately(String secretName) {
+ // Delete secret
+ RestAssured.given()
+ .delete("/azure-key-vault/secret/{secretName}", secretName)
+ .then()
+ .statusCode(200);
+
+ // Purge secret
+ RestAssured.given()
+ .delete("/azure-key-vault/secret/{secretName}/purge",
secretName)
+ .then()
+ .statusCode(200);
+
+ // Confirm deletion
+ RestAssured.given()
+ .get("/azure-key-vault/secret/{secretName}", secretName)
+ .then()
+ .statusCode(500);
+ }
}
diff --git
a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/ContextReloadTestProfile.java
b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/ContextReloadTestProfile.java
new file mode 100644
index 0000000000..fd835df130
--- /dev/null
+++
b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/ContextReloadTestProfile.java
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.azure.key.vault.it;
+
+import java.util.Map;
+
+import io.quarkus.test.junit.QuarkusTestProfile;
+
+public class ContextReloadTestProfile implements QuarkusTestProfile {
+ @Override
+ public Map<String, String> getConfigOverrides() {
+ //properties have to be set via profile to not be used by different
azure-* test in grouped module
+ return Map.of(
+ "camel.vault.azure.refreshEnabled", "true",
+ "camel.vault.azure.refreshPeriod", "1000",
+ "camel.vault.azure.secrets", "cq-secret-context-refresh.*",
+ "camel.vault.azure.eventhubConnectionString",
System.getenv("AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING"),
+ "camel.vault.azure.blobAccountName",
System.getenv("AZURE_STORAGE_ACCOUNT_NAME"),
+ "camel.vault.azure.blobContainerName",
System.getenv("AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME"),
+ "camel.vault.azure.blobAccessKey",
System.getenv("AZURE_STORAGE_ACCOUNT_KEY"),
+ "camel.main.context-reload-enabled", "true");
+ }
+}
diff --git a/integration-test-groups/azure/azure-resources.sh
b/integration-test-groups/azure/azure-resources.sh
index 0d4f763049..716c179be9 100755
--- a/integration-test-groups/azure/azure-resources.sh
+++ b/integration-test-groups/azure/azure-resources.sh
@@ -40,6 +40,9 @@ export SERVICEBUS_QUEUE=cq-servicebus-queue-${suffix}
export AZURE_VAULT_NAME="cq-key-vault"
+export AZURE_VAULT_REFRESH_EH_NAME=camel-quarkus-secret-refresh-hub-${suffix}
+export AZURE_VAULT_BLOB_CONTAINER_NAME=cq-keyvault-container-${suffix}
+
function createResources() {
set -e
set -x
@@ -91,6 +94,10 @@ function createResources() {
az role assignment create --role "Key Vault Administrator" --assignee
"${az ad signed-in-user show --query 'id' --output tsv}" --scope
"/subscriptions/$(az account show --query id --output
tsv)/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.KeyVault/vaults/${AZURE_VAULT_NAME}"
az role assignment create --role "Key Vault Administrator" --assignee
"${AZURE_CLIENT_ID}" --scope "/subscriptions/$(az account show --query id
--output
tsv)/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.KeyVault/vaults/${AZURE_VAULT_NAME}"
+ #key vault
+ az storage container create --account-name ${AZURE_STORAGE_ACCOUNT_NAME}
--name ${AZURE_VAULT_BLOB_CONTAINER_NAME} --auth-mode login
+ az eventhubs eventhub create --name ${AZURE_VAULT_REFRESH_EH_NAME}
--resource-group ${RESOURCE_GROUP} --namespace-name ${EH_NAMESPACE}
--cleanup-policy Delete --partition-count 1 --retention-time 1
+
set +x
echo "Add the following to your environment:"
echo 'export AZURE_STORAGE_ACCOUNT_NAME="'${AZURE_STORAGE_ACCOUNT_NAME}'"'
@@ -103,7 +110,8 @@ function createResources() {
echo 'export AZURE_CLIENT_SECRET="'${AZURE_CLIENT_SECRET}'"'
echo 'export AZURE_TENANT_ID="'${AZURE_TENANT_ID}'"'
echo 'export AZURE_VAULT_NAME="'${AZURE_VAULT_NAME}'"'
- echo
+ echo 'export
AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME="'${AZURE_VAULT_BLOB_CONTAINER_NAME}'"'
+ echo 'export
AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING="'$AZURE_EVENT_HUBS_CONNECTION_STRING';EntityPath='${AZURE_VAULT_REFRESH_EH_NAME}'"'
echo
echo "Optionally set the following to test alternate authentication
mechanisms:"
echo 'export AZURE_CLIENT_CERTIFICATE_PATH="'${AZURE_APP_CERT_PATH}'"'
@@ -120,6 +128,10 @@ function deleteResources() {
az group delete --name ${RESOURCE_GROUP} --yes
az ad app delete --id $(az ad app list --display-name ${AZURE_APP_NAME}
--query '[0].appId' -o tsv)
az keyvault delete --name "${AZURE_VAULT_NAME}"
+
+ #key vault
+ az storage container delete --account-name ${AZURE_STORAGE_ACCOUNT_NAME}
--name ${AZURE_VAULT_BLOB_CONTAINER_NAME} --auth-mode login
+ az eventhubs eventhub delete --name ${AZURE_VAULT_REFRESH_EH_NAME}
--resource-group ${RESOURCE_GROUP} --namespace-name ${EH_NAMESPACE}
}
case "$1" in
