Support referencing a Kubernetes Secret by key in environment variable configuration

[oscerd]

Component

OpenShift Maven Plugin

Is your enhancement related to a problem? Please describe

It's not possible as of today to do something like https://quarkus.io/guides/deploying-to-openshift#environment-variables-from-secret

Describe the solution you'd like

this means being able to do something like.

                <groupId>org.eclipse.jkube</groupId>
                <artifactId>openshift-maven-plugin</artifactId>
                <version>${camel.springboot.jkube.version}</version>
                <configuration>
                    <resources>
                        <env>
                            <AZURE_CLIENT_ID>{secret_name:secret_key}</AZURE_CLIENT_ID>
                            <AZURE_TENANT_ID>{secret_name:secret_key}</AZURE_TENANT_ID>
                            <AZURE_CLIENT_SECRET>{secret_name:secret_key}</AZURE_CLIENT_SECRET>
                        </env>
                    </resources>
                </configuration>

Describe alternatives you've considered

Setting env variables directly in the xml, but it's not a good security practice

Additional context

No response

[manusa]

Additional references:

• https://quarkus.io/guides/deploying-to-openshift#environment-variables-from-secret
• Kubernetes env vars generation changed unexpectedly quarkusio/quarkus#9629
  • Properly support defining env vars from secret/configmap keys quarkusio/quarkus#9758
• Kubernetes extension: Support env vars from secrets with a prefix quarkusio/quarkus#38604
  • Add support to prefix for envFrom quarkusio/quarkus#39782

[arman-yekkehkhani]

@manusa Hi, can I work on this?

[manusa]

@manusa Hi, can I work on this?

Hi @arman-yekkehkhani
We haven't yet defined the scope of the issue and how to implement it.
However, if you have any ideas or want to prototype something please go ahead.