From cd1d1729e9ed69f36dd515309304789da296f4c3 Mon Sep 17 00:00:00 2001 From: bgehrels Date: Tue, 10 Jul 2018 10:32:40 +0200 Subject: [PATCH 1/2] Documented how to run the library in a k8s environment. Also streamlined the text a bit, since it has become quite long and a bit unstructured already --- README.md | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 4e380d11..8d648d48 100644 --- a/README.md +++ b/README.md @@ -98,16 +98,13 @@ The configuration in the next section is then not needed at all. #### Letting this library set things up -If you want Nakadi-Producer-Spring-Boot-Starter to configure the connection to Nakadi, you'll need to set some properties -(and/or create beans). - You must tell the library, where it can reach your Nakadi instance: ```yaml nakadi-producer: nakadi-base-uri: https://nakadi.example.org ``` -Since the communication between your application and Nakadi is secured using OAuth2, you must also provide a OAuth2 +Since the communication between your application and Nakadi is secured using OAuth2, you must also provide an OAuth2 token. The easiest way to do so is to include the [Zalando Tokens library](https://github.com/zalando/tokens) into your classpath: ```xml @@ -124,6 +121,20 @@ nakadi-producer: access-token-uri: https://token.auth.example.org/oauth2/access_token ``` +If your application is running in Zalandos Kubernetes environment, you also have to configure the credential rotation: +```yaml +apiVersion: "zalando.org/v1" +kind: PlatformCredentialsSet +metadata: + name: {{{APPLICATION}}}-credentials +spec: + application: {{{KIO_NAME}}} + token_version: v2 + tokens: + nakadi: + privileges: [] +``` + Since [July 2017](https://github.com/zalando/nakadi/pull/692), Nakadi (at least in the version operated at Zalando) doesn't require any scopes other than the pseudo-scope `uid` for writing events, [the authorization is instead based on event-type configuration using the service's uid](https://nakadi.io/manual.html#using_authorization). If your Nakadi installation needs real scopes for submitting events, you can provide them via configuration, too (as a comma-separated list): From 97375036c30091eb5b237d12c715310f7fb23dc8 Mon Sep 17 00:00:00 2001 From: bgehrels Date: Wed, 11 Jul 2018 17:33:22 +0200 Subject: [PATCH 2/2] Use an apostroph in "Zalando[']s" --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8d648d48..879839c2 100644 --- a/README.md +++ b/README.md @@ -121,7 +121,7 @@ nakadi-producer: access-token-uri: https://token.auth.example.org/oauth2/access_token ``` -If your application is running in Zalandos Kubernetes environment, you also have to configure the credential rotation: +If your application is running in Zalando's Kubernetes environment, you also have to configure the credential rotation: ```yaml apiVersion: "zalando.org/v1" kind: PlatformCredentialsSet