Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: kafka sasl auth #1186

Merged
merged 21 commits into from
Apr 30, 2021
Merged

feat: kafka sasl auth #1186

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
1f18505
feat: add sasl config definition
joshuajorel Apr 22, 2021
543194d
feat: add sasl auth to kafka eventsource
joshuajorel Apr 22, 2021
71776e9
test: add sasl validation tests
joshuajorel Apr 22, 2021
244e31a
feat: add sasl auth to kafka sensor
joshuajorel Apr 22, 2021
9b8ad2f
test: added kafka trigger unit test
joshuajorel Apr 22, 2021
5566e10
chore: add autogenerated files
joshuajorel Apr 22, 2021
5201e2c
feat: add validation to sarama mechanism.
joshuajorel Apr 23, 2021
9210e92
fix: made sasl mechanism as an optional argument
joshuajorel Apr 23, 2021
0e377b9
fix: reverted field ordering.
joshuajorel Apr 23, 2021
c02fc33
fix: removed if statement. modified error message. fixed userset and …
joshuajorel Apr 23, 2021
0969441
chore: rebase from master.
joshuajorel Apr 23, 2021
f83f84d
test: fixed test case for password and user in sasl config.
joshuajorel Apr 23, 2021
17cbfc4
chore: update codegen.
joshuajorel Apr 23, 2021
571569e
chore: merged master
joshuajorel Apr 29, 2021
b072a95
fix: reverted byte ordering for protobuf
joshuajorel Apr 29, 2021
f08d09f
refactor: added GetMechanism function for SASLConfig
joshuajorel Apr 29, 2021
4bee62d
refactor: reduced lines for validating SASLConfig
joshuajorel Apr 29, 2021
ec5b99e
refactor: used GetMechanism function for setting SASL mechanism.
joshuajorel Apr 29, 2021
a3d7e3c
build: updated codegen
joshuajorel Apr 29, 2021
1c3a84c
refactor: GetMechanism() returns string
joshuajorel Apr 30, 2021
9e364a4
refactor: removed repeat reference to PLAIN
joshuajorel Apr 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions api/event-source.html
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions api/event-source.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

26 changes: 26 additions & 0 deletions api/openapi-spec/swagger.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions api/sensor.html
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions api/sensor.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

19 changes: 19 additions & 0 deletions eventsources/sources/kafka/start.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,25 @@ func getSaramaConfig(kafkaEventSource *v1alpha1.KafkaEventSource, log *zap.Sugar
config.Version = version
}

if kafkaEventSource.SASL != nil {
config.Net.SASL.Enable = true
config.Net.SASL.Mechanism = sarama.SASLMechanism(kafkaEventSource.SASL.Mechanism)

user, err := common.GetSecretFromVolume(kafkaEventSource.SASL.User)
if err != nil {
log.Errorf("Error getting user value from secret: %v", err)
return nil, err
}
config.Net.SASL.User = user

password, err := common.GetSecretFromVolume(kafkaEventSource.SASL.Password)
if err != nil {
log.Errorf("Error getting password value from secret: %v", err)
return nil, err
}
config.Net.SASL.Password = password
}

if kafkaEventSource.TLS != nil {
tlsConfig, err := common.GetTLSConfig(kafkaEventSource.TLS)
if err != nil {
Expand Down
3 changes: 3 additions & 0 deletions eventsources/sources/kafka/validate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,5 +46,8 @@ func validate(eventSource *v1alpha1.KafkaEventSource) error {
if eventSource.TLS != nil {
return apicommon.ValidateTLSConfig(eventSource.TLS)
}
if eventSource.SASL != nil {
return apicommon.ValidateSASLConfig(eventSource.SASL)
}
return nil
}
15 changes: 15 additions & 0 deletions pkg/apis/common/common.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,21 @@ type TLSConfig struct {
DeprecatedClientKeyPath string `json:"clientKeyPath,omitempty" protobuf:"bytes,6,opt,name=clientKeyPath"`
}

// SASLConfig refers to SASL configuration for a client
type SASLConfig struct {
// SASLMechanism is the name of the enabled SASL mechanism.
// Possible values: OAUTHBEARER, PLAIN (defaults to PLAIN).
Mechanism string `json:"mechanism,omitempty" protobuf:"bytes,1,opt,name=mechanism"`
// Version is the SASL Protocol Version to use
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comments do not match the fields...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed comments.

// Kafka > 1.x should use V1, except on Azure EventHub which use V0
// User is the authentication identity (authcid) to present for
// SASL/PLAIN or SASL/SCRAM authentication
User *corev1.SecretKeySelector `json:"user,omitempty" protobuf:"bytes,2,opt,name=user"`
// Password for SASL/PLAIN authentication
Password *corev1.SecretKeySelector `json:"password,omitempty" protobuf:"bytes,3,opt,name=password"`
// authz id used for SASL/SCRAM authentication
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where is authz id?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove authz id. It wasn't supposed to be in there. Comments were lifted from the sarama library.

}

// Backoff for an operation
type Backoff struct {
// The initial duration in nanoseconds or strings like "1s", "3m"
Expand Down
26 changes: 26 additions & 0 deletions pkg/apis/common/deepcopy_generated.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading