Fix SASL and TLS issues reported in #56 and #84 #86
Conversation
|
Kudos, SonarCloud Quality Gate passed!
|
|
What is image version here ? |
|
@kusumkappdirect git clone git@github.com:mostafa/xk6-kafka.git && cd xk6-kafka
git checkout fix-sasl-and-tls-config
xk6 build --with github.com/mostafa/xk6-kafka@latest=. |
|
Is this the correct way to install FROM golang:1.18-alpine as builder
RUN apk add git
RUN apk add openssh-client
RUN mkdir /app
WORKDIR /app
RUN go install go.k6.io/xk6/cmd/xk6@latest
RUN git clone git@github.com:mostafa/xk6-kafka.git && cd xk6-kafka
RUN git checkout fix-sasl-and-tls-config
RUN xk6 build --with github.com/mostafa/xk6-kafka@latest=.I am getting error ssh: Could not resolve hostname github.com: Name does not resolve |
|
I have to run these git command in dockerfile |
|
@kusumkappdirect This means that your |
Hi, I cloned the repo and did some tests on the fix-sasl-and-tls-config branch and worked perfectly 🥳 Now I’m validating other scenarios that I have here, but with a simple scenario using the SASL_SSL and TLS configuration worked without problems (same scenario that didn’t work versions later than v0.8) ✅ Thanks for the speed and precision in dealing with this problem 🤝✨ |
|
@anjosanap I'm really glad to hear that, and thank you for the feedback! 🙏 |
|
I am not getting "No TLS config provided. ,cannot create a kafka writer with a nil address this error now , but i am getting level=error msg="Unable to unmarshal credentials, OriginalError: %!w(*json.SyntaxError=&{invalid character 'o' looking for beginning of value 2})" error="Unable to unmarshal credentials, OriginalError: %!w(*json.SyntaxError=&{invalid character 'o' looking for beginning of value 2})" const username = [__ENV.KAFKA_USERNAME];
const password = [__ENV.KAFKA_PASSWORD];
console.log("Username"+username);
console.log("Password"+password);
const saslConfig = {
"username": username,
"password": password,
"algorithm": "sasl_ssl"
};
const tlsConfig = {
"enableTLS": true,
"insecureSkipTLSVerify": true,
"minVersion": "TLSv1.2"
};
const [producer,_writerError] = writer( bootstrapServers, topic, saslConfig, tlsConfig); |
|
@kusumkappdirect Are you building and running the code on the latest |
|
I am using xk6-kafka with @latest tag ..i hope that fetch the latest ? |
|
@kusumkappdirect That fetches the latest tagged version, which is v0.10.0. Hence the |
|
Released in v0.11.0. |
In this PR, I tried to fix the issue reported in the following issues.
The PR includes changes, fixes, and features as follows:
While refactoring the extension on several occasions over the past few months, I tried to improve the extension. Still, I somehow broke SASL and TLS configuration for the unauthenticated client (dialer) with the default TLS configuration (and introduced a regression). As I mentioned in xk6-kafka supports SASL_SSL authentication to confluent cloud? #56 (comment) and xk6-kafka supports SASL_SSL authentication to confluent cloud? #56 (comment), the problem manifested itself while a default TLS configuration was needed, but the extension was looking for certificate and keys to be passed explicitly. This is now fixed.
I also introduced a new option to the
producefunction to allow automatic topic creation on the first message.I also experimented with passing struct fields directly from JS to Go based on the
jsonfield in the Go struct, and it was successful 🎉, which means that I'll refactor the rest of the API to accept JSON, instead of stringified JSON. This was an effort started by @iamelevich in Update APIs to accept JSON object instead of stringified JSON object #20, but I intervened and made the PR a mess. 🤦 So, to make amends, I'll refactor all the APIs to receive JSON to make things easier, both for developers and users/testers.Changes can be seen here and are reflected in the
test_sasl_auth.jsscript. Eventually, all of them will be exported at the module level: Export all constants to JS #70.An example is available here.
Almost all the scripts contained a bug that prevented the correct message to be printed after the topic is deleted, which is now fixed.
Since the API is changing rapidly, I introduced the
index.d.tsfile and the mechanism to generate JS API docs in thedocsdirectory in Add API docs with typedoc #87.I tried Confluent Cloud with SASL Plain and TLS v1.2 and it worked perfectly and SASL Plain (with no TLS) with kafka-docker-playgrounds's sasl-plain environment.
@fdahunsibread @thanapat-sk @anjosanap @Momotoculteur @kusumkappdirect
Please test this PR, so I can make sure it works for you as well. I'd be happy to have your review as well if you're into Go.