From 4296b5beb6cb7e072f63a91b1b70f352e80f3ad9 Mon Sep 17 00:00:00 2001 From: Luca Burgazzoli Date: Thu, 28 Sep 2023 21:36:02 +0200 Subject: [PATCH] Additional listeners should inherit the configured authentication method (#7594) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: EddĂș MelĂ©ndez Gonzales --- .../redpanda/RedpandaContainer.java | 1 + .../testcontainers/redpanda.yaml.ftl | 1 + .../redpanda/RedpandaContainerTest.java | 79 +++++++++++++++++++ 3 files changed, 81 insertions(+) diff --git a/modules/redpanda/src/main/java/org/testcontainers/redpanda/RedpandaContainer.java b/modules/redpanda/src/main/java/org/testcontainers/redpanda/RedpandaContainer.java index bc18d01fbda..f2cba1a1ba1 100644 --- a/modules/redpanda/src/main/java/org/testcontainers/redpanda/RedpandaContainer.java +++ b/modules/redpanda/src/main/java/org/testcontainers/redpanda/RedpandaContainer.java @@ -232,6 +232,7 @@ private Transferable getRedpandaFile(Configuration cfg) { Map listenerMap = new HashMap<>(); listenerMap.put("address", listener.getAddress()); listenerMap.put("port", listener.getPort()); + listenerMap.put("authentication_method", this.authenticationMethod); return listenerMap; }) .collect(Collectors.toList()); diff --git a/modules/redpanda/src/main/resources/testcontainers/redpanda.yaml.ftl b/modules/redpanda/src/main/resources/testcontainers/redpanda.yaml.ftl index 6e0c124eb5c..457a3738652 100644 --- a/modules/redpanda/src/main/resources/testcontainers/redpanda.yaml.ftl +++ b/modules/redpanda/src/main/resources/testcontainers/redpanda.yaml.ftl @@ -25,6 +25,7 @@ redpanda: - address: 0.0.0.0 name: ${listener.address} port: ${listener.port} + authentication_method: ${listener.authentication_method} advertised_kafka_api: diff --git a/modules/redpanda/src/test/java/org/testcontainers/redpanda/RedpandaContainerTest.java b/modules/redpanda/src/test/java/org/testcontainers/redpanda/RedpandaContainerTest.java index d0f13d0952a..d6555236003 100644 --- a/modules/redpanda/src/test/java/org/testcontainers/redpanda/RedpandaContainerTest.java +++ b/modules/redpanda/src/test/java/org/testcontainers/redpanda/RedpandaContainerTest.java @@ -31,6 +31,7 @@ import java.time.Duration; import java.util.Collection; import java.util.Collections; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.UUID; @@ -138,6 +139,84 @@ public void testUsageWithListener() throws Exception { } } + @Test + public void testUsageWithListenerAndSasl() throws Exception { + final String username = "panda"; + final String password = "pandapass"; + final String algorithm = "SCRAM-SHA-256"; + + try ( + Network network = Network.newNetwork(); + RedpandaContainer redpanda = new RedpandaContainer("docker.redpanda.com/redpandadata/redpanda:v23.1.7") + .enableAuthorization() + .enableSasl() + .withSuperuser("panda") + .withListener(() -> "my-panda:29092") + .withNetwork(network); + GenericContainer kcat = new GenericContainer<>("confluentinc/cp-kcat:7.4.1") + .withCreateContainerCmdModifier(cmd -> { + cmd.withEntrypoint("sh"); + }) + .withCopyToContainer(Transferable.of("Message produced by kcat"), "/data/msgs.txt") + .withNetwork(network) + .withCommand("-c", "tail -f /dev/null") + ) { + redpanda.start(); + + String adminUrl = String.format("%s/v1/security/users", redpanda.getAdminAddress()); + Map params = new HashMap<>(); + params.put("username", username); + params.put("password", password); + params.put("algorithm", algorithm); + + RestAssured.given().contentType("application/json").body(params).post(adminUrl).then().statusCode(200); + + kcat.start(); + + kcat.execInContainer( + "kcat", + "-b", + "my-panda:29092", + "-X", + "security.protocol=SASL_PLAINTEXT", + "-X", + "sasl.mechanisms=" + algorithm, + "-X", + "sasl.username=" + username, + "-X", + "sasl.password=" + password, + "-t", + "msgs", + "-P", + "-l", + "/data/msgs.txt" + ); + + String stdout = kcat + .execInContainer( + "kcat", + "-b", + "my-panda:29092", + "-X", + "security.protocol=SASL_PLAINTEXT", + "-X", + "sasl.mechanisms=" + algorithm, + "-X", + "sasl.username=" + username, + "-X", + "sasl.password=" + password, + "-C", + "-t", + "msgs", + "-c", + "1" + ) + .getStdout(); + + assertThat(stdout).contains("Message produced by kcat"); + } + } + @SneakyThrows @Test public void enableSaslWithSuccessfulTopicCreation() {