Merge branch 'main' into feat/kafka-kerberos

Author: adwk67

tests/templates/kuttl/tls/30_test_client_auth_tls.sh

@@ -1,13 +1,11 @@
 #!/usr/bin/env bash
 # Usage: test_client_auth_tls.sh namespace
 
-NAMESPACE=$1
-
 # to be safe
 unset TOPIC
 unset BAD_TOPIC
 
-SERVER="test-kafka-broker-default-0.test-kafka-broker-default.${NAMESPACE}.svc.cluster.local:9093"
+echo "Connecting to boostrap address $KAFKA"
 
 echo "Start client auth TLS testing..."
 ############################################################################
@@ -20,15 +18,15 @@ BAD_TOPIC=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 20 ; echo '')
 # write client config
 echo $'security.protocol=SSL\nssl.keystore.location=/stackable/tls_keystore_server/keystore.p12\nssl.keystore.password=\nssl.truststore.location=/stackable/tls_keystore_server/truststore.p12\nssl.truststore.password=' > /tmp/client.config
 
-if /stackable/kafka/bin/kafka-topics.sh --create --topic "$TOPIC" --bootstrap-server "$SERVER" --command-config /tmp/client.config
+if /stackable/kafka/bin/kafka-topics.sh --create --topic "$TOPIC" --bootstrap-server "$KAFKA" --command-config /tmp/client.config
 then
   echo "[SUCCESS] Secure client topic created!"
 else
   echo "[ERROR] Secure client topic creation failed!"
   exit 1
 fi
 
-if /stackable/kafka/bin/kafka-topics.sh --list --topic "$TOPIC" --bootstrap-server "$SERVER" --command-config /tmp/client.config | grep "$TOPIC"
+if /stackable/kafka/bin/kafka-topics.sh --list --topic "$TOPIC" --bootstrap-server "$KAFKA" --command-config /tmp/client.config | grep "$TOPIC"
 then
   echo "[SUCCESS] Secure client topic read!"
 else
@@ -39,7 +37,7 @@ fi
 ############################################################################
 # Test the connection without certificates
 ############################################################################
-if /stackable/kafka/bin/kafka-topics.sh --create --topic "$BAD_TOPIC" --bootstrap-server "$SERVER" &> /dev/null
+if /stackable/kafka/bin/kafka-topics.sh --create --topic "$BAD_TOPIC" --bootstrap-server "$KAFKA" &> /dev/null
 then
   echo "[ERROR] Secure client topic created without certificates!"
   exit 1
@@ -62,7 +60,7 @@ fi
 # Test the connection with bad certificate
 ############################################################################
 echo $'security.protocol=SSL\nssl.keystore.location=/tmp/wrong_keystore.p12\nssl.keystore.password=changeit\nssl.truststore.location=/tmp/wrong_truststore.p12\nssl.truststore.password=changeit' > /tmp/client.config
-if /stackable/kafka/bin/kafka-topics.sh --create --topic "$BAD_TOPIC" --bootstrap-server "$SERVER" --command-config /tmp/client.config &> /dev/null
+if /stackable/kafka/bin/kafka-topics.sh --create --topic "$BAD_TOPIC" --bootstrap-server "$KAFKA" --command-config /tmp/client.config &> /dev/null
 then
   echo "[ERROR] Secure client topic created with wrong certificate!"
   exit 1

tests/templates/kuttl/tls/30_test_client_tls.sh

@@ -1,13 +1,11 @@
 #!/usr/bin/env bash
 # Usage: test_client_tls.sh namespace
 
-NAMESPACE=$1
-
 # to be safe
 unset TOPIC
 unset BAD_TOPIC
 
-SERVER="test-kafka-broker-default-0.test-kafka-broker-default.${NAMESPACE}.svc.cluster.local:9093"
+echo "Connecting to boostrap address $KAFKA"
 
 echo "Start client TLS testing..."
 ############################################################################
@@ -20,15 +18,15 @@ BAD_TOPIC=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 20 ; echo '')
 # write client config
 echo $'security.protocol=SSL\nssl.truststore.location=/stackable/tls_keystore_server/truststore.p12\nssl.truststore.password=' > /tmp/client.config
 
-if /stackable/kafka/bin/kafka-topics.sh --create --topic "$TOPIC" --bootstrap-server "$SERVER" --command-config /tmp/client.config
+if /stackable/kafka/bin/kafka-topics.sh --create --topic "$TOPIC" --bootstrap-server "$KAFKA" --command-config /tmp/client.config
 then
   echo "[SUCCESS] Secure client topic created!"
 else
   echo "[ERROR] Secure client topic creation failed!"
   exit 1
 fi
 
-if /stackable/kafka/bin/kafka-topics.sh --list --topic "$TOPIC" --bootstrap-server "$SERVER" --command-config /tmp/client.config | grep "$TOPIC"
+if /stackable/kafka/bin/kafka-topics.sh --list --topic "$TOPIC" --bootstrap-server "$KAFKA" --command-config /tmp/client.config | grep "$TOPIC"
 then
   echo "[SUCCESS] Secure client topic read!"
 else
@@ -39,7 +37,7 @@ fi
 ############################################################################
 # Test the connection without certificates
 ############################################################################
-if /stackable/kafka/bin/kafka-topics.sh --create --topic "$BAD_TOPIC" --bootstrap-server "$SERVER" &> /dev/null
+if /stackable/kafka/bin/kafka-topics.sh --create --topic "$BAD_TOPIC" --bootstrap-server "$KAFKA" &> /dev/null
 then
   echo "[ERROR] Secure client topic created without certificates!"
   exit 1

tests/templates/kuttl/tls/31_test-tls-job.yaml.j2

@@ -13,17 +13,19 @@ spec:
 {% if test_scenario['values']['use-client-auth-tls'] == 'true' %}
           command:
             - ./test_client_auth_tls.sh
-          args:
-            - ${NAMESPACE}
 {% elif test_scenario['values']['use-client-tls'] == 'true' %}
           command:
             - ./test_client_tls.sh
-          args:
-            - ${NAMESPACE}
 {% else %}
           command:
             - "true"
 {% endif %}
+          env:
+            - name: KAFKA
+              valueFrom:
+                configMapKeyRef:
+                  name: test-kafka
+                  key: KAFKA
           volumeMounts:
             - name: test-scripts
               mountPath: /stackable/test