[WIP] Feature/4714 add user and passwd in kafka notifications

[orianar]

Issue #4714

[orianar]

This manual validation verified that Orion can publish notifications to a secure Kafka broker using SASL_SSL with SCRAM-SHA-256

The flow included broker TLS setup, SCRAM user creation, validation with kcat, installation of the test CA in the system trust store, and end-to-end verification from Orion to Kafka.

Important extra step

sudo cp /home/user/certs/kafkaSsl/ca.crt /usr/local/share/ca-certificates/orion-test-ca.crt
sudo update-ca-certificates

This was required so Orion could trust the broker certificate during the TLS handshake.

I’m attaching the detailed markdown document (test_scram_tls_kafka_orion_en.md) with the full validation steps for reference.

Would it make sense to add a dedicated test for this scenario, or would it be better to track it in a separate issue?

test_scram_tls_kafka_orion_en.md

CC: @fgalan

[fgalan]

Would it make sense to add a dedicated test for this scenario, or would it be better to track it in a separate issue?

Maybe it's better in a separate test, to simplify.

In the past, we did some tests related with HTTPS that maybe have some similarities. You could have a look to httpsPrepare.sh and .test files using it.