Skip to content

Commit

Permalink
Add test coverage for Kafka with SSL
Browse files Browse the repository at this point in the history 
Fixes #2484
  • Loading branch information
@jamesnetherton
jamesnetherton committed Apr 22, 2021
1 parent 0e1f2e2 commit b0ad46a
Show file tree
Hide file tree
Showing 13 changed files with 581 additions and 0 deletions.
26 changes: 26 additions & 0 deletions integration-tests/kafka-ssl/README.adoc
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
== Camel Quarkus Kafka SSL integration tests

To regenerate the SSL key and trust stores, do the following:

[source,shell]
----
cd src/test/resources/config
rm -f *.p12
export SECRET=kafkas3cret
export JKS_FILE=kafka-keystore.jks
export JKS_TRUST_FILE=kafka-truststore.jks
export CERT_FILE=localhost.crt
export PKCS_FILE=kafka-keystore.p12
export PKCS_TRUST_FILE=kafka-truststore.p12
export PEM_FILE_CERT=kafka-cert.pem
export PEM_FILE_KEY=kafka-key.pem
keytool -genkey -alias kafka-test-store -keyalg RSA -keystore ${JKS_FILE} -keysize 2048 -validity 3650 -dname CN=localhost -keypass ${SECRET} -storepass ${SECRET}
keytool -export -alias kafka-test-store -file ${CERT_FILE} -keystore ${JKS_FILE} -keypass ${SECRET} -storepass ${SECRET}
keytool -importkeystore -srckeystore ${JKS_FILE} -srcstorepass ${SECRET} -destkeystore ${PKCS_FILE} -deststoretype PKCS12 -deststorepass ${SECRET}
keytool -keystore ${JKS_TRUST_FILE} -import -file ${CERT_FILE} -keypass ${SECRET} -storepass ${SECRET} -noprompt
keytool -importkeystore -srckeystore ${JKS_TRUST_FILE} -srcstorepass ${SECRET} -destkeystore ${PKCS_TRUST_FILE} -deststoretype PKCS12 -deststorepass ${SECRET}
rm -f *.crt *.jks
----
130 changes: 130 additions & 0 deletions integration-tests/kafka-ssl/pom.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-integration-tests</artifactId>
<version>1.9.0-SNAPSHOT</version>
</parent>

<artifactId>camel-quarkus-integration-test-kafka-ssl</artifactId>
<name>Camel Quarkus :: Integration Tests :: Kafka SSL</name>
<description>Integration tests for Camel Quarkus Kafka SSL</description>

<dependencies>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-kafka</artifactId>
</dependency>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-log</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-resteasy</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-resteasy-jsonb</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-jackson</artifactId>
</dependency>

<!-- test dependencies -->
<dependency>
<groupId>io.rest-assured</groupId>
<artifactId>rest-assured</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-integration-test-support</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>kafka</artifactId>
<scope>test</scope>
</dependency>

<!-- The following dependencies guarantee that this module is built after them. You can update them by running `mvn process-resources -Pformat -N` from the source tree root directory -->
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-kafka-deployment</artifactId>
<version>${project.version}</version>
<type>pom</type>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-log-deployment</artifactId>
<version>${project.version}</version>
<type>pom</type>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>

<profiles>
<profile>
<id>native</id>
<activation>
<property>
<name>native</name>
</property>
</activation>
<properties>
<quarkus.package.type>native</quarkus.package.type>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>integration-test</goal>
<goal>verify</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>

</project>
71 changes: 71 additions & 0 deletions ...on-tests/kafka-ssl/src/main/java/org/apache/camel/quarkus/kafka/ssl/KafkaSslResource.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.camel.quarkus.kafka.ssl;

import java.time.Duration;

import javax.enterprise.context.ApplicationScoped;
import javax.json.Json;
import javax.json.JsonObject;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;

import org.apache.kafka.clients.consumer.ConsumerRecord;
import org.apache.kafka.clients.consumer.KafkaConsumer;
import org.apache.kafka.clients.producer.Producer;
import org.apache.kafka.clients.producer.ProducerRecord;
import org.apache.kafka.clients.producer.RecordMetadata;

@Path("/test")
@ApplicationScoped
public class KafkaSslResource {

@Path("/kafka/{topicName}")
@POST
@Produces(MediaType.APPLICATION_JSON)
public JsonObject post(@PathParam("topicName") String topicName, String message) throws Exception {
try (Producer<Integer, String> producer = KafkaSupport.createProducer()) {
RecordMetadata meta = producer.send(new ProducerRecord<>(topicName, 1, message)).get();

return Json.createObjectBuilder()
.add("topicName", meta.topic())
.add("partition", meta.partition())
.add("offset", meta.offset())
.build();
}
}

@Path("/kafka/{topicName}")
@GET
@Produces(MediaType.APPLICATION_JSON)
public JsonObject get(@PathParam("topicName") String topicName) {
try (KafkaConsumer<Integer, String> consumer = KafkaSupport.createConsumer(topicName)) {
ConsumerRecord<Integer, String> record = consumer.poll(Duration.ofSeconds(60)).iterator().next();
return Json.createObjectBuilder()
.add("topicName", record.topic())
.add("partition", record.partition())
.add("offset", record.offset())
.add("key", record.key())
.add("body", record.value())
.build();
}
}
}
28 changes: 28 additions & 0 deletions ...tion-tests/kafka-ssl/src/main/java/org/apache/camel/quarkus/kafka/ssl/KafkaSslRoutes.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.camel.quarkus.kafka.ssl;

import org.apache.camel.builder.RouteBuilder;

public class KafkaSslRoutes extends RouteBuilder {
@Override
public void configure() throws Exception {
from("kafka:inbound")
.to("log:kafka")
.to("kafka:outbound");
}
}
87 changes: 87 additions & 0 deletions ...ration-tests/kafka-ssl/src/main/java/org/apache/camel/quarkus/kafka/ssl/KafkaSupport.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.camel.quarkus.kafka.ssl;

import java.util.Collections;
import java.util.Properties;

import org.apache.kafka.clients.CommonClientConfigs;
import org.apache.kafka.clients.consumer.ConsumerConfig;
import org.apache.kafka.clients.consumer.KafkaConsumer;
import org.apache.kafka.clients.producer.KafkaProducer;
import org.apache.kafka.clients.producer.Producer;
import org.apache.kafka.clients.producer.ProducerConfig;
import org.apache.kafka.common.config.SslConfigs;
import org.apache.kafka.common.serialization.IntegerDeserializer;
import org.apache.kafka.common.serialization.IntegerSerializer;
import org.apache.kafka.common.serialization.StringDeserializer;
import org.apache.kafka.common.serialization.StringSerializer;
import org.eclipse.microprofile.config.Config;
import org.eclipse.microprofile.config.ConfigProvider;

public final class KafkaSupport {

private KafkaSupport() {
}

public static KafkaConsumer<Integer, String> createConsumer(String topicName) {
Properties props = new Properties();
configureSSL(props);
props.put(ConsumerConfig.GROUP_ID_CONFIG, "test");
props.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, IntegerDeserializer.class.getName());
props.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class.getName());
props.put(ConsumerConfig.ENABLE_AUTO_COMMIT_CONFIG, "true");
props.put(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest");

KafkaConsumer<Integer, String> consumer = new KafkaConsumer<>(props);
consumer.subscribe(Collections.singletonList(topicName));

return consumer;
}

public static Producer<Integer, String> createProducer() {
Properties props = new Properties();
configureSSL(props);
props.put(ProducerConfig.CLIENT_ID_CONFIG, "test-consumer");
props.put(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, IntegerSerializer.class.getName());
props.put(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, StringSerializer.class.getName());
return new KafkaProducer<>(props);
}

private static void configureSSL(Properties props) {
setKafkaConfigFromCamelConfig(props, CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, "camel.component.kafka.brokers");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_KEY_PASSWORD_CONFIG, "camel.component.kafka.ssl-key-password");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG,
"camel.component.kafka.ssl-keystore-location");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG,
"camel.component.kafka.ssl-keystore-password");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_KEYSTORE_TYPE_CONFIG, "camel.component.kafka.ssl-keystore-type");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG,
"camel.component.kafka.ssl-truststore-location");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG,
"camel.component.kafka.ssl-truststore-password");
setKafkaConfigFromCamelConfig(props, SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG,
"camel.component.kafka.ssl-truststore-type");
setKafkaConfigFromCamelConfig(props, CommonClientConfigs.SECURITY_PROTOCOL_CONFIG,
"camel.component.kafka.security-protocol");
}

private static void setKafkaConfigFromCamelConfig(Properties props, String kafkaKey, String camelKey) {
Config config = ConfigProvider.getConfig();
props.put(kafkaKey, config.getValue(camelKey, String.class));
}
}
18 changes: 18 additions & 0 deletions integration-tests/kafka-ssl/src/main/resources/application.properties
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
## ---------------------------------------------------------------------------
## Licensed to the Apache Software Foundation (ASF) under one or more
## contributor license agreements. See the NOTICE file distributed with
## this work for additional information regarding copyright ownership.
## The ASF licenses this file to You under the Apache License, Version 2.0
## (the "License"); you may not use this file except in compliance with
## the License. You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
## ---------------------------------------------------------------------------

quarkus.ssl.native=true
23 changes: 23 additions & 0 deletions integration-tests/kafka-ssl/src/test/java/org/apache/camel/quarkus/kafka/ssl/KafkaSslIT.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.camel.quarkus.kafka.ssl;

import io.quarkus.test.junit.NativeImageTest;

@NativeImageTest
public class KafkaSslIT extends KafkaSslTest {
}

0 comments on commit b0ad46a

Please sign in to comment.