Don't remove KAFKA_PROPERTIES_FILE; allow user to use mounted file (#502

) Touch files with properties, trust store and key store when not existing and not provided in BASE64 format, don't remove then. This enables mounting them into the container. --------- Co-authored-by: Bert Roos <Bert-R@users.noreply.github.com>
obsidiandynamics · Apr 7, 2023 · d563606 · d563606
1 parent 55799ed
commit d563606
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -256,6 +256,27 @@ docker run -d --rm -p 9000:9000 \
     -e KAFKA_KEYSTORE="$(cat kafka.keystore.jks | base64)" \       # optional
     obsidiandynamics/kafdrop
 ```
+
+Rather than passing `KAFKA_PROPERTIES` as a base64-encoded string, you can also place a pre-populated `KAFKA_PROPERTIES_FILE` into the container:
+
+```sh
+cat << EOF > kafka.properties
+security.protocol=SASL_SSL
+sasl.mechanism=SCRAM-SHA-512
+sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="foo" password="bar"
+EOF
+
+docker run -d --rm -p 9000:9000 \
+    -v $(pwd)/kafka.properties:/tmp/kafka.properties:ro \
+    -v $(pwd)/kafka.truststore.jks:/tmp/kafka.truststore.jks:ro \
+    -v $(pwd)/kafka.keystore.jks:/tmp/kafka.keystore.jks:ro \
+    -e KAFKA_BROKERCONNECT=<host:port,host:port> \
+    -e KAFKA_PROPERTIES_FILE=/tmp/kafka.properties \
+    -e KAFKA_TRUSTSTORE_FILE=/tmp/kafka.truststore.jks \   # optional
+    -e KAFKA_KEYSTORE_FILE=/tmp/kafka.keystore.jks \       # optional
+    obsidiandynamics/kafdrop
+```
+
 #### Environment Variables
 ##### Basic configuration
 |Name                   |Description

diff --git a/src/main/docker/kafdrop.sh b/src/main/docker/kafdrop.sh
@@ -39,24 +39,24 @@ KAFKA_PROPERTIES_FILE=${KAFKA_PROPERTIES_FILE:-kafka.properties}
 if [ "$KAFKA_PROPERTIES" != "" ]; then
   echo Writing Kafka properties into $KAFKA_PROPERTIES_FILE
   echo "$KAFKA_PROPERTIES" | base64 --decode --ignore-garbage > $KAFKA_PROPERTIES_FILE
-else
-  rm $KAFKA_PROPERTIES_FILE |& > /dev/null | true
+elif [ ! -f $KAFKA_PROPERTIES_FILE ]; then
+  touch $KAFKA_PROPERTIES_FILE
 fi
 
 KAFKA_TRUSTSTORE_FILE=${KAFKA_TRUSTSTORE_FILE:-kafka.truststore.jks}
 if [ "$KAFKA_TRUSTSTORE" != "" ]; then
   echo Writing Kafka truststore into $KAFKA_TRUSTSTORE_FILE
   echo "$KAFKA_TRUSTSTORE" | base64 --decode --ignore-garbage > $KAFKA_TRUSTSTORE_FILE
-else
-  rm $KAFKA_TRUSTSTORE_FILE |& > /dev/null | true
+elif [ ! -f $KAFKA_TRUSTSTORE_FILE ]; then
+  touch $KAFKA_TRUSTSTORE_FILE
 fi
 
 KAFKA_KEYSTORE_FILE=${KAFKA_KEYSTORE_FILE:-kafka.keystore.jks}
 if [ "$KAFKA_KEYSTORE" != "" ]; then
   echo Writing Kafka keystore into $KAFKA_KEYSTORE_FILE
   echo "$KAFKA_KEYSTORE" | base64 --decode --ignore-garbage > $KAFKA_KEYSTORE_FILE
-else
-  rm $KAFKA_KEYSTORE_FILE |& > /dev/null | true
+elif [ ! -f $KAFKA_KEYSTORE_FILE ]; then
+  touch $KAFKA_KEYSTORE_FILE
 fi
 
 ARGS="--add-opens=java.base/sun.nio.ch=ALL-UNNAMED -Xss256K \