Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SSL to Kstreams and reactive Kafka #237

Merged
merged 1 commit into from
Jul 20, 2021
Merged

Add SSL to Kstreams and reactive Kafka #237

merged 1 commit into from
Jul 20, 2021

Conversation

pjgg
Copy link
Contributor

@pjgg pjgg commented Jun 21, 2021
edited
Loading

Depends on: #239

Module: 012-quarkus-kafka-streams

All current tests are running under a secured Kafka by SSL.
Kafka streams pipeline is configured by quarkus.kafka-streams.ssl prefix property, but reactive Kafka producer/consumer is configured by kafka prefix as you can see on SslStrimziKafkaTestResource

Tested locally on native mode.

@pjgg pjgg force-pushed the feat/ssl_kstreams branch 2 times, most recently from c6e2de5 to 21d16d9 Compare June 22, 2021 10:42
@pjgg pjgg changed the title [WIP] Add SSL to Kstreams and reactive Kafka Add SSL to Kstreams and reactive Kafka Jun 22, 2021
@pjgg pjgg changed the title Add SSL to Kstreams and reactive Kafka Add SSL to Kstreams and reactive Kafka Jun 22, 2021
@pjgg pjgg requested a review from Sgitario June 22, 2021 10:48
Sgitario
Sgitario suggested changes Jun 23, 2021
View reviewed changes
012-quarkus-kafka-streams/src/test/java/io/quarkus/qe/SslAlertMonitorIT.java Outdated Show resolved Hide resolved
012-quarkus-kafka-streams/src/test/java/io/quarkus/qe/CommonsTest.java Outdated Show resolved Hide resolved
012-quarkus-kafka-streams/src/test/java/io/quarkus/qe/resources/KafkaContainerHelper.java Outdated
import org.jboss.logging.Logger;
import org.testcontainers.containers.GenericContainer;

public class KafkaContainerHelper<SELF extends GenericContainer<SELF>> extends GenericContainer<SELF> {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is a helper, but an extension to the Strimzi Kafka container. A proper name could be BaseStrimziKafkaContainer.
Being said that, do we need this class? From my point of view, we don't need to check the compatible kafka versions and the doStart method could be done in the security implementations (it's just about to duplicate a single line).

Copy link
Contributor Author

@pjgg pjgg Jun 23, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have removed this class, because currently, we support up to Kafka 2.7.0. What we were doing was pickup the latest supported version by kafka test containers.

012-quarkus-kafka-streams/src/test/resources/application.properties

mp.messaging.incoming.slow.connector=smallrye-kafka
mp.messaging.incoming.slow.value.deserializer=org.apache.kafka.common.serialization.StringDeserializer

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we have these properties in 012?

Copy link
Contributor Author

@pjgg pjgg Jun 23, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needed by KafkaGratefulShutdownTest

012-quarkus-kafka-streams/src/test/resources/application.properties

mp.messaging.incoming.slow.connector=smallrye-kafka
mp.messaging.incoming.slow.value.deserializer=org.apache.kafka.common.serialization.StringDeserializer

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we have these properties in 012?

Copy link
Contributor Author

@pjgg pjgg Jun 23, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needed by KafkaGratefulShutdownTest

@pjgg pjgg requested a review from Sgitario June 23, 2021 15:39
@pjgg pjgg changed the title Add SSL to Kstreams and reactive Kafka [WIP] Add SSL to Kstreams and reactive Kafka Jun 24, 2021
@pjgg pjgg changed the title [WIP] Add SSL to Kstreams and reactive Kafka Add SSL to Kstreams and reactive Kafka Jun 25, 2021
@Sgitario Sgitario self-requested a review July 19, 2021 05:50
Sgitario
Sgitario suggested changes Jul 19, 2021
View reviewed changes
Copy link
Contributor

@Sgitario Sgitario left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It failed for me when running the NativeSslAlertMonitorIT test in Native:

mvn clean verify -Dnative -Dquarkus.native.container-build=true -Dquarkus.native.native-image-xmx=4g

Failed with:

[INFO] Running io.quarkus.qe.NativeSslAlertMonitorIT
Executing [/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/target/012-quarkus-kafka-streams-1.0.0-SNAPSHOT-runner, -Dquarkus.http.port=8081, -Dquarkus.http.ssl-port=8444, -Dtest.url=http://localhost:8081, -Dquarkus.log.file.path=/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/target/quarkus.log, -Dquarkus.log.file.enable=true, -Dquarkus.profile=test, -Dquarkus.kafka-streams.ssl.endpoint-identification-algorithm=, -Dkafka.ssl.truststore.password=top-secret, -Dkafka.bootstrap.servers=SSL://localhost:32772, -Dkafka.security.protocol=SSL, -Dkafka.ssl.truststore.type=PKCS12, -Dkafka.ssl.truststore.location=/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/src/main/resources/kafka-truststore.p12, -Dquarkus.kafka-streams.bootstrap-servers=SSL://localhost:32772]
__  ____  __  _____   ___  __ ____  ______ 
 --/ __ \/ / / / _ | / _ \/ //_/ / / / __/ 
 -/ /_/ / /_/ / __ |/ , _/ ,< / /_/ /\ \   
--\___\_\____/_/ |_/_/|_/_/|_|\____/___/   
2021-07-19 07:49:33,936 ERROR [io.qua.run.Application] (main) Failed to start application (with profile test): java.lang.ClassNotFoundException: java.lang.Integer
	at com.oracle.svm.core.hub.ClassForNameSupport.forName(ClassForNameSupport.java:64)
	at java.lang.Class.forName(DynamicHub.java:1308)
	at io.quarkus.arc.runtime.ConfigRecorder.load(ConfigRecorder.java:102)
	at io.quarkus.arc.runtime.ConfigRecorder.validateConfigProperties(ConfigRecorder.java:48)
	at io.quarkus.deployment.steps.ConfigBuildStep$validateConfigProperties1249763973.deploy_0(ConfigBuildStep$validateConfigProperties1249763973.zig:380)
	at io.quarkus.deployment.steps.ConfigBuildStep$validateConfigProperties1249763973.deploy(ConfigBuildStep$validateConfigProperties1249763973.zig:40)
	at io.quarkus.runner.ApplicationImpl.doStart(ApplicationImpl.zig:612)
	at io.quarkus.runtime.Application.start(Application.java:101)
	at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:101)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:66)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:42)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:119)
	at io.quarkus.runner.GeneratedMain.main(GeneratedMain.zig:29)

Trying to run the same test using 2.0.0.Final worked fine, so I guess this must be an issue happening since 2.1.0.CR1 and unreleased upstream version (999-SNAPSHOT). Can you confirm and report it if so?

@Sgitario
Copy link
Contributor

It failed for me when running the NativeSslAlertMonitorIT test in Native:

mvn clean verify -Dnative -Dquarkus.native.container-build=true -Dquarkus.native.native-image-xmx=4g

Failed with:

[INFO] Running io.quarkus.qe.NativeSslAlertMonitorIT
Executing [/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/target/012-quarkus-kafka-streams-1.0.0-SNAPSHOT-runner, -Dquarkus.http.port=8081, -Dquarkus.http.ssl-port=8444, -Dtest.url=http://localhost:8081, -Dquarkus.log.file.path=/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/target/quarkus.log, -Dquarkus.log.file.enable=true, -Dquarkus.profile=test, -Dquarkus.kafka-streams.ssl.endpoint-identification-algorithm=, -Dkafka.ssl.truststore.password=top-secret, -Dkafka.bootstrap.servers=SSL://localhost:32772, -Dkafka.security.protocol=SSL, -Dkafka.ssl.truststore.type=PKCS12, -Dkafka.ssl.truststore.location=/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/src/main/resources/kafka-truststore.p12, -Dquarkus.kafka-streams.bootstrap-servers=SSL://localhost:32772]
__  ____  __  _____   ___  __ ____  ______ 
 --/ __ \/ / / / _ | / _ \/ //_/ / / / __/ 
 -/ /_/ / /_/ / __ |/ , _/ ,< / /_/ /\ \   
--\___\_\____/_/ |_/_/|_/_/|_|\____/___/   
2021-07-19 07:49:33,936 ERROR [io.qua.run.Application] (main) Failed to start application (with profile test): java.lang.ClassNotFoundException: java.lang.Integer
	at com.oracle.svm.core.hub.ClassForNameSupport.forName(ClassForNameSupport.java:64)
	at java.lang.Class.forName(DynamicHub.java:1308)
	at io.quarkus.arc.runtime.ConfigRecorder.load(ConfigRecorder.java:102)
	at io.quarkus.arc.runtime.ConfigRecorder.validateConfigProperties(ConfigRecorder.java:48)
	at io.quarkus.deployment.steps.ConfigBuildStep$validateConfigProperties1249763973.deploy_0(ConfigBuildStep$validateConfigProperties1249763973.zig:380)
	at io.quarkus.deployment.steps.ConfigBuildStep$validateConfigProperties1249763973.deploy(ConfigBuildStep$validateConfigProperties1249763973.zig:40)
	at io.quarkus.runner.ApplicationImpl.doStart(ApplicationImpl.zig:612)
	at io.quarkus.runtime.Application.start(Application.java:101)
	at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:101)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:66)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:42)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:119)
	at io.quarkus.runner.GeneratedMain.main(GeneratedMain.zig:29)

Trying to run the same test using 2.0.0.Final worked fine, so I guess this must be an issue happening since 2.1.0.CR1 and unreleased upstream version (999-SNAPSHOT). Can you confirm and report it if so?

I've seen the same issue in another module, so I reported this issue myself: quarkusio/quarkus#18814

@Sgitario Sgitario self-requested a review July 20, 2021 05:31
@Sgitario
Copy link
Contributor

It failed for me when running the NativeSslAlertMonitorIT test in Native:

mvn clean verify -Dnative -Dquarkus.native.container-build=true -Dquarkus.native.native-image-xmx=4g

Failed with:

[INFO] Running io.quarkus.qe.NativeSslAlertMonitorIT
Executing [/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/target/012-quarkus-kafka-streams-1.0.0-SNAPSHOT-runner, -Dquarkus.http.port=8081, -Dquarkus.http.ssl-port=8444, -Dtest.url=http://localhost:8081, -Dquarkus.log.file.path=/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/target/quarkus.log, -Dquarkus.log.file.enable=true, -Dquarkus.profile=test, -Dquarkus.kafka-streams.ssl.endpoint-identification-algorithm=, -Dkafka.ssl.truststore.password=top-secret, -Dkafka.bootstrap.servers=SSL://localhost:32772, -Dkafka.security.protocol=SSL, -Dkafka.ssl.truststore.type=PKCS12, -Dkafka.ssl.truststore.location=/home/jcarvaja/sources/beefy-scenarios/012-quarkus-kafka-streams/src/main/resources/kafka-truststore.p12, -Dquarkus.kafka-streams.bootstrap-servers=SSL://localhost:32772]
__  ____  __  _____   ___  __ ____  ______ 
 --/ __ \/ / / / _ | / _ \/ //_/ / / / __/ 
 -/ /_/ / /_/ / __ |/ , _/ ,< / /_/ /\ \   
--\___\_\____/_/ |_/_/|_/_/|_|\____/___/   
2021-07-19 07:49:33,936 ERROR [io.qua.run.Application] (main) Failed to start application (with profile test): java.lang.ClassNotFoundException: java.lang.Integer
	at com.oracle.svm.core.hub.ClassForNameSupport.forName(ClassForNameSupport.java:64)
	at java.lang.Class.forName(DynamicHub.java:1308)
	at io.quarkus.arc.runtime.ConfigRecorder.load(ConfigRecorder.java:102)
	at io.quarkus.arc.runtime.ConfigRecorder.validateConfigProperties(ConfigRecorder.java:48)
	at io.quarkus.deployment.steps.ConfigBuildStep$validateConfigProperties1249763973.deploy_0(ConfigBuildStep$validateConfigProperties1249763973.zig:380)
	at io.quarkus.deployment.steps.ConfigBuildStep$validateConfigProperties1249763973.deploy(ConfigBuildStep$validateConfigProperties1249763973.zig:40)
	at io.quarkus.runner.ApplicationImpl.doStart(ApplicationImpl.zig:612)
	at io.quarkus.runtime.Application.start(Application.java:101)
	at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:101)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:66)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:42)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:119)
	at io.quarkus.runner.GeneratedMain.main(GeneratedMain.zig:29)

Trying to run the same test using 2.0.0.Final worked fine, so I guess this must be an issue happening since 2.1.0.CR1 and unreleased upstream version (999-SNAPSHOT). Can you confirm and report it if so?

I've seen the same issue in another module, so I reported this issue myself: quarkusio/quarkus#18814

The issue has been fixed and I've confirmed that this module is now working fine. Merging.

@Sgitario Sgitario merged commit 3e5b9e6 into quarkus-qe:main Jul 20, 2021
@Sgitario Sgitario mentioned this pull request Jul 21, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Sgitario Sgitario Awaiting requested review from Sgitario

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pjgg @Sgitario