Extensible Kafka Auth Config

[stvnksslr]

Current kafka sink does not support authentication which makes it difficult to adopt or use in many situations. This PR allows the kafka sink to behave as it is but to have an auth block added to easily cater to most if not all the supported authentications schemas of the python kafka package.

Tested With

• Apache kafka
• AWS MSK

Not Tested

• Confluent kafka

  sinksConfig:
  - kafka_sink:
      name: kafka_sink
      kafka_url: "localhost:9096"
      topic: "robusta-playbooks"
      auth:
          sasl_mechanism: SCRAM-SHA-512
          security_protocol: SASL_SSL
          sasl_plain_username: robusta
          sasl_plain_password: password

additionally updated skaffold configs to the latest version, i can easily roll this back if its not wanted or needed.

[CLAassistant]

All committers have signed the CLA.

[stvnksslr]

Found an issue with my implementation where you couldnt use the {{ .env.SOME_SECRET }} env substitution because the dict wasnt being checked. I have two solutions here, the one ive included in the latest commit extends replace_env_vars_values to be able to recursively search any dictionaries too.

elif isinstance(value, dict):
    env_var_value = replace_env_vars_values(value)
    if env_var_value:
        values[key] = env_var_value

but this change in the root validator might be more encompassing than the maintainers want, Option B would be to extend just the kafka_sink_params to do a recursive search.

     Possible Option B.
     @validator("auth", pre=True, always=True)
     def auth_env_values_validation(cls, value: Dict):
         updated = replace_env_vars_values(value)
         return updated

@LeaveMyYard let me know what you think when you have time.

[LeaveMyYard]

I think the first solution could be usefull for such cases in a future, so we can keep it