Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add config for enabling topic access validator #3079

Merged
merged 1 commit into from
Jul 23, 2019
Merged

feat: add config for enabling topic access validator #3079

merged 1 commit into from
Jul 23, 2019

Conversation

rodesai
Copy link
Contributor

@rodesai rodesai commented Jul 13, 2019

Adds a config called ksql.access.validator.enable for enabling the
topic access validator. The possible values for this config are "on",
"off", and "auto". "on" is used to enable the validator, "off"
is used to disable it, and "auto" can be set to have ksql query kafka
properties to auto-discover whether or not the validator can be used (
this is the behaviour before this patch, and is the current default
value for this setting). This config is useful for enabling the validator
when using ksql against multi-tenant kafka, where ksql will not have
access to the broker's configs.

This patch also switches the topic validator factory test to use mockito
for mocking, instead of easymock.

@rodesai rodesai requested a review from a team as a code owner July 13, 2019 22:14
vcrfxia
vcrfxia approved these changes Jul 15, 2019
View reviewed changes
Copy link
Contributor

@vcrfxia vcrfxia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM -- thanks @rodesai !

ksql-common/src/main/java/io/confluent/ksql/util/KsqlConfig.java Outdated
KSQL_ACCESS_VALIDATOR_AUTO
),
ConfigDef.Importance.LOW,
""
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add a doc for this?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree on the doc +1

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I want this to be an internal config for now. I thought that the way you do that was with an empty docstring, but you actually have to call defineInternal. But then you can't specify a validator. I'm going to choose to not define this as an internal config, so I'll add a doc string. This only matters once we start using auto-doc-generation. And even then, there isn't really any harm in exposing the config, other than adding noise.

@vcrfxia vcrfxia requested a review from a team July 15, 2019 18:35
spena
spena approved these changes Jul 15, 2019
View reviewed changes
Copy link
Member

@spena spena left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The patch looks good. Just the minor two comments I left.

ksql-engine/src/main/java/io/confluent/ksql/engine/TopicAccessValidatorFactory.java
) {
final String enabled = ksqlConfig.getString(KsqlConfig.KSQL_ENABLE_TOPIC_ACCESS_VALIDATOR);
if (enabled.equals(KsqlConfig.KSQL_ACCESS_VALIDATOR_ON)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optional:
Is case-sensitive a requirement in all KSQL configurations? Should we allow the use of any case?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only other similar config (ksql.named.internal.topics) is case-sensitive. I don't feel particularly strongly one way or another.

ksql-common/src/main/java/io/confluent/ksql/util/KsqlConfig.java Outdated
KSQL_ACCESS_VALIDATOR_AUTO
),
ConfigDef.Importance.LOW,
""
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree on the doc +1

@rodesai
feat: add config for enabling topic access validator
31d29c1 
Adds a config called ksql.access.validator.enable for enabling the
topic access validator. The possible values for this config are "on",
"off", and "auto". "on" is used to enable the validator, "off"
is used to disable it, and "auto" can be set to have ksql query kafka
properties to auto-discover whether or not the validator can be used (
this is the behaviour before this patch, and is the current default
value for this setting). This config is useful for enabling the validator
when using ksql against multi-tenant kafka, where ksql will not have
access to the broker's configs.

This patch also switches the topic validator factory test to use mockito
for mocking, instead of easymock.
@rodesai rodesai force-pushed the add-topic-access-validator-config branch from a71f587 to 31d29c1 Compare July 23, 2019 05:32
@rodesai rodesai merged commit 440e247 into confluentinc:5.3.x Jul 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spena spena spena approved these changes

@vcrfxia vcrfxia vcrfxia approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rodesai @spena @vcrfxia