Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SASL_SCRAM authentication mechanism on kafka exporter #2322

Closed
wants to merge 1 commit into from
Closed

Add SASL_SCRAM authentication mechanism on kafka exporter #2322

wants to merge 1 commit into from

Conversation

altieresfreitas
Copy link
Contributor

@altieresfreitas altieresfreitas commented Dec 29, 2020
edited
Loading

Description:
This PR adds SASL/SCRAM authentication to kafka exporter and receiver.

Link to tracking Issue:
Resolves #2252

Documentation:
Added to readme

@altieresfreitas altieresfreitas requested a review from a team December 29, 2020 02:41
@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Dec 29, 2020
edited
Loading

CLA Signed

The committers are authorized under a signed CLA.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 5, 2021

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Jan 5, 2021
@tigrannajaryan
Copy link
Member

@jpkrohling can you review this please?

@jpkrohling
Copy link
Member

Sorry, was on a long break. Will review this one soon.

jpkrohling
jpkrohling reviewed Jan 11, 2021
View reviewed changes
Copy link
Member

@jpkrohling jpkrohling left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is missing quite a few tests, but looks like it's a good start.

exporter/kafkaexporter/authentication.go Outdated Show resolved Hide resolved
exporter/kafkaexporter/scram_client.go Outdated Show resolved Hide resolved
exporter/kafkaexporter/scram_client.go Outdated Show resolved Hide resolved
exporter/kafkaexporter/scram_client.go Outdated Show resolved Hide resolved
@github-actions github-actions bot removed the Stale label Jan 12, 2021
@altieresfreitas
Copy link
Contributor Author

This is missing quite a few tests, but looks like it's a good start.
Thanks for your comments @jpkrohling, I'll write the tests this week.

jpkrohling
jpkrohling reviewed Jan 12, 2021
View reviewed changes
exporter/kafkaexporter/authentication.go Outdated Show resolved Hide resolved
exporter/kafkaexporter/authentication.go Outdated Show resolved Hide resolved
exporter/kafkaexporter/scram_client.go Show resolved Hide resolved
@jpkrohling jpkrohling mentioned this pull request Jan 12, 2021
Closed
jpkrohling
jpkrohling reviewed Jan 19, 2021
View reviewed changes
Copy link
Member

@jpkrohling jpkrohling left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is still missing a test and the build seems to be failing, but other than that, looks sane.

@altieresfreitas
Copy link
Contributor Author

altieresfreitas commented Jan 25, 2021
edited
Loading

Hi @jpkrohling, sorry about the delay.

I've written some unit tests and changed the Authentication type from SCRAM to SASL.
In my point of view, to use sasl.mechanism = "SCRAM-SHA-256| SCRAM-SHA-512|PLAIN" is more clear and compliant with what is described by SASL Mechanisms and very similar with kafka and this PR merged on jaeger project.

Maybe PlainText could be deprecated in favor of sasl.mechanism = "PLAIN".

@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Jan 25, 2021
edited
Loading

CLA Signed

The committers are authorized under a signed CLA.

jpkrohling
jpkrohling reviewed Jan 26, 2021
View reviewed changes
Copy link
Member

@jpkrohling jpkrohling left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good then, it's only missing the PLAIN in one place.

exporter/kafkaexporter/README.md Outdated Show resolved Hide resolved
exporter/kafkaexporter/authentication_test.go Outdated Show resolved Hide resolved
@altieresfreitas altieresfreitas force-pushed the kafka_sasl_scram branch 2 times, most recently from 32bbbde to 4f8d110 Compare January 26, 2021 15:30
jpkrohling
jpkrohling approved these changes Jan 26, 2021
View reviewed changes
Copy link
Member

@jpkrohling jpkrohling left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't tried this PR myself as it's not that easy for me to get a properly configured Kafka instance, but once @4lt1 confirms that it was manually tested, this is ready to be merged.

@altieresfreitas
Copy link
Contributor Author

I haven't tried this PR myself as it's not that easy for me to get a properly configured Kafka instance, but once @4lt1 confirms that it was manually tested, this is ready to be merged.

@jpkrohling, It was manually tested.

Base automatically changed from master to main January 28, 2021 18:06
@github-actions
Copy link
Contributor

github-actions bot commented Feb 5, 2021

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Feb 5, 2021
@jpkrohling
Copy link
Member

@open-telemetry/collector-maintainers, would one of you please review/merge this one?

@github-actions github-actions bot removed the Stale label Feb 6, 2021
@github-actions
Copy link
Contributor

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Feb 13, 2021
@jpkrohling
Copy link
Member

jpkrohling commented Feb 15, 2021
edited
Loading

@open-telemetry/collector-maintainers, would one of you please review/merge this one? I think it's only fair if you could also fix the go.mod conflict...

bogdandrutu
bogdandrutu reviewed Feb 15, 2021
View reviewed changes
go.mod
@@ -48,6 +48,7 @@ require (
github.com/stretchr/testify v1.7.0
github.com/tinylib/msgp v1.1.5
github.com/uber/jaeger-lib v2.4.0+incompatible
github.com/xdg-go/scram v0.0.0-20180814205039-7eeb5667e42c
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How ok are we to depend on a very old, not actively maintained package?

Does not even have go[mod/sum].

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Honestly? It doesn't worry me that much, as the code is fairly simple and based on a couple of RFCs. Once the standard is implemented, there's not much else to do. I do have thought about the responsiveness of the author in that repository (see the issue opened by @yurishkuro) but I don't see a reason for implementing this ourselves at this moment.

@github-actions github-actions bot removed the Stale label Feb 16, 2021
@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Feb 17, 2021
edited
Loading

CLA Signed

The committers are authorized under a signed CLA.

@altieresfreitas
Add SASL_SCRAM authentication mechanism on kafka exporter
ffc1192 
Fix godoc comment to better explain struct proposal

Co-authored-by: Juraci Paixão Kröhling <[email protected]>

Fix return error message format

Co-authored-by: Juraci Paixão Kröhling <[email protected]>

Add Unit tests
Change Authentication config to SASL
Use SASL mechanisms as described in RFC https://tools.ietf.org/html/rfc4422#section-3.1

Add PLAIN mechanism on README documentation

Fix Typo on test comment

Co-authored-by: Juraci Paixão Kröhling <[email protected]>

Add comments on SASLConfig describing expected values
@bogdandrutu
Copy link
Member

@4lt1 do you mind creating a new PR (just clone the branch and open a new PR) to make circleCI trigger to run the tests? Thank you, and sorry for this

@altieresfreitas
Copy link
Contributor Author

@4lt1 do you mind creating a new PR (just clone the branch and open a new PR) to make circleCI trigger to run the tests? Thank you, and sorry for this

No problem at all @bogdandrutu, the new PR is #2503

@jpkrohling jpkrohling mentioned this pull request Feb 17, 2021
Merged
@jpkrohling
Copy link
Member

I'm closing this in favor of #2503

@jpkrohling jpkrohling closed this Feb 17, 2021
MovieStoreGuy pushed a commit to atlassian-forks/opentelemetry-collector that referenced this pull request Nov 11, 2021
@MrAlias
Add semconv/v1.5.0 package (open-telemetry#2322)
8324034 
Generated from a modified version of the v1.5.0 release of the
specification using a modified version of the semconvgen tools. The
specification contained capitalized IDs that caused errors from the
semconvgen tool. These errors were manually resolved and the rest of the
Go formatting tools were used to provide consistent code.

Important to note, the Go semconvgen tooling includes new name
capitalization rules for ReplicaSet, StatefulSet, and DaemonSet that
mean code names are not backwards compatible. This is included in the
changelog to help users perform the upgrade.
hughesjj pushed a commit to hughesjj/opentelemetry-collector that referenced this pull request Apr 27, 2023
@dependabot
Bump go.etcd.io/etcd/client/v2 from 2.305.5 to 2.305.6 (open-telemetr…
2ee15c1 
…y#2322)

Bumps [go.etcd.io/etcd/client/v2](https://github.com/etcd-io/etcd) from 2.305.5 to 2.305.6.
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Changelog](https://github.com/etcd-io/etcd/blob/main/Dockerfile-release.amd64)
- [Commits](etcd-io/etcd@client/v2.305.5...client/v2.305.6)

---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Troels51 pushed a commit to Troels51/opentelemetry-collector that referenced this pull request Jul 5, 2024
@punya
Fix lifetime issues in test utils (open-telemetry#2322)
ca67af0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jpkrohling jpkrohling jpkrohling approved these changes

@bogdandrutu bogdandrutu bogdandrutu left review comments

Assignees

@jpkrohling jpkrohling

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add SASL/SCRAM authentication to Kafka receiver and exporter
4 participants
@altieresfreitas @tigrannajaryan @jpkrohling @bogdandrutu