rondagostino opened a new pull request #10694: URL: https://github.com/apache/kafka/pull/10694
SecurityConfig for a Kafka cluster in a system test is cached due to https://github.com/apache/kafka/pull/8917, but we mutate the security config during some system tests, and those mutations were not being passed through after-the-fact. These system tests were not testing what they were supposed to be testing. This patch passes through the potential changes so that we again test what we are supposed to be testing. Also, since we became very specific about what SASL mechanisms to enable when updating the system tests for KRaft, we need to explicitly explicitly indicate to the SecurityConfig any additional SASL mechanisms that we want to enable. This was always necessary once we made the KRaft changes, but it was not apparent due to the above bug (where mutations were not being passed through). This patch provides a way to pass additional SASL mechanisms to the SecurityConfig by adding an option `sasl_mechanism` to KafkaListener -- this is what gets passed into the SecurityConfig when we enable a new security protocol in the middle of a system test. *Summary of testing strategy (including rationale) for the feature or bug fix. Unit and/or integration tests are expected for any behaviour change and system tests should be considered for larger changes.* ### Committer Checklist (excluded from commit message) - [ ] Verify design and implementation - [ ] Verify test coverage and CI build status - [ ] Verify documentation (including upgrade notes) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org