[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r867531749
##
clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java:
##
@@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() {
assertEquals(Long.valueOf(123L),
reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG));
}
+
+@Test
+public void testInvalidSaslMechanism() {
Review Comment:
Actually since this is testing logic that is in `CommonClientConfigs`, maybe
it's better to keep this here. Otherwise we'd move
`postValidateSaslMechanismConfig()` in `SaslConfigs`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r867531749
##
clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java:
##
@@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() {
assertEquals(Long.valueOf(123L),
reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG));
}
+
+@Test
+public void testInvalidSaslMechanism() {
Review Comment:
Actually since this is testing logic that is in `CommonClientConfigs`, maybe
it's better to keep this here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r867003730
##
clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java:
##
@@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() {
assertEquals(Long.valueOf(123L),
reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG));
}
+
+@Test
+public void testInvalidSaslMechanism() {
+Map configs = new HashMap<>();
+configs.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG,
SecurityProtocol.SASL_PLAINTEXT.name);
+configs.put(SaslConfigs.SASL_MECHANISM, null);
+ConfigException ce = assertThrows(ConfigException.class, () -> new
TestConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
+
+configs.put(SaslConfigs.SASL_MECHANISM, "");
+ce = assertThrows(ConfigException.class, () -> new
TestConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
+
+configs.put(SaslConfigs.SASL_MECHANISM, " ");
Review Comment:
Let's also drop this last case. This is testing `AbstractConfig` and it
seems unrelated to the rest of this PR.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r867002955
##
clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java:
##
@@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() {
assertEquals(Long.valueOf(123L),
reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG));
}
+
+@Test
+public void testInvalidSaslMechanism() {
Review Comment:
This is testing `SaslConfigs.SASL_MECHANISM`, so would it be better to move
this test in `SaslConfigsTest`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r866616320
##
clients/src/test/java/org/apache/kafka/clients/admin/AdminClientConfigTest.java:
##
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kafka.clients.admin;
+
+import org.apache.kafka.clients.CommonClientConfigs;
+import org.apache.kafka.common.config.ConfigException;
+import org.apache.kafka.common.config.SaslConfigs;
+import org.apache.kafka.common.security.auth.SecurityProtocol;
+import org.junit.jupiter.api.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class AdminClientConfigTest {
+
+@Test
+public void testInvalidSaslMechanism() {
+Map configs = new HashMap<>();
+configs.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG,
SecurityProtocol.SASL_PLAINTEXT.name);
+configs.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG,
"localhost:8121");
+configs.put(SaslConfigs.SASL_MECHANISM, null);
+ConfigException ce = assertThrows(ConfigException.class, () -> new
AdminClientConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
+
+configs.put(SaslConfigs.SASL_MECHANISM, "");
+ce = assertThrows(ConfigException.class, () -> new
AdminClientConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
+
+configs.put(SaslConfigs.SASL_MECHANISM, " ");
+ce = assertThrows(ConfigException.class, () -> new
AdminClientConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
Review Comment:
Can we also remove it from `ConsumerConfig` and `ProducerConfig`?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r864110167
##
core/src/main/scala/kafka/server/KafkaConfig.scala:
##
@@ -1139,7 +1139,7 @@ object KafkaConfig {
.define(MetadataMaxRetentionMillisProp, LONG, Defaults.LogRetentionHours
* 60 * 60 * 1000L, null, HIGH, MetadataMaxRetentionMillisDoc)
/* Authorizer Configuration ***/
- .define(AuthorizerClassNameProp, STRING, Defaults.AuthorizerClassName,
LOW, AuthorizerClassNameDoc)
+ .define(AuthorizerClassNameProp, STRING, Defaults.AuthorizerClassName,
new ConfigDef.NonNullValidator(), LOW, AuthorizerClassNameDoc)
Review Comment:
Can a `STRING` configuration be null? I wonder if this validator can
actually trigger
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010:
URL: https://github.com/apache/kafka/pull/12010#discussion_r864068803
##
clients/src/test/java/org/apache/kafka/clients/admin/AdminClientConfigTest.java:
##
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kafka.clients.admin;
+
+import org.apache.kafka.clients.CommonClientConfigs;
+import org.apache.kafka.common.config.ConfigException;
+import org.apache.kafka.common.config.SaslConfigs;
+import org.apache.kafka.common.security.auth.SecurityProtocol;
+import org.junit.jupiter.api.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class AdminClientConfigTest {
+
+@Test
+public void testInvalidSaslMechanism() {
+Map configs = new HashMap<>();
+configs.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG,
SecurityProtocol.SASL_PLAINTEXT.name);
+configs.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG,
"localhost:8121");
+configs.put(SaslConfigs.SASL_MECHANISM, null);
+ConfigException ce = assertThrows(ConfigException.class, () -> new
AdminClientConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
+
+configs.put(SaslConfigs.SASL_MECHANISM, "");
+ce = assertThrows(ConfigException.class, () -> new
AdminClientConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
+
+configs.put(SaslConfigs.SASL_MECHANISM, " ");
+ce = assertThrows(ConfigException.class, () -> new
AdminClientConfig(configs));
+assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM));
Review Comment:
I agree with @C0urante, we don't need to have that test case in all these
classes.
##
connect/mirror/src/test/java/org/apache/kafka/connect/mirror/MirrorMakerConfigTest.java:
##
@@ -49,15 +53,15 @@ public void testClusterConfigProperties() {
"clusters", "a, b",
"a.bootstrap.servers", "servers-one",
"b.bootstrap.servers", "servers-two",
-"security.protocol", "SASL",
+"security.protocol", "SSL",
Review Comment:
We currently don't have checks in any of the `*Config` classes (this is what
this PR is addressing). But obviously when creating an actual client, the value
of `security.protocol` is used and only at that point you get an exception with
a bad value is set. So MirrorMaker can't run with `security.protocol=SASL`.
For MirrorMaker, you get:
```
[2022-05-03 20:32:41,008] ERROR Stopping due to error
(org.apache.kafka.connect.mirror.MirrorMaker:313)
org.apache.kafka.common.KafkaException: Failed to create new KafkaAdminClient
at
org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:545)
at org.apache.kafka.clients.admin.Admin.create(Admin.java:143)
at
org.apache.kafka.connect.util.ConnectUtils.lookupKafkaClusterId(ConnectUtils.java:52)
at
org.apache.kafka.connect.mirror.MirrorMaker.addHerder(MirrorMaker.java:236)
at java.base/java.lang.Iterable.forEach(Iterable.java:75)
at
org.apache.kafka.connect.mirror.MirrorMaker.(MirrorMaker.java:137)
at
org.apache.kafka.connect.mirror.MirrorMaker.(MirrorMaker.java:149)
at
org.apache.kafka.connect.mirror.MirrorMaker.main(MirrorMaker.java:300)
Caused by: java.lang.IllegalArgumentException: No enum constant
org.apache.kafka.common.security.auth.SecurityProtocol.SASL
at java.base/java.lang.Enum.valueOf(Enum.java:240)
at
org.apache.kafka.common.security.auth.SecurityProtocol.valueOf(SecurityProtocol.java:26)
at
org.apache.kafka.common.security.auth.SecurityProtocol.forName(SecurityProtocol.java:72)
at
org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:103)
at
org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:516)
```
With this PR, you would get:
```
[2022-05-03 20:38:13,763] ERROR Stopping due to error
