[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r867531749 ## clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java: ## @@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() { assertEquals(Long.valueOf(123L), reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG)); } + +@Test +public void testInvalidSaslMechanism() { Review Comment: Actually since this is testing logic that is in `CommonClientConfigs`, maybe it's better to keep this here. Otherwise we'd move `postValidateSaslMechanismConfig()` in `SaslConfigs` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r867531749 ## clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java: ## @@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() { assertEquals(Long.valueOf(123L), reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG)); } + +@Test +public void testInvalidSaslMechanism() { Review Comment: Actually since this is testing logic that is in `CommonClientConfigs`, maybe it's better to keep this here. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r867003730 ## clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java: ## @@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() { assertEquals(Long.valueOf(123L), reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG)); } + +@Test +public void testInvalidSaslMechanism() { +Map configs = new HashMap<>(); +configs.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, SecurityProtocol.SASL_PLAINTEXT.name); +configs.put(SaslConfigs.SASL_MECHANISM, null); +ConfigException ce = assertThrows(ConfigException.class, () -> new TestConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); + +configs.put(SaslConfigs.SASL_MECHANISM, ""); +ce = assertThrows(ConfigException.class, () -> new TestConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); + +configs.put(SaslConfigs.SASL_MECHANISM, " "); Review Comment: Let's also drop this last case. This is testing `AbstractConfig` and it seems unrelated to the rest of this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r867002955 ## clients/src/test/java/org/apache/kafka/clients/CommonClientConfigsTest.java: ## @@ -82,4 +102,21 @@ public void testExponentialBackoffDefaults() { assertEquals(Long.valueOf(123L), reconnectBackoffSetConf.getLong(CommonClientConfigs.RECONNECT_BACKOFF_MAX_MS_CONFIG)); } + +@Test +public void testInvalidSaslMechanism() { Review Comment: This is testing `SaslConfigs.SASL_MECHANISM`, so would it be better to move this test in `SaslConfigsTest` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r866616320 ## clients/src/test/java/org/apache/kafka/clients/admin/AdminClientConfigTest.java: ## @@ -0,0 +1,52 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.kafka.clients.admin; + +import org.apache.kafka.clients.CommonClientConfigs; +import org.apache.kafka.common.config.ConfigException; +import org.apache.kafka.common.config.SaslConfigs; +import org.apache.kafka.common.security.auth.SecurityProtocol; +import org.junit.jupiter.api.Test; + +import java.util.HashMap; +import java.util.Map; + +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class AdminClientConfigTest { + +@Test +public void testInvalidSaslMechanism() { +Map configs = new HashMap<>(); +configs.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, SecurityProtocol.SASL_PLAINTEXT.name); +configs.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG, "localhost:8121"); +configs.put(SaslConfigs.SASL_MECHANISM, null); +ConfigException ce = assertThrows(ConfigException.class, () -> new AdminClientConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); + +configs.put(SaslConfigs.SASL_MECHANISM, ""); +ce = assertThrows(ConfigException.class, () -> new AdminClientConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); + +configs.put(SaslConfigs.SASL_MECHANISM, " "); +ce = assertThrows(ConfigException.class, () -> new AdminClientConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); Review Comment: Can we also remove it from `ConsumerConfig` and `ProducerConfig`? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r864110167 ## core/src/main/scala/kafka/server/KafkaConfig.scala: ## @@ -1139,7 +1139,7 @@ object KafkaConfig { .define(MetadataMaxRetentionMillisProp, LONG, Defaults.LogRetentionHours * 60 * 60 * 1000L, null, HIGH, MetadataMaxRetentionMillisDoc) /* Authorizer Configuration ***/ - .define(AuthorizerClassNameProp, STRING, Defaults.AuthorizerClassName, LOW, AuthorizerClassNameDoc) + .define(AuthorizerClassNameProp, STRING, Defaults.AuthorizerClassName, new ConfigDef.NonNullValidator(), LOW, AuthorizerClassNameDoc) Review Comment: Can a `STRING` configuration be null? I wonder if this validator can actually trigger -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] mimaison commented on a diff in pull request #12010: KAFKA-13793: Add validators for configs that lack validators
mimaison commented on code in PR #12010: URL: https://github.com/apache/kafka/pull/12010#discussion_r864068803 ## clients/src/test/java/org/apache/kafka/clients/admin/AdminClientConfigTest.java: ## @@ -0,0 +1,52 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.kafka.clients.admin; + +import org.apache.kafka.clients.CommonClientConfigs; +import org.apache.kafka.common.config.ConfigException; +import org.apache.kafka.common.config.SaslConfigs; +import org.apache.kafka.common.security.auth.SecurityProtocol; +import org.junit.jupiter.api.Test; + +import java.util.HashMap; +import java.util.Map; + +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class AdminClientConfigTest { + +@Test +public void testInvalidSaslMechanism() { +Map configs = new HashMap<>(); +configs.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, SecurityProtocol.SASL_PLAINTEXT.name); +configs.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG, "localhost:8121"); +configs.put(SaslConfigs.SASL_MECHANISM, null); +ConfigException ce = assertThrows(ConfigException.class, () -> new AdminClientConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); + +configs.put(SaslConfigs.SASL_MECHANISM, ""); +ce = assertThrows(ConfigException.class, () -> new AdminClientConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); + +configs.put(SaslConfigs.SASL_MECHANISM, " "); +ce = assertThrows(ConfigException.class, () -> new AdminClientConfig(configs)); +assertTrue(ce.getMessage().contains(SaslConfigs.SASL_MECHANISM)); Review Comment: I agree with @C0urante, we don't need to have that test case in all these classes. ## connect/mirror/src/test/java/org/apache/kafka/connect/mirror/MirrorMakerConfigTest.java: ## @@ -49,15 +53,15 @@ public void testClusterConfigProperties() { "clusters", "a, b", "a.bootstrap.servers", "servers-one", "b.bootstrap.servers", "servers-two", -"security.protocol", "SASL", +"security.protocol", "SSL", Review Comment: We currently don't have checks in any of the `*Config` classes (this is what this PR is addressing). But obviously when creating an actual client, the value of `security.protocol` is used and only at that point you get an exception with a bad value is set. So MirrorMaker can't run with `security.protocol=SASL`. For MirrorMaker, you get: ``` [2022-05-03 20:32:41,008] ERROR Stopping due to error (org.apache.kafka.connect.mirror.MirrorMaker:313) org.apache.kafka.common.KafkaException: Failed to create new KafkaAdminClient at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:545) at org.apache.kafka.clients.admin.Admin.create(Admin.java:143) at org.apache.kafka.connect.util.ConnectUtils.lookupKafkaClusterId(ConnectUtils.java:52) at org.apache.kafka.connect.mirror.MirrorMaker.addHerder(MirrorMaker.java:236) at java.base/java.lang.Iterable.forEach(Iterable.java:75) at org.apache.kafka.connect.mirror.MirrorMaker.(MirrorMaker.java:137) at org.apache.kafka.connect.mirror.MirrorMaker.(MirrorMaker.java:149) at org.apache.kafka.connect.mirror.MirrorMaker.main(MirrorMaker.java:300) Caused by: java.lang.IllegalArgumentException: No enum constant org.apache.kafka.common.security.auth.SecurityProtocol.SASL at java.base/java.lang.Enum.valueOf(Enum.java:240) at org.apache.kafka.common.security.auth.SecurityProtocol.valueOf(SecurityProtocol.java:26) at org.apache.kafka.common.security.auth.SecurityProtocol.forName(SecurityProtocol.java:72) at org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:103) at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:516) ``` With this PR, you would get: ``` [2022-05-03 20:38:13,763] ERROR Stopping due to error