MINOR: add SCRAM for security_rolling_upgrade #18368

TaiJuWu · 2025-01-01T03:17:20Z

As title

Committer Checklist (excluded from commit message)

Verify design and implementation
Verify test coverage and CI build status
Verify documentation (including upgrade notes)

TaiJuWu · 2025-01-01T06:23:51Z

----------------------------------------------------------------------------------------------------
test_id:    kafkatest.tests.core.security_rolling_upgrade_test.TestSecurityRollingUpgrade.test_rolling_upgrade_sasl_mechanism_phase_one.new_client_sasl_mechanism=PLAIN.metadata_quorum=ISOLATED_KRAFT
status:     PASS
run time:   6 minutes 13.083 seconds
----------------------------------------------------------------------------------------------------
test_id:    kafkatest.tests.core.security_rolling_upgrade_test.TestSecurityRollingUpgrade.test_rolling_upgrade_sasl_mechanism_phase_one.new_client_sasl_mechanism=SCRAM-SHA-256.metadata_quorum=ISOLATED_KRAFT
status:     PASS
run time:   4 minutes 18.401 seconds
----------------------------------------------------------------------------------------------------
test_id:    kafkatest.tests.core.security_rolling_upgrade_test.TestSecurityRollingUpgrade.test_rolling_upgrade_sasl_mechanism_phase_one.new_client_sasl_mechanism=SCRAM-SHA-512.metadata_quorum=ISOLATED_KRAFT
status:     PASS
run time:   5 minutes 17.883 seconds
----------------------------------------------------------------------------------------------------

github-actions · 2025-01-08T03:36:07Z

A label of 'needs-attention' was automatically added to this PR in order to raise the
attention of the committers. Once this issue has been triaged, the triage label
should be removed to prevent this automation from happening again.

chia7712 · 2025-02-24T09:42:10Z

tests/kafkatest/services/kafka/kafka.py

@@ -842,8 +842,7 @@ def start_node(self, node, timeout_sec=60, **kwargs):
                    self.close_port(controller_listener)

        self.security_config.setup_node(node)
-        if self.quorum_info.using_zk or self.quorum_info.has_brokers: # TODO: SCRAM currently unsupported for controller quorum
-            self.maybe_setup_broker_scram_credentials(node)
+        self.maybe_setup_broker_scram_credentials(node)


this method will call maybe_setup_broker_scram_credentials to use zk connection. Is it safe if the e2e is under kraft?

test

21be23c

github-actions bot added triage PRs from the community tests Test fixes (including flaky tests) small Small PRs labels Jan 1, 2025

TaiJuWu marked this pull request as draft January 1, 2025 03:20

TaiJuWu added 2 commits January 1, 2025 03:21

add more test

d204d3b

revert some change

b3ea21f

TaiJuWu marked this pull request as ready for review January 1, 2025 06:23

TaiJuWu marked this pull request as draft January 1, 2025 06:26

TaiJuWu marked this pull request as ready for review January 1, 2025 08:06

github-actions bot added the needs-attention label Jan 8, 2025

chia7712 reviewed Feb 24, 2025

View reviewed changes

github-actions bot removed needs-attention triage PRs from the community labels Feb 25, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

MINOR: add SCRAM for security_rolling_upgrade #18368

MINOR: add SCRAM for security_rolling_upgrade #18368

TaiJuWu commented Jan 1, 2025

TaiJuWu commented Jan 1, 2025

github-actions bot commented Jan 8, 2025

chia7712 Feb 24, 2025

MINOR: add SCRAM for security_rolling_upgrade #18368

Are you sure you want to change the base?

MINOR: add SCRAM for security_rolling_upgrade #18368

Conversation

TaiJuWu commented Jan 1, 2025

Committer Checklist (excluded from commit message)

TaiJuWu commented Jan 1, 2025

github-actions bot commented Jan 8, 2025

chia7712 Feb 24, 2025

Choose a reason for hiding this comment