Skip to content
This repository has been archived by the owner on Jun 4, 2021. It is now read-only.

contrib/kafka: support cert, key, and caCert in spec.net.tls #407

Merged
merged 1 commit into from
May 10, 2019
Merged

contrib/kafka: support cert, key, and caCert in spec.net.tls #407

merged 1 commit into from
May 10, 2019

Conversation

danp
Copy link
Contributor

@danp danp commented May 10, 2019

Proposed Changes

  • Add cert, key, and caCert attributes to KafkaSource's spec.net.tls object
  • Support these new attributes when spec.net.tls.enable is true

Release Note

KafkaSource now supports configuring client certificate and key and server CA cert via new `spec.net.tls.cert`, `spec.net.tls.key`, and `spec.net.tls.caCert` attributes.

@googlebot googlebot added the cla: yes Indicates the PR's author has signed the CLA. label May 10, 2019
@knative-prow-robot knative-prow-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label May 10, 2019
@knative-prow-robot
Copy link
Contributor

Hi @danp. Thanks for your PR.

I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@knative-prow-robot knative-prow-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label May 10, 2019
@matzew
Copy link
Member

matzew commented May 10, 2019

/ok-to-test

@knative-prow-robot knative-prow-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels May 10, 2019
@matzew
Copy link
Member

matzew commented May 10, 2019 via email

@danp
Copy link
Contributor Author

danp commented May 10, 2019

Added tests for newTLSConfig and verifyCertSkipHostname in pkg/adapter which helped coverage there.

@danp
contrib/kafka: support cert, key, and caCert in spec.net.tls
334b99f 
Builds on the general spec.net.tls.enable attribute to support client
certificates and keys and server CA certs.
@knative-prow-robot knative-prow-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels May 10, 2019
@danp
Copy link
Contributor Author

danp commented May 10, 2019

And went ahead and added another test to pkg/reconciler/resources which should get that back to 100%.

@knative-metrics-robot
Copy link

The following is the coverage report on pkg/.
Say /test pull-knative-eventing-sources-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
contrib/kafka/pkg/adapter/adapter.go 14.5% 37.4% 22.8

matzew
matzew reviewed May 10, 2019
View reviewed changes
contrib/kafka/pkg/reconciler/resources/receive_adapter.go
// appendEnvFromSecretKeyRef returns env with an EnvVar appended
// setting key to the secret and key described by ref.
// If ref is nil, env is returned unchanged.
func appendEnvFromSecretKeyRef(env []corev1.EnvVar, key string, ref *corev1.SecretKeySelector) []corev1.EnvVar {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@matzew
Copy link
Member

matzew commented May 10, 2019

/lgtm
/approve

@knative-prow-robot knative-prow-robot added the lgtm Indicates that a PR is ready to be merged. label May 10, 2019
@knative-prow-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danp, matzew

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow-robot knative-prow-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 10, 2019
@knative-prow-robot knative-prow-robot merged commit 094dea9 into knative:master May 10, 2019
@danp danp mentioned this pull request May 10, 2019
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@matzew matzew matzew left review comments

@bbrowning bbrowning Awaiting requested review from bbrowning

Assignees

@matzew matzew

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cla: yes Indicates the PR's author has signed the CLA. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@danp @knative-prow-robot @matzew @knative-metrics-robot @googlebot