kafka-operator icon indicating copy to clipboard operation
kafka-operator copied to clipboard
verified publisher icon stackabletech

Exclude TLS combinations that we don't want to support

Open adwk67 opened this issue 1 year ago • 0 comments

Investigate if we want to allow users to enable mutual tls, without enabling tls. The current implementation allows this.

Background

Some Kafka integration tests (e.g. upgrade_zookeeper-3.9.2_upgrade_old-3.7.1_upgrade_new-3.8.0_use-client-tls-false_use-client-auth-tls-true_openshift-false) allow a combination that we may want to exclude. It sets internalSecretClass but not serverSecretClass:

{% if test_scenario['values']['use-client-auth-tls'] == 'true' %}
    authentication:
      - authenticationClass: test-kafka-client-auth-tls
{% endif %}
    tls:
{% if test_scenario['values']['use-client-tls'] == 'true' %}
      serverSecretClass: tls
{% else %}
      serverSecretClass: null
{% endif %}

adwk67 avatar Oct 09 '24 09:10 adwk67