-
Notifications
You must be signed in to change notification settings - Fork 580
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable per kafka listener sasl #6940
Enable per kafka listener sasl #6940
Commits on Oct 30, 2022
-
New kubebuilder (version 3.7.0) updated how dependnecies (clis) are downloaded.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 4cb25bc - Browse repository at this point
Copy the full SHA 4cb25bcView commit details -
k8s: Extend Kafka authorization method
With changes to authorization configuration options the CRD is updated. REF: redpanda-data#5292
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for be3b90f - Browse repository at this point
Copy the full SHA be3b90fView commit details -
k8s: Add authorized method webhook with test
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 24a2231 - Browse repository at this point
Copy the full SHA 24a2231View commit details -
Rafal Korepta committed
Oct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for c206592 - Browse repository at this point
Copy the full SHA c206592View commit details -
k8s: Replace deprecated reference on enable_sasl with function
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for b519d6f - Browse repository at this point
Copy the full SHA b519d6fView commit details -
k8s: Implement new authorization configuration options
From 22.2.1 configuration can set per kafka listener. REF: https://github.com/redpanda-data/redpanda/releases/tag/v22.2.1 redpanda-data#5292
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 01d76db - Browse repository at this point
Copy the full SHA 01d76dbView commit details -
k8s: Create feature gate for new SASL per listener feature
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for bef9d62 - Browse repository at this point
Copy the full SHA bef9d62View commit details -
k8s: Extend PandaProxy authorization method
With changes to authorization configuration options the CRD is updated. REF: redpanda-data#6452
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 159b717 - Browse repository at this point
Copy the full SHA 159b717View commit details -
k8s: Generate CRD definition after adding pp authentication method
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 4e60cb7 - Browse repository at this point
Copy the full SHA 4e60cb7View commit details -
k8s: Extend schema registry authorization method
With changes to authorization configuration options the CRD is updated. REF: redpanda-data#6639
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for d4bc3c8 - Browse repository at this point
Copy the full SHA d4bc3c8View commit details -
k8s: Generate CRD definition after adding sr authentication method
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 3739a2c - Browse repository at this point
Copy the full SHA 3739a2cView commit details -
rpk: Change pandaproxy configuration options
The authentication_method is now available in pandaproxy.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 10c1068 - Browse repository at this point
Copy the full SHA 10c1068View commit details -
rpk: Change schema registry configuration options
The authentication_method is now available in schema registry.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for bc9f5fa - Browse repository at this point
Copy the full SHA bc9f5faView commit details -
k8s: Add authorization method in panda proxy configuration
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 6dcfcb3 - Browse repository at this point
Copy the full SHA 6dcfcb3View commit details -
k8s: Add authorization method in schema registry configuration
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for ffdc589 - Browse repository at this point
Copy the full SHA ffdc589View commit details -
k8s: Change SASL configuration in pp e2e test
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 5f9c534 - Browse repository at this point
Copy the full SHA 5f9c534View commit details -
k8s: Run gofmpt against operator code base
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 6e1dd34 - Browse repository at this point
Copy the full SHA 6e1dd34View commit details -
k8s: Clean console controller tests
The ginkgo and gomega tests where asserting too much in one check. Errors where not clear as there were 4 boolean checks.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 9ad0859 - Browse repository at this point
Copy the full SHA 9ad0859View commit details -
Rafal Korepta committed
Oct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 18e0a5c - Browse repository at this point
Copy the full SHA 18e0a5cView commit details -
k8s: Load redpanda container in kindContainers
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 2831119 - Browse repository at this point
Copy the full SHA 2831119View commit details -
k8s: Use configurator from source code
Previously, the configurator was downloaded from docker hub. Now operator is creating Redpanda clusters with `localhost/configurator:dev` container.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for daee21f - Browse repository at this point
Copy the full SHA daee21fView commit details -
k8s: Add schema registry e2e tests using http basic authenticationMethod
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 8cd9034 - Browse repository at this point
Copy the full SHA 8cd9034View commit details -
The gofumpt is used now. REF: redpanda-data#4665
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 1c150d3 - Browse repository at this point
Copy the full SHA 1c150d3View commit details -
k8s: Create more traces for console configuration changes
When console configuration or config map metadata should be change, then tracing that is hard based on only operator logs. This change adds context to action that are taken in reconciliation function.l
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for e4d0bc2 - Browse repository at this point
Copy the full SHA e4d0bc2View commit details -
k8s: Bump certificate manager verification timeout
In not so much good internet connection, waiting 2 minutes for config manager to became ready is not enough.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 3afabea - Browse repository at this point
Copy the full SHA 3afabeaView commit details -
k8s: Change decommission deployment of operator
When deployment was changed, so that it uses new kustomize overlay, then the decommission deployment needs to be adjusted as containers where reorder and bring back the 'good' configuration was not valid anymore.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for f8ecfd2 - Browse repository at this point
Copy the full SHA f8ecfd2View commit details -
k8s: Change update configuration image test
As the current e2e test setup is using localhost/configurator:dev container image definition, the previous step to add configurator tag command argument was not valid anymore. It was easier to not fight with `kubectl patch` command, but declare whole operator deployment to correctly set the configurator image.
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for b866556 - Browse repository at this point
Copy the full SHA b866556View commit details -
k8s: Add update secret verb to cluster role
The console secret synchronizer was not able to update schema registry secret after cert manager updated schema registry secret for Redpanda cluster. REF: ``` 2022-10-30T21:32:49.741Z ERROR controller.console Reconciler error {"reconciler group": "redpanda.vectorized.io", "reconciler kind": "Console", "name": "console", "namespace": "console", "error": "updating Console synced secret &Secret{ObjectMeta:{console-schema-registry console 2331 0 0001-01-01 00:00:00 +0000 UTC <nil> <nil> map[app.kubernetes.io/component:console app.kubernetes.io/instance:console app.kubernetes.io/managed-by:redpanda-operator app.kubernetes.io/name:redpanda-console app.kubernetes.io/part-of:redpanda-console test.redpanda.vectorized.io/name:updating-console] map[banzaicloud.com/last-applied:UEsDBBQACAAIAAAAAAAAAAAAAAAAAAAAAAAIAAAAb3JpZ2luYWyEkcFO8zAQhN9lz3F+NepPSq5wRwKJC+KwtqetVce27E1RqfLuKNBWpSpws8bf7Oxq9sTJPSMXFwN1tJ1RRRsXLHX0BJMhVFEPYcvC1O3Js4Yv04tTqjeDRg4QlNrFfyb2KQYEoY5MDCV6UHWFc6EIB4M/sJ4Dr2CV3lFHGTZxsKxiQmaJ+aolcI9z+LfxibOouLyOC4rUR73ewkjM7h32LGRIlsWF1ck1VnT4OiiqmDV6VhkrVyTv6AsoiS9uj28B+RFLZASDQt3LRS0/bLKdsU9rnjrTPprNwzTnHh7yaZM8oJpiJEfvkY/Kod+7U/73tamiwU1AaxbNvGla1WozV/NFo5VuWyj9f3FrGTctL1saX8fxIwAA//9QSwcIaDwarhoBAABFAgAAUEsBAhQAFAAIAAgAAAAAAGg8Gq4aAQAARQIAAAgAAAAAAAAAAAAAAAAAAAAAAG9yaWdpbmFsUEsFBgAAAAABAAEANgAAAFABAAAAAA==] [{redpanda.vectorized.io/v1alpha1 Console console 7c824227-7bc4-482b-b77e-b589dae67af7 0xc000db6e01 0xc000db6e00}] [] []},Data:map[string][]byte{},Type:,StringData:map[string]string{},Immutable:nil,}: failed to update resource: secrets \"console-schema-registry\" is forbidden: User \"system:serviceaccount:redpanda-system:default\" cannot update resource \"secrets\" in API group \"\" in the namespace \"console\""} ```
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for 962cd27 - Browse repository at this point
Copy the full SHA 962cd27View commit details -
k8s: Add delete config map verb to cluster role
The console config map is immutable and any change into console resource spec will increment console resource generation. That will trigger a operator reconciliation loop which will create new configmap and delete old one if there will be no errors between k8s api server and operator. REF: ``` 2022-10-30T21:52:05.336Z ERROR controller.console Reconciler error {"reconciler group": "redpanda.vectorized.io", "reconciler kind": "Console", "name": "console", "namespace": "console", "error": "deleting unused configmaps: configmaps \"console-7wtlg\" is forbidden: User \"system:serviceaccount:redpanda-system:default\" cannot delete resource \"configmaps\" in API group \"\" in the namespace \"console\""} sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2 /go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.7/pkg/internal/controller/controller.go:214 ```
Rafal Korepta committedOct 30, 2022 Configuration menu - View commit details
-
Copy full SHA for b65e9a1 - Browse repository at this point
Copy the full SHA b65e9a1View commit details