Uploaded image for project: 'Debezium'
  1. Debezium
  2. DBZ-3245

Debezium 1.4.2.Final and onwards unable to parse sasl.jaas.config from env var

    XMLWordPrintable

    Details

    • Steps to Reproduce:
      Hide
      1. Set the sasl jaas config environment variable that'll be ingested by the Debezium container on boot
        CONNECT_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required username="fakeusername" password="fakepassword"
      1. Boot Debezium watching the stdout/stderr for env var parsing
      2. Observe that in versions 1.4.2.Final and later the provided CONNECT_SASL_JAAS_CONFIG env var is parsed as 
        --- Setting property from CONNECT_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="fakeusername" password: sasl.jaas.config=org.apache.kafka.common.security.scram.scramloginmodule required username="fakeusername" password="fakepassword";
      1. Debezium throws authentication errors as the sasl.jaas.config property is incorrect due to the misconfigured parser.
      Show
      Set the sasl jaas config environment variable that'll be ingested by the Debezium container on boot CONNECT_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required username= "fakeusername" password= "fakepassword" Boot Debezium watching the stdout/stderr for env var parsing Observe that in versions 1.4.2.Final and later the provided CONNECT_SASL_JAAS_CONFIG env var is parsed as  --- Setting property from CONNECT_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username= "fakeusername" password: sasl.jaas.config=org.apache.kafka.common.security.scram.scramloginmodule required username= "fakeusername" password= "fakepassword" ; Debezium throws authentication errors as the sasl.jaas.config property is incorrect due to the misconfigured parser.

      Description

      We've run into an issue with the Debezium kafka-connect docker image 1.4.2.Final (https://hub.docker.com/layers/debezium/connect/1.4.2.Final/images/sha256-f14e176ecbf367e70149c6ffbe93ab4d734785c53527eeedaf4384f565e2e882?context=explore). It appears that it is no longer parsing the provided sasl.jaas.config environment variable. The parsing works fine in 1.4.1.Final but appears to be broken from 1.4.2.Final and onwards.

      I believe I've traced it back to changes made to the way environment variables are fed into the parser in the entrypoint https://github.com/debezium/docker-images/commit/f25411e5d6061bb40a73dd402a58d2039cc1e71f#diff-2c2a818cf3b7202a01a16e55ab47df3c301f34fea9e16bc57315e22c362fb120R197-R199

       

      Providing the following env var:

      CONNECT_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required username="fakeusername" password="fakepassword"

      Output from 1.4.1.Final, note properly parsed env var:

      --- Setting property from CONNECT_SASL_JAAS_CONFIG: sasl.jaas.config=[hidden]

      Output from 1.4.2.Final and onwards, note incorrectly parsed env var:

      --- Setting property from CONNECT_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="fakeusername" password: sasl.jaas.config=org.apache.kafka.common.security.scram.scramloginmodule required username="fakeusername" password="fakepassword";

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              brandonharvey Brandon Harvey
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: