Description of problem:

key_pass is text, not file in vector.toml. refer to https://vector.dev/docs/reference/configuration/sources/kafka/

[sinks.kafka_app.tls]
enabled = true
key_pass = "/var/run/ocp-collector/secrets/kafka-fluentd/passphrase"
key_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.key"
crt_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.crt"
ca_file = "/var/run/ocp-collector/secrets/kafka-fluentd/ca-bundle.crt"

Steps to Reproduce:

1. deploy kafka with ssl.client.auth=required
git clone git@gitlab.cee.redhat.com:anli/aosqe-tools.git
cd logging/log_template/kafka/kafka-2.4.1/
sh 01_create-pki-cluster-client_passphase.sh
sh 10_deploy-kafka-plaintext-ssl.sh

2. use certificate with passphase to forward logs to kafka
sh 20_create-clf-kafka-mutual_ssl_passphase.sh
#oc n openshift-logging create secret generic kafka-fluentd --from-file=ca-bundle.crt=ca/ca_bundle.crt --from-file=tls.crt=client/client.crt  -from-file=tls.key=client/client.key --from-literal=sasl_over_ssl=true --from-literal=passphrase=aosqe2021

Actual results:

[sinks.kafka_app.tls]
enabled = true
key_pass = "/var/run/ocp-collector/secrets/kafka-fluentd/passphrase"
key_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.key"
crt_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.crt"
ca_file = "/var/run/ocp-collector/secrets/kafka-fluentd/ca-bundle.crt"

Expected results:

[sinks.kafka_app.tls]
enabled = true
key_pass = "aosqe2021"
key_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.key"
crt_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.crt"
ca_file = "/var/run/ocp-collector/secrets/kafka-fluentd/ca-bundle.crt"