From c8edf061f13eb7ef4e8e80fa79653769349396c3 Mon Sep 17 00:00:00 2001 From: vlastahajek <29980246+vlastahajek@users.noreply.github.com> Date: Wed, 25 Sep 2024 10:54:29 +0200 Subject: [PATCH 1/4] feat: nww kafka sasl oauth params --- .../v1/reference/event_handlers/kafka.md | 48 +++++++++++++++++-- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/content/kapacitor/v1/reference/event_handlers/kafka.md b/content/kapacitor/v1/reference/event_handlers/kafka.md index f6515d08f0..7005ca5c7f 100644 --- a/content/kapacitor/v1/reference/event_handlers/kafka.md +++ b/content/kapacitor/v1/reference/event_handlers/kafka.md @@ -37,6 +37,7 @@ Below is an example configuration: # Optional SASL configuration sasl-username = "xxxxx" sasl-password = "xxxxxxxx" + sasl-extensions = {} sasl-mechanism = "" sasl-version = "" # Use if sasl-mechanism is GSSAPI. GSSAPI is for organizations using Kerberos. @@ -46,7 +47,16 @@ Below is an example configuration: sasl-gssapi-kerberos-config-path = "/" sasl-gssapi-key-tab-path = "" sasl-gssapi-realm = "realm" - # Use if sasl-mechanism is `OAUTHBEARER` (experimental). + # Options if sasl-mechanism is OAUTHBEARER + sasl-oauth-service = "auth0" + sasl-oauth-client-id = "xxxxxxx" + sasl-oauth-client-secret = "xxxxxxxx" + sasl-oauth-token-url = "dedicated-auth0-token-url" + sasl-oauth-token-expiry-margin = "10s" + sasl-oauth-scopes = "" + sasl-oauth-tenant-id = "" + [kafka.sasl-oauth-parameters] + audience = "development" sasl-access-token = "" ``` @@ -102,8 +112,11 @@ Username to use for SASL authentication. #### sasl-password Password to use for SASL authentication. +### sasl-extensions +Arbitrary key value string pairs to pass as a TOML table + #### sasl-mechanism -SASL mechanism type. Options include `GSSAPI`, `OAUTHBEARER`, `PLAIN`. +SASL mechanism type. Options include `GSSAPI`, `OAUTHBEARER`, `PLAIN`, `SCRAM-SHA-256`, `SCRAM-SHA-512`. #### sasl-version SASL protocol version. @@ -126,8 +139,37 @@ Path to the Kerberos key tab. #### sasl-gssapi-realm Default Kerberos realm. +### Options if sasl-mechanism is OAUTHBEARER +#### sasl-oauth-service +The service name to use when authenticating with SASL/OAUTH. +One of: + - `""` (empty) or `custom` + - `auth0` + - `azuread` + +#### sasl-oauth-client-id +The client ID to use when authenticating with SASL/OAUTH. + +#### sasl-oauth-client-secret +The client secret to use when authenticating with SASL/OAUTH. + +#### sasl-oauth-token-url +The token URL to use when sasl-oauth-service is `custom` or `auth0`. Leave empty otherwise. + +#### sasl-oauth-token-expiry-margin +The expiry margin for the token. + +#### sasl-oauth-scopes +Optional scopes to use when authenticating with SASL/OAUTH. + +#### sasl-oauth-tenant-id +Tenant ID for the AzureAD service. + +#### [kafka.sasl-oauth-parameters] +The optional key/value params for SASL/OAUTH. e.g. audience for AUTH0 + #### sasl-access-token -Used if the SASL mechanism is `OAUTHBEARER` (experimental). +Static OAUTH token. Use this instead of other OAUTH params. ## Options The following Kafka event handler options can be set in a From 0c6c335a2c670d13352e55f9778032df1daa3db6 Mon Sep 17 00:00:00 2001 From: vlastahajek <29980246+vlastahajek@users.noreply.github.com> Date: Wed, 25 Sep 2024 14:38:26 +0200 Subject: [PATCH 2/4] chore: Improved description --- content/kapacitor/v1/reference/event_handlers/kafka.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/kapacitor/v1/reference/event_handlers/kafka.md b/content/kapacitor/v1/reference/event_handlers/kafka.md index 7005ca5c7f..a3575d42e5 100644 --- a/content/kapacitor/v1/reference/event_handlers/kafka.md +++ b/content/kapacitor/v1/reference/event_handlers/kafka.md @@ -157,7 +157,7 @@ The client secret to use when authenticating with SASL/OAUTH. The token URL to use when sasl-oauth-service is `custom` or `auth0`. Leave empty otherwise. #### sasl-oauth-token-expiry-margin -The expiry margin for the token. +The margin for the token's expiration time. #### sasl-oauth-scopes Optional scopes to use when authenticating with SASL/OAUTH. From 5c550e82d7c179ba4e8b14b5576c1fdfcb34a1ef Mon Sep 17 00:00:00 2001 From: vlastahajek <29980246+vlastahajek@users.noreply.github.com> Date: Wed, 25 Sep 2024 16:40:55 +0200 Subject: [PATCH 3/4] chore: formatting improvement --- content/kapacitor/v1/reference/event_handlers/kafka.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/content/kapacitor/v1/reference/event_handlers/kafka.md b/content/kapacitor/v1/reference/event_handlers/kafka.md index a3575d42e5..1c8064d987 100644 --- a/content/kapacitor/v1/reference/event_handlers/kafka.md +++ b/content/kapacitor/v1/reference/event_handlers/kafka.md @@ -116,7 +116,12 @@ Password to use for SASL authentication. Arbitrary key value string pairs to pass as a TOML table #### sasl-mechanism -SASL mechanism type. Options include `GSSAPI`, `OAUTHBEARER`, `PLAIN`, `SCRAM-SHA-256`, `SCRAM-SHA-512`. +SASL mechanism type. Options are: +- `GSSAPI` +- `OAUTHBEARER` +- `PLAIN` +- `SCRAM-SHA-256` +- `SCRAM-SHA-512` #### sasl-version SASL protocol version. From 232e28f4c42b451a925abaca2eecbfade0b88ac4 Mon Sep 17 00:00:00 2001 From: Jakub Bednar Date: Mon, 28 Oct 2024 14:11:05 +0100 Subject: [PATCH 4/4] Release Kapacitor v1.7.6 --- .../about_the_project/release-notes.md | 17 +++++++++++++++++ data/products.yml | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/content/kapacitor/v1/reference/about_the_project/release-notes.md b/content/kapacitor/v1/reference/about_the_project/release-notes.md index 6e77a4eb62..4fb722a073 100644 --- a/content/kapacitor/v1/reference/about_the_project/release-notes.md +++ b/content/kapacitor/v1/reference/about_the_project/release-notes.md @@ -9,6 +9,23 @@ aliases: - /kapacitor/v1/about_the_project/releasenotes-changelog/ --- +## v1.7.6 {date="2024-10-28"} + +### Features + +- Kafka Handler set and send SASL extensions. +- Kafka Handler SASL OAUTH token refreshing. + +### Bug Fixes + +- Using UTC timezone for alert levels. + +### Dependency updates + +- Upgrade Go to 1.22.7. + +--- + ## v1.7.5 {date="2024-06-12"} ### Dependency updates diff --git a/data/products.yml b/data/products.yml index 4c49203477..6944757d11 100644 --- a/data/products.yml +++ b/data/products.yml @@ -97,7 +97,7 @@ kapacitor: versions: [v1] latest: v1.7 latest_patches: - v1: 1.7.5 + v1: 1.7.6 enterprise_influxdb: name: "InfluxDB Enterprise"