feat(stream): add nkey and jwt auth methods for nats connector

[yufansong]

I hereby agree to the terms of the RisingWave Labs, Inc. Contributor License Agreement.

What's changed and what's your intention?

This PR try to refactor the nats client connection code and add some new methods (credential) to connect. The nats rust package support it here.

1. The connection with/without passworda and username already test and correct.
2. Test credential connection methods in sink parts. If you want to test it, firstly you need to make sure you launch the nats server in this way which can enable the credential auth methods. Then you can connect it in this way.

Checklist

• I have written necessary rustdoc comments
• I have added necessary unit tests and integration tests
• I have added fuzzing tests or opened an issue to track them. (Optional, recommended for new SQL features Sqlsmith: Sql feature generation #7934).
• My PR contains breaking changes. (If it deprecates some features, please create a tracking issue to remove them in the future).
• All checks passed in ./risedev check (or alias, ./risedev c)
• My PR changes performance-critical code. (Please run macro/micro-benchmarks and show the results.)

• My PR contains critical fixes that are necessary to be merged into the latest release. (Please check out the details)

Documentation

• My PR needs documentation updates. (Please use the Release note section below to summarize the impact on users)

Release note

If this PR includes changes that directly affect users or other significant modifications relevant to the community, kindly draft a release note to provide a concise summary of these changes. Please prioritize highlighting the impact these changes will have on users.
Add filed: connect_mode, value can be user_and_password, credential or plain.
When use credential, need to fill jwt and nkey
When use user_and_password need to fild username and password
If plain, no extra filed required.

code example:

-- plain
CREATE TABLE test
(
  id integer,
  name varchar,
)
WITH (
  connector='nats',
    server_url='0.0.0.0:4222',
    subject='event1',
    username='a',
    password='b',
    connect_mode='plain'
) FORMAT PLAIN ENCODE JSON;

-- user pass
CREATE TABLE test
(
  id integer,
  name varchar,
)
WITH (
  connector='nats',
    server_url='0.0.0.0:4222',
    subject='event1',
    username='a',
    password='b',
    connect_mode='user_and_password'
) FORMAT PLAIN ENCODE JSON;

-- make sure replace the jwt and nkey as your own value
CREATE SINK s_nats FROM personnel WITH (
    connector='nats',
    server_url='0.0.0.0:4222,0.0.0.0:4221',
    subject='event1',
    type='append-only',
    force_append_only='true',
    connect_mode='credential',
    jwt='xxxx,
    nkey='xxxx',

);

[neverchanje]

Thanks Yufan! I wonder how did you test this functionality? There is no unit test nor intergation test.

[yufansong]

Thanks Yufan! I wonder how did you test this functionality? There is no unit test nor intergation test.

Yeah, I have checked other intergration test code, will add it like others. For unit test, currently the nats logic is not complex. I didn't find too much nessesary to add it. What do you think?

I think it may take several days to write the test code. So after finishing this PR and that PR, and no more urgent feature appears, I will work in the test parts.

[tabVersion]

lets do some validation before merging into main

[codecov]

Codecov Report

Merging #12227 (a0b34e8) into main (f304ed2) will decrease coverage by 0.03%.
Report is 15 commits behind head on main.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main   #12227      +/-   ##
==========================================
- Coverage   69.85%   69.83%   -0.03%     
==========================================
  Files        1417     1417              
  Lines      235533   235599      +66     
==========================================
- Hits       164533   164531       -2     
- Misses      71000    71068      +68     

Flag	Coverage Δ
rust	69.83% <0.00%> (-0.03%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
src/connector/src/common.rs	2.26% <0.00%> (-0.45%)	⬇️
src/connector/src/source/nats/enumerator/mod.rs	0.00% <0.00%> (ø)
src/connector/src/source/nats/mod.rs	0.00% <ø> (ø)
src/connector/src/source/nats/source/message.rs	0.00% <0.00%> (ø)
src/connector/src/source/nats/source/reader.rs	0.00% <0.00%> (ø)
src/connector/src/source/nats/split.rs	0.00% <0.00%> (ø)

... and 3 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[neverchanje]

I just want to ensure there is manual testing at least. Once developed, we don't expect extra back-and-forth communication with users

[neverchanje]

I wanted to propose stripping off all 'nats.' or 'cassandra.' prefixes given that it has been specified in 'connector'.

[yufansong]

removed.

[tabVersion]

rest LGTM, good work!

[tabVersion]

does it mean rw also accepts Nats without auth?
if so, user should connect with 'plain' or sth else, instead of leaving it empty.
also, we need to reject unrecognized string here.

[tabVersion]

incredible the func need the format

[yufansong]

Yes, this is what the nats documents said, and also what syntropy told me

[hzxa21]

Cargo.lock changes are related to the nats dependency. LGTM!