[BAEL-4847] Kafka SSL with Spring Boot client
This commit is contained in:
@@ -0,0 +1,54 @@
|
||||
package com.baeldung.kafka.ssl;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.testcontainers.containers.DockerComposeContainer;
|
||||
import org.testcontainers.containers.wait.strategy.Wait;
|
||||
import org.testcontainers.junit.jupiter.Container;
|
||||
import org.testcontainers.junit.jupiter.Testcontainers;
|
||||
|
||||
import java.io.File;
|
||||
import java.time.Duration;
|
||||
import java.util.UUID;
|
||||
|
||||
import static com.baeldung.kafka.ssl.KafkaConsumer.TOPIC;
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.awaitility.Awaitility.await;
|
||||
|
||||
@Slf4j
|
||||
@ActiveProfiles("ssl")
|
||||
@Testcontainers
|
||||
@SpringBootTest(classes = KafkaSslApplication.class)
|
||||
class KafkaSslApplicationLiveTest {
|
||||
|
||||
private static final File KAFKA_COMPOSE_FILE = new File("src/test/resources/docker/docker-compose.yml");
|
||||
private static final String KAFKA_SERVICE = "kafka";
|
||||
private static final int SSL_PORT = 9093;
|
||||
|
||||
@Container
|
||||
public DockerComposeContainer<?> container =
|
||||
new DockerComposeContainer<>(KAFKA_COMPOSE_FILE)
|
||||
.withExposedService(KAFKA_SERVICE, SSL_PORT, Wait.forListeningPort());
|
||||
|
||||
@Autowired
|
||||
private KafkaProducer kafkaProducer;
|
||||
|
||||
@Autowired
|
||||
private KafkaConsumer kafkaConsumer;
|
||||
|
||||
@Test
|
||||
void givenSslIsConfigured_whenProducerSendsMessageOverSsl_thenConsumerReceivesOverSsl() {
|
||||
String message = generateSampleMessage();
|
||||
kafkaProducer.sendMessage(message, TOPIC);
|
||||
|
||||
await().atMost(Duration.ofMinutes(2))
|
||||
.untilAsserted(() -> assertThat(kafkaConsumer.messages).containsExactly(message));
|
||||
}
|
||||
|
||||
private static String generateSampleMessage() {
|
||||
return UUID.randomUUID().toString();
|
||||
}
|
||||
}
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -0,0 +1 @@
|
||||
password
|
||||
@@ -0,0 +1 @@
|
||||
password
|
||||
@@ -0,0 +1 @@
|
||||
password
|
||||
@@ -0,0 +1,30 @@
|
||||
---
|
||||
version: '2'
|
||||
services:
|
||||
zookeeper:
|
||||
image: confluentinc/cp-zookeeper:6.2.0
|
||||
environment:
|
||||
ZOOKEEPER_CLIENT_PORT: 2181
|
||||
ZOOKEEPER_TICK_TIME: 2000
|
||||
|
||||
kafka:
|
||||
image: confluentinc/cp-kafka:6.2.0
|
||||
depends_on:
|
||||
- zookeeper
|
||||
ports:
|
||||
- 9092:9092
|
||||
- 9093:9093
|
||||
environment:
|
||||
KAFKA_BROKER_ID: 1
|
||||
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
|
||||
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://localhost:9092,SSL://localhost:9093
|
||||
KAFKA_AUTO_CREATE_TOPICS_ENABLE: 'true'
|
||||
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
|
||||
KAFKA_SSL_CLIENT_AUTH: "required"
|
||||
KAFKA_SSL_KEYSTORE_FILENAME: '/certs/kafka.server.keystore.jks'
|
||||
KAFKA_SSL_KEYSTORE_CREDENTIALS: '/certs/kafka_keystore_credentials'
|
||||
KAFKA_SSL_KEY_CREDENTIALS: '/certs/kafka_sslkey_credentials'
|
||||
KAFKA_SSL_TRUSTSTORE_FILENAME: '/certs/kafka.server.truststore.jks'
|
||||
KAFKA_SSL_TRUSTSTORE_CREDENTIALS: '/certs/kafka_truststore_credentials'
|
||||
volumes:
|
||||
- ./certs/:/etc/kafka/secrets/certs
|
||||
+6
@@ -10,4 +10,10 @@
|
||||
<root level="INFO">
|
||||
<appender-ref ref="STDOUT" />
|
||||
</root>
|
||||
|
||||
<!-- Reduce the noise as the consumer keeps trying to connect until the Kafka instance is available -->
|
||||
<springProfile name="ssl">
|
||||
<logger name="org.apache.kafka.clients.NetworkClient" level="ERROR" additivity="false"/>
|
||||
</springProfile>
|
||||
|
||||
</configuration>
|
||||
Reference in New Issue
Block a user