* parent dbb18e4d77
author Scott Hussey <sthussey@gmail.com> 1632277042 -0500
committer Scott Hussey <sthussey@gmail.com> 1639111222 -0600
Support Oauth2 authentication for Kafka
- Utilize the SASL OAUTHBEARER mechanism to support
the Oauth2 client_credentials flow for Kafka
authentication
- Deprecate `authRequired` field and introduce `authType`
to support varied authentication mechanisms
- Add a metadata upgrade mechanism to support backwards
compatability
- Recommend broker specific scopes to guard against a
compromised broker replaying a token
Signed-off-by: Scott Hussey <sthussey@gmail.com>
* kafka test - use volumes instead of root
CI test fails due to losing data written to container
root
Signed-off-by: Scott Hussey <sthussey@gmail.com>
* Clean up volumes
- When bringing down the docker-compose context, cleanup
volumes
Signed-off-by: Scott Hussey <sthussey@gmail.com>
* Clean up stale comment
Signed-off-by: Scott Hussey <sthussey@gmail.com>
* Resume config defaults
- Return some Kafka config to default values to lower config
footprint and stabilize flaky CI runs
Signed-off-by: Scott Hussey <sthussey@gmail.com>
* - Introduce `fmt.Sprintf` where applicable
- Add conformance test for cassandra component.
Signed-off-by: mbimbij <joseph.mbimbi@gmail.com>
* Start cassandra via docker-compose for its conformance test
Signed-off-by: mbimbij <joseph.mbimbi@gmail.com>
* Apply `go fmt` on `tests/conformance/common.go` as part of PR correction
Signed-off-by: mbimbij <joseph.mbimbi@gmail.com>
* add S3ForcePathStyle support for s3 binding
Signed-off-by: rainfd <rainfd@live.cn>
* add S3ForcePathStyle unit test
Signed-off-by: rainfd <rainfd@live.cn>
* not modifying policy if disableEntity is set
Signed-off-by: Amit Mor <amit.mor@hotmail.com>
* not modifying policy if disableEntity is set
Signed-off-by: Amit Mor <amit.mor@hotmail.com>
* Fix test infrastructure setup script
Signed-off-by: Bernd Verst <4535280+berndverst@users.noreply.github.com>
* use more unique ACR resource name
Signed-off-by: Bernd Verst <4535280+berndverst@users.noreply.github.com>
Co-authored-by: Looong Dai <long.dai@intel.com>
* Add certification tests for ASB Queue binding
This commit adds certification tests for the Azure Service Bus Queue
Input/Output binding. This utilizes the new certification framework
and performs a series of tests as described in the test plan readme.
The general purpose of these tests is to serve as an integration test
and as such requires an actual Azure Service Bus connection and a
Dapr sidecar.
https://github.com/dapr/components-contrib/issues/957
* Add to github workflow and fix formatting
* Fix dependencies
Co-authored-by: Dapr Bot <56698301+dapr-bot@users.noreply.github.com>
* Adds retry on CosmosDB Init in case of TooManyRequests error
* Use backoff v4
* missed some permanent errors
* clean up go.mod
* fix error type casting
* Add constant for HTTP 429
* support tracestate can be propagated in PubSub
* add trace state
Co-authored-by: Long Dai <long.dai@intel.com>
Co-authored-by: Ian Luo <ian.luo@gmail.com>
Co-authored-by: Simon Leet <31784195+CodeMonkeyLeet@users.noreply.github.com>
Co-authored-by: Dapr Bot <56698301+dapr-bot@users.noreply.github.com>
Co-authored-by: Long Dai <long.dai@intel.com>
Co-authored-by: Artur Souza <artursouza.ms@outlook.com>
Co-authored-by: Dapr Bot <56698301+dapr-bot@users.noreply.github.com>
* Move Service Bus Pubsub/Binding to common auth
Both the pubsub and input/output binding for Azure Service Bus were
connecting via a connection string. This is still supported but will
now fallback to using AAD from the common auth library. This is also
the recommended auth pattern going forward.
* Move AMPQ specific auth and fix linter issues
* Make conn string and namespace mutually exclusive
* Move resourceName to a constant
* Update auth_amqp.go
* Update auth.go
Co-authored-by: Long Dai <long.dai@intel.com>
Co-authored-by: Simon Leet <31784195+CodeMonkeyLeet@users.noreply.github.com>
Co-authored-by: Artur Souza <artursouza.ms@outlook.com>
Co-authored-by: Dapr Bot <56698301+dapr-bot@users.noreply.github.com>
There is an internal race condition in MQTT client Publish method when
configured with autoreconnect (default) where the call can fail if the
connection is broken right after the outgoing event is queued but before
the dead connection is blocked.
This change mitigates that on the Dapr side with a limited retry loop
3 times at fixed 200ms interval as a patch before the Dapr resiliency
feature is introduced that exposes more generalized retry controls to
the dev.
Co-authored-by: Bernd Verst <4535280+berndverst@users.noreply.github.com>
Co-authored-by: Long Dai <long.dai@intel.com>
Co-authored-by: Artur Souza <artursouza.ms@outlook.com>
Co-authored-by: Dapr Bot <56698301+dapr-bot@users.noreply.github.com>
With the addition of the certification tests, changes in the go.mod
definition for component-contrib will also need to be propagated to the
go.mod for each of the tests under tests/certification.
- Add a `make modtidy-all` action to support updating all go.mod files.
- Update developing-component.md to include use of `make modtidy-all`.
Co-authored-by: Artur Souza <artursouza.ms@outlook.com>
Co-authored-by: Dapr Bot <56698301+dapr-bot@users.noreply.github.com>
* Authentication for new Azure SDK
* Updated keyvault to use new Azure SDK
* 🙈
* Update authentication/azure/auth.go
* Update authentication/azure/auth.go
* Update authentication/azure/auth.go
* Reintroduce changes from PR 1132 without updating ASB
* Lint 💄
* Marking contexts as TODO as they'll need a timeout
As per conversation with @berndverst
* Update certification tests with no auth libraries
Co-authored-by: Bernd Verst <4535280+berndverst@users.noreply.github.com>
Dmitry Shmulevich