search

narcisoguillen / kafka-node-avro

ISC License
26 stars 13 forks source link

Support Secure Registry #21

Closed ReeganExE closed 4 years ago

ReeganExE commented 4 years ago

Hi,

My registry is served on HTTPS endpoint. Does kafka-node-avro support to pass a CA cert as a constructor parameter?

Thanks,

narcisoguillen commented 4 years ago

Hey @ReeganExE sorry for taking so long to answer, had a lot of work and is hard to free my self up. This seems to me more like a kafka-node question. Based on the configuration Options . And an answer from one of their issues here you can set this ip on the settings like 

const Settings  = {
  "kafka" : {
    "kafkaHost"  : "localhost:9092",
    "sslOptions" : {
      "rejectUnauthorized" : ...
      "ca"                 : ...
      "cert"               : ...
      "key"                : ...
      "passphrase"         : ...
    }
  },
  "schema": {
    "registry" : "http://localhost:8081"
  }
};
ReeganExE commented 4 years ago

Hey @ReeganExE sorry for taking so long to answer, had a lot of work and is hard to free my self up. This seems to me more like a kafka-node question. Based on the configuration Options . And an answer from one of their issues here you can set this ip on the settings like

const Settings  = {
  "kafka" : {
    "kafkaHost"  : "localhost:9092",
    "sslOptions" : {
      "rejectUnauthorized" : ...
      "ca"                 : ...
      "cert"               : ...
      "key"                : ...
      "passphrase"         : ...
    }
  },
  "schema": {
    "registry" : "http://localhost:8081"
  }
};

I meant the schema registry, not kafka.

narcisoguillen commented 4 years ago

Oh right, sorry my bad. no it does not, but lets make it happen ! ... we could add a way to provide any Option to the Registry class, what about something like 

const Settings  = {
  "kafka" : {
    "kafkaHost" : "localhost:9092"
  },
  "schema": {
    "registry" : "http://schemaregistry.example.com:8081",
    "options: : {
         cert: fs.readFileSync(certFile),
         key: fs.readFileSync(keyFile),
         passphrase: 'password',
         ca: fs.readFileSync(caFile)
    }
  }
};

so we can set up the TLS/SSL options. What do you think ?

narcisoguillen commented 4 years ago

Just added on Settings schema options, you should be able to config any option on the schema now. like 

const Settings  = {
  "kafka" : {
    "kafkaHost" : "localhost:9092"
  },
  "schema": {
    "registry" : "http://schemaregistry.example.com:8081",
    "options: : {
         cert: fs.readFileSync(certFile),
         key: fs.readFileSync(keyFile),
         passphrase: 'password',
         ca: fs.readFileSync(caFile)
    }
  }
};