search

redpanda-data / redpanda

Redpanda is a streaming data platform for developers. Kafka API compatible. 10x faster. No ZooKeeper. No JVM!
https://redpanda.com
9.55k stars 582 forks source link

Ability to specify SCRAM mechanism in RP_BOOTSTRAP_USER #8820

Closed joejulian closed 12 months ago

joejulian commented 1 year ago

Version & Environment

Redpanda version: (use rpk version):

v22.3.12

What went wrong?

Passing an environment variable for bootstrapping the sasl user, it creates a user with the SCRAM_SHA_256 mechanism but we want to use SCRAM_SHA_512.

What should have happened instead?

There should be a way to specify the mechanism, ie: RP_BOOTSTRAP_USER=admin:hunter2:SCRAM_SHA_512 and get the correct mechanism

How to reproduce the issue?

  1. export RP_BOOTSTRAP_USER=admin:hunter2
  2. rpk redpanda start

Additional information

Blocks https://github.com/redpanda-data/helm-charts/issues/334

jcsp commented 1 year ago

Switched this from kind/bug to kind/enhance -- not that it can't be done, just avoiding tracking it in the same bucket as crashes etc.

joejulian commented 1 year ago

This prevents it from being used safely, imho, which is why I considered it a bug. It prevents us from using it in the helm chart.