You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Specmesh itself runs fine. Since we provide the appropriate kafka parameters with the correct sasl mechanism (PLAIN) and jaas config (which contains api key/api secret).
The specmesh.yaml though doesn't know anything about the api key. it knows about the user-readable "username" (I was using service account name here) which is not the correct username and has no relation to the real kafka user names. kafka thinks that only api keys are usernames.
After specmesh run the specific user tries to write/read kafka and gets ACL exception. jaas config is correct(with api key/api secret), but the ACL says the user-readable "username" is allowed to do the operation(as was instructed in specmesh.yaml), which the real user is the api key.
Looks like the provisioner needs to be run using:
which is loaded here:
https://github.com/specmesh/specmesh-build/blob/main/kafka/src/main/java/io/specmesh/kafka/Clients.java#L65
which will (via specmesh) execute the equivalent of below
The text was updated successfully, but these errors were encountered: