Integrate additional OAuth 0.15.0 config options

[mstruk]

Type of change

• Enhancement / new feature

Description

The following options have been added to authentication section of type oauth of Kafka CR:

• serverBearerTokenLocation
• userNamePrefix

The following options have been added to authentication section of type oauth of KafkaMirrorMaker, KafkaMirrorMaker2, KafkaConnectCluster, and KafkaBridge CRs:

• accessTokenLocation
• clientAssertion
• clientAssertionLocation
• clientAssertionType
• saslExtensions

Checklist

Please go through this checklist and make sure all applicable tasks have been done

• Write tests
• Make sure all tests pass
• Update documentation
• Check RBAC rights for Kubernetes / OpenShift roles
• Try your changes from Pod inside your Kubernetes and OpenShift cluster, not just locally
• Reference relevant issue(s) and close them after merging
• Update CHANGELOG.md
• Supply screenshots for visual changes, such as Grafana dashboards

[scholzj]

I thought we would include docs on how to configure it for the Servic Accoutn configuration. Or will that be a separate Pr?

[scholzj]

This seems to be used only in tests. So why do we need it? Should we move it to the test class? Or should it be actually set somewhere? The same applies to some of the other classes as well.

[mstruk]

I'm just following a pattern here. It's the kafka_bridge_config_generator.sh shell script that uses these same env vars to configure the bridge. I assume they are in this class as they are considered part of the contract. What does @ppatierno think?

[scholzj]

So, I'm a bit curios how you set the environment variable if you don't use the name anywhere in the production code. Is it assembled somewhere on the fly from some prefix and suffix? But I'm not aware of any contract that we add there a variable not referenced from the Java code itself - I'm certainly not following such contract in any of my PRs.

[mstruk]

Most of these constants are indeed only used in tests and could be moved into some test class. But I'll defer to @ppatierno to give an opinion.

[ppatierno]

So, the above env vars related constant were used here in the past as well IIRC but then we moved to this approach to build them https://github.com/strimzi/strimzi-kafka-operator/blob/main/cluster-operator/src/main/java/io/strimzi/operator/cluster/model/KafkaBridgeCluster.java#L458
At this point, I guess we can removed them from here and move to test classes.

[ppatierno]

A separate PR is fine with me. Thanks.

[scholzj]

I think it is fine to move the others in a separate PR. But we should not introduce new variables like this in this PR.

[ppatierno]

@mstruk I saw you moved the env vars within this PR. Wasn't the plan to do that in a different one as stated above?

[mstruk]

@ppatierno Given that I had to move one constant based on additional feedback, it was actually trivial to move the others as well and avoid the overhead of doing another PR. The idea of another PR was to get this one merged ASAP. But at this point doing another PR is an overhead.

[ppatierno]

Ok makes sense thanks

[mstruk]

I thought we would include docs on how to configure it for the Servic Accoutn configuration. Or will that be a separate Pr?

I'm making a separate PR for that. But I can also add it to this one if you prefer.

[scholzj]

I thought we would include docs on how to configure it for the Servic Accoutn configuration. Or will that be a separate Pr?

I'm making a separate PR for that. But I can also add it to this one if you prefer.

Doing it in a separate PR is fine. It was just not clear to me. Thanks.

[scholzj]

@mstruk This looks good to me now. Thanks. Could you please rebase it so that I can run the regression tests?

[scholzj]

/azp run regression

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[scholzj]

Thanks @mstruk