xk6-kafka icon indicating copy to clipboard operation
xk6-kafka copied to clipboard

Published 20 hours ago verified publisher icon mostafa

feature request: possibility to add PEM certificates as string instead of path references to files

Open saplaum opened this issue 3 years ago • 2 comments

It would be helpful to be able to pass certificates as string (or environment variables) instead of references to certificate and key files, since this leads to some limitations when combining xk6-kafka with the k6-operator. I add certificates via PersistentVolumeClaim as a volume to the test runner. This leads to the limitation that I cannot run a distributed test over several Kubernetes nodes, because the mount of the volume is limited to one node (in my setup).

saplaum avatar Oct 18 '22 09:10 saplaum

@plaums It is possible, and I'd be happy to have your contribution if you want to speed up the process. These are the things you should consider:

  1. Changing the struct to accept keys and files. One possible solution is to check if the passed value is a file or not, then try to check if it is a valid certificate, so as to not duplicate fields. https://github.com/mostafa/xk6-kafka/blob/293f1f0bc58475c69ab6d9b6d0b942a96d9d08d5/auth.go#L35-L42
  2. Change these to accept file or string: https://github.com/mostafa/xk6-kafka/blob/293f1f0bc58475c69ab6d9b6d0b942a96d9d08d5/auth.go#L143 https://github.com/mostafa/xk6-kafka/blob/293f1f0bc58475c69ab6d9b6d0b942a96d9d08d5/auth.go#L159 https://github.com/mostafa/xk6-kafka/blob/293f1f0bc58475c69ab6d9b6d0b942a96d9d08d5/auth.go#L170-L177

Let me know if you need more information.

mostafa avatar Oct 18 '22 10:10 mostafa

Thanks for pushing me in the right direction. I'll see how far I will get :-)

saplaum avatar Oct 18 '22 10:10 saplaum

Hello,

this is a good idea. But it would be nice to keep the compatibility with the current version (file path). For example, when you use k6 on Kubernetes, you can mount secrets that contain the key & certs, and you just need to configure the good path to the files.

Rgds.

blezoray avatar Dec 15 '22 15:12 blezoray

I was able to implement it and kept the compatibility to the current behavior like @blezoray mentions. My intend for adding support of strings instead of file paths was using xk6-kafka in a kubernetes context via k6-operator. I almost got this working but I didn't figure out how to properly pass my certificates as environmental variables - ran into the same situation as described here: https://community.k6.io/t/k6-operator-pass-local-environment-variable-as-test-wide-tag/5015

Currently I am also adding keys and certificates via secret/configmap volume mount but I'd be happy to contribute my small change. Cleanup is required though as this is my first contact with go.

saplaum avatar Dec 16 '22 20:12 saplaum

@SaschaPlaum I'd be very happy to see your PR. I'll review it.

mostafa avatar Dec 16 '22 21:12 mostafa

Implemented by @doxsch in #221 and released in v0.18.1.

mostafa avatar Jun 01 '23 09:06 mostafa