Keith Wall
Keith Wall
@kroxylicious-robot run system tests
CI isn't happy: ``` 03:59:00 Running warm up 03:59:56 Running test cases, number of records = 30000000, record size 1024 03:59:56 Running 01-no-proxy-baseline 03:59:57 Running warm up 04:00:53 Running producer...
@kroxylicious-robot run perf tests
Should HA Proxy Protocol feature be a server wide feature? If we were to allow haproxy protocol to be turned on/off per virtual cluster, the issue is that you need...
It looks like at some point we backfilled PerPartitionTopicValidationResultTest and PerRecordTopicValidatorTest.
Note with both AWS and Vault, we can include the desired key size when creating the DEK. https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html#API_GenerateDataKey_RequestSyntax https://developer.hashicorp.com/vault/api-docs/secret/transit#bits
One idea: utilise cooperating SASL/listener configuration on the upstream side to accept the client identity in a secure fashion. You might be able to do this with a custom SASL...
We have https://github.com/kroxylicious/kroxylicious/issues/1132 talking about giving the filters access to the Principal, but you are correct - there is a Principal coming from SASL and a separate Principal coming from...
> Not that the brokers don't already have to trust the proxy and its filters implicitly already - but if the broker listener that used the new cooperating authoriser were...
> I follow your logic - that's what I was assuming, that there'd be a listener exclusively for the proxy's use configured to use the new authoriser. But it is...