Merge pull request #186 from AtakanColak/master

Added SASL PLAIN Support & Updated Dockerfile
mailgun · Dec 4, 2020 · e0a93d1 · e0a93d1
2 parents 9746b7d + 23beab8
commit e0a93d1
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,10 +1,12 @@
-FROM golang:1.12.7-alpine3.10 AS builder
+FROM golang:1.13.14-alpine3.11 AS builder
 RUN mkdir -p /go/src/github.com/mailgun/kafka-pixy
 COPY . /go/src/github.com/mailgun/kafka-pixy
 WORKDIR /go/src/github.com/mailgun/kafka-pixy
+RUN apk add build-base
+RUN go mod download 
 RUN go build -v -o /go/bin/kafka-pixy
 
-FROM alpine:3.10
+FROM alpine:3.11
 LABEL maintainer="Maxim Vladimirskiy <[email protected]>"
 COPY --from=builder /go/bin/kafka-pixy /usr/bin/kafka-pixy
 EXPOSE 19091 19092

diff --git a/config/config.go b/config/config.go
@@ -139,6 +139,24 @@ type Proxy struct {
 
  // How long to wait for a transmit.
  WriteTimeout time.Duration `yaml:"write_timeout"`
+
+ // SASL support for SASL PLAIN
+ SASL struct {
+ // Whether or not to use SASL authentication when connecting to the broker (defaults to false).
+ Enable bool `yaml:"enable"`
+
+ // Whether or not to send the Kafka SASL handshake first if enabled
+ // (defaults to true). You should only set this to false if you're using
+ // a non-Kafka SASL proxy.
+ Handshake bool `yaml:"handshake"`
+
+ // User is the authentication identity (authcid) to present for
+ // SASL/PLAIN
+ User string `yaml:"user"`
+
+ // Password for SASL/PLAIN authentication
+ Password string `yaml:"password"`
+ } `yaml:"sasl"`
  } `yaml:"net"`
 
  Producer struct {
@@ -350,6 +368,13 @@ func (p *Proxy) SaramaProducerCfg() *sarama.Config {
  saramaCfg.Net.ReadTimeout = p.Net.ReadTimeout
  saramaCfg.Net.WriteTimeout = p.Net.WriteTimeout
 
+ if p.Net.SASL.Enable {
+ saramaCfg.Net.SASL.Enable = p.Net.SASL.Enable
+ saramaCfg.Net.SASL.Handshake = p.Net.SASL.Handshake
+ saramaCfg.Net.SASL.User = p.Net.SASL.User
+ saramaCfg.Net.SASL.Password = p.Net.SASL.Password
+ }
+
  saramaCfg.Producer.MaxMessageBytes = p.Producer.MaxMessageBytes
  saramaCfg.Producer.Compression = sarama.CompressionCodec(p.Producer.Compression)
  saramaCfg.Producer.Flush.Frequency = p.Producer.FlushFrequency
@@ -379,6 +404,13 @@ func (p *Proxy) SaramaClientCfg() *sarama.Config {
  saramaCfg.Net.ReadTimeout = p.Net.ReadTimeout
  saramaCfg.Net.WriteTimeout = p.Net.WriteTimeout
 
+ if p.Net.SASL.Enable {
+ saramaCfg.Net.SASL.Enable = p.Net.SASL.Enable
+ saramaCfg.Net.SASL.Handshake = p.Net.SASL.Handshake
+ saramaCfg.Net.SASL.User = p.Net.SASL.User
+ saramaCfg.Net.SASL.Password = p.Net.SASL.Password
+ }
+
  if p.Kafka.TLSEnabled {
  saramaCfg.Net.TLS.Enable = true
  tlsCfg, _ := p.newTLSConfig() // Ok to ignore err since we validated