You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Currently, the Kafka struct declares the Rdkafka map as map[string]string, which means that values must be stored in plaintext in the CRD. However, when connecting to a Kafka broker using SASL_SSL (i.e. when there is a username/password corresponding to the API key/secret, respectively), then it would be better to not store those values in plaintext.
Describe the solution you'd like
Modify the Rdkafka map to allow for values to be either string or *plugins.Secret. That way, users can designate a secret ref for particular values (such as sasl.username and sasl.password), so they don't need to be provided in plaintext at the CRD level.
Additional context
This is useful in multi-tenant scenarios.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Currently, the
Kafkastruct declares theRdkafkamap asmap[string]string, which means that values must be stored in plaintext in the CRD. However, when connecting to a Kafka broker usingSASL_SSL(i.e. when there is a username/password corresponding to the API key/secret, respectively), then it would be better to not store those values in plaintext.Describe the solution you'd like
Modify the
Rdkafkamap to allow for values to be eitherstringor*plugins.Secret. That way, users can designate a secret ref for particular values (such assasl.usernameandsasl.password), so they don't need to be provided in plaintext at the CRD level.Additional context
This is useful in multi-tenant scenarios.
The text was updated successfully, but these errors were encountered: