fix: Kafka/SASL Verbiage cleanup and examples (argoproj#1220)

* Fix: Clean up descriptions, add example and rename configration names for Kafka/SASL argoproj#1217

Signed-off-by: Christopher Buckley <[email protected]>

Author: cbuckley01

USERS.md

@@ -3,6 +3,7 @@
 Organizations below are **officially** using Argo Events. Please send a PR with your organization name if you are using Argo Events.
 
 1. [3Rein](https://www.3rein.com)
+1. [7shifts](https://www.7shifts.com)
 1. [BioBox Analytics](https://biobox.io)
 1. [BlackRock](https://www.blackrock.com/)
 1. [Canva](https://www.canva.com/)
@@ -13,8 +14,8 @@ Organizations below are **officially** using Argo Events. Please send a PR with
 1. [Intuit](https://www.intuit.com/)
 1. [OneCause](https://www.onecause.com/)
 1. [Produvar](https://www.produvar.com/)
+1. [ProPoint Solutions](https://supersalon.com)
 1. [Rakuten](https://www.rakuten.com)
 1. [RTL Nederland](https://www.rtl.nl)
 1. [Viaduct](https://www.viaduct.ai/)
 1. [Woolworths Group](https://www.woolworthsgroup.com.au/)
-1. [7shifts](https://www.7shifts.com)

api/openapi-spec/swagger.json

@@ -275,14 +275,14 @@ func getSaramaConfig(kafkaEventSource *v1alpha1.KafkaEventSource, log *zap.Sugar
 
 		config.Net.SASL.Mechanism = sarama.SASLMechanism(kafkaEventSource.SASL.GetMechanism())
 
-		user, err := common.GetSecretFromVolume(kafkaEventSource.SASL.User)
+		user, err := common.GetSecretFromVolume(kafkaEventSource.SASL.UserSecret)
 		if err != nil {
 			log.Errorf("Error getting user value from secret: %v", err)
 			return nil, err
 		}
 		config.Net.SASL.User = user
 
-		password, err := common.GetSecretFromVolume(kafkaEventSource.SASL.Password)
+		password, err := common.GetSecretFromVolume(kafkaEventSource.SASL.PasswordSecret)
 		if err != nil {
 			log.Errorf("Error getting password value from secret: %v", err)
 			return nil, err

eventsources/sources/kafka/start.go

@@ -33,11 +33,7 @@ spec:
 #      limitEventsPerSecond: 1
 #      version: "2.5.0"
 
-#    example-tls:
-#      url: "kafka.argo-events:9092"
-#      topic: "topic-2"
-#      jsonBody: true
-#      partition: "1"
+##    Enable TLS authentication ( not to be used with SASL)
 #      tls:
 #        caCertSecret:
 #          name: my-secret
@@ -48,3 +44,13 @@ spec:
 #        clientKeySecret:
 #          name: my-secret
 #          key: client-key-key
+
+##    Enable SASL authentication (not to be used with TLS)
+#     sasl:
+#        mechanism: PLAIN
+#        passwordSecret:
+#          key: password
+#          name: my-user
+#        userSecret:
+#          key: user
+#          name: my-user

examples/event-sources/kafka.yaml

@@ -136,9 +136,9 @@ type SASLConfig struct {
 	Mechanism string `json:"mechanism,omitempty" protobuf:"bytes,1,opt,name=mechanism"`
 	// User is the authentication identity (authcid) to present for
 	// SASL/PLAIN or SASL/SCRAM authentication
-	User *corev1.SecretKeySelector `json:"user,omitempty" protobuf:"bytes,2,opt,name=user"`
+	UserSecret *corev1.SecretKeySelector `json:"userSecret,omitempty" protobuf:"bytes,2,opt,name=user"`
 	// Password for SASL/PLAIN authentication
-	Password *corev1.SecretKeySelector `json:"password,omitempty" protobuf:"bytes,3,opt,name=password"`
+	PasswordSecret *corev1.SecretKeySelector `json:"passwordSecret,omitempty" protobuf:"bytes,3,opt,name=password"`
 }
 
 // Backoff for an operation

pkg/apis/common/common.go

@@ -43,8 +43,8 @@ func ValidateSASLConfig(saslConfig *SASLConfig) error {
 	}
 
 	// user and password must both be set
-	if saslConfig.User == nil || saslConfig.Password == nil {
-		return errors.New("invalid sasl config, please configure either User, and/or Password")
+	if saslConfig.UserSecret == nil || saslConfig.PasswordSecret == nil {
+		return errors.New("invalid sasl config, both userSecret and passwordSecret must be defined")
 	}
 
 	return nil

pkg/apis/common/deepcopy_generated.go

@@ -37,13 +37,13 @@ func fakeSASLConfig(t *testing.T) *SASLConfig {
 	return &SASLConfig{
 		Mechanism: "PLAIN",
 
-		User: &corev1.SecretKeySelector{
+		UserSecret: &corev1.SecretKeySelector{
 			Key: "fake-key1",
 			LocalObjectReference: corev1.LocalObjectReference{
 				Name: "user",
 			},
 		},
-		Password: &corev1.SecretKeySelector{
+		PasswordSecret: &corev1.SecretKeySelector{
 			Key: "fake-key2",
 			LocalObjectReference: corev1.LocalObjectReference{
 				Name: "password",
@@ -96,7 +96,7 @@ func TestValidateSASLConfig(t *testing.T) {
 		s := &SASLConfig{}
 		err := ValidateSASLConfig(s)
 		assert.NotNil(t, err)
-		assert.True(t, strings.Contains(err.Error(), "invalid sasl config, please configure either User, and/or Password"))
+		assert.True(t, strings.Contains(err.Error(), "invalid sasl config, both userSecret and passwordSecret must be defined"))
 	})
 
 	t.Run("test invalid Mechanism is set", func(t *testing.T) {
@@ -109,14 +109,14 @@ func TestValidateSASLConfig(t *testing.T) {
 
 	t.Run("test only User is set", func(t *testing.T) {
 		s := fakeSASLConfig(t)
-		s.Password = nil
+		s.PasswordSecret = nil
 		err := ValidateSASLConfig(s)
 		assert.NotNil(t, err)
 	})
 
 	t.Run("test only Password is set", func(t *testing.T) {
 		s := fakeSASLConfig(t)
-		s.User = nil
+		s.UserSecret = nil
 		err := ValidateSASLConfig(s)
 		assert.NotNil(t, err)
 	})