Fix inconsistent KafkaSQL SSL security property naming #6969
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ard compatibility Introduces new configuration properties with the consistent 'apicurio.kafkasql.security.ssl.*' prefix to align with existing security naming conventions. The old 'apicurio.kafkasql.ssl.*' properties are deprecated but remain fully functional through fallback logic. Users are warned via logging when using deprecated properties and are directed to the new property names. Fixes #6398
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR addresses the inconsistent naming of KafkaSQL SSL security configuration properties by introducing new properties with the consistent
apicurio.kafkasql.security.ssl.*prefix while maintaining full backward compatibility..securityprefix for all SSL configurationapicurio.kafkasql.ssl.*properties with@DeprecatedannotationsRelated Issue
Fixes #6398
Changes Made
Configuration Properties (
KafkaSqlConfiguration.java)New Properties (consistent naming):
apicurio.kafkasql.security.ssl.truststore.passwordapicurio.kafkasql.security.ssl.keystore.locationapicurio.kafkasql.security.ssl.keystore.typeapicurio.kafkasql.security.ssl.keystore.passwordapicurio.kafkasql.security.ssl.key.passwordDeprecated Properties (still functional):
apicurio.kafkasql.ssl.truststore.password→ useapicurio.kafkasql.security.ssl.truststore.passwordapicurio.kafkasql.ssl.keystore.location→ useapicurio.kafkasql.security.ssl.keystore.locationapicurio.kafkasql.ssl.keystore.type→ useapicurio.kafkasql.security.ssl.keystore.typeapicurio.kafkasql.ssl.keystore.password→ useapicurio.kafkasql.security.ssl.keystore.passwordapicurio.kafkasql.ssl.key.password→ useapicurio.kafkasql.security.ssl.key.passwordImplementation Details
tryToConfigureClientSecurity()method usesOptional.or()to prefer new property names while falling back to deprecated ones if neededref-registry-all-configs.adocto include new properties and mark deprecated onesMigration Guide
Users currently using the deprecated properties should update their configurations:
apicurio.kafkasql.ssl.truststore.passwordapicurio.kafkasql.security.ssl.truststore.passwordapicurio.kafkasql.ssl.keystore.locationapicurio.kafkasql.security.ssl.keystore.locationapicurio.kafkasql.ssl.keystore.typeapicurio.kafkasql.security.ssl.keystore.typeapicurio.kafkasql.ssl.keystore.passwordapicurio.kafkasql.security.ssl.keystore.passwordapicurio.kafkasql.ssl.key.passwordapicurio.kafkasql.security.ssl.key.passwordNote: Old properties continue to work but will be removed in a future major version.
Test Plan