You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2021/02/18 10:03:07 UTC
[GitHub] [pulsar] massakam opened a new pull request #9615: [cli] pulsar-client-tools supports end-to-end encryption
massakam opened a new pull request #9615:
URL: https://github.com/apache/pulsar/pull/9615
I enabled pulsar-client to encrypt message payloads.
How to use:
```sh
$ ./bin/pulsar-client produce \
-m my-msg \
-n 10 \
-ekn my-app-key \
-ekv file:///path/to/public.key \
persistent://public/default/test
$ ./bin/pulsar-client consume \
-s my-sub \
-n 10 \
-ekv file:///path/to/private.key \
persistent://public/default/test
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] tuteng commented on a change in pull request #9615: [cli] pulsar-client-tools supports end-to-end encryption
Posted by GitBox <gi...@apache.org>.
tuteng commented on a change in pull request #9615:
URL: https://github.com/apache/pulsar/pull/9615#discussion_r578307040
##########
File path: pulsar-client-tools-test/src/test/java/org/apache/pulsar/client/cli/PulsarClientToolTest.java
##########
@@ -209,4 +210,55 @@ public void testDurableSubscribe() throws Exception {
Assert.assertNotNull(subscriptions);
Assert.assertEquals(subscriptions.size(), 1);
}
+
+ @Test(timeOut = 20000)
+ public void testEncryption() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty("serviceUrl", brokerUrl.toString());
+ properties.setProperty("useTls", "false");
+
+ final String topicName = "persistent://prop/ns-abc/test/topic-" + UUID.randomUUID().toString();
+ final int numberOfMessages = 10;
+
+ ExecutorService executor = Executors.newSingleThreadExecutor();
+ CompletableFuture<Void> future = new CompletableFuture<>();
+ executor.execute(() -> {
+ try {
+ PulsarClientTool pulsarClientToolConsumer = new PulsarClientTool(properties);
+ String[] args = {"consume", "-s", "sub-name", "-n", Integer.toString(numberOfMessages), "-ekv",
+ "file:./src/test/resources/crypto_rsa_private.key", topicName};
Review comment:
Consider reusing the files `private-key.client-rsa.pem` and `public-key.client-rsa.pem` under this folder `https://github.com/apache/pulsar/tree/master/pulsar-broker/src/test/resources/certificate` to test end-to-end encryption
##########
File path: pulsar-client-tools-test/src/test/java/org/apache/pulsar/client/cli/PulsarClientToolTest.java
##########
@@ -209,4 +210,55 @@ public void testDurableSubscribe() throws Exception {
Assert.assertNotNull(subscriptions);
Assert.assertEquals(subscriptions.size(), 1);
}
+
+ @Test(timeOut = 20000)
+ public void testEncryption() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty("serviceUrl", brokerUrl.toString());
+ properties.setProperty("useTls", "false");
+
+ final String topicName = "persistent://prop/ns-abc/test/topic-" + UUID.randomUUID().toString();
+ final int numberOfMessages = 10;
+
+ ExecutorService executor = Executors.newSingleThreadExecutor();
+ CompletableFuture<Void> future = new CompletableFuture<>();
+ executor.execute(() -> {
+ try {
+ PulsarClientTool pulsarClientToolConsumer = new PulsarClientTool(properties);
+ String[] args = {"consume", "-s", "sub-name", "-n", Integer.toString(numberOfMessages), "-ekv",
+ "file:./src/test/resources/crypto_rsa_private.key", topicName};
+ Assert.assertEquals(pulsarClientToolConsumer.run(args), 0);
+ future.complete(null);
+ } catch (Throwable t) {
+ future.completeExceptionally(t);
+ }
+ });
+
+ // Make sure subscription has been created
+ while (true) {
+ try {
+ List<String> subscriptions = admin.topics().getSubscriptions(topicName);
+ if (subscriptions.size() == 1) {
+ break;
+ }
+ } catch (Exception e) {
+ }
+ Thread.sleep(200);
+ }
+
+ PulsarClientTool pulsarClientToolProducer = new PulsarClientTool(properties);
+ String[] args = {"produce", "-m", "Have a nice day", "-n", Integer.toString(numberOfMessages), "-ekn",
+ "my-app-key", "-ekv", "file:./src/test/resources/crypto_rsa_public.key", topicName};
Review comment:
Consider reusing the files `private-key.client-rsa.pem` and `public-key.client-rsa.pem` under this folder `https://github.com/apache/pulsar/tree/master/pulsar-broker/src/test/resources/certificate` to test end-to-end encryption
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] merlimat merged pull request #9615: [cli] pulsar-client-tools supports end-to-end encryption
Posted by GitBox <gi...@apache.org>.
merlimat merged pull request #9615:
URL: https://github.com/apache/pulsar/pull/9615
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] eolivelli commented on a change in pull request #9615: [cli] pulsar-client-tools supports end-to-end encryption
Posted by GitBox <gi...@apache.org>.
eolivelli commented on a change in pull request #9615:
URL: https://github.com/apache/pulsar/pull/9615#discussion_r578317536
##########
File path: pulsar-client-tools-test/src/test/java/org/apache/pulsar/client/cli/PulsarClientToolTest.java
##########
@@ -209,4 +210,55 @@ public void testDurableSubscribe() throws Exception {
Assert.assertNotNull(subscriptions);
Assert.assertEquals(subscriptions.size(), 1);
}
+
+ @Test(timeOut = 20000)
+ public void testEncryption() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty("serviceUrl", brokerUrl.toString());
+ properties.setProperty("useTls", "false");
+
+ final String topicName = "persistent://prop/ns-abc/test/topic-" + UUID.randomUUID().toString();
+ final int numberOfMessages = 10;
+
+ ExecutorService executor = Executors.newSingleThreadExecutor();
+ CompletableFuture<Void> future = new CompletableFuture<>();
+ executor.execute(() -> {
+ try {
+ PulsarClientTool pulsarClientToolConsumer = new PulsarClientTool(properties);
+ String[] args = {"consume", "-s", "sub-name", "-n", Integer.toString(numberOfMessages), "-ekv",
+ "file:./src/test/resources/crypto_rsa_private.key", topicName};
+ Assert.assertEquals(pulsarClientToolConsumer.run(args), 0);
+ future.complete(null);
+ } catch (Throwable t) {
+ future.completeExceptionally(t);
+ }
+ });
+
+ // Make sure subscription has been created
+ while (true) {
Review comment:
can you use Awaitility ?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] massakam commented on pull request #9615: [cli] pulsar-client-tools supports end-to-end encryption
Posted by GitBox <gi...@apache.org>.
massakam commented on pull request #9615:
URL: https://github.com/apache/pulsar/pull/9615#issuecomment-781420779
Addressed the comments. PTAL
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org