support for ssl consumer properties using values

[oferzi23]

ii is my understanding that due to the limitations of cmak, which specifies that 1 consumer properties object will apply to all clusters effectively requiring allowing the same certificate across all managed clusters, is not the best solution. i do need this in my implementation.
so the question is, can we add this support here and allow passing consumer properties to the chart using it's values. if this is accepted i will add the support on my open fork and open the respective PR. WDYT?

[eshepelyuk]

If CMAK supports passing SSL params to its consumer - I can add this to this project,
If CMAK doesn't - it would be impossible.

To be clear, are you talking about securing consumer traffic with SSL ?

[eshepelyuk]

According to this issue SSL settings are the same for the all clusters managed by single CMAK instance.

So, I'd advice you to just install several instances of CMAK operator, one for each cluster \ SSL key.

[oferzi23]

well that's the point i made in the initial comment. the old kafka-manager chart did support it and the issue you referenced is exactly the reason i think this was removed but i do need it as my current pattern is to create multiple kafka clusters with 1 certificate created for cmak and allowed in all clusters. so if i PR this feature you have no objection to it?

[oferzi23]

If CMAK supports passing SSL params to its consumer - I can add this to this project,
If CMAK doesn't - it would be impossible.

To be clear, are you talking about securing consumer traffic with SSL ?

yes

[eshepelyuk]

Sorry, I still don't understand what do you trying to achieve :(
You can pass a certificate to CMAK operator, but only a single one, that will be used for all instances of Kafka configured in CMAK.

[oferzi23]

yes that is what i want

[oferzi23]

currently the chart as far as i can tell does not support it

[eshepelyuk]

Seems I had understood now. There is no possibility of passing customer properties file into CMAK Deployment. Am I right ?

[oferzi23]

yes we will need to add 2 components here. 1 will be a configMap to replace the consumer.properties ate /cmak/conf in the ui container of the deployment. the other component will need to be a secret which will add a truststore and a keystore into the ui container...

[eshepelyuk]

Makes sense @oferzi23
You are welcome to provide a PR if you are ready to implement this feature.

[oferzi23]

already on it PR will be pushed soon...

[eshepelyuk]

Hello @oferzi23
Thanks for your contribution, I've merged your PR #30 and added a linter test.
Will you be able to test baseline version of this Helm chart after I release a new version ?

[eshepelyuk]

@oferzi23 released 1.6.0 with your changes, could you please confirm that everything is working fine ?

[eshepelyuk]

Hello @oferzi23
Any feedback on this ?