Parser error with SASL authentication with special charcters

[brunodomenici]

Hi,

I'm trying to configure Kafka-lag-exporter using Helm with a Kafka Broker using SASL PLAIN authentication.
My password has + character and I got this error:

kl pod/kafka-lag-exporter-64c7946b98-kd9lc
Exception in thread "main" com.typesafe.config.ConfigException$Parse: /opt/docker/conf/application.conf: 13: Expecting close brace } or a comma, got 'E' ('+' not followed by =, 'E' not allowed after '+') (if you intended 'E' ('+' not followed by =, 'E' not allowed after '+') to be part of a key or string value, try enclosing the key or value in double quotes, or you may be able to rename the file .properties rather than .conf)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseError(ConfigDocumentParser.java:201)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseError(ConfigDocumentParser.java:197)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseObject(ConfigDocumentParser.java:528)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseValue(ConfigDocumentParser.java:247)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.consolidateValues(ConfigDocumentParser.java:152)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseObject(ConfigDocumentParser.java:473)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseValue(ConfigDocumentParser.java:247)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.consolidateValues(ConfigDocumentParser.java:152)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseArray(ConfigDocumentParser.java:551)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseValue(ConfigDocumentParser.java:249)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.consolidateValues(ConfigDocumentParser.java:152)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseObject(ConfigDocumentParser.java:473)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseValue(ConfigDocumentParser.java:247)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parseObject(ConfigDocumentParser.java:458)
        at com.typesafe.config.impl.ConfigDocumentParser$ParseContext.parse(ConfigDocumentParser.java:648)
        at com.typesafe.config.impl.ConfigDocumentParser.parse(ConfigDocumentParser.java:14)
        at com.typesafe.config.impl.Parseable.rawParseValue(Parseable.java:260)
        at com.typesafe.config.impl.Parseable.rawParseValue(Parseable.java:248)
        at com.typesafe.config.impl.Parseable.parseValue(Parseable.java:180)
        at com.typesafe.config.impl.Parseable.parseValue(Parseable.java:174)
        at com.typesafe.config.impl.Parseable.parse(Parseable.java:299)
        at com.typesafe.config.ConfigFactory.parseFile(ConfigFactory.java:689)
        at com.typesafe.config.DefaultConfigLoadingStrategy.parseApplicationConfig(DefaultConfigLoadingStrategy.java:51)
        at com.typesafe.config.ConfigFactory.defaultApplication(ConfigFactory.java:473)
        at com.typesafe.config.ConfigFactory$1.call(ConfigFactory.java:259)
        at com.typesafe.config.ConfigFactory$1.call(ConfigFactory.java:256)
        at com.typesafe.config.impl.ConfigImpl$LoaderCache.getOrElseUpdate(ConfigImpl.java:65)
        at com.typesafe.config.impl.ConfigImpl.computeCachedConfig(ConfigImpl.java:92)
        at com.typesafe.config.ConfigFactory.load(ConfigFactory.java:256)
        at com.typesafe.config.ConfigFactory.load(ConfigFactory.java:232)
        at com.lightbend.kafkalagexporter.MainApp$.start$default$1(MainApp.scala:24)
        at com.lightbend.kafkalagexporter.MainApp$.delayedEndpoint$com$lightbend$kafkalagexporter$MainApp$1(MainApp.scala:16)
        at com.lightbend.kafkalagexporter.MainApp$delayedInit$body.apply(MainApp.scala:15)
        at scala.Function0.apply$mcV$sp(Function0.scala:39)
        at scala.Function0.apply$mcV$sp$(Function0.scala:39)
        at scala.runtime.AbstractFunction0.apply$mcV$sp(AbstractFunction0.scala:17)
        at scala.App.$anonfun$main$1$adapted(App.scala:80)
        at scala.collection.immutable.List.foreach(List.scala:392)
        at scala.App.main(App.scala:80)
        at scala.App.main$(App.scala:78)
        at com.lightbend.kafkalagexporter.MainApp$.main(MainApp.scala:15)
        at com.lightbend.kafkalagexporter.MainApp.main(MainApp.scala)

My values.yaml:

clusters:
 - name: "instance-europe-west1"
   bootstrapBrokers: "broker:9092"
   consumerProperties:
        bootstrap.servers: broker:9092
        security.protocol: SASL_SSL
        sasl.mechanism: PLAIN
        sasl.jaas.config: "org.apache.kafka.common.security.plain.PlainLoginModule required username="username" password="password with +";"
        ssl.endpoint.identification.algorithm: https
   # https://kafka.apache.org/documentation/#adminclientconfigs
   adminClientProperties:
        bootstrap.servers: broker:9092
        security.protocol: SASL_SSL
        sasl.mechanism: PLAIN
        sasl.jaas.config: "org.apache.kafka.common.security.plain.PlainLoginModule required username="username" password="password with +";"
        ssl.endpoint.identification.algorithm: https

kafkaLogLevel: DEBUG

I've already tried to escape both " and + with , but I got credential error.

Any ideas?
Thanks a lot!

[seglo]

Hi @brunodomenici . Thanks for trying kafka-lag-exporter. I think this is a bug with the helm chart not escaping strings in the configmap. I have a fix in mind, but can you try manually editing the configmap after install to escape the required string, then restart the kafka-lag-exporter pod? This will help me verify my patch, and get you running in the meantime.

For example, edit the config map:

kubectl edit configmap kafka-lag-exporter-configmap -n kafka-lag-exporter

Escape the " in your Kafka client properties.

Ex)

apiVersion: v1
data:
  application.conf: |
    kafka-lag-exporter {
      port = 8000
      poll-interval = 30 seconds
      lookup-table-size = 60
      client-group-id = "kafkalagexporter"
      kafka-client-timeout = 10 seconds
      clusters = [
        {
          name = "default"
          bootstrap-brokers = "simple-strimzi-kafka-bootstrap.strimzi.svc.cluster.local:9092"
          consumer-properties = {
            sasl.jaas.config = "org.apache.kafka.common.security.plain.PlainLoginModule required username=\"username\" password=\"password with +\";"
            security.protocol = "SSL"
            ssl.endpoint.identification.algorithm = "https"
            ssl.trustore.password = "mypwd"
            ssl.truststore.location = "/path/to/my.truststore.jks"
          }
          admin-client-properties = {
            security.protocol = "SSL"
            ssl.trustore.password = "mypwd"
            ssl.truststore.location = "/path/to/my.truststore.jks"
          }
        }
      ]
...

Delete the pod to restart it.

[brunodomenici]

Hi @seglo, your workaround worked!
Thanks a lot!

[seglo]

@brunodomenici Great! I'll close this issue when I cut a new release with the fix.