Changeset View
Changeset View
Standalone View
Standalone View
site-modules/profile/templates/kafka/create_kafka_users.sh.erb
| Show All 10 Lines | usage () { | ||||
| echo "$0 [--privileged] [--consumer-group-prefix prefix] username" | echo "$0 [--privileged] [--consumer-group-prefix prefix] username" | ||||
| } | } | ||||
| if (( $# < 1 )) || (( $# > 4 )); then | if (( $# < 1 )) || (( $# > 4 )); then | ||||
| usage | usage | ||||
| exit 1 | exit 1 | ||||
| fi | fi | ||||
| topic_prefixes="swh.journal.objects. swh.journal.indexed." | |||||
| privileged_topic_prefixes="swh.journal.objects_privileged." | |||||
| privileged="unprivileged" | privileged="unprivileged" | ||||
| cgrp_prefix="" | cgrp_prefix="" | ||||
| ops="READ DESCRIBE" | |||||
| while (( $# )); do | while (( $# )); do | ||||
| if [ $1 = "--privileged" ]; then | if [ $1 = "--privileged" ]; then | ||||
| privileged="privileged" | privileged="privileged" | ||||
| shift | shift | ||||
| elif [ $1 = "--consumer-group-prefix" ]; then | elif [ $1 = "--consumer-group-prefix" ]; then | ||||
| cgrp_prefix=$2 | cgrp_prefix=$2 | ||||
| shift | shift | ||||
| shift | shift | ||||
| elif [ $1 = "--topic_prefixes" ]; then | |||||
| topic_prefixes=$2 | |||||
| shift | |||||
| shift | |||||
| elif [ $1 = "--privileged_topic_prefixes" ]; then | |||||
| privileged_topic_prefixes=$2 | |||||
| shift | |||||
| shift | |||||
| elif [ $1 = "--rw" ]; then | |||||
| ops="${OPS} WRITE" | |||||
| shift | |||||
| elif [ $1 = "--admin" ]; then | |||||
| ops="${OPS} DELETE CREATE" | |||||
| shift | |||||
| else | else | ||||
| username=$1 | username=$1 | ||||
| break | break | ||||
| fi | fi | ||||
| done | done | ||||
| if [ -z "$username" ]; then | if [ -z "$username" ]; then | ||||
| usage | usage | ||||
| Show All 13 Lines | |||||
| /opt/kafka/bin/kafka-configs.sh \ | /opt/kafka/bin/kafka-configs.sh \ | ||||
| --zookeeper "$zookeepers" \ | --zookeeper "$zookeepers" \ | ||||
| --alter \ | --alter \ | ||||
| --add-config "SCRAM-SHA-256=[iterations=8192,password=$password],SCRAM-SHA-512=[password=$password]" \ | --add-config "SCRAM-SHA-256=[iterations=8192,password=$password],SCRAM-SHA-512=[password=$password]" \ | ||||
| --entity-type users \ | --entity-type users \ | ||||
| --entity-name $username | --entity-name $username | ||||
| topic_prefixes="swh.journal.objects. swh.journal.indexed." | |||||
| if [ $privileged = "privileged" ]; then | if [ $privileged = "privileged" ]; then | ||||
| topic_prefixes="$topic_prefixes swh.journal.objects_privileged." | topic_prefixes="${topic_prefixes} ${privileged_topic_prefixes}" | ||||
| fi | fi | ||||
| for topic_prefix in $topic_prefixes; do | for topic_prefix in $topic_prefixes; do | ||||
| echo "Granting access to topics $topic_prefix to $username" | echo "Granting access to topics $topic_prefix to $username" | ||||
| for op in READ DESCRIBE; do | for op in ${OPS}; do | ||||
| /opt/kafka/bin/kafka-acls.sh --bootstrap-server $brokers --add --resource-pattern-type PREFIXED --topic $topic_prefix --allow-principal User:$username --operation $op | /opt/kafka/bin/kafka-acls.sh --bootstrap-server $brokers --add --resource-pattern-type PREFIXED --topic $topic_prefix --allow-principal User:$username --operation $op | ||||
| done | done | ||||
| done | done | ||||
| echo "Granting access to consumer group prefix $cgrp_prefix to $username" | echo "Granting access to consumer group prefix $cgrp_prefix to $username" | ||||
| /opt/kafka/bin/kafka-acls.sh --bootstrap-server $brokers --add --resource-pattern-type PREFIXED --group ${cgrp_prefix} --allow-principal User:$username --operation READ | /opt/kafka/bin/kafka-acls.sh --bootstrap-server $brokers --add --resource-pattern-type PREFIXED --group ${cgrp_prefix} --allow-principal User:$username --operation READ | ||||