def get_kafka_default_config():
"""
Gets a default configuration for running secure Kafka on Hops
Returns:
dict with config_property --> value
"""
default_config = {
constants.KAFKA_PRODUCER_CONFIG.BOOTSTRAP_SERVERS_CONFIG: get_broker_endpoints(),
constants.KAFKA_SSL_CONFIG.SECURITY_PROTOCOL_CONFIG: get_security_protocol(),
constants.KAFKA_SSL_CONFIG.SSL_CA_LOCATION_CONFIG: tls.get_ca_chain_location(),
constants.KAFKA_SSL_CONFIG.SSL_CERTIFICATE_LOCATION_CONFIG: tls.get_client_certificate_location(),
constants.KAFKA_SSL_CONFIG.SSL_PRIVATE_KEY_LOCATION_CONFIG: tls.get_client_key_location(),
"group.id": "something"
}
return default_config
def get_requests_verify(hostname, port):
"""
Returns:
if env var HOPS_UTIL_VERIFY is not false
if the env variable is set, then use the certificate, otherwise return true
return false
"""
if constants.ENV_VARIABLES.REQUESTS_VERIFY_ENV_VAR in os.environ and os.environ[
constants.ENV_VARIABLES.REQUESTS_VERIFY_ENV_VAR] == 'true':
try:
if constants.ENV_VARIABLES.DOMAIN_CA_TRUSTSTORE_ENV_VAR in os.environ:
# need to convert the jks to pem
return tls.get_ca_chain_location()
elif constants.ENV_VARIABLES.DOMAIN_CA_TRUSTSTORE_PEM_ENV_VAR in os.environ:
return os.environ[constants.ENV_VARIABLES.DOMAIN_CA_TRUSTSTORE_PEM_ENV_VAR]
else:
return True
except x509.ExtensionNotFound:
return True
return False