rondagostino edited a comment on pull request #10811:
URL: https://github.com/apache/kafka/pull/10811#issuecomment-885022501
Yeah, it looks like we call `self.zk.describe()` in 3 system tests; the one
above and also in `zookeeper_tls_encrypt_only_test.py` and
`zookeeper_tls_test.py`. The latter two are simply confirming that the
`--zk-tls-config-file` parameter will work with `kafka-configs.sh` (i.e. that
it can talk to TLS-enabled ZooKeeper nodes), so we could easily change those to
do something with SCRAM configs.
The one mentioned here is simply trying to surface an error as early as
possible as per the comment:
```
# Confirm we have a successful ZooKeeper upgrade by describing the
topic.
# Not trying to detect a problem here leads to failure in the
ensuing Kafka roll, which would be a less
# intuitive failure than seeing a problem here, so detect ZooKeeper
upgrade problems before involving Kafka.
self.zk.describe(self.topic)
```
So we could either just get rid of it or maybe list ACLs/do something with
SCRAM.
It also looks like `describe()` and the above 3 invocations of it are the
only things we have to worry about here -- the ZK Security Migrator in
`zookeeper_migration()` and listing ACLs via the `list_acls()` method are the
only other things that access ZooKeeper directly, and both of these are fully
supported.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
