Skip to content

KAFKA-18706: Move ScramPublisher to metadata module #20468

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: trunk
Choose a base branch
from
Open

KAFKA-18706: Move ScramPublisher to metadata module #20468

wants to merge 3 commits into from

Conversation

see-quick
Copy link
Contributor

@see-quick see-quick commented Sep 3, 2025
edited by github-actions bot
Loading

This PR moves the ScramPublisher class from the server metadata package
to the dedicated metadata module. During refactoring, I found out that I
also need to move the CredentialProvider interface to a more appropriate
location in the server common package because CredentialProvider is in
the server module, and I can't include that module in the metadata
because I would create a circular dependency, i.e.,

server module ←-------------┐ ↓ (depends on). │
(which would make it circular) metadata module------------┘

So I have moved CredentialProvider to server-common module, and
metadata module has already server-common and thus it's resolved.

@github-actions github-actions bot added triage PRs from the community core Kafka Broker kraft labels Sep 3, 2025
@showuon showuon self-assigned this Sep 4, 2025
@see-quick see-quick changed the title KAFKA-18704: Move ScramPublisher to metadata module KAFKA-18706: Move ScramPublisher to metadata module Sep 4, 2025
mimaison
mimaison reviewed Sep 5, 2025
View reviewed changes
Copy link
Member

@mimaison mimaison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR. I left a few comments

core/src/main/scala/kafka/network/SocketServer.scala
@@ -44,7 +44,7 @@ import org.apache.kafka.common.security.auth.SecurityProtocol
import org.apache.kafka.common.utils.{KafkaThread, LogContext, Time, Utils}
import org.apache.kafka.common.{Endpoint, KafkaException, MetricName, Reconfigurable}
import org.apache.kafka.network.{ConnectionQuotaEntity, ConnectionThrottledException, SocketServerConfigs, TooManyConnectionsException}
import org.apache.kafka.security.CredentialProvider
import org.apache.kafka.server.common.CredentialProvider
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: We try to order import alphabetically, can we move this 1 line down?

core/src/main/scala/kafka/server/BrokerServer.scala
import org.apache.kafka.metadata.publisher.AclPublisher
import org.apache.kafka.security.CredentialProvider
import org.apache.kafka.metadata.publisher.{AclPublisher, ScramPublisher}
import org.apache.kafka.server.common.CredentialProvider
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this with the other org.apache.kafka.server.common import below?

core/src/main/scala/kafka/server/ControllerServer.scala
import org.apache.kafka.raft.QuorumConfig
import org.apache.kafka.security.CredentialProvider
import org.apache.kafka.server.common.CredentialProvider
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this with the other org.apache.kafka.server.common import below?

core/src/main/scala/kafka/server/KafkaBroker.scala
@@ -28,7 +28,7 @@ import org.apache.kafka.common.security.token.delegation.internals.DelegationTok
import org.apache.kafka.common.utils.Time
import org.apache.kafka.coordinator.group.GroupCoordinator
import org.apache.kafka.metadata.{BrokerState, MetadataCache}
import org.apache.kafka.security.CredentialProvider
import org.apache.kafka.server.common.CredentialProvider
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this with the other org.apache.kafka.server.common import below?

core/src/main/scala/kafka/tools/TestRaftServer.scala
@@ -37,7 +37,7 @@ import org.apache.kafka.common.utils.{Exit, Time, Utils}
import org.apache.kafka.common.{TopicPartition, Uuid, protocol}
import org.apache.kafka.raft.errors.NotLeaderException
import org.apache.kafka.raft.{Batch, BatchReader, Endpoints, LeaderAndEpoch, QuorumConfig, RaftClient}
import org.apache.kafka.security.CredentialProvider
import org.apache.kafka.server.common.CredentialProvider
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this with the other org.apache.kafka.server.common import below?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll stop noting it from here, the same applies to all files/imports

metadata/src/main/java/org/apache/kafka/metadata/publisher/ScramPublisher.java
String deltaName = "MetadataDelta up to " + newImage.highestOffsetAndEpoch().offset();
try {
// Apply changes to SCRAM credentials.
Optional.ofNullable(delta.scramDelta()).ifPresent(scramDelta -> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If wonder if doing:

ScramDelta scramDelta = delta.scramDelta();
if (scramDelta != null) {

is just more readable. WDYT?

metadata/src/main/java/org/apache/kafka/metadata/publisher/ScramPublisher.java
faultHandler.handleFault("Uncaught exception while publishing SCRAM changes from " + deltaName, t);
}
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a newline at the end of the file?

server-common/src/main/java/org/apache/kafka/server/common/CredentialProvider.java
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we should keep the package and just change the module.

mimaison
mimaison reviewed Sep 5, 2025
View reviewed changes
metadata/src/main/java/org/apache/kafka/metadata/publisher/ScramPublisher.java
Comment on lines +56 to +57
scramDelta.changes().forEach((mechanism, userChanges) -> {
userChanges.forEach((userName, change) -> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In both cases, the body of the block is a single expression, so we can remove the brackets{ }

@github-actions github-actions bot removed the triage PRs from the community label Sep 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mimaison mimaison mimaison left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@showuon showuon

Labels
ci-approved core Kafka Broker kraft
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@see-quick @mimaison @showuon