fixup

ShogunPanda · ShogunPanda · commit d3312d7659b9 · 2025-12-02T15:42:59.000+01:00
Signed-off-by: Paolo Insogna &lt;paolo@cowtech.it&gt;
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -42,7 +42,7 @@ jobs:
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
       - name: Start Kafka (${{ matrix.confluent-kafka-version }}) Cluster
-        run: docker compose up -d --wait
+        run: docker compose up --build --force-recreate -d --wait
         env:
           KAFKA_VERSION: ${{ matrix.confluent-kafka-version }}
       - name: Run Tests
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,6 +1,9 @@
 services:
   kdc:
-    image: alpine:latest
+    image: plt-kafka-kdc:latest
+    pull_policy: never
+    build:
+      context: ./docker/kerberos
     container_name: kdc
     ports:
       - '8000:88/tcp'
diff --git a/docker/kerberos/Dockerfile b/docker/kerberos/Dockerfile
@@ -0,0 +1,2 @@
+FROM ubuntu:25.04
+RUN apt-get update && apt-get install -y krb5-kdc krb5-admin-server && rm -rf /var/lib/apt/lists/*
diff --git a/docker/kerberos/init.sh b/docker/kerberos/init.sh
@@ -3,23 +3,26 @@ set -e
 
 # Setup KDC if needed
 if [ ! -f /var/lib/krb5kdc/principal ]; then
-  echo "Setting up KDC ..."
 
-  apk add --no-cache krb5-server krb5
+  echo "Setting up KDC ..."
   kdb5_util create -s -P password
 
   # # ACL file
-  echo "*/admin@EXAMPLE.COM *" > /var/lib/krb5kdc/kadm5.acl
+  echo "*/admin@EXAMPLE.COM *" > /etc/krb5kdc/kadm5.acl
 
   # Create principals
   kadmin.local -q "addprinc -pw admin admin@EXAMPLE.COM" # Main administrator
   kadmin.local -q "addprinc -randkey broker/broker-sasl-kerberos@EXAMPLE.COM" # Kafka broker
   kadmin.local -q "addprinc -randkey admin-keytab@EXAMPLE.COM" # Client with keytab
   kadmin.local -q "addprinc -pw admin admin-password@EXAMPLE.COM" # Client with password
 
-  # Genera keytab
+  # Generate keytabs
   kadmin.local -q "ktadd -k /data/broker.keytab broker/broker-sasl-kerberos@EXAMPLE.COM"
-  kadmin.local -q "ktadd -k /data/admin.keytab admin-keytab@EXAMPLE.COM"  
+  kadmin.local -q "ktadd -k /data/admin.keytab admin-keytab@EXAMPLE.COM"
+
+  # Allow other containers to read the keytab files
+  chown -R ubuntu:ubuntu /data
+  chmod -R 755 /data
 fi  
 
 krb5kdc
diff --git a/test/fixtures/kerberos-authenticator.ts b/test/fixtures/kerberos-authenticator.ts
@@ -94,7 +94,6 @@ function performChallenge (
         return
       }
 
-      // Altrimenti continua normalmente
       performChallenge(connection, authenticate, client, response.authBytes.toString('base64'), callback)
     })
   })

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+FROM ubuntu:25.04`
	`2`	`+RUN apt-get update && apt-get install -y krb5-kdc krb5-admin-server && rm -rf /var/lib/apt/lists/*`
Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,6 @@ function performChallenge (`
`94`	`94`	`return`
`95`	`95`	`}`
`96`	`96`
`97`		`- // Altrimenti continua normalmente`
`98`	`97`	`performChallenge(connection, authenticate, client, response.authBytes.toString('base64'), callback)`
`99`	`98`	`})`
`100`	`99`	`})`