Change kafka-oauth to use podman and simplify the quickstart procedur…

…es. (#150)

README.adoc

@@ -98,7 +98,7 @@ Number of Examples: 61 (0 deprecated)
 | link:fhir/readme.adoc[Fhir] (fhir) | Health Care | An example showing how to work with Camel, FHIR and Spring Boot
 
 | link:fhir-auth-tx/readme.adoc[Fhir Auth Tx] (fhir-auth-tx) | Health Care | An example showing how to work with Camel, FHIR Authorization, FHIR Transaction and Spring Boot
-    
+
 
 | link:validator/readme.adoc[Validator Spring Boot] (validator) | Input/Output Type Contract | An example showing how to work with declarative validation and Spring Boot
 
@@ -114,7 +114,7 @@ Number of Examples: 61 (0 deprecated)
 | link:metrics/README.adoc[Metrics] (metrics) | Management and Monitoring | An example showing how to work with Camel and Spring Boot and report metrics to Graphite
 
 | link:observation/README.adoc[Micrometer Observation] (observation) | Management and Monitoring | An example showing how to trace incoming and outgoing messages from Camel with Micrometer Observation
-    
+
 
 | link:opentelemetry/README.adoc[OpenTelemetry] (opentelemetry) | Management and Monitoring | An example showing how to use Camel with OpenTelemetry
 
@@ -128,6 +128,8 @@ Number of Examples: 61 (0 deprecated)
 
 | link:kafka-avro/README.adoc[Kafka Avro] (kafka-avro) | Messaging | An example for Kafka avro
 
+| link:kafka-oauth/README.adoc[Kafka OAuth] (kafka-oauth) | Messaging | An example for Kafka authentication using OAuth
+
 | link:kafka-offsetrepository/README.adoc[Kafka Offsetrepository] (kafka-offsetrepository) | Messaging | An example for Kafka offsetrepository
 
 | link:paho-mqtt5-shared-subscriptions/README.adoc[Paho Mqtt5 Shared Subscriptions] (paho-mqtt5-shared-subscriptions) | Messaging | An example showing  how to set up multiple mqtt5 consumers that use shared subscription feature of MQTT5
@@ -139,7 +141,7 @@ Number of Examples: 61 (0 deprecated)
 | link:widget-gadget/README.adoc[Widget Gadget] (widget-gadget) | Messaging | The widget and gadget example from EIP book, running on Spring Boot
 
 | link:reactive-streams/readme.adoc[Reactive Streams] (reactive-streams) | Reactive | An example that shows how Camel can exchange data using reactive streams with Spring Boot reactor
-    
+
 
 | link:http-ssl/README.adoc[Http Ssl] (http-ssl) | Rest | An example showing the Camel HTTP component with Spring Boot and SSL
 

kafka-oauth/README.adoc

@@ -2,9 +2,9 @@
 
 === Introduction
 
-An example which shows how to integrate https://camel.apache.org/components/next/kafka-component.html[Camel with Kafka] with OAuth authentication using a client secret. The authentication is handled by Keycloak.
+An example that shows how to integrate https://camel.apache.org/components/next/kafka-component.html[Camel with Kafka] with OAuth authentication using a client secret. The authentication is handled by Keycloak.
 
-This example requires docker-compose as it will build and run a keycloak and kafka broker (setup with kraft mode). 
+This example requires podman.
 
 On the Kafka side it uses https://github.com/strimzi/strimzi-kafka-oauth[Strimzi Oauth for Apache Kafka], this library must also be set on the client side.
 
@@ -20,7 +20,7 @@ camel.component.kafka.sasl-jaas-config = org.apache.kafka.common.security.oauthb
   oauth.client.id="kafka-producer-client" \
   oauth.client.secret="kafka-producer-client-secret" \
   oauth.username.claim="preferred_username" \
-  oauth.ssl.truststore.location="docker/certificates/ca-truststore.p12" \
+  oauth.ssl.truststore.location="containers/certificates/ca-truststore.p12" \
   oauth.ssl.truststore.type="pkcs12" \
   oauth.ssl.truststore.password="changeit" \
   oauth.token.endpoint.uri="https://keycloak:8443/realms/demo/protocol/openid-connect/token" ;
@@ -31,24 +31,16 @@ camel.component.kafka.additional-properties[sasl.login.callback.handler.class]=i
 
 * Set the hosts in /etc/hosts
 
-We have to set the IP addresses in /etc/hosts (check your OS how to do it), verify the current IP address and correctly set it as the example shows.
+We have to set the IP addresses in /etc/hosts (check your OS how to do it), verify the current IP address and correctly set it as the example shows. This is essential for the client application to reach keycloak and kafka hosts. In a production scenario those hosts names is going to be resolved by DNS.
 ----
 192.168.0.104   keycloak
 192.168.0.104   kafka
 ----
 
-* Build the project
+* Launch the Keycloak server. Note that the scripts runs a podman container with `host` network, so the keycloak and kafka server shares the same network as the client, this is for demo purposes only.
 
-This command will download the required Strimzi OAuth libraries for Kafka and add it to the Kafka Broker directory, it will also build the camel spring boot example.
 ----
-mvn package
-----
-
-* Launch the Keycloak server
-
-----
-cd docker
-docker-compose -f keycloak/compose.yml up 
+./start_keycloak.sh
 ----
 
 It must show the `demo` realm was imported successfully.
@@ -61,19 +53,18 @@ It must show the `demo` realm was imported successfully.
 It also shows the server started.
 ----
 [io.quarkus] (main) Keycloak 26.0.8 on JVM (powered by Quarkus 3.15.1) started in 9.169s. Listening on: http://0.0.0.0:8080 and https://0.0.0.0:8443
-[io.quarkus] (main) Profile prod activated. 
+[io.quarkus] (main) Profile prod activated.
 [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, jdbc-h2, keycloak, narayana-jta, opentelemetry, reactive-routes, rest, rest-jackson, smallrye-context-propagation, vertx]
 ----
 
 * Launch the Kafka broker
 
-Open another terminal console and go to the docker directory:
+Open another terminal console and launch kafka broker:
 ----
-cd docker
-docker-compose -f kafka-oauth-strimzi/compose.yml up --build
+./start_kafka.sh
 ----
 
-It should show the kafka broker authenticated to the keycloak server using the kafka-broker client id.
+It should show the kafka broker authenticates to the keycloak server using the `kafka-broker` client id.
 ----
 loginWithClientSecret() - tokenEndpointUrl: http://keycloak:8080/realms/demo/protocol/openid-connect/token, clientId: kafka-broker, clientSecret: k*********, scope: null, audience: null, connectTimeout: 20, readTimeout
 : 60, retries: 0, retryPauseMillis: 0 (io.strimzi.kafka.oauth.common.OAuthAuthenticator)
@@ -82,16 +73,15 @@ loginWithClientSecret() - tokenEndpointUrl: http://keycloak:8080/realms/demo/pro
 It should show the kafka broker started
 ----
 Kafka version: 3.9.0 (org.apache.kafka.common.utils.AppInfoParser)
-
 [KafkaRaftServer nodeId=1] Kafka Server started (kafka.server.KafkaRaftServer)
 ----
 
 === Run the camel example
 
-As the project was already built, it's ready to run:
+Build and run the quickstart.
 
 ----
-mvn spring-boot:run
+mvn compile spring-boot:run
 ----
 
 It should display the kafka OAuth settings, example:
@@ -116,10 +106,10 @@ Press `Ctrl-C` to exit.
 
 === Help and contributions
 
-If you hit any problem using Camel or have some feedback, 
+If you hit any problem using Camel or have some feedback,
 then please https://camel.apache.org/community/support/[let us know].
 
-We also love contributors, 
+We also love contributors,
 so https://camel.apache.org/community/contributing/[get involved] :-)
 
 The Camel riders!

kafka-oauth/pom.xml

@@ -35,7 +35,6 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <strimzi.version>0.15.0</strimzi.version>
-        <nimbus.jose.version>9.37.2</nimbus.jose.version>
     </properties>
 
     <dependencyManagement>
@@ -100,16 +99,6 @@
 
     <build>
         <plugins>
-            <plugin>
-                <artifactId>maven-clean-plugin</artifactId>
-                <configuration>
-                <filesets>
-                    <fileset>
-                        <directory>${basedir}/docker/kafka-oauth-strimzi/kafka/target</directory>
-                    </fileset>
-                </filesets>
-                </configuration>
-            </plugin>
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
@@ -122,107 +111,6 @@
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <artifactId>maven-resources-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <!-- copy the truststore CA to the camel-spring-boot, so the strimzi-oauth jaas login module 
-                             connects to the keycloak https and trust the CA
-                        -->
-                        <id>copy-resources</id>
-                        <phase>compile</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>target/classes</outputDirectory>
-                            <resources>
-                                <resource>
-                                    <directory>${basedir}/docker/certificates/</directory>
-                                    <includes>
-                                        <include>ca-truststore.p12</include>
-                                    </includes>
-                                </resource>
-                            </resources>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <!-- copy the required files to build the strimzi-oauth-kafka image -->
-                        <id>copy-resources-strimzi</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/docker/kafka-oauth-strimzi/kafka/target</outputDirectory>
-                            <resources>
-                                <resource>
-                                    <directory>${basedir}/docker/kafka-oauth-strimzi/kafka</directory>
-                                    <includes>
-                                        <include>functions.sh</include>
-                                        <include>start.sh</include>
-                                        <include>simple_kafka_config.sh</include>
-                                        <include>Dockerfile</include>
-                                        <include>config/</include>
-                                        <include>certificates/</include>
-                                    </includes>
-                                    <filtering>false</filtering>
-                                </resource>
-                            </resources>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>copy</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>copy</goal>
-                        </goals>
-                    </execution>
-                </executions>
-                <configuration>
-                    <artifactItems>
-                        <artifactItem>
-                            <groupId>io.strimzi</groupId>
-                            <artifactId>kafka-oauth-client</artifactId>
-                            <version>${strimzi.version}</version>
-                        </artifactItem>
-                        <artifactItem>
-                            <groupId>io.strimzi</groupId>
-                            <artifactId>kafka-oauth-server</artifactId>
-                            <version>${strimzi.version}</version>
-                        </artifactItem>
-                        <artifactItem>
-                            <groupId>io.strimzi</groupId>
-                            <artifactId>kafka-oauth-server-plain</artifactId>
-                            <version>${strimzi.version}</version>
-                        </artifactItem>
-                        <artifactItem>
-                            <groupId>io.strimzi</groupId>
-                            <artifactId>kafka-oauth-common</artifactId>
-                            <version>${strimzi.version}</version>
-                        </artifactItem>
-                        <artifactItem>
-                            <groupId>io.strimzi</groupId>
-                            <artifactId>kafka-oauth-keycloak-authorizer</artifactId>
-                            <version>${strimzi.version}</version>
-                        </artifactItem>
-                        <artifactItem>
-                            <groupId>com.nimbusds</groupId>
-                            <artifactId>nimbus-jose-jwt</artifactId>
-                            <version>${nimbus.jose.version}</version>
-                        </artifactItem>
-                    </artifactItems>
-                    <outputDirectory>${basedir}/docker/kafka-oauth-strimzi/kafka/target/libs</outputDirectory>
-                    <overWriteReleases>false</overWriteReleases>
-                    <overWriteSnapshots>true</overWriteSnapshots>
-                </configuration>
-            </plugin>
         </plugins>
     </build>
 </project>

kafka-oauth/src/main/resources/application.properties

@@ -26,7 +26,7 @@ camel.component.kafka.sasl-jaas-config = org.apache.kafka.common.security.oauthb
   oauth.client.id="kafka-producer-client" \
   oauth.client.secret="kafka-producer-client-secret" \
   oauth.username.claim="preferred_username" \
-  oauth.ssl.truststore.location="docker/certificates/ca-truststore.p12" \
+  oauth.ssl.truststore.location="containers/certificates/ca-truststore.p12" \
   oauth.ssl.truststore.type="pkcs12" \
   oauth.ssl.truststore.password="changeit" \
   oauth.token.endpoint.uri="https://keycloak:8443/realms/demo/protocol/openid-connect/token" ;