From 55218d1dddf0b4ae37f14593d4ef7ab0eecd76fa Mon Sep 17 00:00:00 2001 From: Francis Cao <31608805+franciscao633@users.noreply.github.com> Date: Wed, 21 Sep 2022 11:31:52 -0700 Subject: [PATCH] Francis/uc 37 secure kafka (#1532) * add ssl encryption to kafka client * fix missing columns in getPageview CH. fix Kafka SSL Pathing --- .gitignore | 3 +++ lib/kafka.js | 10 ++++++++-- queries/analytics/pageview/getPageviews.js | 3 +-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 54410324..0bad6264 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,6 @@ yarn-error.log* *.dev.yml +# cert +/lib/cert + diff --git a/lib/kafka.js b/lib/kafka.js index 6b6f315f..4ad119ca 100644 --- a/lib/kafka.js +++ b/lib/kafka.js @@ -8,11 +8,17 @@ const log = debug('umami:kafka'); function getClient() { const { username, password } = new URL(process.env.KAFKA_URL); const brokers = process.env.KAFKA_BROKER.split(','); + const fs = require('fs'); const ssl = username && password ? { - ssl: true, + ssl: { + checkServerIdentity: () => undefined, + ca: [fs.readFileSync('./lib/cert/ca_cert.pem', 'utf-8')], + key: fs.readFileSync('./lib/cert/client_key.pem', 'utf-8'), + cert: fs.readFileSync('./lib/cert/client_cert.pem', 'utf-8'), + }, sasl: { mechanism: 'plain', username, @@ -63,7 +69,7 @@ async function sendMessage(params, topic) { value: JSON.stringify(params), }, ], - acks: 0, + acks: 1, }); } diff --git a/queries/analytics/pageview/getPageviews.js b/queries/analytics/pageview/getPageviews.js index 37eaef2d..2bbfff69 100644 --- a/queries/analytics/pageview/getPageviews.js +++ b/queries/analytics/pageview/getPageviews.js @@ -27,9 +27,8 @@ async function relationalQuery(websites, start_at) { async function clickhouseQuery(websites, start_at) { return clickhouse.rawQuery( `select - view_id, website_id, - session_id, + session_uuid, created_at, url from event