Add support for optional kafka SASL

[ShahimSharafudeen]

Description

Currently the presto-kafka connector can be configured to use SASL authentication (https://docs.confluent.io/platform/current/security/authentication/sasl/plain/overview.html#kafka-sasl-auth-plain) those config properties were made known to the KafkaConfig and are used in the producer as well as consumer factory if being set (all optional).

As of now, we have configured the following parameters for the above requirement:

1. security.protocol
2. sasl.mechanism
3. sasl.jaas.config
4. ssl.truststore.location
5. ssl.truststore.password
6. ssl.truststore.type

As part of the code-level configuration, represent the parameter naming as below and map them to the corresponding Kafka config parameters:

1. kafka.security-protocol=SASL_SSL
2. kafka.sasl.mechanism=PLAIN
3. kafka.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username= password=<API KEY/PASSWORD>;
4. kafka.truststore.path=XXX
5. kafka.truststore.password=XXX
6. kafka.truststore.type=XXX

Taking reference from Trinodb Kafka SSL implementation: trinodb/trino#6929

Motivation and Context

Impact

Test Plan

Contributor checklist

• Please make sure your submission complies with our contributing guide, in particular code style and commit standards.
• PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
• Documented new properties (with its default value), SQL syntax, functions, or other functionality.
• If release notes are required, they follow the release notes guidelines.
• Adequate tests were added if applicable.
• CI passed.

Release Notes

Please follow release notes guidelines and fill in the release notes below.

== RELEASE NOTES ==

Kafka Connector Changes 
* Add support for optional Apache Kafka SASL. 

[aaneja]

• Can you attribute trinodb/trino#6929 in your commit message ? See 'backport commits' section from the CONTRIBUTING doc
• Can you update the kafka.rst file with the new SASL properties

[ShahimSharafudeen]

• Can you attribute Add support for optional Kafka SSL trinodb/trino#6929 in your commit message ? See 'backport commits' section from the CONTRIBUTING doc
• Can you update the kafka.rst file with the new SASL properties

@aaneja - Addressed the review comments.

[steveburnett]

Thanks for the doc! Looks good. Some minor formatting suggestions, and one question for you to consider.

[ShahimSharafudeen]

Thanks for the doc! Looks good. Some minor formatting suggestions, and one question for you to consider.

Thanks @steveburnett for reviewing the documentation-related changes. I’ve addressed all your review comments.

[aaneja]

Can you add a product test that uses these new configs ? We currently have a singlenode-kafka test, lets make a new one called singlenode-kafka-sasl

[aaneja]

Change type to Map<String, Object>

[aaneja]

Let's rename this to kafkaClientConfigProperties, and make it a Map<String,Object>

[aaneja]

Remove the log - it does not add any information

[aaneja]

Why don't we just store a reference to the saslConfig and use it in configure when needed ?

[aaneja]

Remove the log, it does not add any value

[aaneja]

Instead of creating two maps, make a single Map<String, Object> called configurationProperties and store the ACKS_CONFIG and LINGER_MS_CONFIG in them

[aaneja]

Why are these non-default values used, and why are they not configurable ?

[aaneja]

map is redundant, just use properties.putAll(saslConfig.getKafkaClientProperties()) on L50

[aaneja]

toString() is redundant

[aaneja]

Should we rename this to getKafkaSaslProperties()

[steveburnett]

Thanks for the quick update! I found a few more nits and suggestions, again nothing major.

[ShahimSharafudeen]

@aaneja - I have addressed all your comments regarding the Java-related changes.

[ShahimSharafudeen]

Thanks for the quick update! I found a few more nits and suggestions, again nothing major.

Thanks again, @steveburnett, for your suggestions. I have addressed all your comments regarding the doc-related changes.

[steveburnett]

LGTM! (docs)

Pull updated branch, new local doc build, looks good. Thanks!

[aaneja]

Is the Integer.toString needed ? From a quick glance at ConsumerConfig, it looks like we could use the integer directly

[ShahimSharafudeen]

@aaneja - We can pass the value either as an int or a String, but to avoid any issues during runtime, it's better to stick with the existing code pattern used in the initial implementation of the KafkaConsumerManager class, which passes it as a String. Let me know if you’d prefer using an Integer instead — happy to update it.

[aaneja]

Please create an issue to implement the singlenode-kafka-sasl product test. This can be punted to later

[ShahimSharafudeen]

Please create an issue to implement the singlenode-kafka-sasl product test. This can be punted to later

Git issue : #24993

[steveburnett]

LGTM! (docs)

Pull updated branch, new local doc build, looks good.

[ZacBlanco]

Minor things, overall this is good

[ZacBlanco]

Can you also rebase this PR on the latest master branch? I noticed the git log doesn't include anything from April

[ShahimSharafudeen]

Can you also rebase this PR on the latest master branch? I noticed the git log doesn't include anything from April

Rebased the PR with the latest commits from the master branch and addressed all your comments.

[steveburnett]

Thanks for the release note! Minor nit suggestions:

== RELEASE NOTES ==

Kafka Connector Changes
* Add support for optional Apache Kafka SASL. 

[ShahimSharafudeen]

Thanks for the release note! Minor nit suggestions:

== RELEASE NOTES ==

Kafka Connector Changes
* Add support for optional Apache Kafka SASL. 

Done