Three new profiling multi-server tests

Author: marc-casavant

.github/actions/ci-tests/action.yml

@@ -57,21 +57,6 @@ inputs:
     description: SMTP server SMTP port
     default: 2525
 
-  #
-  #  Kafka is opt-in.  Redpanda (our Kafka-compatible test broker) can't
-  #  start with the default command on GitHub Actions `services:` runners
-  #  - the seastar runtime fails EINVAL without extra flags we can't pass
-  #  through the services stanza.  Leaving this empty makes
-  #  test.modules.kafka skip cleanly; the multi-server kafka test covers
-  #  the full produce path via docker-compose.
-  #
-  kafka_test_server:
-    description: Kafka/Redpanda broker host (empty = skip kafka module tests)
-    default: ""
-  kafka_test_server_port:
-    description: Kafka/Redpanda broker port
-    default: 9092
-
   memcached_test_server:
     description: Memcached server host
     default: 127.0.0.1
@@ -201,8 +186,6 @@ runs:
         IMAP_TEST_SERVER: ${{ inputs.imap_test_server }}
         IMAP_TEST_SERVER_PORT: ${{ inputs.imap_test_server_port }}
         IMAP_TEST_SERVER_SSL_PORT: ${{ inputs.imap_test_server_ssl_port }}
-        KAFKA_TEST_SERVER: ${{ inputs.kafka_test_server }}
-        KAFKA_TEST_SERVER_PORT: ${{ inputs.kafka_test_server_port }}
       run: |
         [ -d /opt/openssl ] && export PATH=/opt/openssl/bin:$PATH
 
@@ -265,8 +248,6 @@ runs:
         IMAP_TEST_SERVER: ${{ inputs.imap_test_server }}
         IMAP_TEST_SERVER_PORT: ${{ inputs.imap_test_server_port }}
         IMAP_TEST_SERVER_SSL_PORT: ${{ inputs.imap_test_server_ssl_port }}
-        KAFKA_TEST_SERVER: ${{ inputs.kafka_test_server }}
-        KAFKA_TEST_SERVER_PORT: ${{ inputs.kafka_test_server_port }}
         CACHE_MEMCACHED_TEST_SERVER: ${{ inputs.memcached_test_server }}
 
     # Restore ucf

.github/workflows/ci-sanitizers.yml

@@ -128,13 +128,6 @@ jobs:
           --health-timeout 5s
           --health-retries 5
 
-      #
-      #  No redpanda service container: seastar exits EINVAL on these
-      #  runners with the default command, and GitHub Actions services
-      #  don't let us override it.  Kafka module tests skip here; the
-      #  multi-server kafka-produce test covers the produce path instead.
-      #
-
     steps:
 
       #  Need git installed for checkout to behave normally

.github/workflows/ci.yml

@@ -134,15 +134,6 @@ jobs:
           --health-timeout 5s
           --health-retries 5
 
-      #
-      #  No redpanda service container here - seastar exits EINVAL on the
-      #  self-hosted runners when started with the default command, and
-      #  GitHub Actions `services:` gives us no way to override the
-      #  command line.  The kafka module tests are skipped in this
-      #  workflow; the multi-server kafka-produce test brings its own
-      #  broker up via docker-compose with the right flags.
-      #
-
     steps:
 
       #  Need git installed for checkout to behave normally

debian/rules

@@ -33,7 +33,7 @@ logdir          = /var/log/$(package)
 pkgdocdir       = /usr/share/doc/$(package)
 confdir        = /etc/$(package)
 
-modulelist=kafka krb5 ldap redis rest yubikey
+modulelist=krb5 ldap redis rest yubikey
 sqldriverlist=freetds mysql unixodbc postgresql
 pkgs=$(shell dh_listpackages)
 

raddb/mods-available/kafka

@@ -357,10 +357,8 @@ log {
 	#  suppress_secrets:: Suppress "secret" values when printing
 	#  them in debug mode.
 	#
-	#  NOTE: Note that when running the server at debug level 3 or
-	#  higher, this configuration ite, is ignored.
 	#
-	#  Setting this to `yes` means that the server does not print
+	#  Setting this to "yes" means that the server does not print
 	#  the contents of "secret" values such as passwords.  It
 	#  instead prints a place-holder value "<<< secret >>>", as
 	#  follows:
@@ -369,18 +367,17 @@ log {
 	#	User-Password = "<<< secret >>>"
 	#	...
 	#
-	#  Secret values are tracked across string expansions, string
-	#  modifications, concatenations, etc.  i.e. if a
-	#  `User-Password` is placed into a `Reply-Message`, then the
-	#  value of the `Reply-Message` will also be marked as
-	#  "secret".
+	#  Note that secret values are tracked across string
+	#  expansions, string modifications, concatenations, etc.
+	#  i.e. if a `User-Password` is placed into a `Reply-Message`,
+	#  then the value of the `Reply-Message` will also be marked
+	#  as "secret".
 	#
-	#  This configuration is enabled by default.  While doing this
-	#  can make it harder to debug the server (as passwords are
-	#  omitted from the debug output), the servers defaults are as
-	#  secure as possible.
+	#  This configuration is disabled by default.  It is extremely
+	#  important for administrators to be able to debug user
+	#  logins by seeing what is actually being sent.
 	#
-	#  In many cases it is not useful to suppress secrets in an
+	#  In most cases it is not useful to suppress secrets in an
 	#  attempt to "be more secure".  Any administrator who can see
 	#  the debug ouput is usually also able to view and/or modify
 	#  the servers configuration (including passwords in
@@ -389,7 +386,7 @@ log {
 	#  actual passwords in order to verify what the user is
 	#  entering.
 	#
-	suppress_secrets = yes
+#	suppress_secrets = no
 }
 
 #