hachikuji commented on a change in pull request #10240:
URL: https://github.com/apache/kafka/pull/10240#discussion_r587955277
##########
File path: tests/kafkatest/tests/core/security_test.py
##########
@@ -65,7 +65,7 @@ def test_client_ssl_endpoint_validation_failure(self,
security_protocol, interbr
Test that invalid hostname in certificate results in connection
failures.
When security_protocol=SSL, client SSL handshakes are expected to fail
due to hostname verification failure.
When security_protocol=PLAINTEXT and
interbroker_security_protocol=SSL, controller connections fail
- with hostname verification failure. Hence clients are expected to fail
with LEADER_NOT_AVAILABLE.
+ with hostname verification failure. Hence clients are expected to fail
with INVALID_REPLICATION_FACTOR.
Review comment:
I still think this error is not a very intuitive way to handle the
absence of metadata. Maybe we can rephrase the explanation a little bit.
> Since metadata cannot be propagated in the cluster without a valid
certificate, the broker's metadata caches will be empty. Hence we expect
`Metadata` requests to fail with an `INVALID_REPLICATION_FACTOR` error since
the broker will attempt to create the topic automatically as it does not exist
in the metadata cache, and there will be no online brokers.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
