From b71134b39f79949fe2ecc877d76ca1a03b8235eb Mon Sep 17 00:00:00 2001
From: hosseinsadeghi-cpi
 <122265506+hosseinsadeghi-cpi@users.noreply.github.com>
Date: Fri, 15 Sep 2023 15:18:46 +0200
Subject: [PATCH] add TLS options for kafka executor plugin (#1384)

Co-authored-by: Hossein Sadeghi <ho.mysterious@gmail.com>
---
 builtin/bins/dkron-executor-kafka/kafka.go | 10 ++++++++++
 website/docs/usage/executors/kafka.md      | 12 +++++++-----
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/builtin/bins/dkron-executor-kafka/kafka.go b/builtin/bins/dkron-executor-kafka/kafka.go
index ce05712d9..0dea3d2f0 100644
--- a/builtin/bins/dkron-executor-kafka/kafka.go
+++ b/builtin/bins/dkron-executor-kafka/kafka.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"crypto/tls"
 	"errors"
 	"log"
 	"strings"
@@ -66,6 +67,15 @@ func (s *Kafka) ExecuteImpl(args *dktypes.ExecuteRequest) ([]byte, error) {
 	config.Producer.Return.Successes = true
 	config.Producer.Return.Errors = true
 
+	if args.Config["tlsEnable"] == "true" {
+		config.Net.TLS.Enable = true
+
+		config.Net.TLS.Config = &tls.Config{}
+		if args.Config["tlsInsecureSkipVerify"] == "true" {
+			config.Net.TLS.Config.InsecureSkipVerify = true
+		}
+	}
+
 	brokers := strings.Split(args.Config["brokerAddress"], ",")
 	producer, err := sarama.NewSyncProducer(brokers, config)
 	if err != nil {
diff --git a/website/docs/usage/executors/kafka.md b/website/docs/usage/executors/kafka.md
index 1224a51a4..a4eda3f77 100644
--- a/website/docs/usage/executors/kafka.md
+++ b/website/docs/usage/executors/kafka.md
@@ -7,11 +7,13 @@ A basic Kafka executor that produces a message on a Kafka broker.
 Params
 
 ```
-brokerAddress: Comma separated string containing "IP:port" of the brokers
-key:           The key of the message to produce
-message:       The body of the message to produce
-topic:         The Kafka topic for this message
-debug:         Turns on debugging output if not empty
+brokerAddress:          Comma separated string containing "IP:port" of the brokers
+key:                    The key of the message to produce
+message:                The body of the message to produce
+topic:                  The Kafka topic for this message
+tlsEnable:              Enables TLS if set to true. Optional
+tlsInsecureSkipVerify:  Disables verification of the remote SSL certificate's validity if set to true. Optional
+debug:                  Turns on debugging output if not empty
 ```
 
 Example