From dec21b2f09c89653e69b07345472e0d937f99f22 Mon Sep 17 00:00:00 2001
From: Mark Phelps <209477+markphelps@users.noreply.github.com>
Date: Fri, 12 Jul 2024 13:41:58 -0400
Subject: [PATCH 1/2] chore: document upcoming kafka func for audit events

Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
---
 configuration/auditing/overview.mdx |  2 ++
 configuration/overview.mdx          | 14 ++++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/configuration/auditing/overview.mdx b/configuration/auditing/overview.mdx
index 6fbab85..384783b 100644
--- a/configuration/auditing/overview.mdx
+++ b/configuration/auditing/overview.mdx
@@ -46,6 +46,8 @@ Currently, we support the following sinks for audit events:
 
 - [Webhook](/configuration/overview#audit-events-webhook): the audit events are sent to a URL of your choice.
 
+- [Kafka](/configuration/overview#audit-events-kafka): the audit events are sent to a Kafka topic of your choice.
+
 You can find [examples](https://github.com/flipt-io/flipt/tree/main/examples/audit) in the main GitHub repository on how to enable audit events and how to tune configuration for it.
 
 ## Event Filtering
diff --git a/configuration/overview.mdx b/configuration/overview.mdx
index 9f03767..bf987b8 100644
--- a/configuration/overview.mdx
+++ b/configuration/overview.mdx
@@ -437,6 +437,20 @@ export FLIPT_CORS_ALLOWED_ORIGINS="http://localhost:3000 http://localhost:3001"
 | audit.sinks.webhook.max_backoff_duration | Max exponential backoff duration for sending webhook upon failure  | 15s     | v1.27.0 |
 | audit.sinks.webhook.templates[]          | List of webhook templates for Flipt to send audit events to        |         | v1.28.0 |
 
+#### Audit Events: Kafka
+
+| Property                                  | Description                                          | Default  | Since   |
+| ----------------------------------------- | ---------------------------------------------------- | -------- | ------- |
+| audit.sinks.kafka.enabled                 | Enable Kafka sink                                    | false    | v1.46.0 |
+| audit.sinks.kafka.topic                   | Kafka topic to send audit events to                  |          | v1.46.0 |
+| audit.sinks.kafka.bootstrap_servers       | Kafka bootstrap servers                              |          | v1.46.0 |
+| audit.sinks.kafka.encoding                | Encoding to use for events in Kafka (protobuf, avro) | protobuf | v1.46.0 |
+| audit.sinks.kafka.schema_registry.url     | URL to the schema registry for encoding              |          | v1.46.0 |
+| audit.sinks.kafka.require_tls             | Require TLS to access the Kafka broker               | false    | v1.46.0 |
+| audit.sinks.kafka.insecure_skip_tls       | Skip verifying the server's certificate chain        | false    | v1.46.0 |
+| audit.sinks.kafka.authentication.username | SASL/PLAIN username to access the Kafka broker       |          | v1.46.0 |
+| audit.sinks.kafka.authentication.password | SASL/PLAIN password to access the Kafka broker       |          | v1.46.0 |
+
 ### Analytics
 
 | Property                      | Description                                     | Default | Since   |

From f2117e29e8417baac276b8ceebba29f82612cc4f Mon Sep 17 00:00:00 2001
From: Mark Phelps <209477+markphelps@users.noreply.github.com>
Date: Sat, 13 Jul 2024 10:58:45 -0400
Subject: [PATCH 2/2] chore: docs updates

Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
---
 .vale/styles/Flipt/spelling-exceptions.txt | 1 +
 configuration/overview.mdx                 | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.vale/styles/Flipt/spelling-exceptions.txt b/.vale/styles/Flipt/spelling-exceptions.txt
index d85eb69..c8cc88b 100644
--- a/.vale/styles/Flipt/spelling-exceptions.txt
+++ b/.vale/styles/Flipt/spelling-exceptions.txt
@@ -1,6 +1,7 @@
 affordance
 APIs
 auditable
+avro
 azblob
 backoff
 boolean
diff --git a/configuration/overview.mdx b/configuration/overview.mdx
index bf987b8..38bfd04 100644
--- a/configuration/overview.mdx
+++ b/configuration/overview.mdx
@@ -448,8 +448,8 @@ export FLIPT_CORS_ALLOWED_ORIGINS="http://localhost:3000 http://localhost:3001"
 | audit.sinks.kafka.schema_registry.url     | URL to the schema registry for encoding              |          | v1.46.0 |
 | audit.sinks.kafka.require_tls             | Require TLS to access the Kafka broker               | false    | v1.46.0 |
 | audit.sinks.kafka.insecure_skip_tls       | Skip verifying the server's certificate chain        | false    | v1.46.0 |
-| audit.sinks.kafka.authentication.username | SASL/PLAIN username to access the Kafka broker       |          | v1.46.0 |
-| audit.sinks.kafka.authentication.password | SASL/PLAIN password to access the Kafka broker       |          | v1.46.0 |
+| audit.sinks.kafka.authentication.username | SASL/SCRAM username to access the Kafka broker       |          | v1.46.0 |
+| audit.sinks.kafka.authentication.password | SASL/SCRAM password to access the Kafka broker       |          | v1.46.0 |
 
 ### Analytics