Description
The certificate validation process in the cp-demo script is failing on MacOS due to the wc command behavior which includes leading spaces in its output. Additionally, the current implementation check_num_certs() uses a non-standard return code convention (1 for success, 0 for failure) which can lead to confusion and maintenance issues.

This causes the script to unnecessarily regenerate cryptographic material even when valid certificates exist, significantly impacting the development workflow.

Troubleshooting
I validated that this issue occurs by:

1. Following the standard setup procedure from the documentation
2. Observing that even with valid certificates, the script triggers regeneration
3. Investigating the check_num_certs function output on MacOS:

$ echo "trusted" | wc -l
       1

vs Linux:

$ echo "trusted" | wc -l
1

The leading spaces in the MacOS output cause the numeric comparison to fail, triggering certificate regeneration.

Related issues:

• No exact matches found in existing issues
• Similar MacOS-specific behavior discussed in: https://stackoverflow.com/questions/30927590/wc-on-osx-return-includes-spaces

Proposed Solution

1. Rename the function to better reflect its purpose:

check_truststore_valid() {
  local DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
  NUM_CERTS=$(docker run --rm -v $DIR/../security:/etc/kafka/secrets localbuild/connect:${CONFLUENT_DOCKER_TAG}-${CONNECTOR_VERSION} \
    keytool --list --keystore /etc/kafka/secrets/kafka.connect.truststore.jks --storepass confluent | grep trusted | wc -l | xargs)
  if [[ "$NUM_CERTS" -eq "1" ]]; then
    return 0
  fi
  return 1
}

Key changes:

1. Added xargs to trim whitespace from wc output
2. Fixed return code convention (0 for success)
3. Renamed function for clarity

Environment

• GitHub branch: 7.7.1-post
• Operating System: macOS 14.7.1 (23H222)
• Docker Version: 27.2.0
• Docker Compose Version: v2.29.2-desktop.2