Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/main' into auth_page_be
Browse files Browse the repository at this point in the history
# Conflicts:
#	api/src/main/java/io/kafbat/ui/service/ApplicationInfoService.java
  • Loading branch information
Haarolean committed Oct 25, 2024
2 parents 1e668f8 + 0ad8695 commit 7b6cf2e
Show file tree
Hide file tree
Showing 69 changed files with 1,385 additions and 453 deletions.
15 changes: 7 additions & 8 deletions .dev/dev_arm64.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@ services:
KAFKA_CLUSTERS_0_AUDIT_CONSOLEAUDITENABLED: 'true'

kafka0:
image: confluentinc/cp-kafka:7.2.1.arm64
image: confluentinc/cp-kafka:7.6.0.arm64
user: "0:0"
hostname: kafka0
container_name: kafka0
ports:
Expand All @@ -56,12 +57,10 @@ services:
KAFKA_JMX_PORT: 9997
# KAFKA_JMX_HOSTNAME: localhost # uncomment this line and comment the next one if running with kafka-ui as a jar
KAFKA_JMX_OPTS: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=kafka0 -Dcom.sun.management.jmxremote.rmi.port=9997
volumes:
- ../documentation/compose/scripts/update_run.sh:/tmp/update_run.sh
command: "bash -c 'if [ ! -f /tmp/update_run.sh ]; then echo \"ERROR: Did you forget the update_run.sh file that came with this docker-compose.yml file?\" && exit 1 ; else /tmp/update_run.sh && /etc/confluent/docker/run ; fi'"
CLUSTER_ID: 'MkU3OEVBNTcwNTJENDM2Qk'

schema-registry0:
image: confluentinc/cp-schema-registry:7.2.1.arm64
image: confluentinc/cp-schema-registry:7.6.0.arm64
ports:
- 8085:8085
depends_on:
Expand All @@ -77,7 +76,7 @@ services:
SCHEMA_REGISTRY_KAFKASTORE_TOPIC: _schemas

kafka-connect0:
image: confluentinc/cp-kafka-connect:7.2.1.arm64
image: confluentinc/cp-kafka-connect:7.6.0.arm64
ports:
- 8083:8083
depends_on:
Expand All @@ -102,7 +101,7 @@ services:
CONNECT_PLUGIN_PATH: "/usr/share/java,/usr/share/confluent-hub-components,/usr/local/share/kafka/plugins,/usr/share/filestream-connectors"

ksqldb0:
image: confluentinc/ksqldb-server:0.18.0
image: confluentinc/cp-ksqldb-server:7.6.0.arm64
depends_on:
- kafka0
- kafka-connect0
Expand All @@ -120,7 +119,7 @@ services:
KSQL_CACHE_MAX_BYTES_BUFFERING: 0

kafka-init-topics:
image: confluentinc/cp-kafka:7.2.1.arm64
image: confluentinc/cp-kafka:7.6.0.arm64
volumes:
- ../documentation/compose/data/message.json:/data/message.json
depends_on:
Expand Down
11 changes: 6 additions & 5 deletions .github/workflows/build-public-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@ on:
types: ['labeled']

permissions:
id-token: write
contents: read
pull-requests: write

jobs:
build:
Expand Down Expand Up @@ -47,12 +49,11 @@ jobs:
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Configure AWS credentials for Kafka-UI account
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
role-to-assume: ${{ secrets.AWS_ROLE }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
Expand All @@ -65,7 +66,7 @@ jobs:
builder: ${{ steps.buildx.outputs.name }}
context: api
push: true
tags: public.ecr.aws/kafbat/kafka-ui-custom-build:${{ steps.extract_branch.outputs.tag }}
tags: ${{ vars.ECR_REGISTRY }}/${{ github.repository }}:${{ steps.extract_branch.outputs.tag }}
build-args: |
JAR_FILE=api-${{ steps.build.outputs.version }}.jar
cache-from: type=local,src=/tmp/.buildx-cache
Expand All @@ -75,6 +76,6 @@ jobs:
with:
issue-number: ${{ github.event.pull_request.number }}
body: |
Image published at public.ecr.aws/kafbat/kafka-ui-custom-build:${{ steps.extract_branch.outputs.tag }}
Image published at ${{ vars.ECR_REGISTRY }}/${{ github.repository }}:${{ steps.extract_branch.outputs.tag }}
outputs:
tag: ${{ steps.extract_branch.outputs.tag }}
87 changes: 87 additions & 0 deletions .github/workflows/docker_build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
name: "Docker build"

on:
workflow_call:
inputs:
sha:
required: true
type: string
version:
required: true
type: string

permissions:
contents: read

jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
token: ${{ github.token }}

- name: Download maven artifacts
uses: actions/download-artifact@v4
with:
name: kafbat-ui-${{ inputs.version }}
path: api/target

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3

- name: Cache Docker layers
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ inputs.sha }}
restore-keys: |
${{ runner.os }}-buildx-
# Build multi platform images and loading them at the same time is not possible with default container runtime : https://github.com/docker/buildx/issues/59
# So let's use containerd instead as it supports this option
# Also containerd is one of the option to allow preserving provenance attestations :https://docs.docker.com/build/attestations/#creating-attestations
- name: Setup docker with containerd
uses: crazy-max/ghaction-setup-docker@v3
with:
daemon-config: |
{
"features": {
"containerd-snapshotter": true
}
}
- name: Build docker image
id: docker_build
uses: docker/build-push-action@v5
with:
builder: ${{ steps.buildx.outputs.name }}
context: api
platforms: linux/amd64,linux/arm64
provenance: mode=min
sbom: true
push: false
load: true
tags: |
kafka-ui:temp
build-args: |
JAR_FILE=api-${{ inputs.version }}.jar
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache

- name: Dump docker image
run: |
docker image save kafka-ui:temp > /tmp/image.tar
- name: Upload docker image
uses: actions/upload-artifact@v4
with:
name: image
path: /tmp/image.tar
retention-days: 1
100 changes: 100 additions & 0 deletions .github/workflows/docker_publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
name: "Docker publish"

on:
workflow_call:
inputs:
version:
required: true
type: string
generic_tag:
required: true
type: string

permissions:
packages: write
id-token: write # Required to authenticate with OIDC for AWS

jobs:
deploy:
continue-on-error: true
strategy:
fail-fast: false
matrix:
registry: [ 'docker.io', 'ghcr.io', 'ecr' ]

runs-on: ubuntu-latest
steps:

- name: Download docker image
uses: actions/download-artifact@v4
with:
name: image
path: /tmp

# setup containerd to preserve provenance attestations :https://docs.docker.com/build/attestations/#creating-attestations
- name: Setup docker with containerd
uses: crazy-max/ghaction-setup-docker@v3
with:
daemon-config: |
{
"features": {
"containerd-snapshotter": true
}
}
- name: Load docker image into daemon
run: |
docker load --input /tmp/image.tar
- name: Login to docker.io
if: matrix.registry == 'docker.io'
uses: docker/login-action@v3
with:
registry: ${{ matrix.registry }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Login to ghcr.io
if: matrix.registry == 'ghcr.io'
uses: docker/login-action@v3
with:
registry: ${{ matrix.registry }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Configure AWS credentials
if: matrix.registry == 'ecr'
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: us-east-1 # This region only for public ECR
role-to-assume: ${{ secrets.AWS_ROLE }}

- name: Login to public ECR
if: matrix.registry == 'ecr'
id: login-ecr-public
uses: aws-actions/amazon-ecr-login@v2
with:
registry-type: public

- name: define env vars
run: |
if [ ${{matrix.registry }} == 'docker.io' ]; then
echo "REGISTRY=${{ matrix.registry }}" >> $GITHUB_ENV
echo "REPOSITORY=${{ github.repository }}" >> $GITHUB_ENV
elif [ ${{ matrix.registry }} == 'ghcr.io' ]; then
echo "REGISTRY=${{ matrix.registry }}" >> $GITHUB_ENV
echo "REPOSITORY=${{ github.repository }}" >> $GITHUB_ENV
elif [ ${{ matrix.registry }} == 'ecr' ]; then
echo "REGISTRY=${{ vars.ECR_REGISTRY }}" >> $GITHUB_ENV
echo "REPOSITORY=${{ github.repository }}" >> $GITHUB_ENV
else
echo "REGISTRY=" >> $GITHUB_ENV
echo "REPOSITORY=notworking" >> $GITHUB_ENV
fi
- name: Push images to ${{ matrix.registry }}
run: |
docker tag kafka-ui:temp ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ inputs.generic_tag }}
docker tag kafka-ui:temp ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ inputs.version }}
docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ inputs.generic_tag }}
docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ inputs.version }}
4 changes: 2 additions & 2 deletions .github/workflows/e2e-run.yml
Original file line number Diff line number Diff line change
Expand Up @@ -103,8 +103,8 @@ jobs:
run: |
mkdir -p ./e2e-tests/target/selenoid-results/video
mkdir -p ./e2e-tests/target/selenoid-results/logs
docker-compose -f ./e2e-tests/selenoid/selenoid-ci.yaml up -d
docker-compose -f ./documentation/compose/e2e-tests.yaml up -d
docker compose -f ./e2e-tests/selenoid/selenoid-ci.yaml up -d
docker compose -f ./documentation/compose/e2e-tests.yaml up -d
- name: Dump Docker logs on failure
if: failure()
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/frontend_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:

- uses: pnpm/[email protected]
with:
version: 9.1.2
version: 9.11.0

- name: Install node
uses: actions/[email protected]
Expand Down
67 changes: 29 additions & 38 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,14 @@ permissions:
contents: read

jobs:
build:
jar-build:
runs-on: ubuntu-latest

permissions:
contents: read
packages: write

outputs:
version: ${{steps.build.outputs.version}}

steps:
- name: Checkout
Expand All @@ -37,42 +40,30 @@ jobs:
export VERSION=$(./mvnw -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
echo "version=${VERSION}" >> $GITHUB_OUTPUT
# docker images

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Cache Docker layers
uses: actions/cache@v4
- name: Upload jar
uses: actions/upload-artifact@v4
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
name: kafbat-ui-${{ steps.build.outputs.version }}
path: api/target/api-${{ steps.build.outputs.version }}.jar
retention-days: 1

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
docker-build:
needs: jar-build
permissions:
contents: read
uses: ./.github/workflows/docker_build.yml
secrets: inherit
with:
sha: ${{ github.sha }}
version: ${{ needs.jar-build.outputs.version }}

- name: Build & push docker image
id: docker_build_and_push
uses: docker/build-push-action@v5
with:
builder: ${{ steps.buildx.outputs.name }}
context: api
platforms: linux/amd64,linux/arm64
provenance: false
push: true
tags: |
ghcr.io/kafbat/kafka-ui:${{ steps.build.outputs.version }}
ghcr.io/kafbat/kafka-ui:main
build-args: |
JAR_FILE=api-${{ steps.build.outputs.version }}.jar
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
docker-deploy:
needs: [ jar-build, docker-build ]
permissions:
packages: write
id-token: write # Required to authenticate with OIDC for AWS
uses: ./.github/workflows/docker_publish.yml
secrets: inherit
with:
version: ${{ needs.jar-build.outputs.version }}
generic_tag: main
Loading

0 comments on commit 7b6cf2e

Please sign in to comment.