Skip to content

Fix current user authorization level (#5636) #13206

Fix current user authorization level (#5636)

Fix current user authorization level (#5636) #13206

Workflow file for this run

name: Verify Build Workflow
on:
push:
paths-ignore:
- '.gitignore'
- 'LICENSE'
- 'README*'
- 'docs/**'
- '.github/workflows/**'
branches: ['2.6.x']
pull_request:
paths-ignore:
- '.gitignore'
- 'LICENSE'
- 'README*'
- 'docs/**'
branches: ['2.6.x']
concurrency:
# Only run once for latest commit per ref and cancel other (previous) runs.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
TESTCONTAINERS_RYUK_DISABLED: true
jobs:
build-verify:
name: Verify In Memory Build
runs-on: ubuntu-20.04
if: github.repository_owner == 'Apicurio' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
steps:
- name: Checkout Code with Ref '${{ github.ref }}'
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: 'temurin'
cache: 'maven'
# Open-Source Machine emulator that allows you to emulate multiple CPU architectures on your machine
- name: Set up QEMU
if: github.event_name == 'push'
uses: docker/setup-qemu-action@v1
# Docker CLI plugin for extended build capabilities with BuildKit
- name: Set up Docker Buildx
if: github.event_name == 'push'
id: buildx
uses: docker/setup-buildx-action@v1
- name: Inspect builder
if: github.event_name == 'push'
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
- name: Build and Test In Memory Variant
# if: github.ref == 'refs/heads/main'
run: make BUILD_FLAGS='-DskipCommitIdPlugin=false -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-in-memory
# - name: Build and Test In Memory Variant Without UI
# if: github.ref != 'refs/heads/main'
# run: make BUILD_FLAGS='-DskipUiBuild -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-in-memory
- name: Login to DockerHub Registry
if: github.event_name == 'push'
run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
- name: Build and Push In Memory Multi-arch Images to Docker.io
if: github.event_name == 'push'
run: ./.github/scripts/build-and-push-multiarch-images.sh ${GITHUB_REF#refs/heads/} docker.io mem-multiarch-images snapshot
- name: Login to Quay.io Registry
if: github.event_name == 'push'
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
- name: Build and Push In Memory Multi-arch Images to Quay.io
if: github.event_name == 'push'
run: ./.github/scripts/build-and-push-multiarch-images.sh ${GITHUB_REF#refs/heads/} quay.io mem-multiarch-images snapshot
build-verify-sql:
name: Verify SQL Build
runs-on: ubuntu-20.04
if: github.repository_owner == 'Apicurio' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
steps:
- name: Checkout Code with Ref '${{ github.ref }}'
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: 'temurin'
cache: 'maven'
# Open-Source Machine emulator that allows you to emulate multiple CPU architectures on your machine
- name: Set up QEMU
if: github.event_name == 'push'
uses: docker/setup-qemu-action@v1
# Docker CLI plugin for extended build capabilities with BuildKit
- name: Set up Docker Buildx
if: github.event_name == 'push'
id: buildx
uses: docker/setup-buildx-action@v1
- name: Inspect builder
if: github.event_name == 'push'
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
- name: Build and Test SQL Variant
# if: github.ref == 'refs/heads/main'
run: make BUILD_FLAGS='-DskipCommitIdPlugin=false -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-sql
# - name: Build and Test SQL Variant Without UI
# if: github.ref != 'refs/heads/main'
# run: make BUILD_FLAGS='-DskipUiBuild -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-sql
- name: Login to DockerHub Registry
if: github.event_name == 'push'
run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
- name: Build and Push SQL Multi-arch Images to Docker.io
if: github.event_name == 'push'
run: ./.github/scripts/build-and-push-multiarch-images.sh ${GITHUB_REF#refs/heads/} docker.io sql-multiarch-images snapshot
- name: Login to Quay.io Registry
if: github.event_name == 'push'
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
- name: Build and Push In Memory Multi-arch Images to Quay.io
if: github.event_name == 'push'
run: ./.github/scripts/build-and-push-multiarch-images.sh ${GITHUB_REF#refs/heads/} quay.io sql-multiarch-images snapshot
build-verify-kafkasql:
name: Verify KafkaSQL Build
runs-on: ubuntu-20.04
if: github.repository_owner == 'Apicurio' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
steps:
- name: Checkout Code with Ref '${{ github.ref }}'
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: 'temurin'
cache: 'maven'
# Open-Source Machine emulator that allows you to emulate multiple CPU architectures on your machine
- name: Set up QEMU
if: github.event_name == 'push'
uses: docker/setup-qemu-action@v1
# Docker CLI plugin for extended build capabilities with BuildKit
- name: Set up Docker Buildx
if: github.event_name == 'push'
id: buildx
uses: docker/setup-buildx-action@v1
- name: Inspect builder
if: github.event_name == 'push'
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
- name: Build and Test KafkaSQL Variant
# if: github.ref == 'refs/heads/main'
run: make BUILD_FLAGS='-DskipCommitIdPlugin=false -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-kafkasql
# - name: Build and Test KafkaSQL Variant Without UI
# if: github.ref != 'refs/heads/main'
# run: make BUILD_FLAGS='-DskipUiBuild -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-kafkasql
- name: Login to DockerHub Registry
if: github.event_name == 'push'
run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
- name: Build and Push KafkaSQL Multi-arch Images to Docker.io
if: github.event_name == 'push'
run: ./.github/scripts/build-and-push-multiarch-images.sh ${GITHUB_REF#refs/heads/} docker.io kafkasql-multiarch-images snapshot
- name: Login to Quay.io Registry
if: github.event_name == 'push'
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
- name: Build and Push KafkaSQL Multi-arch Images to Quay.io
if: github.event_name == 'push'
run: ./.github/scripts/build-and-push-multiarch-images.sh ${GITHUB_REF#refs/heads/} quay.io kafkasql-multiarch-images snapshot
build-mem-native-images:
name: Build and Test In Memory native images
runs-on: ubuntu-20.04
if: github.repository_owner == 'Apicurio' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
steps:
- name: Checkout Code with Ref '${{ github.ref }}'
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: 'maven'
- name: Workaround jackson-coreutils
run: |
# upstream issue: https://github.com/java-json-tools/jackson-coreutils/issues/59
rm -rf ~/.m2/repository/com/github/java-json-tools
mkdir -p /tmp/coreutils-workaround
( cd /tmp/coreutils-workaround && mvn dependency:get -DremoteRepositories=https://repo1.maven.org/maven2 -Dartifact=com.github.java-json-tools:jackson-coreutils:2.0 )
- name: Build inmemory Variant
# if: github.ref == 'refs/heads/main'
run: make SKIP_TESTS=true BUILD_FLAGS='-DskipCommitIdPlugin=false -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-in-memory
# - name: Build inmemory Variant Without UI
# if: github.ref != 'refs/heads/main'
# run: make SKIP_TESTS=true BUILD_FLAGS='-DskipUiBuild -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5 --no-transfer-progress' build-in-memory
- name: Verify docs generation
run: |
if [ -n "$(git status --untracked-files=no --porcelain docs)" ]; then
echo "Docs needs to be regenerated. Run 'mvn clean install -pl docs -am -DskipTests' and commit the resulting files in the 'docs' folder."
git --no-pager diff docs
exit 1
fi
- name: Build Native executables
# if: github.ref == 'refs/heads/main'
run: make SKIP_TESTS=true build-mem-native
# - name: Build Native executables without UI
# if: github.ref != 'refs/heads/main'
# run: make SKIP_TESTS=true BUILD_FLAGS='-DskipUiBuild' build-mem-native
- name: Build and Push Temporary image for testing
env:
IMAGE_REPO: ttl.sh/${{ github.sha }}
# maximum allowed
IMAGE_TAG: 1d
run: make build-mem-native-image push-mem-native-image
- name: Setup Minikube
uses: manusa/actions-setup-minikube@v2.7.2
with:
minikube version: 'v1.31.1'
kubernetes version: 'v1.26.3'
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
- name: Prepare minikube tunnel
run: minikube tunnel &> /dev/null &
- name: Run Integration Tests - inmemory
run: make REGISTRY_IMAGE='-Dregistry-in-memory-image=ttl.sh/${{ github.sha }}/apicurio/apicurio-registry-mem-native:1d' run-in-memory-integration-tests
- name: Run Integration Tests - inmemory - auth
run: make REGISTRY_IMAGE='-Dregistry-in-memory-image=ttl.sh/${{ github.sha }}/apicurio/apicurio-registry-mem-native:1d' run-in-memory-auth-tests
- name: Collect logs
if: failure()
run: ./.github/scripts/collect_logs.sh
- name: Upload tests logs artifacts
if: failure()
uses: actions/upload-artifact@v4.0.0
with:
name: tests-logs
path: artifacts
- name: Build Native Images
env:
IMAGE_REPO: quay.io
IMAGE_TAG: 2.6.x-snapshot
ADDITIONAL_IMAGE_TAG: latest-snapshot
run: |
make build-mem-native-image
- name: Login to Quay.io Registry
if: github.event_name == 'push'
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
- name: Push Native Images
env:
IMAGE_REPO: quay.io
IMAGE_TAG: 2.6.x-snapshot
ADDITIONAL_IMAGE_TAG: latest-snapshot
if: github.event_name == 'push'
run: |
make push-mem-native-image
- name: List All The Images
run: docker images
build-sql-native-images:
name: Build and Test SQL native images
runs-on: ubuntu-20.04
if: github.repository_owner == 'Apicurio' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
steps:
- name: Checkout Code with Ref '${{ github.ref }}'
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: 'maven'
- name: Workaround jackson-coreutils
run: |
# upstream issue: https://github.com/java-json-tools/jackson-coreutils/issues/59
rm -rf ~/.m2/repository/com/github/java-json-tools
mkdir -p /tmp/coreutils-workaround
( cd /tmp/coreutils-workaround && mvn dependency:get -DremoteRepositories=https://repo1.maven.org/maven2 -Dartifact=com.github.java-json-tools:jackson-coreutils:2.0 )
- name: Build Sql Variant
# if: github.ref == 'refs/heads/main'
run: make SKIP_TESTS=true BUILD_FLAGS='-Dmaven.javadoc.skip=true --no-transfer-progress -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5' build-sql
# - name: Build Sql Variant Without UI
# if: github.ref != 'refs/heads/main'
# run: make SKIP_TESTS=true BUILD_FLAGS='-DskipUiBuild -Dmaven.javadoc.skip=true --no-transfer-progress -Dmaven.wagon.httpconnectionManager.maxTotal=30 -Dmaven.wagon.http.retryHandler.count=5' build-sql
- name: Verify docs generation
run: |
if [ -n "$(git status --untracked-files=no --porcelain docs)" ]; then
echo "Docs needs to be regenerated. Run 'mvn clean install -pl docs -am -DskipTests' and commit the resulting files in the 'docs' folder."
git --no-pager diff docs
exit 1
fi
- name: Build Native executables
# if: github.ref == 'refs/heads/main'
run: make SKIP_TESTS=true build-sql-native
# - name: Build Native executables without UI
# if: github.ref != 'refs/heads/main'
# run: make SKIP_TESTS=true BUILD_FLAGS='-DskipUiBuild' build-sql-native
- name: Build and Push Temporary image for testing
env:
IMAGE_REPO: ttl.sh/${{ github.sha }}
# maximum allowed
IMAGE_TAG: 1d
run: make build-sql-native-image push-sql-native-image
- name: Setup Minikube
uses: manusa/actions-setup-minikube@v2.7.2
with:
minikube version: 'v1.31.1'
kubernetes version: 'v1.26.3'
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
- name: Prepare minikube tunnel
run: minikube tunnel &> /dev/null &
- name: Run Integration Tests - sql
run: make REGISTRY_IMAGE='-Dregistry-sql-image=ttl.sh/${{ github.sha }}/apicurio/apicurio-registry-sql-native:1d' run-sql-integration-tests
- name: Run Integration Tests - sql auth
run: make REGISTRY_IMAGE='-Dregistry-sql-image=ttl.sh/${{ github.sha }}/apicurio/apicurio-registry-sql-native:1d' run-sql-auth-tests
- name: Run Integration Tests - sql migration
run: make REGISTRY_IMAGE='-Dregistry-sql-image=ttl.sh/${{ github.sha }}/apicurio/apicurio-registry-sql-native:1d' run-sql-migration-integration-tests
- name: Run Integration Tests - sql multitenancy
run: make REGISTRY_IMAGE='-Dregistry-sql-image=ttl.sh/${{ github.sha }}/apicurio/apicurio-registry-sql-native:1d' run-sql-multitenancy-integration-tests
- name: Collect logs
if: failure()
run: ./.github/scripts/collect_logs.sh
- name: Upload tests logs artifacts
if: failure()
uses: actions/upload-artifact@v4.0.0
with:
name: tests-logs
path: artifacts
- name: Build Native Images
env:
IMAGE_REPO: quay.io
IMAGE_TAG: 2.6.x-snapshot
ADDITIONAL_IMAGE_TAG: latest-snapshot
run: |
make build-sql-native-image
- name: Login to Quay.io Registry
if: github.event_name == 'push'
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
- name: Push Native Images
env:
IMAGE_REPO: quay.io
IMAGE_TAG: 2.6.x-snapshot
ADDITIONAL_IMAGE_TAG: latest-snapshot
if: github.event_name == 'push'
run: |
make push-sql-native-image
- name: List All The Images
run: docker images
notify-sdk:
if: github.repository_owner == 'Apicurio' && github.event_name == 'push' && github.ref == 'refs/heads/main' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
runs-on: ubuntu-20.04
strategy:
matrix:
language: [go, js, python]
steps:
- uses: actions/checkout@v3
- uses: dorny/paths-filter@b2feaf19c27470162a626bd6fa8438ae5b263721
id: changes
with:
base: main
filters: |
openapi:
- 'app/src/main/resources-unfiltered/META-INF/resources/api-specifications/registry/v2/openapi.json'
- name: Repository Dispatch
if: steps.changes.outputs.openapi == 'true'
uses: peter-evans/repository-dispatch@ce5485de42c9b2622d2ed064be479e8ed65e76f4
with:
token: ${{ secrets.ACCESS_TOKEN }}
repository: Apicurio/apicurio-registry-client-sdk-${{ matrix.language }}
event-type: on-oas-updated
client-payload: '{"openapi_file_path": "app/src/main/resources-unfiltered/META-INF/resources/api-specifications/registry/v2/openapi.json"}'
trigger-examples-build:
if: github.repository_owner == 'Apicurio' && github.event_name == 'push' && github.ref == 'refs/heads/main' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
runs-on: ubuntu-20.04
needs: [build-verify]
steps:
- name: Repository Dispatch
uses: peter-evans/repository-dispatch@ce5485de42c9b2622d2ed064be479e8ed65e76f4
with:
token: ${{ secrets.ACCESS_TOKEN }}
repository: Apicurio/apicurio-registry-examples
event-type: on-registry-updated
# Triggers apicurio-registry-mt-ui build whenever apicurio-registry/ui changes
trigger-mt-ui-build:
if: github.repository_owner == 'Apicurio' && github.event_name == 'push' && github.ref == 'refs/heads/main' && !contains(github.event.*.labels.*.name, 'DO NOT MERGE')
runs-on: ubuntu-20.04
needs: [build-verify]
steps:
- uses: actions/checkout@v3
- uses: dorny/paths-filter@b2feaf19c27470162a626bd6fa8438ae5b263721
id: changes
with:
base: main
list-files: 'csv'
filters: |
registry-ui:
- 'ui/**'
- name: Repository Dispatch
if: steps.changes.outputs.registry-ui == 'true'
uses: peter-evans/repository-dispatch@ce5485de42c9b2622d2ed064be479e8ed65e76f4
with:
token: ${{ secrets.ACCESS_TOKEN }}
repository: Apicurio/apicurio-registry-mt-ui
event-type: on-registry-ui-update