Skip to content

fix: acl defaults for the repl #534

fix: acl defaults for the repl

fix: acl defaults for the repl #534

Workflow file for this run

name: ci
on:
push:
branches:
- master
tags:
- v*
pull_request:
jobs:
setup:
runs-on: ubuntu-latest
outputs:
version-tag: ${{ steps.regex-match.outputs.match }}
steps:
- uses: actions-ecosystem/action-regex-match@v2
id: regex-match
with:
text: ${{ github.ref_name }}
regex: '^v[0-9]+(\.[0-9]+)*(-[a-zA-Z0-9-]+)?$'
- name: Print setup
run: |
echo github.ref=${{ github.ref }}
echo github.ref_name=${{ github.ref_name }}
echo github.ref_type=${{ github.ref_type }}
echo release-ref=${{ steps.regex-match.outputs.match }}
test010:
runs-on: ubuntu-latest
container:
image: cimg/go:1.19
env:
GO111MODULE: "on"
KAFKA_TOPICS_TEST_ZK_ADDR: zookeeper:2181
KAFKA_TOPICS_TEST_KAFKA_ADDR: kafka1:9092
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Go setup
uses: actions/setup-go@v3
with:
go-version: 1.19
- name: Display Go version
run: go version
- name: Run tests
run: make test
env:
KAFKA_TOPICS_TEST_ZK_ADDR: zookeeper:2181
KAFKA_TOPICS_TEST_KAFKA_ADDR: kafka1:9092
services:
zookeeper:
image: bitnami/zookeeper:latest
ports:
- "2181:2181"
env:
ALLOW_ANONYMOUS_LOGIN: yes
kafka1:
image: bitnami/kafka:0.10.2.1
ports:
- "9092:9092"
env:
KAFKA_BROKER_ID: 1
KAFKA_BROKER_RACK: zone1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_ADVERTISED_HOST_NAME: kafka1
KAFKA_ADVERTISED_PORT: 9092
kafka2:
image: bitnami/kafka:0.10.2.1
ports:
- "9093:9092"
env:
KAFKA_BROKER_ID: 2
KAFKA_BROKER_RACK: zone1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_ADVERTISED_HOST_NAME: kafka2
KAFKA_ADVERTISED_PORT: 9092
kafka3:
image: bitnami/kafka:0.10.2.1
ports:
- "9094:9092"
env:
KAFKA_BROKER_ID: 3
KAFKA_BROKER_RACK: zone2
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_ADVERTISED_HOST_NAME: kafka3
KAFKA_ADVERTISED_PORT: 9092
kafka4:
image: bitnami/kafka:0.10.2.1
ports:
- "9095:9092"
env:
KAFKA_BROKER_ID: 4
KAFKA_BROKER_RACK: zone2
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_ADVERTISED_HOST_NAME: kafka4
KAFKA_ADVERTISED_PORT: 9092
kafka5:
image: bitnami/kafka:0.10.2.1
ports:
- "9096:9092"
env:
KAFKA_BROKER_ID: 5
KAFKA_BROKER_RACK: zone3
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_ADVERTISED_HOST_NAME: kafka5
KAFKA_ADVERTISED_PORT: 9092
kafka6:
image: bitnami/kafka:0.10.2.1
ports:
- "9097:9092"
env:
KAFKA_BROKER_ID: 6
KAFKA_BROKER_RACK: zone3
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_ADVERTISED_HOST_NAME: kafka6
KAFKA_ADVERTISED_PORT: 9092
test270:
runs-on: ubuntu-latest
container:
image: cimg/go:1.19
env:
GO111MODULE: "on"
KAFKA_TOPICS_TEST_ZK_ADDR: zookeeper:2181
KAFKA_TOPICS_TEST_KAFKA_ADDR: kafka1:9092
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Go setup
uses: actions/setup-go@v3
with:
go-version: 1.19
- name: Display Go version
run: go version
- name: Run tests
run: make test-v2
env:
KAFKA_TOPICS_TEST_ZK_ADDR: zookeeper:2181
KAFKA_TOPICS_TEST_KAFKA_ADDR: kafka1:9092
KAFKA_TOPICS_TEST_BROKER_ADMIN_SECURITY: 1
services:
zookeeper:
image: bitnami/zookeeper:latest
ports:
- "2181:2181"
env:
ALLOW_ANONYMOUS_LOGIN: yes
kafka1:
image: bitnami/kafka:2.7.0
ports:
- "9092:9092"
env:
KAFKA_CFG_BROKER_ID: 1
KAFKA_CFG_BROKER_RACK: zone1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka1
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka2:
image: bitnami/kafka:2.7.0
ports:
- "9093:9092"
env:
KAFKA_CFG_BROKER_ID: 2
KAFKA_CFG_BROKER_RACK: zone1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka2
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka3:
image: bitnami/kafka:2.7.0
ports:
- "9094:9092"
env:
KAFKA_CFG_BROKER_ID: 3
KAFKA_CFG_BROKER_RACK: zone2
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka3
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka4:
image: bitnami/kafka:2.7.0
ports:
- "9095:9092"
env:
KAFKA_CFG_BROKER_ID: 4
KAFKA_CFG_BROKER_RACK: zone2
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka4
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka5:
image: bitnami/kafka:2.7.0
ports:
- "9096:9092"
env:
KAFKA_CFG_BROKER_ID: 5
KAFKA_CFG_BROKER_RACK: zone3
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka5
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka6:
image: bitnami/kafka:2.7.0
ports:
- "9097:9092"
env:
KAFKA_CFG_BROKER_ID: 6
KAFKA_CFG_BROKER_RACK: zone3
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka6
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
test360:
runs-on: ubuntu-latest
container:
image: cimg/go:1.19
env:
GO111MODULE: "on"
KAFKA_TOPICS_TEST_ZK_ADDR: zookeeper:2181
KAFKA_TOPICS_TEST_KAFKA_ADDR: kafka1:9092
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Go setup
uses: actions/setup-go@v3
with:
go-version: 1.19
- name: Display Go version
run: go version
- name: Run tests
run: make test-v2
env:
KAFKA_TOPICS_TEST_ZK_ADDR: zookeeper:2181
KAFKA_TOPICS_TEST_KAFKA_ADDR: kafka1:9092
KAFKA_TOPICS_TEST_BROKER_ADMIN_SECURITY: 1
services:
zookeeper:
image: bitnami/zookeeper:latest
ports:
- "2181:2181"
env:
ALLOW_ANONYMOUS_LOGIN: yes
kafka1:
image: bitnami/kafka:3.6.0
ports:
- "9092:9092"
env:
KAFKA_CFG_BROKER_ID: 1
KAFKA_CFG_BROKER_RACK: zone1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka1
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka2:
image: bitnami/kafka:3.6.0
ports:
- "9093:9092"
env:
KAFKA_CFG_BROKER_ID: 2
KAFKA_CFG_BROKER_RACK: zone1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka2
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka3:
image: bitnami/kafka:3.6.0
ports:
- "9094:9092"
env:
KAFKA_CFG_BROKER_ID: 3
KAFKA_CFG_BROKER_RACK: zone2
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka3
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka4:
image: bitnami/kafka:3.6.0
ports:
- "9095:9092"
env:
KAFKA_CFG_BROKER_ID: 4
KAFKA_CFG_BROKER_RACK: zone2
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka4
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka5:
image: bitnami/kafka:3.6.0
ports:
- "9096:9092"
env:
KAFKA_CFG_BROKER_ID: 5
KAFKA_CFG_BROKER_RACK: zone3
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka5
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
kafka6:
image: bitnami/kafka:3.6.0
ports:
- "9097:9092"
env:
KAFKA_CFG_BROKER_ID: 6
KAFKA_CFG_BROKER_RACK: zone3
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
ALLOW_PLAINTEXT_LISTENER: yes
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka6
KAFKA_CFG_ADVERTISED_PORT: 9092
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
publish-ghcr:
needs: [setup, test010, test270, test360]
runs-on: ubuntu-latest
if: ${{ ( github.ref_type == 'branch' ) && (( github.ref_name == 'master' ) || ( github.ref_name == 'v0' )) }}
steps:
- uses: actions/checkout@v3
- name: setup env variables
id: vars
run: |
echo "SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
- run: echo "publishing the image ghcr.io/segmentio/topicctl:${SHORT_SHA}"
- name: Log in to the Container registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
logout: true
- run: echo "GHCR LOGIN SUCCESSFUL"
- if: ${{ github.ref_name == 'master' }}
name: Build and push image for master
run: |
docker context create buildx-build
docker buildx create --use buildx-build
docker buildx build \
-t ghcr.io/segmentio/topicctl:${SHORT_SHA} \
-t ghcr.io/segmentio/topicctl:latest \
--build-arg VERSION=${SHORT_SHA} \
--push \
.
- if: ${{ github.ref_name == 'v0' }}
name: Build and push image for v0
run: |
docker context create buildx-build
docker buildx create --use buildx-build
docker buildx build \
-t ghcr.io/segmentio/topicctl:${SHORT_SHA} \
--build-arg VERSION=${SHORT_SHA} \
--push \
.
- run: echo "GHCR PUBLISH SUCCESSFUL"
publish-dockerhub:
needs: [setup, test010, test270, test360]
environment: CICD
env:
RELEASE_TAG: ${{ needs.setup.outputs.version-tag }}
runs-on: ubuntu-latest
if: ${{ ( github.ref_type == 'tag' ) && ( needs.setup.outputs.version-tag != '') }}
steps:
- uses: actions/checkout@v3
- run: echo "publishing the release version segment/topicctl:${RELEASE_TAG}"
- name: Dockerhub login
uses: docker/login-action@v2
with:
username: ${{ vars.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
logout: true
- run: echo "DOCKERHUB LOGIN SUCCESSFUL"
- name: Build and push image
run: |
docker context create buildx-build
docker buildx create --use buildx-build
docker buildx build \
--platform=linux/amd64,linux/arm64 \
-t segment/topicctl:${RELEASE_TAG} \
-t segment/topicctl:latest \
--build-arg VERSION=${RELEASE_TAG} \
--push \
.
- run: echo "DOCKERHUB PUBLISH SUCCESSFUL"