From 284bfe5eb9a96b028e2e8fc8ffe962c72d7ac155 Mon Sep 17 00:00:00 2001 From: Michael Edgar Date: Wed, 22 Jan 2025 17:57:22 -0500 Subject: [PATCH] Apicurio Registry direct dependency management, remove Nimbus JOSE mgmt - CVE-free version of Nimbus JOSE managed by Quarkus - Remove use of quarkus-kafka-clients and quarkus-apicurio-registry-avro - Add Apicurio resource manager and test container to replace dev services previously provided by quarkus-apicurio-registry-avro Signed-off-by: Michael Edgar --- api/pom.xml | 14 ++---- .../kafka/systemtest/TestPlainProfile.java | 8 ++- .../deployment/ApicurioResourceManager.java | 50 +++++++++++++++++++ api/src/test/resources/Dockerfile.apicurio | 4 ++ pom.xml | 21 +++++--- 5 files changed, 77 insertions(+), 20 deletions(-) create mode 100644 api/src/test/java/com/github/streamshub/console/kafka/systemtest/deployment/ApicurioResourceManager.java create mode 100644 api/src/test/resources/Dockerfile.apicurio diff --git a/api/pom.xml b/api/pom.xml index ad5c25b36..ea1a3da74 100644 --- a/api/pom.xml +++ b/api/pom.xml @@ -72,18 +72,10 @@ io.quarkus quarkus-hibernate-validator - - io.quarkus - quarkus-kafka-client - io.quarkus quarkus-kubernetes-client - - io.quarkus - quarkus-apicurio-registry-avro - io.quarkus quarkus-oidc @@ -93,6 +85,11 @@ smallrye-common-annotation + + org.apache.kafka + kafka-clients + + org.jboss.logging jboss-logging @@ -120,7 +117,6 @@ io.apicurio apicurio-registry-serdes-protobuf-serde - ${apicurio-registry.version} com.google.protobuf diff --git a/api/src/test/java/com/github/streamshub/console/kafka/systemtest/TestPlainProfile.java b/api/src/test/java/com/github/streamshub/console/kafka/systemtest/TestPlainProfile.java index 42a2dd500..8b32913c8 100644 --- a/api/src/test/java/com/github/streamshub/console/kafka/systemtest/TestPlainProfile.java +++ b/api/src/test/java/com/github/streamshub/console/kafka/systemtest/TestPlainProfile.java @@ -9,6 +9,7 @@ import java.util.List; import java.util.Map; +import com.github.streamshub.console.kafka.systemtest.deployment.ApicurioResourceManager; import com.github.streamshub.console.kafka.systemtest.deployment.KafkaResourceManager; import com.github.streamshub.console.kafka.systemtest.deployment.KeycloakResourceManager; import com.github.streamshub.console.kafka.systemtest.deployment.StrimziCrdResourceManager; @@ -37,6 +38,7 @@ public String getConfigProfile() { @Override public List testResources() { return List.of( + new TestResourceEntry(ApicurioResourceManager.class, Collections.emptyMap(), true), new TestResourceEntry(StrimziCrdResourceManager.class, Collections.emptyMap(), true), new TestResourceEntry(KeycloakResourceManager.class, Collections.emptyMap(), true), new TestResourceEntry(KafkaResourceManager.class, Map.of("profile", PROFILE), true)); @@ -50,11 +52,7 @@ public Map getConfigOverrides() { schemaRegistries: - name: test-registry - ### - # This is the property used by Dev Services for Apicurio Registry - # https://quarkus.io/guides/apicurio-registry-dev-services - ### - url: ${mp.messaging.connector.smallrye-kafka.apicurio.registry.url} + url: ${console.test.apicurio-url} kafka: clusters: diff --git a/api/src/test/java/com/github/streamshub/console/kafka/systemtest/deployment/ApicurioResourceManager.java b/api/src/test/java/com/github/streamshub/console/kafka/systemtest/deployment/ApicurioResourceManager.java new file mode 100644 index 000000000..9635e2d81 --- /dev/null +++ b/api/src/test/java/com/github/streamshub/console/kafka/systemtest/deployment/ApicurioResourceManager.java @@ -0,0 +1,50 @@ +package com.github.streamshub.console.kafka.systemtest.deployment; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.UncheckedIOException; +import java.util.Map; + +import org.slf4j.LoggerFactory; +import org.testcontainers.containers.GenericContainer; +import org.testcontainers.containers.output.Slf4jLogConsumer; +import org.testcontainers.containers.wait.strategy.Wait; + +import io.quarkus.test.common.QuarkusTestResourceLifecycleManager; + +public class ApicurioResourceManager implements QuarkusTestResourceLifecycleManager { + + GenericContainer apicurio; + + @Override + @SuppressWarnings("resource") + public Map start() { + int port = 8080; + String apicurioImage; + + try (InputStream in = getClass().getResourceAsStream("/Dockerfile.apicurio"); + BufferedReader reader = new BufferedReader(new InputStreamReader(in))) { + apicurioImage = reader.readLine().substring("FROM ".length()); + } catch (IOException e) { + throw new UncheckedIOException(e); + } + + apicurio = new GenericContainer<>(apicurioImage) + .withLogConsumer(new Slf4jLogConsumer(LoggerFactory.getLogger("systemtests.apicurio"), true)) + .withExposedPorts(port) + .waitingFor(Wait.forListeningPort()); + + apicurio.start(); + + String urlTemplate = "http://localhost:%d/apis/registry/v2/"; + var apicurioUrl = urlTemplate.formatted(apicurio.getMappedPort(port)); + return Map.of("console.test.apicurio-url", apicurioUrl); + } + + @Override + public void stop() { + apicurio.stop(); + } +} diff --git a/api/src/test/resources/Dockerfile.apicurio b/api/src/test/resources/Dockerfile.apicurio new file mode 100644 index 000000000..e97a3876e --- /dev/null +++ b/api/src/test/resources/Dockerfile.apicurio @@ -0,0 +1,4 @@ +FROM quay.io/apicurio/apicurio-registry-mem:2.6.7.Final +# No operations, this is only a placeholder used to manage the image +# version via dependabot. The FROM statement is always expected to +# present on the first line of this file. diff --git a/pom.xml b/pom.xml index 1ac3f6b3a..d4a2f1ad4 100644 --- a/pom.xml +++ b/pom.xml @@ -87,17 +87,26 @@ kafka-clients 3.9.0 - - - com.nimbusds - nimbus-jose-jwt - 9.41.2 - io.strimzi kafka-oauth-client ${strimzi-oauth.version} + + io.apicurio + apicurio-registry-client + ${apicurio-registry.version} + + + io.apicurio + apicurio-registry-serdes-avro-serde + ${apicurio-registry.version} + + + io.apicurio + apicurio-registry-serdes-protobuf-serde + ${apicurio-registry.version} + io.strimzi kafka-oauth-common