Merge branch 'issues/688' of https://github.com/alexanderlz/kafka-ui into issues/688

Author: alexanderlz

.devcontainer/devcontainer.json

@@ -6,8 +6,8 @@
 	"features": {
 		"ghcr.io/devcontainers/features/java:1": {
 			"version": "none",
-			"installMaven": "true",
-			"installGradle": "false"
+			"installMaven": "false",
+			"installGradle": "true"
 		},
 		"ghcr.io/devcontainers/features/docker-in-docker:2": {}
 	},

.github/CODEOWNERS

@@ -2,7 +2,11 @@
 
 
 # BACKEND
-/pom.xml                    @kafbat/backend
+gradle/libs.versions.toml   @kafbat/backend
+/build.gradle               @kafbat/backend
+/gradle.properties          @kafbat/backend
+/settings.gradle            @kafbat/backend
+/gradle/                    @kafbat/backend
 /contract/                  @kafbat/backend
 /api/                       @kafbat/backend
 /serde-api/                 @kafbat/backend

.github/dependabot.yml

@@ -1,31 +1,41 @@
 version: 2
 updates:
 
-- package-ecosystem: maven
+- package-ecosystem: gradle
   directory: "/"
   schedule:
     interval: weekly
     time: "10:00"
     timezone: Europe/London
-  reviewers:
-    - "kafbat/backend"
   open-pull-requests-limit: 10
   labels:
     - "type/dependencies"
     - "scope/backend"
+  groups:
+    spring-boot-dependencies:
+      patterns:
+        - "org.springframework.boot:*"
+        - "io.spring.dependency-management"
+      # We will handle major upgrades manually
+      update-types:
+        - "patch"
+        - "minor"
+    other-dependencies:
+      patterns:
+        - "*"
+      update-types:
+        - "patch"
+        - "minor"
 
 - package-ecosystem: docker
   directory: "/api"
   schedule:
     interval: weekly
     time: "10:00"
     timezone: Europe/London
-  reviewers:
-    - "kafbat/backend"
   open-pull-requests-limit: 10
   ignore:
   - dependency-name: "azul/zulu-openjdk-alpine"
-    # Limit dependabot pull requests to minor Java upgrades
     update-types: ["version-update:semver-major"]
   labels:
     - "type/dependencies"
@@ -37,22 +47,25 @@ updates:
     interval: weekly
     time: "10:00"
     timezone: Europe/London
-  reviewers:
-    - "kafbat/frontend"
   open-pull-requests-limit: 10
   versioning-strategy: increase-if-necessary
   labels:
     - "type/dependencies"
     - "scope/frontend"
+  groups:
+    pnpm-dependencies:
+      patterns:
+        - "*"
+      update-types:
+        - "patch"
+        - "minor"
 
 - package-ecosystem: "github-actions"
   directory: "/"
   schedule:
     interval: weekly
     time: "10:00"
     timezone: Europe/London
-  reviewers:
-    - "kafbat/devops"
   open-pull-requests-limit: 10
   labels:
     - "type/dependencies"

.github/workflows/aws_ami_publish.yml

@@ -4,7 +4,11 @@ on:
   push:
     branches: [ "main" ]
     paths:
-      - "pom.xml"
+      - "build.gradle"
+      - "gradle.properties"
+      - "settings.gradle"
+      - "gradle/libs.versions.toml"
+
       - "contract/**"
       - "api/**"
       - "serde-api/**"

.github/workflows/backend_main.yml

@@ -5,7 +5,11 @@ on:
   pull_request_target:
     types: [ "opened", "reopened", "synchronize" ]
     paths:
-      - "pom.xml"
+      - "build.gradle"
+      - "gradle.properties"
+      - "settings.gradle"
+      - "gradle/libs.versions.toml"
+
       - "contract/**"
       - "api/**"
       - "serde-api/**"

.github/workflows/backend_pr.yml

@@ -1,4 +1,4 @@
-name: "Backend: build and test"
+name: "Backend: tests & sonar"
 
 on:
   workflow_call:
@@ -14,56 +14,24 @@ permissions:
   pull-requests: write
 
 jobs:
-  build-and-test:
+  tests:
     runs-on: ubuntu-latest
     steps:
 
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4
         with:
           token: ${{ github.token }}
           fetch-depth: 0
           ref: ${{ github.event.pull_request.head.sha }}
 
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4
         with:
           java-version: '21'
           distribution: 'zulu'
-          cache: 'maven'
+          cache: 'gradle'
 
-      - name: Cache SonarCloud packages
-        uses: actions/cache@v4
-        with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
-
-      - name: "Pull request: Maven tests & sonar"
-        if: ${{ inputs.event_name == 'pull_request' || inputs.event_name == 'pull_request_target' }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_BACKEND }}
-          HEAD_REF: ${{ github.head_ref }}
-          BASE_REF: ${{ github.base_ref }}
-          SKIP_SONAR: "true" # TODO remove when public
-        run: |
-          ./mvnw -B -ntp versions:set -DnewVersion=${{ github.event.pull_request.head.sha }}
-          ./mvnw -B -V -ntp verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-          -Dsonar.skip=${SKIP_SONAR} \
-          -Dsonar.projectKey=io.kafbat:kafbat-ui_backend \
-          -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} \
-          -Dsonar.pullrequest.branch=$HEAD_REF \
-          -Dsonar.pullrequest.base=$BASE_REF
-
-      - name: "Main: Maven tests & sonar"
-        if: ${{ inputs.event_name == 'push' }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_BACKEND }}
-          SKIP_SONAR: "true" # TODO remove when public
+      - name: "Tests"
         run: |
-          ./mvnw -B -ntp versions:set -DnewVersion=$GITHUB_SHA
-          ./mvnw -B -V -ntp verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-          -Dsonar.skip=${SKIP_SONAR} \
-          -Dsonar.projectKey=io.kafbat:kafbat-ui_backend
+          ./gradlew :api:test

.github/workflows/backend_tests.yml

@@ -6,8 +6,16 @@ jobs:
   block_merge:
     runs-on: ubuntu-latest
     steps:
-      - uses: mheap/github-action-required-labels@v5
+      - uses: mheap/github-action-required-labels@388fd6af37b34cdfe5a23b37060e763217e58b03 # infered from @v5
         with:
           mode: exactly
           count: 0
-          labels: "status/blocked, status/needs-attention, status/on-hold, status/pending, status/triage, status/pending-backend, status/pending-frontend, status/pending-QA"
+          labels: >
+            status/blocked,
+            status/needs-attention,
+            status/on-hold,
+            status/pending,
+            status/triage,
+            status/pending-backend,
+            status/pending-frontend,
+            status/pending-QA

.github/workflows/block_merge.yml

@@ -15,7 +15,7 @@ jobs:
     if: ${{ github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public' }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           token: ${{ github.token }}
@@ -27,11 +27,11 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4
         with:
           java-version: '21'
           distribution: 'zulu'
-          cache: 'maven'
+          cache: 'gradle'
       - name: Build
         id: build
         run: |
@@ -40,36 +40,36 @@ jobs:
           export VERSION=$(./mvnw -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
           echo "version=${VERSION}" >> $GITHUB_OUTPUT
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # infered from @v3
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # infered from @v3
       - name: Cache Docker layers
-        uses: actions/cache@v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # infered from @v4
         with:
           path: /tmp/.buildx-cache
           key: ${{ runner.os }}-buildx-${{ github.sha }}
           restore-keys: |
             ${{ runner.os }}-buildx-
       - name: Configure AWS credentials for Kafka-UI account
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502  # infered from @v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: eu-central-1
       - name: Login to Amazon ECR
         id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2
+        uses: aws-actions/amazon-ecr-login@9238dd443b7a5941caf19ffbe68be34d4dbd61df # infered from @v4
       - name: Build and push
         id: docker_build_and_push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # infered from @v6
         with:
           builder: ${{ steps.buildx.outputs.name }}
           context: api
           push: true
           tags: 297478128798.dkr.ecr.eu-central-1.amazonaws.com/kafka-ui:${{ steps.extract_branch.outputs.tag }}
           build-args: |
-            JAR_FILE=api-${{ steps.build.outputs.version }}.jar
+            JAR_FILE=build/libs/api-${{ steps.build.outputs.version }}.jar
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,dest=/tmp/.buildx-cache
     outputs:
@@ -93,7 +93,7 @@ jobs:
 
       - name: update status check for private deployment
         if: ${{ github.event.label.name == 'status/feature_testing' }}
-        uses: Sibz/github-status-action@v1.1.6
+        uses: Sibz/github-status-action@650dd1a882a76dbbbc4576fb5974b8d22f29847f # infered from @v1.1.6
         with:
           authToken: ${{secrets.GITHUB_TOKEN}}
           context: "Click Details button to open custom deployment page"
@@ -103,7 +103,7 @@ jobs:
 
       - name: update status check for public deployment
         if: ${{ github.event.label.name == 'status/feature_testing_public' }}
-        uses: Sibz/github-status-action@v1.1.6
+        uses: Sibz/github-status-action@650dd1a882a76dbbbc4576fb5974b8d22f29847f # infered from @v1.1.6
         with:
           authToken: ${{secrets.GITHUB_TOKEN}}
           context: "Click Details button to open custom deployment page"

.github/workflows/branch-deploy.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     if: ${{ (github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public') || (github.event.action == 'closed' && (contains(github.event.pull_request.labels.*.name, 'status/feature_testing') || contains(github.event.pull_request.labels.*.name, 'status/feature_testing_public'))) }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # infered from @v4
         with:
           token: ${{ github.token }}
       - name: clone