Merge branch 'main' into feature/search_acl

Haarolean · web-flow · commit f6d70a9a8ebf · 2024-12-09T20:52:50.000+04:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -14,6 +14,23 @@ updates:
     - "type/dependencies"
     - "scope/backend"
 
+- package-ecosystem: docker
+  directory: "/api"
+  schedule:
+    interval: weekly
+    time: "10:00"
+    timezone: Europe/London
+  reviewers:
+    - "kafbat/backend"
+  open-pull-requests-limit: 10
+  ignore:
+  - dependency-name: "azul/zulu-openjdk-alpine"
+    # Limit dependabot pull requests to minor Java upgrades
+    update-types: ["version-update:semver-major"]
+  labels:
+    - "type/dependencies"
+    - "scope/backend"
+
 - package-ecosystem: npm
   directory: "/frontend"
   schedule:
diff --git a/README.md b/README.md
@@ -50,7 +50,7 @@ We extend our gratitude to Provectus for their past support in groundbreaking wo
 * **View Consumer Groups** — view per-partition parked offsets, combined and per-partition lag
 * **Browse Messages** — browse messages with JSON, plain text, and Avro encoding
 * **Dynamic Topic Configuration** — create and configure new topics with dynamic configuration
-* **Configurable Authentification** — [secure](https://ui.docs.kafbat.io/configuration/authentication) your installation with optional Github/Gitlab/Google OAuth 2.0
+* **Configurable Authentication** — [secure](https://ui.docs.kafbat.io/configuration/authentication) your installation with optional Github/Gitlab/Google OAuth 2.0
 * **Custom serialization/deserialization plugins** - [use](https://ui.docs.kafbat.io/configuration/serialization-serde) a ready-to-go serde for your data like AWS Glue or Smile, or code your own!
 * **Role based access control** - [manage permissions](https://ui.docs.kafbat.io/configuration/rbac-role-based-access-control) to access the UI with granular precision
 * **Data masking** - [obfuscate](https://ui.docs.kafbat.io/configuration/data-masking) sensitive data in topic messages
diff --git a/api/Dockerfile b/api/Dockerfile
@@ -1,4 +1,7 @@
-FROM azul/zulu-openjdk-alpine:17.0.11-jre-headless
+# The tag is ignored when a sha is included but the reason to add it are:  
+# 1. Self Documentation: It is difficult to find out what the expected tag is given a sha alone
+# 2. Helps dependabot during discovery of upgrades
+FROM azul/zulu-openjdk-alpine:17-jre-headless-latest@sha256:af4df00adaec356d092651af50d9e80fd179f96722d267e79acb564aede10fda
 
 RUN apk add --no-cache \
     # snappy codec
diff --git a/api/pom.xml b/api/pom.xml
@@ -97,7 +97,7 @@
         <dependency>
             <groupId>com.azure</groupId>
             <artifactId>azure-identity</artifactId>
-            <version>1.13.3</version>
+            <version>1.14.2</version>
             <exclusions>
                 <exclusion>
                     <groupId>io.netty</groupId>
diff --git a/api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java b/api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java
@@ -8,7 +8,7 @@
 import java.util.Map;
 import java.util.Optional;
 import lombok.RequiredArgsConstructor;
-import lombok.extern.log4j.Log4j2;
+import lombok.extern.slf4j.Slf4j;
 import org.jetbrains.annotations.Nullable;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
@@ -41,7 +41,7 @@
 @EnableWebFluxSecurity
 @EnableReactiveMethodSecurity
 @RequiredArgsConstructor
-@Log4j2
+@Slf4j
 public class OAuthSecurityConfig extends AbstractAuthSecurityConfig {
 
   private final OAuthProperties properties;
diff --git a/api/src/main/java/io/kafbat/ui/controller/MessagesController.java b/api/src/main/java/io/kafbat/ui/controller/MessagesController.java
@@ -118,10 +118,11 @@ public Mono<ResponseEntity<Flux<TopicMessageEventDTO>>> getTopicMessagesV2(Strin
     if (cursor != null) {
       messagesFlux = messagesService.loadMessages(getCluster(clusterName), topicName, cursor);
     } else {
+      var pollingMode = mode == null ? PollingModeDTO.LATEST : mode;
       messagesFlux = messagesService.loadMessages(
           getCluster(clusterName),
           topicName,
-          ConsumerPosition.create(checkNotNull(mode), checkNotNull(topicName), partitions, timestamp, offset),
+          ConsumerPosition.create(pollingMode, checkNotNull(topicName), partitions, timestamp, offset),
           stringFilter,
           smartFilterId,
           limit,
diff --git a/api/src/main/java/io/kafbat/ui/emitter/MessageFilters.java b/api/src/main/java/io/kafbat/ui/emitter/MessageFilters.java
@@ -52,7 +52,23 @@ public static Predicate<TopicMessageDTO> noop() {
 
   public static Predicate<TopicMessageDTO> containsStringFilter(String string) {
     return msg -> StringUtils.contains(msg.getKey(), string)
-        || StringUtils.contains(msg.getContent(), string);
+        || StringUtils.contains(msg.getContent(), string) || headersContains(msg, string);
+  }
+
+  private static boolean headersContains(TopicMessageDTO msg, String searchString) {
+    final var headers = msg.getHeaders();
+
+    if (headers == null) {
+      return false;
+    }
+
+    for (final var entry : headers.entrySet()) {
+      if (StringUtils.contains(entry.getKey(), searchString) || StringUtils.contains(entry.getValue(), searchString)) {
+        return true;
+      }
+    }
+
+    return false;
   }
 
   public static Predicate<TopicMessageDTO> celScriptFilter(String script) {
diff --git a/api/src/main/java/io/kafbat/ui/model/rbac/Role.java b/api/src/main/java/io/kafbat/ui/model/rbac/Role.java
@@ -1,5 +1,6 @@
 package io.kafbat.ui.model.rbac;
 
+import com.google.common.base.Preconditions;
 import java.util.List;
 import lombok.Data;
 
@@ -12,6 +13,7 @@ public class Role {
   List<Permission> permissions;
 
   public void validate() {
+    Preconditions.checkArgument(!clusters.isEmpty(), "Role clusters cannot be empty");
     permissions.forEach(Permission::transform);
     permissions.forEach(Permission::validate);
   }
diff --git a/api/src/main/java/io/kafbat/ui/serdes/ProducerRecordCreator.java b/api/src/main/java/io/kafbat/ui/serdes/ProducerRecordCreator.java
@@ -31,7 +31,7 @@ public ProducerRecord<byte[], byte[]> create(String topic,
 
   private Iterable<Header> createHeaders(Map<String, String> clientHeaders) {
     RecordHeaders headers = new RecordHeaders();
-    clientHeaders.forEach((k, v) -> headers.add(new RecordHeader(k, v.getBytes())));
+    clientHeaders.forEach((k, v) -> headers.add(new RecordHeader(k, v == null ? null : v.getBytes())));
     return headers;
   }
 
diff --git a/api/src/main/java/io/kafbat/ui/service/rbac/AccessControlService.java b/api/src/main/java/io/kafbat/ui/service/rbac/AccessControlService.java
@@ -113,11 +113,11 @@ private boolean isAccessible(AuthenticatedUser user, AccessContext context) {
     return context.isAccessible(getUserPermissions(user, context.cluster()));
   }
 
-  private List<Permission> getUserPermissions(AuthenticatedUser user, String clusterName) {
+  private List<Permission> getUserPermissions(AuthenticatedUser user, @Nullable String clusterName) {
     return properties.getRoles()
         .stream()
         .filter(filterRole(user))
-        .filter(role -> role.getClusters().stream().anyMatch(clusterName::equalsIgnoreCase))
+        .filter(role -> clusterName == null || role.getClusters().stream().anyMatch(clusterName::equalsIgnoreCase))
         .flatMap(role -> role.getPermissions().stream())
         .toList();
   }
diff --git a/api/src/test/java/io/kafbat/ui/emitter/MessageFiltersTest.java b/api/src/test/java/io/kafbat/ui/emitter/MessageFiltersTest.java
@@ -28,7 +28,7 @@ class StringContainsFilter {
     Predicate<TopicMessageDTO> filter = containsStringFilter("abC");
 
     @Test
-    void returnsTrueWhenStringContainedInKeyOrContentOrInBoth() {
+    void returnsTrueWhenStringContainedInKeyOrContentOrHeadersOrInAllThree() {
       assertTrue(
           filter.test(msg().key("contains abCd").content("some str"))
       );
@@ -40,6 +40,14 @@ void returnsTrueWhenStringContainedInKeyOrContentOrInBoth() {
       assertTrue(
           filter.test(msg().key("contains abCd").content("contains abCd"))
       );
+
+      assertTrue(
+          filter.test(msg().key("dfg").content("does-not-contain").headers(Map.of("abC", "value")))
+      );
+
+      assertTrue(
+          filter.test(msg().key("dfg").content("does-not-contain").headers(Map.of("x1", "some abC")))
+      );
     }
 
     @Test
@@ -55,6 +63,11 @@ void returnsFalseOtherwise() {
       assertFalse(
           filter.test(msg().key("aBc").content("AbC"))
       );
+
+      assertFalse(
+          filter.test(msg().key("aBc").content("AbC").headers(Map.of("abc", "value")))
+      );
+
     }
 
   }
diff --git a/api/src/test/java/io/kafbat/ui/service/SendAndReadTests.java b/api/src/test/java/io/kafbat/ui/service/SendAndReadTests.java
@@ -19,6 +19,7 @@
 import io.kafbat.ui.serdes.builtin.StringSerde;
 import io.kafbat.ui.serdes.builtin.sr.SchemaRegistrySerde;
 import java.time.Duration;
+import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
@@ -425,6 +426,25 @@ void topicMessageMetadataJson() {
         });
   }
 
+  @Test
+  void headerValueNullPresentTest() {
+    new SendAndReadSpec()
+        .withKeySchema(JSON_SCHEMA)
+        .withValueSchema(JSON_SCHEMA)
+        .withMsgToSend(
+            new CreateTopicMessageDTO()
+                .key(JSON_SCHEMA_RECORD)
+                .keySerde(SchemaRegistrySerde.name())
+                .content(JSON_SCHEMA_RECORD)
+                .valueSerde(SchemaRegistrySerde.name())
+                .headers(Collections.singletonMap("header123", null))
+        )
+        .doAssert(polled -> {
+          assertThat(polled.getHeaders().get("header123")).isNull();
+        });
+  }
+
+
   @Test
   void noKeyAndNoContentPresentTest() {
     new SendAndReadSpec()
diff --git a/contract/src/main/resources/swagger/kafbat-ui-api.yaml b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
@@ -3784,6 +3784,7 @@ components:
         - DYNAMIC_BROKER_LOGGER_CONFIG
         - DYNAMIC_BROKER_CONFIG
         - DYNAMIC_DEFAULT_BROKER_CONFIG
+        - DYNAMIC_CLIENT_METRICS_CONFIG
         - STATIC_BROKER_CONFIG
         - DEFAULT_CONFIG
         - UNKNOWN
diff --git a/documentation/compose/e2e-tests.yaml b/documentation/compose/e2e-tests.yaml
@@ -29,7 +29,8 @@ services:
       KAFKA_CLUSTERS_0_KSQLDBSERVER: http://ksqldb:8088
 
   kafka0:
-    image: confluentinc/cp-kafka:7.2.1
+    image: confluentinc/cp-kafka:7.6.0
+    user: "0:0"
     hostname: kafka0
     container_name: kafka0
     healthcheck:
@@ -58,12 +59,10 @@ services:
       KAFKA_INTER_BROKER_LISTENER_NAME: 'PLAINTEXT'
       KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
       KAFKA_LOG_DIRS: '/tmp/kraft-combined-logs'
-    volumes:
-      - ./scripts/update_run.sh:/tmp/update_run.sh
-    command: "bash -c 'if [ ! -f /tmp/update_run.sh ]; then echo \"ERROR: Did you forget the update_run.sh file that came with this docker-compose.yml file?\" && exit 1 ; else /tmp/update_run.sh && /etc/confluent/docker/run ; fi'"
+      CLUSTER_ID: 'MkU3OEVBNTcwNTJENDM2Qk'
 
   schemaregistry0:
-    image: confluentinc/cp-schema-registry:7.2.1
+    image: confluentinc/cp-schema-registry:7.6.0
     ports:
       - 8085:8085
     depends_on:
@@ -88,7 +87,7 @@ services:
     build:
       context: ./kafka-connect
       args:
-        image: confluentinc/cp-kafka-connect:6.0.1
+        image: confluentinc/cp-kafka-connect:7.6.0
     ports:
       - 8083:8083
     depends_on:
@@ -122,7 +121,7 @@ services:
   #      AWS_SECRET_ACCESS_KEY: ""
 
   kafka-init-topics:
-    image: confluentinc/cp-kafka:7.2.1
+    image: confluentinc/cp-kafka:7.6.0
     volumes:
       - ./data/message.json:/data/message.json
     depends_on:
@@ -162,7 +161,7 @@ services:
     command: bash -c '/connectors/start.sh'
 
   ksqldb:
-    image: confluentinc/ksqldb-server:0.18.0
+    image: confluentinc/cp-ksqldb-server:7.6.0
     healthcheck:
       test: [ "CMD", "timeout", "1", "curl", "--silent", "--fail", "http://localhost:8088/info" ]
       interval: 30s
diff --git a/frontend/package.json b/frontend/package.json
@@ -116,7 +116,8 @@
       "follow-redirects@<1.15.4": ">=1.15.4",
       "json5@>=2.0.0 <2.2.2": ">=2.2.2",
       "semver@>=7.0.0 <7.5.2": ">=7.5.2",
-      "axios@>=0.8.1 <0.28.0": ">=0.28.0"
+      "axios@>=0.8.1 <0.28.0": ">=0.28.0",
+      "braces": "3.0.3"
     }
   }
 }
diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml
diff --git a/frontend/src/components/Brokers/Broker/Configs/lib/constants.ts b/frontend/src/components/Brokers/Broker/Configs/lib/constants.ts
@@ -5,6 +5,8 @@ export const CONFIG_SOURCE_NAME_MAP: Record<ConfigSource, string> = {
   [ConfigSource.DYNAMIC_BROKER_LOGGER_CONFIG]: 'Dynamic broker logger config',
   [ConfigSource.DYNAMIC_BROKER_CONFIG]: 'Dynamic broker config',
   [ConfigSource.DYNAMIC_DEFAULT_BROKER_CONFIG]: 'Dynamic default broker config',
+  [ConfigSource.DYNAMIC_CLIENT_METRICS_CONFIG]:
+    'Dynamic client metrics subscription config',
   [ConfigSource.STATIC_BROKER_CONFIG]: 'Static broker config',
   [ConfigSource.DEFAULT_CONFIG]: 'Default config',
   [ConfigSource.UNKNOWN]: 'Unknown',
@@ -15,6 +17,7 @@ export const CONFIG_SOURCE_PRIORITY = {
   [ConfigSource.DYNAMIC_BROKER_LOGGER_CONFIG]: 1,
   [ConfigSource.DYNAMIC_BROKER_CONFIG]: 1,
   [ConfigSource.DYNAMIC_DEFAULT_BROKER_CONFIG]: 1,
+  [ConfigSource.DYNAMIC_CLIENT_METRICS_CONFIG]: 1,
   [ConfigSource.STATIC_BROKER_CONFIG]: 2,
   [ConfigSource.DEFAULT_CONFIG]: 3,
   [ConfigSource.UNKNOWN]: 4,
diff --git a/frontend/src/components/Topics/Topic/Messages/Filters/AddEditFilterContainer.tsx b/frontend/src/components/Topics/Topic/Messages/Filters/AddEditFilterContainer.tsx
@@ -196,7 +196,7 @@ const AddEditFilterContainer: React.FC<AddEditFilterContainerProps> = ({
           </FormError>
         </div>
         <S.FilterButtonWrapper isEdit={isEdit}>
-          {!isEdit && <QuestionInfo />}
+          <QuestionInfo />
           <Flexbox gap="10px">
             <Button
               buttonSize="M"
diff --git a/frontend/src/components/Topics/Topic/Messages/Filters/Filters.styled.ts b/frontend/src/components/Topics/Topic/Messages/Filters/Filters.styled.ts
@@ -142,7 +142,7 @@ export const SavedFilterName = styled.div`
 
 export const FilterButtonWrapper = styled.div<{ isEdit: boolean }>`
   display: flex;
-  justify-content: ${(props) => (props.isEdit ? 'flex-end' : 'space-between')};
+  justify-content: space-between;
   margin-top: 10px;
   gap: 10px;
   padding-top: 16px;
diff --git a/frontend/src/components/Topics/Topic/Messages/Filters/__tests__/AddEditFilterContainer.spec.tsx b/frontend/src/components/Topics/Topic/Messages/Filters/__tests__/AddEditFilterContainer.spec.tsx
diff --git a/pom.xml b/pom.xml

Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ public ProducerRecord<byte[], byte[]> create(String topic,`
`31`	`31`
`32`	`32`	`private Iterable<Header> createHeaders(Map<String, String> clientHeaders) {`
`33`	`33`	`RecordHeaders headers = new RecordHeaders();`
`34`		`- clientHeaders.forEach((k, v) -> headers.add(new RecordHeader(k, v.getBytes())));`
	`34`	`+ clientHeaders.forEach((k, v) -> headers.add(new RecordHeader(k, v == null ? null : v.getBytes())));`
`35`	`35`	`return headers;`
`36`	`36`	`}`
`37`	`37`
Original file line number	Diff line number	Diff line change
`@@ -113,11 +113,11 @@ private boolean isAccessible(AuthenticatedUser user, AccessContext context) {`
`113`	`113`	`return context.isAccessible(getUserPermissions(user, context.cluster()));`
`114`	`114`	`}`
`115`	`115`
`116`		`- private List<Permission> getUserPermissions(AuthenticatedUser user, String clusterName) {`
	`116`	`+ private List<Permission> getUserPermissions(AuthenticatedUser user, @Nullable String clusterName) {`
`117`	`117`	`return properties.getRoles()`
`118`	`118`	`.stream()`
`119`	`119`	`.filter(filterRole(user))`
`120`		`- .filter(role -> role.getClusters().stream().anyMatch(clusterName::equalsIgnoreCase))`
	`120`	`+ .filter(role -> clusterName == null \|\| role.getClusters().stream().anyMatch(clusterName::equalsIgnoreCase))`
`121`	`121`	`.flatMap(role -> role.getPermissions().stream())`
`122`	`122`	`.toList();`
`123`	`123`	`}`