forked from opensearch-project/opensearch-migrations
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into NewBackpressureForRequestsOutstanding
* main: On board 1-click release for OpenSearch Migrations (opensearch-project#334) Add support for Kafka management scripts (opensearch-project#330) Bump urllib3 from 2.0.3 to 2.0.6 in /test Removing extra character + moving project specific requirement back to where it belongs Update CDK documentation + minor changes to devDeploy script Signed-off-by: Greg Schohn <[email protected]>
- Loading branch information
Showing
12 changed files
with
218 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
name: Release drafter | ||
|
||
# Push events to every tag not containing "/" | ||
on: | ||
push: | ||
tags: | ||
- "*" | ||
|
||
jobs: | ||
draft-a-release: | ||
name: Draft a release | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- id: get_data | ||
run: | | ||
echo "approvers=$(cat .github/CODEOWNERS | grep @ | tr -d '*\n ' | sed 's/@/,/g' | sed 's/,//1')" >> $GITHUB_OUTPUT | ||
echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT | ||
- uses: trstringer/manual-approval@v1 | ||
with: | ||
secret: ${{ github.TOKEN }} | ||
approvers: ${{ steps.get_data.outputs.approvers }} | ||
minimum-approvals: 2 | ||
issue-title: 'Release opensearch-migrations version ${{ steps.get_data.outputs.version }}' | ||
issue-body: "Please approve or deny the release of opensearch-migrations **TAG**: ${{ github.ref_name }} **COMMIT**: ${{ github.sha }} **VERSION** : ${{ steps.get_data.outputs.version }} " | ||
exclude-workflow-initiator-as-approver: true | ||
- name: Download Repo Tar | ||
run: | | ||
wget https://github.com/opensearch-project/opensearch-migrations/archive/refs/tags/${{ steps.get_data.outputs.version }}.tar.gz -O artifacts.tar.gz | ||
- name: Draft a release | ||
uses: softprops/action-gh-release@v1 | ||
with: | ||
draft: true | ||
generate_release_notes: true | ||
files: artifacts.tar.gz |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
55 changes: 55 additions & 0 deletions
55
TrafficCapture/dockerSolution/src/main/docker/migrationConsole/kafkaCmdRef.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
## Kafka Sample Commands | ||
|
||
Sample commands to be run from the kafka/bin directory | ||
|
||
### AWS | ||
|
||
When running these commands in an AWS environment, the following piece should be added to the end of the commands to allow IAM communication with MSK | ||
```shell | ||
--command-config ../../aws/msk-iam-auth.properties | ||
``` | ||
|
||
### Topics | ||
|
||
List all Topics | ||
```shell | ||
./kafka-topics.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --list | ||
``` | ||
|
||
Create a Topic | ||
```shell | ||
./kafka-topics.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --create --replication-factor 1 --topic test-topic | ||
``` | ||
|
||
Delete a Topic | ||
```shell | ||
./kafka-topics.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --delete --topic test-topic | ||
``` | ||
|
||
### Consumer Groups | ||
|
||
List all Consumer Groups | ||
```shell | ||
./kafka-consumer-groups.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --timeout 100000 --list | ||
``` | ||
|
||
Describe all Consumer Groups | ||
```shell | ||
./kafka-consumer-groups.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --timeout 100000 --describe --all-groups | ||
``` | ||
|
||
Describe a particular Consumer Group | ||
```shell | ||
./kafka-consumer-groups.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --timeout 100000 --describe --group logging-group-default | ||
``` | ||
|
||
Delete a particular Consumer Group (Requires Consumer Group to be empty to perform) | ||
```shell | ||
./kafka-consumer-groups.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --timeout 100000 --delete --group logging-group-default | ||
``` | ||
|
||
Reset a Consumer Group offset to latest (Requires Consumer Group to not be active to perform) | ||
More options for different types of reset [here](https://docs.cloudera.com/runtime/7.2.8/kafka-managing/topics/kafka-manage-cli-cgroups.html#pnavId2) | ||
```shell | ||
./kafka-consumer-groups.sh --bootstrap-server "$MIGRATION_KAFKA_BROKER_ENDPOINTS" --timeout 100000 --reset-offsets --to-latest --topic logging-traffic-topic --group logging-group-default --execute | ||
``` |
13 changes: 13 additions & 0 deletions
13
TrafficCapture/dockerSolution/src/main/docker/migrationConsole/msk-iam-auth.properties
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
# --- Additional setup to use AWS MSK IAM library for communication with an AWS MSK cluster | ||
# Sets up TLS for encryption and SASL for authN. | ||
security.protocol = SASL_SSL | ||
|
||
# Identifies the SASL mechanism to use. | ||
sasl.mechanism = AWS_MSK_IAM | ||
|
||
# Binds SASL client implementation. | ||
sasl.jaas.config = software.amazon.msk.auth.iam.IAMLoginModule required; | ||
|
||
# Encapsulates constructing a SigV4 signature based on extracted credentials. | ||
# The SASL client bound by "sasl.jaas.config" invokes this class. | ||
sasl.client.callback.handler.class = software.amazon.msk.auth.iam.IAMClientCallbackHandler |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
AWSTemplateFormatVersion: "2010-09-09" | ||
|
||
# You can use any of these parameters to create conditions or mappings in your template. | ||
Parameters: | ||
App: | ||
Type: String | ||
Description: Your application's name. | ||
Env: | ||
Type: String | ||
Description: The environment name your service, job, or workflow is being deployed to. | ||
Name: | ||
Type: String | ||
Description: Your workload's name. | ||
|
||
Resources: | ||
MSKAdminAccessPolicy: | ||
Type: AWS::IAM::ManagedPolicy | ||
Properties: | ||
Description: Allow compute host to have admin access to MSK | ||
PolicyDocument: | ||
Version: '2012-10-17' | ||
Statement: | ||
# Cluster level actions | ||
- Action: | ||
- kafka-cluster:* | ||
Effect: Allow | ||
Resource: | ||
- Fn::ImportValue: !Sub "${App}-${Env}-msk-cluster-arn" | ||
# Topic level actions | ||
- Action: | ||
- kafka-cluster:* | ||
Effect: Allow | ||
Resource: | ||
!Join | ||
# Delimiter | ||
- '' | ||
# Values to join | ||
- - { "Fn::Join": [ ":topic", { "Fn::Split": [ ":cluster", { "Fn::ImportValue": !Sub "${App}-${Env}-msk-cluster-arn" } ] } ] } | ||
- "/*" | ||
# Consumer group level actions | ||
- Action: | ||
- kafka-cluster:* | ||
Effect: Allow | ||
Resource: | ||
!Join | ||
# Delimiter | ||
- '' | ||
# Values to join | ||
- - { "Fn::Join": [ ":group", { "Fn::Split": [ ":cluster", { "Fn::ImportValue": !Sub "${App}-${Env}-msk-cluster-arn" } ] } ] } | ||
- "/*" | ||
|
||
Outputs: | ||
# 1. You need to output the IAM ManagedPolicy so that Copilot can add it as a managed policy to your ECS task role. | ||
MSKAdminAccessPolicyArn: | ||
Description: "The ARN of the ManagedPolicy to attach to the task role." | ||
Value: !Ref MSKAdminAccessPolicy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
lib = library(identifier: '[email protected]', retriever: modernSCM([ | ||
$class: 'GitSCMSource', | ||
remote: 'https://github.com/opensearch-project/opensearch-build-libraries.git', | ||
])) | ||
|
||
standardReleasePipelineWithGenericTrigger( | ||
tokenIdCredential: 'jenkins-opensearch-migrations-generic-webhook-token', | ||
causeString: 'A tag was cut on opensearch-project/opensearch-migrations repository causing this workflow to run', | ||
downloadReleaseAsset: true, | ||
publishRelease: true) { | ||
publishToArtifactsProdBucket( | ||
assumedRoleName: 'opensearch-migrations-upload-role', | ||
source: "${WORKSPACE}/artifacts.tar.gz", | ||
destination: "migrations/${tag}/opensearch-migrations-${tag}.tar.gz", | ||
signingPlatform: 'linux', | ||
sigType: '.sig', | ||
sigOverwrite: true | ||
) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,4 +6,4 @@ packaging==23.1 | |
pluggy==1.0.0 | ||
pytest==7.3.1 | ||
requests==2.31.0 | ||
urllib3==2.0.3 | ||
urllib3==2.0.6 |