Merge branch 'main' into issues/688

Author: alexanderlz

.dev/dev.yaml

@@ -27,7 +27,6 @@ services:
 
   kafka0:
     image: confluentinc/cp-kafka:7.8.0
-    user: "0:0"
     hostname: kafka0
     container_name: kafka0
     ports:

.github/FUNDING.yml

@@ -1 +1,2 @@
 github: [kafbat]
+open_collective: kafka-ui

.github/workflows/docker_publish.yml

@@ -20,7 +20,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        registry: [ 'docker.io', 'ghcr.io', 'ecr' ]
+        registry: [ 'docker.io', 'ghcr.io', 'public.ecr.aws' ]
 
     runs-on: ubuntu-latest
     steps:
@@ -31,7 +31,8 @@ jobs:
           name: image
           path: /tmp
 
-      # setup containerd to preserve provenance attestations :https://docs.docker.com/build/attestations/#creating-attestations
+      # setup containerd to preserve provenance attestations:
+      # https://docs.docker.com/build/attestations/#creating-attestations
       - name: Setup docker with containerd
         uses: crazy-max/ghaction-setup-docker@v3
         with:
@@ -63,33 +64,33 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Configure AWS credentials
-        if: matrix.registry == 'ecr'
+        if: matrix.registry == 'public.ecr.aws'
         uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-region: us-east-1 # This region only for public ECR
           role-to-assume: ${{ secrets.AWS_ROLE }}
 
       - name: Login to public ECR
-        if: matrix.registry == 'ecr'
+        if: matrix.registry == 'public.ecr.aws'
         id: login-ecr-public
         uses: aws-actions/amazon-ecr-login@v2
         with:
           registry-type: public
 
-      - name: define env vars
+      - name: Define env vars for container registry URL
         run: |
-          if [ ${{matrix.registry }} == 'docker.io' ]; then
-            echo "REGISTRY=${{ matrix.registry }}" >> $GITHUB_ENV
-            echo "REPOSITORY=${{ github.repository }}" >> $GITHUB_ENV
-          elif [ ${{ matrix.registry }} == 'ghcr.io' ]; then
-            echo "REGISTRY=${{ matrix.registry }}" >> $GITHUB_ENV
-            echo "REPOSITORY=${{ github.repository }}" >> $GITHUB_ENV
-          elif [ ${{ matrix.registry }} == 'ecr' ]; then
+          if [ ${{ matrix.registry }} == 'public.ecr.aws' ]; then
+            # vars.ECR_REGISTRY value is expected to be of the `public.ecr.aws/<public_ecr_id>` form
+            # The `public_ecr_id` must be a *default* alias associated with public regsitry (rather
+            # than a custom alias)
             echo "REGISTRY=${{ vars.ECR_REGISTRY }}" >> $GITHUB_ENV
+            # Trim GH Org name so that resulting Public ECR URL has no duplicate org name
+            # Public ECR default alias: public.ecr.aws/<public_ecr_id>/kafka-ui
+            # Public ECR custom alias:  public.ecr.aws/kafbat/kafka-ui
+            echo "REPOSITORY=$(basename ${{ github.repository }})" >> $GITHUB_ENV
+          else # this covers the case of docker.io and ghcr.io
+            echo "REGISTRY=${{ matrix.registry }}" >> $GITHUB_ENV
             echo "REPOSITORY=${{ github.repository }}" >> $GITHUB_ENV
-          else
-            echo "REGISTRY=" >> $GITHUB_ENV
-            echo "REPOSITORY=notworking" >> $GITHUB_ENV
           fi
 
       - name: Push images to ${{ matrix.registry }}

api/pom.xml

@@ -329,7 +329,7 @@
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <configuration>
-                    <argLine>@{argLine} --illegal-access=permit</argLine>
+                    <argLine>@{argLine}</argLine>
                 </configuration>
             </plugin>
             <plugin>

api/src/main/java/io/kafbat/ui/client/RetryingKafkaConnectClient.java

@@ -12,7 +12,7 @@
 import io.kafbat.ui.connect.model.ConnectorTopics;
 import io.kafbat.ui.connect.model.NewConnector;
 import io.kafbat.ui.connect.model.TaskStatus;
-import io.kafbat.ui.exception.KafkaConnectConflictReponseException;
+import io.kafbat.ui.exception.KafkaConnectConflictResponseException;
 import io.kafbat.ui.exception.ValidationException;
 import io.kafbat.ui.util.WebClientConfigurator;
 import jakarta.validation.constraints.NotNull;
@@ -48,7 +48,7 @@ private static Retry conflictCodeRetry() {
         .fixedDelay(MAX_RETRIES, RETRIES_DELAY)
         .filter(e -> e instanceof WebClientResponseException.Conflict)
         .onRetryExhaustedThrow((spec, signal) ->
-            new KafkaConnectConflictReponseException(
+            new KafkaConnectConflictResponseException(
                 (WebClientResponseException.Conflict) signal.failure()));
   }
 

api/src/main/java/io/kafbat/ui/config/auth/BasicAuthSecurityConfig.java

@@ -1,8 +1,6 @@
 package io.kafbat.ui.config.auth;
 
-import io.kafbat.ui.util.EmptyRedirectStrategy;
 import io.kafbat.ui.util.StaticFileWebFilter;
-import java.net.URI;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
@@ -12,8 +10,6 @@
 import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
-import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
-import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
 
 @Configuration

api/src/main/java/io/kafbat/ui/config/auth/condition/ActiveDirectoryCondition.java

@@ -40,7 +40,7 @@ public Mono<Void> handle(WebFilterExchange exchange, Authentication authenticati
         requestUri.getPath(), requestUri.getQuery());
 
     final UriComponents baseUrl = UriComponentsBuilder
-        .fromHttpUrl(fullUrl)
+        .fromUriString(fullUrl)
         .replacePath("/")
         .replaceQuery(null)
         .fragment(null)

api/src/main/java/io/kafbat/ui/config/auth/logout/CognitoLogoutSuccessHandler.java

@@ -53,7 +53,7 @@ private Map<TopicPartition, Long> firstOffsetsForPolling(Consumer<?, ?> consumer
                                                            Collection<TopicPartition> partitions) {
     try {
       // we try to use offsetsForTimes() to find earliest offsets, since for
-      // some topics (like compacted) beginningOffsets() ruturning 0 offsets
+      // some topics (like compacted) beginningOffsets() returning 0 offsets
       // even when effectively first offset can be very high
       var offsets = consumer.offsetsForTimes(
           partitions.stream().collect(Collectors.toMap(p -> p, p -> 0L))