kafka

1
# Licensed to the Apache Software Foundation (ASF) under one or more
2
# contributor license agreements.  See the NOTICE file distributed with
3
# this work for additional information regarding copyright ownership.
4
# The ASF licenses this file to You under the Apache License, Version 2.0
5
# (the "License"); you may not use this file except in compliance with
6
# the License.  You may obtain a copy of the License at
7
#
8
#    http://www.apache.org/licenses/LICENSE-2.0
9
#
10
# Unless required by applicable law or agreed to in writing, software
11
# distributed under the License is distributed on an "AS IS" BASIS,
12
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
# See the License for the specific language governing permissions and
14
# limitations under the License.
15

16
name: Docker Build Test
17

18
on:
19
  workflow_dispatch:
20
    inputs:
21
      image_type:
22
        type: choice
23
        description: Docker image type to build and test
24
        options: 
25
          - "jvm"
26
          - "native"
27
      kafka_url:
28
        description: Kafka url to be used to build the docker image
29
        required: true
30

31
jobs:
32
  build:
33
    runs-on: ubuntu-latest
34
    steps:
35
    - uses: actions/checkout@v4
36
    - name: Set up Python 3.10
37
      uses: actions/setup-python@v5
38
      with:
39
        python-version: "3.10"
40
    - name: Install dependencies
41
      run: |
42
        python -m pip install --upgrade pip
43
        pip install -r docker/requirements.txt
44
    - name: Build image and run tests
45
      working-directory: ./docker
46
      env:
47
        IMAGE_TYPE: ${{ github.event.inputs.image_type }}
48
        KAFKA_URL: ${{ github.event.inputs.kafka_url }}
49
      run: |
50
        python docker_build_test.py kafka/test -tag=test -type=$IMAGE_TYPE -u=$KAFKA_URL
51
    - name: Run CVE scan
52
      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
53
      with:
54
        image-ref: 'kafka/test:test'
55
        format: 'table'
56
        severity: 'CRITICAL,HIGH'
57
        output: scan_report_${{ github.event.inputs.image_type }}.txt
58
        exit-code: '1'
59
    - name: Upload test report
60
      if: always()
61
      uses: actions/upload-artifact@v4
62
      with:
63
        name: report_${{ github.event.inputs.image_type }}.html
64
        path: docker/test/report_${{ github.event.inputs.image_type }}.html
65
    - name: Upload CVE scan report
66
      if: always()
67
      uses: actions/upload-artifact@v4
68
      with:
69
        name: scan_report_${{ github.event.inputs.image_type }}.txt
70
        path: scan_report_${{ github.event.inputs.image_type }}.txt
71