diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..bcfb48b9aaadb649f8aee5d84d80a16b0c5c4d6b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,178 @@ +# +# Copyright 2020 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ARG BASE_REGISTRY=registry1.dsop.io +ARG BASE_IMAGE=redhat/openjdk/openjdk11 +ARG BASE_TAG=1.11 + +FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} + +# This affects how strings in Java class files are interpreted. We want UTF-8 and this is the only locale in the +# base image that supports it +ENV LANG="C.UTF-8" + +USER root + +######################################## +## Install Python +RUN dnf update -y && \ + dnf install -y python38.x86_64 && \ + dnf install -y python38-pip-wheel.noarch && \ + dnf clean all && \ + rm -rf /var/cache/dnf + +## Python Installed +######################################## + + +######################################## +## Add the Confluent Docker Utility Belt which helps with starting the proper applications +## https://github.com/confluentinc/common-docker/tree/master/utility-belt + +COPY wheel-0.35.1-py2.py3-none-any.whl /tmp/wheel-0.35.1-py2.py3-none-any.whl +COPY python_dateutil-2.8.0-py2.py3-none-any.whl /tmp/python_dateutil-2.8.0-py2.py3-none-any.whl +COPY setuptools-50.0.0-py3-none-any.whl /tmp/setuptools-50.0.0-py3-none-any.whl +COPY confluent_docker_utils-0.0.40-py3-none-any.whl /tmp/confluent_docker_utils-0.0.40-py3-none-any.whl +COPY *.whl /tmp/python-dependencies/ +COPY *.gz /tmp/python-dependencies/ + + +RUN dnf install -y openssl tar procps iputils hostname \ + && pip3 install --no-index --prefix=/usr/local --upgrade --find-links /tmp/python-dependencies/ /tmp/wheel-0.35.1-py2.py3-none-any.whl \ + && pip3 install --no-index --prefix=/usr/local --upgrade --find-links /tmp/python-dependencies/ /tmp/setuptools-50.0.0-py3-none-any.whl \ + && pip3 install --no-index --prefix=/usr/local --upgrade --find-links /tmp/python-dependencies/ /tmp/python_dateutil-2.8.0-py2.py3-none-any.whl \ + && pip3 install --no-index --prefix=/usr/local --upgrade --find-links /tmp/python-dependencies/ /tmp/confluent_docker_utils-0.0.40-py3-none-any.whl +## dub installed +######################################## + +RUN mkdir -p /etc/confluent/docker /usr/logs \ + && useradd --no-log-init --create-home --shell /bin/bash appuser \ + && chown appuser:appuser -R /etc/confluent/ /usr/logs + +ADD --chown=appuser:appuser cp-base-new-5.5.2_doc.tar.gz /usr/share/doc/cp-base-new/ +ADD --chown=appuser:appuser cp-base-new-5.5.2_java.tar.gz /usr/share/java/cp-base-new/ + +COPY --chown=appuser:appuser include/etc/confluent/docker /etc/confluent/docker + +RUN mkdir /licenses +COPY license.txt /licenses + +############ ^^^^^ Base Container Details ^^^^^ ############ +############################################################ +############ vvvvv This Container Below vvvvv ############ + +# Copy required RPMs +COPY confluent-common-5.5.2-1.noarch.rpm /tmp/confluent-common-5.5.2-1.noarch.rpm +COPY confluent-control-center-5.5.2-1.noarch.rpm /tmp/confluent-control-center-5.5.2-1.noarch.rpm +COPY confluent-control-center-fe-5.5.2-1.noarch.rpm /tmp/confluent-control-center-fe-5.5.2-1.noarch.rpm +COPY confluent-hub-client-5.5.2-1.noarch.rpm /tmp/confluent-hub-client-5.5.2-1.noarch.rpm +COPY confluent-kafka-connect-replicator-5.5.2-1.noarch.rpm /tmp/confluent-kafka-connect-replicator-5.5.2-1.noarch.rpm +COPY confluent-metadata-service-5.5.2-1.noarch.rpm /tmp/confluent-metadata-service-5.5.2-1.noarch.rpm +COPY confluent-rebalancer-5.5.2-1.noarch.rpm /tmp/confluent-rebalancer-5.5.2-1.noarch.rpm +COPY confluent-rest-utils-5.5.2-1.noarch.rpm /tmp/confluent-rest-utils-5.5.2-1.noarch.rpm +COPY confluent-schema-registry-5.5.2-1.noarch.rpm /tmp/confluent-schema-registry-5.5.2-1.noarch.rpm +COPY confluent-security-5.5.2-1.noarch.rpm /tmp/confluent-security-5.5.2-1.noarch.rpm +COPY confluent-server-5.5.2-1.noarch.rpm /tmp/confluent-server-5.5.2-1.noarch.rpm + +######################################## +# confluentinc/kafka-images/server + +# allow arg override of required env params +ARG KAFKA_ZOOKEEPER_CONNECT +ENV KAFKA_ZOOKEEPER_CONNECT=${KAFKA_ZOOKEEPER_CONNECT} +ARG KAFKA_ADVERTISED_LISTENERS +ENV KAFKA_ADVERTISED_LISTENERS=${KAFKA_ADVERTISED_LISTENERS} + +# primary +EXPOSE 9092 + +USER root + +RUN echo "===> Installing kafka" \ + && dnf install --nogpgcheck -y /tmp/confluent-common-5.5.2-1.noarch.rpm \ + && dnf install --nogpgcheck -y /tmp/confluent-rest-utils-5.5.2-1.noarch.rpm \ + && dnf install --nogpgcheck -y /tmp/confluent-metadata-service-5.5.2-1.noarch.rpm \ + && dnf install --nogpgcheck -y /tmp/confluent-server-5.5.2-1.noarch.rpm \ + && echo "===> installing confluent-rebalancer ..." \ + && dnf install --nogpgcheck -y /tmp/confluent-rebalancer-5.5.2-1.noarch.rpm \ + && echo "===> installing confluent-security ..." \ + && dnf install --nogpgcheck -y /tmp/confluent-security-5.5.2-1.noarch.rpm \ + && echo "===> Setting up kafka dirs" \ + && mkdir -p /var/lib/kafka/data /etc/kafka/secrets \ + && chmod -R ag+w /etc/kafka /var/lib/kafka/data /etc/kafka/secrets \ + && chown -R appuser:appuser /var/log/kafka /var/log/confluent /var/lib/kafka /var/lib/zookeeper /etc/kafka/secrets + +VOLUME ["/var/lib/kafka/data", "/etc/kafka/secrets"] + + +######################################## +# confluentinc/kafka-images/server-connect-base + +# Default kafka-connect rest.port +EXPOSE 8083 + +USER root + +RUN echo "===> Installing ${COMPONENT}..." \ + && echo "===> Installing Schema Registry (for Avro jars) ..." \ + && dnf install --nogpgcheck -y /tmp/confluent-schema-registry-5.5.2-1.noarch.rpm \ + && echo "===> Installing Controlcenter for monitoring interceptors ..."\ + && dnf install --nogpgcheck -y /tmp/confluent-control-center-fe-5.5.2-1.noarch.rpm \ + && dnf install --nogpgcheck -y /tmp/confluent-control-center-5.5.2-1.noarch.rpm \ + && echo "===> Installing Confluent security plugins ..." \ + && dnf install --nogpgcheck -y /tmp/confluent-security-5.5.2-1.noarch.rpm \ + && echo "===> Installing Confluent Hub client ..." \ + && dnf install --nogpgcheck -y /tmp/confluent-hub-client-5.5.2-1.noarch.rpm \ + && echo "===> Setting up ${COMPONENT} dirs ..." \ + && mkdir -p /etc/${COMPONENT} /etc/${COMPONENT}/secrets /etc/${COMPONENT}/jars /usr/logs \ + && chown appuser:appuser -R /etc/${COMPONENT} /usr/logs \ + && chmod -R ag+w /etc/${COMPONENT} /etc/${COMPONENT}/secrets /etc/${COMPONENT}/jars \ + && chmod -R ag+w /etc/schema-registry \ + && mkdir -p /usr/share/confluent-hub-components \ + && chown appuser:appuser -R /usr/share/confluent-hub-components + +ENV CONNECT_PLUGIN_PATH=/usr/share/java/,/usr/share/confluent-hub-components/ + +VOLUME ["/etc/${COMPONENT}/jars", "/etc/${COMPONENT}/secrets"] + +COPY --chown=appuser:appuser include/etc/confluent/docker /etc/confluent/docker + +######################################## +## confluentinc/kafka-replicator-images/replicator +RUN echo "===> Installing Replicator ..." \ + && yum -q -y update \ + && dnf install --nogpgcheck -y /tmp/confluent-kafka-connect-replicator-5.5.2-1.noarch.rpm + +######################################## +## confluentinc/kafka-replicator-images/replicator-executable + +ENV COMPONENT=replicator + +USER root + +RUN echo "===> clean up ..." \ + && dnf update -y \ + && yum clean all \ + && rm -rf /tmp/* + +VOLUME ["/etc/${COMPONENT}/secrets"] + +COPY --chown=appuser:appuser include/etc/confluent/docker /etc/confluent/docker + +RUN chown appuser:appuser -R /etc/replicator /etc/kafka-connect-replicator + +USER appuser + +CMD ["/etc/confluent/docker/run"] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000000000000000000000000000000000000..e06d2081865a766a8668acc12878f98b27fc9ea0 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000000000000000000000000000000000000..0cba50e7c98255b7716e9cf68c92a7ee064741c6 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,370 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "confluent/replicator/cp-enterprise-replicator-5.5.x" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "5.5.2" +- "5.5.x" +- "5.5" + + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "redhat/openjdk/openjdk11" + BASE_TAG: "1.11" + +# Docker image labels +labels: + org.opencontainers.image.title: "cp-enterprise-replicator-5.5.x" + org.opencontainers.image.description: "Confluent Replicator allows you to easily and reliably replicate topics from one Apache Kafka cluster to another." + org.opencontainers.image.licenses: "CONFLUENT ENTERPRISE LICENSE" + org.opencontainers.image.url: "https://docs.confluent.io/5.5.2/installation/docker/image-reference.html#image-reference" + org.opencontainers.image.vendor: "Confluent" + org.opencontainers.image.version: "5.5.2" + mil.dso.ironbank.image.keywords: "confluent,kafka,zookeeper" + mil.dso.ironbank.image.type: "commercial" + mil.dso.ironbank.product.name: "Confluent Platform" + +# List of resources to make available to the offline build context +resources: +- filename: Python-3.6.12.tgz + url: https://www.python.org/ftp/python/3.6.12/Python-3.6.12.tgz + validation: + type: sha256 + value: 12dddbe52385a0f702fb8071e12dcc6b3cb2dde07cd8db3ed60e90d90ab78693 +- filename: six-1.15.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/ee/ff/48bde5c0f013094d729fe4b0316ba2a24774b3ff1c52d924a8a4cb04078a/six-1.15.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced +- filename: wheel-0.35.1-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/a7/00/3df031b3ecd5444d572141321537080b40c1c25e1caa3d86cdd12e5e919c/wheel-0.35.1-py2.py3-none-any.whl + validation: + type: sha256 + value: 497add53525d16c173c2c1c733b8f655510e909ea78cc0e29d374243544b77a2 +- filename: python_dateutil-2.8.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/41/17/c62faccbfbd163c7f57f3844689e3a78bae1f403648a6afb1d0866d87fbb/python_dateutil-2.8.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 7e6584c74aeed623791615e26efd690f29817a27c73085b78e4bad02493df2fb +- filename: setuptools-50.0.0-py3-none-any.whl + url: https://files.pythonhosted.org/packages/b0/8b/379494d7dbd3854aa7b85b216cb0af54edcb7fce7d086ba3e35522a713cf/setuptools-50.0.0-py3-none-any.whl + validation: + type: sha256 + value: 1e842b6dc37a1282f95a05551efe2c4bd09ddca8dd506ed3aa635a9fb6d15309 +- filename: python_dateutil-2.8.1-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/d4/70/d60450c3dd48ef87586924207ae8907090de0b306af2bce5d134d78615cb/python_dateutil-2.8.1-py2.py3-none-any.whl + validation: + type: sha256 + value: 75bb3f31ea686f1197762692a9ee6a7550b59fc6ca3a1f4b5d7e32fb98e2da2a +- filename: paramiko-2.4.2-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/cf/ae/94e70d49044ccc234bfdba20114fa947d7ba6eb68a2e452d89b920e62227/paramiko-2.4.2-py2.py3-none-any.whl + validation: + type: sha256 + value: 3c16b2bfb4c0d810b24c40155dbfd113c0521e7e6ee593d704e84b4c658a1f3b +- filename: boto3-1.9.128-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/bc/2d/831406bd8ad5846aef015f98cfb8ebee6a4830bdc3b3bf14ab378f79c970/boto3-1.9.128-py2.py3-none-any.whl + validation: + type: sha256 + value: 9a133736098741ef8016fb22824c99f9bef8f39a0bfbb76f73fe8bf18373f726 +- filename: cryptography-2.7-cp34-abi3-manylinux1_x86_64.whl + url: https://files.pythonhosted.org/packages/97/18/c6557f63a6abde34707196fb2cad1c6dc0dbff25a200d5044922496668a4/cryptography-2.7-cp34-abi3-manylinux1_x86_64.whl + validation: + type: sha256 + value: 96d8473848e984184b6728e2c9d391482008646276c3ff084a1bd89e15ff53a1 +- filename: docker-3.7.2-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/48/68/c3afca1a5aa8d2997ec3b8ee822a4d752cf85907b321f07ea86888545152/docker-3.7.2-py2.py3-none-any.whl + validation: + type: sha256 + value: 2b1f48041cfdcc9f6b5da0e04e0e326ded225e736762ade2060000e708f4c9b7 +- filename: requests-2.20.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/f1/ca/10332a30cb25b627192b4ea272c351bce3ca1091e541245cccbace6051d8/requests-2.20.0-py2.py3-none-any.whl + validation: + type: sha256 + value: a84b8c9ab6239b578f22d1c21d51b696dcfe004032bb80ea832398d6909d7279 +- filename: mock-2.0.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/e6/35/f187bdf23be87092bd0f1200d43d23076cee4d0dec109f195173fd3ebc79/mock-2.0.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 +- filename: pyrsistent-0.16.1.tar.gz + url: https://files.pythonhosted.org/packages/80/18/1492d651693ef7d40e0a40377ed56a8cc5c5fe86073eb6c56e53513f4480/pyrsistent-0.16.1.tar.gz + validation: + type: sha256 + value: aa2ae1c2e496f4d6777f869ea5de7166a8ccb9c2e06ebcf6c7ff1b670c98c5ef +- filename: six-1.14.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/65/eb/1f97cb97bfc2390a276969c6fae16075da282f5058082d4cb10c6c5c1dba/six-1.14.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c +- filename: docker_compose-1.25.2-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/a0/dd/6ecfedfb035567bb3be1b895ef036bfe9183917c8746b97ea1a94d1fabd5/docker_compose-1.25.2-py2.py3-none-any.whl + validation: + type: sha256 + value: 93f8a0eb1909aebbefaeeb172b35507a4d04b88962b02ac11c08c92a545678cd +- filename: Jinja2-2.11.2-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/30/9e/f663a2aa66a09d838042ae1a2c5659828bb9b41ea3a6efa20a20fd92b121/Jinja2-2.11.2-py2.py3-none-any.whl + validation: + type: sha256 + value: f0a4641d3cf955324a89c04f3d94663aa4d638abe8f733ecd3582848e1c37035 +- filename: PyNaCl-1.4.0-cp35-abi3-manylinux1_x86_64.whl + url: https://files.pythonhosted.org/packages/9d/57/2f5e6226a674b2bcb6db531e8b383079b678df5b10cdaa610d6cf20d77ba/PyNaCl-1.4.0-cp35-abi3-manylinux1_x86_64.whl + validation: + type: sha256 + value: 30f9b96db44e09b3304f9ea95079b1b7316b2b4f3744fe3aaecccd95d547063d +- filename: pyasn1-0.4.8-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/62/1e/a94a8d635fa3ce4cfc7f506003548d0a2447ae76fd5ca53932970fe3053f/pyasn1-0.4.8-py2.py3-none-any.whl + validation: + type: sha256 + value: 39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d +- filename: bcrypt-3.2.0-cp36-abi3-manylinux2010_x86_64.whl + url: https://files.pythonhosted.org/packages/26/70/6d218afbe4c73538053c1016dd631e8f25fffc10cd01f5c272d7acf3c03d/bcrypt-3.2.0-cp36-abi3-manylinux2010_x86_64.whl + validation: + type: sha256 + value: cd1ea2ff3038509ea95f687256c46b79f5fc382ad0aa3664d200047546d511d1 +- filename: botocore-1.12.253-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/8e/7b/88f10115b4748f86be6b7b1d8761ba5023fccf6e6cbe762e368f63eddcf9/botocore-1.12.253-py2.py3-none-any.whl + validation: + type: sha256 + value: dc080aed4f9b220a9e916ca29ca97a9d37e8e1d296fe89cbaeef929bf0c8066b +- filename: s3transfer-0.2.1-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/16/8a/1fc3dba0c4923c2a76e1ff0d52b305c44606da63f718d14d3231e21c51b0/s3transfer-0.2.1-py2.py3-none-any.whl + validation: + type: sha256 + value: b780f2411b824cb541dbcd2c713d0cb61c7d1bcadae204cdddda2b35cef493ba +- filename: jmespath-0.10.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/07/cb/5f001272b6faeb23c1c9e0acc04d48eaaf5c862c17709d20e3469c6e0139/jmespath-0.10.0-py2.py3-none-any.whl + validation: + type: sha256 + value: cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f +- filename: asn1crypto-1.4.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/b5/a8/56be92dcd4a5bf1998705a9b4028249fe7c9a035b955fe93b6a3e5b829f8/asn1crypto-1.4.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 4bcdf33c861c7d40bdcd74d8e4dd7661aac320fcdf40b9a3f95b4ee12fde2fa8 +- filename: cffi-1.14.3-cp38-cp38-manylinux1_x86_64.whl + url: https://files.pythonhosted.org/packages/c6/60/44b6c54dbbee7d5eafbc34e0a0b67207e85906fe8e36c830dfd3966dde1d/cffi-1.14.3-cp38-cp38-manylinux1_x86_64.whl + validation: + type: sha256 + value: 529c4ed2e10437c205f38f3691a68be66c39197d01062618c55f74294a4a4828 +- filename: docker_pycreds-0.4.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/f5/e8/f6bd1eee09314e7e6dee49cbe2c5e22314ccdb38db16c9fc72d2fa80d054/docker_pycreds-0.4.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 7266112468627868005106ec19cd0d722702d2b7d5912a28e19b826c3d37af49 +- filename: websocket_client-0.57.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/4c/5f/f61b420143ed1c8dc69f9eaec5ff1ac36109d52c80de49d66e0c36c3dfdf/websocket_client-0.57.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 0fc45c961324d79c781bab301359d5a1b00b13ad1b10415a4780229ef71a5549 +- filename: idna-2.7-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/4b/2a/0276479a4b3caeb8a8c1af2f8e4355746a97fab05a372e4a2c6a6b876165/idna-2.7-py2.py3-none-any.whl + validation: + type: sha256 + value: 156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e +- filename: chardet-3.0.4-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/bc/a9/01ffebfb562e4274b6487b4bb1ddec7ca55ec7510b22e4c51f14098443b8/chardet-3.0.4-py2.py3-none-any.whl + validation: + type: sha256 + value: fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 +- filename: certifi-2020.6.20-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/5e/c4/6c4fe722df5343c33226f0b4e0bb042e4dc13483228b4718baf286f86d87/certifi-2020.6.20-py2.py3-none-any.whl + validation: + type: sha256 + value: 8fc0819f1f30ba15bdb34cceffb9ef04d99f420f68eb75d901e9560b8749fc41 +- filename: urllib3-1.24.3-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/01/11/525b02e4acc0c747de8b6ccdab376331597c569c42ea66ab0a1dbd36eca2/urllib3-1.24.3-py2.py3-none-any.whl + validation: + type: sha256 + value: a637e5fae88995b256e3409dc4d52c2e2e0ba32c42a6365fee8bbd2238de3cfb +- filename: pbr-5.5.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/c1/a3/d439f338aa90edd5ad9096cd56564b44882182150e92148eb14ceb7488ba/pbr-5.5.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 5adc0f9fc64319d8df5ca1e4e06eea674c26b80e6f00c530b18ce6a6592ead15 +- filename: cached_property-1.5.2-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/48/19/f2090f7dad41e225c7f2326e4cfe6fff49e57dedb5b53636c9551f86b069/cached_property-1.5.2-py2.py3-none-any.whl + validation: + type: sha256 + value: df4f613cf7ad9a588cc381aaf4a512d26265ecebd5eb9e1ba12f1319eb85a6a0 +- filename: docopt-0.6.2.tar.gz + url: https://files.pythonhosted.org/packages/a2/55/8f8cab2afd404cf578136ef2cc5dfb50baa1761b68c9da1fb1e4eed343c9/docopt-0.6.2.tar.gz + validation: + type: sha256 + value: 49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491 +- filename: dockerpty-0.4.1.tar.gz + url: https://files.pythonhosted.org/packages/8d/ee/e9ecce4c32204a6738e0a5d5883d3413794d7498fe8b06f44becc028d3ba/dockerpty-0.4.1.tar.gz + validation: + type: sha256 + value: 69a9d69d573a0daa31bcd1c0774eeed5c15c295fe719c61aca550ed1393156ce +- filename: jsonschema-3.2.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/c5/8f/51e89ce52a085483359217bc72cdbf6e75ee595d5b1d4b5ade40c7e018b8/jsonschema-3.2.0-py2.py3-none-any.whl + validation: + type: sha256 + value: 4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163 +- filename: texttable-1.6.3-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/06/f5/46201c428aebe0eecfa83df66bf3e6caa29659dbac5a56ddfd83cae0d4a4/texttable-1.6.3-py2.py3-none-any.whl + validation: + type: sha256 + value: f802f2ef8459058736264210f716c757cbf85007a30886d8541aa8c3404f1dda +- filename: PyYAML-5.3.1.tar.gz + url: https://files.pythonhosted.org/packages/64/c2/b80047c7ac2478f9501676c988a5411ed5572f35d1beff9cae07d321512c/PyYAML-5.3.1.tar.gz + validation: + type: sha256 + value: b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d +- filename: MarkupSafe-1.1.1-cp38-cp38-manylinux1_x86_64.whl + url: https://files.pythonhosted.org/packages/4b/20/f6d7648c81cb84815d0be935d5c74cd1cc0239e43eadb1a61062d34b6543/MarkupSafe-1.1.1-cp38-cp38-manylinux1_x86_64.whl + validation: + type: sha256 + value: 13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42 +- filename: docutils-0.15.2-py3-none-any.whl + url: https://files.pythonhosted.org/packages/22/cd/a6aa959dca619918ccb55023b4cb151949c64d4d5d55b3f4ffd7eee0c6e8/docutils-0.15.2-py3-none-any.whl + validation: + type: sha256 + value: 6c4f696463b79f1fb8ba0c594b63840ebd41f059e92b31957c46b74a4599b6d0 +- filename: pycparser-2.20-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/ae/e7/d9c3a176ca4b02024debf82342dab36efadfc5776f9c8db077e8f6e71821/pycparser-2.20-py2.py3-none-any.whl + validation: + type: sha256 + value: 7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705 +- filename: attrs-20.2.0-py2.py3-none-any.whl + url: https://files.pythonhosted.org/packages/14/df/479736ae1ef59842f512548bacefad1abed705e400212acba43f9b0fa556/attrs-20.2.0-py2.py3-none-any.whl + validation: + type: sha256 + value: fce7fc47dfc976152e82d53ff92fa0407700c21acd20886a13777a0d20e655dc +- filename: confluent-common-5.5.0-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-common-5.5.0-1.noarch.rpm + validation: + type: sha256 + value: 47dd40c17787771a8a7f0b77af06c57fe62bd1f94dfbd9819a397ad635b4cb0d +- filename: confluent-common-5.5.1-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-common-5.5.1-1.noarch.rpm + validation: + type: sha256 + value: 1581215259e171f8a5ecff768fa7e5e4c771774174f6feec1f9f286865e5da12 +- filename: confluent-common-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-common-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 29e86589d69d99652cadd798bb45edf66272bc2572bb9876a43a4e02b7663935 +- filename: confluent-control-center-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-control-center-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: c89070f951bb60d91e34747b1f9c14216d26cbb1711b3a4d2b3dda7bbfe7b8fb +- filename: confluent-control-center-fe-5.5.0-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-control-center-fe-5.5.0-1.noarch.rpm + validation: + type: sha256 + value: 87cf8c195fd09742dc399510e80d24d8207814b7862fdd2750e76b9c251b374f +- filename: confluent-control-center-fe-5.5.1-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-control-center-fe-5.5.1-1.noarch.rpm + validation: + type: sha256 + value: 6d4170e1007ecb157e825989354f161a1f93ef388c640a20f41915d6174a53c5 +- filename: confluent-control-center-fe-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-control-center-fe-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 9db9febd4217d379c6a4e1f208c8f3ab2cd53e97156e5c92f56a11fdcc72284d +- filename: confluent-hub-client-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-hub-client-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 5b39cf698ec71fab0cf91ab50d467dbbef5fd58d3dace8d05d2a3045285b91bd +- filename: confluent-kafka-connect-replicator-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-kafka-connect-replicator-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: de034f818ad251822e803b3d3bf4a8d0a40b8480a6d79c086f167e5589122b0e +- filename: confluent-metadata-service-5.5.0-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-metadata-service-5.5.0-1.noarch.rpm + validation: + type: sha256 + value: 25e18ab51f20ff42e91d2629fcf01be58fcc178de2526d0ecf02a4b1e142e1f5 +- filename: confluent-metadata-service-5.5.1-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-metadata-service-5.5.1-1.noarch.rpm + validation: + type: sha256 + value: c896840380f5a22a391059fb1aa89ba8fe0c46f65a5013d912b04cc3fd48c386 +- filename: confluent-metadata-service-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-metadata-service-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 8f3514c7a364bc76edfb461edbb84477396f6dcfe90c69eafe6eb78ba3d1ca40 +- filename: confluent-rebalancer-5.5.0-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-rebalancer-5.5.0-1.noarch.rpm + validation: + type: sha256 + value: ead5133f67e9adb06b2d494d308f0bb1740d7e812f9dfe3364b0abd8e6062f68 +- filename: confluent-rebalancer-5.5.1-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-rebalancer-5.5.1-1.noarch.rpm + validation: + type: sha256 + value: 7799944be54122e9839f9a7bec3e1d64f2add6fa40bca7024d27b80d1f565d9c +- filename: confluent-rebalancer-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-rebalancer-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 9af060991a5df90cb5380bc3bc0307ad6b51683d4d8f50629e01d857e27a8b39 +- filename: confluent-rest-utils-5.5.0-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-rest-utils-5.5.0-1.noarch.rpm + validation: + type: sha256 + value: 8c4e7c781d9608179750b7c6a18a04bebcfc6455f867021eba79a429b9cdf078 +- filename: confluent-rest-utils-5.5.1-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-rest-utils-5.5.1-1.noarch.rpm + validation: + type: sha256 + value: f64e5599fb3277a2e05e1bb0a342f43b221939f80f8e585e66f445bc87ecfe18 +- filename: confluent-rest-utils-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-rest-utils-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: d3cbfb8d9d533c6868385dcf5c6151f9522bae2000694a09124ef81d5613392e +- filename: confluent-schema-registry-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-schema-registry-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 90228c20facfa3d7cbf6c9fe8967b39d357088f34533f788f58259ffd3e63b74 +- filename: confluent-security-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-security-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 03fe3285bc4fb64644b72f559a730f15c2bca6c34a08465641e087b70d025f09 +- filename: confluent-server-5.5.2-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-server-5.5.2-1.noarch.rpm + validation: + type: sha256 + value: 533b35a89d0959f15631ffa9711837aff215ab468bfdf4002a45ccf9df126950 +- filename: confluent_docker_utils-0.0.40-py3-none-any.whl + url: https://ironbank-files.s3.amazonaws.com/confluent_docker_utils-0.0.40-py3-none-any.whl + validation: + type: sha256 + value: f84abafb513eb80b94bf6f90a838beecd72d7b93bf76e77ae7b090f23db6002d +- filename: cp-base-new-5.5.2_doc.tar.gz + url: https://ironbank-files.s3.amazonaws.com/cp-base-new-5.5.2_doc.tar.gz + validation: + type: sha256 + value: a9f0dde812daa1e9d0c20a092c03e099f75786493ea6eb6e8fb56e358a57710d +- filename: cp-base-new-5.5.2_java.tar.gz + url: https://ironbank-files.s3.amazonaws.com/cp-base-new-5.5.2_java.tar.gz + validation: + type: sha256 + value: 4f3c6d93c5b3e80d318dccc6f82a2bc6c8ea14ddd13e6f06842081fef62f2061 + +# List of project maintainers +maintainers: +- name: "Scott Stroud" + username: "scottstroud" + email: "confluent-fed@confluent.io" + cht_member: false +- name: "Preston McGowan" + username: "preston.mcgowan" + email: "confluent-fed@confluent.io" + cht_member: false diff --git a/include/etc/confluent/docker/apply-mesos-overrides b/include/etc/confluent/docker/apply-mesos-overrides new file mode 100755 index 0000000000000000000000000000000000000000..37742612bf6f7c5687c8b24c24fa11527cd7e930 --- /dev/null +++ b/include/etc/confluent/docker/apply-mesos-overrides @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +# +# Copyright 2019 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Mesos DC/OS docker deployments will have HOST and PORT0 +# set for the proxying of the service. +# +# Use those values provide things we know we'll need. + +[ -n "${HOST:-}" ] && [ -z "${CONNECT_REST_ADVERTISED_HOST_NAME:-}" ] && \ + export CONNECT_REST_ADVERTISED_HOST_NAME=$HOST || true + +[ -n "${PORT0:-}" ] && [ -z "${CONNECT_REST_ADVERTISED_PORT:-}" ] && \ + export CONNECT_REST_ADVERTISED_PORT=$PORT0 || true + +# And default to 8083, which MUST match the containerPort specification +# in the Mesos package for this service. +[ -z "${CONNECT_REST_PORT:-}" ] && \ + export CONNECT_REST_PORT=8083 || true + diff --git a/include/etc/confluent/docker/bash-config b/include/etc/confluent/docker/bash-config new file mode 100644 index 0000000000000000000000000000000000000000..43c08d9b50864256bdadd2ffb12f24c5fc72ba3c --- /dev/null +++ b/include/etc/confluent/docker/bash-config @@ -0,0 +1,23 @@ +# +# Copyright 2018 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o nounset \ + -o errexit + +# Trace may expose passwords/credentials by printing them to stdout, so turn on with care. +if [ "${TRACE:-}" == "true" ]; then + set -o verbose \ + -o xtrace +fi diff --git a/include/etc/confluent/docker/configure b/include/etc/confluent/docker/configure new file mode 100755 index 0000000000000000000000000000000000000000..4bb4771687b821607c22b34f9eb044f3160f9906 --- /dev/null +++ b/include/etc/confluent/docker/configure @@ -0,0 +1,22 @@ +#!/usr/bin/env bash +# +# Copyright 2018 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +. /etc/confluent/docker/bash-config + +dub path /etc/"${COMPONENT}"/ writable + +# replicator script expects the log4j config at /etc/kafka-connect-replicator/replicator-log4j.properties +dub template "/etc/confluent/docker/log4j.properties.template" "/etc/kafka-connect-replicator/replicator-log4j.properties" diff --git a/include/etc/confluent/docker/ensure b/include/etc/confluent/docker/ensure new file mode 100755 index 0000000000000000000000000000000000000000..93c89a00f6c11913f6358ef2d4c2972f39c5beab --- /dev/null +++ b/include/etc/confluent/docker/ensure @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# +# Copyright 2019 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +. /etc/confluent/docker/bash-config + +echo "===> Check if Kafka is healthy ..." + +if [[ -n "${CONNECT_SECURITY_PROTOCOL-}" ]] && [[ $CONNECT_SECURITY_PROTOCOL != "PLAINTEXT" ]] +then + + cub kafka-ready \ + "${CONNECT_CUB_KAFKA_MIN_BROKERS:-1}" \ + "${CONNECT_CUB_KAFKA_TIMEOUT:-40}" \ + -b "$CONNECT_BOOTSTRAP_SERVERS" \ + --config /etc/"${COMPONENT}"/kafka-connect.properties +else + + cub kafka-ready \ + "${CONNECT_CUB_KAFKA_MIN_BROKERS:-1}" \ + "${CONNECT_CUB_KAFKA_TIMEOUT:-40}" \ + -b "$CONNECT_BOOTSTRAP_SERVERS" +fi diff --git a/include/etc/confluent/docker/kafka-connect.properties.template b/include/etc/confluent/docker/kafka-connect.properties.template new file mode 100644 index 0000000000000000000000000000000000000000..a4dbf10d383b6676535fdf1db5aca08842edad66 --- /dev/null +++ b/include/etc/confluent/docker/kafka-connect.properties.template @@ -0,0 +1,4 @@ +{% set connect_props = env_to_props('CONNECT_', '') -%} +{% for name, value in connect_props.items() -%} +{{name}}={{value}} +{% endfor -%} diff --git a/include/etc/confluent/docker/kafka.properties.template b/include/etc/confluent/docker/kafka.properties.template new file mode 100644 index 0000000000000000000000000000000000000000..d48063121233cd33b1bfa68e38668fd7f2cd49ec --- /dev/null +++ b/include/etc/confluent/docker/kafka.properties.template @@ -0,0 +1,38 @@ +{% set excluded_props = ['KAFKA_VERSION', + 'KAFKA_HEAP_OPTS' + 'KAFKA_LOG4J_OPTS', + 'KAFKA_OPTS', + 'KAFKA_JMX_OPTS', + 'KAFKA_JVM_PERFORMANCE_OPTS', + 'KAFKA_GC_LOG_OPTS', + 'KAFKA_LOG4J_ROOT_LOGLEVEL', + 'KAFKA_LOG4J_LOGGERS', + 'KAFKA_TOOLS_LOG4J_LOGLEVEL', + 'KAFKA_ZOOKEEPER_CLIENT_CNXN_SOCKET'] +-%} + +{# properties that don't fit the standard format #} +{% set other_props = { + 'KAFKA_ZOOKEEPER_CLIENT_CNXN_SOCKET' : 'zookeeper.clientCnxnSocket' + } -%} + +{% set kafka_props = env_to_props('KAFKA_', '', exclude=excluded_props) -%} +{% for name, value in kafka_props.items() -%} +{{name}}={{value}} +{% endfor -%} + +{% for k, property in other_props.items() -%} +{% if env.get(k) != None -%} +{{property}}={{env[k]}} +{% endif -%} +{% endfor -%} + +{% set confluent_support_props = env_to_props('CONFLUENT_SUPPORT_', 'confluent.support.') -%} +{% for name, value in confluent_support_props.items() -%} +{{name}}={{value}} +{% endfor -%} + +{% set confluent_metric_props = env_to_props('CONFLUENT_METRICS_', 'confluent.metrics.') -%} +{% for name, value in confluent_metric_props.items() -%} +{{name}}={{value}} +{% endfor -%} diff --git a/include/etc/confluent/docker/launch b/include/etc/confluent/docker/launch new file mode 100755 index 0000000000000000000000000000000000000000..e9c849bd80c0e1c9a53160e7aeaba13cf1dfbd45 --- /dev/null +++ b/include/etc/confluent/docker/launch @@ -0,0 +1,142 @@ +#!/usr/bin/env bash +# +# Copyright 2018 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Override this section from the script to include the com.sun.management.jmxremote.rmi.port property. +if [ "x$KAFKA_JMX_OPTS" = "x" ]; then + export KAFKA_JMX_OPTS="-Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false " +fi + +# The JMX client needs to be able to connect to java.rmi.server.hostname. +# The default for bridged n/w is the bridged IP so you will only be able to connect from another docker container. +# For host n/w, this is the IP that the hostname on the host resolves to. + +# If you have more that one n/w configured, hostname -i gives you all the IPs, +# the default is to pick the first IP (or network). +export KAFKA_JMX_HOSTNAME=${KAFKA_JMX_HOSTNAME:-$(hostname -i | cut -d" " -f1)} + +if [ "x$KAFKA_JMX_PORT" != "x" ]; then + # This ensures that the "if" section for JMX_PORT in kafka launch script does not trigger. + export JMX_PORT=$KAFKA_JMX_PORT + export KAFKA_JMX_OPTS="$KAFKA_JMX_OPTS -Djava.rmi.server.hostname=$KAFKA_JMX_HOSTNAME -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.rmi.port=$JMX_PORT -Dcom.sun.management.jmxremote.port=$JMX_PORT" +fi + +echo "===> Launching ${COMPONENT} ... " +# Add external jars to the classpath +# And this also makes sure that the CLASSPATH does not start with ":/etc/..." +# because this causes the plugin scanner to scan the entire disk. +export CLASSPATH="/etc/kafka-connect/jars/*" + + +# File properties +export ARGS="" +if [ "x$CONSUMER_CONFIG" = "x" ]; then + export CONSUMER_CONFIG="/etc/${COMPONENT}/consumer.properties" +fi + +if [ "x$PRODUCER_CONFIG" = "x" ]; then + export PRODUCER_CONFIG="/etc/${COMPONENT}/producer.properties" +fi + +if [ "x$REPLICATION_CONFIG" = "x" ]; then + export REPLICATION_CONFIG="/etc/${COMPONENT}/replication.properties" +fi + +if [ "x$CONSUMER_MONITORING_CONFIG" = "x" ]; then + export CONSUMER_MONITORING_CONFIG="/etc/${COMPONENT}/consumer-monitoring.properties" +fi + +if [ "x$PRODUCER_MONITORING_CONFIG" = "x" ]; then + export PRODUCER_MONITORING_CONFIG="/etc/${COMPONENT}/producer-monitoring.properties" +fi + +# Required properties +if [ "x$CLUSTER_ID" = "x" ]; then + export CLUSTER_ID="replicator" +fi + +export ARGS="--consumer.config ${CONSUMER_CONFIG}" +export ARGS="${ARGS} --producer.config ${PRODUCER_CONFIG}" +export ARGS="${ARGS} --cluster.id ${CLUSTER_ID}" + +# Optional file-based properties +if [ -f "$REPLICATION_CONFIG" ]; then + export ARGS="${ARGS} --replication.config ${REPLICATION_CONFIG}" +fi + +if [ -f "$CONSUMER_MONITORING_CONFIG" ]; then + export ARGS="${ARGS} --consumer.monitoring.config ${CONSUMER_MONITORING_CONFIG}" +fi + +if [ -f "$PRODUCER_MONITORING_CONFIG" ]; then + export ARGS="${ARGS} --producer.monitoring.config ${PRODUCER_MONITORING_CONFIG}" +fi + +# Optional command line arguments +if [ "x$BLACKLIST" != "x" ]; then + export ARGS="${ARGS} --blacklist ${BLACKLIST}" +fi + +if [ "x$WHITELIST" != "x" ]; then + export ARGS="${ARGS} --whitelist ${WHITELIST}" +fi + +if [ "x$CLUSTER_THREADS" != "x" ]; then + export ARGS="${ARGS} --cluster.threads ${CLUSTER_THREADS}" +fi + +if [ "x$CONFLUENT_LICENSE" != "x" ]; then + export ARGS="${ARGS} --confluent.license ${CONFLUENT_LICENSE}" +fi + +if [ "x$TOPIC_AUTO_CREATE" != "x" ]; then + export ARGS="${ARGS} --topic.auto.create" +fi + +if [ "x$TOPIC_CONFIG_SYNC" != "x" ]; then + export ARGS="${ARGS} --topic.config.sync" +fi + +if [ "x$TOPIC_CONFIG_SYNC_INTERVAL_MS" != "x" ]; then + export ARGS="${ARGS} --topic.config.sync.interval.ms ${TOPIC_CONFIG_SYNC_INTERVAL_MS}" +fi + +if [ "x$TOPIC_CREATE_BACKOFF_MS" != "x" ]; then + export ARGS="${ARGS} --topic.create.backoff.ms ${TOPIC_CREATE_BACKOFF_MS}" +fi + +if [ "x$TOPIC_POLL_INTERVAL_MS" != "x" ]; then + export ARGS="${ARGS} --topic.poll.interval.ms ${TOPIC_POLL_INTERVAL_MS}" +fi + +if [ "x$TOPIC_PRESERVE_PARTITIONS" != "x" ]; then + export ARGS="${ARGS} --topic.preserve.partitions" +fi + +if [ "x$TOPIC_REGEX" != "x" ]; then + export ARGS="${ARGS} --topic.regex ${TOPIC_REGEX}" +fi + +if [ "x$TOPIC_RENAME_FORMAT" != "x" ]; then + export ARGS="${ARGS} --topic.rename.format ${TOPIC_RENAME_FORMAT}" +fi + +if [ "x$TOPIC_TIMESTAMP_TYPE" != "x" ]; then + export ARGS="${ARGS} --topic.timestamp.type ${TOPIC_TIMESTAMP_TYPE}" +fi + +echo "===> Running: replicator ${ARGS}" +exec replicator ${ARGS} diff --git a/include/etc/confluent/docker/log4j.properties.template b/include/etc/confluent/docker/log4j.properties.template new file mode 100644 index 0000000000000000000000000000000000000000..6540a7518f34568e2dbbc0dead3b5d9d9355e4d8 --- /dev/null +++ b/include/etc/confluent/docker/log4j.properties.template @@ -0,0 +1,17 @@ + +log4j.rootLogger={{ env["REPLICATOR_LOG4J_ROOT_LOGLEVEL"] | default('INFO') }}, stdout + +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.logger.org.apache.zookeeper=ERROR +log4j.logger.org.I0Itec.zkclient=ERROR +log4j.logger.org.reflections=ERROR + +{% if env['REPLICATOR_LOG4J_LOGGERS'] %} +{% set loggers = parse_log4j_loggers(env['REPLICATOR_LOG4J_LOGGERS']) %} +{% for logger,loglevel in loggers.items() %} +log4j.logger.{{logger}}={{loglevel}} +{% endfor %} +{% endif %} diff --git a/include/etc/confluent/docker/mesos-setup.sh b/include/etc/confluent/docker/mesos-setup.sh new file mode 100644 index 0000000000000000000000000000000000000000..b3874daf6d532bcb5e98e57618c9ccea709718df --- /dev/null +++ b/include/etc/confluent/docker/mesos-setup.sh @@ -0,0 +1,27 @@ +#!/usr/bin/env bash + +set +o nounset + +if [ -z $SKIP_MESOS_AUTO_SETUP ]; then + if [ -n $MESOS_SANDBOX ] && [ -e $MESOS_SANDBOX/.ssl/scheduler.crt ] && [ -e $MESOS_SANDBOX/.ssl/scheduler.key ]; then + echo "Entering Mesos auto setup for Java SSL truststore. You should not see this if you are not on mesos ..." + + openssl pkcs12 -export -in $MESOS_SANDBOX/.ssl/scheduler.crt -inkey $MESOS_SANDBOX/.ssl/scheduler.key \ + -out /tmp/keypair.p12 -name keypair \ + -CAfile $MESOS_SANDBOX/.ssl/ca-bundle.crt -caname root -passout pass:export + + keytool -importkeystore \ + -deststorepass changeit -destkeypass changeit -destkeystore /tmp/kafka-keystore.jks \ + -srckeystore /tmp/keypair.p12 -srcstoretype PKCS12 -srcstorepass export \ + -alias keypair + + keytool -import \ + -trustcacerts \ + -alias root \ + -file $MESOS_SANDBOX/.ssl/ca-bundle.crt \ + -storepass changeit \ + -keystore /tmp/kafka-truststore.jks -noprompt + fi +fi + +set -o nounset diff --git a/include/etc/confluent/docker/run b/include/etc/confluent/docker/run new file mode 100755 index 0000000000000000000000000000000000000000..298e440ee432bb9930b1217c33afcad50d385ba9 --- /dev/null +++ b/include/etc/confluent/docker/run @@ -0,0 +1,29 @@ +#!/usr/bin/env bash +# +# Copyright 2018 Confluent Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +. /etc/confluent/docker/bash-config + +. /etc/confluent/docker/mesos-setup.sh +. /etc/confluent/docker/apply-mesos-overrides + +echo "===> User" +id + +echo "===> Configuring ..." +/etc/confluent/docker/configure + +echo "===> Launching ... " +exec /etc/confluent/docker/launch diff --git a/include/etc/confluent/docker/tools-log4j.properties.template b/include/etc/confluent/docker/tools-log4j.properties.template new file mode 100644 index 0000000000000000000000000000000000000000..da06f138a99c2b69cbe1a286c7c868fff02d1cba --- /dev/null +++ b/include/etc/confluent/docker/tools-log4j.properties.template @@ -0,0 +1,7 @@ + +log4j.rootLogger={{ env["KAFKA_TOOLS_LOG4J_LOGLEVEL"] | default('WARN') }}, stderr + +log4j.appender.stderr=org.apache.log4j.ConsoleAppender +log4j.appender.stderr.layout=org.apache.log4j.PatternLayout +log4j.appender.stderr.layout.ConversionPattern=[%d] %p %m (%c)%n +log4j.appender.stderr.Target=System.err diff --git a/license.txt b/license.txt new file mode 100644 index 0000000000000000000000000000000000000000..44cfd8bdfe19d9637ff0c04ef99614acd76fe97f --- /dev/null +++ b/license.txt @@ -0,0 +1 @@ +Copyright 2020 Confluent, Inc. \ No newline at end of file