[improve][broker] PIP-192: Implement broker registry

.github/actions/gradle-enterprise/action.yml

@@ -0,0 +1,36 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+name: Configure Gradle Enterprise integration
+description: Configure Gradle Enterprise when secret GE_ACCESS_TOKEN is available
+inputs:
+  token:
+    description: 'The token for accessing Gradle Enterprise'
+    required: true
+runs:
+  using: composite
+  steps:
+    - run: |
+        if [[ -n "${{ inputs.token }}" ]]; then
+            echo "::group::Configuring Gradle Enterprise for build"
+            cp .mvn/ge-extensions.xml .mvn/extensions.xml
+            echo "GRADLE_ENTERPRISE_ACCESS_KEY=${{ inputs.token }}" >> $GITHUB_ENV
+            echo "::endgroup::"  
+        fi
+      shell: bash

.github/actions/ssh-access/action.yml

@@ -121,8 +121,22 @@ runs:
             tmux set -t upterm window-size largest
             echo '::endgroup::'  
             echo -e "\nSSH connection information"
+            # wait up to 10 seconds for upterm admin socket to appear
+            for i in {1..10}; do
+              ADMIN_SOCKET=$(find $HOME/.upterm -name "*.sock")
+              if [ ! -S "$ADMIN_SOCKET" ]; then
+                echo "Waiting for upterm admin socket to appear in ~/.upterm/*.sock ..."
+                sleep 1
+              else
+                echo "upterm admin socket available in $ADMIN_SOCKET"
+                break
+              fi
+            done
             shopt -s nullglob
-            upterm session current --admin-socket ~/.upterm/*.sock
+            upterm session current --admin-socket ~/.upterm/*.sock || {
+              echo "Starting upterm failed."
+              exit 0
+            }
         elif [[ "${{ inputs.action }}" == "wait" ]]; then
             # only wait if upterm was installed
             if command -v upterm &>/dev/null; then

.github/actions/upload-coverage/action.yml

@@ -0,0 +1,100 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+name: Upload to Codecov with retries
+description: |
+  Checks that the current repository is public and then
+  uploads to codecov with multiple retries as a workaround 
+  for these issues
+    - https://github.com/codecov/codecov-action/issues/598
+    - https://github.com/codecov/codecov-action/issues/837
+inputs:
+  flags:
+    # see https://github.com/codecov/codecov-action#arguments
+    description: 'Flag the upload to group coverage metrics. Multiple flags are separated by a comma.'
+runs:
+  using: composite
+  steps:
+    - name: "Check that repository is public"
+      id: repo-check
+      shell: bash
+      run: |
+        if [[ "${{ github.server_url }}" != "https://github.com" ]]; then
+          echo "Not using github.com server ('${{ github.server_url }}'). Skipping uploading of coverage metrics."
+          echo "passed=false" >> $GITHUB_OUTPUT
+          exit 0
+        fi
+        REPO_URL="${{ github.server_url }}/${{ github.repository }}"
+        {
+          # public repository url will respond to http HEAD request
+          curl -X HEAD -fs "$REPO_URL" && echo "passed=true" >> $GITHUB_OUTPUT
+        } || {
+          echo "$REPO_URL isn't a public repository. Skipping uploading of coverage metrics."
+          echo "passed=false" >> $GITHUB_OUTPUT
+        }
+    - name: "Upload to Codecov (attempt #1)"
+      id: codecov-upload-1
+      if: steps.repo-check.outputs.passed == 'true'
+      uses: codecov/codecov-action@v3
+      continue-on-error: true
+      with:
+        flags: ${{ inputs.flags }}
+        fail_ci_if_error: true
+        verbose: true
+    - name: "Wait 15 seconds before next attempt"
+      if: steps.codecov-upload-1.outcome == 'failure'
+      shell: bash
+      run: sleep 15
+    - name: "Upload to Codecov (attempt #2)"
+      id: codecov-upload-2
+      if: steps.codecov-upload-1.outcome == 'failure'
+      uses: codecov/codecov-action@v3
+      continue-on-error: true
+      with:
+        flags: ${{ inputs.flags }}
+        fail_ci_if_error: true
+        verbose: true
+    - name: "Wait 60 seconds before next attempt"
+      if: steps.codecov-upload-2.outcome == 'failure'
+      shell: bash
+      run: sleep 60
+    - name: "Upload to Codecov (attempt #3)"
+      id: codecov-upload-3
+      if: steps.codecov-upload-2.outcome == 'failure'
+      uses: codecov/codecov-action@v3
+      # fail on last attempt
+      continue-on-error: false
+      with:
+        flags: ${{ inputs.flags }}
+        fail_ci_if_error: true
+        verbose: true
+    - name: "Show link to Codecov report"
+      shell: bash
+      run: |
+        if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then
+          head_sha=$(jq -r '.pull_request.head.sha' "${GITHUB_EVENT_PATH}")
+        else
+          head_sha=$(git rev-parse HEAD)
+        fi
+        tee -a "$GITHUB_STEP_SUMMARY" <<EOF
+        ## Code Coverage report in Codecov
+
+        [Code coverage report](https://app.codecov.io/github/$GITHUB_REPOSITORY/commit/${head_sha}/tree)
+
+        EOF

.github/workflows/ci-go-functions.yaml

@@ -54,7 +54,11 @@ jobs:
       - name: Check changed files
         id: check_changes
         run: |
-          echo "docs_only=${{ fromJSON(steps.changes.outputs.all_count) == fromJSON(steps.changes.outputs.docs_count) && fromJSON(steps.changes.outputs.docs_count) > 0 }}" >> $GITHUB_OUTPUT
+          if [[ "${GITHUB_EVENT_NAME}" != "schedule" ]]; then
+            echo "docs_only=${{ fromJSON(steps.changes.outputs.all_count) == fromJSON(steps.changes.outputs.docs_count) && fromJSON(steps.changes.outputs.docs_count) > 0 }}" >> $GITHUB_OUTPUT
+          else
+            echo docs_only=false >> $GITHUB_OUTPUT
+          fi
 
       - name: Check if the PR has been approved for testing
         if: ${{ steps.check_changes.outputs.docs_only != 'true' && github.repository == 'apache/pulsar' && github.event_name == 'pull_request' }}

.github/workflows/ci-maven-cache-update.yaml

@@ -47,6 +47,8 @@ env:
 jobs:
   update-maven-dependencies-cache:
     name: Update Maven dependency cache for ${{ matrix.name }}
+    env:
+      JOB_NAME: Update Maven dependency cache for ${{ matrix.name }}
     runs-on: ${{ matrix.runs-on }}
     timeout-minutes: 45
 
@@ -75,6 +77,11 @@ jobs:
       - name: Tune Runner VM
         uses: ./.github/actions/tune-runner-vm
 
+      - name: Configure Gradle Enterprise
+        uses: ./.github/actions/gradle-enterprise
+        with:
+          token: ${{ secrets.GE_ACCESS_TOKEN }}
+
       - name: Detect changed files
         if: ${{ github.event_name != 'schedule' }}
         id:   changes
@@ -89,6 +96,7 @@ jobs:
         if: ${{ github.event_name == 'schedule' || steps.changes.outputs.poms == 'true' }}
         id: cache
         uses: actions/cache@v3
+        timeout-minutes: 5
         with:
           path: |
             ~/.m2/repository/*/*/*

.github/workflows/ci-owasp-dependency-check.yaml

@@ -21,42 +21,50 @@ name: CI - OWASP Dependency Check
 on:
   schedule:
     - cron: '15 0 * * *'
+  workflow_dispatch:
 
 env:
   MAVEN_OPTS: -Xss1500k -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3
 
 jobs:
   run-owasp-dependency-check:
-    if: ${{ github.repository == 'apache/pulsar' }}
-    name: Run OWASP Dependency Check
+    if: ${{ github.repository == 'apache/pulsar' || github.event_name == 'workflow_dispatch' }}
+    name: Check ${{ matrix.branch }}
+    env:
+      JOB_NAME: Check ${{ matrix.branch }}
     runs-on: ubuntu-20.04
     timeout-minutes: 45
     strategy:
       fail-fast: false
       matrix:
         include:
-          - name: master
-            checkout_branch: 'master'
-          - name: branch-2.11
-            checkout_branch: 'branch-2.11'
-          - name: branch-2.10
-            checkout_branch: 'branch-2.10'
-          - name: branch-2.9
-            checkout_branch: 'branch-2.9'
-          - name: branch-2.8
-            checkout_branch: 'branch-2.8'
+          - branch: master
+          - branch: branch-2.11
+          - branch: branch-2.10
+            jdk: 11
+          - branch: branch-2.9
+            jdk: 11
+          - branch: branch-2.8
+            jdk: 11
 
     steps:
       - name: checkout
         uses: actions/checkout@v3
         with:
-          ref: ${{ matrix.checkout_branch }}
+          ref: ${{ matrix.branch }}
 
       - name: Tune Runner VM
         uses: ./.github/actions/tune-runner-vm
 
+      - name: Configure Gradle Enterprise
+        if: ${{ matrix.branch == 'master' }}
+        uses: ./.github/actions/gradle-enterprise
+        with:
+          token: ${{ secrets.GE_ACCESS_TOKEN }}
+
       - name: Cache local Maven repository
         uses: actions/cache@v3
+        timeout-minutes: 5
         with:
           path: |
             ~/.m2/repository/*/*/*
@@ -67,22 +75,14 @@ jobs:
             ${{ runner.os }}-m2-dependencies-core-modules-${{ hashFiles('**/pom.xml') }}
             ${{ runner.os }}-m2-dependencies-core-modules-
 
-      - name: Set up JDK 17
-        if: ${{ matrix.name != 'branch-2.8' && matrix.name != 'branch-2.9' && matrix.name != 'branch-2.10' }}
-        uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: 17
-
-      - name: Set up JDK 11
-        if: ${{ matrix.name == 'branch-2.8' || matrix.name == 'branch-2.9' || matrix.name == 'branch-2.10' }}
+      - name: Set up JDK ${{ matrix.jdk || '17' }}
         uses: actions/setup-java@v3
         with:
           distribution: 'temurin'
-          java-version: 11
+          java-version: ${{ matrix.jdk || '17' }}
 
       - name: run install by skip tests
-        run: mvn -q -B -ntp clean install -DskipTests
+        run: mvn -B -ntp clean install -DskipTests -Dspotbugs.skip=true  -Dlicense.skip=true -Dcheckstyle.skip=true -Drat.skip=true -DskipDocker=true
 
       - name: run OWASP Dependency Check for distribution/server (-DfailBuildOnAnyVulnerability=true)
         run: mvn -B -ntp -Pmain,skip-all,skipDocker,owasp-dependency-check initialize verify -pl distribution/server -DfailBuildOnAnyVulnerability=true
@@ -94,7 +94,7 @@ jobs:
         uses: actions/upload-artifact@v3
         if: always()
         with:
-          name: owasp-dependency-check-reports-${{ matrix.checkout_branch }}
+          name: owasp-dependency-check-reports-${{ matrix.branch }}
           path: |
             distribution/server/target/dependency-check-report.html
             distribution/offloaders/target/dependency-check-report.html