root
/
kafka
mirror of https://github.com/apache/kafka.git
1
0
Fork 0
Code Issues Actions 2 Packages Projects Releases Wiki Activity
kafka/checkstyle/import-control-group-coordi...

95 lines
4.2 KiB
XML
Raw Normal View History

MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<!DOCTYPE import-control PUBLIC
"-//Puppy Crawl//DTD Import Control 1.1//EN"
"http://www.puppycrawl.com/dtds/import_control_1_1.dtd">
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<import-control pkg="org.apache.kafka">
<!-- THINK HARD ABOUT THE LAYERING OF THE PROJECT BEFORE CHANGING THIS FILE -->
<!-- common library dependencies -->
<allow pkg="java" />
<allow pkg="javax.management" />
<allow pkg="org.slf4j" />
<allow pkg="org.junit" />
<allow pkg="org.mockito" />
<allow pkg="org.opentest4j" />
<allow pkg="java.security" />
<allow pkg="javax.net.ssl" />
<allow pkg="javax.security" />
<allow pkg="javax.crypto" />
<allow pkg="net.jqwik.api" />
<!-- no one depends on the server -->
<disallow pkg="kafka" />
<!-- anyone can use public classes -->
<allow pkg="org.apache.kafka.common" exact-match="true" />
KAFKA-18813: ConsumerGroupHeartbeat API and ConsumerGroupDescribe API must check topic describe (#18989) This patch filters out the topic describe unauthorized topics from the ConsumerGroupHeartbeat and ConsumerGroupDescribe response. In ConsumerGroupHeartbeat, - if the request has `subscribedTopicNames` set, we directly check the authz in `KafkaApis` and return a topic auth failure in the response if any of the topics is denied. - Otherwise, we check the authz only if a regex refresh is triggered and we do it based on the acl of the consumer that triggered the refresh. If any of the topic is denied, we filter it out from the resolved subscription. In ConsumerGroupDescribe, we check the authz of the coordinator response. If any of the topic in the group is denied, we remove the described info and add a topic auth failure to the described group. (similar to the group auth failure) Reviewers: David Jacot <djacot@confluent.io>, Lianet Magrans <lmagrans@confluent.io>, Rajini Sivaram <rajinisivaram@googlemail.com>, Chia-Ping Tsai <chia7712@gmail.com>, TaiJuWu <tjwu1217@gmail.com>, TengYao Chi <kitingiao@gmail.com>
2025-02-27 02:05:36 +08:00
<allow pkg="org.apache.kafka.common.acl" />
<allow pkg="org.apache.kafka.common.resource" />
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<allow pkg="org.apache.kafka.common.security" />
<allow pkg="org.apache.kafka.common.serialization" />
<allow pkg="org.apache.kafka.common.utils" />
<allow pkg="org.apache.kafka.common.errors" exact-match="true" />
<allow pkg="org.apache.kafka.common.memory" />
KAFKA-17587 Refactor test infrastructure (#18602) This patch reorganizes our test infrastructure into three Gradle modules: ":test-common:test-common-internal-api" is now a minimal dependency which exposes interfaces and annotations only. It has one project dependency on server-common to expose commonly used data classes (MetadataVersion, Feature, etc). Since this pulls in server-common, this module is Java 17+. It cannot be used by ":clients" or other Java 11 modules. ":test-common:test-common-util" includes the auto-quarantined JUnit extension. The @Flaky annotation has been moved here. Since this module has no project dependencies, we can add it to the Java 11 list so that ":clients" and others can utilize the @Flaky annotation ":test-common:test-common-runtime" now includes all of the test infrastructure code (TestKitNodes, etc). This module carries heavy dependencies (core, etc) and so it should not normally be included as a compile-time dependency. In addition to this reorganization, this patch leverages JUnit SPI service discovery so that modules can utilize the integration test framework without depending on ":core". This will allow us to start moving integration tests out of core and into the appropriate sub-module. This is done by adding ":test-common:test-common-runtime" as a testRuntimeOnly dependency rather than as a testImplementation dependency. A trivial example was added to QuorumControllerTest to illustrate this. Reviewers: Ismael Juma <ismael@juma.me.uk>, Chia-Ping Tsai <chia7712@gmail.com>
2025-01-24 22:03:43 +08:00
<allow pkg="org.apache.kafka.common.test.api" />
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<subpackage name="coordinator">
<subpackage name="group">
KAFKA-17747: [2/N] Add compute topic and group hash (#19523) * Add `com.dynatrace.hash4j:hash4j:0.22.0` to dependencies. * Add `computeTopicHash` to `org.apache.kafka.coordinator.group.Utils`. * If topic name is non-existent, return 0. * If topic name is existent, use streaming XXH3 to compute topic hash with magic byte, topic id, topic name, number of partitions, partition id and sorted racks. * Add `computeGroupHash` to `org.apache.kafka.coordinator.group.Utils`. * If topic map is empty, return 0. * If topic map is not empty, use streaming XXH3 to compute group metadata hash with sorted topic hashes by topic names. * Add related unit test. Reviewers: Ismael Juma <ismael@juma.me.uk>, Chia-Ping Tsai <chia7712@gmail.com>, Sean Quah <squah@confluent.io>, David Jacot <djacot@confluent.io> --------- Signed-off-by: PoAn Yang <payang@apache.org>
2025-05-15 16:48:45 +08:00
<allow pkg="net.jpountz.xxhash" />
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<allow pkg="org.apache.kafka.clients.consumer" />
<allow pkg="org.apache.kafka.common.annotation" />
<allow pkg="org.apache.kafka.common.config" />
KAFKA-7632: Support Compression Levels (KIP-390) (#15516) Reviewers: Jun Rao <jun@confluent.io>, Luke Chen <showuon@gmail.com> Co-authored-by: Lee Dongjin <dongjin@apache.org>
2024-05-21 23:58:49 +08:00
<allow pkg="org.apache.kafka.common.compress" />
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<allow pkg="org.apache.kafka.common.internals" />
<allow pkg="org.apache.kafka.common.message" />
<allow pkg="org.apache.kafka.common.metadata" />
<allow pkg="org.apache.kafka.common.network" />
<allow pkg="org.apache.kafka.common.protocol" />
<allow pkg="org.apache.kafka.common.record" />
<allow pkg="org.apache.kafka.common.requests" />
<allow pkg="org.apache.kafka.coordinator.group" />
<allow pkg="org.apache.kafka.deferred" />
<allow pkg="org.apache.kafka.image"/>
KAFKA-18813: ConsumerGroupHeartbeat API and ConsumerGroupDescribe API must check topic describe (#18989) This patch filters out the topic describe unauthorized topics from the ConsumerGroupHeartbeat and ConsumerGroupDescribe response. In ConsumerGroupHeartbeat, - if the request has `subscribedTopicNames` set, we directly check the authz in `KafkaApis` and return a topic auth failure in the response if any of the topics is denied. - Otherwise, we check the authz only if a regex refresh is triggered and we do it based on the acl of the consumer that triggered the refresh. If any of the topic is denied, we filter it out from the resolved subscription. In ConsumerGroupDescribe, we check the authz of the coordinator response. If any of the topic in the group is denied, we remove the described info and add a topic auth failure to the described group. (similar to the group auth failure) Reviewers: David Jacot <djacot@confluent.io>, Lianet Magrans <lmagrans@confluent.io>, Rajini Sivaram <rajinisivaram@googlemail.com>, Chia-Ping Tsai <chia7712@gmail.com>, TaiJuWu <tjwu1217@gmail.com>, TengYao Chi <kitingiao@gmail.com>
2025-02-27 02:05:36 +08:00
<allow pkg="org.apache.kafka.server.authorizer"/>
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<allow pkg="org.apache.kafka.server.common"/>
<allow pkg="org.apache.kafka.server.record"/>
[KAFKA-16720] AdminClient Support for ListShareGroupOffsets (2/2) (#18671) Reviewers: Apoorv Mittal <apoorvmittal10@gmail.com>, Sushant Mahajan <smahajan@confluent.io>, Andrew Schofield <aschofield@confluent.io>
2025-02-05 22:38:09 +08:00
<allow pkg="org.apache.kafka.server.share.persister"/>
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<allow pkg="org.apache.kafka.server.util"/>
<allow pkg="org.apache.kafka.storage.internals.log"/>
<allow pkg="org.apache.kafka.test" />
<allow pkg="org.apache.kafka.timeline" />
KAFKA-17342 Moved common coordinator code to separate module (#16883) There is a lot of code in group-coordinator which is not share/consumer/classic group specific. Since we are introducing a share-coordinator as part of KIP-932 (in a new module), it would make sense to get the common coordinator functionality into a separate common coordinator module so that share-coordinator need not depend on group-coordinator. Reviewers: Apoorv Mittal <apoorvmittal10@gmail.com>, David Jacot <djacot@confluent.io>, Andrew Schofield <aschofield@confluent.io>, Jeff Kim <jeff.kim@confluent.io>, Chia-Ping Tsai <chia7712@gmail.com>
2024-08-18 21:48:44 +08:00
<allow pkg="org.apache.kafka.coordinator.common" />
<allow pkg="org.apache.kafka.coordinator.common.runtime" />
KAFKA-17593; [2/N] Update request validation & validate regex (#17651) This patch does two things: 1) Change the validation of the ConsumerGroupHeartbeat request to accept subscribed topic names and/or subscribed topic regex. At least of them must be set in the first request with epoch 0. 2) Validate the provided regular expression by compiling it. Co-authored-by: Lianet Magrans <lmagrans@confluent.io> Reviewers: Jeff Kim <jeff.kim@confluent.io>, Lianet Magrans <lmagrans@confluent.io>
2024-11-04 22:38:09 +08:00
<allow pkg="com.google.re2j" />
KAFKA-17747: [2/N] Add compute topic and group hash (#19523) * Add `com.dynatrace.hash4j:hash4j:0.22.0` to dependencies. * Add `computeTopicHash` to `org.apache.kafka.coordinator.group.Utils`. * If topic name is non-existent, return 0. * If topic name is existent, use streaming XXH3 to compute topic hash with magic byte, topic id, topic name, number of partitions, partition id and sorted racks. * Add `computeGroupHash` to `org.apache.kafka.coordinator.group.Utils`. * If topic map is empty, return 0. * If topic map is not empty, use streaming XXH3 to compute group metadata hash with sorted topic hashes by topic names. * Add related unit test. Reviewers: Ismael Juma <ismael@juma.me.uk>, Chia-Ping Tsai <chia7712@gmail.com>, Sean Quah <squah@confluent.io>, David Jacot <djacot@confluent.io> --------- Signed-off-by: PoAn Yang <payang@apache.org>
2025-05-15 16:48:45 +08:00
<allow pkg="com.dynatrace.hash4j.hashing" />
KAFKA-18629: Delete share group state RPC group coordinator impl. [3/N] (#18848) * In this PR, we have added GC side impl to call the delete state share coord RPC using the persister. * We will be using the existing `GroupCoordinatorService.deleteGroups`. The logic will be modified as follows: * After sanitization, we will call a new `runtime.scheduleWriteOperation` (not read for consistency) with callback `GroupCoordinatorShard.sharePartitions`. This will return a Map of share partitions of the groups which are of SHARE type. We need to pass all groups as WE CANNOT DETERMINE the type of the group in the service class. * Then using the map we will create requests which could be passed to the persister and make the appropriate calls. * Once this future completes, we will continue with the existing flow of group deletion. * If the group under inspection is not share group - the read callback should return an empty map. * Tests have been added wherever applicable. Reviewers: David Jacot <djacot@confluent.io>, Andrew Schofield <aschofield@confluent.io>
2025-02-21 20:13:16 +08:00
<allow pkg="org.apache.kafka.metadata" />
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<subpackage name="metrics">
<allow pkg="com.yammer.metrics"/>
KAFKA-16379; Coordinator event queue, processing, flush, purgatory time histograms (#16949) This patch introduces a wrapper around [HdrHistogram](https://github.com/HdrHistogram/HdrHistogram) to use for group coordinator histograms, event queue time, event processing time, flush time, and purgatory time. Reviewers: David Jacot <djacot@confluent.io>
2024-08-23 19:53:22 +08:00
<allow pkg="org.HdrHistogram" />
MINOR: Move `group-coordinator` import control to its own file (#15934) Follow the pattern used by the other modules. Reviewers: Chia-Ping Tsai <chia7712@gmail.com>
2024-05-14 15:05:32 +08:00
<allow pkg="org.apache.kafka.common.metrics" />
<allow pkg="org.apache.kafka.server.metrics" />
</subpackage>
<subpackage name="generated">
<allow pkg="com.fasterxml.jackson" />
</subpackage>
</subpackage>
</subpackage>
</import-control>