Standardize configuration properties

.github/workflows/integration-tests.yaml

@@ -38,6 +38,23 @@ jobs:
           distribution: 'temurin'
           cache: 'maven'
 
+      # Open-Source Machine emulator that allows you to emulate multiple CPU architectures on your machine
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      # Docker CLI plugin for extended build capabilities with BuildKit
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Inspect builder
+        run: |
+          echo "Name:      ${{ steps.buildx.outputs.name }}"
+          echo "Endpoint:  ${{ steps.buildx.outputs.endpoint }}"
+          echo "Status:    ${{ steps.buildx.outputs.status }}"
+          echo "Flags:     ${{ steps.buildx.outputs.flags }}"
+          echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
+
       - name: Get maven wrapper
         run: mvn -N io.takari:maven:wrapper -Dmaven=3.8.2
 
@@ -46,7 +63,7 @@ jobs:
 
       - name: Build and Push Application image
         run: |
-          docker build --push -f ./distro/docker/target/docker/Dockerfile.jvm -t ttl.sh/${{ github.sha }}/apicurio/apicurio-registry:1d ./distro/docker/target/docker
+          docker buildx build --push -f ./distro/docker/target/docker/Dockerfile.jvm -t ttl.sh/${{ github.sha }}/apicurio/apicurio-registry:1d --platform linux/amd64,linux/arm64,linux/s390x,linux/ppc64le ./distro/docker/target/docker
 
   prepare-ui-tests:
     name: Prepare for UI Integration Tests

README.md

@@ -24,7 +24,7 @@ Which storage variant will be used is determined by the following configuration:
 
 |Option|Command argument|Env. variable|
 |---|---|---|
-|Registry Storage Variant|`-Dregistry.storage.kind`|`REGISTRY_STORAGE_KIND`|
+|Registry Storage Variant|`-Dapicurio.storage.kind`|`REGISTRY_STORAGE_KIND`|
 
 For this property, there are three possible values:
 - *sql* - for the SQL storage variant.
@@ -81,10 +81,10 @@ The following parameters are available for executable files:
 
 | Option                    |Command argument| Env. variable                  |
 |---------------------------|---|--------------------------------|
-| Registry SQL storage kind |`-Dregistry.storage.db-kind`| `REGISTRY_STORAGE_DB_KIND`     |
-| Data Source URL           |`-Dregistry.datasource.url`| `REGISTRY_DATASOURCE_URL`      |
-| DS Username               |`-Dregistry.datasource.username`| `REGISTRY_DATASOURCE_USERNAME` |
-| DS Password               |`-Dregistry.datasource.password`| `REGISTRY_DATASOURCE_PASSWORD` |
+| Registry SQL storage kind |`-Dapicurio.storage.db-kind`| `REGISTRY_STORAGE_DB_KIND`     |
+| Data Source URL           |`-Dapicurio.datasource.url`| `REGISTRY_DATASOURCE_URL`      |
+| DS Username               |`-Dapicurio.datasource.username`| `REGISTRY_DATASOURCE_USERNAME` |
+| DS Password               |`-Dapicurio.datasource.password`| `REGISTRY_DATASOURCE_PASSWORD` |
 
 To see additional options, visit:
  - [Data Source config](https://quarkus.io/guides/datasource) 
@@ -94,9 +94,9 @@ To see additional options, visit:
 `./mvnw clean install -Pprod -DskipTests` builds the application artifact.
 The newly built runner can be found in `/app/target`
 ```
-java Dregistry.storage.kind=kafkasql -jar apicurio-registry-app-<version>-SNAPSHOT-runner.jar
+java Dapicurio.storage.kind=kafkasql -jar apicurio-registry-app-<version>-SNAPSHOT-runner.jar
 ```
-For using Kafka as the persistent storage for the server information the only required configuration is to set the property *registry.storage.kind*.
+For using Kafka as the persistent storage for the server information the only required configuration is to set the property *apicurio.storage.kind*.
 
 Should result in Quarkus and the registry starting up, with the ui and APIs available on localhost port 8080.
 By default, this will look for a kafka instance on `localhost:9092`, see [kafka-quickstart](https://kafka.apache.org/quickstart).
@@ -106,7 +106,7 @@ with the necessary details to connect to a kafka instance using a PKCS12 certifi
 scram-sha-512 credentials for user authorisation.
 ```
 java \
--Dregistry.storage.kind=kafkasql \
+-Dapicurio.storage.kind=kafkasql \
 -Dregistry.kafka.common.bootstrap.servers=<kafka_bootstrap_server_address> \
 -Dregistry.kafka.common.ssl.truststore.location=<truststore_file_location>\
 -Dregistry.kafka.common.ssl.truststore.password=<truststore_file_password> \

app/pom.xml

@@ -113,6 +113,10 @@
             <groupId>io.quarkus</groupId>
             <artifactId>quarkus-oidc</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-smallrye-jwt</artifactId>
+        </dependency>
         <dependency>
             <groupId>io.quarkus</groupId>
             <artifactId>quarkus-scheduler</artifactId>
@@ -408,7 +412,6 @@
                             <inputs>
                                 <param>${project.build.outputDirectory}/application.properties</param>
                                 <param>${project.build.outputDirectory}/application-prod.properties</param>
-                                <param>${project.build.outputDirectory}/application-dev.properties</param>
                                 <param>${project.build.outputDirectory}/application-test.properties</param>
                             </inputs>
                             <deleteInputs>false</deleteInputs>
@@ -425,7 +428,6 @@
                             <inputs>
                                 <param>${project.build.outputDirectory}/application.properties</param>
                                 <param>${project.build.outputDirectory}/application-prod.properties</param>
-                                <param>${project.build.outputDirectory}/application-dev.properties</param>
                                 <param>${project.build.outputDirectory}/application-test.properties</param>
                             </inputs>
                             <deleteInputs>true</deleteInputs>

app/src/main/java/io/apicurio/registry/ImportLifecycleBean.java

@@ -33,7 +33,7 @@ public class ImportLifecycleBean {
     @Current
     RegistryStorage storage;
 
-    @ConfigProperty(name = "registry.import.url")
+    @ConfigProperty(name = "apicurio.import.url")
     @Info(category = "import", description = "The import URL", availableSince = "2.1.0.Final")
     Optional<URL> registryImportUrlProp;
 

app/src/main/java/io/apicurio/registry/auth/AuthConfig.java

@@ -17,80 +17,80 @@ public class AuthConfig {
     @Inject
     Logger log;
 
-    @ConfigProperty(name = "registry.auth.enabled", defaultValue = "false")
+    @ConfigProperty(name = "quarkus.oidc.tenant-enabled", defaultValue = "false")
     boolean authenticationEnabled;
 
-    @ConfigProperty(name = "registry.auth.role-based-authorization", defaultValue = "false")
+    @ConfigProperty(name = "apicurio.auth.role-based-authorization", defaultValue = "false")
     @Info(category = "auth", description = "Enable role based authorization", availableSince = "2.1.0.Final")
     boolean roleBasedAuthorizationEnabled;
 
-    @Dynamic(label = "Artifact owner-only authorization", description = "When selected, Service Registry allows only the artifact owner (creator) to modify an artifact.", requires = "registry.auth.enabled=true")
-    @ConfigProperty(name = "registry.auth.owner-only-authorization", defaultValue = "false")
+    @Dynamic(label = "Artifact owner-only authorization", description = "When selected, Service Registry allows only the artifact owner (creator) to modify an artifact.", requires = "apicurio.auth.enabled=true")
+    @ConfigProperty(name = "apicurio.auth.owner-only-authorization", defaultValue = "false")
     @Info(category = "auth", description = "Artifact owner-only authorization", availableSince = "2.0.0.Final")
     Supplier<Boolean> ownerOnlyAuthorizationEnabled;
 
     @Dynamic(label = "Artifact group owner-only authorization", description = "When selected, Service Registry allows only the artifact group owner (creator) to modify an artifact group.", requires = {
-            "registry.auth.enabled=true",
-            "registry.auth.owner-only-authorization=true"
+            "apicurio.auth.enabled=true",
+            "apicurio.auth.owner-only-authorization=true"
     })
-    @ConfigProperty(name = "registry.auth.owner-only-authorization.limit-group-access", defaultValue = "false")
+    @ConfigProperty(name = "apicurio.auth.owner-only-authorization.limit-group-access", defaultValue = "false")
     @Info(category = "auth", description = "Artifact group owner-only authorization", availableSince = "2.1.0.Final")
     Supplier<Boolean> ownerOnlyAuthorizationLimitGroupAccess;
 
-    @Dynamic(label = "Anonymous read access", description = "When selected, requests from anonymous users (requests without any credentials) are granted read-only access.", requires = "registry.auth.enabled=true")
-    @ConfigProperty(name = "registry.auth.anonymous-read-access.enabled", defaultValue = "false")
+    @Dynamic(label = "Anonymous read access", description = "When selected, requests from anonymous users (requests without any credentials) are granted read-only access.", requires = "apicurio.auth.enabled=true")
+    @ConfigProperty(name = "apicurio.auth.anonymous-read-access.enabled", defaultValue = "false")
     @Info(category = "auth", description = "Anonymous read access", availableSince = "2.1.0.Final")
     Supplier<Boolean> anonymousReadAccessEnabled;
 
     @Dynamic(label = "Authenticated read access", description = "When selected, requests from any authenticated user are granted at least read-only access.", requires = {
-            "registry.auth.enabled=true",
-            "registry.auth.role-based-authorization=true"
+            "apicurio.auth.enabled=true",
+            "apicurio.auth.role-based-authorization=true"
     })
-    @ConfigProperty(name = "registry.auth.authenticated-read-access.enabled", defaultValue = "false")
+    @ConfigProperty(name = "apicurio.auth.authenticated-read-access.enabled", defaultValue = "false")
     @Info(category = "auth", description = "Authenticated read access", availableSince = "2.1.4.Final")
     Supplier<Boolean> authenticatedReadAccessEnabled;
 
-    @ConfigProperty(name = "registry.auth.roles.readonly", defaultValue = "sr-readonly")
+    @ConfigProperty(name = "apicurio.auth.roles.readonly", defaultValue = "sr-readonly")
     @Info(category = "auth", description = "Auth roles readonly", availableSince = "2.1.0.Final")
     String readOnlyRole;
 
-    @ConfigProperty(name = "registry.auth.roles.developer", defaultValue = "sr-developer")
+    @ConfigProperty(name = "apicurio.auth.roles.developer", defaultValue = "sr-developer")
     @Info(category = "auth", description = "Auth roles developer", availableSince = "2.1.0.Final")
     String developerRole;
 
-    @ConfigProperty(name = "registry.auth.roles.admin", defaultValue = "sr-admin")
+    @ConfigProperty(name = "apicurio.auth.roles.admin", defaultValue = "sr-admin")
     @Info(category = "auth", description = "Auth roles admin", availableSince = "2.0.0.Final")
     String adminRole;
 
-    @ConfigProperty(name = "registry.auth.role-source", defaultValue = "token")
+    @ConfigProperty(name = "apicurio.auth.role-source", defaultValue = "token")
     @Info(category = "auth", description = "Auth roles source", availableSince = "2.1.0.Final")
     String roleSource;
 
-    @ConfigProperty(name = "registry.auth.admin-override.enabled", defaultValue = "false")
+    @ConfigProperty(name = "apicurio.auth.admin-override.enabled", defaultValue = "false")
     @Info(category = "auth", description = "Auth admin override enabled", availableSince = "2.1.0.Final")
     boolean adminOverrideEnabled;
 
-    @ConfigProperty(name = "registry.auth.admin-override.from", defaultValue = "token")
+    @ConfigProperty(name = "apicurio.auth.admin-override.from", defaultValue = "token")
     @Info(category = "auth", description = "Auth admin override from", availableSince = "2.1.0.Final")
     String adminOverrideFrom;
 
-    @ConfigProperty(name = "registry.auth.admin-override.type", defaultValue = "role")
+    @ConfigProperty(name = "apicurio.auth.admin-override.type", defaultValue = "role")
     @Info(category = "auth", description = "Auth admin override type", availableSince = "2.1.0.Final")
     String adminOverrideType;
 
-    @ConfigProperty(name = "registry.auth.admin-override.role", defaultValue = "sr-admin")
+    @ConfigProperty(name = "apicurio.auth.admin-override.role", defaultValue = "sr-admin")
     @Info(category = "auth", description = "Auth admin override role", availableSince = "2.1.0.Final")
     String adminOverrideRole;
 
-    @ConfigProperty(name = "registry.auth.admin-override.claim", defaultValue = "org-admin")
+    @ConfigProperty(name = "apicurio.auth.admin-override.claim", defaultValue = "org-admin")
     @Info(category = "auth", description = "Auth admin override claim", availableSince = "2.1.0.Final")
     String adminOverrideClaim;
 
-    @ConfigProperty(name = "registry.auth.admin-override.claim-value", defaultValue = "true")
+    @ConfigProperty(name = "apicurio.auth.admin-override.claim-value", defaultValue = "true")
     @Info(category = "auth", description = "Auth admin override claim value", availableSince = "2.1.0.Final")
     String adminOverrideClaimValue;
 
-    @ConfigProperty(name = "registry.auth.admin-override.user", defaultValue = "admin")
+    @ConfigProperty(name = "apicurio.auth.admin-override.user", defaultValue = "admin")
     @Info(category = "auth", description = "Auth admin override user name", availableSince = "3.0.0.Final")
     String adminOverrideUser;
 

app/src/main/java/io/apicurio/registry/auth/AuthorizedInterceptor.java

@@ -80,7 +80,7 @@ public Object authorizeMethod(InvocationContext context) throws Exception {
                 }
 
                 // Anonymous users are allowed to perform read-only operations, but only if
-                // registry.auth.anonymous-read-access.enabled is set to 'true'
+                // apicurio.auth.anonymous-read-access.enabled is set to 'true'
                 if (authConfig.anonymousReadAccessEnabled.get() && annotation.level() == AuthorizedLevel.Read) {
                     log.trace("Anonymous user is being granted access to read-only operation.");
                     return context.proceed();

app/src/main/java/io/apicurio/registry/auth/HeaderRoleProvider.java

@@ -12,7 +12,7 @@
 @RequestScoped
 public class HeaderRoleProvider implements RoleProvider {
 
-    @ConfigProperty(name = "registry.auth.role-source.header.name")
+    @ConfigProperty(name = "apicurio.auth.role-source.header.name")
     @Info(category = "auth", description = "Header authorization name", availableSince = "2.4.3.Final")
     String roleHeader;
 

app/src/main/java/io/apicurio/registry/ccompat/rest/v7/impl/CCompatConfig.java

@@ -13,17 +13,17 @@
 public class CCompatConfig {
 
     @Dynamic(label = "Legacy ID mode (compatibility API)", description =  "When selected, the Schema Registry compatibility API uses global ID instead of content ID for artifact identifiers.")
-    @ConfigProperty(name = "registry.ccompat.legacy-id-mode.enabled", defaultValue = "false")
+    @ConfigProperty(name = "apicurio.ccompat.legacy-id-mode.enabled", defaultValue = "false")
     @Info(category = "ccompat", description = "Legacy ID mode (compatibility API)", availableSince = "2.0.2.Final")
     Supplier<Boolean> legacyIdModeEnabled;
 
     @Dynamic(label = "Canonical hash mode (compatibility API)", description = "When selected, the Schema Registry compatibility API uses the canonical hash instead of the regular hash of the content.")
-    @ConfigProperty(name = "registry.ccompat.use-canonical-hash", defaultValue = "false")
+    @ConfigProperty(name = "apicurio.ccompat.use-canonical-hash", defaultValue = "false")
     @Info(category = "ccompat", description = "Canonical hash mode (compatibility API)", availableSince = "2.3.0.Final")
     Supplier<Boolean> canonicalHashModeEnabled;
 
     @Dynamic(label = "Maximum number of Subjects returned (compatibility API)", description =  "Determines the maximum number of Subjects that will be returned by the ccompat API (for the '/subjects' endpoint).")
-    @ConfigProperty(name = "registry.ccompat.max-subjects", defaultValue = "1000")
+    @ConfigProperty(name = "apicurio.ccompat.max-subjects", defaultValue = "1000")
     @Info(category = "ccompat", description = "Maximum number of Subjects returned (compatibility API)", availableSince = "2.4.2.Final")
     Supplier<Integer> maxSubjects;
 

app/src/main/java/io/apicurio/registry/config/RegistryStorageConfigCache.java

@@ -27,7 +27,7 @@ public class RegistryStorageConfigCache extends RegistryStorageDecoratorBase imp
     @Inject
     Logger log;
 
-    @ConfigProperty(name = "registry.config.cache.enabled", defaultValue = "true")
+    @ConfigProperty(name = "apicurio.config.cache.enabled", defaultValue = "true")
     @Info(category = "cache", description = "Registry cache enabled", availableSince = "2.2.2.Final")
     boolean enabled;
 
@@ -79,7 +79,7 @@ private void invalidateCache() {
         configCache.clear();
     }
 
-    @Scheduled(concurrentExecution = SKIP, every = "{registry.config.refresh.every}")
+    @Scheduled(concurrentExecution = SKIP, every = "{apicurio.config.refresh.every}")
     void run() {
         if (!enabled) {
             return;

app/src/main/java/io/apicurio/registry/downloads/DownloadReaper.java

@@ -28,7 +28,7 @@ public class DownloadReaper {
     /**
      * Minimal granularity is 1 minute.
      */
-    @Scheduled(delay = 2, concurrentExecution = SKIP, every = "{registry.downloads.reaper.every}")
+    @Scheduled(delay = 2, concurrentExecution = SKIP, every = "{apicurio.downloads.reaper.every}")
     void run() {
         try {
             if(storage.isReady()) {

app/src/main/java/io/apicurio/registry/events/http/HttpEventSinkConfiguration.java

@@ -16,12 +16,12 @@
 @ApplicationScoped
 public class HttpEventSinkConfiguration {
 
-    @ConfigProperty(name = "registry.events.ksink")
+    @ConfigProperty(name = "apicurio.events.ksink")
     @Info(category = "events", description = "Events Kafka sink enabled", availableSince = "2.0.0.Final")
     Optional<String> ksink;
 
     @Produces
-    public HttpSinksConfiguration sinkConfig(@RegistryProperties(value = {"registry.events.sink"}) Properties properties) {
+    public HttpSinksConfiguration sinkConfig(@RegistryProperties(value = {"apicurio.events.sink"}) Properties properties) {
         List<HttpSinkConfiguration> httpSinks = properties.stringPropertyNames().stream()
             .map(key -> new HttpSinkConfiguration(key, properties.getProperty(key)))
             .collect(Collectors.toList());

app/src/main/java/io/apicurio/registry/events/kafka/KafkaEventSink.java

@@ -30,19 +30,19 @@ public class KafkaEventSink implements EventSink {
 
     @Inject
     @RegistryProperties(
-            value = {"registry.events.kafka.config"},
+            value = {"apicurio.events.kafka.config"},
             empties = {"ssl.endpoint.identification.algorithm="}
     )
     Properties producerProperties;
 
     private ProducerActions<String, byte[]> producer;
     private Integer partition;
 
-    @ConfigProperty(name = "registry.events.kafka.topic")
+    @ConfigProperty(name = "apicurio.events.kafka.topic")
     @Info(category = "kafka", description = "Events Kafka topic", availableSince = "2.0.0.Final")
     Optional<String> eventsTopic;
 
-    @ConfigProperty(name = "registry.events.kafka.topic-partition")
+    @ConfigProperty(name = "apicurio.events.kafka.topic-partition")
     @Info(category = "kafka", description = "Events Kafka topic partition", availableSince = "2.0.0.Final")
     Optional<Integer> eventsTopicPartition;