Skip to content

GitHub Actions

kdef can be used in GitHub Actions workflows. This allows changes to Kafka resource definitions to be reviewed with pull requests and applied on merge (GitOps).

Pull request workflow

The following example workflow is a good starting point. It assumes definition files are located under a directory called defs.

Pull requests will execute the apply with --dry-run, allowing the diff to be reviewed in the Actions run log. On merge to the default branch the definitions are applied.

This example demonstrates passing secrets for SASL mechanism authentication. This is preferable to committing sensitive credentials to the repository in config.yml.

name: kdef
on:
  push:
    branches: main
  pull_request:
    branches: main

jobs:
  apply:
    runs-on: ubuntu-latest
    steps:
      - name: Install kdef
        uses: jaxxstorm/action-install-gh-release@v1
        with:
          repo: peter-evans/kdef
          tag: v0.4.0

      - name: Toggle dry-run
        id: vars
        run: |
          if [[ "${{ github.event_name }}" == "push" ]] && [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
              echo "dry-run=" >> $GITHUB_OUTPUT;
          else
              echo "dry-run=--dry-run" >> $GITHUB_OUTPUT;
          fi

      - uses: actions/checkout@v3

      - name: Apply definitions
        run: |
          kdef \
            -X sasl.user=${{ secrets.SASL_USER }} \
            -X sasl.pass=${{ secrets.SASL_PASS }} \
            apply defs/**/*.yml \
              ${{ steps.vars.outputs.dry-run }} \
              --continue-on-error

Manual workflow

It may be desirable to manually run workflows in some situations.

In this workflow_dispatch example, a rebalance operation is triggered by setting the property override -P topic.spec.managedAssignments.balance=all.

name: rebalance
on:
  workflow_dispatch:
    inputs:
      dryrun:
        description: 'dry-run (true/false)'
        required: true
        default: true

jobs:
  apply:
    runs-on: ubuntu-latest
    steps:
      - name: Install kdef
        uses: jaxxstorm/action-install-gh-release@v1
        with:
          repo: peter-evans/kdef
          tag: v0.4.0

      - name: Toggle dry-run
        id: vars
        run: |
          if [[ "${{ github.event.inputs.dryrun }}" == "false" ]]; then
              echo "dry-run=" >> $GITHUB_OUTPUT;
          else
              echo "dry-run=--dry-run" >> $GITHUB_OUTPUT;
          fi

      - uses: actions/checkout@v3

      - name: Apply definitions
        run: |
          kdef \
            -X sasl.user=${{ secrets.SASL_USER }} \
            -X sasl.pass=${{ secrets.SASL_PASS }} \
            apply defs/**/*.yml \
              ${{ steps.vars.outputs.dry-run }} \
              --continue-on-error \
              -P topic.spec.managedAssignments.balance=all