Common operations
This doc provides steps to use a CI/CD user for common operations with Axual Platform.
Prerequisite: CI/CD User
To make use of CI/CD support, you need a CI/CD user which can be set up by your topic team. Please refer to Create CI/CD user for creating the CI/CD user.
Identify necessary endpoints
Check which endpoints to use by looking at the information below.
| Service | Endpoint | Purpose |
|---|---|---|
Management API |
"https://<MGMT_DOMAIN>/api" |
Resource Server for creating topics, applications and more resource |
Keycloak Token |
"https://<MGMT_KEYCLOAK_DOMAIN>/auth/realms/<your-realm>/protocol/openid-connect/token" |
Authorization Server for obtaining JWT token |
In case you are not using any load-balancer, use the MGMT_API_HOST:MGMT_API_PORT and KEYCLOAK_HOSTNAME:KEYCLOAK_PORT
|
1. Add CI/CD user to a Group
In Self Service portal, add the CI/CD user to the group that has the ownership of required topics and applications.You must already be part of this group to add the CI/CD user.
Now you can access other endpoints to create topics, applications, and other resources.
2. Create a topic with the CI/CD user
This is an example on how to create a topic resource.
Obtain a JWT token
To obtain a JWT token, make a call to the Authorization Server (Keycloak) with client ID, username, password and realm to receive a JWT token.
Below is an example CURL call
curl --request POST \
--url https://<MGMT_KEYCLOAK_DOMAIN>/auth/realms/<your_realm>/protocol/openid-connect/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data client_id=self-service \
--data username=<username> \
--data password=<password> \
--data realm=<your_realm> \
--data grant_type=password
If this host is using self-signed certificates or certificates signed by an untrusted certificate authority, you need to add --insecure
|
You should get back a 200 OK response with the access_token (JWT) inside.
{
"access_token": "eyJh...",
"expires_in": 299,
"refresh_expires_in": 3600,
"refresh_token": "zfAu...",
"token_type": "bearer",
"not-before-policy": 0,
"session_state": "899970b8-8058-48da-ae95-7797010f59da",
"scope": "profile email"
}Call Management API with JWT token to create a topic
With the access_token received in previous request, make a curl call to Management API with the access_token as the Bearer value to /api/topics for creating a STRING/STRING topic in the Self-Service.
curl 'https:/<MGMT_DOMAIN>/api/topics' -i -X POST \
-H 'realm: <your_realm>' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer <access_token>' \
-d '{
"name" : "your-topic",
"description" : "Your topic description",
"keyType" : "STRING",
"valueType" : "STRING",
"retentionPolicy" : "delete",
"owners" : "https://<MGMT_DOMAIN>/api/groups/<your_group_uid>"
}'
The URI for owners need to be a valid URI, you can retrieve from the self-service portal while viewing the group detail
|
If this host is using self-signed certificates or certificates signed by an untrusted certificate authority, you need to add --insecure
|
You should get back a response like below.
{
"properties" : { },
"name" : "your-topic",
"description" : "Your topic description",
"keyType" : "String",
"valueType" : "String",
"retentionPolicy" : "delete",
"uid" : "f750bd...",
"created_at" : "2021-04-22T09:32:24.214479",
"modified_at" : "2021-04-22T09:32:24.214479",
"created_by" : "<your_ci_cd_user>",
"modified_by" : "<your_ci_cd_user>",
"_embedded" : {
"owners" : {
"phoneNumber" : null,
"name" : "<your_group>",
"emailAddress" : null,
"uid" : "dd84b...",
"_links" : {
"self" : {
"href" : "https://<MGMT_DOMAIN>/api/groups/<your_group_uid>{?projection}",
"templated" : true,
"title" : "URI pointing to current request"
},
"members" : {
"href" : "https://<MGMT_DOMAIN>/api/groups/<your_group_uid>/members{?projection}",
"templated" : true,
"title" : "Users belonging to this group"
}
}
}
},
"_links" : {
"self" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd...",
"title" : "URI pointing to current request"
},
"topic" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd...{?projection}",
"templated" : true,
"title" : "A topic"
},
"edit" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd...",
"title" : "Indication that this entity can be edited"
},
"delete" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd...",
"title" : "Indication that this entity can be deleted"
},
"valueSchema" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd.../valueSchema{?projection}",
"templated" : true,
"title" : "The AVRO schema configured for value"
},
"owners" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd.../owners{?projection}",
"templated" : true,
"title" : "The group responsible for this object"
},
"keySchema" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd.../keySchema{?projection}",
"templated" : true,
"title" : "The AVRO schema configured for key"
},
"confidentiality" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd.../confidentiality{?projection}",
"templated" : true,
"title" : "The confidentiality configured for the object"
},
"integrity" : {
"href" : "https://<MGMT_DOMAIN>/api/topics/f750bd.../integrity{?projection}",
"templated" : true,
"title" : "The integrity configured for the object"
}
}
}