Red Hat Summit Red Hat Summit지원콘솔개발자평가판 시작연락처

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Apicurio Registry User Guide

Red Hat build of Apicurio Registry 3.1

Manage schemas and APIs in Apicurio Registry 3.1

Red Hat build of Apicurio Registry Documentation Team

Abstract

This guide introduces Apicurio Registry and explains how to manage event schemas and API designs using the Apicurio Registry web console, REST API, Maven plug-in, or Java client. This guide also explains how to to use Kafka client serializers and deserializers in your Java consumer and producer applications. It also describes the supported Apicurio Registry content types, and optional rule configuration.

Preface
링크 복사

Providing feedback on Red Hat documentation

We appreciate your feedback on our documentation.

To propose improvements, open a Jira issue and describe your suggested changes. Provide as much detail as possible to enable us to address your request quickly.

Prerequisite

  • You have a Red Hat Customer Portal account. This account enables you to log in to the Red Hat Jira Software instance.
    If you do not have an account, you will be prompted to create one.

Procedure

  1. Click the following link: Create issue.
  2. In the Summary text box, enter a brief description of the issue.

  3. In the Description text box, provide the following information:

    • The URL of the page where you found the issue.
    • A detailed description of the issue.
      You can leave the information in any other fields at their default values.
  4. Click Create to submit the Jira issue to the documentation team.

Thank you for taking the time to provide feedback.

Chapter 1. Introduction to Apicurio Registry
링크 복사

This chapter introduces Apicurio Registry concepts and features and provides details on the supported artifact types that are stored in the registry:

1.1. What is Apicurio Registry?
링크 복사

Apicurio Registry is a datastore for sharing standard event schemas and API designs across event-driven and API architectures. You can use Apicurio Registry to decouple the structure of your data from your client applications, and to share and manage your data types and API descriptions at runtime using a REST interface.

Client applications can dynamically push or pull the latest schema updates to or from Apicurio Registry at runtime without needing to redeploy. Developer teams can query Apicurio Registry for existing schemas required for services already deployed in production, and can register new schemas required for new services in development.

You can enable client applications to use schemas and API designs stored in Apicurio Registry by specifying the Apicurio Registry URL in your client application code. Apicurio Registry can store schemas used to serialize and deserialize messages, which are referenced from your client applications to ensure that the messages that they send and receive are compatible with those schemas.

Using Apicurio Registry to decouple your data structure from your applications reduces costs by decreasing overall message size, and creates efficiencies by increasing consistent reuse of schemas and API designs across your organization. Apicurio Registry provides a web console to make it easy for developers and administrators to manage registry content.

You can configure optional rules to govern the evolution of your Apicurio Registry content. These include rules to ensure that uploaded content is valid, or is compatible with other versions. Any configured rules must pass before new versions can be uploaded to Apicurio Registry, which ensures that time is not wasted on invalid or incompatible schemas or API designs.

Red Hat build of Apicurio Registry is based on the Apicurio Registry open source community project. For details, see https://github.com/apicurio/apicurio-registry.

Apicurio Registry capabilities
  • Multiple payload formats for standard event schema and API specifications such as Apache Avro, JSON Schema, Google Protobuf, AsyncAPI, OpenAPI, and more.
  • Pluggable Apicurio Registry storage options for storing content in Apache Kafka or PostgreSQL database.
  • Rules for content validation, compatibility, and integrity to govern how Apicurio Registry content evolves over time.
  • Apicurio Registry content management using web console, REST API, command line, Maven plug-in, or language SDKs.
  • Full Apache Kafka schema registry support, including integration with Kafka Connect for external systems.
  • Kafka client serializers/deserializers (SerDes) to validate message types at runtime.
  • Compatibility with existing Confluent schema registry client applications.
  • Cloud-native Quarkus Java runtime for low memory footprint and fast deployment times.
  • Operator-based installation of Apicurio Registry on OpenShift/Kubernetes.
  • OpenID Connect (OIDC) authentication using Red Hat build of Keycloak.

1.2. Schema and API artifacts in Apicurio Registry
링크 복사

The items stored in Apicurio Registry, such as event schemas and API designs, are known as registry artifacts. The following shows an example of an Apache Avro schema artifact in JSON format for a simple share price application:

Example Avro schema

{
   "type": "record",
   "name": "price",
   "namespace": "com.example",
   "fields": [
       {
           "name": "symbol",
           "type": "string"
       },
       {
           "name": "price",
           "type": "string"
       }
   ]
}
Copy to Clipboard Toggle word wrap

When a schema or API design is added as an artifact in Apicurio Registry, client applications can then use that schema or API design to validate that the client messages conform to the correct data structure at runtime.

Artifacts have metadata, both generated and editable. Standard metadata for an artifact includes (but may not be limited to):

1.2.1. Generated or immutable properties
링크 복사

  • groupId
  • artifactId
  • artifactType
  • createdOn
  • modifiedBy
  • modifiedOn

1.2.2. Editable properties
링크 복사

  • name
  • description
  • labels
  • owner
Artifact Versions

Every artifact is composed of zero or more _artifact version_s. Only artifact versions have actual content (as well as metadata). These versions represent the evolution of the content of an artifact, and are immutable. You can think of an Artifact as an ordered sequence of Versions, typically with the most recent version representing the "current" schema or API design content.

Artifact Versions have metadata, both generated and editable. Standard metadata for an artifact version includes (but may not be limited to):

1.2.3. Generated or immutable properties
링크 복사

  • groupId
  • artifactId
  • version
  • globalId
  • contentId
  • owner
  • createdOn
  • modifiedBy
  • modifiedOn

1.2.4. Editable properties
링크 복사

  • name
  • description
  • labels
  • state
Groups of schemas and APIs

An artifact group is an optional named collection of schema or API artifacts. Each group contains a logically related set of schemas or API designs, typically managed by a single entity, belonging to a particular application or organization.

You can create optional artifact groups when adding your schemas and API designs to organize them in Apicurio Registry. For example, you could create groups to match your development and production application environments, or your sales and engineering organizations.

Schema and API groups can contain multiple artifact types. For example, you could have Protobuf, Avro, JSON Schema, OpenAPI, or AsyncAPI artifacts all in the same group.

Groups have metadata, both generated and editable. Standard metadata for a group includes (but may not be limited to):

1.2.5. Generated or immutable properties
링크 복사

  • groupId
  • owner
  • createdOn
  • modifiedBy
  • modifiedOn

1.2.6. Editable properties
링크 복사

  • description
  • labels

You can create schema and API artifacts and groups using the Apicurio Registry web console, REST API, command line, Maven plug-in, or Java client application.

Note

Specifying a group is optional when using the Apicurio Registry web console, and the default group is used automatically. When using the REST API or Maven plug-in, specify the default group in the API path if you do not want to create a unique group.

References to other schemas and APIs

Some Apicurio Registry artifact types can include artifact references from one artifact file to another. You can create efficiencies by defining reusable schema or API components, and then referencing them from multiple locations. For example, you can specify a reference in JSON Schema or OpenAPI using a $ref statement, or in Google Protobuf using an import statement, or in Apache Avro using a nested namespace.

The following example shows a simple Avro schema named TradeKey that includes a reference to another schema named Exchange using a nested namespace:

Tradekey schema with nested Exchange schema

{
 "namespace": "com.kubetrade.schema.trade",
 "type": "record",
 "name": "TradeKey",
 "fields": [
   {
     "name": "exchange",
     "type": "com.kubetrade.schema.common.Exchange"
   },
   {
     "name": "key",
     "type": "string"
   }
 ]
}
Copy to Clipboard Toggle word wrap

Exchange schema

{
 "namespace": "com.kubetrade.schema.common",
 "type": "enum",
 "name": "Exchange",
 "symbols" : ["GEMINI"]
}
Copy to Clipboard Toggle word wrap

An artifact reference is stored in Apicurio Registry as a collection of artifact metadata that maps from an artifact type-specific reference to an internal Apicurio Registry reference. Each artifact reference in Apicurio Registry is composed of the following:

  • Group ID
  • Artifact ID
  • Artifact version
  • Artifact reference name

You can manage artifact references using the Apicurio Registry core REST API, Maven plug-in, and Java serializers/deserializers (SerDes). Apicurio Registry stores the artifact references along with the artifact content. Apicurio Registry also maintains a collection of all artifact references so you can search them or list all references for a specific artifact.

Supported artifact types

Apicurio Registry currently supports artifact references for the following artifact types only:

  • Avro
  • Protobuf
  • JSON Schema
  • OpenAPI
  • AsyncAPI

1.3. Manage content using the Apicurio Registry web console
링크 복사

You can use the Apicurio Registry web console to browse and search the schema and API artifacts and optional groups stored in the registry, and to add new schema and API artifacts, groups, and versions. You can search for artifacts by label, name, group, and description. You can view an artifact’s content or its available versions, or download an artifact file locally.

You can also configure optional rules for registry content, globally, for groups, and for each schema and API artifact. These optional rules for content validation and compatibility are applied when new schema and API artifacts or versions are uploaded to the registry.

For more details, see Chapter 12, Apicurio Registry content rule reference.

Figure 1.1. Apicurio Registry web console

Apicurio Registry web console
View larger image
Apicurio Registry web console

The Apicurio Registry web console is available from http://MY_REGISTRY_UI_URL/.

1.4. Apicurio Registry REST API for clients
링크 복사

Client applications can use the Core Registry API v3 to manage the schema and API artifacts in Apicurio Registry. This API provides operations for the following features:

Admin
Export or import Apicurio Registry data in a .zip file, and manage logging levels for the Apicurio Registry at runtime.
Groups
Manage groups of artifacts in Apicurio Registry. You can create groups to better organize your artifacts.
Group Rules
Configure rules to govern the content evolution of schemas or API artifacts within a specific group to prevent invalid or incompatible content from being added to Apicurio Registry. Group rules override any global rules configured.
Artifacts
Manage schema and API artifacts stored in Apicurio Registry.
Artifact metadata
Manage details about a schema or API artifact. You can edit details such as artifact name, description, or labels. Details such as artifact group, and when the artifact was created or modified are read-only.
Artifact rules
Configure rules to govern the content evolution of a specific schema or API artifact to prevent invalid or incompatible content from being added to Apicurio Registry. Artifact rules override any group and/or global rules configured.
Artifact versions
Manage the sequence of versions that make up the content of a schema or API artifact. You can also manage the lifecycle state of an artifact version: enabled, disabled, or deprecated.
Global rules
Configure rules to govern the content evolution of all schema and API artifacts to prevent invalid or incompatible content from being added to Apicurio Registry. Global rules are applied only if an artifact and its group do not have rules configured.
Search
Browse or search for schema and API artifacts and versions, for example, by name, group, description, or label.
System
Get the Apicurio Registry version and the limits on resources for the Apicurio Registry server.
Users
Get the current Apicurio Registry user.
Compatibility with other schema registry REST APIs

Apicurio Registry also provides compatibility with the following schema registries by including implementations of their respective REST APIs:

  • Apicurio Registry Core Registry API v2
  • Confluent Schema Registry API v7

Applications using Confluent client libraries can use Apicurio Registry as a drop-in replacement. For more details, see Replacing Confluent Schema Registry.

1.5. Apicurio Registry storage options
링크 복사

Apicurio Registry provides the following options for the underlying storage of registry data:

Expand
Table 1.1. Apicurio Registry data storage options
Storage optionDescription

PostgreSQL database

PostgreSQL is the recommended data storage option for performance, stability, and data management (backup/restore, and so on) in a production environment.

Apache Kafka

Kafka storage is provided for production environments where database management expertise is not available, or where storage in Kafka is a specific requirement.

1.6. Validate Kafka messages using schemas and Java client serializers/deserializers
링크 복사

Kafka producer applications can use serializers to encode messages that conform to a specific event schema. Kafka consumer applications can then use deserializers to validate that messages have been serialized using the correct schema, based on a specific schema ID.

Figure 1.2. Apicurio Registry and Kafka client SerDes architecture

Kafka client SerDes architecture
View larger image
Kafka client SerDes architecture

Apicurio Registry provides Kafka client serializers/deserializers (SerDes) to validate the following message types at runtime:

  • Apache Avro
  • Google Protobuf
  • JSON Schema

The Apicurio Registry Maven repository and source code distributions include the Kafka SerDes implementations for these message types, which Kafka client application developers can use to integrate with Apicurio Registry.

These implementations include custom Java classes for each supported message type, for example, io.apicurio.registry.serde.avro, which client applications can use to pull schemas from Apicurio Registry at runtime for validation.

1.7. Stream data to external systems with Kafka Connect converters
링크 복사

You can use Apicurio Registry with Apache Kafka Connect to stream data between Kafka and external systems. Using Kafka Connect, you can define connectors for different systems to move large volumes of data into and out of Kafka-based systems.

Figure 1.3. Apicurio Registry and Kafka Connect architecture

Registry and Kafka Connect architecture
View larger image
Registry and Kafka Connect architecture

Apicurio Registry provides the following features for Kafka Connect:

  • Storage for Kafka Connect schemas
  • Kafka Connect converters for Apache Avro and JSON Schema
  • Core Registry API to manage schemas

You can use the Avro and JSON Schema converters to map Kafka Connect schemas into Avro or JSON schemas. These schemas can then serialize message keys and values into the compact Avro binary format or human-readable JSON format. The converted JSON is less verbose because the messages do not contain the schema information, only the schema ID.

Apicurio Registry can manage and track the Avro and JSON schemas used in the Kafka topics. Because the schemas are stored in Apicurio Registry and decoupled from the message content, each message must only include a tiny schema identifier. For an I/O bound system like Kafka, this means more total throughput for producers and consumers.

The Avro and JSON Schema serializers and deserializers (SerDes) provided by Apicurio Registry are used by Kafka producers and consumers in this use case. Kafka consumer applications that you write to consume change events can use the Avro or JSON SerDes to deserialize these events. You can install the Apicurio Registry SerDes in any Kafka-based system and use them along with Kafka Connect, or with a Kafka Connect-based system such as Debezium.

1.8. Apicurio Registry demonstration examples
링크 복사

Apicurio Registry provides open source example applications that demonstrate how to use Apicurio Registry in different use case scenarios. For example, these include storing schemas used by Kafka serializer and deserializer (SerDes) Java classes. These classes fetch the schema from Apicurio Registry for use when producing or consuming operations to serialize, deserialize, or validate the Kafka message payload.

These applications demonstrate use cases such as the following examples:

  • Apache Avro Kafka SerDes
  • Apache Avro Maven plug-in
  • Apache Camel Quarkus and Kafka
  • CloudEvents
  • Confluent Kafka SerDes
  • Custom ID strategy
  • Event-driven architecture with Debezium
  • Google Protobuf Kafka SerDes
  • JSON Schema Kafka SerDes
  • REST clients

1.9. Apicurio Registry available distributions
링크 복사

Apicurio Registry provides the following components as part of its distribution.

Expand
Table 1.2. Apicurio Registry Operator and images
DistributionLocationRelease category

Apicurio Registry Operator

OpenShift web console under OperatorsOperatorHub

General Availability

Container image for Apicurio Registry Operator

Red Hat Ecosystem Catalog

General Availability

Container image for Apicurio Registry (Back End)

Red Hat Ecosystem Catalog

General Availability

Container image for Apicurio Registry (User Interface)

Red Hat Ecosystem Catalog

General Availability

Expand
Table 1.3. Apicurio Registry zip downloads
DistributionLocationRelease category

Example custom resource definitions for installation

Red Hat Software Downloads

General Availability

Maven repository

Red Hat Software Downloads

General Availability

Source code

Red Hat Software Downloads

General Availability

Kafka Connect converters

Red Hat Software Downloads

General Availability

Note

You must have a subscription for Red Hat Integration and be logged into the Red Hat Customer Portal to access the available Apicurio Registry distributions.

Chapter 2. Apicurio Registry content rules
링크 복사

This chapter introduces the optional rules used to govern Apicurio Registry content and provides details on the available rule configuration:

2.1. Govern Apicurio Registry content using rules
링크 복사

To govern the evolution of artifact content added to Apicurio Registry, you can configure optional rules. All configured global rules, group-specific rules, or artifact-specific rules must pass before a new artifact version can be added to Apicurio Registry. Configured artifact-specific rules override any configured group-specific rules, which in turn override any configured global rules.

The goal of these rules is to prevent invalid content from being added to Apicurio Registry and to control the evolution of an artifact (by e.g. checking the compatibility of a new artifact version against previous versions). For example, content can be invalid for the following reasons:

  • Invalid syntax for a given artifact type, for example, AVRO or PROTOBUF.
  • Valid syntax, but semantics violate a specification.
  • Incompatibility, when new content includes breaking changes relative to the current artifact version.
  • Artifact reference integrity, for example, a duplicate or non-existent artifact reference mapping.

You can enable optional content rules using the Apicurio Registry web console, REST API commands, or by using one of the SDKs.

2.1.1. When rules are applied
링크 복사

Rules are applied only when content is added to Apicurio Registry. This includes the following REST operations:

  • Adding an artifact
  • Adding an artifact version

If a rule is violated, Apicurio Registry returns an HTTP error. The response body includes the violated rule and a message showing what went wrong.

2.1.2. Order of precedence of rules
링크 복사

The order of precedence for artifact-specific and global rules is as follows:

  • Artifact-specific rules have the highest priority
  • Group-specific rules have the next highest priority
  • Global rules have the lowest priority
Note

If a rule is configured at a higher level (e.g. at the global level), but you want that rule to be disabled at a lower level, you must configure the same rule (so that it overrides it) at the lower level and set its rules value to NONE.

2.1.3. How rules work
링크 복사

Each rule has a name and configuration information. Apicurio Registry maintains the list of rules for each artifact, each group, and the list of global rules. Each rule in the list consists of a name and configuration for the rule implementation.

When a rule is executed, it is provided with the content of the current version of the artifact (if one exists) and the new version of the artifact being added. The rule implementation returns either passes or fails depending on whether the artifact passes the rule. If not, Apicurio Registry reports the reason why in an HTTP error response. Some rules might not use the previous version of the content. For example, compatibility rules use previous versions, but syntax or semantic validity rules do not.

2.1.4. Content rule configuration
링크 복사

Administrators can configure Apicurio Registry global rules, group-specific rules, and artifact-specific rules. Developers can configure group-specific and artifact-specific rules only.

Apicurio Registry applies the rules configured for the specific artifact. If no rules are configured at that level, Apicurio Registry applies the group-specific rules. If no rules are configured at the group level, then Apicurio Registry applies the globally configured rules. If no global rules are configured, then no rules are applied.

Configure group and artifact specific rules

You can configure group-specific and artifact-specific rules using the Apicurio Registry web console or REST API. For details, see the following:

Configure global rules

Administrators can configure global rules in several ways:

  • Use the admin/rules operations in the REST API
  • Use the Apicurio Registry web console
  • Set default global rules using Apicurio Registry application properties

Configure default global rules

Administrators can configure Apicurio Registry at the application level to enable or disable global rules. You can configure default global rules at installation time without post-install configuration using the following application property format: 

apicurio.rules.global.<ruleName>
Copy to Clipboard Toggle word wrap

The following rule names are currently supported:

  • compatibility
  • validity
  • integrity

The value of the application property must be a valid configuration option that is specific to the rule being configured.

Note

You can configure these application properties as Java system properties or include them in the Quarkus application.properties file. For more details, see the Quarkus documentation.

Chapter 3. Configuring Apicurio Registry security options
링크 복사

This chapter explains how to set configuration options for Apicurio Registry security. For example, this includes authentication in Red Hat build of Keycloak or Microsoft Azure Active Directory and role-based authorization in Apicurio Registry.

Note

For a list of all available configuration options, see Chapter 13, Apicurio Registry configuration reference.

This section explains how to manually configure authentication and authorization options for Apicurio Registry and Red Hat build of Keycloak.

Note

Alternatively, for details on how to configure these settings automatically, see Section 3.1, “Configuring Apicurio Registry authentication and authorization with Red Hat build of Keycloak”.

The Apicurio Registry web console and core REST API support authentication in Red Hat build of Keycloak based on OAuth and OpenID Connect (OIDC). The same Red Hat build of Keycloak realm and users are federated across the Apicurio Registry web console and core REST API using OpenID Connect so that you only require one set of credentials.

Apicurio Registry provides role-based authorization for default admin, write, and read-only user roles. Apicurio Registry provides content-based authorization at the schema or API level, where only the creator of the registry artifact can update or delete it. Apicurio Registry authentication and authorization settings are disabled by default.

Prerequisites

Procedure

  1. In the Red Hat build of Keycloak Admin Console, create a Red Hat build of Keycloak realm for Apicurio Registry. By default, Apicurio Registry expects a realm name of registry. For details on creating realms, see the the Red Hat build of Keycloak user documentation.

  2. Create a Red Hat build of Keycloak client for the Apicurio Registry API. By default, Apicurio Registry expects the following settings:

    • Client ID: registry-api
    • Client Protocol: openid-connect

    • Access Type: bearer-only

      You can use the defaults for the other client settings.

      Note

      If you are using Red Hat build of Keycloak service accounts, the client Access Type must be confidential instead of bearer-only.

  3. Create a Red Hat build of Keycloak client for the Apicurio Registry web console. By default, Apicurio Registry expects the following settings:

    • Client ID: apicurio-registry
    • Client Protocol: openid-connect
    • Access Type: public
    • Valid Redirect URLs: http://my-registry-url:8080/*

    • Web Origins: +

      You can use the defaults for the other client settings.

  4. In your Apicurio Registry deployment on OpenShift, set the following Apicurio Registry environment variables to configure authentication using Red Hat build of Keycloak:

    Expand
    Table 3.1. Configuration for Apicurio Registry authentication with Red Hat build of Keycloak
    Environment variableDescriptionTypeDefault

    QUARKUS_OIDC_TENANT_ENABLED

    Enables authentication for Apicurio Registry. When set to true, the environment variables that follow are required for authentication using Red Hat build of Keycloak.

    String

    false

    QUARKUS_OIDC_AUTH_SERVER_URL

    The URL of the Red Hat build of Keycloak authentication server. For example, http://localhost:8080.

    String

    -

    QUARKUS_OIDC_CLIENT_ID

    The client ID for the Apicurio Registry REST API.

    String

    registry-api

    APICURIO_UI_AUTH_OIDC_CLIENT-ID

    The client ID for the Apicurio Registry web console.

    String

    apicurio-registry

    Tip

    For an example of setting environment variables on OpenShift, see Section 4.1.1, “Configuring Apicurio Registry health checks on OpenShift”.

  5. Set the following option to true to enable Apicurio Registry user roles in Red Hat build of Keycloak:

    Expand
    Table 3.2. Configuration for Apicurio Registry role-based authorization
    Environment variableJava system propertyTypeDefault value

    APICURIO_AUTH_ROLE-BASED-AUTHORIZATION

    apicurio.auth.role-based-authorization

    Boolean

    false

  6. When Apicurio Registry user roles are enabled, you must assign Apicurio Registry users to at least one of the following default user roles in your Red Hat build of Keycloak realm:

    Expand
    Table 3.3. Default user roles for registry authentication and authorization
    RoleRead artifactsWrite artifactsGlobal rulesSummary

    sr-admin

    Yes

    Yes

    Yes

    Full access to all create, read, update, and delete operations.

    sr-developer

    Yes

    Yes

    No

    Access to create, read, update, and delete operations, except configuring global rules. This role can configure artifact-specific rules.

    sr-readonly

    Yes

    No

    No

    Access to read and search operations only. This role cannot configure any rules.

  7. Set the following to true to enable owner-only authorization for updates to schema and API artifacts in Apicurio Registry:

    Expand
    Table 3.4. Configuration for owner-only authorization
    Environment variableJava system propertyTypeDefault value

    APICURIO_AUTH_OWNER-ONLY-AUTHORIZATION_LIMIT-GROUP-ACCESS

    apicurio.auth.owner-only-authorization.limit-group-access

    Boolean

    false

This section explains how to manually configure authentication and authorization options for Apicurio Registry and Microsoft Azure Active Directory (Azure AD).

The Apicurio Registry web console and core REST API support authentication in Azure AD based on OpenID Connect (OIDC) and the OAuth Authorization Code Flow. Apicurio Registry provides role-based authorization for default admin, write, and read-only user roles. Apicurio Registry authentication and authorization settings are disabled by default.

To secure Apicurio Registry with Azure AD, you require a valid directory in Azure AD with specific configuration. This involves registering the Apicurio Registry application in the Azure AD portal with recommended settings and configuring environment variables in Apicurio Registry.

Prerequisites

Procedure

  1. Log in to the Azure AD portal using your email address or GitHub account.

  2. In the navigation menu, select Manage > App registrations > New registration, and complete the following settings:

    • Name: Enter your application name. For example: apicurio-registry-example
    • Supported account types: Click Accounts in any organizational directory.

    • Redirect URI: Select Single-page application from the list, and enter your Apicurio Registry web console application host. For example: https://test-registry.com/ui/

      Important

      You must register your Apicurio Registry application host as a Redirect URI. When logging in, users are redirected from Apicurio Registry to Azure AD for authentication, and you want to send them back to your application afterwards. Azure AD does not allow any redirect URLs that are not registered.

  3. Click Register. You can view your app registration details by selecting Manage > App registrations > apicurio-registry-example.

  4. Select Manage > Authentication and ensure that the application is configured with your redirect URLs and tokens as follows:

    • Redirect URIs: For example: https://test-registry.com/ui/
    • Implicit grant and hybrid flows: Click ID tokens (used for implicit and hybrid flows)
  5. Select Azure AD > Admin > App registrations > Your app > Application (client) ID. For example: 123456a7-b8c9-012d-e3f4-5fg67h8i901
  6. Select Azure AD > Admin > App registrations > Your app > Directory (tenant) ID. For example: https://login.microsoftonline.com/1a2bc34d-567e-89f1-g0hi-1j2kl3m4no56/v2.0

  7. In Apicurio Registry, configure the following environment variables with your Azure AD settings:

    Expand
    Table 3.5. Configuration for Azure AD settings in Apicurio Registry
    Environment variableDescriptionSetting

    QUARKUS_OIDC_CLIENT-ID

    The client application ID for the Apicurio Registry REST API

    Your Azure AD Application (client) ID obtained in step 5. For example: 123456a7-b8c9-012d-e3f4-5fg67h8i901

    APICURIO_UI_AUTH_OIDC_CLIENT-ID

    The client application ID for the Apicurio Registry web console.

    Your Azure AD Application (client) ID obtained in step 5. For example: 123456a7-b8c9-012d-e3f4-5fg67h8i901

    QUARKUS_OIDC_AUTH-SERVER-URL

    The URL for authentication in Azure AD.

    Your Azure AD Application (tenant) ID obtained in step 6. For example: https://login.microsoftonline.com/1a2bc34d-567e-89f1-g0hi-1j2kl3m4no56/v2.0.

  8. In Apicurio Registry, configure the following environment variables for Apicurio Registry-specific settings:

    Expand
    Table 3.6. Configuration for Apicurio Registry-specific settings
    Environment variableDescriptionSetting

    QUARKUS_OIDC_TENANT-ENABLED

    Enables authentication for Apicurio Registry.

    true

    QUARKUS_HTTP_CORS_ORIGINS

    The host for your Apicurio Registry deployment for cross-origin resource sharing (CORS).

    For example: https://test-registry.com

    APICURIO_UI_AUTH_OIDC_REDIRECT-URI

    The host for your Apicurio Registry web console.

    For example: https://test-registry.com/ui

    APICURIO_AUTH_ROLE-BASED-AUTHORIZATION

    Enables role-based authorization in Apicurio Registry.

    true

    QUARKUS_OIDC_ROLES_ROLE-CLAIM-PATH

    The name of the claim in which Azure AD stores roles.

    roles

    Note

    When you enable roles in Apicurio Registry, you must also create the same roles in Azure AD as application roles. The default roles expected by Apicurio Registry are sr-admin, sr-developer, and sr-readonly.

  9. In Apicurio Registry UI, configure the following environment variables:
Expand
Environment variableDescriptionSetting

REGISTRY_AUTH_TYPE

 

oidc

REGISTRY_AUTH_TOKEN_TYPE

Which token to use. Azure AD has non-standard access tokens, so we need to use id tokens.

id

3.3. Apicurio Registry authentication and authorization configuration options
링크 복사

Apicurio Registry provides authentication options for OpenID Connect with Red Hat build of Keycloak and HTTP basic authentication.

Apicurio Registry provides authorization options for role-based and content-based approaches:

  • Role-based authorization for default admin, write, and read-only user roles.
  • Content-based authorization for schema or API artifacts, where only the owner of the artifacts or artifact group can update or delete artifacts.
Important

All authentication and authorization options in Apicurio Registry are disabled by default. Before enabling any of these options, you must first set the QUARKUS_OIDC_TENANT_ENABLED option to true.

This chapter provides details on the following configuration options:

Apicurio Registry authentication by using OpenID Connect with Red Hat build of Keycloak

You can set the following environment variables to configure authentication for the Apicurio Registry web console and API with Red Hat build of Keycloak:

Expand
Table 3.7. Configuration for Apicurio Registry authentication with Red Hat build of Keycloak
Environment variableDescriptionTypeDefault

QUARKUS_OIDC_TENANT-ENABLED

Enables authentication for Apicurio Registry. When set to true, the environment variables that follow are required for authentication using Red Hat build of Keycloak.

String

false

QUARKUS_OIDC_AUTH-SERVER-URL

The URL of the Red Hat build of Keycloak authentication server. For example, http://localhost:8080.

String

-

QUARKUS_OIDC_CLIENT-ID

The client ID for the Apicurio Registry REST API.

String

registry-api

APICURIO_UI_AUTH_OIDC_CLIENT-ID

The client ID for the Apicurio Registry web console.

String

apicurio-registry

QUARKUS_OIDC_TLS_TRUST_STORE_FILE

Specifies the file path to the TLS trust store used by Quarkus for securing OpenID Connect (OIDC) communications. The trust store can be populated with the trusted certificates needed to establish secure TLS connections with the OIDC provider.

String

-

QUARKUS_OIDC_TLS_TRUST_STORE_PASSWORD

The password required to access the TLS trust store file.

String

-

APICURIO_AUTH_ROLE-BASED-AUTHORIZATION

Enables or disables role-based authorization.

Boolean

False

Apicurio Registry authentication by using HTTP basic

By default, Apicurio Registry supports authentication by using OpenID Connect. Users or API clients must obtain an access token to make authenticated calls to the Apicurio Registry REST API. However, because some tools do not support OpenID Connect, you can also configure Apicurio Registry to support HTTP basic authentication by setting the following configuration options to true:

Expand
Table 3.8. Configuration for Apicurio Registry HTTP basic authentication
Environment variableJava system propertyTypeDefault value

QUARKUS_OIDC_TENANT-ENABLED

quarkus.oidc.tenant-enabled

Boolean

false

APICURIO_AUTHN_BASIC-CLIENT-CREDENTIALS.ENABLED

apicurio.authn.basic-client-credentials.enabled

Boolean

false

Apicurio Registry HTTP basic client credentials cache expiry

You can also configure the HTTP basic client credentials cache expiry time. By default, when using HTTP basic authentication, Apicurio Registry caches JWT tokens, and does not issue a new token when there is no need. You can configure the cache expiry time for JWT tokens, which is set to 10 mins by default.

When using Red Hat build of Keycloak, it is best to set this configuration to your Red Hat build of Keycloak JWT expiry time minus one minute. For example, if you have the expiry time set to 5 mins in Red Hat build of Keycloak, you should set the following configuration option to 4 mins:

Expand
Table 3.9. Configuration for HTTP basic client credentials cache expiry
Environment variableJava system propertyTypeDefault value

APICURIO_AUTHN_BASIC-CLIENT-CREDENTIALS_CACHE-EXPIRATION

apicurio.authn.basic-client-credentials.cache-expiration

Integer

10

Apicurio Registry role-based authorization

You can set the following options to true to enable role-based authorization in Apicurio Registry:

Expand
Table 3.10. Configuration for Apicurio Registry role-based authorization
Environment variableJava system propertyTypeDefault value

QUARKUS_OIDC_TENANT-ENABLED

quarkus.oidc.tenant-enabled

Boolean

false

APICURIO_AUTH_ROLE-BASED-AUTHORIZATION

apicurio.auth.role-based-authorization

Boolean

false

You can then configure role-based authorization to use roles included in the user’s authentication token (for example, granted when authenticating by using Red Hat build of Keycloak), or to use role mappings managed internally by Apicurio Registry.

Use roles assigned in Red Hat build of Keycloak

To enable using roles assigned by Red Hat build of Keycloak, set the following environment variables:

Expand
Table 3.11. Configuration for Apicurio Registry role-based authorization by using Red Hat build of Keycloak
Environment variableDescriptionTypeDefault

APICURIO_AUTH_ROLE-SOURCE

When set to token, user roles are taken from the authentication token.

String

token

APICURIO_AUTH_ROLES_ADMIN

The name of the role that indicates a user is an admin.

String

sr-admin

APICURIO_AUTH_ROLES_DEVELOPER

The name of the role that indicates a user is a developer.

String

sr-developer

APICURIO_AUTH_ROLES_READONLY

The name of the role that indicates a user has read-only access.

String

sr-readonly

When Apicurio Registry is configured to use roles from Red Hat build of Keycloak, you must assign Apicurio Registry users to at least one of the following user roles in Red Hat build of Keycloak. However, you can configure different user role names by using the environment variables in Table 3.11, “Configuration for Apicurio Registry role-based authorization by using Red Hat build of Keycloak”.

Expand
Table 3.12. Apicurio Registry roles for authentication and authorization
Role nameRead artifactsWrite artifactsGlobal rulesDescription

sr-admin

Yes

Yes

Yes

Full access to all create, read, update, and delete operations.

sr-developer

Yes

Yes

No

Access to create, read, update, and delete operations, except configuring global rules and import/export. This role can configure artifact-specific rules only.

sr-readonly

Yes

No

No

Access to read and search operations only. This role cannot configure any rules.

Manage roles directly in Apicurio Registry

To enable using roles managed internally by Apicurio Registry, set the following environment variable:

Expand
Table 3.13. Configuration for Apicurio Registry role-based authorization by using internal role mappings
Environment variableDescriptionTypeDefault

APICURIO_AUTH_ROLE-SOURCE

When set to application, user roles are managed internally by Apicurio Registry.

String

token

When using internally managed role mappings, users can be assigned a role by using the /admin/roleMappings endpoint in the Apicurio Registry REST API. For more details, see Apicurio Registry REST API documentation.

Users can be granted exactly one role: ADMIN, DEVELOPER, or READ_ONLY. Only users with admin privileges can grant access to other users.

Apicurio Registry admin-override configuration

Because there are no default admin users in Apicurio Registry, it is usually helpful to configure another way for users to be identified as admins. You can configure this admin-override feature by using the following environment variables:

Expand
Table 3.14. Configuration for Apicurio Registry admin-override
Environment variableDescriptionTypeDefault

APICURIO_AUTH_ADMIN-OVERRIDE_ENABLED

Enables the admin-override feature.

String

false

APICURIO_AUTH_ADMIN-OVERRIDE_FROM

Where to look for admin-override information. Only token is currently supported.

String

token

APICURIO_AUTH_ADMIN-OVERRIDE_TYPE

The type of information used to determine if a user is an admin. Values depend on the value of the FROM variable, for example, role or claim when FROM is token.

String

role

APICURIO_AUTH_ADMIN-OVERRIDE_ROLE

The name of the role that indicates a user is an admin.

String

sr-admin

APICURIO_AUTH_ADMIN-OVERRIDE_CLAIM

The name of a JWT token claim to use for determining admin-override.

String

org-admin

APICURIO_AUTH_ADMIN-OVERRIDE_CLAIM-VALUE

The value that the JWT token claim indicated by the CLAIM variable must be for the user to be granted admin-override.

String

true

For example, you can use this admin-override feature to assign the sr-admin role to a single user in Red Hat build of Keycloak, which grants that user the admin role. That user can then use the /admin/roleMappings REST API (or associated UI) to grant roles to additional users (including additional admins).

Apicurio Registry owner-only authorization

You can set the following options to true to enable owner-only authorization for updates to artifacts or artifact groups in Apicurio Registry:

Expand
Table 3.15. Configuration for owner-only authorization
Environment variableJava system propertyTypeDefault value

QUARKUS_OIDC_TENANT_ENABLED

quarkus.oidc.tenant-enabled

Boolean

false

APICURIO_AUTH_OWNER-ONLY-AUTHORIZATION

apicurio.auth.owner-only-authorization

Boolean

false

APICURIO_AUTH_OWNER-ONLY-AUTHORIZATION_LIMIT-GROUP-ACCESS

apicurio.auth.owner-only-authorization.limit-group-access

Boolean

false

When owner-only authorization is enabled, only the user who created an artifact can modify or delete that artifact.

When owner-only authorization and group owner-only authorization are both enabled, only the user who created an artifact group has write access to that artifact group, for example, to add or remove artifacts in that group.

Apicurio Registry authenticated read access

When the authenticated read access option is enabled, Apicurio Registry grants at least read-only access to requests from any authenticated user in the same organization, regardless of their user role.

To enable authenticated read access, you must first enable role-based authorization, and then ensure that the following options are set to true:

Expand
Table 3.16. Configuration for authenticated read access
Environment variableJava system propertyTypeDefault value

QUARKUS_OIDC_TENANT-ENABLED

quarkus.oidc.tenant-enabled

Boolean

false

APICURIO_AUTH_AUTHENTICATED-READ-ACCESS_ENABLED

apicurio.auth.authenticated-read-access.enabled

Boolean

false

For more details, see the section called “Apicurio Registry role-based authorization”.

Apicurio Registry anonymous read-only access

In addition to the two main types of authorization (role-based and owner-based authorization), Apicurio Registry supports an anonymous read-only access option.

To allow anonymous users, such as REST API calls with no authentication credentials, to make read-only calls to the REST API, set the following options to true:

Expand
Table 3.17. Configuration for anonymous read-only access
Environment variableJava system propertyTypeDefault value

QUARKUS_OIDC_TENANT-ENABLED

quarkus.oidc.tenant-enabled

Boolean

false

APICURIO_AUTH_ANONYMOUS-READ-ACCESS_ENABLED

apicurio.auth.anonymous-read-access.enabled

Boolean

false

Chapter 4. Configuring your Apicurio Registry deployment
링크 복사

This chapter explains how to set important configuration options for your Apicurio Registry deployment. This includes features such as the Apicurio Registry web console, logging, and health checks:

Note

For a list of all available configuration options, see Chapter 13, Apicurio Registry configuration reference.

4.1. Configuring the Apicurio Registry web console
링크 복사

You can set optional environment variables to configure the Apicurio Registry web console specifically for your deployment environment or to customize its behavior.

Prerequisites

  • You have already installed Apicurio Registry.
Configuring the web console deployment environment

When you access the Apicurio Registry web console in your browser, some initial configuration settings are loaded. The following configuration settings are required:

  • URL for core Apicurio Registry server REST API v3

Typically the Apicurio Registry operator will automatically configure the UI component with the REST API v3 URL. However, you can override this value by configuring the appropriate environment variable in the UI component deployment configuration.

Procedure

Configure the following environment variables to override the default URL:

  • REGISTRY_API_URL: Specifies the URL for the core Apicurio Registry server REST API v3. For example, https://registry-api.my-domain.com/apis/registry/v3
Configuring the web console in read-only mode

You can configure the Apicurio Registry web console in read-only mode as an optional feature. This mode disables all features in the Apicurio Registry web console that allow users to make changes to registered artifacts. For example, this includes the following:

  • Creating a group
  • Creating an artifact
  • Uploading a new artifact version
  • Updating artifact metadata
  • Deleting an artifact

Procedure

Configure the following environment variable:

  • REGISTRY_FEATURE_READ_ONLY: Set to true to enable read-only mode. Defaults to false.

4.1.1. Configuring Apicurio Registry health checks on OpenShift
링크 복사

You can configure optional environment variables for liveness and readiness probes to monitor the health of the Apicurio Registry server on OpenShift:

  • Liveness probes test if the application can make progress. If the application cannot make progress, OpenShift automatically restarts the failing Pod.
  • Readiness probes test if the application is ready to process requests. If the application is not ready, it can become overwhelmed by requests, and OpenShift stops sending requests for the time that the probe fails. If other Pods are OK, they continue to receive requests.
Important

The default values of the liveness and readiness environment variables are designed for most cases and should only be changed if required by your environment. Any changes to the defaults depend on your hardware, network, and amount of data stored. These values should be kept as low as possible to avoid unnecessary overhead.

Prerequisites

  • You must have an OpenShift cluster with cluster administrator access.
  • You must have already installed Apicurio Registry on OpenShift.
  • You must have already installed and configured your chosen Apicurio Registry storage in either AMQ Streams or PostgreSQL.

Procedure

  1. In the OpenShift Container Platform web console, log in using an account with cluster administrator privileges.
  2. Click Installed Operators > Apicurio Registry.
  3. On the ApicurioRegistry tab, click the Operator custom resource for your deployment, for example, example-apicurioregistry.
  4. In the main overview page, find the Deployment Name section and the corresponding DeploymentConfig name for your Apicurio Registry deployment, for example, example-apicurioregistry.
  5. In the left navigation menu, click Workloads > Deployment Configs, and select your DeploymentConfig name.

  6. Click the Environment tab, and enter your environment variables in the Single values env section, for example:

    • NAME: LIVENESS_STATUS_RESET
    • VALUE: 350

  7. Click Save at the bottom.

    Alternatively, you can perform these steps using the OpenShift oc command. For more details, see the OpenShift CLI documentation.

4.2. Environment variables for Apicurio Registry health checks
링크 복사

This section describes the available environment variables for Apicurio Registry health checks on OpenShift. These include liveness and readiness probes to monitor the health of the Apicurio Registry server on OpenShift. For an example procedure, see Section 4.1.1, “Configuring Apicurio Registry health checks on OpenShift”.

Important

The following environment variables are provided for reference only. The default values are designed for most cases and should only be changed if required by your environment. Any changes to the defaults depend on your hardware, network, and amount of data stored. These values should be kept as low as possible to avoid unnecessary overhead.

Liveness environment variables
Expand
Table 4.1. Environment variables for Apicurio Registry liveness probes
NameDescriptionTypeDefault

LIVENESS_ERROR_THRESHOLD

Number of liveness issues or errors that can occur before the liveness probe fails.

Integer

1

LIVENESS_COUNTER_RESET

Period in which the threshold number of errors must occur. For example, if this value is 60 and the threshold is 1, the check fails after two errors occur in 1 minute

Seconds

60

LIVENESS_STATUS_RESET

Number of seconds that must elapse without any more errors for the liveness probe to reset to OK status.

Seconds

300

LIVENESS_ERRORS_IGNORED

Comma-separated list of ignored liveness exceptions.

String

io.grpc.StatusRuntimeException,org.apache.kafka.streams.errors.InvalidStateStoreException

Note

Because OpenShift automatically restarts a Pod that fails a liveness check, the liveness settings, unlike readiness settings, do not directly affect behavior of Apicurio Registry on OpenShift.

Readiness environment variables
Expand
Table 4.2. Environment variables for Apicurio Registry readiness probes
NameDescriptionTypeDefault

READINESS_ERROR_THRESHOLD

Number of readiness issues or errors that can occur before the readiness probe fails.

Integer

1

READINESS_COUNTER_RESET

Period in which the threshold number of errors must occur. For example, if this value is 60 and the threshold is 1, the check fails after two errors occur in 1 minute.

Seconds

60

READINESS_STATUS_RESET

Number of seconds that must elapse without any more errors for the liveness probe to reset to OK status. In this case, this means how long the Pod stays not ready, until it returns to normal operation.

Seconds

300

READINESS_TIMEOUT

Readiness tracks the timeout of two operations:

  • How long it takes for storage requests to complete
  • How long it takes for HTTP REST API requests to return a response

If these operations take more time than the configured timeout, this is counted as a readiness issue or error. This value controls the timeouts for both operations.

Seconds

5

Additional resources

Chapter 5. Managing Apicurio Registry content using the web console
링크 복사

You can manage schema and API artifacts stored in Apicurio Registry by using the Apicurio Registry web console. This includes uploading and browsing Apicurio Registry content, configuring optional rules for content, and generating client sdk code:

5.1. Viewing artifacts using the Apicurio Registry web console
링크 복사

You can use the Apicurio Registry web console to browse the schema and API artifacts stored in Apicurio Registry. This section shows a simple example of viewing Apicurio Registry groups, artifacts, versions, and rules.

Prerequisites

  • Apicurio Registry is installed and running in your environment.

  • You are logged in to the Apicurio Registry web console:

    http://MY_REGISTRY_UI_URL/

  • Artifacts have been added to Apicurio Registry using the web console, command line, Maven plug-in, or a client application.

Procedure

  1. On the Explore tab, browse the list of artifacts stored in Apicurio Registry, or enter a search string to find an artifact. You can select from the list to search by specific criteria such as name, group, labels, or global ID.

    Figure 5.1. Artifacts in Apicurio Registry web console

    Artifacts in Registry web console
    View larger image
    Artifacts in Registry web console

  2. Click an artifact to view the following details:

    • Overview: Displays artifact metadata such as artifact ID, name, description, labels, and so on. Also displays rules for validity and compatibility that you can configure for artifact content.
    • Versions: Displays a list of all artifact versions. This will be empty unless you chose to upload a first version when you created the artifact.

    • Branches: Displays a list of branches for the artifact. This will display at least the latest branch, but might display other generated branches depending on your configuration.

      Figure 5.2. Artifact details in Apicurio Registry web console

      Artifacts in Registry web console
      View larger image
      Artifacts in Registry web console

  3. Click the Versions tab to view a list of all artifact versions. Then click one of the versions in the list, or choose View Version from the Action menu for a version in the list. You will then see the following artifact version details:

    • Overview: Displays artifact version metadata such as version name, description, global ID, content ID, labels, and so on. Also displays any comments created for the artifact version.
    • Documentation (OpenAPI and AsyncAPI only): Displays automatically-generated REST API documentation.
    • Content: Displays a read-only view of the full artifact version content. For JSON content, you can click JSON or YAML to display your preferred format.

    • References: Displays a read-only view of all artifacts referenced by this artifact version. You can also click View artifacts that reference this artifact version.

      Figure 5.3. Artifact version details in Apicurio Registry web console

      Artifacts in Registry web console
      View larger image
      Artifacts in Registry web console
  4. To save the artifact contents to a local file, for example, my-openapi.json or my-protobuf-schema.proto, and click Download.

5.2. Adding artifacts using the Apicurio Registry web console
링크 복사

You can use the Apicurio Registry web console to upload schema and API artifacts to Apicurio Registry. This section shows simple examples of creating Apicurio Registry artifacts and adding new artifact versions.

Prerequisites

  • Apicurio Registry is installed and running in your environment.

  • You are logged in to the Apicurio Registry web console:

    http://MY_REGISTRY_UI_URL/

Procedure

  1. On the Explore tab, click Create artifact, and complete the Create artifact wizard:

    Note

    You can create a placeholder artifact without content, but you must specify the artifact type, as Apicurio Registry cannot automatically detect the content type. Creating a placeholder allows you create rules first and add content later.

    1. Specify the Artifact Coordinates and click Next:

      • Group ID & Artifact ID: Use the default empty settings to automatically generate an artifact ID and add the artifact to the default artifact group. Alternatively, you can enter an optional artifact group or artifact ID.
      • Type: Use the default Auto-Detect setting to automatically detect the artifact type (not allowed if creating an empty artifact), or select the artifact type from the list, for example, Avro Schema or OpenAPI. You must manually select the Kafka Connect Schema artifact type, which cannot be automatically detected.

    2. Specify the Artifact Metadata and click Next:

      • Name: Enter an optional friendly name for the new artifact.
      • Description: Enter an optional description for the new artifact.
      • Labels: Optionally add one or more label (name/value pair) for the new artifact.

    3. Specify the Version Content and click Next:

      • Version Number: Optionally add a version string if creating a first version.

      • Content: Specify the content using either of the following options:

        • From file: Click Browse, and select a file, or drag and drop a file. For example, my-openapi.json or my-schema.proto. Alternatively, you can enter the file contents in the text box.
        • From URL: Enter a valid and accessible URL, and click Fetch. For example: https://petstore3.swagger.io/api/v3/openapi.json.

    4. Specify the Version Metadata:

      • Name: Enter an optional friendly name for the first artifact version.
      • Description: Enter an optional description for the first artifact version.
      • Labels: Optionally add one or more label (name/value pair) for the first artifact version.

  2. Click Create and view the artifact details:

    • Overview: Displays artifact metadata such as artifact ID, name, description, labels, and so on. Also displays rules for validity and compatibility that you can configure for artifact content.
    • Versions: Displays a list of all artifact versions. This will be empty unless you chose to upload a first version when you created the artifact.

    • Branches: Displays a list of branches for the artifact. This will display at least the latest branch, but might display other generated branches depending on your configuration.

      The following example shows an example Apache Avro artifact:

      Figure 5.4. Artifact details in Apicurio Registry web console

      Artifact details in Registry web console
      View larger image
      Artifact details in Registry web console

  3. On the Overview tab, click the Edit pencil icon to edit artifact metadata such as name or description.

    You can also add zero or more labels (name + value) for categorizing and searching purposes. To add labels, perform the following steps:

    1. Click Add label.
    2. Enter the key name and the value (optional).
    3. Repeat the first two steps to add multiple properties.
    4. Click Save.
  4. To save the artifact contents to a local file, for example, my-protobuf-schema.proto or my-openapi.json, click Download at the end of the page.

  5. To add a new artifact version, switch to the Versions tab and then click Create version in the toolbar. From there, provide the following information:

    1. Version Number: Optionally add a version string for the new version.

    2. Content: Specify the content using either of the following options:

      1. From file: Click Browse, and select a file, or drag and drop a file. For example, my-openapi.json or my-schema.proto. Alternatively, you can enter the file contents in the text box.
      2. From URL: Enter a valid and accessible URL, and click Fetch. For example: https://petstore3.swagger.io/api/v3/openapi.json.
    3. Now you can click the Create button to create the new version.

  6. To delete an artifact, click Delete in the page header.

    Warning

    Deleting an artifact deletes the artifact and all of its versions, and cannot be undone.

5.3. Configuring content rules using the Apicurio Registry web console
링크 복사

You can use the Apicurio Registry web console to configure optional rules to prevent invalid or incompatible content from being added to Apicurio Registry. All configured artifact-specific, group-specific, or global rules must pass before a new artifact version can be uploaded to Apicurio Registry. Configured artifact-specific rules override any configured group-specific rules, which in turn override any global rules. This section shows a simple example of configuring global, group-specific, and artifact-specific rules.

Prerequisites

  • Apicurio Registry is installed and running in your environment.

  • You are logged in to the Apicurio Registry web console:

    http://MY_REGISTRY_UI_URL/

  • Artifacts have been added to Apicurio Registry using the web console, command line, Maven plug-in, or a Java client application.
  • When role-based authorization is enabled, you have administrator access for global rules configuration.

Procedure (group-specific rules)

  1. On the Explore tab, browse the list of groups in Apicurio Registry by selecting Groups from the "Search for" menu.
  2. Click a group to view its details and content rules.

  3. In Group-specific rules, click Enable to configure a validity, compatibility, or integrity rule for all artifact content in the group, and select the appropriate rule configuration from the list. For example, for Validity rule, select Full.

    Figure 5.5. Group-specific rules in Apicurio Registry web console

    Configure group-specific rules in Registry web console
    View larger image
    Configure group-specific rules in Registry web console

Procedure (artifact-specific rules)

  1. On the Explore tab, browse the list of artifacts in Apicurio Registry by selecting Artifacts from the "Search for" menu.
  2. Click an artifact from the list to view its details and content rules.

  3. In Artifact-specific rules, click Enable to configure a validity, compatibility, or integrity rule for artifact content, and select the appropriate rule configuration from the list. For example, for Validity rule, select Full.

    Figure 5.6. Artifact content rules in Apicurio Registry web console

    Configure rules in Registry web console
    View larger image
    Configure rules in Registry web console

Procedure (global rules)

  1. To access global rules, click the Global rules tab.

  2. Click Enable to configure global validity, compatibility, or integrity rules for all artifact content, and select the appropriate rule configuration from the list.

    Figure 5.7. Artifact content rules in Apicurio Registry web console

    Configure rules in Registry web console
    View larger image
    Configure rules in Registry web console
Note

To disable an artifact-specific, group-specific, or global rule, click the trash icon next to the rule. If you do this, and the rule is configured at a higher level (e.g. Global), then the higher level rule configuration will once again be applied.

5.4. Changing an artifact owner using the Apicurio Registry web console
링크 복사

As an administrator or as an owner of a schema or API artifact, you can use the Apicurio Registry web console to change the artifact owner to another user account.

For example, this feature is useful if the Artifact owner-only authorization option is set for the Apicurio Registry on the Settings tab so that only owners or administrators can modify artifacts. You might need to change owner if the owner user leaves the organization or the owner account is deleted. Or if you simply need to transition modification authorization to a new user.

Note

The Artifact owner-only authorization setting and the artifact Owner field are displayed only if authentication was enabled when the Apicurio Registry was deployed. For more details, see

Installing and deploying Red Hat build of Apicurio Registry on OpenShift.

Prerequisites

  • The Apicurio Registry is deployed and the artifact is created.

  • You are logged in to the Apicurio Registry web console as the artifact’s current owner or as an administrator:

    http://MY_REGISTRY_UI_URL/

Procedure

  1. On the Explore tab, browse the list of artifacts stored in Apicurio Registry, or enter a search string to find the artifact. You can select from the list to search by criteria such as name, group, labels, or global ID.
  2. Click the artifact that you want to reassign.
  3. In the Overview section, click the pencil icon next to the Owner field.
  4. In the New owner field, select or enter an account name.
  5. Click Change owner.

5.5. Configuring Apicurio Registry settings using the web console
링크 복사

As an administrator, you can use the Apicurio Registry web console to configure dynamic settings for Apicurio Registry at runtime. You can manage configuration options for features such as authentication, authorization, and API compatibility.

Note

Authentication and authorization settings are only displayed in the web console if authentication was already enabled when the Apicurio Registry was deployed. For more details, see Chapter 4, Configuring your Apicurio Registry deployment.

Prerequisites

  • The Apicurio Registry is already deployed.

  • You are logged in to the Apicurio Registry web console with administrator access:

    http://MY_REGISTRY_UI_URL/

Procedure

  1. In the Apicurio Registry web console, click the Settings tab.

  2. Select the settings that you want to configure for Apicurio Registry:

    Expand
    Table 5.1. Authentication settings
    SettingDescription

    HTTP basic authentication

    Displayed only when authentication is already enabled (during deployment). When selected, Apicurio Registry users can authenticate using HTTP basic authentication, in addition to OAuth. Not selected by default.

    Expand
    Table 5.2. Authorization settings
    SettingDescription

    Anonymous read access

    Displayed only when authentication is already enabled. When selected, Apicurio Registry grants read-only access to requests from anonymous users without any credentials. This setting is useful if you want to use Apicurio Registry to publish schemas or APIs externally. Not selected by default.

    Artifact owner-only authorization

    Displayed only when authentication is already enabled. When selected, only the user who created an artifact can modify that artifact. Not selected by default.

    Artifact group owner-only authorization

    Displayed only when authentication is already enabled and Artifact owner-only authorization is also enabled. When selected, only the user who created an artifact group has write access to that artifact group, for example, to add or remove artifacts in that group. Not selected by default.

    Authenticated read access

    Displayed only when authentication is already enabled. When selected, Apicurio Registry grants at least read-only access to requests from any authenticated user regardless of their user role. Not selected by default.

    Expand
    Table 5.3. Compatibility settings
    SettingDescription

    Canonical hash mode (compatibility API)

    When selected, the Schema Registry compatibility API uses the canonical hash instead of the regular hash of the content.

    Legacy ID mode (compatibility API)

    When selected, the Confluent Schema Registry compatibility API uses globalId instead of contentId as an artifact identifier.

    Maximum number of Subjects returned (compatibility API)

    Determines the maximum number of Subjects that will be returned by the Confluent Schema Registry compatibility API (for the /subjects endpoint).

    Expand
    Table 5.4. Web console settings
    SettingDescription

    Download link expiry

    The number of seconds that a generated link to a .zip download file is active before expiring for security reasons, for example, when exporting artifact data from Apicurio Registry. Defaults to 30 seconds.

    Expand
    Table 5.5. Semantic versioning settings
    SettingDescription

    Automatically create semver branches

    When enabled, automatically create or update branches for major ('A.x') and minor ('A.B.x') artifact versions.

    Ensure all version numbers are 'semver' compatible

    When enabled, validate that all artifact versions conform to Semantic Versioning 2 format (https://semver.org).

    Expand
    Table 5.6. Additional properties
    SettingDescription

    Delete artifact

    When selected, users are permitted to delete artifacts in Apicurio Registry by using the Core Registry API. Not selected by default.

    Delete artifact version

    When selected, users are permitted to delete artifact versions in Apicurio Registry by using the Core Registry API. Not selected by default.

    Delete group

    When selected, users are permitted to delete groups in Apicurio Registry by using the Core Registry API. Not selected by default.

    Storage read-only mode

    When selected, Registry will return an error for operations that write to the storage (this property excepted). Not enabled by default.

5.6. Exporting and importing data using the Apicurio Registry web console
링크 복사

As an administrator, you can use the Apicurio Registry web console to export data from one Apicurio Registry instance, and import this data into another Apicurio Registry instance. You can use this feature to easily migrate data between different instances.

The following example shows how to export and import existing data in a .zip file from one Apicurio Registry instance to another instance. All the artifact data contained in the Apicurio Registry instance is exported in the .zip file.

Prerequisites

  • Apicurio Registry instances have been created as follows:

    • The source instance that you are exporting from contains at least one schema or API artifact
    • The target instance that you are importing into is empty to preserve unique IDs

  • You are logged into the Apicurio Registry web console with administrator access:

    http://MY_REGISTRY_UI_URL/

Procedure

  1. In the web console for the source Apicurio Registry instance, view the Explore tab.
  2. Click the additional actions icon (three vertical dots) next to Create artifact in the toolbar, and select Export all (as .ZIP) to export the data for this Apicurio Registry instance to a .zip download file.
  3. In the web console for the target Apicurio Registry instance, view the Explore tab.
  4. Click the additional actions icon (three vertical dots) next to Create artifact in the toolbar, and select Import from .ZIP.
  5. Drag and drop or browse to the .zip download file that you exported earlier.
  6. Click Import and wait for the data to be imported.

Chapter 6. Managing Apicurio Registry content using the REST API
링크 복사

Client applications can use Apicurio Registry REST API operations to manage schema and API artifacts in Apicurio Registry, for example, in a CI/CD pipeline deployed in production. The Core Registry API v3 provides operations for artifacts, versions, metadata, and rules stored in Apicurio Registry. For detailed information, see the Apicurio Registry REST API documentation.

This chapter shows examples of how to use the Core Registry API v3 to perform the following tasks:

Prerequisites

6.1. Managing schema and API artifacts using Apicurio Registry REST API commands
링크 복사

This section shows a simple curl-based example of using the Core Registry API v3 to add and retrieve a simple schema artifact in Apicurio Registry.

Prerequisites

  • Apicurio Registry is installed and running in your environment.

Procedure

  1. Add an artifact to Apicurio Registry using the /groups/{groupId}/artifacts operation. The following example curl command adds a simple schema artifact for a share price application: 

    $ curl -X POST MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  --data-raw '{
    "artifactId": "share-price",
    "artifactType": "AVRO",
    "firstVersion": {
        "content": {
            "content": "{\"type\":\"record\",\"name\":\" p\",\"namespace\":\"com.example\", \"fields\":[{\"name\":\"symbol\",\"type\":\"string\"},{\"name\":\"price\",\"type\":\"string\"}]}",
            "contentType": "application/json"
        }
    }
}'
    Copy to Clipboard Toggle word wrap
    • This example adds an Apache Avro schema artifact with an artifact ID of share-price. If you do not specify a unique artifact ID, Apicurio Registry generates one automatically as a UUID.
    • MY-REGISTRY-URL is the host name on which Apicurio Registry is deployed. For example: http://localhost:8080.
    • This example specifies a group ID of my-group in the API path. If you do not specify a unique group ID, you must specify ../groups/default in the API path.

  2. Verify that the response includes the expected JSON body to confirm that the artifact was added. For example: 

    {"artifact":{"owner":"","createdOn":"2024-09-26T17:24:21Z","modifiedBy":"","modifiedOn":"2024-09-26T17:24:21Z","artifactType":"AVRO","groupId":"my-group","artifactId":"share-price"},"version":{"version":"1","owner":"","createdOn":"2024-09-26T17:24:21Z","artifactType":"AVRO","globalId":2,"state":"ENABLED","groupId":"my-group","contentId":2,"artifactId":"share-price"}}
    Copy to Clipboard Toggle word wrap
    • No version was specified when adding the artifact, so the default version 1 is created automatically.
    • This was the second artifact added to Apicurio Registry, so the global ID and content ID have a value of 2.

  3. Retrieve the artifact version content from Apicurio Registry using its artifact ID in the API path. In this example, the specified ID is share-price: 

    $ curl -H "Authorization: Bearer $ACCESS_TOKEN" \
 MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts/share-price/versions/1/content
 {"type":"record","name":"price","namespace":"com.example",
  "fields":[{"name":"symbol","type":"string"},{"name":"price","type":"string"}]}
    Copy to Clipboard Toggle word wrap

6.2. Managing schema and API artifact versions using Apicurio Registry REST API commands
링크 복사

If you do not specify an artifact version number when adding schema and API artifacts using the Core Registry API v3, Apicurio Registry generates a version number automatically. The default version when creating a new artifact is 1.

Apicurio Registry also supports custom versioning where you can specify a version number when creating the artifact or artifact version. Specifying a custom version value overrides the default version normally assigned when creating an artifact or artifact version. You can then use this version value when executing REST API operations that require a version number.

This section shows a simple curl-based example of using the Core Registry API v3 to add and retrieve a custom Apache Avro schema version in Apicurio Registry. You can specify custom version numbers to create artifacts, or to add artifact versions.

Prerequisites

  • Apicurio Registry is installed and running in your environment.

Procedure

  1. Add an artifact version in the registry using the /groups/{groupId}/artifacts operation. The following example curl command adds a simple artifact for a share price application: 

    $ curl -X POST MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  --data-raw '{
    "artifactId": "my-share-price",
    "artifactType": "AVRO",
    "firstVersion": {
        "version": "1.1.1",
        "content": {
            "content": "{\"type\":\"record\",\"name\":\" p\",\"namespace\":\"com.example\", \"fields\":[{\"name\":\"symbol\",\"type\":\"string\"},{\"name\":\"price\",\"type\":\"string\"}]}",
            "contentType": "application/json"
        }
    }
}'
    Copy to Clipboard Toggle word wrap
    • This example adds an Avro schema artifact with an artifact ID of my-share-price and version of 1.1.1. If you do not specify a version, Apicurio Registry automatically generates a default version of 1.
    • MY-REGISTRY-URL is the host name on which Apicurio Registry is deployed. For example: http://localhost:8080.
    • This example specifies a group ID of my-group in the API path. If you do not specify a unique group ID, you must specify ../groups/default in the API path.

  2. Verify that the response includes the expected JSON body to confirm that the custom artifact version was added. For example: 

    {"artifact":{"owner":"","createdOn":"2024-09-26T17:06:21Z","modifiedBy":"","modifiedOn":"2024-09-26T17:06:21Z","artifactType":"AVRO","groupId":"my-group","artifactId":"my-share-price"},"version":{"version":"1.1.1","owner":"","createdOn":"2024-09-26T17:06:21Z","artifactType":"AVRO","globalId":4,"state":"ENABLED","groupId":"my-group","contentId":4,"artifactId":"my-share-price"}}
    Copy to Clipboard Toggle word wrap
    • A custom version of 1.1.1 was specified when adding the artifact.
    • This was the fourth artifact added to the registry, so the global ID and content ID have a value of 4.

  3. Retrieve the artifact content from the registry using its artifact ID and version in the API path. In this example, the specified ID is my-share-price and the version is 1.1.1: 

    $ curl -H "Authorization: Bearer $ACCESS_TOKEN" \
    MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts/my-share-price/versions/1.1.1/content
{"type":"record","name":"price","namespace":"com.example",
  "fields":[{"name":"symbol","type":"string"},{"name":"price","type":"string"}]}
    Copy to Clipboard Toggle word wrap

6.3. Managing schema and API artifact references using Apicurio Registry REST API commands
링크 복사

Some Apicurio Registry artifact types can include artifact references from one artifact file to another. You can create efficiencies by defining reusable schema or API artifacts, and then referencing them from multiple locations in artifact references.

The following artifact types support artifact references:

  • Apache Avro
  • Google Protobuf
  • JSON Schema
  • OpenAPI
  • AsyncAPI

This section shows a simple curl-based example of using the Core Registry API v3 to add and retrieve an artifact reference to a simple Avro schema artifact in Apicurio Registry.

This example first creates a schema artifact named ItemId:

ItemId schema

{
    "namespace":"com.example.common",
    "name":"ItemId",
    "type":"record",
    "fields":[
        {
            "name":"id",
            "type":"int"
        }
    ]
}
Copy to Clipboard Toggle word wrap

This example then creates a schema artifact named Item, which includes a reference to the nested ItemId artifact.

Item schema with nested ItemId schema

{
    "namespace":"com.example.common",
    "name":"Item",
    "type":"record",
    "fields":[
        {
            "name":"itemId",
            "type":"com.example.common.ItemId"
        }
    ]
}
Copy to Clipboard Toggle word wrap

Prerequisites

  • Apicurio Registry is installed and running in your environment.

Procedure

  1. Add the ItemId schema artifact that you want to create the nested artifact reference to using the /groups/{groupId}/artifacts operation: 

    $ curl -X POST MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts \
   -H "Content-Type: application/json" \
   -H "Authorization: Bearer $ACCESS_TOKEN" \
   --data '{"artifactId":"ItemId","artifactType":"AVRO","firstVersion":{"version":"1.0.0","content":{"content":"{\"namespace\":\"com.example.common\",\"name\":\"ItemId\",\"type\":\"record\",\"fields\":[{\"name\":\"id\",\"type\":\"int\"}]}","contentType":"application/json"}}}'
    Copy to Clipboard Toggle word wrap
    • This example adds an Avro schema artifact with an artifact ID of ItemId. If you do not specify a unique artifact ID, Apicurio Registry generates one automatically as a UUID.
    • MY-REGISTRY-URL is the host name on which Apicurio Registry is deployed. For example: http://localhost:8080.
    • This example specifies a group ID of my-group in the API path. If you do not specify a unique group ID, you must specify ../groups/default in the API path.

  2. Verify that the response includes the expected JSON body to confirm that the artifact was added. For example: 

    {"artifact":{"owner":"","createdOn":"2024-09-26T16:27:38Z","modifiedBy":"","modifiedOn":"2024-09-26T16:27:38Z","artifactType":"AVRO","groupId":"my-group","artifactId":"ItemId"},"version":{"version":"1.0.0","owner":"","createdOn":"2024-09-26T16:27:38Z","artifactType":"AVRO","globalId":2,"state":"ENABLED","groupId":"my-group","contentId":2,"artifactId":"ItemId"}}
    Copy to Clipboard Toggle word wrap

  3. Add the Item schema artifact that includes the artifact reference to the ItemId schema using the /groups/{groupId}/artifacts operation: 

    $ curl -X POST MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
--data-raw '{
	"artifactId": "Item",
	"artifactType": "AVRO",
	"firstVersion": {
		"version": "1.0.0",
		"content": {
			"content": "{\"namespace\":\"com.example.common\",\"name\":\"Item\",\"type\":\"record\",\"fields\":[{\"name\":\"itemId\",\"type\":\"com.example.common.ItemId\"}]}",
			"contentType": "application/json",
			"references": [
				{
					"name": "com.example.common.ItemId",
					"groupId": "my-group",
					"artifactId": "ItemId",
					"version": "1.0.0"
				}
			]
		}
	}
}'
    Copy to Clipboard Toggle word wrap

  4. Verify that the response includes the expected JSON body to confirm that the artifact was created with the reference. For example: 

    {"artifact":{"owner":"","createdOn":"2024-09-26T16:28:45Z","modifiedBy":"","modifiedOn":"2024-09-26T16:28:45Z","artifactType":"AVRO","groupId":"my-group","artifactId":"Item"},"version":{"version":"1.0.0","owner":"","createdOn":"2024-09-26T16:28:45Z","artifactType":"AVRO","globalId":3,"state":"ENABLED","groupId":"my-group","contentId":3,"artifactId":"Item"}}
    Copy to Clipboard Toggle word wrap

  5. Retrieve the artifact reference from Apicurio Registry by specifying the coordinates of the artifact that includes the reference: 

    $ curl -H "Authorization: Bearer $ACCESS_TOKEN" MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts/Item/versions/1.0.0/references
    Copy to Clipboard Toggle word wrap

  6. Verify that the response includes the expected JSON body for this artifact reference. For example: 

    [{"groupId":"my-group","artifactId":"ItemId","version":"1.0.0","name":"com.example.common.ItemId"}]
    Copy to Clipboard Toggle word wrap

Dereference

There are some situations where having an artifact’s content with the referenced content inlined might be helpful. For those situations, the Core Registry API v3 supports the references parameter in certain operations.

This support is currently implemented for Avro, JSON Schema, Protobuf, OpenAPI and AsyncAPI when the parameter is present in a particular API operation. The parameter is not supported in other schema types.

  1. Retrieve the dereferenced (inlined) schema content: 

    $ curl -H "Authorization: Bearer $ACCESS_TOKEN" MY-REGISTRY-URL/apis/registry/v3/groups/my-group/artifacts/Item/versions/1.0.0/content?references=DEREFERENCE
    Copy to Clipboard Toggle word wrap

  2. Verify that the response includes the expected JSON body for this artifact content with the references inlined. For example: 

    {"type":"record","name":"Item","namespace":"com.example.common","fields":[{"name":"itemId","type":{"type":"record","name":"ItemId","fields":[{"name":"id","type":"int"}]}}]}
    Copy to Clipboard Toggle word wrap

This support is currently implemented only for Avro, Protobuf, OpenAPI, AsyncAPI, and JSON Schema artifacts when the dereference parameter is specified in the API operation. This parameter is not supported for any other artifact types.

Note

For Protobuf artifacts, dereferencing content is supported only when all the schemas belong to the same package.

Note

Circular dependencies are allowed by some artifact types (e.g. JSON Schema) but are not supported by Apicurio Registry.

6.4. Exporting and importing registry data using Apicurio Registry REST API commands
링크 복사

As an administrator, you can use the Core Registry API v3 to export data from one Apicurio Registry instance and import into another Apicurio Registry instance, so you can migrate data between different instances.

This section shows a simple curl-based example of using the Core Registry API v3 to export and import existing data in .zip format from one Apicurio Registry instance to another. All the artifact data contained in the Apicurio Registry instance is exported in the .zip file.

Prerequisites

  • Apicurio Registry is installed and running in your environment.

  • Apicurio Registry instances have been created:

    • The source instance that you want to export data from contains at least one schema or API artifact.
    • The target instance that you want to import data into is empty to preserve unique IDs.

Procedure

  1. Export the Apicurio Registry data from your existing source Apicurio Registry instance: 

    $ curl MY-REGISTRY-URL/apis/registry/v3/admin/export \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  --output my-registry-data.zip
    Copy to Clipboard Toggle word wrap

    MY-REGISTRY-URL is the host name on which the source Apicurio Registry is deployed. For example: http://my-source-registry:8080.

  2. Import the registry data into your target Apicurio Registry instance: 

    $ curl -X POST "MY-REGISTRY-URL/apis/registry/v3/admin/import" \
  -H "Content-Type: application/zip" -H "Authorization: Bearer $ACCESS_TOKEN" \
  --data-binary @my-registry-data.zip
    Copy to Clipboard Toggle word wrap

    MY-REGISTRY-URL is the host name on which the target Apicurio Registry is deployed. For example: http://my-target-registry:8080.

Chapter 7. Managing Apicurio Registry content using the Maven plug-in
링크 복사

When developing client applications, you can use the Apicurio Registry Maven plug-in to manage schema and API artifacts stored in Apicurio Registry:

Prerequisites

  • Apicurio Registry is installed and running in your environment.
  • Apache Maven is installed and configured in your environment.

7.1. Adding schema and API artifacts using the Maven plug-in
링크 복사

The most common use case for the Maven plug-in is adding artifacts during a build of your client application. You can accomplish this by using the register execution goal.

Prerequisites

Procedure

  1. Update your Maven pom.xml file to use the apicurio-registry-maven-plugin to register an artifact. The following example shows registering Apache Avro and GraphQL schemas: 

    <plugin>
  <groupId>io.apicurio</groupId>
  <artifactId>apicurio-registry-maven-plugin</artifactId>
  <version>${apicurio.version}</version>
  <executions>
      <execution>
        <phase>generate-sources</phase>
        <goals>
            <goal>register</goal>
    1 
    
        </goals>
        <configuration>
            <registryUrl>MY-REGISTRY-URL/apis/registry/v3</registryUrl>
    2 
    
            <authServerUrl>MY-AUTH-SERVER</authServerUrl>
            <clientId>MY-CLIENT-ID</clientId>
            <clientSecret>MY-CLIENT-SECRET</clientSecret>
    3 
    
            <clientScope>MY-CLIENT-SCOPE</clientScope>
            <artifacts>
                <artifact>
                    <groupId>TestGroup</groupId>
    4 
    
                    <artifactId>FullNameRecord</artifactId>
                    <file>${project.basedir}/src/main/resources/schemas/record.avsc</file>
                    <ifExists>FAIL</ifExists>
                </artifact>
                <artifact>
                    <groupId>TestGroup</groupId>
                    <artifactId>ExampleAPI</artifactId>
    5 
    
                    <artifactType>GRAPHQL</artifactType>
                    <file>${project.basedir}/src/main/resources/apis/example.graphql</file>
                    <ifExists>FIND_OR_CREATE_VERSION</ifExists>
                    <canonicalize>true</canonicalize>
                </artifact>
            </artifacts>
        </configuration>
    </execution>
  </executions>
 </plugin>
    Copy to Clipboard Toggle word wrap
    1
    Specify register as the execution goal to upload the schema artifact to Apicurio Registry.
    2
    Specify the Apicurio Registry URL with the ../apis/registry/v3 endpoint.
    3
    If authentication is required, you can specify your authentication server and client credentials.
    4
    Specify the Apicurio Registry artifact group ID. You can specify the default group if you do not want to use a unique group ID.
    5
    You can register multiple artifacts using the specified group ID, artifact ID, and location.
  2. Build your Maven project, for example, by using the mvn package command.

7.2. Downloading schema and API artifacts using the Maven plug-in
링크 복사

You can use the Maven plug-in to download artifacts from Apicurio Registry. This is often useful, for example, when generating code from a registered schema.

Prerequisites

Procedure

  1. Update your Maven pom.xml file to use the apicurio-registry-maven-plugin to download an artifact. The following example shows downloading Apache Avro and GraphQL schemas. 

    <plugin>
  <groupId>io.apicurio</groupId>
  <artifactId>apicurio-registry-maven-plugin</artifactId>
  <version>${apicurio.version}</version>
  <executions>
    <execution>
      <phase>generate-sources</phase>
      <goals>
        <goal>download</goal>
    1 
    
      </goals>
      <configuration>
          <registryUrl>MY-REGISTRY-URL/apis/registry/v3</registryUrl>
    2 
    
          <authServerUrl>MY-AUTH-SERVER</authServerUrl>
          <clientId>MY-CLIENT-ID</clientId>
          <clientSecret>MY-CLIENT-SECRET</clientSecret>
    3 
    
          <clientScope>MY-CLIENT-SCOPE</clientScope>
          <artifacts>
              <artifact>
                  <groupId>TestGroup</groupId>
    4 
    
                  <artifactId>FullNameRecord</artifactId>
    5 
    
                  <file>${project.build.directory}/classes/record.avsc</file>
                  <overwrite>true</overwrite>
              </artifact>
              <artifact>
                  <groupId>TestGroup</groupId>
                  <artifactId>ExampleAPI</artifactId>
                  <version>1</version>
                  <file>${project.build.directory}/classes/example.graphql</file>
                  <overwrite>true</overwrite>
              </artifact>
          </artifacts>
      </configuration>
    </execution>
  </executions>
</plugin>
    Copy to Clipboard Toggle word wrap
    1
    Specify download as the execution goal.
    2
    Specify the Apicurio Registry URL with the ../apis/registry/v3 endpoint.
    3
    If authentication is required, you can specify your authentication server and client credentials.
    4
    Specify the Apicurio Registry artifact group ID. You can specify the default group if you do not want to use a unique group.
    5
    You can download multiple artifacts to a specified directory using the artifact ID.
  2. Build your Maven project, for example, by using the mvn package command.

7.3. Testing schema and API artifacts using the Maven plug-in
링크 복사

You might want to verify that an artifact can be registered without actually making any changes. This is often useful when rules are configured in Apicurio Registry. Testing the artifact results in a failure if the artifact content violates any of the configured rules.

Note

When testing artifacts using the Maven plug-in, even if the artifact passes the test, no content is added to Apicurio Registry.

Prerequisites

Procedure

  1. Update your Maven pom.xml file to use the apicurio-registry-maven-plugin to test an artifact. The following example shows testing an Apache Avro schema: 

    <plugin>
  <groupId>io.apicurio</groupId>
  <artifactId>apicurio-registry-maven-plugin</artifactId>
  <version>${apicurio.version}</version>
  <executions>
      <execution>
        <phase>generate-sources</phase>
        <goals>
            <goal>test-update</goal>
    1 
    
        </goals>
        <configuration>
            <registryUrl>MY-REGISTRY-URL/apis/registry/v3</registryUrl>
    2 
    
            <authServerUrl>MY-AUTH-SERVER</authServerUrl>
            <clientId>MY-CLIENT-ID</clientId>
            <clientSecret>MY-CLIENT-SECRET</clientSecret>
    3 
    
            <clientScope>MY-CLIENT-SCOPE</clientScope>
            <artifacts>
                <artifact>
                    <groupId>TestGroup</groupId>
    4 
    
                    <artifactId>FullNameRecord</artifactId>
                    <file>${project.basedir}/src/main/resources/schemas/record.avsc</file>
    5 
    
                </artifact>
            </artifacts>
        </configuration>
    </execution>
  </executions>
 </plugin>
    Copy to Clipboard Toggle word wrap
    1
    Specify test-update as the execution goal to test the schema artifact.
    2
    Specify the Apicurio Registry URL with the ../apis/registry/v3 endpoint.
    3
    If authentication is required, you can specify your authentication server and client credentials.
    4
    Specify the Apicurio Registry artifact group ID. You can specify the default group if you do not want to use a unique group.
    5
    You can test multiple artifacts from a specified directory using the artifact ID.
  2. Build your Maven project, for example, by using the mvn package command.

7.4. Adding artifact references manually using the Apicurio Registry Maven plug-in
링크 복사

Some Apicurio Registry artifact types can include artifact references from one artifact file to another. You can create efficiencies by defining reusable schema or API artifacts, and then referencing them from multiple locations in artifact references.

The following artifact types support artifact references:

  • Apache Avro
  • Google Protobuf
  • JSON Schema
  • OpenAPI
  • AsyncAPI

This section shows a simple example of using the Apicurio Registry Maven plug-in to manually register an artifact reference to a simple Avro schema artifact stored in Apicurio Registry. This example assumes that the following Exchange schema artifact has already been created in Apicurio Registry:

Exchange schema

{
  "namespace": "com.kubetrade.schema.common",
  "type": "enum",
  "name": "Exchange",
  "symbols" : ["GEMINI"]
}
Copy to Clipboard Toggle word wrap

This example then creates a TradeKey schema artifact, which includes a reference to the nested Exchange schema artifact:

TradeKey schema with nested reference to Exchange schema

{
  "namespace": "com.kubetrade.schema.trade",
  "type": "record",
  "name": "TradeKey",
  "fields": [
    {
      "name": "exchange",
      "type": "com.kubetrade.schema.common.Exchange"
    },
    {
      "name": "key",
      "type": "string"
    }
  ]
}
Copy to Clipboard Toggle word wrap

Prerequisites

  • You have created a Maven project for your client application. For more details, see the Apache Maven documentation.
  • The referenced Exchange schema artifact is already created in Apicurio Registry.

Procedure

  1. Update your Maven pom.xml file to use the apicurio-registry-maven-plugin to register the TradeKey schema, which includes a nested reference to the Exchange schema as follows: 

    <plugin>
    <groupId>io.apicurio</groupId>
    <artifactId>apicurio-registry-maven-plugin</artifactId>
    <version>${apicurio-registry.version}</version>
    <executions>
        <execution>
            <phase>generate-sources</phase>
            <goals>
                <goal>register</goal>
    1 
    
            </goals>
            <configuration>
                <registryUrl>MY-REGISTRY-URL/apis/registry/v3</registryUrl>
    2 
    
                <authServerUrl>MY-AUTH-SERVER</authServerUrl>
                <clientId>MY-CLIENT-ID</clientId>
                <clientSecret>MY-CLIENT-SECRET</clientSecret>
    3 
    
                <clientScope>MY-CLIENT-SCOPE</clientScope>
                <artifacts>
                    <artifact>
                        <groupId>test-group</groupId>
    4 
    
                        <artifactId>TradeKey</artifactId>
                        <version>2.0</version>
                        <artifactType>AVRO</artifactType>
                        <file>
                            ${project.basedir}/src/main/resources/schemas/TradeKey.avsc
                        </file>
                        <ifExists>FIND_OR_CREATE_VERSION</ifExists>
                        <canonicalize>true</canonicalize>
                        <references>
                            <reference>
    5 
    
                                <name>com.kubetrade.schema.common.Exchange</name>
                                <groupId>test-group</groupId>
                                <artifactId>Exchange</artifactId>
                                <version>2.0</version>
                                <artifactType>AVRO</artifactType>
                                <file>
                                    ${project.basedir}/src/main/resources/schemas/Exchange.avsc
                                </file>
                                <ifExists>FIND_OR_CREATE_VERSION</ifExists>
                                <canonicalize>true</canonicalize>
                            </reference>
                        </references>
                    </artifact>
                </artifacts>
            </configuration>
        </execution>
    </executions>
</plugin>
    Copy to Clipboard Toggle word wrap
    1
    Specify register as the execution goal to upload the schema artifacts to Apicurio Registry.
    2
    Specify the Apicurio Registry URL by using the ../apis/registry/v3 endpoint.
    3
    If authentication is required, you can specify your authentication server and client credentials.
    4
    Specify the Apicurio Registry artifact group ID. You can specify the default group if you do not want to use a unique group ID.
    5
    Specify the Apicurio Registry artifact reference using its group ID, artifact ID, version, type, and location. You can register multiple artifact references in this way.
  2. Build your Maven project, for example, by using the mvn package command.

7.5. Adding artifact references automatically using the Apicurio Registry Maven plug-in
링크 복사

Some Apicurio Registry artifact types can include artifact references from one artifact file to another. You can create efficiencies by defining reusable schema or API artifacts, and then referencing them from multiple locations in artifact references.

The following artifact types support artifact references:

  • Apache Avro
  • Google Protobuf
  • JSON Schema
  • OpenAPI
  • AsyncAPI

You can specify a single artifact and configure the Apicurio Registry Maven plugin to automatically detect all references to artifacts located in the same directory, and to automatically register those references. This is a Technology Preview feature.

Important

Technology Preview features are not supported with RedHat production service level agreements (SLAs) and might not be functionally complete. RedHat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

For more information about the support scope of RedHat Technology Preview features, see Technology Preview Features Support Scope.

This section shows a simple example of using the Maven plug-in to register an Avro schema and automatically detect and register an artifact reference to a simple schema artifact. This example assumes that the parent TradeKey artifact and the nested Exchange schema artifact are both available in the same directory:

TradeKey schema with nested reference to Exchange schema

{
  "namespace": "com.kubetrade.schema.trade",
  "type": "record",
  "name": "TradeKey",
  "fields": [
    {
      "name": "exchange",
      "type": "com.kubetrade.schema.common.Exchange"
    },
    {
      "name": "key",
      "type": "string"
    }
  ]
}
Copy to Clipboard Toggle word wrap

Exchange schema

{
  "namespace": "com.kubetrade.schema.common",
  "type": "enum",
  "name": "Exchange",
  "symbols" : ["GEMINI"]
}
Copy to Clipboard Toggle word wrap

Prerequisites

  • You have created a Maven project for your client application. For more details, see the Apache Maven documentation.
  • The TradeKey schema artifact and the nested Exchange schema artifact files are both located in the same directory.

Procedure

  1. Update your Maven pom.xml file to use the apicurio-registry-maven-plugin to register the TradeKey schema, which includes a nested reference to the Exchange schema as follows: 

    <plugin>
    <groupId>io.apicurio</groupId>
    <artifactId>apicurio-registry-maven-plugin</artifactId>
    <version>${apicurio-registry.version}</version>
    <executions>
        <execution>
            <phase>generate-sources</phase>
            <goals>
                <goal>register</goal>
    1 
    
            </goals>
            <configuration>
                <registryUrl>MY-REGISTRY-URL/apis/registry/v3</registryUrl>
    2 
    
                <authServerUrl>MY-AUTH-SERVER</authServerUrl>
                <clientId>MY-CLIENT-ID</clientId>
                <clientSecret>MY-CLIENT-SECRET</clientSecret>
    3 
    
                <clientScope>MY-CLIENT-SCOPE</clientScope>
                <artifacts>
                    <artifact>
                        <groupId>test-group</groupId>
    4 
    
                        <artifactId>TradeKey</artifactId>
                        <version>2.0</version>
                        <artifactType>AVRO</artifactType>
                        <file>
                            ${project.basedir}/src/main/resources/schemas/TradeKey.avsc
    5 
    
                        </file>
                        <ifExists>FIND_OR_CREATE_VERSION</ifExists>
                        <canonicalize>true</canonicalize>
                        <autoRefs>true</autoRefs>
    6 
    
                    </artifact>
                </artifacts>
            </configuration>
        </execution>
    </executions>
</plugin>
    Copy to Clipboard Toggle word wrap
    1
    Specify register as the execution goal to upload the schema artifacts to Apicurio Registry.
    2
    Specify the Apicurio Registry URL by using the ../apis/registry/v3 endpoint.
    3
    If authentication is required, you can specify your authentication server and client credentials.
    4
    Specify the parent artifact group ID that contains the references. You can specify the default group if you do not want to use a unique group ID.
    5
    Specify the location of the parent artifact file. All referenced artifacts must also be located in the same directory.
    6
    Set the <autoRefs> option to true to automatically detect and register all references to artifacts in the same directory. You can register multiple artifact references in this way.
  2. Build your Maven project, for example, by using the mvn package command.

Chapter 8. Managing Apicurio Registry content using a SDK
링크 복사

You can write a Apicurio Registry client application (in Java, Typescript, Python, or Golang) and use it to manage artifacts stored in Apicurio Registry:

8.1. Apicurio Registry SDK
링크 복사

You can manage artifacts stored in Apicurio Registry by using one of the provided SDKs. You can perform any desired operation supported by the REST API, including create, read, update, or delete of artifacts. You can even use the Apicurio Registry SDKs to perform administrator functions, such as managing global rules or importing and exporting Apicurio Registry data.

You can use any of the following SDKs provided as part of Apicurio Registry:

  • Java
  • Typescript
  • Python
  • Golang

8.1.1. Java
링크 복사

You can access the Apicurio Registry Java SDK by adding the correct dependency to your Apache Maven project. For more details, see Section 8.2, “Writing Apicurio Registry SDK applications”.

The Apicurio Registry client is implemented by using the HTTP client provided by the JDK, which you can customize as needed. For example, you can add custom headers or enable configuration options for Transport Layer Security (TLS) authentication. For more details, see Section 8.3, “Apicurio Registry Java SDK configuration”.

8.1.2. Typescript
링크 복사

You can access the Apicurio Registry Typescript SDK by adding the correct dependency to your application’s package.json file (assumes a node.js application):

https://www.npmjs.com/package/@apicurio/apicurio-registry-sdk

8.1.3. Python
링크 복사

You can access the Apicurio Registry Python SDK by adding the correct dependency to your python project (assumes you are using pypi):

https://pypi.org/project/apicurioregistrysdk/

8.1.4. Golang
링크 복사

You can access the Apicurio Registry Golang SDK by adding the correct dependency to your project:

https://github.com/Apicurio/apicurio-registry/tree/main/go-sdk

8.2. Writing Apicurio Registry SDK applications
링크 복사

You can write a client application to manage artifacts stored in Apicurio Registry by using one of the Apicurio Registry SDKs.

8.2.1. Using the Apicurio Registry Java SDK
링크 복사

Prerequisites

  • Apicurio Registry is installed and running in your environment.
  • You have created a Maven project for your Java client application. For more details, see Apache Maven.

Procedure

  1. Add the following dependency to your Maven project: 

    <dependency>
    <groupId>io.apicurio</groupId>
    <artifactId>apicurio-registry-java-sdk</artifactId>
    <version>${apicurio-registry.version}</version>
</dependency>
    Copy to Clipboard Toggle word wrap

  2. Create the Apicurio Registry client as follows: 

    import io.vertx.core.Vertx;public class ClientExample {

    public static void main(String[] args) throws Exception {
        // Create a registry client
        String registryUrl = "https://my-registry.my-domain.com/apis/registry/v3";
    1 
    
        Vertx vertx = Vertx.vertx();
    2 
    
        VertXRequestAdapter vertXRequestAdapter = new VertXRequestAdapter(vertx);
        vertXRequestAdapter.setBaseUrl(REGISTRY_URL);

        RegistryClient client = new RegistryClient(vertXRequestAdapter);
    3 
    

        // Use client here

        vertx.close();
    4 
    
    }
}
    Copy to Clipboard Toggle word wrap
    1
    If you specify an example Apicurio Registry URL of https://my-registry.my-domain.com, the client will automatically append /apis/registry/v3.
    2
    Create a new Vertx object (needed by the VertxRequestAdapter)
    3
    For more options when creating a Apicurio Registry client, see the Java client configuration in the next section.
    4
    When you are done with the client, close the Vertx object to free its resources.

When the client is created, you can use all of the operations available in the Apicurio Registry REST API in the client. For more details, see the Apicurio Registry REST API documentation.

8.3. Apicurio Registry Java SDK configuration
링크 복사

The Apicurio Registry Java client includes the following configuration options, based on the client factory:

Expand
Table 8.1. Apicurio Registry Java client configuration options
OptionDescriptionArguments

Plain client

Basic REST client used to interact with a running Apicurio Registry.

baseUrl

Client with custom configuration

Apicurio Registry client using the configuration provided by the user.

baseUrl, Map<String Object> configs

Client with custom configuration and authentication

Apicurio Registry client that accepts a map containing custom configuration. For example, this is useful to add custom headers to the calls. You must also provide an authentication server to authenticate the requests.

baseUrl, Map<String Object> configs, Auth auth

Custom header configuration

To configure custom headers, you must add the apicurio.registry.request.headers prefix to the configs map key. For example, a configs map key of apicurio.registry.request.headers.Authorization with a value of Basic: YWxhZGRpbjpvcGVuc2VzYW1 sets the Authorization header with the same value.

TLS configuration options

You can configure Transport Layer Security (TLS) authentication for the Apicurio Registry Java client using the following properties:

  • apicurio.registry.request.ssl.truststore.location
  • apicurio.registry.request.ssl.truststore.password
  • apicurio.registry.request.ssl.truststore.type
  • apicurio.registry.request.ssl.keystore.location
  • apicurio.registry.request.ssl.keystore.password
  • apicurio.registry.request.ssl.keystore.type
  • apicurio.registry.request.ssl.key.password

Chapter 9. Validating Kafka messages using serializers/deserializers in Java clients
링크 복사

Apicurio Registry provides client serializers/deserializers (SerDes) for Kafka producer and consumer applications written in Java. Kafka producer applications use serializers to encode messages that conform to a specific event schema. Kafka consumer applications use deserializers to validate that messages have been serialized using the correct schema, based on a specific schema ID. This ensures consistent schema use and helps to prevent data errors at runtime.

This chapter explains how to use Kafka client SerDes in your producer and consumer client applications:

Prerequisites

9.1. Kafka client applications and Apicurio Registry
링크 복사

Apicurio Registry decouples schema management from client application configuration. You can enable a Java client application to use a schema from Apicurio Registry by specifying its URL in your client code.

You can store the schemas in Apicurio Registry to serialize and deserialize messages, which are referenced from your client applications to ensure that the messages that they send and receive are compatible with those schemas. Kafka client applications can push or pull their schemas from Apicurio Registry at runtime.

Schemas can evolve, so you can define rules in Apicurio Registry, for example, to ensure that schema changes are valid and do not break previous versions used by applications. Apicurio Registry checks for compatibility by comparing a modified schema with previous schema versions.

Apicurio Registry schema technologies

Apicurio Registry provides schema registry support for schema technologies such as:

  • Avro
  • Protobuf
  • JSON Schema

These schema technologies can be used by client applications through the Kafka client serializer/deserializer (SerDes) services provided by Apicurio Registry. The maturity and usage of the SerDes classes provided by Apicurio Registry might vary. The sections that follow provide more details about each schema type.

Producer schema configuration

A producer client application uses a serializer to put the messages that it sends to a specific broker topic into the correct data format.

To enable a producer to use Apicurio Registry for serialization:

After registering your schema, when you start Kafka and Apicurio Registry, you can access the schema to format messages sent to the Kafka broker topic by the producer. Alternatively, depending on configuration, the producer can automatically register the schema on first use.

If a schema already exists, you can create a new version using the registry REST API based on compatibility rules defined in Apicurio Registry. Versions are used for compatibility checking as a schema evolves. A group ID, artifact ID, and version represents a unique tuple that identifies a schema.

Consumer schema configuration

A consumer client application uses a deserializer to get the messages that it consumes from a specific broker topic into the correct data format.

To enable a consumer to use Apicurio Registry for deserialization:

Retrieve schemas using a content ID

By default, the schema is retrieved from Apicurio Registry by the deserializer using a content ID (which is an ID unique to the content of an artifact version, but not unique to the version itself), which is specified in the message being consumed. The schema content ID can be located in the message headers or in the message payload, depending on the configuration of the producer application. By default, the content ID will be located in the message body.

When locating the content ID in the message payload, the format of the data begins with a magic byte, used as a signal to consumers, followed by the content ID, and the message data as normal. For example: 

# ...
[MAGIC_BYTE]
[CONTENT_ID]
[MESSAGE DATA]
Copy to Clipboard Toggle word wrap

Then when you start Kafka and Apicurio Registry, you can access the schema to format messages received from the Kafka broker topic.

Retrieve schemas using a global ID

Alternatively, you can configure to retrieve schemas from Apicurio Registry based on the global ID, which is the unique ID of the artifact version. The same options are available to you when using global ID instead of contentID. You can either send the global ID in the message headers or the message body (default).

When locating the global ID in the message payload, the format of the data begins with a magic byte, used as a signal to consumers, followed by the global ID, and the message data as normal. For example: 

# ...
[MAGIC_BYTE]
[GLOBAL_ID]
[MESSAGE DATA]
Copy to Clipboard Toggle word wrap

9.2. Strategies to look up a schema in Apicurio Registry
링크 복사

The Kafka client serializer uses lookup strategies to determine the artifact ID and global ID under which the message schema is registered in Apicurio Registry. For a given topic and message, you can use different implementations of the ArtifactReferenceResolverStrategy Java interface to return a reference to an artifact in the registry.

The classes for each strategy are in the io.apicurio.registry.serde.strategy package. Specific strategy classes for Avro SerDes are in the io.apicurio.registry.serde.avro.strategy package. The default strategy is the TopicIdStrategy, which looks for Apicurio Registry artifacts with the same name as the Kafka topic receiving messages.

Example

public ArtifactReference artifactReference(String topic, boolean isKey, T schema) {
        return ArtifactReference.builder()
                .groupId(null)
                .artifactId(String.format("%s-%s", topic, isKey ? "key" : "value"))
                .build();
Copy to Clipboard Toggle word wrap

  • The topic parameter is the name of the Kafka topic receiving the message.
  • The isKey parameter is true when the message key is serialized, and false when the message value is serialized.
  • The schema parameter is the schema of the message serialized or deserialized.
  • The ArtifactReference returned contains the artifact ID under which the schema is registered.

Which lookup strategy you use depends on how and where you store your schema. For example, you might use a strategy that uses a record ID if you have different Kafka topics with the same Avro message type.

Artifact resolver strategy

The artifact resolver strategy provides a way to map the Kafka topic and message information to an artifact in Apicurio Registry. The common convention for the mapping is to combine the Kafka topic name with the key or value, depending on whether the serializer is used for the Kafka message key or value.

However, you can use alternative conventions for the mapping by using a strategy provided by Apicurio Registry, or by creating a custom Java class that implements io.apicurio.registry.serde.strategy.ArtifactReferenceResolverStrategy.

Strategies to return a reference to an artifact

Apicurio Registry provides the following strategies to return a reference to an artifact based on an implementation of ArtifactReferenceResolverStrategy:

RecordIdStrategy
Avro-specific strategy that uses the full name of the schema.
TopicRecordIdStrategy
Avro-specific strategy that uses the topic name and the full name of the schema.
TopicIdStrategy
Default strategy that uses the topic name and key or value suffix.
SimpleTopicIdStrategy
Simple strategy that only uses the topic name.
DefaultSchemaResolver interface

The default schema resolver locates and identifies the specific version of the schema registered under the artifact reference provided by the artifact resolver strategy. Every version of every artifact has a single globally unique identifier that can be used to retrieve the content of that artifact. This global ID is included in every Kafka message so that a deserializer can properly fetch the schema from Apicurio Registry.

The default schema resolver can look up an existing artifact version, or it can register one if not found, depending on which strategy is used. You can also provide your own strategy by creating a custom Java class that implements io.apicurio.registry.resolver.SchemaResolver. However, it is recommended to use the DefaultSchemaResolver and specify configuration properties instead.

Configuration for registry lookup options

When using the DefaultSchemaResolver, you can configure its behavior using application properties. The following table shows some commonly used examples:

Expand
Table 9.1. Apicurio Registry lookup configuration options
PropertyTypeDescriptionDefault

apicurio.registry.find-latest

boolean

Specify whether the serializer tries to find the latest artifact in the registry for the corresponding group ID and artifact ID.

false

apicurio.registry.use-id

String

Instructs the serializer to write the specified ID to Kafka and instructs the deserializer to use this ID to find the schema.

None

apicurio.registry.auto-register

boolean

Specify whether the serializer tries to create an artifact in the registry. The JSON Schema serializer does not support this.

false

apicurio.registry.check-period-ms

String

Specify how long to cache the global ID in milliseconds. If not configured, the global ID is fetched every time.

None

9.3. Registering a schema in Apicurio Registry
링크 복사

After you have defined a schema in the appropriate format, such as Apache Avro, you can add the schema to Apicurio Registry.

You can add the schema using the following approaches:

  • Apicurio Registry web console
  • curl command using the Apicurio Registry REST API
  • Maven plug-in supplied with Apicurio Registry
  • Schema configuration added to your client code

Client applications cannot use Apicurio Registry until you have registered your schemas.

Apicurio Registry web console

When Apicurio Registry is installed, you can connect to the web console from the ui endpoint:

http://MY-REGISTRY-URL/ui

From the console, you can add, view and configure schemas. You can also create the rules that prevent invalid content being added to the registry.

Curl command example
 curl -X POST -H "Content-type: application/json; artifactType=AVRO" \
   -H "X-Registry-ArtifactId: share-price" \
1 

   --data '{
     "type":"record",
     "name":"price",
     "namespace":"com.example",
     "fields":[{"name":"symbol","type":"string"},
     {"name":"price","type":"string"}]}'
   https://my-cluster-my-registry-my-project.example.com/apis/registry/v3/groups/my-group/artifacts -s
2
Copy to Clipboard Toggle word wrap
1
Simple Avro schema artifact.
2
OpenShift route name that exposes Apicurio Registry.
Maven plug-in example
<plugin>
  <groupId>io.apicurio</groupId>
  <artifactId>apicurio-registry-maven-plugin</artifactId>
  <version>${apicurio.version}</version>
  <executions>
      <execution>
        <phase>generate-sources</phase>
        <goals>
            <goal>register</goal>
1 

        </goals>
        <configuration>
            <registryUrl>http://REGISTRY-URL/apis/registry/v3</registryUrl>
2 

            <artifacts>
                <artifact>
                    <groupId>TestGroup</groupId>
3 

                    <artifactId>FullNameRecord</artifactId>
                    <file>${project.basedir}/src/main/resources/schemas/record.avsc</file>
                    <ifExists>FAIL</ifExists>
                </artifact>
                <artifact>
                    <groupId>TestGroup</groupId>
                    <artifactId>ExampleAPI</artifactId>
4 

                    <artifactType>GRAPHQL</artifactType>
                    <file>${project.basedir}/src/main/resources/apis/example.graphql</file>
                    <ifExists>FIND_OR_CREATE_VERSION</ifExists>
                    <canonicalize>true</canonicalize>
                </artifact>
            </artifacts>
        </configuration>
    </execution>
  </executions>
 </plugin>
Copy to Clipboard Toggle word wrap
1
Specify register as the execution goal to upload the schema artifact to the registry.
2
Specify the Apicurio Registry URL with the ../apis/registry/v3 endpoint.
3
Specify the Apicurio Registry artifact group ID.
4
You can upload multiple artifacts using the specified group ID, artifact ID, and location.

9.4. Using a schema from a Kafka consumer client
링크 복사

This procedure describes how to configure a Kafka consumer client written in Java to use a schema from Apicurio Registry.

Prerequisites

  • Apicurio Registry is installed
  • The schema is registered with Apicurio Registry

Procedure

  1. Configure the client with the URL of Apicurio Registry. For example: 

    String registryUrl = "https://registry.example.com/apis/registry/v3";
Properties props = new Properties();
props.putIfAbsent(SerdeConfig.REGISTRY_URL, registryUrl);
    Copy to Clipboard Toggle word wrap

  2. Configure the client with the Apicurio Registry deserializer. For example: 

    // Configure Kafka settings
props.putIfAbsent(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, SERVERS);
props.putIfAbsent(ConsumerConfig.GROUP_ID_CONFIG, "Consumer-" + TOPIC_NAME);
props.putIfAbsent(ConsumerConfig.ENABLE_AUTO_COMMIT_CONFIG, "true");
props.putIfAbsent(ConsumerConfig.AUTO_COMMIT_INTERVAL_MS_CONFIG, "1000");
props.putIfAbsent(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest");
// Configure deserializer settings
props.putIfAbsent(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG,
    AvroKafkaDeserializer.class.getName());
    1 
    
props.putIfAbsent(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG,
    AvroKafkaDeserializer.class.getName());
    2
    Copy to Clipboard Toggle word wrap
    1
    The deserializer provided by Apicurio Registry.
    2
    The deserialization is in Apache Avro JSON format.

9.5. Using a schema from a Kafka producer client
링크 복사

This procedure describes how to configure a Kafka producer client written in Java to use a schema from Apicurio Registry.

Prerequisites

  • Apicurio Registry is installed
  • The schema is registered with Apicurio Registry

Procedure

  1. Configure the client with the URL of Apicurio Registry. For example: 

    String registryUrl = "https://registry.example.com/apis/registry/v3";
Properties props = new Properties();
props.putIfAbsent(SerdeConfig.REGISTRY_URL, registryUrl);
    Copy to Clipboard Toggle word wrap

  2. Configure the client with the serializer, and the strategy to look up the schema in Apicurio Registry. For example: 

    props.put(CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, "my-cluster-kafka-bootstrap:9092");
props.put(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, AvroKafkaSerializer.class.getName());
    1 
    
props.put(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, AvroKafkaSerializer.class.getName());
    2 
    
props.put(SerdeConfig.FIND_LATEST_ARTIFACT, Boolean.TRUE);
    3
    Copy to Clipboard Toggle word wrap
    1
    The serializer for the message key provided by Apicurio Registry.
    2
    The serializer for the message value provided by Apicurio Registry.
    3
    The lookup strategy to find the global ID for the schema.

9.6. Using a schema from a Kafka Streams application
링크 복사

This procedure describes how to configure a Kafka Streams client written in Java to use an Apache Avro schema from Apicurio Registry.

Prerequisites

  • Apicurio Registry is installed
  • The schema is registered with Apicurio Registry

Procedure

  1. Create and configure a Java client with the Apicurio Registry URL: 

    String registryUrl = "https://registry.example.com/apis/registry/v3";

RegistryService client = RegistryClient.cached(registryUrl);
    Copy to Clipboard Toggle word wrap

  2. Configure the serializer and deserializer: 

    Serializer<LogInput> serializer = new AvroKafkaSerializer<LogInput>();
    1 
    

Deserializer<LogInput> deserializer = new AvroKafkaDeserializer <LogInput>();
    2 
    

Serde<LogInput> logSerde = Serdes.serdeFrom(
    serializer,
    deserializer
);

Map<String, Object> config = new HashMap<>();
config.put(SerdeConfig.REGISTRY_URL, registryUrl);
config.put(AvroSerdeConfig.USE_SPECIFIC_AVRO_READER, true);
logSerde.configure(config, false);
    3
    Copy to Clipboard Toggle word wrap
    1
    The Avro serializer provided by Apicurio Registry.
    2
    The Avro deserializer provided by Apicurio Registry.
    3
    Configures the Apicurio Registry URL and the Avro reader for deserialization in Avro format.

  3. Create the Kafka Streams client: 

    KStream<String, LogInput> input = builder.stream(
    INPUT_TOPIC,
    Consumed.with(Serdes.String(), logSerde)
);
    Copy to Clipboard Toggle word wrap

Chapter 10. Configuring Kafka serializers/deserializers in Java clients
링크 복사

This chapter provides detailed information on how to configure Kafka serializers/deserializers (SerDes) in your producer and consumer Java client applications:

Prerequisites

10.1. Apicurio Registry serializer/deserializer configuration in client applications
링크 복사

You can configure specific client serializer/deserializer (SerDes) services and schema lookup strategies directly in a client application using the example constants shown in this section.

The following sections show examples of commonly used SerDes constants and configuration options.

Configuration for SerDes services
public class SerdeConfig {

   public static final String REGISTRY_URL = "apicurio.registry.url";
1 

   public static final String ID_HANDLER = "apicurio.registry.id-handler";
2
Copy to Clipboard Toggle word wrap
  1. The required URL of Apicurio Registry.
  2. Extends ID handling to support other ID formats and make them compatible with Apicurio Registry SerDes services. For example, you may change it from the default ID format Integer that’s also compatible with Confluent’s ID format to Long.
Configuration for SerDes lookup strategies
public class SerdeConfig {

   public static final String ARTIFACT_RESOLVER_STRATEGY = "apicurio.registry.artifact-resolver-strategy";
1 

   public static final String SCHEMA_RESOLVER = "apicurio.registry.schema-resolver";
2 

...
Copy to Clipboard Toggle word wrap
1 1
Java class that implements the artifact resolver strategy and maps between the Kafka SerDes and artifact ID. Defaults to the topic ID strategy. This is only used by the serializer class.
2 2
Java class that implements the schema resolver. Defaults to DefaultSchemaResolver. This is used by the serializer and deserializer classes.
Configuration for Kafka converters
public class SerdeBasedConverter<S, T> extends SchemaResolverConfigurer<S, T> implements Converter, Closeable {

   public static final String REGISTRY_CONVERTER_SERIALIZER_PARAM = "apicurio.registry.converter.serializer";
1 

   public static final String REGISTRY_CONVERTER_DESERIALIZER_PARAM = "apicurio.registry.converter.deserializer";
2
Copy to Clipboard Toggle word wrap
  1. The required serializer to use with the Apicurio Registry Kafka converter.
  2. The required deserializer to use with the Apicurio Registry Kafka converter.
Configuration for different schema types

For details on how to configure SerDes for different schema technologies, see the following:

10.2. Apicurio Registry serializer/deserializer configuration properties
링크 복사

This section provides reference information on Java configuration properties for Apicurio Registry Kafka serializers/deserializers (SerDes).

SchemaResolver interface

Apicurio Registry SerDes are based on the SchemaResolver interface, which abstracts access to the registry and applies the same lookup logic for the SerDes classes of all supported formats.

Expand
Table 10.1. Configuration property for SchemaResolver interface
ConstantPropertyDescriptionTypeDefault

SCHEMA_RESOLVER

apicurio.registry.schema-resolver

Used by serializers and deserializers. Fully-qualified Java classname that implements SchemaResolver.

String

io.apicurio.registry.resolver.DefaultSchemaResolver

Note

The DefaultSchemaResolver is recommended and provides useful features for most use cases. For some advanced use cases, you might use a custom implementation of SchemaResolver.

DefaultSchemaResolver class

You can use the DefaultSchemaResolver to configure features such as:

  • Access to the registry API
  • How to look up artifacts in the registry
  • How to write and read artifact information to and from Kafka
  • Fall-back options for deserializers
Configuration for registry API access options

The DefaultSchemaResolver provides the following properties to configure access to the core registry API:

Expand
Table 10.2. Configuration properties for access to registry API
ConstantPropertyDescriptionTypeDefault

REGISTRY_URL

apicurio.registry.url

Used by serializers and deserializers. URL to access the registry API.

String

None

AUTH_TOKEN_ENDPOINT

apicurio.registry.auth.service.token.endpoint

Used by serializers and deserializers. URL of the token endpoint.

String

None

AUTH_CLIENT_ID

apicurio.registry.auth.client.id

Used by serializers and deserializers. Client ID to access the authentication service. Required when accessing a secure registry using the OAuth client credentials flow.

String

None

AUTH_CLIENT_SECRET

apicurio.registry.auth.client.secret

Used by serializers and deserializers. Client secret to access the authentication service. Required when accessing a secure registry using the OAuth client credentials flow.

String

None

AUTH_USERNAME

apicurio.registry.auth.username

Used by serializers and deserializers. Username to access the registry. Required when accessing a secure registry using HTTP basic authentication.

String

None

AUTH_PASSWORD

apicurio.registy.auth.password

Used by serializers and deserializers. Password to access the registry. Required when accessing a secure registry using HTTP basic authentication.

String

None

Configuration for registry lookup options

The DefaultSchemaResolver uses the following properties to configure how to look up artifacts in Apicurio Registry.

Expand
Table 10.3. Configuration properties for registry artifact lookup
ConstantPropertyDescriptionTypeDefault

ARTIFACT_RESOLVER_STRATEGY

apicurio.registry.artifact-resolver-strategy

Used by serializers only. Fully-qualified Java classname that implements ArtifactReferenceResolverStrategy and maps each Kafka message to an ArtifactReference (groupId, artifactId, and version). For example, the default strategy uses the topic name as the schema artifactId.

String

io.apicurio.registry.serde.strategy.TopicIdStrategy

EXPLICIT_ARTIFACT_GROUP_ID

apicurio.registry.artifact.group-id

Used by serializers only. Sets the groupId used for querying or creating an artifact. Overrides the groupId returned by the ArtifactResolverStrategy.

String

None

EXPLICIT_ARTIFACT_ID

apicurio.registry.artifact.artifact-id

Used by serializers only. Sets the artifactId used for querying or creating an artifact. Overrides the artifactId returned by the ArtifactResolverStrategy.

String

None

EXPLICIT_ARTIFACT_VERSION

apicurio.registry.artifact.version

Used by serializers only. Sets the artifact version used for querying or creating an artifact. Overrides the version returned by the ArtifactResolverStrategy.

String

None

FIND_LATEST_ARTIFACT

apicurio.registry.find-latest

Used by serializers only. Specifies whether the serializer tries to find the latest artifact in the registry for the corresponding group ID and artifact ID.

boolean

false

AUTO_REGISTER_ARTIFACT

apicurio.registry.auto-register

Used by serializers only. Specifies whether the serializer tries to create an artifact in the registry. The JSON Schema serializer does not support this feature.

boolean, boolean String

false

DEREFERENCE_SCHEMA

apicurio.registry.dereference-schema

Used to indicate the serdes to dereference the schema. This is used in two different situation, once the schema is registered, instructs the serdes to ask the server for the schema dereferenced. It is also used to instruct the serializer to dereference the schema before registering it Registry, but this is only supported for Avro.

boolean

false

AUTO_REGISTER_ARTIFACT_IF_EXISTS

apicurio.registry.auto-register.if-exists

Used by serializers only. Configures the behavior of the client when there is a conflict creating an artifact because the artifact already exists. Available values are FAIL, UPDATE, RETURN, or RETURN_OR_UPDATE.

String

RETURN_OR_UPDATE

CHECK_PERIOD_MS

apicurio.registry.check-period-ms

Used by serializers and deserializers. Specifies how long to cache artifacts before auto-eviction (milliseconds). If set to zero, artifacts are fetched every time.

java.time.Duration, non-negative Number, or integer String

30000

RETRY_BACKOFF_MS

apicurio.registry.retry-backoff-ms

Used by serializers and deserializers. If a schema can not be be retrieved from the Registry, it may retry a number of times. This configuration option controls the delay between the retry attempts (milliseconds).

java.time.Duration, non-negative Number, or integer String

300

RETRY_COUNT

apicurio.registry.retry-count

Used by serializers and deserializers. If a schema can not be be retrieved from the Registry, it may retry a number of times. This configuration option controls the number of retry attempts.

non-negative Number, or integer String

3

USE_ID

apicurio.registry.use-id

Used by serializers and deserializers. Configures to use the specified IdOption as the identifier for artifacts. Options are globalId and contentId. Instructs the serializer to write the specified ID to Kafka, and instructs the deserializer to use this ID to find the schema.

String

contentId

Configuration to read/write registry artifacts in Kafka

The DefaultSchemaResolver uses the following properties to configure how artifact information is written to and read from Kafka.

Expand
Table 10.4. Configuration properties to read/write artifact information in Kafka
ConstantPropertyDescriptionTypeDefault

ENABLE_HEADERS

apicurio.registry.headers.enabled

Used by serializers and deserializers. Configures to read/write the artifact identifier to Kafka message headers instead of in the message payload.

boolean

false

HEADERS_HANDLER

apicurio.registry.headers.handler

Used by serializers and deserializers. Fully-qualified Java classname that implements HeadersHandler and writes/reads the artifact identifier to/from the Kafka message headers.

String

io.apicurio.registry.serde.headers.DefaultHeadersHandler

ID_HANDLER

apicurio.registry.id-handler

Used by serializers and deserializers. Fully-qualified Java classname of a class that implements IdHandler and writes/reads the artifact identifier to/from the message payload. Default to a 4 byte format that includes the contentId in the message payload.

String

io.apicurio.registry.serde.Default4ByteIdHandler

Configuration for deserializer fall-back options

The DefaultSchemaResolver uses the following property to configure a fall-back provider for all deserializers.

Expand
Table 10.5. Configuration property for deserializer fall-back provider
ConstantPropertyDescriptionTypeDefault

FALLBACK_ARTIFACT_PROVIDER

apicurio.registry.fallback.provider

Only used by deserializers. Sets a custom implementation of FallbackArtifactProvider for resolving the artifact used for deserialization. FallbackArtifactProvider configures a fallback artifact to fetch from the registry in case the lookup fails.

String

io.apicurio.registry.serde.fallback.DefaultFallbackArtifactProvider

The DefaultFallbackArtifactProvider uses the following properties to configure deserializer fall-back options:

Expand
Table 10.6. Configuration properties for deserializer fall-back options
ConstantPropertyDescriptionTypeDefault

FALLBACK_ARTIFACT_ID

apicurio.registry.fallback.artifact-id

Used by deserializers only. Sets the artifactId used as fallback for resolving the artifact used for deserialization.

String

None

FALLBACK_ARTIFACT_GROUP_ID

apicurio.registry.fallback.group-id

Used by deserializers only. Sets the groupId used as fallback for resolving the group used for deserialization.

String

None

FALLBACK_ARTIFACT_VERSION

apicurio.registry.fallback.version

Used by deserializers only. Sets the version used as fallback for resolving the artifact used for deserialization.

String

None

Additional resources

  • For more details, see the SerdeConfig Java class.
  • You can configure application properties as Java system properties or include them in the Quarkus application.properties file. For more details, see the Quarkus documentation.

10.3. How to configure different client serializer/deserializer types
링크 복사

When using schemas in your Kafka client applications, you must choose which specific schema type to use, depending on your use case. Apicurio Registry provides SerDe Java classes for Apache Avro, JSON Schema, and Google Protobuf. The following sections explain how to configure Kafka applications to use each type.

You can also use Kafka to implement custom serializer and deserializer classes, and leverage Apicurio Registry functionality using the Apicurio Registry REST Java client.

Kafka application configuration for serializers/deserializers

Using the SerDe classes provided by Apicurio Registry in your Kafka application involves setting the correct configuration properties. The following simple Avro examples show how to configure a serializer in a Kafka producer application and how to configure a deserializer in a Kafka consumer application.

Example serializer configuration in a Kafka producer

// Create the Kafka producer
private static Producer<Object, Object> createKafkaProducer() {
    Properties props = new Properties();

    // Configure standard Kafka settings
    props.putIfAbsent(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, SERVERS);
    props.putIfAbsent(ProducerConfig.CLIENT_ID_CONFIG, "Producer-" + TOPIC_NAME);
    props.putIfAbsent(ProducerConfig.ACKS_CONFIG, "all");

    // Use Apicurio Registry-provided Kafka serializer for Avro
    props.putIfAbsent(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, StringSerializer.class.getName());
    props.putIfAbsent(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, AvroKafkaSerializer.class.getName());

    // Configure the Apicurio Registry location
    props.putIfAbsent(SerdeConfig.REGISTRY_URL, REGISTRY_URL);

    // Register the schema artifact if not found in the registry.
    props.putIfAbsent(SerdeConfig.AUTO_REGISTER_ARTIFACT, Boolean.TRUE);

    // Create the Kafka producer
    Producer<Object, Object> producer = new KafkaProducer<>(props);
    return producer;
}
Copy to Clipboard Toggle word wrap

Example deserializer configuration in a Kafka consumer

// Create the Kafka consumer
private static KafkaConsumer<Long, GenericRecord> createKafkaConsumer() {
    Properties props = new Properties();

    // Configure standard Kafka settings
    props.putIfAbsent(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, SERVERS);
    props.putIfAbsent(ConsumerConfig.GROUP_ID_CONFIG, "Consumer-" + TOPIC_NAME);
    props.putIfAbsent(ConsumerConfig.ENABLE_AUTO_COMMIT_CONFIG, "true");
    props.putIfAbsent(ConsumerConfig.AUTO_COMMIT_INTERVAL_MS_CONFIG, "1000");
    props.putIfAbsent(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest");

    // Use Apicurio Registry-provided Kafka deserializer for Avro
    props.putIfAbsent(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class.getName());
    props.putIfAbsent(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, AvroKafkaDeserializer.class.getName());

    // Configure the Apicurio Registry location
    props.putIfAbsent(SerdeConfig.REGISTRY_URL, REGISTRY_URL);

    // No other configuration needed because the schema globalId the deserializer uses is sent
    // in the payload. The deserializer extracts the globalId and uses it to look up the schema
    // from the registry.

    // Create the Kafka consumer
    KafkaConsumer<Long, GenericRecord> consumer = new KafkaConsumer<>(props);
    return consumer;
}
Copy to Clipboard Toggle word wrap

10.3.1. Configure Avro SerDes with Apicurio Registry
링크 복사

This topic explains how to use the Kafka client serializer and deserializer (SerDes) classes for Apache Avro.

Apicurio Registry provides the following Kafka client SerDes classes for Avro:

  • io.apicurio.registry.serde.avro.AvroKafkaSerializer
  • io.apicurio.registry.serde.avro.AvroKafkaDeserializer

Configure the Avro serializer

You can configure the Avro serializer class with the following:

  • Apicurio Registry URL
  • Artifact resolver strategy
  • ID location
  • ID encoding
  • Avro datum provider
  • Avro encoding

ID location

The serializer passes the unique ID of the schema as part of the Kafka message so that consumers can use the correct schema for deserialization. The ID can be in the message payload or in the message headers. The default location is the message payload. To send the ID in the message headers, set the following configuration property: 

props.putIfAbsent(SerdeConfig.ENABLE_HEADERS, "true")
Copy to Clipboard Toggle word wrap

The property name is apicurio.registry.headers.enabled.

ID encoding

You can customize how the schema ID is encoded when passing it in the Kafka message body. Set the apicurio.registry.id-handler configuration property to a class that implements the io.apicurio.registry.serde.IdHandler interface. Apicurio Registry provides the following implementations:

  • io.apicurio.registry.serde.Default4ByteIdHandler: Stores the ID as an 4-byte long
  • io.apicurio.registry.serde.Legacy8ByteIdHandler: Stores the ID as an 8-byte integer

Apicurio Registry represents the schema ID as a long, but for legacy reasons, or for compatibility with other registries or SerDe classes, you might want to use 4 bytes when sending the ID.

Avro datum provider

Avro provides different datum writers and readers to write and read data. Apicurio Registry supports three different types:

  • Generic
  • Specific
  • Reflect

The Apicurio Registry AvroDatumProvider is the abstraction of which type is used, where DefaultAvroDatumProvider is used by default.

You can set the following configuration options:

  • apicurio.registry.avro-datum-provider: Specifies a fully-qualified Java class name of the AvroDatumProvider implementation, for example io.apicurio.registry.serde.avro.ReflectAvroDatumProvider
  • apicurio.registry.use-specific-avro-reader: Set to true to use a specific type when using DefaultAvroDatumProvider

Avro encoding

When using Avro to serialize data, you can use the Avro binary encoding format to ensure the data is encoded in as efficient a format as possible. Avro also supports encoding the data as JSON, which makes it easier to inspect the payload of each message, for example, for logging or debugging.

You can set the Avro encoding by configuring the apicurio.registry.avro.encoding property with a value of JSON or BINARY. The default is BINARY.

Configure the Avro deserializer

You must configure the Avro deserializer class to match the following configuration settings of the serializer:

  • Apicurio Registry URL
  • ID encoding
  • Avro datum provider
  • Avro encoding

See the serializer section for these configuration options. The property names and values are the same.

Note

The following options are not required when configuring the deserializer:

  • Artifact resolver strategy
  • ID location

The deserializer class can determine the values for these options from the message. The strategy is not required because the serializer is responsible for sending the ID as part of the message.

The ID location is determined by checking for the magic byte at the start of the message payload. If that byte is found, the ID is read from the message payload using the configured handler. If the magic byte is not found, the ID is read from the message headers.

Avro SerDes and artifact references

When working with Avro messages and a schema with nested records, a new artifact is registered per nested record. For example, the following TradeKey schema includes a nested Exchange schema:

TradeKey schema with nested Exchange schema

{
  "namespace": "com.kubetrade.schema.trade",
  "type": "record",
  "name": "TradeKey",
  "fields": [
    {
      "name": "exchange",
      "type": "com.kubetrade.schema.common.Exchange"
    },
    {
      "name": "key",
      "type": "string"
    }
  ]
}
Copy to Clipboard Toggle word wrap

Exchange schema

{
  "namespace": "com.kubetrade.schema.common",
  "type": "enum",
  "name": "Exchange",
  "symbols" : ["GEMINI"]
}
Copy to Clipboard Toggle word wrap

When using these schemas with Avro SerDes, two artifacts are created in Apicurio Registry, one for the TradeKey schema and one for the Exchange schema. Whenever a message using the TradeKey schema is serialized or deserialized, both schemas are retrieved, allowing you to split your definitions into different files.

10.3.2. Configure JSON Schema SerDes with Apicurio Registry
링크 복사

This topic explains how to use the Kafka client serializer and deserializer (SerDes) classes for JSON Schema.

Apicurio Registry provides the following Kafka client SerDes classes for JSON Schema:

  • io.apicurio.registry.serde.jsonschema.JsonSchemaKafkaSerializer
  • io.apicurio.registry.serde.jsonschema.JsonSchemaKafkaDeserializer

Unlike Apache Avro, JSON Schema is not a serialization technology, but is instead a validation technology. As a result, configuration options for JSON Schema are quite different. For example, there is no encoding option, because data is always encoded as JSON.

Configure the JSON Schema serializer

You can configure the JSON Schema serializer class as follows:

  • Apicurio Registry URL
  • Artifact resolver strategy
  • Schema validation

The only non-standard configuration property is JSON Schema validation, which is enabled by default. You can disable this by setting apicurio.registry.serde.validation-enabled to "false". For example: 

props.putIfAbsent(SerdeConfig.VALIDATION_ENABLED, Boolean.FALSE)
Copy to Clipboard Toggle word wrap

Configure the JSON Schema deserializer

You can configure the JSON Schema deserializer class as follows:

  • Apicurio Registry URL
  • Schema validation
  • Class for deserializing data

You must provide the location of Apicurio Registry so that the schema can be loaded. The other configuration is optional.

Note

Deserializer validation only works if the serializer passes the global ID in the Kafka message, which will only happen when validation is enabled in the serializer.

JSON Schema SerDes and artifact references

The JSON Schema SerDes cannot discover the schema from the message payload, so the schema artifact must be registered beforehand, and this also applies artifact references.

Depending on the content of the schema, if the $ref value is a URL, the SerDes try to resolve the referenced schema using that URL, and then validation works as usual, validating the data against the main schema, and validating the nested value against the nested schema. Support for referencing artifacts in Apicurio Registry has also been implemented.

For example, the following citizen.json schema references the city.json schema:

citizen.json schema with reference to city.json schema

{
 "$id": "https://example.com/citizen.schema.json",
 "$schema": "http://json-schema.org/draft-07/schema#",
 "title": "Citizen",
 "type": "object",
 "properties": {
   "firstName": {
     "type": "string",
     "description": "The citizen's first name."
   },
   "lastName": {
     "type": "string",
     "description": "The citizen's last name."
   },
   "age": {
     "description": "Age in years which must be equal to or greater than zero.",
     "type": "integer",
     "minimum": 0
   },
   "city": {
     "$ref": "city.json"
   }
 }
}
Copy to Clipboard Toggle word wrap

city.json schema

{
 "$id": "https://example.com/city.schema.json",
 "$schema": "http://json-schema.org/draft-07/schema#",
 "title": "City",
 "type": "object",
 "properties": {
   "name": {
     "type": "string",
     "description": "The city's name."
   },
   "zipCode": {
     "type": "integer",
     "description": "The zip code.",
     "minimum": 0
   }
 }
}
Copy to Clipboard Toggle word wrap

In this example, a given citizen has a city. In Apicurio Registry, a citizen artifact with a reference to the city artifact is created using the name city.json. In the SerDes, when the citizen schema is fetched, the city schema is also fetched because it is referenced from the citizen schema. When serializing/deserializing data, the reference name is used to resolve the nested schema, allowing validation against the citizen schema and the nested city schema.

10.3.3. Configure Protobuf SerDes with Apicurio Registry
링크 복사

This topic explains how to use the Kafka client serializer and deserializer (SerDes) classes for Google Protobuf.

Apicurio Registry provides the following Kafka client SerDes classes for Protobuf:

  • io.apicurio.registry.serde.protobuf.ProtobufKafkaSerializer
  • io.apicurio.registry.serde.protobuf.ProtobufKafkaDeserializer

Configure the Protobuf serializer

You can configure the Protobuf serializer class as follows:

  • Apicurio Registry URL
  • Artifact resolver strategy
  • ID location
  • ID encoding
  • Schema validation

For details on these configuration options, see the following sections:

Configure the Protobuf deserializer

You must configure the Protobuf deserializer class to match the following configuration settings in the serializer:

  • Apicurio Registry URL
  • ID encoding

The configuration property names and values are the same as for the serializer.

Note

The following options are not required when configuring the deserializer:

  • Artifact resolver strategy
  • ID location

The deserializer class can determine the values for these options from the message. The strategy is not required because the serializer is responsible for sending the ID as part of the message.

The ID location is determined by checking for the magic byte at the start of the message payload. If that byte is found, the ID is read from the message payload using the configured handler. If the magic byte is not found, the ID is read from the message headers.

Note

The Protobuf deserializer does not deserialize to your exact Protobuf Message implementation, but rather to a DynamicMessage instance. There is no appropriate API to do otherwise.

Protobuf SerDes and artifact references

When a complex Protobuf message with an import statement is used, the imported Protobuf messages are stored in Apicurio Registry as separate artifacts. Then when Apicurio Registry gets the main schema to check a Protobuf message, the referenced schemes are also retrieved so the full message schema can be checked and serialized.

For example, the following table_info.proto schema file includes the imported mode.proto schema file:

table_info.proto file with imported mode.proto file

syntax = "proto3";
package sample;
option java_package = "io.api.sample";
option java_multiple_files = true;

import "sample/mode.proto";

message TableInfo {

 int32 winIndex = 1;
 Mode mode = 2;
 int32 min = 3;
 int32 max = 4;
 string id = 5;
 string dataAdapter = 6;
 string schema = 7;
 string selector = 8;
 string subscription_id = 9;
}
Copy to Clipboard Toggle word wrap

mode.proto file

syntax = "proto3";
package sample;
option java_package = "io.api.sample";
option java_multiple_files = true;

enum Mode {

MODE_UNKNOWN = 0;
RAW = 1;
MERGE = 2;
DISTINCT = 3;
COMMAND = 4;
}
Copy to Clipboard Toggle word wrap

In this example, two Protobuf artifacts are stored in Apicurio Registry, one for TableInfo and one for Mode. However, because Mode is part of TableInfo, whenever TableInfo is fetched to check a message in the SerDes, Mode is also returned as an artifact referenced by TableInfo.

Chapter 11. Apicurio Registry artifact reference
링크 복사

This chapter provides reference information on the supported artifact types, states, and metadata that are stored in Apicurio Registry.

11.1. Apicurio Registry artifact types
링크 복사

You can store and manage a wide range of schema and API artifact types in Apicurio Registry.

Expand
Table 11.1. Apicurio Registry artifact types
TypeDescriptionSupported versions

ASYNCAPI

AsyncAPI specification

2.0.02.0.6, 3.0.0

AVRO

Apache Avro schema

1.01.12,

GRAPHQL

GraphQL schema

*

JSON

JSON Schema

draft-04, draft-07, 2019-09, 2020-12

KCONNECT

Apache Kafka Connect schema

2.0.0

OPENAPI

OpenAPI specification

2.0.0, 3.0.03.0.3, 3.1.0

PROTOBUF

Google protocol buffers schema

proto2, proto3

WSDL

Web Services Definition Language

http://schemas.xmlsoap.org/wsdl/

XML

Extensible Markup Language

 

XSD

XML Schema Definition

http://www.w3.org/2001/XMLSchema

11.2. Apicurio Registry artifact version states
링크 복사

The valid artifact version states in Apicurio Registry are ENABLED, DISABLED, and DEPRECATED.

Expand
Table 11.2. Apicurio Registry artifact version states
StateDescription

ENABLED

Basic state, all the operations are available.

DISABLED

The artifact version metadata is viewable and searchable using the Apicurio Registry web console, but its content cannot be fetched by any client.

DEPRECATED

The artifact version is fully usable but a header is added to the REST API response whenever the artifact version content is fetched.

11.3. Apicurio Registry group metadata
링크 복사

When a group is created in Apicurio Registry, a set of metadata properties is created and stored. This metadata consists of system-generated or user-generated properties that are read-only, and editable properties that you can update after the group is created.

Expand
Table 11.3. Apicurio Registry system-generated metadata
PropertyTypeDescription

owner

string

The name of the user who created the group.

createdOn

date

The date and time when the group was created, for example, 2023-10-11T14:15:28Z.

modifiedBy

string

The name of the user who modified the group.

modifiedOn

date

The date and time at which the group was modified, for example, 2023-10-11T14:15:28Z.

Expand
Table 11.4. Apicurio Registry user-provided or system-generated metadata
PropertyTypeDescription

groupId

string

Unique identifier of the artifact group in Apicurio Registry, for example, development or production.

Expand
Table 11.5. Apicurio Registry editable metadata
PropertyTypeDescription

description

string

Optional meaningful description of the group, for example, This is a simple group for testing.

labels

map

Optional list of user-defined name-value pairs associated with the group. The name and value must be strings, for example, my-key and my-value.

Updating group metadata

  • You can use the Apicurio Registry REST API or web console to update the set of editable metadata properties.
  • You can update the state property only by using the Apicurio Registry REST API.

11.4. Apicurio Registry artifact metadata
링크 복사

When an artifact is added to Apicurio Registry, a set of metadata properties is created and stored. This metadata consists of system-generated or user-generated properties that are read-only, and editable properties that you can update after the artifact is created.

Expand
Table 11.6. Apicurio Registry system-generated metadata
PropertyTypeDescription

createdOn

date

The date and time when the artifact was created, for example, 2023-10-11T14:15:28Z.

globalId

integer

Globally unique identifier of an artifact version in Apicurio Registry. For example, a global ID of 1 is assigned to the first artifact version created in Apicurio Registry.

modifiedBy

string

The name of the user who modified the artifact.

modifiedOn

date

The date and time at which the artifact was modified, for example, 2023-10-11T14:15:28Z.

Expand
Table 11.7. Apicurio Registry user-provided or system-generated metadata
PropertyTypeDescription

groupId

string

Unique identifier of an artifact group in Apicurio Registry, for example, development or production. When creating an artifact by using the Apicurio Registry web console, if you do not provide a group ID, this is set to default. You must provide a group ID when using the Apicurio Registry REST API, Java client, or Maven plug-in.

artifactId

string

Unique identifier of an artifact in Apicurio Registry. You can provide an artifact ID or use the UUID generated by Apicurio Registry, for example, 8d168cad-1865-4e6c-bb7e-04e8be005bea. Different versions of an artifact use the same artifact ID, but have different global IDs.

artifactType

ArtifactType

The supported artifact type, for example, AVRO, OPENAPI, or PROTOBUF.

Expand
Table 11.8. Apicurio Registry editable metadata
PropertyTypeDescription

name

string

Optional human-readable name of the artifact, for example, My first Avro schema.

description

string

Optional meaningful description of the artifact, for example, This is a simple OpenAPI for testing.

labels

map

Optional list of user-defined name-value pairs associated with the artifact. The name and value must be strings, for example, my-key and my-value.

owner

string

The name of the user who owns the artifact.

Updating artifact metadata

  • You can use the Apicurio Registry REST API or web console to update the set of editable metadata properties.

11.5. Apicurio Registry artifact version metadata
링크 복사

When an artifact version is added to a Apicurio Registry artifact, a set of metadata properties is created and stored along with the artifact version content. This metadata consists of system-generated or user-generated properties that are read-only, and editable properties that you can update after the artifact version is created.

Expand
Table 11.9. Apicurio Registry system-generated metadata
PropertyTypeDescription

owner

string

The name of the user who created the artifact version.

createdOn

date

The date and time when the artifact version was created, for example, 2023-10-11T14:15:28Z.

modifiedBy

string

The user who modified the artifact version.

modifiedOn

date

The date and time at which the artifact version was modified, for example, 2023-10-11T14:15:28Z.

contentId

integer

Unique identifier of artifact version content in Apicurio Registry. The same content ID can be shared by multiple artifact versions when artifact versions have identical content. For example, a content ID of 4 can be used by multiple artifact versions with the same content, even across multiple artifacts.

globalId

integer

Globally unique identifier of an artifact version in Apicurio Registry. For example, a global ID of 1 is assigned to the first artifact version created in Apicurio Registry.

Expand
Table 11.10. Apicurio Registry user-provided or system-generated metadata
PropertyTypeDescription

groupId

string

Unique identifier of an artifact group in Apicurio Registry, for example, development or production.

artifactId

string

Unique identifier of an artifact in Apicurio Registry.

version

integer

The version string of the artifact version. If not provided, the system will generate a new sequential version. You can provide a version when using the Apicurio Registry REST API, SDKs, or Maven plug-in, for example, 2.1.6.

Expand
Table 11.11. Apicurio Registry editable metadata
PropertyTypeDescription

name

string

Optional human-readable name of the artifact version, for example, Version One.

description

string

Optional meaningful description of the artifact version, for example, This is the first version for testing.

labels

map

Optional list of user-defined name-value pairs associated with the artifact version. The name and value must be strings, for example, my-key and my-value.

state

ArtifactState

The state of the artifact version: ENABLED, DISABLED, or DEPRECATED. Defaults to ENABLED.

Updating artifact version metadata

  • You can use the Apicurio Registry REST API or web console to update the set of editable metadata properties.
  • You can update the state property only by using the Apicurio Registry REST API.

Chapter 12. Apicurio Registry content rule reference
링크 복사

This chapter provides reference information on the supported content rule types, their level of support for artifact types, and order of precedence of artifact-specific and global rules.

12.1. Apicurio Registry content rule types
링크 복사

You can specify VALIDITY, COMPATIBILITY, and INTEGRITY rule types to govern content evolution in Apicurio Registry. Theses rule types apply to both global rules and artifact-specific rules.

Expand
Table 12.1. Apicurio Registry content rule types
TypeDescription

VALIDITY

Validate content before adding it to Apicurio Registry. The possible configuration values for this rule are as follows:

  • FULL: The validation is both syntax and semantic.
  • SYNTAX_ONLY: The validation is syntax only.
  • NONE: All validation checks are disabled.

COMPATIBILITY

Enforce a compatibility level when updating artifacts (for example, select BACKWARD for backwards compatibility). Ensures that new artifacts are compatible with previously added artifact versions or clients. The possible configuration values for this rule are as follows:

  • FULL: The new artifact is forward and backward compatible with the most recently added artifact.
  • FULL_TRANSITIVE: The new artifact is forward and backward compatible with all previously added artifacts.
  • BACKWARD: Clients using the new artifact can read data written using the most recently added artifact.
  • BACKWARD_TRANSITIVE: Clients using the new artifact can read data written using all previously added artifacts.
  • FORWARD: Clients using the most recently added artifact can read data written using the new artifact.
  • FORWARD_TRANSITIVE: Clients using all previously added artifacts can read data written using the new artifact.
  • NONE: All backward and forward compatibility checks are disabled.

INTEGRITY

Enforce artifact reference integrity when creating or updating artifacts. Enable and configure this rule to ensure that any artifact references provided are correct. The possible configuration values for this rule are as follows:

  • FULL: All artifact reference integrity checks are enabled.
  • NO_DUPLICATES: Detect if there are any duplicate artifact references.
  • REFS_EXIST: Detect if there are any references to non-existent artifacts.
  • ALL_REFS_MAPPED: Ensure that all artifact references are mapped.
  • NONE: All artifact reference integrity checks are disabled.

12.2. Apicurio Registry content rule maturity
링크 복사

Not all content rules are fully implemented for every artifact type supported by Apicurio Registry. The following table shows the current maturity level for each rule and artifact type:

Expand
Table 12.2. Apicurio Registry content rule maturity matrix
Artifact typeValidity ruleCompatibility ruleIntegrity rule

Avro

Full

Full

Full

Protobuf

Full

Full

Full

JSON Schema

Full

Full

Mapping detection not supported

OpenAPI

Full

Full

Full

AsyncAPI

Syntax Only

None

Full

GraphQL

Syntax Only

None

Mapping detection not supported

Kafka Connect

Syntax Only

None

Mapping detection not supported

WSDL

Full

None

Mapping detection not supported

XML

Full

None

Mapping detection not supported

XSD

Full

None

Mapping detection not supported

12.3. Apicurio Registry content rule precedence
링크 복사

When you add or update an artifact, Apicurio Registry applies rules to check the validity, compatibility, or integrity of the artifact content. Configured artifact-specific rules override the equivalent configured global rules, as shown in the following table.

Expand
Table 12.3. Apicurio Registry content rule precedence
Artifact-specific ruleGlobal ruleRule applied to this artifactGlobal rule available for other artifacts?

Enabled

Enabled

Artifact-specific

Yes

Disabled

Enabled

Global

Yes

Disabled

Disabled

None

No

Enabled, set to None

Enabled

None

Yes

Disabled

Enabled, set to None

None

No

Chapter 13. Apicurio Registry configuration reference
링크 복사

This chapter provides reference information on the configuration options that are available for Apicurio Registry.

Additional resources

13.1. Apicurio Registry configuration options
링크 복사

The following Apicurio Registry configuration options are available for each component category:

13.1.1. api
링크 복사

Expand
Table 13.1. api configuration options
NameTypeDefaultAvailable fromDescription

apicurio.api.errors.include-stack-in-response

boolean

false

2.1.4.Final

Include stack trace in errors responses

apicurio.apis.v3.base-href

string

_

2.5.0.Final

API base href (URI)

apicurio.disable.apis

optional<list<string>>

 

2.0.0.Final

Disable APIs

13.1.2. auth
링크 복사

Expand
Table 13.2. auth configuration options
NameTypeDefaultAvailable fromDescription

apicurio.auth.admin-override.claim

string

org-admin

2.1.0.Final

Auth admin override claim

apicurio.auth.admin-override.claim-value

string

true

2.1.0.Final

Auth admin override claim value

apicurio.auth.admin-override.enabled

boolean

false

2.1.0.Final

Auth admin override enabled

apicurio.auth.admin-override.from

string

token

2.1.0.Final

Auth admin override from

apicurio.auth.admin-override.role

string

sr-admin

2.1.0.Final

Auth admin override role

apicurio.auth.admin-override.type

string

role

2.1.0.Final

Auth admin override type

apicurio.auth.admin-override.user

string

admin

3.0.0

Auth admin override user name

apicurio.auth.anonymous-read-access.enabled

boolean [dynamic]

false

2.1.0.Final

Anonymous read access

apicurio.auth.authenticated-read-access.enabled

boolean [dynamic]

false

2.1.4.Final

Authenticated read access

apicurio.auth.owner-only-authorization

boolean [dynamic]

false

2.0.0.Final

Artifact owner-only authorization

apicurio.auth.owner-only-authorization.limit-group-access

boolean [dynamic]

false

2.1.0.Final

Artifact group owner-only authorization

apicurio.auth.role-based-authorization

boolean

false

2.1.0.Final

Enable role based authorization

apicurio.auth.role-source

string

token

2.1.0.Final

Auth roles source

apicurio.auth.role-source.header.name

string

 

2.4.3.Final

Header authorization name

apicurio.auth.roles.admin

string

sr-admin

2.0.0.Final

Auth roles admin

apicurio.auth.roles.developer

string

sr-developer

2.1.0.Final

Auth roles developer

apicurio.auth.roles.readonly

string

sr-readonly

2.1.0.Final

Auth roles readonly

apicurio.authn.audit.log.prefix

string

audit

2.2.6

Prefix used for application audit logging.

apicurio.authn.basic-client-credentials.cache-expiration

integer

10

2.2.6.Final

Default client credentials token expiration time in minutes.

apicurio.authn.basic-client-credentials.cache-expiration-offset

integer

10

2.5.9.Final

Client credentials token expiration offset from JWT expiration, in seconds.

apicurio.authn.basic-client-credentials.enabled

boolean [dynamic]

false

2.1.0.Final

Enable basic auth client credentials

apicurio.authn.basic.scope

optional<string>

 

2.5.0.Final

Client credentials scope.

quarkus.http.auth.basic

boolean

false

3.0.0

Enable basic auth

quarkus.oidc.client-id

string

 

2.0.0.Final

Client identifier used by the server for authentication.

quarkus.oidc.client-secret

optional<string>

 

2.1.0.Final

Client secret used by the server for authentication.

quarkus.oidc.tenant-enabled

boolean

false

2.0.0.Final

Enable auth

quarkus.oidc.token-path

string

 

2.1.0.Final

Authentication server token endpoint.

13.1.3. cache
링크 복사

Expand
Table 13.3. cache configuration options
NameTypeDefaultAvailable fromDescription

apicurio.config.cache.enabled

boolean

true

2.2.2.Final

Registry cache enabled

13.1.4. ccompat
링크 복사

Expand
Table 13.4. ccompat configuration options
NameTypeDefaultAvailable fromDescription

apicurio.ccompat.group-concat.enabled

boolean

false

2.6.2.Final

Enable group support via concatenation in subject (compatibility API)

apicurio.ccompat.group-concat.separator

string

:

2.6.2.Final

Separator to use when group concatenation is enabled (compatibility API)

apicurio.ccompat.legacy-id-mode.enabled

boolean [dynamic]

false

2.0.2.Final

Legacy ID mode (compatibility API)

apicurio.ccompat.max-subjects

integer [dynamic]

1000

2.4.2.Final

Maximum number of Subjects returned (compatibility API)

apicurio.ccompat.use-canonical-hash

boolean [dynamic]

false

2.3.0.Final

Canonical hash mode (compatibility API)

13.1.5. download
링크 복사

Expand
Table 13.5. download configuration options
NameTypeDefaultAvailable fromDescription

apicurio.download.href.ttl.seconds

long [dynamic]

30

2.1.2.Final

Download link expiry

13.1.6. gitops
링크 복사

Expand
Table 13.6. gitops configuration options
NameTypeDefaultAvailable fromDescription

apicurio.gitops.id

string

 

3.0.0

Identifier of this Registry instance. Only data that references this identifier will be loaded.

apicurio.gitops.repo.origin.branch

string

main

3.0.0

Name of the branch in the remote git repository containing data to be loaded.

apicurio.gitops.repo.origin.uri

string

 

3.0.0

URI of the remote git repository containing data to be loaded.

apicurio.gitops.workdir

string

/tmp/apicurio-registry-gitops

3.0.0

Path to GitOps working directory, which is used to store the local git repository.

13.1.7. health
링크 복사

Expand
Table 13.7. health configuration options
NameTypeDefaultAvailable fromDescription

apicurio.liveness.errors.ignored

optional<list<string>>

 

1.2.3.Final

Ignored liveness errors

apicurio.metrics.persistence-exception-liveness-check.counter-reset-window-duration.seconds

integer

60

1.0.2.Final

Counter reset window duration of persistence liveness check

apicurio.metrics.persistence-exception-liveness-check.error-threshold

integer

1

1.0.2.Final

Error threshold of persistence liveness check

apicurio.metrics.persistence-exception-liveness-check.logging.disabled

boolean

false

2.0.0.Final

Disable logging of persistence liveness check

apicurio.metrics.persistence-exception-liveness-check.status-reset-window-duration.seconds

integer

300

1.0.2.Final

Status reset window duration of persistence liveness check

apicurio.metrics.persistence-timeout-readiness-check.error-threshold

integer

5

1.0.2.Final

Error threshold of persistence readiness check

apicurio.metrics.persistence-timeout-readiness-check.timeout.seconds

integer

15

1.0.2.Final

Timeout of persistence readiness check

apicurio.metrics.persitence-timeout-readiness-check.status-reset-window-duration.seconds

integer

300

1.0.2.Final

Status reset window duration of persistence readiness check

apicurio.metrics.resonse-error-liveness-check.counter-reset-window-duration.seconds

integer

60

1.0.2.Final

Counter reset window duration of response liveness check

apicurio.metrics.response-error-liveness-check.counter-reset-window-duration.seconds

integer

60

1.0.2.Final

Counter reset window duration of persistence readiness check

apicurio.metrics.response-error-liveness-check.disabled

boolean

false

2.0.0.Final

Disable logging of response liveness check

apicurio.metrics.response-error-liveness-check.error-threshold

integer

1

1.0.2.Final

Error threshold of response liveness check

apicurio.metrics.response-error-liveness-check.status-reset-window-duration.seconds

integer

300

1.0.2.Final

Status reset window duration of response liveness check

apicurio.metrics.response-timeout-readiness-check.counter-reset-window-duration.seconds

instance<integer>

60

1.0.2.Final

Counter reset window duration of response readiness check

apicurio.metrics.response-timeout-readiness-check.error-threshold

instance<integer>

1

1.0.2.Final

Error threshold of response readiness check

apicurio.metrics.response-timeout-readiness-check.timeout.seconds

instance<integer>

10

1.0.2.Final

Timeout of response readiness check

apicurio.metrics.response-timeout-rediness-check.status-reset-window-duration.seconds

instance<integer>

300

1.0.2.Final

Status reset window duration of response readiness check

apicurio.storage.metrics.cache.check-period.ms

long

30000

2.1.0.Final

Storage metrics cache check period

13.1.8. import
링크 복사

Expand
Table 13.8. import configuration options
NameTypeDefaultAvailable fromDescription

apicurio.import.preserveContentId

boolean

true

3.0.0

When set to true, content IDs from the import file will be used (otherwise new IDs will be generated). Defaults to 'true'.

apicurio.import.preserveGlobalId

boolean

true

3.0.0

When set to true, global IDs from the import file will be used (otherwise new IDs will be generated). Defaults to 'true'.

apicurio.import.requireEmptyRegistry

boolean

true

3.0.0

When set to true, importing data will only work when the registry is empty. Defaults to 'true'.

apicurio.import.url

optional<url>

 

2.1.0.Final

The import URL

apicurio.import.work-dir

string

 

3.0.0

Temporary work directory to use when importing data.

13.1.9. limits
링크 복사

Expand
Table 13.9. limits configuration options
NameTypeDefaultAvailable fromDescription

apicurio.limits.config.max-artifact-labels

long

-1

2.2.3.Final

Max artifact labels

apicurio.limits.config.max-artifact-properties

long

-1

2.1.0.Final

Max artifact properties

apicurio.limits.config.max-artifacts

long

-1

2.1.0.Final

Max artifacts

apicurio.limits.config.max-description-length

long

-1

2.1.0.Final

Max artifact description length

apicurio.limits.config.max-label-size.bytes

long

-1

2.1.0.Final

Max artifact label size

apicurio.limits.config.max-name-length

long

-1

2.1.0.Final

Max artifact name length

apicurio.limits.config.max-property-key-size.bytes

long

-1

2.1.0.Final

Max artifact property key size

apicurio.limits.config.max-property-value-size.bytes

long

-1

2.1.0.Final

Max artifact property value size

apicurio.limits.config.max-requests-per-second

long

-1

2.2.3.Final

Max artifact requests per second

apicurio.limits.config.max-schema-size.bytes

long

-1

2.2.3.Final

Max schema size (bytes)

apicurio.limits.config.max-total-schemas

long

-1

2.1.0.Final

Max total schemas

apicurio.limits.config.max-versions-per-artifact

long

-1

2.1.0.Final

Max versions per artifacts

apicurio.storage.metrics.cache.max-size

long

1000

2.4.1.Final

Storage metrics cache max size.

13.1.10. redirects
링크 복사

Expand
Table 13.10. redirects configuration options
NameTypeDefaultAvailable fromDescription

apicurio.redirects

map<string, string>

 

2.1.2.Final

Registry redirects

apicurio.redirects.enabled

boolean

 

2.1.2.Final

Enable redirects

apicurio.url.override.host

optional<string>

 

2.5.0.Final

Override the hostname used for generating externally-accessible URLs. The host and port overrides are useful when deploying Registry with HTTPS passthrough Ingress or Route. In cases like these, the request URL (and port) that is then re-used for redirection does not belong to actual external URL used by the client, because the request is proxied. The redirection then fails because the target URL is not reachable.

apicurio.url.override.port

optional<integer>

 

2.5.0.Final

Override the port used for generating externally-accessible URLs.

13.1.11. rest
링크 복사

Expand
Table 13.11. rest configuration options
NameTypeDefaultAvailable fromDescription

apicurio.rest.artifact.download.max-size.bytes

int

1000000

2.2.6

Max size of the artifact allowed to be downloaded from URL

apicurio.rest.artifact.download.ssl-validation.disabled

boolean

false

2.2.6

Skip SSL validation when downloading artifacts from URL

apicurio.rest.deletion.artifact-version.enabled

boolean [dynamic]

false

2.4.2

Enables artifact version deletion

apicurio.rest.deletion.artifact.enabled

boolean [dynamic]

false

3.0.0

Enables artifact deletion

apicurio.rest.deletion.group.enabled

boolean [dynamic]

false

3.0.0

Enables group deletion

apicurio.rest.mutability.artifact-version-content.enabled

boolean [dynamic]

false

3.0.2

Enables artifact version mutability

apicurio.rest.search-results.labels.max-size.bytes

int

512

3.0.3

Max size of the labels (in bytes) per item from within search results

13.1.12. semver
링크 복사

Expand
Table 13.12. semver configuration options
NameTypeDefaultAvailable fromDescription

apicurio.semver.branching.coerce

boolean [dynamic]

false

3.0.0

If true, invalid versions will be coerced to Semantic Versioning 2 format (https://semver.org) if possible.

apicurio.semver.branching.enabled

boolean [dynamic]

false

3.0.0

Automatically create or update branches for major ('A.x') and minor ('A.B.x') artifact versions.

apicurio.semver.validation.enabled

boolean [dynamic]

false

3.0.0

Validate that all artifact versions conform to Semantic Versioning 2 format (https://semver.org).

13.1.13. storage
링크 복사

Expand
Table 13.13. storage configuration options
NameTypeDefaultAvailable fromDescription

apicurio.datasource.blue.db-kind

string

h2

3.0.0

Gitops blue datasource db kind

apicurio.datasource.blue.jdbc.initial-size

string

20

3.0.0

Gitops blue datasource pool initial size

apicurio.datasource.blue.jdbc.max-size

string

100

3.0.0

Gitops blue datasource pool max size

apicurio.datasource.blue.jdbc.min-size

string

20

3.0.0

Gitops blue datasource pool minimum size

apicurio.datasource.blue.jdbc.url

string

jdbc:h2:mem:registry_db

3.0.0

Gitops blue datasource jdbc url

apicurio.datasource.blue.password

string

sa

3.0.0

Gitops blue datasource password

apicurio.datasource.blue.username

string

sa

3.0.0

Gitops blue datasource username

apicurio.datasource.green.db-kind

string

h2

3.0.0

Gitops green datasource db kind

apicurio.datasource.green.jdbc.initial-size

string

20

3.0.0

Gitops green datasource pool initial size

apicurio.datasource.green.jdbc.max-size

string

100

3.0.0

Gitops green datasource pool max size

apicurio.datasource.green.jdbc.min-size

string

20

3.0.0

Gitops green datasource pool minimum size

apicurio.datasource.green.jdbc.url

string

jdbc:h2:mem:registry_db

3.0.0

Gitops green datasource jdbc url

apicurio.datasource.green.password

string

sa

3.0.0

Gitops green datasource password

apicurio.datasource.green.username

string

sa

3.0.0

Gitops green datasource username

apicurio.events.kafka.topic

string

registry-events

 

Storage event topic

apicurio.kafkasql.bootstrap.servers

string

  

Kafka sql storage bootstrap servers

apicurio.kafkasql.consumer.group-prefix

string

apicurio-

 

Kafka sql storage prefix for consumer group name

apicurio.kafkasql.consumer.poll.timeout

integer

5000

 

Kafka sql storage consumer poll timeout

apicurio.kafkasql.coordinator.response-timeout

integer

30000

 

Kafka sql storage coordinator response timeout

apicurio.kafkasql.security.protocol

optional<string>

  

Kafka sql storage security protocol

apicurio.kafkasql.security.sasl.client-id

string

  

Kafka sql storage sasl client identifier

apicurio.kafkasql.security.sasl.client-secret

string

  

Kafka sql storage sasl client secret

apicurio.kafkasql.security.sasl.enabled

boolean

false

 

Kafka sql storage sasl enabled

apicurio.kafkasql.security.sasl.login.callback.handler.class

string

  

Kafka sql storage sasl login callback handler

apicurio.kafkasql.security.sasl.mechanism

string

  

Kafka sql storage sasl mechanism

apicurio.kafkasql.security.sasl.token.endpoint

string

  

Kafka sql storage sasl token endpoint

apicurio.kafkasql.security.ssl.truststore.location

optional<string>

  

Kafka sql storage ssl truststore location

apicurio.kafkasql.security.ssl.truststore.type

optional<string>

  

Kafka sql storage ssl truststore type

apicurio.kafkasql.snapshot.every.seconds

string

86400s

3.0.0

Kafka sql journal topic snapshot every

apicurio.kafkasql.snapshots.topic

string

kafkasql-snapshots

3.0.0

Kafka sql storage topic name

apicurio.kafkasql.ssl.key.password

optional<string>

  

Kafka sql storage ssl key password

apicurio.kafkasql.ssl.keystore.location

optional<string>

  

Kafka sql storage ssl keystore location

apicurio.kafkasql.ssl.keystore.password

optional<string>

  

Kafka sql storage ssl keystore password

apicurio.kafkasql.ssl.keystore.type

optional<string>

  

Kafka sql storage ssl keystore type

apicurio.kafkasql.ssl.truststore.password

optional<string>

  

Kafka sql storage ssl truststore password

apicurio.kafkasql.topic

string

kafkasql-journal

 

Kafka sql storage topic name

apicurio.kafkasql.topic.auto-create

boolean

true

 

Kafka sql storage topic auto create

apicurio.sql.db-schema

string

*

3.0.6

Database schema name (only needed when running two instances of Registry against the same database, in multiple schemas)

apicurio.sql.init

boolean

true

2.0.0.Final

SQL init

apicurio.storage.kind

string

 

3.0.0

Application storage variant, for example, sql, kafkasql, or gitops

apicurio.storage.read-only.enabled

boolean [dynamic]

false

2.5.0.Final

Enable Registry storage read-only mode

apicurio.storage.snapshot.location

string

./

3.0.0

Kafka sql snapshots store location

apicurio.storage.sql.kind

string

h2

3.0.0

Application datasource database type

artifacts.skip.disabled.latest

boolean

true

2.4.2

Skip artifact versions with DISABLED state when retrieving latest artifact version

13.1.14. system
링크 복사

Expand
Table 13.14. system configuration options
NameTypeDefaultAvailable fromDescription

apicurio.app.date

string

 

3.0.4

 

apicurio.app.description

string

 

3.0.4

 

apicurio.app.name

string

 

3.0.4

 

apicurio.app.version

string

 

3.0.4

 

13.1.15. ui
링크 복사

Expand
Table 13.15. ui configuration options
NameTypeDefaultAvailable fromDescription

apicurio.ui.auth.oidc.client-id

string

apicurio-registry-ui

3.0.0

The OIDC clientId

apicurio.ui.auth.oidc.logout-url

string

f5

3.0.0

The OIDC logout URL

apicurio.ui.auth.oidc.redirect-uri

string

/

3.0.0

The OIDC redirectUri

apicurio.ui.auth.oidc.scope

string

openid profile email

3.0.8

UI auth OIDC scope value

apicurio.ui.contextPath

string

/

3.0.0

Context path of the UI

apicurio.ui.docsUrl

string

/docs/

3.0.0

URL of the Documentation component

apicurio.ui.features.breadcrumbs

string

true

3.0.0

Enabled to show breadcrumbs in the UI

apicurio.ui.features.read-only.enabled

string

false

3.0.0

Enabled to set the UI to read-only mode

apicurio.ui.features.settings

string

true

3.0.0

Enabled to show the Settings tab in the UI

apicurio.ui.navPrefixPath

string

/

3.0.0

Navigation prefix for all UI paths

13.1.16. unknown
링크 복사

Expand
Table 13.16. unknown configuration options
NameTypeDefaultAvailable fromDescription

apicurio.apis.date-format

unknown

yyyy-MM-dd’T’HH:mm:ss’Z'

  

apicurio.apis.date-format-timezone

unknown

UTC

  

apicurio.app.id

unknown

apicurio-registry

  

apicurio.auth.anonymous-read-access.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.auth.owner-only-authorization.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.auth.owner-only-authorization.limit-group-access.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.authn.basic-client-credentials.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.ccompat.legacy-id-mode.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.ccompat.max-subjects.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.ccompat.use-canonical-hash.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.config.dynamic.allow-all

unknown

true

  

apicurio.config.refresh.every

unknown

1m

  

apicurio.datasource.jdbc.initial-size

unknown

20

  

apicurio.datasource.jdbc.max-size

unknown

100

  

apicurio.datasource.jdbc.min-size

unknown

20

  

apicurio.datasource.password

unknown

sa

  

apicurio.datasource.url

unknown

jdbc:h2:mem:db_${quarkus.uuid}

  

apicurio.datasource.username

unknown

sa

  

apicurio.download.href.ttl.seconds.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.downloads.reaper.every

unknown

60s

  

apicurio.gitops.refresh.every

unknown

30s

  

apicurio.kafkasql.consumer.group.id

unknown

${registry.id}-${quarkus.uuid}

  

apicurio.kafkasql.producer.client.id

unknown

${registry.id}-producer

  

apicurio.limits.config.cache.check-period

unknown

30000

  

apicurio.logconfigjob.delayed

unknown

1s

  

apicurio.logconfigjob.every

unknown

5s

  

apicurio.redirects.root

unknown

/,/apis

  

apicurio.rest.artifact.deletion.enabled

unknown

false

  

apicurio.rest.deletion.artifact-version.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.rest.deletion.artifact.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.rest.deletion.group.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.rest.mutability.artifact-version-content.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.semver.branching.coerce.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.semver.branching.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.semver.validation.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.storage.read-only.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

apicurio.ui.features.read-only.enabled.dynamic.allow

unknown

${apicurio.config.dynamic.allow-all}

  

13.2. Apicurio Registry version 2 to version 3 configuration changes
링크 복사

Apicurio Registry v3 has simplified the configuration options, removing duplicates and improving consistency. For most options, the only change is ssrenaming of the prefix from registry to apicurio, for example, changing registry.kafkasql.bootstrap.servers to apicurio.kafkasql.bootstrap.servers.

Note

For each configuration property you can override the value by using the corresponding environment variable, for example, APICURIO_KAFKASQL_BOOTSTRAP_SERVERS.s

13.2.1. api
링크 복사

Expand
Table 13.17. api configuration options
NameNew Option

registry.api.errors.include-stack-in-response

apicurio.api.errors.include-stack-in-response

registry.disable.apis

apicurio.disable.apis

13.2.2. auth
링크 복사

Expand
Table 13.18. auth configuration options
NameNew Option

registry.auth.admin-override.claim

apicurio.auth.admin-override.claim

registry.auth.admin-override.claim-value

apicurio.auth.admin-override.claim-value

registry.auth.admin-override.enabled

apicurio.auth.admin-override.enabled

registry.auth.admin-override.from

apicurio.auth.admin-override.from

registry.auth.admin-override.role

apicurio.auth.admin-override.role

registry.auth.admin-override.type

apicurio.auth.admin-override.type

registry.auth.anonymous-read-access.enabled

apicurio.auth.anonymous-read-access.enabled

registry.auth.audit.log.prefix

apicurio.authn.audit.log.prefix

registry.auth.authenticated-read-access.enabled

apicurio.auth.authenticated-read-access.enabled

registry.auth.basic-auth-client-credentials.cache-expiration

apicurio.authn.basic-client-credentials.cache-expiration

registry.auth.basic-auth-client-credentials.cache-expiration-offset

apicurio.authn.basic-client-credentials.cache-expiration-offset

registry.auth.basic-auth-client-credentials.enabled

apicurio.authn.basic-client-credentials.enabled

registry.auth.basic-auth.scope

apicurio.authn.basic.scope

registry.auth.client-id

quarkus.oidc.client-id

registry.auth.client-secret

quarkus.oidc.client-secret

registry.auth.enabled

quarkus.oidc.tenant-enabled

registry.auth.owner-only-authorization

apicurio.auth.owner-only-authorization

registry.auth.owner-only-authorization.limit-group-access

apicurio.auth.owner-only-authorization.limit-group-access

registry.auth.role-based-authorization

apicurio.auth.role-based-authorization

registry.auth.role-source

apicurio.auth.role-source

registry.auth.role-source.header.name

apicurio.auth.role-source.header.name

registry.auth.roles.admin

apicurio.auth.roles.admin

registry.auth.roles.developer

apicurio.auth.roles.developer

registry.auth.roles.readonly

apicurio.auth.roles.readonly

registry.auth.tenant-owner-is-admin.enabled

Removed

registry.auth.token.endpoint

quarkus.oidc.token-path

13.2.3. cache
링크 복사

Expand
Table 13.19. cache configuration options
NameNew Option

registry.config.cache.enabled

apicurio.config.cache.enabled

13.2.4. ccompat
링크 복사

Expand
Table 13.20. ccompat configuration options
NameNew Option

registry.ccompat.legacy-id-mode.enabled

apicurio.ccompat.legacy-id-mode.enabled

registry.ccompat.max-subjects

apicurio.ccompat.max-subjects

registry.ccompat.use-canonical-hash

apicurio.ccompat.use-canonical-hash

13.2.5. download
링크 복사

Expand
Table 13.21. download configuration options
NameNew Option

registry.download.href.ttl

apicurio.download.href.ttl.seconds

13.2.6. events
링크 복사

Expand
Table 13.22. events configuration options
NameNew Option

registry.events.ksink

removed

13.2.7. health
링크 복사

Expand
Table 13.23. health configuration options
NameNew Option

registry.liveness.errors.ignored

apicurio.liveness.errors.ignored

registry.metrics.PersistenceExceptionLivenessCheck.counterResetWindowDurationSec

apicurio.metrics.response-timeout-readiness-check.counter-reset-window-duration.seconds

registry.metrics.PersistenceExceptionLivenessCheck.disableLogging

apicurio.metrics.persistence-exception-liveness-check.logging.disabled

registry.metrics.PersistenceExceptionLivenessCheck.errorThreshold

apicurio.metrics.persistence-exception-liveness-check.error-threshold

registry.metrics.PersistenceExceptionLivenessCheck.statusResetWindowDurationSec

apicurio.metrics.persistence-exception-liveness-check.status-reset-window-duration.seconds

registry.metrics.PersistenceTimeoutReadinessCheck.counterResetWindowDurationSec

apicurio.metrics.response-error-liveness-check.counter-reset-window-duration.seconds

registry.metrics.PersistenceTimeoutReadinessCheck.errorThreshold

apicurio.metrics.persistence-timeout-readiness-check.error-threshold

registry.metrics.PersistenceTimeoutReadinessCheck.statusResetWindowDurationSec

apicurio.metrics.persitence-timeout-readiness-check.status-reset-window-duration.seconds

registry.metrics.PersistenceTimeoutReadinessCheck.timeoutSec

apicurio.metrics.persistence-timeout-readiness-check.timeout.seconds

registry.metrics.ResponseErrorLivenessCheck.counterResetWindowDurationSec

apicurio.metrics.resonse-error-liveness-check.counter-reset-window-duration.seconds

registry.metrics.ResponseErrorLivenessCheck.disableLogging

apicurio.metrics.response-error-liveness-check.disabled

registry.metrics.ResponseErrorLivenessCheck.errorThreshold

apicurio.metrics.response-error-liveness-check.error-threshold

registry.metrics.ResponseErrorLivenessCheck.statusResetWindowDurationSec

apicurio.metrics.response-error-liveness-check.status-reset-window-duration.seconds

registry.metrics.ResponseTimeoutReadinessCheck.counterResetWindowDurationSec

apicurio.metrics.response-timeout-readiness-check.counter-reset-window-duration.seconds

registry.metrics.ResponseTimeoutReadinessCheck.errorThreshold

apicurio.metrics.response-timeout-readiness-check.error-threshold

registry.metrics.ResponseTimeoutReadinessCheck.statusResetWindowDurationSec

apicurio.metrics.response-timeout-rediness-check.status-reset-window-duration.seconds

registry.metrics.ResponseTimeoutReadinessCheck.timeoutSec

apicurio.metrics.response-timeout-readiness-check.timeout.seconds

registry.storage.metrics.cache.check-period

apicurio.storage.metrics.cache.check-period.ms

13.2.8. import
링크 복사

Expand
Table 13.24. import configuration options
NameNew Option

registry.import.url

apicurio.import.url

13.2.9. kafka
링크 복사

Expand
Table 13.25. kafka configuration options
NameNew Option

registry.events.kafka.topic

apicurio.events.kafka.topic

registry.events.kafka.topic-partition

Removed

13.2.10. limits
링크 복사

Expand
Table 13.26. limits configuration options
NameNew Option

registry.limits.config.max-artifact-labels

apicurio.limits.config.max-artifact-labels

registry.limits.config.max-artifact-properties

apicurio.limits.config.max-artifact-properties

registry.limits.config.max-artifacts

apicurio.limits.config.max-artifact

registry.limits.config.max-description-length

apicurio.limits.config.max-description-length

registry.limits.config.max-label-size

apicurio.limits.config.max-label-size

registry.limits.config.max-name-length

apicurio.limits.config.max-name-length

registry.limits.config.max-property-key-size

apicurio.limits.config.max-property-key-size

registry.limits.config.max-property-value-size

apicurio.limits.config.max-property-value-size

registry.limits.config.max-requests-per-second

apicurio.limits.config.max-requests-per-second

registry.limits.config.max-schema-size-bytes

apicurio.limits.config.max-schema-size-bytes

registry.limits.config.max-total-schemas

apicurio.limits.config.max-total-schemas

registry.limits.config.max-versions-per-artifact

apicurio.limits.config.max-versions-per-artifact

registry.storage.metrics.cache.max-size

apicurio.storage.metrics.cache.max-size

13.2.11. redirects
링크 복사

Expand
Table 13.27. redirects configuration options
NameNew Option

registry.enable-redirects

apicurio.redirects.enabled

registry.redirects

apicurio.redirects

registry.url.override.host

apicurio.url.override.host

registry.url.override.port

apicurio.url.override.port

13.2.12. rest
링크 복사

Expand
Table 13.28. rest configuration options
NameNew Option

registry.rest.artifact.deletion.enabled

apicurio.rest.artifact.deletion.enabled

registry.rest.artifact.download.maxSize

apicurio.rest.artifact.download.max-size.bytes

registry.rest.artifact.download.skipSSLValidation

apicurio.rest.artifact.download.ssl-validation.disabled

13.2.13. store
링크 복사

Expand
Table 13.29. store configuration options
NameNew Option

artifacts.skip.disabled.latest

artifacts.skip.disabled.latest

registry.sql.init

apicurio.sql.init

13.2.14. ui
링크 복사

Expand
Table 13.30. ui configuration options
NameNew Option

registry.ui.config.auth.oidc.client-id

apicurio.ui.auth.oidc.client-id

registry.ui.config.auth.oidc.redirect-url

apicurio.ui.auth.oidc.redirect-uri

registry.ui.config.auth.oidc.url

quarkus.oidc.auth-server-url

registry.ui.config.uiContextPath

apicurio.ui.contextPath

registry.ui.features.readOnly

apicurio.ui.features.read-only.enabled

registry.ui.features.settings

apicurio.ui.features.settings

Appendix A. Using your subscription
링크 복사

Apicurio Registry is provided through a software subscription. To manage your subscriptions, access your account at the Red Hat Customer Portal.

Accessing your account

  1. Go to access.redhat.com.
  2. If you do not already have an account, create one.
  3. Log in to your account.

Activating a subscription

  1. Go to access.redhat.com.
  2. Navigate to My Subscriptions.
  3. Navigate to Activate a subscription and enter your 16-digit activation number.

Downloading ZIP and TAR files

To access ZIP or TAR files, use the customer portal to find the relevant files for download. If you are using RPM packages, this step is not required.

  1. Open a browser and log in to the Red Hat Customer Portal Product Downloads page at access.redhat.com/downloads.
  2. Locate the Red Hat Integration entries in the Integration and Automation category.
  3. Select the desired Apicurio Registry product. The Software Downloads page opens.
  4. Click the Download link for your component.

Revised on 2025-10-23 18:26:02 UTC

Legal Notice
링크 복사

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
맨 위로 이동
Red Hat logoGithubredditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다. 최신 업데이트를 확인하세요.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

Theme

© 2025 Red Hat