diff --git a/Cargo.lock b/Cargo.lock index e333bd07..4ee2ee81 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1172,6 +1172,12 @@ version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" +[[package]] +name = "humantime" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" + [[package]] name = "hyper" version = "1.8.1" @@ -1568,11 +1574,11 @@ dependencies = [ [[package]] name = "k8s-version" version = "0.1.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "darling", "regex", - "snafu 0.8.9", + "snafu 0.9.0", ] [[package]] @@ -2572,9 +2578,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.9" +version = "0.103.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7df23109aa6c1567d1c575b9952556388da57401e4ace1d15f79eedad0d8f53" +checksum = "df33b2b81ac578cabaf06b89b0631153a3f416b0a886e8a7a1707fb51abbd1ef" dependencies = [ "ring", "rustls-pki-types", @@ -2880,6 +2886,15 @@ dependencies = [ "snafu-derive 0.8.9", ] +[[package]] +name = "snafu" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1d4bced6a69f90b2056c03dcff2c4737f98d6fb9e0853493996e1d253ca29c6" +dependencies = [ + "snafu-derive 0.9.0", +] + [[package]] name = "snafu-derive" version = "0.6.10" @@ -2903,6 +2918,18 @@ dependencies = [ "syn 2.0.116", ] +[[package]] +name = "snafu-derive" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54254b8531cafa275c5e096f62d48c81435d1015405a91198ddb11e967301d40" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn 2.0.116", +] + [[package]] name = "socket2" version = "0.6.2" @@ -2963,7 +2990,7 @@ dependencies = [ [[package]] name = "stackable-certs" version = "0.4.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "const-oid", "ecdsa", @@ -2975,7 +3002,7 @@ dependencies = [ "rsa", "sha2", "signature", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-shared", "tokio", "tokio-rustls", @@ -2986,9 +3013,10 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.108.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.109.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ + "base64", "clap", "const_format", "delegate", @@ -3003,13 +3031,14 @@ dependencies = [ "k8s-openapi", "kube", "product-config", + "rand 0.9.2", "regex", "schemars", "semver", "serde", "serde_json", "serde_yaml", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-operator-derive", "stackable-shared", "stackable-telemetry", @@ -3026,7 +3055,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "darling", "proc-macro2", @@ -3037,7 +3066,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.1.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "jiff", "k8s-openapi", @@ -3046,15 +3075,15 @@ dependencies = [ "semver", "serde", "serde_yaml", - "snafu 0.8.9", + "snafu 0.9.0", "strum", "time", ] [[package]] name = "stackable-telemetry" -version = "0.6.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.6.3" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "axum", "clap", @@ -3065,7 +3094,7 @@ dependencies = [ "opentelemetry-semantic-conventions", "opentelemetry_sdk", "pin-project", - "snafu 0.8.9", + "snafu 0.9.0", "strum", "tokio", "tower", @@ -3077,21 +3106,21 @@ dependencies = [ [[package]] name = "stackable-versioned" -version = "0.8.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.9.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "schemars", "serde", "serde_json", "serde_yaml", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-versioned-macros", ] [[package]] name = "stackable-versioned-macros" -version = "0.8.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.9.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "convert_case", "convert_case_extras", @@ -3108,13 +3137,14 @@ dependencies = [ [[package]] name = "stackable-webhook" -version = "0.9.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.9.1" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#a4a204b0696a696b9a49c930703037dd124e876d" dependencies = [ "arc-swap", "async-trait", "axum", "futures-util", + "humantime", "hyper", "hyper-util", "k8s-openapi", @@ -3124,7 +3154,7 @@ dependencies = [ "rand 0.9.2", "serde", "serde_json", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-certs", "stackable-shared", "stackable-telemetry", diff --git a/Cargo.nix b/Cargo.nix index c91502e8..cff6c9bd 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -3696,6 +3696,14 @@ rec { ]; }; + "humantime" = rec { + crateName = "humantime"; + version = "2.3.0"; + edition = "2021"; + sha256 = "092lpipp32ayz4kyyn4k3vz59j9blng36wprm5by0g2ykqr14nqk"; + features = { + }; + }; "hyper" = rec { crateName = "hyper"; version = "1.8.1"; @@ -5053,7 +5061,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "k8s_version"; @@ -5072,7 +5080,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } ]; features = { @@ -8658,9 +8666,9 @@ rec { }; "rustls-webpki" = rec { crateName = "rustls-webpki"; - version = "0.103.9"; + version = "0.103.10"; edition = "2021"; - sha256 = "0lwg1nnyv7pp2lfwwjhy81bxm233am99jnsp3iymdhd6k8827pyp"; + sha256 = "1vyipcdbazvhl6kyi1m8n0bg98sk25iv12bby2xcly653awb4cyz"; libName = "webpki"; dependencies = [ { @@ -9607,6 +9615,34 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "default" "rust_1_61" "rust_1_65" "std" ]; }; + "snafu 0.9.0" = rec { + crateName = "snafu"; + version = "0.9.0"; + edition = "2018"; + sha256 = "1ii9r99x5qcn754m624yzgb9hzvkqkrcygf0aqh0pyb9dbnvrm6i"; + authors = [ + "Jake Goulding " + ]; + dependencies = [ + { + name = "snafu-derive"; + packageId = "snafu-derive 0.9.0"; + } + ]; + features = { + "backtrace" = [ "dep:backtrace" ]; + "backtraces-impl-backtrace-crate" = [ "backtrace" ]; + "default" = [ "std" "rust_1_81" ]; + "futures" = [ "futures-core-crate" "pin-project" ]; + "futures-core-crate" = [ "dep:futures-core-crate" ]; + "futures-crate" = [ "dep:futures-crate" ]; + "internal-dev-dependencies" = [ "futures-crate" ]; + "pin-project" = [ "dep:pin-project" ]; + "std" = [ "alloc" ]; + "unstable-provider-api" = [ "snafu-derive/unstable-provider-api" ]; + }; + resolvedDefaultFeatures = [ "alloc" "default" "rust_1_81" "std" ]; + }; "snafu-derive 0.6.10" = rec { crateName = "snafu-derive"; version = "0.6.10"; @@ -9669,6 +9705,42 @@ rec { }; resolvedDefaultFeatures = [ "rust_1_61" ]; }; + "snafu-derive 0.9.0" = rec { + crateName = "snafu-derive"; + version = "0.9.0"; + edition = "2018"; + sha256 = "0h0x61kyj4fvilcr2nj02l85shw1ika64vq9brf2gyna662ln9al"; + procMacro = true; + libName = "snafu_derive"; + authors = [ + "Jake Goulding " + ]; + dependencies = [ + { + name = "heck"; + packageId = "heck"; + usesDefaultFeatures = false; + } + { + name = "proc-macro2"; + packageId = "proc-macro2"; + usesDefaultFeatures = false; + } + { + name = "quote"; + packageId = "quote"; + usesDefaultFeatures = false; + } + { + name = "syn"; + packageId = "syn 2.0.116"; + usesDefaultFeatures = false; + features = [ "clone-impls" "derive" "full" "parsing" "printing" "proc-macro" ]; + } + ]; + features = { + }; + }; "socket2" = rec { crateName = "socket2"; version = "0.6.2"; @@ -9881,7 +9953,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "stackable_certs"; @@ -9940,7 +10012,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-shared"; @@ -9979,12 +10051,12 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.108.0"; + version = "0.109.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "stackable_operator"; @@ -9992,6 +10064,10 @@ rec { "Stackable GmbH " ]; dependencies = [ + { + name = "base64"; + packageId = "base64"; + } { name = "clap"; packageId = "clap"; @@ -10055,6 +10131,10 @@ rec { name = "product-config"; packageId = "product-config"; } + { + name = "rand"; + packageId = "rand 0.9.2"; + } { name = "regex"; packageId = "regex"; @@ -10083,7 +10163,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-operator-derive"; @@ -10156,7 +10236,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; procMacro = true; @@ -10191,7 +10271,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "stackable_shared"; @@ -10236,7 +10316,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "strum"; @@ -10267,12 +10347,12 @@ rec { }; "stackable-telemetry" = rec { crateName = "stackable-telemetry"; - version = "0.6.2"; + version = "0.6.3"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "stackable_telemetry"; @@ -10324,7 +10404,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "strum"; @@ -10377,12 +10457,12 @@ rec { }; "stackable-versioned" = rec { crateName = "stackable-versioned"; - version = "0.8.3"; + version = "0.9.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "stackable_versioned"; @@ -10410,7 +10490,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-versioned-macros"; @@ -10421,12 +10501,12 @@ rec { }; "stackable-versioned-macros" = rec { crateName = "stackable-versioned-macros"; - version = "0.8.3"; + version = "0.9.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; procMacro = true; @@ -10489,12 +10569,12 @@ rec { }; "stackable-webhook" = rec { crateName = "stackable-webhook"; - version = "0.9.0"; + version = "0.9.1"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; + rev = "a4a204b0696a696b9a49c930703037dd124e876d"; sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; }; libName = "stackable_webhook"; @@ -10519,6 +10599,10 @@ rec { name = "futures-util"; packageId = "futures-util"; } + { + name = "humantime"; + packageId = "humantime"; + } { name = "hyper"; packageId = "hyper"; @@ -10563,7 +10647,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-certs"; diff --git a/Cargo.toml b/Cargo.toml index 8b72d390..6a1176ce 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,10 @@ repository = "https://github.com/stackabletech/airflow-operator" [workspace.dependencies] product-config = { git = "https://github.com/stackabletech/product-config.git", tag = "0.8.0" } -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", features = ["crds", "webhook"], tag = "stackable-operator-0.108.0" } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", features = [ + "crds", + "webhook", +], tag = "stackable-operator-0.109.0" } anyhow = "1.0" base64 = "0.22" diff --git a/crate-hashes.json b/crate-hashes.json index 2148b36f..d1cdd35a 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -4,14 +4,14 @@ "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-derive@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-runtime@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#k8s-version@0.1.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-certs@0.4.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-operator-derive@0.3.1": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-operator@0.108.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-shared@0.1.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-telemetry@0.6.2": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-versioned-macros@0.8.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-versioned@0.8.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-webhook@0.9.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#k8s-version@0.1.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-certs@0.4.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-operator-derive@0.3.1": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-operator@0.109.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-shared@0.1.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-telemetry@0.6.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-versioned-macros@0.9.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-versioned@0.9.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.109.0#stackable-webhook@0.9.1": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", "git+https://github.com/stackabletech/product-config.git?tag=0.8.0#product-config@0.8.0": "1dz70kapm2wdqcr7ndyjji0lhsl98bsq95gnb2lw487wf6yr7987" } \ No newline at end of file diff --git a/extra/crds.yaml b/extra/crds.yaml index 288919db..7789bf19 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -414,7 +414,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -926,7 +926,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -1048,6 +1048,16 @@ spec: description: This field contains OIDC-specific configuration. It is only required in case OIDC is used. nullable: true properties: + clientAuthenticationMethod: + default: client_secret_basic + description: 'The client authentication method used when communicating with the token endpoint. Defaults to `client_secret_basic`. The required contents of `clientCredentialsSecret` depend on the chosen method: secret-based methods (`client_secret_basic`, `client_secret_post`, `client_secret_jwt`) expect a client secret, while `private_key_jwt` expects a private key.' + enum: + - client_secret_basic + - client_secret_post + - client_secret_jwt + - private_key_jwt + - none + type: string clientCredentialsSecret: description: |- A reference to the OIDC client credentials secret. The secret contains @@ -1213,6 +1223,56 @@ spec: description: 'The git repository URL that will be cloned, for example: `https://github.com/stackabletech/airflow-operator` or `ssh://git@github.com:stackable-airflow/dags.git`.' format: uri type: string + tls: + default: + verification: + server: + caCert: + webPki: {} + description: Configure a TLS connection. If not specified it will default to webPki validation. + nullable: true + properties: + verification: + description: The verification method used to verify the certificates of the server and/or the client. + oneOf: + - required: + - none + - required: + - server + properties: + none: + description: Use TLS but don't verify certificates. + type: object + server: + description: Use TLS and a CA certificate to verify the server. + properties: + caCert: + description: CA cert to verify the server. + oneOf: + - required: + - webPki + - required: + - secretClass + properties: + secretClass: + description: |- + Name of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) which will provide the CA certificate. + Note that a SecretClass does not need to have a key but can also work with just a CA certificate, + so if you got provided with a CA cert but don't have access to the key you can still use this method. + type: string + webPki: + description: |- + Use TLS and the CA certificates trusted by the common web browsers to verify the server. + This can be useful when you e.g. use public AWS S3 or other public available services. + type: object + type: object + required: + - caCert + type: object + type: object + required: + - verification + type: object wait: default: 20s description: |- @@ -1679,7 +1739,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -2191,7 +2251,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -2731,7 +2791,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -3222,7 +3282,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -3734,7 +3794,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -4219,7 +4279,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -4731,7 +4791,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -5216,7 +5276,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -5733,7 +5793,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -6293,7 +6353,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -6805,7 +6865,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -6927,6 +6987,16 @@ spec: description: This field contains OIDC-specific configuration. It is only required in case OIDC is used. nullable: true properties: + clientAuthenticationMethod: + default: client_secret_basic + description: 'The client authentication method used when communicating with the token endpoint. Defaults to `client_secret_basic`. The required contents of `clientCredentialsSecret` depend on the chosen method: secret-based methods (`client_secret_basic`, `client_secret_post`, `client_secret_jwt`) expect a client secret, while `private_key_jwt` expects a private key.' + enum: + - client_secret_basic + - client_secret_post + - client_secret_jwt + - private_key_jwt + - none + type: string clientCredentialsSecret: description: |- A reference to the OIDC client credentials secret. The secret contains @@ -7068,6 +7138,56 @@ spec: description: 'The git repository URL that will be cloned, for example: `https://github.com/stackabletech/airflow-operator` or `ssh://git@github.com:stackable-airflow/dags.git`.' format: uri type: string + tls: + default: + verification: + server: + caCert: + webPki: {} + description: Configure a TLS connection. If not specified it will default to webPki validation. + nullable: true + properties: + verification: + description: The verification method used to verify the certificates of the server and/or the client. + oneOf: + - required: + - none + - required: + - server + properties: + none: + description: Use TLS but don't verify certificates. + type: object + server: + description: Use TLS and a CA certificate to verify the server. + properties: + caCert: + description: CA cert to verify the server. + oneOf: + - required: + - webPki + - required: + - secretClass + properties: + secretClass: + description: |- + Name of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) which will provide the CA certificate. + Note that a SecretClass does not need to have a key but can also work with just a CA certificate, + so if you got provided with a CA cert but don't have access to the key you can still use this method. + type: string + webPki: + description: |- + Use TLS and the CA certificates trusted by the common web browsers to verify the server. + This can be useful when you e.g. use public AWS S3 or other public available services. + type: object + type: object + required: + - caCert + type: object + type: object + required: + - verification + type: object wait: default: 20s description: |- @@ -7534,7 +7654,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -8046,7 +8166,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -8586,7 +8706,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -9077,7 +9197,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -9589,7 +9709,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -10074,7 +10194,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -10586,7 +10706,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -11071,7 +11191,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -11588,7 +11708,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object diff --git a/rust/operator-binary/src/config.rs b/rust/operator-binary/src/config.rs index 7d5382e3..a8466d52 100644 --- a/rust/operator-binary/src/config.rs +++ b/rust/operator-binary/src/config.rs @@ -235,6 +235,13 @@ fn append_oidc_config( .well_known_config_url() .context(InvalidWellKnownConfigUrlSnafu)?; + let client_auth_method = + serde_json::to_value(client_options.client_authentication_method) + .expect("ClientAuthenticationMethod should serialize to JSON"); + let client_auth_method = client_auth_method + .as_str() + .expect("ClientAuthenticationMethod should serialize to a string"); + formatdoc!( " {{ 'name': 'keycloak', @@ -248,6 +255,7 @@ fn append_oidc_config( }}, 'api_base_url': '{api_base_url}', 'server_metadata_url': '{well_known_config_url}', + 'token_endpoint_auth_method': '{client_auth_method}', }}, }}", scopes = scopes.join(" "), @@ -460,6 +468,7 @@ mod tests { oidc: oidc::v1alpha1::ClientAuthenticationOptions { client_credentials_secret_ref: "test-client-secret1".to_string(), extra_scopes: vec!["roles".to_string()], + client_authentication_method: Default::default(), product_specific_fields: (), }, }, @@ -468,6 +477,7 @@ mod tests { oidc: oidc::v1alpha1::ClientAuthenticationOptions { client_credentials_secret_ref: "test-client-secret2".to_string(), extra_scopes: vec![], + client_authentication_method: Default::default(), product_specific_fields: (), }, }, @@ -509,6 +519,7 @@ mod tests { }}, 'api_base_url': 'https://my.keycloak1.server:12345/realms/sdp/protocol/', 'server_metadata_url': 'https://my.keycloak1.server:12345/realms/sdp/.well-known/openid-configuration', + 'token_endpoint_auth_method': 'client_secret_basic', }}, }}, {{ 'name': 'keycloak', @@ -522,6 +533,7 @@ mod tests { }}, 'api_base_url': 'http://my.keycloak2.server/protocol/', 'server_metadata_url': 'http://my.keycloak2.server/.well-known/openid-configuration', + 'token_endpoint_auth_method': 'client_secret_basic', }}, }} ] diff --git a/rust/operator-binary/src/crd/authentication.rs b/rust/operator-binary/src/crd/authentication.rs index 6f9a6d53..30168aaa 100644 --- a/rust/operator-binary/src/crd/authentication.rs +++ b/rust/operator-binary/src/crd/authentication.rs @@ -472,6 +472,7 @@ mod tests { oidc: oidc::v1alpha1::ClientAuthenticationOptions { client_credentials_secret_ref: "airflow-oidc-client1".into(), extra_scopes: vec!["groups".into()], + client_authentication_method: Default::default(), product_specific_fields: () } }, @@ -488,6 +489,7 @@ mod tests { oidc: oidc::v1alpha1::ClientAuthenticationOptions { client_credentials_secret_ref: "airflow-oidc-client2".into(), extra_scopes: Vec::new(), + client_authentication_method: Default::default(), product_specific_fields: () } }