chore: Update templated files (f1f1a9e)

.github/PULL_REQUEST_TEMPLATE/pre-release-rust-deps.md

@@ -1,4 +1,4 @@
-# Bump Rust Dependencies for Stackable Release XX.(X)X
+# Bump Rust Dependencies for Stackable Release YY.M.X
 
 <!--
     Make sure to update the link in 'issues/.github/ISSUE_TEMPLATE/pre-release-operator-rust-deps.md'
@@ -32,7 +32,7 @@ Part of <https://github.com/stackabletech/issues/issues/TRACKING_ISSUE>
 
 ```[tasklist]
 ### Bump Rust Dependencies
-- [ ] Bump `stackable-operator` and friends.
-- [ ] Bump `product-version`.
-- [ ] Bump all other dependencies.
+- [ ] Bump `stackable-operator` and friends
+- [ ] Bump `product-config`
+- [ ] Bump all other dependencies
 ```

.github/workflows/build.yml

@@ -26,7 +26,8 @@ env:
   CARGO_TERM_COLOR: always
   CARGO_INCREMENTAL: '0'
   CARGO_PROFILE_DEV_DEBUG: '0'
-  RUST_TOOLCHAIN_VERSION: "1.84.1"
+  RUST_TOOLCHAIN_VERSION: "1.85.0"
+  RUST_NIGHTLY_TOOLCHAIN_VERSION: "nightly-2025-01-15"
   PYTHON_VERSION: "3.12"
   RUSTFLAGS: "-D warnings"
   RUSTDOCFLAGS: "-D warnings"
@@ -136,9 +137,11 @@ jobs:
           submodules: recursive
       - uses: dtolnay/rust-toolchain@c5a29ddb4d9d194e7c84ec8c3fba61b1c31fee8c
         with:
-          toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN_VERSION }}
           components: rustfmt
-      - run: cargo fmt --all -- --check
+      - env:
+          RUST_TOOLCHAIN_VERSION: ${{ env.RUST_NIGHTLY_TOOLCHAIN_VERSION }}
+        run: cargo "+$RUST_TOOLCHAIN_VERSION" fmt --all -- --check
 
   run_clippy:
     name: Run Clippy

.vscode/settings.json

@@ -0,0 +1,7 @@
+{
+    "rust-analyzer.rustfmt.overrideCommand": [
+        "rustfmt",
+        "+nightly-2025-01-15",
+        "--"
+    ],
+}

rust-toolchain.toml

@@ -1,3 +1,3 @@
 # DO NOT EDIT, this file is generated by operator-templating
 [toolchain]
-channel = "1.84.1"
+channel = "1.85.0"

rust/operator-binary/src/authentication/ldap.rs

@@ -2,15 +2,15 @@ use std::collections::BTreeMap;
 
 use snafu::ResultExt;
 use stackable_operator::{
-    builder::pod::{container::ContainerBuilder, PodBuilder},
+    builder::pod::{PodBuilder, container::ContainerBuilder},
     commons::authentication::ldap::AuthenticationProvider,
 };
 
 use crate::{
     authentication::{
         AddLdapVolumesSnafu, ConstructLdapEndpointUrlSnafu, Error, MissingLdapBindCredentialsSnafu,
     },
-    crd::security::{add_cert_to_trust_store_cmd, STACKABLE_TLS_DIR, TLS_STORE_PASSWORD},
+    crd::security::{STACKABLE_TLS_DIR, TLS_STORE_PASSWORD, add_cert_to_trust_store_cmd},
 };
 
 fn add_authenticator_config(

rust/operator-binary/src/authentication/mod.rs

@@ -2,7 +2,7 @@ use std::collections::BTreeMap;
 
 use snafu::Snafu;
 use stackable_operator::{
-    builder::pod::{container::ContainerBuilder, PodBuilder},
+    builder::pod::{PodBuilder, container::ContainerBuilder},
     commons::{
         authentication::{
             ldap::AuthenticationProvider as LdapAuthenticationProvider,
@@ -17,9 +17,10 @@ use stackable_operator::{
 
 use crate::{
     crd::{
+        DruidRole,
         authentication::{AuthenticationClassResolved, AuthenticationClassesResolved},
         security::{ESCALATOR_INTERNAL_CLIENT_PASSWORD_ENV, INTERNAL_INITIAL_CLIENT_PASSWORD_ENV},
-        v1alpha1, DruidRole,
+        v1alpha1,
     },
     internal_secret::{build_shared_internal_secret_name, env_var_from_secret},
 };

rust/operator-binary/src/authentication/oidc.rs

@@ -2,14 +2,14 @@ use std::collections::BTreeMap;
 
 use snafu::ResultExt;
 use stackable_operator::{
-    builder::pod::{container::ContainerBuilder, PodBuilder},
+    builder::pod::{PodBuilder, container::ContainerBuilder},
     commons::authentication::oidc::{AuthenticationProvider, ClientAuthenticationOptions},
     k8s_openapi::api::core::v1::EnvVar,
 };
 
 use crate::{
     authentication::{AddOidcVolumesSnafu, ConstructOidcWellKnownUrlSnafu, Error},
-    crd::{security::add_cert_to_jvm_trust_store_cmd, DruidRole, COOKIE_PASSPHRASE_ENV},
+    crd::{COOKIE_PASSPHRASE_ENV, DruidRole, security::add_cert_to_jvm_trust_store_cmd},
     internal_secret::env_var_from_secret,
 };
 

rust/operator-binary/src/config/jvm.rs

@@ -132,9 +132,7 @@ mod tests {
         let coordinator_jvm_config = construct_jvm_config_for_test(input, &DruidRole::Coordinator);
         let historical_jvm_config = construct_jvm_config_for_test(input, &DruidRole::Historical);
 
-        assert_eq!(
-            coordinator_jvm_config,
-            indoc! {"
+        assert_eq!(coordinator_jvm_config, indoc! {"
               -server
               -Xmx468m
               -Xms468m
@@ -149,11 +147,8 @@ mod tests {
               -Djavax.net.ssl.trustStore=/stackable/truststore.p12
               -Djavax.net.ssl.trustStorePassword=changeit
               -Djavax.net.ssl.trustStoreType=pkcs12
-              -Dderby.stream.error.file=/stackable/var/druid/derby.log"}
-        );
-        assert_eq!(
-            historical_jvm_config,
-            indoc! {"
+              -Dderby.stream.error.file=/stackable/var/druid/derby.log"});
+        assert_eq!(historical_jvm_config, indoc! {"
               -server
               -Xmx900m
               -Xms900m
@@ -168,8 +163,7 @@ mod tests {
               -Dlog4j.configurationFile=/stackable/rwconfig/log4j2.properties
               -Djavax.net.ssl.trustStore=/stackable/truststore.p12
               -Djavax.net.ssl.trustStorePassword=changeit
-              -Djavax.net.ssl.trustStoreType=pkcs12"}
-        );
+              -Djavax.net.ssl.trustStoreType=pkcs12"});
     }
 
     #[test]
@@ -243,9 +237,7 @@ mod tests {
         let coordinator_jvm_config = construct_jvm_config_for_test(input, &DruidRole::Coordinator);
         let historical_jvm_config = construct_jvm_config_for_test(input, &DruidRole::Historical);
 
-        assert_eq!(
-            coordinator_jvm_config,
-            indoc! {"
+        assert_eq!(coordinator_jvm_config, indoc! {"
               -server
               -Xms42708m
               -XX:+ExitOnOutOfMemoryError
@@ -263,11 +255,8 @@ mod tests {
               -Dhttps.proxyHost=proxy.my.corp
               -Djava.net.preferIPv4Stack=true
               -Xmx40000m
-              -Dhttps.proxyPort=1234"}
-        );
-        assert_eq!(
-            historical_jvm_config,
-            indoc! {"
+              -Dhttps.proxyPort=1234"});
+        assert_eq!(historical_jvm_config, indoc! {"
               -server
               -Xmx9759m
               -Xms9759m
@@ -283,8 +272,7 @@ mod tests {
               -Djavax.net.ssl.trustStore=/stackable/truststore.p12
               -Djavax.net.ssl.trustStorePassword=changeit
               -Djavax.net.ssl.trustStoreType=pkcs12
-              -Dfoo=bar"}
-        );
+              -Dfoo=bar"});
     }
 
     fn construct_jvm_config_for_test(druid_cluster: &str, druid_role: &DruidRole) -> String {

rust/operator-binary/src/crd/affinity.rs

@@ -1,9 +1,9 @@
 use stackable_operator::{
-    commons::affinity::{affinity_between_role_pods, StackableAffinityFragment},
+    commons::affinity::{StackableAffinityFragment, affinity_between_role_pods},
     k8s_openapi::api::core::v1::{PodAffinity, PodAntiAffinity},
 };
 
-use crate::crd::{DeepStorageSpec, DruidRole, HdfsDeepStorageSpec, APP_NAME};
+use crate::crd::{APP_NAME, DeepStorageSpec, DruidRole, HdfsDeepStorageSpec};
 
 /// Please have a look at the architecture diagram in <https://druid.apache.org/assets/images/druid-architecture-7db1cd79d2d70b2e5ccc73b6bebfcaa4.svg>
 /// to understand which roles do communicate with each other.
@@ -257,45 +257,39 @@ mod tests {
             _ => (),
         };
 
-        assert_eq!(
-            merged_config.affinity,
-            StackableAffinity {
-                pod_affinity: Some(PodAffinity {
-                    preferred_during_scheduling_ignored_during_execution: Some(expected_affinities),
-                    required_during_scheduling_ignored_during_execution: None,
-                }),
-                pod_anti_affinity: Some(PodAntiAffinity {
-                    preferred_during_scheduling_ignored_during_execution: Some(vec![
-                        WeightedPodAffinityTerm {
-                            pod_affinity_term: PodAffinityTerm {
-                                label_selector: Some(LabelSelector {
-                                    match_expressions: None,
-                                    match_labels: Some(BTreeMap::from([
-                                        ("app.kubernetes.io/name".to_string(), "druid".to_string(),),
-                                        (
-                                            "app.kubernetes.io/instance".to_string(),
-                                            "simple-druid".to_string(),
-                                        ),
-                                        (
-                                            "app.kubernetes.io/component".to_string(),
-                                            role.to_string(),
-                                        )
-                                    ]))
-                                }),
-                                match_label_keys: None,
-                                mismatch_label_keys: None,
-                                namespace_selector: None,
-                                namespaces: None,
-                                topology_key: "kubernetes.io/hostname".to_string(),
-                            },
-                            weight: 70
-                        }
-                    ]),
-                    required_during_scheduling_ignored_during_execution: None,
-                }),
-                node_affinity: None,
-                node_selector: None,
-            }
-        );
+        assert_eq!(merged_config.affinity, StackableAffinity {
+            pod_affinity: Some(PodAffinity {
+                preferred_during_scheduling_ignored_during_execution: Some(expected_affinities),
+                required_during_scheduling_ignored_during_execution: None,
+            }),
+            pod_anti_affinity: Some(PodAntiAffinity {
+                preferred_during_scheduling_ignored_during_execution: Some(vec![
+                    WeightedPodAffinityTerm {
+                        pod_affinity_term: PodAffinityTerm {
+                            label_selector: Some(LabelSelector {
+                                match_expressions: None,
+                                match_labels: Some(BTreeMap::from([
+                                    ("app.kubernetes.io/name".to_string(), "druid".to_string(),),
+                                    (
+                                        "app.kubernetes.io/instance".to_string(),
+                                        "simple-druid".to_string(),
+                                    ),
+                                    ("app.kubernetes.io/component".to_string(), role.to_string(),)
+                                ]))
+                            }),
+                            match_label_keys: None,
+                            mismatch_label_keys: None,
+                            namespace_selector: None,
+                            namespaces: None,
+                            topology_key: "kubernetes.io/hostname".to_string(),
+                        },
+                        weight: 70
+                    }
+                ]),
+                required_during_scheduling_ignored_during_execution: None,
+            }),
+            node_affinity: None,
+            node_selector: None,
+        });
     }
 }

rust/operator-binary/src/crd/authentication.rs

@@ -1,14 +1,14 @@
 use std::future::Future;
 
-use snafu::{ensure, ResultExt, Snafu};
+use snafu::{ResultExt, Snafu, ensure};
 use stackable_operator::{
     client::Client,
     commons::authentication::{
-        ldap,
+        AuthenticationClass, AuthenticationClassProvider, ClientAuthenticationDetails, ldap,
         oidc::{self, IdentityProviderHint},
-        tls, AuthenticationClass, AuthenticationClassProvider, ClientAuthenticationDetails,
+        tls,
     },
-    kube::{runtime::reflector::ObjectRef, ResourceExt},
+    kube::{ResourceExt, runtime::reflector::ObjectRef},
 };
 use tracing::info;
 
@@ -33,22 +33,24 @@ pub enum Error {
     #[snafu(display("only one authentication class is currently supported at a time."))]
     MultipleAuthenticationClassesNotSupported,
     #[snafu(display(
-    "failed to use authentication provider [{authentication_class_provider}] for authentication class [{authentication_class}] - supported providers: {SUPPORTED_AUTHENTICATION_CLASS_PROVIDERS:?}",
+        "failed to use authentication provider [{authentication_class_provider}] for authentication class [{authentication_class}] - supported providers: {SUPPORTED_AUTHENTICATION_CLASS_PROVIDERS:?}",
     ))]
     AuthenticationClassProviderNotSupported {
         authentication_class_provider: String,
         authentication_class: ObjectRef<AuthenticationClass>,
     },
-    #[snafu(display("LDAP authentication without bind credentials is currently not supported. See https://github.com/stackabletech/druid-operator/issues/383 for details"))]
+    #[snafu(display(
+        "LDAP authentication without bind credentials is currently not supported. See https://github.com/stackabletech/druid-operator/issues/383 for details"
+    ))]
     LdapAuthenticationWithoutBindCredentialsNotSupported {},
     #[snafu(display("LDAP authentication requires server and internal tls to be enabled"))]
     LdapAuthenticationWithoutServerTlsNotSupported {},
     #[snafu(display(
-    "client authentication using TLS (as requested by AuthenticationClass {auth_class_name}) can not be used when Druid server and internal TLS is disabled",
+        "client authentication using TLS (as requested by AuthenticationClass {auth_class_name}) can not be used when Druid server and internal TLS is disabled",
     ))]
     TlsAuthenticationClassWithoutDruidServerTls { auth_class_name: String },
     #[snafu(display(
-    "client authentication using TLS (as requested by AuthenticationClass {auth_class_name}) can only use the same SecretClass as the Druid instance is using for server and internal communication (SecretClass {server_and_internal_secret_class} in this case)",
+        "client authentication using TLS (as requested by AuthenticationClass {auth_class_name}) can only use the same SecretClass as the Druid instance is using for server and internal communication (SecretClass {server_and_internal_secret_class} in this case)",
     ))]
     TlsAuthenticationClassSecretClassDiffersFromDruidServerTls {
         auth_class_name: String,
@@ -58,7 +60,9 @@ pub enum Error {
     OidcConfigurationInvalid {
         source: stackable_operator::commons::authentication::Error,
     },
-    #[snafu(display("the OIDC provider {oidc_provider:?} is not yet supported (AuthenticationClass {auth_class_name:?})"))]
+    #[snafu(display(
+        "the OIDC provider {oidc_provider:?} is not yet supported (AuthenticationClass {auth_class_name:?})"
+    ))]
     OidcProviderNotSupported {
         auth_class_name: String,
         oidc_provider: String,
@@ -186,8 +190,11 @@ impl AuthenticationClassesResolved {
     ) -> Result<AuthenticationClassResolved> {
         let oidc_provider = match &provider.provider_hint {
             None => {
-                info!("No OIDC provider hint given in AuthClass {auth_class_name}, assuming {default_oidc_provider_name}",
-                    default_oidc_provider_name = serde_json::to_string(&DEFAULT_OIDC_PROVIDER).unwrap());
+                info!(
+                    "No OIDC provider hint given in AuthClass {auth_class_name}, assuming {default_oidc_provider_name}",
+                    default_oidc_provider_name =
+                        serde_json::to_string(&DEFAULT_OIDC_PROVIDER).unwrap()
+                );
                 DEFAULT_OIDC_PROVIDER
             }
             Some(oidc_provider) => oidc_provider.to_owned(),

rust/operator-binary/src/crd/memory.rs

@@ -8,8 +8,8 @@ use stackable_operator::{
 };
 
 use crate::crd::{
-    storage::HistoricalStorage, PROCESSING_BUFFER_SIZE_BYTES, PROCESSING_NUM_MERGE_BUFFERS,
-    PROCESSING_NUM_THREADS,
+    PROCESSING_BUFFER_SIZE_BYTES, PROCESSING_NUM_MERGE_BUFFERS, PROCESSING_NUM_THREADS,
+    storage::HistoricalStorage,
 };
 
 static MIN_HEAP_RATIO: f32 = 0.75;

rust/operator-binary/src/crd/mod.rs

@@ -35,8 +35,8 @@ use stackable_operator::{
     status::condition::{ClusterCondition, HasStatusCondition},
     time::Duration,
     utils::{
-        cluster_info::KubernetesClusterInfo, crds::raw_object_list_schema,
-        COMMON_BASH_TRAP_FUNCTIONS,
+        COMMON_BASH_TRAP_FUNCTIONS, cluster_info::KubernetesClusterInfo,
+        crds::raw_object_list_schema,
     },
 };
 use stackable_versioned::versioned;
@@ -46,7 +46,7 @@ use crate::crd::{
     affinity::get_affinity,
     authorization::DruidAuthorization,
     resource::RoleResource,
-    tls::{default_druid_tls, DruidTls},
+    tls::{DruidTls, default_druid_tls},
 };
 
 pub mod affinity;