stackabletech · Techassi · Feb 4, 2025 · Feb 4, 2025 · Feb 4, 2025 · Feb 4, 2025
diff --git a/.github/workflows/pr_pre-commit.yaml b/.github/workflows/pr_pre-commit.yaml
@@ -6,7 +6,7 @@ on:
 
 env:
   CARGO_TERM_COLOR: always
-  RUST_TOOLCHAIN_VERSION: "1.82.0"
+  RUST_TOOLCHAIN_VERSION: "nightly-2025-01-15"
   HADOLINT_VERSION: "v2.12.0"
   PYTHON_VERSION: "3.12"
 

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -17,10 +17,6 @@ repos:
   - repo: https://github.com/doublify/pre-commit-rust
     rev: eeee35a89e69d5772bdee97db1a6a898467b686e # 1.0
     hooks:
-      - id: fmt
-        # Pinning to a specific rustc version, so that we get consistent formatting
-        entry: RUSTUP_TOOLCHAIN=nightly-2025-01-15 cargo fmt
-        args: ["--all", "--", "--check"]
       - id: clippy
         args: ["--all-targets", "--", "-D", "warnings"]
 
@@ -78,3 +74,10 @@ repos:
         entry: cargo test
         stages: [pre-commit, pre-merge-commit, manual]
         pass_filenames: false
+
+      - id: cargo-rustfmt
+        name: cargo-rustfmt
+        language: system
+        entry: cargo +nightly-2025-01-15 fmt --all -- --check
+        stages: [pre-commit]
+        pass_filenames: false
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/rust/operator-binary/src/backend/cert_manager.rs b/rust/operator-binary/src/backend/cert_manager.rs
@@ -12,19 +12,18 @@ use stackable_operator::{
     time::Duration,
 };
 
-use crate::{
-    crd::{self, CertificateKeyGeneration},
-    external_crd::{self, cert_manager::CertificatePrivateKey},
-    format::SecretData,
-    utils::Unloggable,
-};
-
 use super::{
     k8s_search::LABEL_SCOPE_NODE,
     pod_info::{Address, PodInfo, SchedulingPodInfo},
     scope::SecretScope,
     ScopeAddressesError, SecretBackend, SecretBackendError, SecretContents, SecretVolumeSelector,
 };
+use crate::{
+    crd::{self, CertificateKeyGeneration},
+    external_crd::{self, cert_manager::CertificatePrivateKey},
+    format::SecretData,
+    utils::Unloggable,
+};
 
 /// Default lifetime of certs when no annotations are set on the Volume.
 pub const DEFAULT_CERT_LIFETIME: Duration = Duration::from_hours_unchecked(24);

diff --git a/rust/operator-binary/src/backend/dynamic.rs b/rust/operator-binary/src/backend/dynamic.rs
@@ -9,16 +9,15 @@ use async_trait::async_trait;
 use snafu::{ResultExt, Snafu};
 use stackable_operator::kube::runtime::reflector::ObjectRef;
 
-use crate::{
-    crd::{self, SecretClass},
-    utils::Unloggable,
-};
-
 use super::{
     kerberos_keytab::{self, KerberosProfile},
     pod_info::{PodInfo, SchedulingPodInfo},
     tls, SecretBackend, SecretBackendError, SecretVolumeSelector,
 };
+use crate::{
+    crd::{self, SecretClass},
+    utils::Unloggable,
+};
 
 pub struct DynError(Box<dyn SecretBackendError>);
 

diff --git a/rust/operator-binary/src/backend/k8s_search.rs b/rust/operator-binary/src/backend/k8s_search.rs
@@ -12,13 +12,12 @@ use stackable_operator::{
     kvp::{LabelError, LabelSelectorExt, Labels},
 };
 
-use crate::{crd::SearchNamespace, format::SecretData, utils::Unloggable};
-
 use super::{
     pod_info::{PodInfo, SchedulingPodInfo},
     scope::SecretScope,
     SecretBackend, SecretBackendError, SecretContents, SecretVolumeSelector,
 };
+use crate::{crd::SearchNamespace, format::SecretData, utils::Unloggable};
 
 const LABEL_CLASS: &str = "secrets.stackable.tech/class";
 pub(super) const LABEL_SCOPE_NODE: &str = "secrets.stackable.tech/node";

diff --git a/rust/operator-binary/src/backend/kerberos_keytab.rs b/rust/operator-binary/src/backend/kerberos_keytab.rs
@@ -17,6 +17,10 @@ use tokio::{
     io::{AsyncReadExt, AsyncWriteExt},
 };
 
+use super::{
+    pod_info::Address, scope::SecretScope, ScopeAddressesError, SecretBackend, SecretBackendError,
+    SecretContents,
+};
 use crate::{
     crd::{
         ActiveDirectorySamAccountNameRules, InvalidKerberosPrincipal, KerberosKeytabBackendAdmin,
@@ -26,11 +30,6 @@ use crate::{
     utils::Unloggable,
 };
 
-use super::{
-    pod_info::Address, scope::SecretScope, ScopeAddressesError, SecretBackend, SecretBackendError,
-    SecretContents,
-};
-
 #[derive(Debug, Snafu)]
 pub enum Error {
     #[snafu(display("failed to get addresses for scope {:?}", format!("{scope}")))]

diff --git a/rust/operator-binary/src/backend/mod.rs b/rust/operator-binary/src/backend/mod.rs
@@ -8,26 +8,24 @@ pub mod pod_info;
 pub mod scope;
 pub mod tls;
 
+use std::{collections::HashSet, convert::Infallible, fmt::Debug};
+
 use async_trait::async_trait;
+pub use cert_manager::CertManager;
+pub use k8s_search::K8sSearch;
+pub use kerberos_keytab::KerberosKeytab;
+use pod_info::Address;
+use scope::SecretScope;
 use serde::{de::Unexpected, Deserialize, Deserializer, Serialize};
 use snafu::{OptionExt, Snafu};
 use stackable_operator::{
     k8s_openapi::chrono::{DateTime, FixedOffset},
     time::Duration,
 };
-use std::{collections::HashSet, convert::Infallible, fmt::Debug};
-
-pub use cert_manager::CertManager;
-pub use k8s_search::K8sSearch;
-pub use kerberos_keytab::KerberosKeytab;
 pub use tls::TlsGenerate;
 
-use pod_info::Address;
-use scope::SecretScope;
-
-use crate::format::{SecretData, SecretFormat};
-
 use self::pod_info::SchedulingPodInfo;
+use crate::format::{SecretData, SecretFormat};
 
 /// Configuration provided by the `Volume` selecting what secret data should be provided
 ///

diff --git a/rust/operator-binary/src/backend/pod_info.rs b/rust/operator-binary/src/backend/pod_info.rs
@@ -16,9 +16,8 @@ use stackable_operator::{
     kube::runtime::reflector::ObjectRef,
 };
 
-use crate::utils::trystream_any;
-
 use super::scope::SecretScope;
+use crate::utils::trystream_any;
 
 const LISTENER_PVC_ANNOTATION_LISTENER_NAME: &str = "listeners.stackable.tech/listener-name";
 const LISTENER_PVC_ANNOTATION_LISTENER_CLASS: &str = "listeners.stackable.tech/listener-class";

diff --git a/rust/operator-binary/src/backend/tls/mod.rs b/rust/operator-binary/src/backend/tls/mod.rs
@@ -27,17 +27,16 @@ use stackable_operator::{
 };
 use time::OffsetDateTime;
 
-use crate::{
-    crd::{self, CertificateKeyGeneration},
-    format::{well_known, SecretData, WellKnownSecretData},
-    utils::iterator_try_concat_bytes,
-};
-
 use super::{
     pod_info::{Address, PodInfo},
     scope::SecretScope,
     ScopeAddressesError, SecretBackend, SecretBackendError, SecretContents,
 };
+use crate::{
+    crd::{self, CertificateKeyGeneration},
+    format::{well_known, SecretData, WellKnownSecretData},
+    utils::iterator_try_concat_bytes,
+};
 
 mod ca;
 

diff --git a/rust/operator-binary/src/crd.rs b/rust/operator-binary/src/crd.rs
@@ -371,7 +371,6 @@ impl Deref for KerberosPrincipal {
 #[cfg(test)]
 mod test {
     use super::*;
-
     use crate::{
         backend::tls::{DEFAULT_CA_CERT_LIFETIME, DEFAULT_MAX_CERT_LIFETIME},
         crd::{AutoTlsBackend, SecretClass, SecretClassSpec},

diff --git a/rust/operator-binary/src/csi_server/identity.rs b/rust/operator-binary/src/csi_server/identity.rs
@@ -1,11 +1,13 @@
+use std::collections::HashMap;
+
+use clap::crate_version;
+use tonic::{Request, Response, Status};
+
 use crate::grpc::csi::v1::{
     identity_server::Identity, plugin_capability, GetPluginCapabilitiesRequest,
     GetPluginCapabilitiesResponse, GetPluginInfoRequest, GetPluginInfoResponse, PluginCapability,
     ProbeRequest, ProbeResponse,
 };
-use clap::crate_version;
-use std::collections::HashMap;
-use tonic::{Request, Response, Status};
 
 pub struct SecretProvisionerIdentity;
 

diff --git a/rust/operator-binary/src/csi_server/node.rs b/rust/operator-binary/src/csi_server/node.rs
@@ -20,6 +20,7 @@ use tokio::{
 };
 use tonic::{Request, Response, Status};
 
+use super::controller::TOPOLOGY_NODE;
 use crate::{
     backend::{
         self, pod_info, pod_info::PodInfo, SecretBackendError, SecretContents, SecretVolumeSelector,
@@ -36,8 +37,6 @@ use crate::{
     utils::{error_full_message, FmtByteSlice},
 };
 
-use super::controller::TOPOLOGY_NODE;
-
 #[derive(Snafu, Debug)]
 #[snafu(module)]
 enum PublishError {

diff --git a/rust/operator-binary/src/format/convert.rs b/rust/operator-binary/src/format/convert.rs
@@ -7,12 +7,11 @@ use openssl::{
 };
 use snafu::{OptionExt, ResultExt, Snafu};
 
-use crate::format::utils::split_pem_certificates;
-
 use super::{
     well_known::{CompatibilityOptions, TlsPem, TlsPkcs12},
     SecretFormat, WellKnownSecretData,
 };
+use crate::format::utils::split_pem_certificates;
 
 pub fn convert(
     from: WellKnownSecretData,

diff --git a/rust/operator-binary/src/main.rs b/rust/operator-binary/src/main.rs
@@ -1,3 +1,5 @@
+use std::{os::unix::prelude::FileTypeExt, path::PathBuf};
+
 use anyhow::Context;
 use clap::{crate_description, crate_version, Parser};
 use csi_server::{
@@ -11,7 +13,6 @@ use grpc::csi::v1::{
 use stackable_operator::{
     logging::TracingTarget, utils::cluster_info::KubernetesClusterInfoOpts, CustomResourceExt,
 };
-use std::{os::unix::prelude::FileTypeExt, path::PathBuf};
 use tokio::signal::unix::{signal, SignalKind};
 use tokio_stream::wrappers::UnixListenerStream;
 use tonic::transport::Server;

diff --git a/rust/operator-binary/src/utils.rs b/rust/operator-binary/src/utils.rs
@@ -1,3 +1,4 @@
+use std::fmt::Write as _; // import without risk of name clashing
 use std::{
     fmt::{Debug, LowerHex},
     ops::{Deref, DerefMut},
@@ -10,7 +11,6 @@ use openssl::asn1::{Asn1Time, Asn1TimeRef, TimeDiff};
 use pin_project::pin_project;
 use snafu::{OptionExt as _, ResultExt as _, Snafu};
 use socket2::Socket;
-use std::fmt::Write as _; // import without risk of name clashing
 use time::OffsetDateTime;
 use tokio::{
     io::{AsyncRead, AsyncWrite},
@@ -207,9 +207,8 @@ mod tests {
     use openssl::asn1::Asn1Time;
     use time::OffsetDateTime;
 
-    use crate::utils::{error_full_message, trystream_any, FmtByteSlice};
-
     use super::{asn1time_to_offsetdatetime, iterator_try_concat_bytes};
+    use crate::utils::{error_full_message, trystream_any, FmtByteSlice};
 
     #[test]
     fn fmt_hex_byte_slice() {