From 124d79fe24f35e79653ed9980b97e3d4d3a2fd15 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Fri, 31 Jan 2025 16:25:15 +0100 Subject: [PATCH 1/4] fix: Use native CA certificates --- Cargo.lock | 1 + Cargo.nix | 12 +++++++++--- Cargo.toml | 2 +- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1216edd0..076c629b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2500,6 +2500,7 @@ dependencies = [ "pin-project-lite", "quinn", "rustls", + "rustls-native-certs", "rustls-pemfile", "rustls-pki-types", "serde", diff --git a/Cargo.nix b/Cargo.nix index 4664c1f2..c6ffbb08 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -7885,6 +7885,12 @@ rec { target = { target, features }: (!("wasm32" == target."arch" or null)); features = [ "std" "tls12" ]; } + { + name = "rustls-native-certs"; + packageId = "rustls-native-certs"; + optional = true; + target = { target, features }: (!("wasm32" == target."arch" or null)); + } { name = "rustls-pemfile"; packageId = "rustls-pemfile"; @@ -8052,7 +8058,7 @@ rec { "stream" = [ "tokio/fs" "dep:tokio-util" "dep:wasm-streams" ]; "zstd" = [ "dep:async-compression" "async-compression?/zstd" "dep:tokio-util" ]; }; - resolvedDefaultFeatures = [ "__rustls" "__rustls-ring" "__tls" "blocking" "json" "rustls-tls" "rustls-tls-webpki-roots" ]; + resolvedDefaultFeatures = [ "__rustls" "__rustls-ring" "__tls" "blocking" "json" "rustls-tls" "rustls-tls-native-roots" "rustls-tls-webpki-roots" ]; }; "ring" = rec { crateName = "ring"; @@ -9672,7 +9678,7 @@ rec { name = "reqwest"; packageId = "reqwest"; usesDefaultFeatures = false; - features = [ "json" "rustls-tls" ]; + features = [ "json" "rustls-tls-native-roots" ]; } { name = "semver"; @@ -10126,7 +10132,7 @@ rec { name = "reqwest"; packageId = "reqwest"; usesDefaultFeatures = false; - features = [ "json" "rustls-tls" ]; + features = [ "json" "rustls-tls-native-roots" ]; } { name = "semver"; diff --git a/Cargo.toml b/Cargo.toml index 66b79cdb..56c0f77c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -38,7 +38,7 @@ phf = "0.11" phf_codegen = "0.11" rand = "0.8" regex = "1.10" -reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] } +reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls-native-roots"] } rstest = "0.22" semver = { version = "1.0", features = ["serde"] } serde = { version = "1.0", features = ["derive"] } From 96401fdf007e8956f346d1e2e8b0aae8d9a3e561 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Fri, 31 Jan 2025 16:27:35 +0100 Subject: [PATCH 2/4] chore(stackablectl): update changelog --- rust/stackablectl/CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/rust/stackablectl/CHANGELOG.md b/rust/stackablectl/CHANGELOG.md index d834f1a9..cca80b42 100644 --- a/rust/stackablectl/CHANGELOG.md +++ b/rust/stackablectl/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. ## [Unreleased] +### Fixes + +- Use `rustls-native-certs` so that `stackablectl` can be used in environments with internal PKI ([#xxx]). + +[#xxx]: https://github.com/stackabletech/stackable-cockpit/pull/xxx + ## [24.11.3] - 2025-01-27 ### Added From d2ff9e0a6b91f547bdb621b61cd6c124e34c63a0 Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Fri, 31 Jan 2025 16:43:51 +0100 Subject: [PATCH 3/4] chore: set pre-release version This is not usually done at this stage, but we want to produce a pre-release for testing, and it should not show the stable version. --- Cargo.lock | 2 +- Cargo.nix | 2 +- extra/man/stackablectl.1 | 4 ++-- rust/stackablectl/Cargo.toml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 076c629b..62cf7e2e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3135,7 +3135,7 @@ dependencies = [ [[package]] name = "stackablectl" -version = "24.11.3" +version = "24.11.4-native-certs" dependencies = [ "clap", "clap_complete", diff --git a/Cargo.nix b/Cargo.nix index c6ffbb08..df23dee6 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -10067,7 +10067,7 @@ rec { }; "stackablectl" = rec { crateName = "stackablectl"; - version = "24.11.3"; + version = "24.11.4-native-certs"; edition = "2021"; crateBin = [ { diff --git a/extra/man/stackablectl.1 b/extra/man/stackablectl.1 index aae68e97..c0b5e6ac 100644 --- a/extra/man/stackablectl.1 +++ b/extra/man/stackablectl.1 @@ -1,6 +1,6 @@ .ie \n(.g .ds Aq \(aq .el .ds Aq ' -.TH stackablectl 1 "stackablectl 24.11.3" +.TH stackablectl 1 "stackablectl 24.11.4-native-certs" .SH NAME stackablectl \- Command line tool to interact with the Stackable Data Platform .SH SYNOPSIS @@ -108,6 +108,6 @@ EXPERIMENTAL: Launch a debug container for a Pod stackablectl\-help(1) Print this message or the help of the given subcommand(s) .SH VERSION -v24.11.3 +v24.11.4\-native\-certs .SH AUTHORS Stackable GmbH diff --git a/rust/stackablectl/Cargo.toml b/rust/stackablectl/Cargo.toml index 3244a18c..2cf933e4 100644 --- a/rust/stackablectl/Cargo.toml +++ b/rust/stackablectl/Cargo.toml @@ -2,7 +2,7 @@ name = "stackablectl" description = "Command line tool to interact with the Stackable Data Platform" # See /Cargo.toml -version = "24.11.3" +version = "24.11.4-native-certs" authors.workspace = true license.workspace = true edition.workspace = true From cbfd3559ff4ff99f990c3e7f8a5c8ae03102c15b Mon Sep 17 00:00:00 2001 From: Nick Larsen Date: Mon, 3 Feb 2025 11:00:39 +0100 Subject: [PATCH 4/4] chore: Set PR number in the Changelog --- rust/stackablectl/CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust/stackablectl/CHANGELOG.md b/rust/stackablectl/CHANGELOG.md index cca80b42..fd8ee617 100644 --- a/rust/stackablectl/CHANGELOG.md +++ b/rust/stackablectl/CHANGELOG.md @@ -6,9 +6,9 @@ All notable changes to this project will be documented in this file. ### Fixes -- Use `rustls-native-certs` so that `stackablectl` can be used in environments with internal PKI ([#xxx]). +- Use `rustls-native-certs` so that `stackablectl` can be used in environments with internal PKI ([#351]). -[#xxx]: https://github.com/stackabletech/stackable-cockpit/pull/xxx +[#351]: https://github.com/stackabletech/stackable-cockpit/pull/351 ## [24.11.3] - 2025-01-27