diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 22968241..203c2083 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ env: CARGO_TERM_COLOR: always CARGO_INCREMENTAL: '0' CARGO_PROFILE_DEV_DEBUG: '0' - RUST_TOOLCHAIN_VERSION: "1.80.0" + RUST_TOOLCHAIN_VERSION: "1.80.1" RUSTFLAGS: "-D warnings" RUSTDOCFLAGS: "-D warnings" RUST_LOG: "info" @@ -49,7 +49,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 @@ -118,7 +118,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: EmbarkStudios/cargo-deny-action@3f4a782664881cf5725d0ffd23969fcce89fd868 # v1.6.3 + - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 # v2.0.1 with: command: check ${{ matrix.checks }} @@ -129,7 +129,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} components: rustfmt @@ -147,7 +147,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} components: clippy @@ -182,7 +182,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} components: rustfmt @@ -204,7 +204,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 @@ -224,7 +224,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.12' - name: Install jinja2-cli @@ -267,7 +267,7 @@ jobs: with: version: v3.13.3 - name: Set up cargo - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 @@ -331,8 +331,8 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - - uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26 - - uses: dtolnay/rust-toolchain@d8352f6b1d2e870bc5716e7a6d9b65c4cc244a1a + - uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a with: toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} components: rustfmt @@ -351,9 +351,9 @@ jobs: # default value in the makefile if called from this action, but not otherwise (i.e. when called locally). # This is needed for the HELM_REPO variable. - name: Install cosign - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 - name: Install syft - uses: anchore/sbom-action/download-syft@e8d2a6937ecead383dfe75190d104edd1f9c5751 # v0.16.0 + uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2 - name: Build Docker image and Helm chart run: | # Installing helm and yq on ubicloud-standard-8-arm only @@ -396,7 +396,7 @@ jobs: OCI_REGISTRY_SDP_CHARTS_USERNAME: "robot$sdp-charts+github-action-build" steps: - name: Install cosign - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: diff --git a/.github/workflows/pr_pre-commit.yaml b/.github/workflows/pr_pre-commit.yaml index c4be523c..c7df5b40 100644 --- a/.github/workflows/pr_pre-commit.yaml +++ b/.github/workflows/pr_pre-commit.yaml @@ -4,14 +4,41 @@ name: pre-commit on: pull_request: +env: + CARGO_TERM_COLOR: always + RUST_TOOLCHAIN_VERSION: "1.80.1" + HADOLINT_VERSION: "v2.12.0" + jobs: pre-commit: runs-on: ubuntu-latest steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + with: + fetch-depth: 0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.12' + - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a + with: + toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} + components: rustfmt,clippy + - name: Setup Hadolint + shell: bash + run: | + set -euo pipefail + + LOCATION_DIR="$HOME/.local/bin" + LOCATION_BIN="$LOCATION_DIR/hadolint" + + SYSTEM=$(uname -s) + ARCH=$(uname -m) + + mkdir -p "$LOCATION_DIR" + curl -sL -o "${LOCATION_BIN}" "https://github.com/hadolint/hadolint/releases/download/${{ env.HADOLINT_VERSION }}/hadolint-$SYSTEM-$ARCH" + chmod 700 "${LOCATION_BIN}" + + echo "$LOCATION_DIR" >> "$GITHUB_PATH" - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 with: - extra_args: "" # Disable --all-files until we have time to fix druid/stackable/bin/run-druid + extra_args: "--from-ref ${{ github.event.pull_request.base.sha }} --to-ref ${{ github.event.pull_request.head.sha }}" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9ededdf9..4b1c512f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,11 +1,12 @@ --- exclude: ^(Cargo\.nix|crate-hashes\.json|nix/.*)$ -# See https://pre-commit.com for more information -# See https://pre-commit.com/hooks.html for more hooks +default_language_version: + node: system + repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.6.0 + rev: 2c9f875913ee60ca25ce70243dc24d5b6415598c # 4.6.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -14,7 +15,7 @@ repos: - id: detect-private-key - repo: https://github.com/doublify/pre-commit-rust - rev: v1.0 + rev: eeee35a89e69d5772bdee97db1a6a898467b686e # 1.0 hooks: - id: fmt args: ["--all", "--", "--check"] @@ -22,19 +23,19 @@ repos: args: ["--all-targets", "--", "-D", "warnings"] - repo: https://github.com/adrienverge/yamllint - rev: v1.35.1 + rev: 81e9f98ffd059efe8aa9c1b1a42e5cce61b640c6 # 1.35.1 hooks: - id: yamllint - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.40.0 + rev: f295829140d25717bc79368d3f966fc1f67a824f # 0.41.0 hooks: - id: markdownlint types: [text] files: \.md(\.j2)*$ - repo: https://github.com/koalaman/shellcheck-precommit - rev: v0.10.0 + rev: 2491238703a5d3415bb2b7ff11388bf775372f29 # 0.10.0 hooks: - id: shellcheck args: ["--severity=info"] @@ -43,13 +44,23 @@ repos: # If you do not, you will need to delete the cached ruff binary shown in the # error message - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.5.1 + rev: f1ebc5730d98440041cc43e4d69829ad598ae1e7 # 0.6.3 hooks: # Run the linter. - id: ruff # Run the formatter. - id: ruff-format + - repo: https://github.com/rhysd/actionlint + rev: 62dc61a45fc95efe8c800af7a557ab0b9165d63b # 1.7.1 + hooks: + - id: actionlint + + - repo: https://github.com/hadolint/hadolint + rev: b3555ba9c2bfd9401e79f2f0da68dd1ae38e10c7 # 2.12.0 + hooks: + - id: hadolint + - repo: local hooks: - id: regenerate-charts diff --git a/.vscode/launch.json b/.vscode/launch.json new file mode 100644 index 00000000..e2a19cfd --- /dev/null +++ b/.vscode/launch.json @@ -0,0 +1,19 @@ +{ + "version": "0.2.0", + "configurations": [ + { + "type": "lldb", + "request": "launch", + "name": "Debug operator binary", + "cargo": { + "args": ["build"], + "filter": { + "name": "stackable-{[ operator.name }]", + "kind": "bin" + } + }, + "args": ["run"], + "cwd": "${workspaceFolder}" + } + ] +} diff --git a/Cargo.nix b/Cargo.nix index 1ec46531..aa0ba54d 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -6523,13 +6523,13 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.73.0"; + version = "0.74.0"; edition = "2021"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "4d98a29b08a7d959e5e287f774cf064c02ffbd62"; - sha256 = "0cmfbc3v9kklsfkqbnhwig45106gfizhmlmg9p1qgdjp8az43l9m"; + rev = "c77a5423b66bc1667b63af7d8bec00de88a5303f"; + sha256 = "1g1a0v98wlcb36ibwv1nv75g3b3s1mjmaps443fc2w2maam94lya"; }; libName = "stackable_operator"; authors = [ @@ -6586,10 +6586,6 @@ rec { usesDefaultFeatures = false; features = [ "client" "jsonpatch" "runtime" "derive" "rustls-tls" ]; } - { - name = "lazy_static"; - packageId = "lazy_static"; - } { name = "opentelemetry-jaeger"; packageId = "opentelemetry-jaeger"; @@ -6682,8 +6678,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "4d98a29b08a7d959e5e287f774cf064c02ffbd62"; - sha256 = "0cmfbc3v9kklsfkqbnhwig45106gfizhmlmg9p1qgdjp8az43l9m"; + rev = "c77a5423b66bc1667b63af7d8bec00de88a5303f"; + sha256 = "1g1a0v98wlcb36ibwv1nv75g3b3s1mjmaps443fc2w2maam94lya"; }; procMacro = true; libName = "stackable_operator_derive"; diff --git a/crate-hashes.json b/crate-hashes.json index ddd91d81..8725a492 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -1,5 +1,5 @@ { - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.73.0#stackable-operator-derive@0.3.1": "0cmfbc3v9kklsfkqbnhwig45106gfizhmlmg9p1qgdjp8az43l9m", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.73.0#stackable-operator@0.73.0": "0cmfbc3v9kklsfkqbnhwig45106gfizhmlmg9p1qgdjp8az43l9m", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.74.0#stackable-operator-derive@0.3.1": "1g1a0v98wlcb36ibwv1nv75g3b3s1mjmaps443fc2w2maam94lya", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.74.0#stackable-operator@0.74.0": "1g1a0v98wlcb36ibwv1nv75g3b3s1mjmaps443fc2w2maam94lya", "git+https://github.com/stackabletech/product-config.git?tag=0.7.0#product-config@0.7.0": "0gjsm80g6r75pm3824dcyiz4ysq1ka4c1if6k1mjm9cnd5ym0gny" } \ No newline at end of file diff --git a/deny.toml b/deny.toml index 26e7cb74..ba73fa96 100644 --- a/deny.toml +++ b/deny.toml @@ -1,3 +1,4 @@ +[graph] targets = [ { triple = "x86_64-unknown-linux-gnu" }, { triple = "aarch64-unknown-linux-gnu" }, @@ -7,20 +8,13 @@ targets = [ ] [advisories] -vulnerability = "warn" -unmaintained = "allow" -unsound = "warn" -yanked = "warn" -notice = "warn" +yanked = "deny" [bans] multiple-versions = "allow" [licenses] -unlicensed = "deny" -copyleft = "deny" -allow-osi-fsf-free = "neither" -default = "deny" +unused-allowed-license = "allow" confidence-threshold = 1.0 allow = [ "Apache-2.0", diff --git a/renovate.json b/renovate.json index 73ef3bff..de754167 100644 --- a/renovate.json +++ b/renovate.json @@ -3,5 +3,5 @@ "extends": [ "local>stackabletech/.github:renovate-config" ], - "ignorePaths": [".github/workflows/build.yml", ".github/workflows/general_daily_security.yml", ".github/workflows/pr_pre-commit.yaml", ".github/workflows/pr_reviewdog.yaml"] + "ignorePaths": [".github/workflows/build.yml", ".github/workflows/general_daily_security.yml", ".github/workflows/pr_pre-commit.yaml"] } diff --git a/rust-toolchain.toml b/rust-toolchain.toml index c0731f2e..23142f76 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ # DO NOT EDIT, this file is generated by operator-templating [toolchain] -channel = "1.80.0" +channel = "1.80.1"