From 7f077aa634f9b71895377e275223db8a3d25af80 Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Fri, 22 Nov 2024 16:15:25 +0100 Subject: [PATCH 1/4] Patch op-rs version to use one that fixes SUP-148. --- Cargo.lock | 8 ++++---- Cargo.toml | 5 ++++- rust/operator-binary/src/kafka_controller.rs | 10 +++++----- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 018ffe06..5ebfa665 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2201,8 +2201,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.80.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#6fbe32300b60f95e0baa2ab0ff2daf961b06531c" +version = "0.81.0" +source = "git+https://github.com/stackabletech//operator-rs.git?branch=fix%2FSUP-148#c219c2a0fd63ffac17738f9c869239f5772681cf" dependencies = [ "chrono", "clap", @@ -2240,7 +2240,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#6fbe32300b60f95e0baa2ab0ff2daf961b06531c" +source = "git+https://github.com/stackabletech//operator-rs.git?branch=fix%2FSUP-148#c219c2a0fd63ffac17738f9c869239f5772681cf" dependencies = [ "darling", "proc-macro2", @@ -2251,7 +2251,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.0.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#6fbe32300b60f95e0baa2ab0ff2daf961b06531c" +source = "git+https://github.com/stackabletech//operator-rs.git?branch=fix%2FSUP-148#c219c2a0fd63ffac17738f9c869239f5772681cf" dependencies = [ "kube", "semver", diff --git a/Cargo.toml b/Cargo.toml index a3461d23..3a31b22e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,11 +22,14 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" serde_yaml = "0.9" snafu = "0.8" -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.80.0" } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.78.0" } strum = { version = "0.26", features = ["derive"] } tokio = { version = "1.40", features = ["full"] } tracing = "0.1" +[patch."https://github.com/stackabletech/operator-rs.git"] +stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "fix/SUP-148" } + # [patch."https://github.com/stackabletech/operator-rs.git"] # stackable-operator = { path = "../operator-rs/crates/stackable-operator" } # stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "main" } diff --git a/rust/operator-binary/src/kafka_controller.rs b/rust/operator-binary/src/kafka_controller.rs index 9d1a933f..3020d6af 100644 --- a/rust/operator-binary/src/kafka_controller.rs +++ b/rust/operator-binary/src/kafka_controller.rs @@ -48,7 +48,7 @@ use stackable_operator::{ core::v1::{ ConfigMap, ConfigMapKeySelector, ConfigMapVolumeSource, ContainerPort, EnvVar, EnvVarSource, ExecAction, ObjectFieldSelector, PodSpec, Probe, Service, - ServiceSpec, Volume, + ServiceAccount, ServiceSpec, Volume, }, }, apimachinery::pkg::apis::meta::v1::LabelSelector, @@ -524,7 +524,7 @@ pub async fn reconcile_kafka( .context(BuildRbacResourcesSnafu)?; let rbac_sa = cluster_resources - .add(client, rbac_sa) + .add(client, rbac_sa.clone()) .await .context(ApplyServiceAccountSnafu)?; cluster_resources @@ -561,7 +561,7 @@ pub async fn reconcile_kafka( opa_connect.as_deref(), &kafka_security, &merged_config, - &rbac_sa.name_any(), + &rbac_sa, &client.kubernetes_cluster_info, )?; let rg_bootstrap_listener = build_broker_rolegroup_bootstrap_listener( @@ -824,7 +824,7 @@ fn build_broker_rolegroup_statefulset( opa_connect_string: Option<&str>, kafka_security: &KafkaTlsSecurity, merged_config: &KafkaConfig, - sa_name: &str, + service_account: &ServiceAccount, cluster_info: &KubernetesClusterInfo, ) -> Result { let role = kafka.role(kafka_role).context(InternalOperatorSnafu)?; @@ -1096,7 +1096,7 @@ fn build_broker_rolegroup_statefulset( )), ) .context(AddVolumeSnafu)? - .service_account_name(sa_name) + .service_account_name(service_account.name_any()) .security_context( PodSecurityContextBuilder::new() .run_as_user(KAFKA_UID) From 1d161a2abf7e463bf5c959f4312fafb17649210b Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Fri, 22 Nov 2024 16:18:22 +0100 Subject: [PATCH 2/4] fix cargo --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 3a31b22e..5e26c171 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,7 +22,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" serde_yaml = "0.9" snafu = "0.8" -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.78.0" } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.80.0" } strum = { version = "0.26", features = ["derive"] } tokio = { version = "1.40", features = ["full"] } tracing = "0.1" From 84f0690f5e461d07319c205b50443f8c4f5280b1 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Sat, 23 Nov 2024 14:07:17 +0100 Subject: [PATCH 3/4] Upgrade stackable-operator to version 0.82.0 --- Cargo.lock | 8 ++++---- Cargo.nix | 14 +++++++------- Cargo.toml | 5 +---- crate-hashes.json | 6 +++--- 4 files changed, 15 insertions(+), 18 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 5ebfa665..7504a98f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2201,8 +2201,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.81.0" -source = "git+https://github.com/stackabletech//operator-rs.git?branch=fix%2FSUP-148#c219c2a0fd63ffac17738f9c869239f5772681cf" +version = "0.82.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.82.0#415bbd031bd52e9c0c5392060235030e9930b46b" dependencies = [ "chrono", "clap", @@ -2240,7 +2240,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech//operator-rs.git?branch=fix%2FSUP-148#c219c2a0fd63ffac17738f9c869239f5772681cf" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.82.0#415bbd031bd52e9c0c5392060235030e9930b46b" dependencies = [ "darling", "proc-macro2", @@ -2251,7 +2251,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.0.1" -source = "git+https://github.com/stackabletech//operator-rs.git?branch=fix%2FSUP-148#c219c2a0fd63ffac17738f9c869239f5772681cf" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.82.0#415bbd031bd52e9c0c5392060235030e9930b46b" dependencies = [ "kube", "semver", diff --git a/Cargo.nix b/Cargo.nix index 9ea1da33..c5fa55c1 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -6799,13 +6799,13 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.80.0"; + version = "0.82.0"; edition = "2021"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "6fbe32300b60f95e0baa2ab0ff2daf961b06531c"; - sha256 = "16jrq3wdwz63210jgmqbx3snrr15wxw6l1smqhzv7b7jpq8qvya3"; + rev = "415bbd031bd52e9c0c5392060235030e9930b46b"; + sha256 = "0phasjwb64rxgn5hs8vks92icmx9255bd5v9dms280clrfpcg4hy"; }; libName = "stackable_operator"; authors = [ @@ -6962,8 +6962,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "6fbe32300b60f95e0baa2ab0ff2daf961b06531c"; - sha256 = "16jrq3wdwz63210jgmqbx3snrr15wxw6l1smqhzv7b7jpq8qvya3"; + rev = "415bbd031bd52e9c0c5392060235030e9930b46b"; + sha256 = "0phasjwb64rxgn5hs8vks92icmx9255bd5v9dms280clrfpcg4hy"; }; procMacro = true; libName = "stackable_operator_derive"; @@ -6997,8 +6997,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "6fbe32300b60f95e0baa2ab0ff2daf961b06531c"; - sha256 = "16jrq3wdwz63210jgmqbx3snrr15wxw6l1smqhzv7b7jpq8qvya3"; + rev = "415bbd031bd52e9c0c5392060235030e9930b46b"; + sha256 = "0phasjwb64rxgn5hs8vks92icmx9255bd5v9dms280clrfpcg4hy"; }; libName = "stackable_shared"; authors = [ diff --git a/Cargo.toml b/Cargo.toml index 5e26c171..01eed416 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,14 +22,11 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" serde_yaml = "0.9" snafu = "0.8" -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.80.0" } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.82.0" } strum = { version = "0.26", features = ["derive"] } tokio = { version = "1.40", features = ["full"] } tracing = "0.1" -[patch."https://github.com/stackabletech/operator-rs.git"] -stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "fix/SUP-148" } - # [patch."https://github.com/stackabletech/operator-rs.git"] # stackable-operator = { path = "../operator-rs/crates/stackable-operator" } # stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "main" } diff --git a/crate-hashes.json b/crate-hashes.json index 562fb18b..0ca37e6e 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -1,6 +1,6 @@ { - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#stackable-operator-derive@0.3.1": "16jrq3wdwz63210jgmqbx3snrr15wxw6l1smqhzv7b7jpq8qvya3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#stackable-operator@0.80.0": "16jrq3wdwz63210jgmqbx3snrr15wxw6l1smqhzv7b7jpq8qvya3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#stackable-shared@0.0.1": "16jrq3wdwz63210jgmqbx3snrr15wxw6l1smqhzv7b7jpq8qvya3", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.82.0#stackable-operator-derive@0.3.1": "0phasjwb64rxgn5hs8vks92icmx9255bd5v9dms280clrfpcg4hy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.82.0#stackable-operator@0.82.0": "0phasjwb64rxgn5hs8vks92icmx9255bd5v9dms280clrfpcg4hy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.82.0#stackable-shared@0.0.1": "0phasjwb64rxgn5hs8vks92icmx9255bd5v9dms280clrfpcg4hy", "git+https://github.com/stackabletech/product-config.git?tag=0.7.0#product-config@0.7.0": "0gjsm80g6r75pm3824dcyiz4ysq1ka4c1if6k1mjm9cnd5ym0gny" } \ No newline at end of file From a679c3ff8cb96364469d8b0c5ec51e446502667a Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Sat, 23 Nov 2024 14:09:15 +0100 Subject: [PATCH 4/4] Update changelog --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fc6667c8..d1cb4cc5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,6 +29,9 @@ All notable changes to this project will be documented in this file. certificates used by Kafka. This allows you to access Kafka brokers secured using TLS via the global bootstrap service ([#741]). - An invalid `KafkaCluster` doesn't cause the operator to stop functioning ([#773]). +- BREAKING: Use distinct ServiceAccounts for the Stacklets, so that multiple Stacklets can be + deployed in one namespace. Existing Stacklets will use the newly created ServiceAccounts after + restart ([#793]). ### Removed @@ -41,6 +44,7 @@ All notable changes to this project will be documented in this file. [#762]: https://github.com/stackabletech/kafka-operator/pull/762 [#771]: https://github.com/stackabletech/kafka-operator/pull/771 [#773]: https://github.com/stackabletech/kafka-operator/pull/773 +[#793]: https://github.com/stackabletech/kafka-operator/pull/793 ## [24.7.0] - 2024-07-24