fix(stackable-operator): Re-export versioned error types (#1025)

* fix(stackable-operator): Re-export versioned error types

* chore(stackable-operator): Adjust doc comments

* chore(stackable-operator): Add pub keyword

* chore(stackable-operator): Use re-exported macro

* chore(stackable-operator): Add changelog entry

Author: Techassi

crates/stackable-operator/CHANGELOG.md

@@ -12,7 +12,12 @@ All notable changes to this project will be documented in this file.
   - The `static` authentication provider must now be imported using `r#static`.
   - Import are now more granular in general.
 
+### Fixed
+
+- Re-export versioned CRD-specific error types ([#1025]).
+
 [#968]: https://github.com/stackabletech/operator-rs/pull/968
+[#1025]: https://github.com/stackabletech/operator-rs/pull/1025
 
 ## [0.92.0] - 2025-04-14
 

crates/stackable-operator/src/crd/authentication/core/mod.rs

@@ -1,15 +1,19 @@
 use kube::CustomResource;
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
-use stackable_versioned::versioned;
+
+use crate::versioned::versioned;
 
 mod v1alpha1_impl;
 
 #[versioned(version(name = "v1alpha1"))]
 pub mod versioned {
-    // This makes v1alpha1 versions of all authentication providers available to the
-    // AuthenticationClassProvider enum below.
-    mod v1alpha1 {
+    pub mod v1alpha1 {
+        // Re-export the v1alpha1-specific error type from the private impl module.
+        pub use v1alpha1_impl::Error;
+
+        // This makes v1alpha1 versions of all authentication providers available to the
+        // AuthenticationClassProvider enum below.
         use crate::crd::authentication::{kerberos, ldap, oidc, r#static, tls};
     }
     /// The Stackable Platform uses the AuthenticationClass as a central mechanism to handle user
@@ -79,18 +83,20 @@ pub mod versioned {
         Oidc(oidc::v1alpha1::AuthenticationProvider),
 
         /// The [TLS provider](DOCS_BASE_URL_PLACEHOLDER/concepts/authentication#_tls).
-        /// The TLS AuthenticationClass is used when users should authenticate themselves with a TLS certificate.
+        /// The TLS AuthenticationClass is used when users should authenticate themselves with a
+        /// TLS certificate.
         Tls(tls::v1alpha1::AuthenticationProvider),
 
         /// The [Kerberos provider](DOCS_BASE_URL_PLACEHOLDER/concepts/authentication#_kerberos).
-        /// The Kerberos AuthenticationClass is used when users should authenticate themselves via Kerberos.
+        /// The Kerberos AuthenticationClass is used when users should authenticate themselves via
+        /// Kerberos.
         Kerberos(kerberos::v1alpha1::AuthenticationProvider),
     }
 
-    /// Common [`v1alpha1::ClientAuthenticationDetails`] which is specified at the client/ product
-    /// cluster level. It provides a name (key) to resolve a particular [`AuthenticationClass`].
-    /// Additionally, it provides authentication provider specific configuration (OIDC and LDAP for
-    /// example).
+    /// Common client authentication details which is specified at the client/ product cluster level.
+    ///
+    /// It provides a name (key) to resolve a particular [`AuthenticationClass`]. Additionally, it
+    /// provides authentication provider specific configuration (OIDC and LDAP for example).
     ///
     /// If the product needs additional (product specific) authentication options, it is recommended
     /// to wrap this struct and use `#[serde(flatten)]` on the field.
@@ -123,19 +129,22 @@ pub mod versioned {
     pub struct ClientAuthenticationDetails<O = ()> {
         /// Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to
         /// authenticate users.
-        //
-        // To get the concrete [`AuthenticationClass`], we must resolve it. This resolution can be achieved by using
-        // [`ClientAuthenticationDetails::resolve_class`].
+        ///
+        /// To get the concrete [`AuthenticationClass`], we must resolve it. This resolution can be
+        /// achieved by using [`ClientAuthenticationDetails::resolve_class`].
         #[serde(rename = "authenticationClass")]
         authentication_class_ref: String,
 
-        /// This field contains OIDC-specific configuration. It is only required in case OIDC is used.
+        /// This field contains OIDC-specific configuration. It is only required in case OIDC is
+        /// used.
+        ///
+        /// Use [`ClientAuthenticationDetails::oidc_or_error`] to get the value or report an error
+        /// to the user.
         //
-        // Use [`ClientAuthenticationDetails::oidc_or_error`] to get the value or report an error to the user.
-        // TODO: Ideally we want this to be an enum once other `ClientAuthenticationOptions` are added, so
-        // that user can not configure multiple options at the same time (yes we are aware that this makes a
-        // changing the type of an AuthenticationClass harder).
-        // This is a non-breaking change though :)
+        // TODO: Ideally we want this to be an enum once other `ClientAuthenticationOptions` are
+        // added, so that user can not configure multiple options at the same time (yes we are aware
+        // that this makes a changing the type of an AuthenticationClass harder). This is a
+        // non-breaking change though :)
         oidc: Option<oidc::v1alpha1::ClientAuthenticationOptions<O>>,
     }
 }

crates/stackable-operator/src/crd/authentication/ldap/mod.rs

@@ -1,15 +1,22 @@
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
-use stackable_versioned::versioned;
 
-use crate::commons::{
-    networking::HostName, secret_class::SecretClassVolume, tls_verification::TlsClientDetails,
+use crate::{
+    commons::{
+        networking::HostName, secret_class::SecretClassVolume, tls_verification::TlsClientDetails,
+    },
+    versioned::versioned,
 };
 
 mod v1alpha1_impl;
 
 #[versioned(version(name = "v1alpha1"))]
 pub mod versioned {
+    pub mod v1alpha1 {
+        // Re-export the v1alpha1-specific error type from the private impl module.
+        pub use v1alpha1_impl::Error;
+    }
+
     #[derive(
         Clone, Debug, Deserialize, Eq, Hash, JsonSchema, Ord, PartialEq, PartialOrd, Serialize,
     )]

crates/stackable-operator/src/crd/authentication/ldap/v1alpha1_impl.rs

@@ -1,6 +1,6 @@
 use k8s_openapi::api::core::v1::{Volume, VolumeMount};
 use snafu::{ResultExt as _, Snafu};
-use url::{ParseError, Url};
+use url::Url;
 
 use crate::{
     builder::{
@@ -22,7 +22,7 @@ pub enum Error {
     BindCredentials { source: SecretClassVolumeError },
 
     #[snafu(display("failed to parse LDAP endpoint url"))]
-    ParseLdapEndpointUrl { source: ParseError },
+    ParseLdapEndpointUrl { source: url::ParseError },
 
     #[snafu(display("failed to add LDAP TLS client details volumes and volume mounts"))]
     AddLdapTlsClientDetailsVolumes { source: TlsClientDetailsError },

crates/stackable-operator/src/crd/authentication/oidc/mod.rs

@@ -1,10 +1,12 @@
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
-use stackable_versioned::versioned;
 #[cfg(doc)]
 use url::Url;
 
-use crate::commons::{networking::HostName, tls_verification::TlsClientDetails};
+use crate::{
+    commons::{networking::HostName, tls_verification::TlsClientDetails},
+    versioned::versioned,
+};
 
 mod v1alpha1_impl;
 
@@ -17,6 +19,11 @@ const DEFAULT_WELLKNOWN_OIDC_CONFIG_PATH: &str = "/.well-known/openid-configurat
 
 #[versioned(version(name = "v1alpha1"))]
 pub mod versioned {
+    pub mod v1alpha1 {
+        // Re-export the v1alpha1-specific error type from the private impl module.
+        pub use v1alpha1_impl::Error;
+    }
+
     /// This struct contains configuration values to configure an OpenID Connect
     /// (OIDC) authentication class. Required fields are the identity provider
     /// (IdP) `hostname` and the TLS configuration. The `port` is selected

crates/stackable-operator/src/crd/authentication/oidc/v1alpha1_impl.rs

@@ -18,7 +18,6 @@ use crate::{
 
 pub type Result<T, E = Error> = std::result::Result<T, E>;
 
-// TODO (@Techassi): Move this into mod.rs
 #[derive(Debug, PartialEq, Snafu)]
 pub enum Error {
     #[snafu(display("failed to parse OIDC endpoint url"))]

crates/stackable-operator/src/crd/s3/bucket/mod.rs

@@ -1,30 +1,17 @@
 use kube::CustomResource;
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
-use snafu::Snafu;
-use stackable_versioned::versioned;
 
-use crate::crd::s3::{ConnectionError, connection::v1alpha1 as conn_v1alpha1};
+use crate::{crd::s3::connection::v1alpha1 as conn_v1alpha1, versioned::versioned};
 
 mod v1alpha1_impl;
 
-// NOTE (@Techassi): Where should this error be placed? Technically errors can
-// change between version, because version-specific impl blocks might need
-// different variants or might use a completely different error type.
-#[derive(Debug, Snafu)]
-pub enum BucketError {
-    #[snafu(display("failed to retrieve S3 connection '{s3_connection}'"))]
-    RetrieveS3Connection {
-        source: crate::client::Error,
-        s3_connection: String,
-    },
-
-    #[snafu(display("failed to resolve S3 connection"))]
-    ResolveConnection { source: ConnectionError },
-}
-
 #[versioned(version(name = "v1alpha1"))]
 pub mod versioned {
+    pub mod v1alpha1 {
+        pub use v1alpha1_impl::BucketError;
+    }
+
     /// S3 bucket specification containing the bucket name and an inlined or referenced connection specification.
     /// Learn more on the [S3 concept documentation](DOCS_BASE_URL_PLACEHOLDER/concepts/s3).
     #[versioned(k8s(

crates/stackable-operator/src/crd/s3/bucket/v1alpha1_impl.rs

@@ -1,15 +1,27 @@
 //! v1alpha1 specific implementations for S3 buckets.
 
-use snafu::ResultExt as _;
+use snafu::{ResultExt as _, Snafu};
 
 use crate::{
     client::Client,
-    crd::s3::bucket::{
-        BucketError, ResolveConnectionSnafu, RetrieveS3ConnectionSnafu,
-        v1alpha1::{InlineBucketOrReference, ResolvedBucket, S3Bucket},
+    crd::s3::{
+        bucket::v1alpha1::{InlineBucketOrReference, ResolvedBucket, S3Bucket},
+        connection::v1alpha1::ConnectionError,
     },
 };
 
+#[derive(Debug, Snafu)]
+pub enum BucketError {
+    #[snafu(display("failed to retrieve S3 connection '{s3_connection}'"))]
+    RetrieveS3Connection {
+        source: crate::client::Error,
+        s3_connection: String,
+    },
+
+    #[snafu(display("failed to resolve S3 connection"))]
+    ResolveConnection { source: ConnectionError },
+}
+
 impl InlineBucketOrReference {
     pub async fn resolve(
         self,