stackabletech
diff --git a/‎Cargo.lock
Lines changed: 275 additions & 45 deletions b/‎Cargo.lock
Lines changed: 275 additions & 45 deletions
diff --git a/‎Cargo.nix
Lines changed: 1150 additions & 211 deletions b/‎Cargo.nix
Lines changed: 1150 additions & 211 deletions
diff --git a/‎Cargo.toml
Lines changed: 2 additions & 3 deletions b/‎Cargo.toml
Lines changed: 2 additions & 3 deletions
diff --git a/‎crate-hashes.json
Lines changed: 3 additions & 0 deletions b/‎crate-hashes.json
Lines changed: 3 additions & 0 deletions
diff --git a/‎rust/crd/Cargo.toml
Lines changed: 0 additions & 22 deletions b/‎rust/crd/Cargo.toml
Lines changed: 0 additions & 22 deletions
diff --git a/‎rust/operator-binary/Cargo.toml
Lines changed: 4 additions & 3 deletions b/‎rust/operator-binary/Cargo.toml
Lines changed: 4 additions & 3 deletions
diff --git a/‎rust/operator-binary/src/authentication/mod.rs
Lines changed: 33 additions & 49 deletions b/‎rust/operator-binary/src/authentication/mod.rs
Lines changed: 33 additions & 49 deletions
diff --git a/‎rust/operator-binary/src/authentication/oidc/mod.rs
Lines changed: 10 additions & 7 deletions b/‎rust/operator-binary/src/authentication/oidc/mod.rs
Lines changed: 10 additions & 7 deletions
diff --git a/‎rust/operator-binary/src/authentication/password/file.rs
Lines changed: 5 additions & 6 deletions b/‎rust/operator-binary/src/authentication/password/file.rs
Lines changed: 5 additions & 6 deletions
@@ -1,5 +1,5 @@
 [workspace]
-members = ["rust/crd", "rust/operator-binary"]
+members = ["rust/operator-binary"]
 resolver = "2"
 
 [workspace.package]
@@ -18,14 +18,13 @@ const_format = "0.2"
 futures = { version = "0.3", features = ["compat"] }
 indoc = "2.0"
 openssl = "0.10"
-pin-project = "1.1"
 rstest = "0.24"
-semver = "1.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 serde_yaml = "0.9"
 snafu = "0.8"
 stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.85.0" }
+stackable-versioned = { git = "https://github.com/stackabletech/operator-rs.git", features = ["k8s"], tag = "stackable-versioned-0.5.0" }
 product-config = { git = "https://github.com/stackabletech/product-config.git", tag = "0.7.0" }
 strum = { version = "0.26", features = ["derive"] }
 tokio = { version = "1.40", features = ["full"] }
 
@@ -10,7 +10,6 @@ publish = false
 build = "build.rs"
 
 [dependencies]
-stackable-trino-crd = { path = "../crd" }
 
 anyhow.workspace = true
 async-trait.workspace = true
@@ -19,18 +18,20 @@ const_format.workspace = true
 futures.workspace = true
 indoc.workspace = true
 openssl.workspace = true
-pin-project.workspace = true
 product-config.workspace = true
-semver.workspace = true
 snafu.workspace = true
 stackable-operator.workspace = true
+stackable-versioned.workspace = true
 strum.workspace = true
 tokio.workspace = true
 tracing.workspace = true
 serde_yaml.workspace = true
+serde.workspace = true
+serde_json.workspace = true
 
 [dev-dependencies]
 rstest.workspace = true
+serde_yaml.workspace = true
 
 [build-dependencies]
 built.workspace = true
@@ -22,16 +22,18 @@ use stackable_operator::{
     k8s_openapi::api::core::v1::{Container, EnvVar, Volume, VolumeMount},
     kube::{runtime::reflector::ObjectRef, ResourceExt},
 };
-use stackable_trino_crd::{authentication::ResolvedAuthenticationClassRef, TrinoRole};
 use strum::EnumDiscriminants;
 use tracing::trace;
 
-use crate::authentication::{
-    oidc::{OidcAuthenticator, TrinoOidcAuthentication},
-    password::{
-        file::FileAuthenticator, ldap::LdapAuthenticator, TrinoPasswordAuthentication,
-        TrinoPasswordAuthenticator,
+use crate::{
+    authentication::{
+        oidc::{OidcAuthenticator, TrinoOidcAuthentication},
+        password::{
+            file::FileAuthenticator, ldap::LdapAuthenticator, TrinoPasswordAuthentication,
+            TrinoPasswordAuthenticator,
+        },
     },
+    crd::{authentication::ResolvedAuthenticationClassRef, TrinoRole},
 };
 
 pub(crate) mod oidc;
@@ -85,14 +87,14 @@ pub struct TrinoAuthenticationConfig {
     /// All extra config files required for authentication for each role.
     config_files: HashMap<TrinoRole, BTreeMap<String, String>>,
     /// Additional env variables for a certain role and container
-    env_vars: HashMap<TrinoRole, BTreeMap<stackable_trino_crd::Container, Vec<EnvVar>>>,
+    env_vars: HashMap<TrinoRole, BTreeMap<crate::crd::Container, Vec<EnvVar>>>,
     /// All extra container commands for a certain role and container
-    commands: HashMap<TrinoRole, BTreeMap<stackable_trino_crd::Container, Vec<String>>>,
+    commands: HashMap<TrinoRole, BTreeMap<crate::crd::Container, Vec<String>>>,
     /// Additional volumes like secret mounts, user file database etc.
     volumes: Vec<Volume>,
     /// Additional volume mounts for each role and container. Shared volumes have to be added
     /// manually in each container.
-    volume_mounts: HashMap<TrinoRole, BTreeMap<stackable_trino_crd::Container, Vec<VolumeMount>>>,
+    volume_mounts: HashMap<TrinoRole, BTreeMap<crate::crd::Container, Vec<VolumeMount>>>,
     /// Additional side car container for the provided role
     sidecar_containers: HashMap<TrinoRole, Vec<Container>>,
 }
@@ -157,29 +159,27 @@ impl TrinoAuthenticationConfig {
             .add_volumes(self.volumes())
             .context(AddVolumeSnafu)?;
 
-        let affected_containers = vec![
-            stackable_trino_crd::Container::Prepare,
-            stackable_trino_crd::Container::Trino,
-        ];
+        let affected_containers =
+            vec![crate::crd::Container::Prepare, crate::crd::Container::Trino];
 
         for container in &affected_containers {
             let volume_mounts = self.volume_mounts(role, container);
 
             match container {
-                stackable_trino_crd::Container::Prepare => {
+                crate::crd::Container::Prepare => {
                     prepare_builder
                         .add_volume_mounts(volume_mounts)
                         .context(AddVolumeMountSnafu)?;
                 }
-                stackable_trino_crd::Container::Trino => {
+                crate::crd::Container::Trino => {
                     trino_builder
                         .add_volume_mounts(volume_mounts)
                         .context(AddVolumeMountSnafu)?;
                 }
                 // handled internally
-                stackable_trino_crd::Container::PasswordFileUpdater => {}
+                crate::crd::Container::PasswordFileUpdater => {}
                 // nothing to do here
-                stackable_trino_crd::Container::Vector => {}
+                crate::crd::Container::Vector => {}
             }
         }
 
@@ -220,7 +220,7 @@ impl TrinoAuthenticationConfig {
     pub fn add_env_vars(
         &mut self,
         role: TrinoRole,
-        container: stackable_trino_crd::Container,
+        container: crate::crd::Container,
         env_var: Vec<EnvVar>,
     ) {
         self.env_vars
@@ -235,7 +235,7 @@ impl TrinoAuthenticationConfig {
     pub fn add_commands(
         &mut self,
         role: TrinoRole,
-        container: stackable_trino_crd::Container,
+        container: crate::crd::Container,
         commands: Vec<String>,
     ) {
         self.commands
@@ -265,7 +265,7 @@ impl TrinoAuthenticationConfig {
     pub fn add_volume_mount(
         &mut self,
         role: TrinoRole,
-        container: stackable_trino_crd::Container,
+        container: crate::crd::Container,
         volume_mount: VolumeMount,
     ) {
         let current_volume_mounts = self
@@ -288,7 +288,7 @@ impl TrinoAuthenticationConfig {
     pub fn add_volume_mounts(
         &mut self,
         role: TrinoRole,
-        container: stackable_trino_crd::Container,
+        container: crate::crd::Container,
         volume_mounts: Vec<VolumeMount>,
     ) {
         for volume_mount in volume_mounts {
@@ -319,11 +319,7 @@ impl TrinoAuthenticationConfig {
     }
 
     /// Retrieve additional env vars for a given role and container.
-    pub fn env_vars(
-        &self,
-        role: &TrinoRole,
-        container: &stackable_trino_crd::Container,
-    ) -> Vec<EnvVar> {
+    pub fn env_vars(&self, role: &TrinoRole, container: &crate::crd::Container) -> Vec<EnvVar> {
         self.env_vars
             .get(role)
             .cloned()
@@ -334,11 +330,7 @@ impl TrinoAuthenticationConfig {
     }
 
     /// Retrieve additional container commands for a given role and container.
-    pub fn commands(
-        &self,
-        role: &TrinoRole,
-        container: &stackable_trino_crd::Container,
-    ) -> Vec<String> {
+    pub fn commands(&self, role: &TrinoRole, container: &crate::crd::Container) -> Vec<String> {
         self.commands
             .get(role)
             .cloned()
@@ -357,7 +349,7 @@ impl TrinoAuthenticationConfig {
     pub fn volume_mounts(
         &self,
         role: &TrinoRole,
-        container: &stackable_trino_crd::Container,
+        container: &crate::crd::Container,
     ) -> Vec<VolumeMount> {
         if let Some(volume_mounts) = self.volume_mounts.get(role) {
             volume_mounts.get(container).cloned().unwrap_or_default()
@@ -565,9 +557,9 @@ impl TryFrom<Vec<ResolvedAuthenticationClassRef>> for TrinoAuthenticationTypes {
 #[cfg(test)]
 mod tests {
     use stackable_operator::commons::authentication::oidc::ClientAuthenticationOptions;
-    use stackable_trino_crd::RW_CONFIG_DIR_NAME;
 
     use super::*;
+    use crate::crd::RW_CONFIG_DIR_NAME;
 
     const OIDC_AUTH_CLASS_1: &str = "oidc-auth-1";
     const FILE_AUTH_CLASS_1: &str = "file-auth-1";
@@ -800,17 +792,15 @@ mod tests {
     fn test_trino_password_authenticator_volume_mounts() {
         // nothing for workers
         assert!(setup_authentication_config()
-            .volume_mounts(&TrinoRole::Worker, &stackable_trino_crd::Container::Trino,)
+            .volume_mounts(&TrinoRole::Worker, &crate::crd::Container::Trino,)
             .is_empty());
         assert!(setup_authentication_config()
-            .volume_mounts(&TrinoRole::Worker, &stackable_trino_crd::Container::Prepare,)
+            .volume_mounts(&TrinoRole::Worker, &crate::crd::Container::Prepare,)
             .is_empty());
 
         // coordinator - main container
-        let coordinator_main_mounts = setup_authentication_config().volume_mounts(
-            &TrinoRole::Coordinator,
-            &stackable_trino_crd::Container::Trino,
-        );
+        let coordinator_main_mounts = setup_authentication_config()
+            .volume_mounts(&TrinoRole::Coordinator, &crate::crd::Container::Trino);
 
         // we expect one user password db mount
         assert_eq!(coordinator_main_mounts.len(), 1);
@@ -828,30 +818,24 @@ mod tests {
 
         // nothing for workers
         assert!(auth_config
-            .commands(&TrinoRole::Worker, &stackable_trino_crd::Container::Trino)
+            .commands(&TrinoRole::Worker, &crate::crd::Container::Trino)
             .is_empty());
         assert!(auth_config_with_ldap_bind
-            .commands(&TrinoRole::Worker, &stackable_trino_crd::Container::Trino)
+            .commands(&TrinoRole::Worker, &crate::crd::Container::Trino)
             .is_empty());
 
         // we expect 0 entries because no bind credentials env export
         assert_eq!(
             auth_config
-                .commands(
-                    &TrinoRole::Coordinator,
-                    &stackable_trino_crd::Container::Trino
-                )
+                .commands(&TrinoRole::Coordinator, &crate::crd::Container::Trino)
                 .len(),
             0
         );
 
         // We expect 8 entries because of "set +x", "set -x" and 2x user:password bind credential env export
         assert_eq!(
             auth_config_with_ldap_bind
-                .commands(
-                    &TrinoRole::Coordinator,
-                    &stackable_trino_crd::Container::Trino
-                )
+                .commands(&TrinoRole::Coordinator, &crate::crd::Container::Trino)
                 .len(),
             8
         );
 
@@ -3,9 +3,12 @@
 
 use snafu::{ResultExt, Snafu};
 use stackable_operator::commons::{authentication::oidc, tls_verification::TlsClientDetailsError};
-use stackable_trino_crd::{TrinoRole, STACKABLE_CLIENT_TLS_DIR};
 
-use crate::{authentication::TrinoAuthenticationConfig, command};
+use crate::{
+    authentication::TrinoAuthenticationConfig,
+    command,
+    crd::{TrinoRole, STACKABLE_CLIENT_TLS_DIR},
+};
 
 // Trino properties
 const HTTP_SERVER_AUTHENTICATION_OAUTH2_CLIENT_ID: &str =
@@ -115,7 +118,7 @@ impl TrinoOidcAuthentication {
 
         oauth2_authentication_config.add_env_vars(
             TrinoRole::Coordinator,
-            stackable_trino_crd::Container::Trino,
+            crate::crd::Container::Trino,
             oidc::AuthenticationProvider::client_credentials_env_var_mounts(
                 authenticator.client_credentials_secret,
             ),
@@ -159,12 +162,12 @@ impl TrinoOidcAuthentication {
         oauth2_authentication_config.add_volumes(tls_volumes);
         oauth2_authentication_config.add_volume_mounts(
             TrinoRole::Coordinator,
-            stackable_trino_crd::Container::Prepare,
+            crate::crd::Container::Prepare,
             tls_mounts.clone(),
         );
         oauth2_authentication_config.add_volume_mounts(
             TrinoRole::Worker,
-            stackable_trino_crd::Container::Prepare,
+            crate::crd::Container::Prepare,
             tls_mounts,
         );
 
@@ -178,7 +181,7 @@ impl TrinoOidcAuthentication {
             if let Some(path) = authenticator.oidc.tls.tls_ca_cert_mount_path() {
                 oauth2_authentication_config.add_commands(
                     TrinoRole::Coordinator,
-                    stackable_trino_crd::Container::Prepare,
+                    crate::crd::Container::Prepare,
                     command::add_cert_to_truststore(&path, STACKABLE_CLIENT_TLS_DIR, "oidc-idp"),
                 );
             }
@@ -210,9 +213,9 @@ mod tests {
     use std::mem;
 
     use rstest::rstest;
-    use stackable_trino_crd::Container;
 
     use super::*;
+    use crate::crd::Container;
 
     const IDP_PORT: u16 = 8080;
     const IDP_SCOPE_1: &str = "openid";
 
@@ -116,17 +116,16 @@ pub fn build_password_file_update_container(
     resolved_product_image: &ResolvedProductImage,
     volume_mounts: Vec<VolumeMount>,
 ) -> Result<Container, Error> {
-    let mut cb_pw_file_updater =
-        ContainerBuilder::new(&stackable_trino_crd::Container::PasswordFileUpdater.to_string())
-            .expect(
-                "Invalid container name. This should not happen, as the container name is fixed",
-            );
+    let mut cb_pw_file_updater = ContainerBuilder::new(
+        &crate::crd::Container::PasswordFileUpdater.to_string(),
+    )
+    .expect("Invalid container name. This should not happen, as the container name is fixed");
 
     let mut commands = vec![];
 
     commands.push(product_logging::framework::capture_shell_output(
         STACKABLE_LOG_DIR,
-        &stackable_trino_crd::Container::PasswordFileUpdater.to_string(),
+        &crate::crd::Container::PasswordFileUpdater.to_string(),
         // we do not access any of the crd config options for this and just log it to file
         &AutomaticContainerLogConfig::default(),
     ));