chore: Bump stackable_operator to 0.93.1

Bump stackable-operator to 0.93.0 which versions common CRD structs.

Author: NickLarsenNZ

Cargo.lock

@@ -11,11 +11,11 @@ repository = "https://github.com/stackabletech/trino-operator"
 
 [workspace.dependencies]
 product-config = { git = "https://github.com/stackabletech/product-config.git", tag = "0.7.0" }
-stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", features = ["telemetry", "versioned"], tag = "stackable-operator-0.92.0" }
+stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", features = ["telemetry", "versioned"], tag = "stackable-operator-0.93.1" }
 
 anyhow = "1.0"
 async-trait = "0.1"
-built = { version = "0.7", features = ["chrono", "git2"] }
+built = { version = "0.8", features = ["chrono", "git2"] }
 clap = "4.5"
 const_format = "0.2"
 futures = { version = "0.3", features = ["compat"] }

Cargo.nix

@@ -34,7 +34,7 @@ spec:
                       items:
                         properties:
                           authenticationClass:
-                            description: Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.
+                            description: Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users
                             type: string
                           oidc:
                             description: This field contains OIDC-specific configuration. It is only required in case OIDC is used.
@@ -45,7 +45,7 @@ spec:
                                 type: string
                               extraScopes:
                                 default: []
-                                description: An optional list of extra scopes which get merged with the scopes defined in the [`AuthenticationClass`].
+                                description: An optional list of extra scopes which get merged with the scopes defined in the `AuthenticationClass`.
                                 items:
                                   type: string
                                 type: array

Cargo.toml

@@ -15,10 +15,8 @@ use stackable_operator::{
         self,
         pod::{PodBuilder, container::ContainerBuilder},
     },
-    commons::{
-        authentication::{AuthenticationClass, AuthenticationClassProvider},
-        product_image_selection::ResolvedProductImage,
-    },
+    commons::product_image_selection::ResolvedProductImage,
+    crd::authentication::core,
     k8s_openapi::api::core::v1::{Container, EnvVar, Volume, VolumeMount},
     kube::{ResourceExt, runtime::reflector::ObjectRef},
 };
@@ -49,7 +47,7 @@ pub enum Error {
     ))]
     AuthenticationClassProviderNotSupported {
         authentication_class_provider: String,
-        authentication_class: ObjectRef<AuthenticationClass>,
+        authentication_class: ObjectRef<core::v1alpha1::AuthenticationClass>,
     },
 
     #[snafu(display("Failed to format trino authentication java properties"))]
@@ -483,7 +481,7 @@ impl TryFrom<Vec<ResolvedAuthenticationClassRef>> for TrinoAuthenticationTypes {
         for resolved_auth_class in resolved_auth_classes {
             let auth_class_name = resolved_auth_class.authentication_class.name_any();
             match resolved_auth_class.authentication_class.spec.provider {
-                AuthenticationClassProvider::Static(provider) => {
+                core::v1alpha1::AuthenticationClassProvider::Static(provider) => {
                     password_authenticators.push(TrinoPasswordAuthenticator::File(
                         FileAuthenticator::new(auth_class_name, provider),
                     ));
@@ -493,7 +491,7 @@ impl TryFrom<Vec<ResolvedAuthenticationClassRef>> for TrinoAuthenticationTypes {
                         TrinoAuthenticationTypeDiscriminants::Password,
                     );
                 }
-                AuthenticationClassProvider::Ldap(provider) => {
+                core::v1alpha1::AuthenticationClassProvider::Ldap(provider) => {
                     password_authenticators.push(TrinoPasswordAuthenticator::Ldap(
                         LdapAuthenticator::new(auth_class_name, provider),
                     ));
@@ -503,7 +501,7 @@ impl TryFrom<Vec<ResolvedAuthenticationClassRef>> for TrinoAuthenticationTypes {
                         TrinoAuthenticationTypeDiscriminants::Password,
                     );
                 }
-                AuthenticationClassProvider::Oidc(provider) => {
+                core::v1alpha1::AuthenticationClassProvider::Oidc(provider) => {
                     let oidc = resolved_auth_class.client_auth_options.context(
                         OidcAuthenticationDetailsNotSpecifiedSnafu {
                             auth_class_name: auth_class_name.clone(),
@@ -527,9 +525,10 @@ impl TryFrom<Vec<ResolvedAuthenticationClassRef>> for TrinoAuthenticationTypes {
                         .spec
                         .provider
                         .to_string(),
-                    authentication_class: ObjectRef::<AuthenticationClass>::from_obj(
-                        &resolved_auth_class.authentication_class,
-                    ),
+                    authentication_class:
+                        ObjectRef::<core::v1alpha1::AuthenticationClass>::from_obj(
+                            &resolved_auth_class.authentication_class,
+                        ),
                 }
                 .fail()?,
             }
@@ -560,7 +559,7 @@ impl TryFrom<Vec<ResolvedAuthenticationClassRef>> for TrinoAuthenticationTypes {
 
 #[cfg(test)]
 mod tests {
-    use stackable_operator::commons::authentication::oidc::ClientAuthenticationOptions;
+    use stackable_operator::crd::authentication::oidc;
 
     use super::*;
     use crate::crd::RW_CONFIG_DIR_NAME;
@@ -660,7 +659,7 @@ mod tests {
                 deserializer,
             )
             .unwrap(),
-            client_auth_options: Some(ClientAuthenticationOptions {
+            client_auth_options: Some(oidc::v1alpha1::ClientAuthenticationOptions {
                 client_credentials_secret_ref: "my-oidc-secret".to_string(),
                 extra_scopes: Vec::new(),
                 product_specific_fields: (),

crate-hashes.json

@@ -2,7 +2,9 @@
 //!
 
 use snafu::{ResultExt, Snafu};
-use stackable_operator::commons::{authentication::oidc, tls_verification::TlsClientDetailsError};
+use stackable_operator::{
+    commons::tls_verification::TlsClientDetailsError, crd::authentication::oidc,
+};
 
 use crate::{
     authentication::TrinoAuthenticationConfig,
@@ -41,7 +43,7 @@ pub enum Error {
 
     #[snafu(display("Failed to create OAuth2 issuer endpoint url."))]
     FailedToCreateIssuerEndpointUrl {
-        source: stackable_operator::commons::authentication::oidc::Error,
+        source: stackable_operator::crd::authentication::oidc::v1alpha1::Error,
     },
 
     #[snafu(display("Trino does not support unverified TLS connections to OIDC"))]
@@ -59,15 +61,15 @@ pub struct TrinoOidcAuthentication {
 #[derive(Clone, Debug)]
 pub struct OidcAuthenticator {
     name: String,
-    oidc: oidc::AuthenticationProvider,
+    oidc: oidc::v1alpha1::AuthenticationProvider,
     client_credentials_secret: String,
     extra_scopes: Vec<String>,
 }
 
 impl OidcAuthenticator {
     pub fn new(
         name: String,
-        provider: oidc::AuthenticationProvider,
+        provider: oidc::v1alpha1::AuthenticationProvider,
         client_credentials_secret: String,
         extra_scopes: Vec<String>,
     ) -> Self {
@@ -112,14 +114,14 @@ impl TrinoOidcAuthentication {
         );
 
         let (client_id_env, client_secret_env) =
-            oidc::AuthenticationProvider::client_credentials_env_names(
+            oidc::v1alpha1::AuthenticationProvider::client_credentials_env_names(
                 &authenticator.client_credentials_secret,
             );
 
         oauth2_authentication_config.add_env_vars(
             TrinoRole::Coordinator,
             crate::crd::Container::Trino,
-            oidc::AuthenticationProvider::client_credentials_env_var_mounts(
+            oidc::v1alpha1::AuthenticationProvider::client_credentials_env_var_mounts(
                 authenticator.client_credentials_secret,
             ),
         );
@@ -240,7 +242,7 @@ mod tests {
         "#
         );
         let deserializer = serde_yaml::Deserializer::from_str(&input);
-        let oidc_auth_provider: oidc::AuthenticationProvider =
+        let oidc_auth_provider: oidc::v1alpha1::AuthenticationProvider =
             serde_yaml::with::singleton_map_recursive::deserialize(deserializer).unwrap();
 
         OidcAuthenticator::new(

deploy/helm/trino-operator/crds/crds.yaml

@@ -10,7 +10,8 @@ use stackable_operator::{
             volume::{VolumeBuilder, VolumeMountBuilder},
         },
     },
-    commons::{authentication::static_, product_image_selection::ResolvedProductImage},
+    commons::product_image_selection::ResolvedProductImage,
+    crd::authentication::r#static,
     k8s_openapi::api::core::v1::{Container, Volume, VolumeMount},
     product_logging::{self, spec::AutomaticContainerLogConfig},
     utils::COMMON_BASH_TRAP_FUNCTIONS,
@@ -37,11 +38,11 @@ pub enum Error {
 #[derive(Clone, Debug)]
 pub struct FileAuthenticator {
     name: String,
-    file: static_::AuthenticationProvider,
+    file: r#static::v1alpha1::AuthenticationProvider,
 }
 
 impl FileAuthenticator {
-    pub fn new(name: String, provider: static_::AuthenticationProvider) -> Self {
+    pub fn new(name: String, provider: r#static::v1alpha1::AuthenticationProvider) -> Self {
         Self {
             name,
             file: provider,
@@ -204,7 +205,7 @@ wait_for_termination $!
 
 #[cfg(test)]
 mod tests {
-    use stackable_operator::commons::authentication::static_::UserCredentialsSecretRef;
+    use stackable_operator::crd::authentication::r#static;
 
     use super::*;
 
@@ -214,8 +215,8 @@ mod tests {
     fn test_file_authenticator() {
         let authenticator = FileAuthenticator::new(
             AUTH_CLASS_NAME.to_string(),
-            static_::AuthenticationProvider {
-                user_credentials_secret: UserCredentialsSecretRef {
+            r#static::v1alpha1::AuthenticationProvider {
+                user_credentials_secret: r#static::v1alpha1::UserCredentialsSecretRef {
                     name: "user_credentials".to_string(),
                 },
             },

rust/operator-binary/src/authentication/mod.rs

@@ -2,7 +2,7 @@ use std::collections::BTreeMap;
 
 use snafu::{ResultExt, Snafu};
 use stackable_operator::{
-    commons::authentication::ldap,
+    crd::authentication::ldap,
     k8s_openapi::api::core::v1::{Volume, VolumeMount},
 };
 
@@ -27,23 +27,23 @@ pub enum Error {
 
     #[snafu(display("Failed to construct LDAP endpoint URL"))]
     LdapEndpoint {
-        source: stackable_operator::commons::authentication::ldap::Error,
+        source: stackable_operator::crd::authentication::ldap::v1alpha1::Error,
     },
 
     #[snafu(display("Failed to construct LDAP Volumes and VolumeMounts"))]
     LdapVolumeAndVolumeMounts {
-        source: stackable_operator::commons::authentication::ldap::Error,
+        source: stackable_operator::crd::authentication::ldap::v1alpha1::Error,
     },
 }
 
 #[derive(Clone, Debug)]
 pub struct LdapAuthenticator {
     name: String,
-    ldap: ldap::AuthenticationProvider,
+    ldap: ldap::v1alpha1::AuthenticationProvider,
 }
 
 impl LdapAuthenticator {
-    pub fn new(name: String, provider: ldap::AuthenticationProvider) -> Self {
+    pub fn new(name: String, provider: ldap::v1alpha1::AuthenticationProvider) -> Self {
         Self {
             name,
             ldap: provider,
@@ -161,8 +161,9 @@ mod tests {
     const LDAP_SEARCH_BASE: &str = "ou=users,dc=example,dc=org";
 
     fn setup_test_authenticator() -> LdapAuthenticator {
-        let auth_provider = serde_yaml::from_str::<ldap::AuthenticationProvider>(&format!(
-            r#"
+        let auth_provider =
+            serde_yaml::from_str::<ldap::v1alpha1::AuthenticationProvider>(&format!(
+                r#"
             hostname: {LDAP_HOST_NAME}
             searchBase: {LDAP_SEARCH_BASE}
             bindCredentials:
@@ -173,8 +174,8 @@ mod tests {
                   caCert:
                     secretClass: {TLS_SECRET_CLASS_NAME}
             "#
-        ))
-        .unwrap();
+            ))
+            .unwrap();
 
         LdapAuthenticator::new(AUTH_CLASS_NAME.to_string(), auth_provider)
     }

rust/operator-binary/src/authentication/oidc/mod.rs

@@ -203,9 +203,7 @@ impl TrinoPasswordAuthentication {
 
 #[cfg(test)]
 mod tests {
-    use stackable_operator::commons::authentication::{
-        ldap, static_, static_::UserCredentialsSecretRef,
-    };
+    use stackable_operator::crd::authentication::{ldap, r#static};
 
     use super::*;
 
@@ -214,8 +212,8 @@ mod tests {
     const LDAP_AUTH_CLASS_1: &str = "ldap-auth-1";
     const LDAP_AUTH_CLASS_2: &str = "ldap-auth-2";
 
-    fn ldap_provider() -> ldap::AuthenticationProvider {
-        serde_yaml::from_str::<ldap::AuthenticationProvider>(
+    fn ldap_provider() -> ldap::v1alpha1::AuthenticationProvider {
+        serde_yaml::from_str::<ldap::v1alpha1::AuthenticationProvider>(
             "
             hostname: my-ldap
             ",
@@ -227,16 +225,16 @@ mod tests {
         let authenticators = vec![
             TrinoPasswordAuthenticator::File(FileAuthenticator::new(
                 FILE_AUTH_CLASS_1.to_string(),
-                static_::AuthenticationProvider {
-                    user_credentials_secret: UserCredentialsSecretRef {
+                r#static::v1alpha1::AuthenticationProvider {
+                    user_credentials_secret: r#static::v1alpha1::UserCredentialsSecretRef {
                         name: FILE_AUTH_CLASS_1.to_string(),
                     },
                 },
             )),
             TrinoPasswordAuthenticator::File(FileAuthenticator::new(
                 FILE_AUTH_CLASS_2.to_string(),
-                static_::AuthenticationProvider {
-                    user_credentials_secret: UserCredentialsSecretRef {
+                r#static::v1alpha1::AuthenticationProvider {
+                    user_credentials_secret: r#static::v1alpha1::UserCredentialsSecretRef {
                         name: FILE_AUTH_CLASS_2.to_string(),
                     },
                 },
@@ -283,8 +281,8 @@ mod tests {
     fn test_password_authentication_config_files() {
         let file_auth_1 = FileAuthenticator::new(
             FILE_AUTH_CLASS_1.to_string(),
-            static_::AuthenticationProvider {
-                user_credentials_secret: UserCredentialsSecretRef {
+            r#static::v1alpha1::AuthenticationProvider {
+                user_credentials_secret: r#static::v1alpha1::UserCredentialsSecretRef {
                     name: FILE_AUTH_CLASS_1.to_string(),
                 },
             },

rust/operator-binary/src/authentication/password/file.rs

@@ -3,10 +3,8 @@ use snafu::{OptionExt, ResultExt, ensure};
 use stackable_operator::{
     builder::pod::volume::{VolumeBuilder, VolumeMountBuilder},
     client::Client,
-    commons::{
-        s3::{S3AccessStyle, S3ConnectionInlineOrReference},
-        tls_verification::{CaCert, TlsServerVerification, TlsVerification},
-    },
+    commons::tls_verification::{CaCert, TlsServerVerification, TlsVerification},
+    crd::s3,
     k8s_openapi::api::core::v1::ConfigMap,
 };
 
@@ -75,7 +73,7 @@ impl ExtendCatalogConfig for MetastoreConnection {
 }
 
 #[async_trait]
-impl ExtendCatalogConfig for S3ConnectionInlineOrReference {
+impl ExtendCatalogConfig for s3::v1alpha1::InlineConnectionOrReference {
     async fn extend_catalog_config(
         &self,
         catalog_config: &mut CatalogConfig,
@@ -117,7 +115,7 @@ impl ExtendCatalogConfig for S3ConnectionInlineOrReference {
         catalog_config.add_property(region_prop, &s3.region.name);
         catalog_config.add_property(
             path_style_prop,
-            (s3.access_style == S3AccessStyle::Path).to_string(),
+            (s3.access_style == s3::v1alpha1::S3AccessStyle::Path).to_string(),
         );
 
         if let Some((access_key, secret_key)) = s3.credentials_mount_paths() {