From 4593cea549be99fa687fdb1f6945051a21e0cce3 Mon Sep 17 00:00:00 2001 From: Stacky McStackface Date: Thu, 19 Feb 2026 09:03:06 +0000 Subject: [PATCH] chore: Generated commit to update templated files since the last template run up to stackabletech/operator-templating@0fd2a1f7769df93202f555da3afa8723372b462e Reference-to: stackabletech/operator-templating@0fd2a1f (Rollout CRD versioning related changes and Nix fix) --- .gitignore | 1 + Makefile | 5 +++-- Tiltfile | 4 +--- deny.toml | 17 +++++++++++++++++ .../airflow-operator/templates/deployment.yaml | 1 + .../airflow-operator/templates/service.yaml | 1 + nix/sources.json | 6 +++--- shell.nix | 6 +++--- 8 files changed, 30 insertions(+), 11 deletions(-) diff --git a/.gitignore b/.gitignore index 2dbc7ab0..696bc411 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ result image.tar tilt_options.json +.values.yaml .direnv/ .direnvrc diff --git a/Makefile b/Makefile index ce18d570..32f2bcad 100644 --- a/Makefile +++ b/Makefile @@ -32,6 +32,7 @@ compile-chart: version crds config chart-clean: rm -rf "deploy/helm/${OPERATOR_NAME}/configs" + rm -rf "deploy/helm/${OPERATOR_NAME}/crds" version: cat "deploy/helm/${OPERATOR_NAME}/Chart.yaml" | yq ".version = \"${VERSION}\" | .appVersion = \"${VERSION}\"" > "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" @@ -43,8 +44,8 @@ config: cp -r deploy/config-spec/* "deploy/helm/${OPERATOR_NAME}/configs";\ fi -## N.B. diverges from templating for operators that have CRD-versioning -## implemented. @adwk67: Do *not* let this be overridden with templating! +# We generate a crds.yaml, so that the effect of code changes are visible. +# The operator will take care of the CRD rollout itself. crds: mkdir -p extra cargo run --bin stackable-"${OPERATOR_NAME}" -- crd > extra/crds.yaml diff --git a/Tiltfile b/Tiltfile index 20795ac3..53c3a8e4 100644 --- a/Tiltfile +++ b/Tiltfile @@ -30,8 +30,6 @@ helm_values = settings.get('helm_values', None) helm_override_image_repository = 'image.repository=' + registry + '/' + operator_name -# N.B. diverges from templating for operators that have CRD-versioning -# implemented. @adwk67: Do *not* let this be overridden with templating! k8s_yaml(helm( 'deploy/helm/' + operator_name, name=operator_name, @@ -40,4 +38,4 @@ k8s_yaml(helm( helm_override_image_repository, ], values=helm_values, -) ) +)) diff --git a/deny.toml b/deny.toml index d02a12f4..8ec7e452 100644 --- a/deny.toml +++ b/deny.toml @@ -24,6 +24,20 @@ ignore = [ # # https://github.com/RustCrypto/RSA/issues/19 is the tracking issue "RUSTSEC-2023-0071", + + # https://rustsec.org/advisories/RUSTSEC-2024-0436 + # The "paste" crate is no longer maintained because the owner states that the implementation is + # finished. There are at least two (forked) alternatives which state to be maintained. They'd + # need to be vetted before a potential switch. Additionally, they'd need to be in a maintained + # state for a couple of years to provide any benefit over using "paste". + # + # This crate is only used in a single place in the xtask package inside the declarative + # "write_crd" macro. The impact of vulnerabilities, if any, should be fairly minimal. + # + # See thread: https://users.rust-lang.org/t/paste-alternatives/126787/4 + # + # This can only be removed again if we decide to use a different crate. + "RUSTSEC-2024-0436", ] [bans] @@ -67,6 +81,9 @@ license-files = [ [sources] unknown-registry = "deny" unknown-git = "deny" +allow-git = [ + "https://github.com/kube-rs/kube-rs", +] [sources.allow-org] github = ["stackabletech"] diff --git a/deploy/helm/airflow-operator/templates/deployment.yaml b/deploy/helm/airflow-operator/templates/deployment.yaml index 2126c5f5..0f4d902e 100644 --- a/deploy/helm/airflow-operator/templates/deployment.yaml +++ b/deploy/helm/airflow-operator/templates/deployment.yaml @@ -81,6 +81,7 @@ spec: - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain | quote }} {{- end }} + {{- include "telemetry.envVars" . | nindent 12 }} {{- include "maintenance.envVars" . | nindent 12 }} volumes: diff --git a/deploy/helm/airflow-operator/templates/service.yaml b/deploy/helm/airflow-operator/templates/service.yaml index ac11bbcc..978f914d 100644 --- a/deploy/helm/airflow-operator/templates/service.yaml +++ b/deploy/helm/airflow-operator/templates/service.yaml @@ -1,3 +1,4 @@ + --- apiVersion: v1 kind: Service diff --git a/nix/sources.json b/nix/sources.json index dcfe59fa..f79c2cf0 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -29,10 +29,10 @@ "homepage": "", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5c46f3bd98147c8d82366df95bbef2cab3a967ea", - "sha256": "1q085irshssrpnryw9kixd0smc2c0rhqs20niklybaywpv2zlywx", + "rev": "a7fc11be66bdfb5cdde611ee5ce381c183da8386", + "sha256": "0h3gvjbrlkvxhbxpy01n603ixv0pjy19n9kf73rdkchdvqcn70j2", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5c46f3bd98147c8d82366df95bbef2cab3a967ea.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/a7fc11be66bdfb5cdde611ee5ce381c183da8386.tar.gz", "url_template": "https://github.com///archive/.tar.gz" } } diff --git a/shell.nix b/shell.nix index 7ef77f28..b6ee3afb 100644 --- a/shell.nix +++ b/shell.nix @@ -21,10 +21,10 @@ in pkgs.mkShell rec { ]; # derivation runtime dependencies - buildInputs = pkgs.lib.concatMap (crate: crate.buildInputs) cargoDependencySet; + buildInputs = pkgs.lib.unique (pkgs.lib.concatMap (crate: crate.buildInputs) cargoDependencySet); # build time dependencies - nativeBuildInputs = pkgs.lib.concatMap (crate: crate.nativeBuildInputs) cargoDependencySet ++ (with pkgs; [ + nativeBuildInputs = pkgs.lib.unique (pkgs.lib.concatMap (crate: crate.nativeBuildInputs) cargoDependencySet ++ (with pkgs; [ beku docker gettext # for the proper envsubst @@ -38,7 +38,7 @@ in pkgs.mkShell rec { # tilt already defined in default.nix which yq-go - ]); + ])); LIBCLANG_PATH = "${pkgs.libclang.lib}/lib"; BINDGEN_EXTRA_CLANG_ARGS = "-I${pkgs.glibc.dev}/include -I${pkgs.clang}/resource-root/include";