From ca4a07461dbcd8bf291534f1a3b068dc649ac9fe Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Mon, 27 Apr 2026 14:58:38 +0200 Subject: [PATCH 01/17] chore: Upgrade stackable-operator to 0.110.1 --- CHANGELOG.md | 4 + Cargo.lock | 76 ++++++----- Cargo.nix | 127 +++++++++--------- Cargo.toml | 2 +- crate-hashes.json | 23 ++-- extra/crds.yaml | 50 ++++--- rust/operator-binary/src/controller.rs | 14 +- rust/operator-binary/src/controller/build.rs | 7 +- .../src/controller/build/node_config.rs | 26 ++-- .../src/controller/build/role_builder.rs | 7 +- .../controller/build/role_group_builder.rs | 36 +++-- .../src/controller/preprocess.rs | 40 +++--- .../src/controller/validate.rs | 95 ++++++------- rust/operator-binary/src/crd/mod.rs | 29 +++- rust/operator-binary/src/framework.rs | 1 + .../src/framework/builder/pod/container.rs | 9 ++ .../src/framework/config_overrides.rs | 12 ++ .../src/framework/kvp/label.rs | 2 +- .../framework/product_logging/framework.rs | 2 +- .../src/framework/role_utils.rs | 101 ++++++-------- rust/operator-binary/src/main.rs | 4 +- tests/templates/kuttl/smoke/10-assert.yaml.j2 | 2 + 22 files changed, 352 insertions(+), 317 deletions(-) create mode 100644 rust/operator-binary/src/framework/config_overrides.rs diff --git a/CHANGELOG.md b/CHANGELOG.md index da7495e..2a65fd5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,9 +11,13 @@ All notable changes to this project will be documented in this file. ### Changed - Document Helm deployed RBAC permissions and remove unnecessary permissions ([#129]). +- BREAKING: `configOverrides` now only accepts the known config file `opensearch.yml`. + Previously, arbitrary file names were silently accepted and ignored ([#137]). +- Bump `stackable-operator` to 0.110.1 ([#137]). [#129]: https://github.com/stackabletech/opensearch-operator/pull/129 [#130]: https://github.com/stackabletech/opensearch-operator/pull/130 +[#137]: https://github.com/stackabletech/opensearch-operator/pull/137 ## [26.3.0] - 2026-03-16 diff --git a/Cargo.lock b/Cargo.lock index 1243c7c..fd0d894 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1129,6 +1129,12 @@ version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" +[[package]] +name = "humantime" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" + [[package]] name = "hyper" version = "1.8.1" @@ -1517,17 +1523,18 @@ dependencies = [ [[package]] name = "k8s-version" version = "0.1.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "darling", "regex", - "snafu 0.8.9", + "snafu 0.9.0", ] [[package]] name = "kube" -version = "3.0.1" -source = "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acc5a6a69da2975ed9925d56b5dcfc9cc739b66f37add06785b7c9f6d1e88741" dependencies = [ "k8s-openapi", "kube-client", @@ -1538,8 +1545,9 @@ dependencies = [ [[package]] name = "kube-client" -version = "3.0.1" -source = "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fcaf2d1f1a91e1805d4cd82e8333c022767ae8ffd65909bbef6802733a7dd40" dependencies = [ "base64", "bytes", @@ -1572,8 +1580,9 @@ dependencies = [ [[package]] name = "kube-core" -version = "3.0.1" -source = "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f126d2db7a8b532ec1d839ece2a71e2485dc3bbca6cc3c3f929becaa810e719e" dependencies = [ "derive_more", "form_urlencoded", @@ -1590,8 +1599,9 @@ dependencies = [ [[package]] name = "kube-derive" -version = "3.0.1" -source = "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6b9b97e121fce957f9cafc6da534abc4276983ab03190b76c09361e2df849fa" dependencies = [ "darling", "proc-macro2", @@ -1603,8 +1613,9 @@ dependencies = [ [[package]] name = "kube-runtime" -version = "3.0.1" -source = "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c072737075826ee74d3e615e80334e41e617ca3d14fb46ef7cdfda822d6f15f2" dependencies = [ "ahash", "async-broadcast", @@ -2887,7 +2898,7 @@ checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" [[package]] name = "stackable-certs" version = "0.4.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "const-oid", "ecdsa", @@ -2899,7 +2910,7 @@ dependencies = [ "rsa", "sha2", "signature", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-shared", "tokio", "tokio-rustls", @@ -2930,9 +2941,10 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.108.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.110.1" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ + "base64", "clap", "const_format", "delegate", @@ -2947,13 +2959,14 @@ dependencies = [ "k8s-openapi", "kube", "product-config", + "rand 0.9.2", "regex", "schemars", "semver", "serde", "serde_json", "serde_yaml", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-operator-derive", "stackable-shared", "stackable-telemetry", @@ -2970,7 +2983,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "darling", "proc-macro2", @@ -2981,7 +2994,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.1.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "jiff", "k8s-openapi", @@ -2990,15 +3003,15 @@ dependencies = [ "semver", "serde", "serde_yaml", - "snafu 0.8.9", + "snafu 0.9.0", "strum", "time", ] [[package]] name = "stackable-telemetry" -version = "0.6.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.6.3" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "axum", "clap", @@ -3009,7 +3022,7 @@ dependencies = [ "opentelemetry-semantic-conventions", "opentelemetry_sdk", "pin-project", - "snafu 0.8.9", + "snafu 0.9.0", "strum", "tokio", "tower", @@ -3021,21 +3034,21 @@ dependencies = [ [[package]] name = "stackable-versioned" -version = "0.8.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.9.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "schemars", "serde", "serde_json", "serde_yaml", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-versioned-macros", ] [[package]] name = "stackable-versioned-macros" -version = "0.8.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.9.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "convert_case", "convert_case_extras", @@ -3052,13 +3065,14 @@ dependencies = [ [[package]] name = "stackable-webhook" -version = "0.9.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#7486017f60827d1d769d7bf17bf56adb21f8bb02" +version = "0.9.1" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" dependencies = [ "arc-swap", "async-trait", "axum", "futures-util", + "humantime", "hyper", "hyper-util", "k8s-openapi", @@ -3068,7 +3082,7 @@ dependencies = [ "rand 0.9.2", "serde", "serde_json", - "snafu 0.8.9", + "snafu 0.9.0", "stackable-certs", "stackable-shared", "stackable-telemetry", diff --git a/Cargo.nix b/Cargo.nix index 827dc70..16dff24 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -3502,6 +3502,14 @@ rec { ]; }; + "humantime" = rec { + crateName = "humantime"; + version = "2.3.0"; + edition = "2021"; + sha256 = "092lpipp32ayz4kyyn4k3vz59j9blng36wprm5by0g2ykqr14nqk"; + features = { + }; + }; "hyper" = rec { crateName = "hyper"; version = "1.8.1"; @@ -4824,8 +4832,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "k8s_version"; authors = [ @@ -4843,7 +4851,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } ]; features = { @@ -4854,14 +4862,9 @@ rec { }; "kube" = rec { crateName = "kube"; - version = "3.0.1"; + version = "3.1.0"; edition = "2024"; - workspace_member = null; - src = pkgs.fetchgit { - url = "https://github.com/kube-rs/kube-rs"; - rev = "fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5"; - sha256 = "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n"; - }; + sha256 = "0hc7x38zdjdphmkx1b9pdyv3kiwwzkfbamjxjbcmx5x2knkadidc"; authors = [ "clux " "Natalie Klestrup Röijezon " @@ -4932,14 +4935,9 @@ rec { }; "kube-client" = rec { crateName = "kube-client"; - version = "3.0.1"; + version = "3.1.0"; edition = "2024"; - workspace_member = null; - src = pkgs.fetchgit { - url = "https://github.com/kube-rs/kube-rs"; - rev = "fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5"; - sha256 = "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n"; - }; + sha256 = "0h6xlwrjg07npsdr0rgxiyp6f9q27hryi0ndsh2ih7m9y78z5jhg"; libName = "kube_client"; authors = [ "clux " @@ -5065,7 +5063,7 @@ rec { name = "tokio"; packageId = "tokio"; optional = true; - features = [ "time" "signal" "sync" ]; + features = [ "time" "signal" "sync" "rt" ]; } { name = "tokio-util"; @@ -5165,14 +5163,9 @@ rec { }; "kube-core" = rec { crateName = "kube-core"; - version = "3.0.1"; + version = "3.1.0"; edition = "2024"; - workspace_member = null; - src = pkgs.fetchgit { - url = "https://github.com/kube-rs/kube-rs"; - rev = "fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5"; - sha256 = "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n"; - }; + sha256 = "17ki1s0smv4vj8zkrk56phxxr1943sky5v1rv30jwlwbgbdx49pi"; libName = "kube_core"; authors = [ "clux " @@ -5252,14 +5245,9 @@ rec { }; "kube-derive" = rec { crateName = "kube-derive"; - version = "3.0.1"; + version = "3.1.0"; edition = "2024"; - workspace_member = null; - src = pkgs.fetchgit { - url = "https://github.com/kube-rs/kube-rs"; - rev = "fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5"; - sha256 = "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n"; - }; + sha256 = "1yj9z0niwdh9djvr0cdh7ac7chmw999xmimgkizrbkhz29zbkffn"; procMacro = true; libName = "kube_derive"; authors = [ @@ -5306,14 +5294,9 @@ rec { }; "kube-runtime" = rec { crateName = "kube-runtime"; - version = "3.0.1"; + version = "3.1.0"; edition = "2024"; - workspace_member = null; - src = pkgs.fetchgit { - url = "https://github.com/kube-rs/kube-rs"; - rev = "fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5"; - sha256 = "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n"; - }; + sha256 = "1whmdwnq5nnzgkpldyql7p51grj19qrq0pk17r6yfvl2fmq76wn0"; libName = "kube_runtime"; authors = [ "clux " @@ -9535,8 +9518,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "stackable_certs"; authors = [ @@ -9594,7 +9577,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-shared"; @@ -9719,19 +9702,23 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.108.0"; + version = "0.110.1"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "stackable_operator"; authors = [ "Stackable GmbH " ]; dependencies = [ + { + name = "base64"; + packageId = "base64"; + } { name = "clap"; packageId = "clap"; @@ -9795,6 +9782,10 @@ rec { name = "product-config"; packageId = "product-config"; } + { + name = "rand"; + packageId = "rand 0.9.2"; + } { name = "regex"; packageId = "regex"; @@ -9823,7 +9814,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-operator-derive"; @@ -9896,8 +9887,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; procMacro = true; libName = "stackable_operator_derive"; @@ -9931,8 +9922,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "stackable_shared"; authors = [ @@ -9976,7 +9967,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "strum"; @@ -10007,13 +9998,13 @@ rec { }; "stackable-telemetry" = rec { crateName = "stackable-telemetry"; - version = "0.6.2"; + version = "0.6.3"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "stackable_telemetry"; authors = [ @@ -10064,7 +10055,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "strum"; @@ -10117,13 +10108,13 @@ rec { }; "stackable-versioned" = rec { crateName = "stackable-versioned"; - version = "0.8.3"; + version = "0.9.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "stackable_versioned"; authors = [ @@ -10150,7 +10141,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-versioned-macros"; @@ -10161,13 +10152,13 @@ rec { }; "stackable-versioned-macros" = rec { crateName = "stackable-versioned-macros"; - version = "0.8.3"; + version = "0.9.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; procMacro = true; libName = "stackable_versioned_macros"; @@ -10229,13 +10220,13 @@ rec { }; "stackable-webhook" = rec { crateName = "stackable-webhook"; - version = "0.9.0"; + version = "0.9.1"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "7486017f60827d1d769d7bf17bf56adb21f8bb02"; - sha256 = "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2"; + rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + sha256 = "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by"; }; libName = "stackable_webhook"; authors = [ @@ -10259,6 +10250,10 @@ rec { name = "futures-util"; packageId = "futures-util"; } + { + name = "humantime"; + packageId = "humantime"; + } { name = "hyper"; packageId = "hyper"; @@ -10303,7 +10298,7 @@ rec { } { name = "snafu"; - packageId = "snafu 0.8.9"; + packageId = "snafu 0.9.0"; } { name = "stackable-certs"; diff --git a/Cargo.toml b/Cargo.toml index e3804e7..ee4f316 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,7 +10,7 @@ edition = "2024" repository = "https://github.com/stackabletech/opensearch-operator" [workspace.dependencies] -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.108.0", features = ["webhook"] } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.110.1", features = ["webhook"] } built = { version = "0.8.0", features = ["chrono", "git2"] } clap = "4.5" diff --git a/crate-hashes.json b/crate-hashes.json index 2148b36..e19b553 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -1,17 +1,12 @@ { - "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-client@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-core@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-derive@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-runtime@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#k8s-version@0.1.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-certs@0.4.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-operator-derive@0.3.1": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-operator@0.108.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-shared@0.1.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-telemetry@0.6.2": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-versioned-macros@0.8.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-versioned@0.8.3": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-webhook@0.9.0": "1fgc7i8rhq1nl9m4s69sbfiywy2jx4narpynvm3g54vd5yd4c6m2", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#k8s-version@0.1.3": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-certs@0.4.0": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-operator-derive@0.3.1": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-operator@0.110.1": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-shared@0.1.0": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-telemetry@0.6.3": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-versioned-macros@0.9.0": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-versioned@0.9.0": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-webhook@0.9.1": "0d58yvxvy8hbai12bjhcyvh4zw182j5dsfyqja4k2xc1vzjy29by", "git+https://github.com/stackabletech/product-config.git?tag=0.8.0#product-config@0.8.0": "1dz70kapm2wdqcr7ndyjji0lhsl98bsq95gnb2lw487wf6yr7987" } \ No newline at end of file diff --git a/extra/crds.yaml b/extra/crds.yaml index 89185db..8c11d8b 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1354,7 +1354,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -1434,7 +1434,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -1514,7 +1514,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -1594,7 +1594,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -1674,7 +1674,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -1727,7 +1727,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -1859,17 +1859,20 @@ spec: type: object type: object configOverrides: - additionalProperties: - additionalProperties: - type: string - type: object - default: {} description: |- The `configOverrides` can be used to configure properties in product config files that are not exposed in the CRD. Read the [config overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#config-overrides) and consult the operator specific usage guide documentation for details on the available config files and settings for the specific product. + properties: + opensearch.yml: + additionalProperties: + nullable: true + type: string + default: {} + description: Mergable variant of ... + type: object type: object envOverrides: additionalProperties: @@ -2045,7 +2048,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -2125,7 +2128,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -2205,7 +2208,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -2285,7 +2288,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -2365,7 +2368,7 @@ spec: type: string type: object custom: - description: Custom log configuration provided in a ConfigMap + description: Log configuration provided in a ConfigMap properties: configMap: description: ConfigMap containing the log configuration files @@ -2418,7 +2421,7 @@ spec: type: object type: object enableVectorAgent: - description: Wether or not to deploy a container with the Vector log agent. + description: Whether or not to deploy a container with the Vector log agent. nullable: true type: boolean type: object @@ -2550,17 +2553,20 @@ spec: type: object type: object configOverrides: - additionalProperties: - additionalProperties: - type: string - type: object - default: {} description: |- The `configOverrides` can be used to configure properties in product config files that are not exposed in the CRD. Read the [config overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#config-overrides) and consult the operator specific usage guide documentation for details on the available config files and settings for the specific product. + properties: + opensearch.yml: + additionalProperties: + nullable: true + type: string + default: {} + description: Mergable variant of ... + type: object type: object envOverrides: additionalProperties: diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index 3859380..af6cb72 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -146,8 +146,11 @@ impl ReconcilerError for Error { } } -type OpenSearchRoleGroupConfig = - RoleGroupConfig; +type OpenSearchRoleGroupConfig = RoleGroupConfig< + GenericProductSpecificCommonConfig, + ValidatedOpenSearchConfig, + v1alpha1::OpenSearchConfigOverrides, +>; type OpenSearchNodeResources = stackable_operator::commons::resources::Resources; @@ -484,10 +487,7 @@ pub async fn reconcile( #[cfg(test)] mod tests { - use std::{ - collections::{BTreeMap, HashMap}, - str::FromStr, - }; + use std::{collections::BTreeMap, str::FromStr}; use stackable_operator::{ commons::{ @@ -661,7 +661,7 @@ mod tests { resources: OpenSearchNodeResources::default(), termination_grace_period_seconds: 120, }, - config_overrides: HashMap::default(), + config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/build.rs b/rust/operator-binary/src/controller/build.rs index 479decc..b2f0234 100644 --- a/rust/operator-binary/src/controller/build.rs +++ b/rust/operator-binary/src/controller/build.rs @@ -62,10 +62,7 @@ pub fn build(names: &ContextNames, cluster: ValidatedCluster) -> KubernetesResou #[cfg(test)] mod tests { - use std::{ - collections::{BTreeMap, HashMap}, - str::FromStr, - }; + use std::{collections::BTreeMap, str::FromStr}; use stackable_operator::{ commons::{ @@ -248,7 +245,7 @@ mod tests { resources: OpenSearchNodeResources::default(), termination_grace_period_seconds: 120, }, - config_overrides: HashMap::default(), + config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/build/node_config.rs b/rust/operator-binary/src/controller/build/node_config.rs index 26591fd..65f6dcd 100644 --- a/rust/operator-binary/src/controller/build/node_config.rs +++ b/rust/operator-binary/src/controller/build/node_config.rs @@ -182,12 +182,11 @@ impl NodeConfig { config.append(&mut self.tls_config()); - for (setting, value) in self + for (setting, value) in &self .role_group_config .config_overrides - .get(CONFIGURATION_FILE_OPENSEARCH_YML) - .into_iter() - .flatten() + .opensearch_yml + .overrides { let old_value = config.insert(setting.to_owned(), json!(value)); if let Some(old_value) = old_value { @@ -561,6 +560,7 @@ mod tests { controller::{ValidatedLogging, ValidatedOpenSearchConfig, ValidatedSecurity}, crd::v1alpha1, framework::{ + config_overrides::KeyValueConfigOverrides, product_logging::framework::ValidatedContainerLogConfigChoice, role_utils::GenericProductSpecificCommonConfig, types::{ @@ -618,15 +618,15 @@ mod tests { resources: Resources::default(), termination_grace_period_seconds: 30, }, - config_overrides: [( - CONFIGURATION_FILE_OPENSEARCH_YML.to_owned(), - test_config - .config_settings - .iter() - .map(|(k, v)| (k.to_string(), v.to_string())) - .collect(), - )] - .into(), + config_overrides: v1alpha1::OpenSearchConfigOverrides { + opensearch_yml: KeyValueConfigOverrides { + overrides: test_config + .config_settings + .iter() + .map(|(k, v)| (k.to_string(), Some(v.to_string()))) + .collect(), + }, + }, env_overrides: EnvVarSet::new().with_values( test_config .env_vars diff --git a/rust/operator-binary/src/controller/build/role_builder.rs b/rust/operator-binary/src/controller/build/role_builder.rs index 2c470f5..51f4f53 100644 --- a/rust/operator-binary/src/controller/build/role_builder.rs +++ b/rust/operator-binary/src/controller/build/role_builder.rs @@ -359,10 +359,7 @@ pub fn discovery_service_listener_name(cluster_name: &ClusterName) -> ListenerNa #[cfg(test)] mod tests { - use std::{ - collections::{BTreeMap, HashMap}, - str::FromStr, - }; + use std::{collections::BTreeMap, str::FromStr}; use pretty_assertions::assert_eq; use serde_json::json; @@ -446,7 +443,7 @@ mod tests { resources: Resources::default(), termination_grace_period_seconds: 30, }, - config_overrides: HashMap::default(), + config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/build/role_group_builder.rs b/rust/operator-binary/src/controller/build/role_group_builder.rs index 686cde7..f5f386a 100644 --- a/rust/operator-binary/src/controller/build/role_group_builder.rs +++ b/rust/operator-binary/src/controller/build/role_group_builder.rs @@ -13,7 +13,10 @@ use stackable_operator::{ volume::{SecretFormat, SecretOperatorVolumeSourceBuilder, VolumeBuilder}, }, }, - commons::resources::{CpuLimits, MemoryLimits, Resources}, + commons::{ + resources::{CpuLimits, MemoryLimits, Resources}, + secret_class::SecretClassVolumeProvisionParts, + }, constants::RESTART_CONTROLLER_ENABLED_LABEL, crd::listener::{self}, k8s_openapi::{ @@ -607,7 +610,7 @@ impl<'a> RoleGroupBuilder<'a> { .args(vec![ include_str!("scripts/create-admin-certificate.sh").to_owned(), ]) - .add_env_vars(env_vars.into()) + .add_env_vars(env_vars) .add_volume_mounts(volume_mounts) .expect("The mount paths are statically defined and there should be no duplicates.") .resources( @@ -776,7 +779,7 @@ impl<'a> RoleGroupBuilder<'a> { create_vector_shutdown_file_command = create_vector_shutdown_file_command(STACKABLE_LOG_DIR), )]) - .add_env_vars(self.node_config.environment_variables().into()) + .add_env_vars(self.node_config.environment_variables()) .add_volume_mounts(volume_mounts) .expect("The mount paths are statically defined and there should be no duplicates.") .add_container_ports(vec![ @@ -942,7 +945,7 @@ impl<'a> RoleGroupBuilder<'a> { .args(vec![ include_str!("scripts/update-security-config.sh").to_owned(), ]) - .add_env_vars(env_vars.into()) + .add_env_vars(env_vars) .add_volume_mounts(volume_mounts) .expect("The mount paths are statically defined and there should be no duplicates.") .resources( @@ -1068,8 +1071,10 @@ impl<'a> RoleGroupBuilder<'a> { &self, tls_internal_secret_class: &SecretClassName, ) -> Vec { - let mut volume_source_builder = - SecretOperatorVolumeSourceBuilder::new(tls_internal_secret_class); + let mut volume_source_builder = SecretOperatorVolumeSourceBuilder::new( + tls_internal_secret_class, + SecretClassVolumeProvisionParts::PublicPrivate, + ); volume_source_builder .with_pod_scope() @@ -1103,8 +1108,10 @@ impl<'a> RoleGroupBuilder<'a> { &self, tls_server_secret_class: &SecretClassName, ) -> Vec { - let mut volume_source_builder = - SecretOperatorVolumeSourceBuilder::new(tls_server_secret_class); + let mut volume_source_builder = SecretOperatorVolumeSourceBuilder::new( + tls_server_secret_class, + SecretClassVolumeProvisionParts::PublicPrivate, + ); volume_source_builder .with_pod_scope() @@ -1428,10 +1435,7 @@ impl<'a> RoleGroupBuilder<'a> { #[cfg(test)] mod tests { - use std::{ - collections::{BTreeMap, HashMap}, - str::FromStr, - }; + use std::{collections::BTreeMap, str::FromStr}; use pretty_assertions::assert_eq; use rstest::rstest; @@ -1575,7 +1579,7 @@ mod tests { resources: Resources::default(), termination_grace_period_seconds: 30, }, - config_overrides: HashMap::default(), + config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), @@ -2542,6 +2546,7 @@ mod tests { "secrets.stackable.tech/backend.autotls.cert.lifetime": "1d", "secrets.stackable.tech/class": "tls", "secrets.stackable.tech/format": "tls-pem", + "secrets.stackable.tech/provision-parts": "public-private", "secrets.stackable.tech/scope": "pod,listener-volume=listener,service=my-opensearch-cluster-seed-nodes" } }, @@ -2568,6 +2573,7 @@ mod tests { "secrets.stackable.tech/backend.autotls.cert.lifetime": "1d", "secrets.stackable.tech/class": "tls", "secrets.stackable.tech/format": "tls-pem", + "secrets.stackable.tech/provision-parts": "public-private", "secrets.stackable.tech/scope": "pod,listener-volume=listener,listener-volume=discovery-service-listener" } }, @@ -2752,6 +2758,7 @@ mod tests { "secrets.stackable.tech/backend.autotls.cert.lifetime": "1d", "secrets.stackable.tech/class": "tls", "secrets.stackable.tech/format": "tls-pem", + "secrets.stackable.tech/provision-parts": "public-private", "secrets.stackable.tech/scope": "pod,listener-volume=listener,service=my-opensearch-cluster-seed-nodes" } }, @@ -2778,6 +2785,7 @@ mod tests { "secrets.stackable.tech/backend.autotls.cert.lifetime": "1d", "secrets.stackable.tech/class": "tls", "secrets.stackable.tech/format": "tls-pem", + "secrets.stackable.tech/provision-parts": "public-private", "secrets.stackable.tech/scope": "pod,listener-volume=listener,listener-volume=discovery-service-listener" } }, @@ -2974,6 +2982,7 @@ mod tests { "secrets.stackable.tech/backend.autotls.cert.lifetime": "1d", "secrets.stackable.tech/class": "tls", "secrets.stackable.tech/format": "tls-pem", + "secrets.stackable.tech/provision-parts": "public-private", "secrets.stackable.tech/scope": "pod,listener-volume=listener,service=my-opensearch-cluster-seed-nodes" } }, @@ -3000,6 +3009,7 @@ mod tests { "secrets.stackable.tech/backend.autotls.cert.lifetime": "1d", "secrets.stackable.tech/class": "tls", "secrets.stackable.tech/format": "tls-pem", + "secrets.stackable.tech/provision-parts": "public-private", "secrets.stackable.tech/scope": "pod,listener-volume=listener,listener-volume=discovery-service-listener" } }, diff --git a/rust/operator-binary/src/controller/preprocess.rs b/rust/operator-binary/src/controller/preprocess.rs index 4965eb0..0a08477 100644 --- a/rust/operator-binary/src/controller/preprocess.rs +++ b/rust/operator-binary/src/controller/preprocess.rs @@ -3,14 +3,11 @@ use stackable_operator::{ commons::resources::{PvcConfigFragment, ResourcesFragment}, k8s_openapi::apimachinery::pkg::api::resource::Quantity, - role_utils::{CommonConfiguration, RoleGroup}, + role_utils::CommonConfiguration, }; use tracing::info; -use crate::{ - crd::{NodeRoles, v1alpha1}, - framework::role_utils::GenericProductSpecificCommonConfig, -}; +use crate::crd::{NodeRoles, OpenSearchRoleGroup, v1alpha1}; /// Preprocesses the OpenSearchCluster and adds configurations that the user is allowed to leave /// out @@ -39,27 +36,26 @@ pub fn preprocess_security_managing_role_group( role_group = security.managing_role_group ); - let role_group = - RoleGroup:: { - config: CommonConfiguration { - config: v1alpha1::OpenSearchConfigFragment { - discovery_service_exposed: Some(false), - node_roles: Some(NodeRoles(vec![v1alpha1::NodeRole::CoordinatingOnly])), - resources: ResourcesFragment { - storage: v1alpha1::StorageConfigFragment { - data: PvcConfigFragment { - capacity: Some(Quantity("100Mi".to_owned())), - ..PvcConfigFragment::default() - }, + let role_group = OpenSearchRoleGroup { + config: CommonConfiguration { + config: v1alpha1::OpenSearchConfigFragment { + discovery_service_exposed: Some(false), + node_roles: Some(NodeRoles(vec![v1alpha1::NodeRole::CoordinatingOnly])), + resources: ResourcesFragment { + storage: v1alpha1::StorageConfigFragment { + data: PvcConfigFragment { + capacity: Some(Quantity("100Mi".to_owned())), + ..PvcConfigFragment::default() }, - ..ResourcesFragment::default() }, - ..v1alpha1::OpenSearchConfigFragment::default() + ..ResourcesFragment::default() }, - ..CommonConfiguration::default() + ..v1alpha1::OpenSearchConfigFragment::default() }, - replicas: Some(1), - }; + ..CommonConfiguration::default() + }, + replicas: Some(1), + }; cluster .spec diff --git a/rust/operator-binary/src/controller/validate.rs b/rust/operator-binary/src/controller/validate.rs index 9d7084e..b8bda15 100644 --- a/rust/operator-binary/src/controller/validate.rs +++ b/rust/operator-binary/src/controller/validate.rs @@ -18,14 +18,14 @@ use crate::{ DereferencedObjects, HTTP_PORT_NAME, ValidatedDiscoveryEndpoint, ValidatedNodeRole, ValidatedNodeRoles, ValidatedSecurity, }, - crd::{NodeRoles, v1alpha1}, + crd::{NodeRoles, OpenSearchRoleGroup, v1alpha1}, framework::{ builder::pod::container::{EnvVarName, EnvVarSet}, controller_utils::{get_cluster_name, get_namespace, get_uid}, product_logging::framework::{ VectorContainerLogConfig, validate_logging_configuration_for_container, }, - role_utils::{GenericProductSpecificCommonConfig, RoleGroupConfig, with_validated_config}, + role_utils::{RoleGroupConfig, with_validated_config}, types::{ common::Port, kubernetes::{ConfigMapName, Hostname}, @@ -190,12 +190,9 @@ fn validate_role_group_config( context_names: &ContextNames, cluster_name: &ClusterName, cluster: &v1alpha1::OpenSearchCluster, - role_group_config: &RoleGroup< - v1alpha1::OpenSearchConfigFragment, - GenericProductSpecificCommonConfig, - >, + role_group_config: &OpenSearchRoleGroup, ) -> Result { - let merged_role_group: RoleGroup = with_validated_config( + let merged_role_group: RoleGroup = with_validated_config( role_group_config, &cluster.spec.nodes, &v1alpha1::OpenSearchConfig::default_config( @@ -464,6 +461,7 @@ mod tests { crd::{NodeRoles, OpenSearchKeystoreKey, v1alpha1}, framework::{ builder::pod::container::{EnvVarName, EnvVarSet}, + config_overrides::KeyValueConfigOverrides, product_logging::framework::{ ValidatedContainerLogConfigChoice, VectorContainerLogConfig, }, @@ -621,22 +619,25 @@ mod tests { }, termination_grace_period_seconds: 300, }, - config_overrides: [( - "opensearch.yml".to_owned(), - [ - ("setting1".to_owned(), "value from role level".to_owned()), - ( - "setting2".to_owned(), - "value from role-group level".to_owned() - ), - ( - "setting3".to_owned(), - "value from role-group level".to_owned() - ), - ] - .into() - )] - .into(), + config_overrides: v1alpha1::OpenSearchConfigOverrides { + opensearch_yml: KeyValueConfigOverrides { + overrides: [ + ( + "setting1".to_owned(), + Some("value from role level".to_owned()) + ), + ( + "setting2".to_owned(), + Some("value from role-group level".to_owned()) + ), + ( + "setting3".to_owned(), + Some("value from role-group level".to_owned()) + ), + ] + .into() + } + }, env_overrides: EnvVarSet::new().with_values([ ( EnvVarName::from_str_unsafe("ENV1"), @@ -1038,15 +1039,15 @@ mod tests { }, ..v1alpha1::OpenSearchConfigFragment::default() }, - config_overrides: [( - "opensearch.yml".to_owned(), - [ - ("setting1".to_owned(), "value from role level".to_owned()), - ("setting2".to_owned(), "value from role level".to_owned()), - ] - .into(), - )] - .into(), + config_overrides: v1alpha1::OpenSearchConfigOverrides { + opensearch_yml: KeyValueConfigOverrides { + overrides: [ + ("setting1".to_owned(), Some("value from role level".to_owned())), + ("setting2".to_owned(), Some("value from role level".to_owned())), + ] + .into() + } + }, env_overrides: [ ("ENV1".to_owned(), "value from role level".to_owned()), ("ENV2".to_owned(), "value from role level".to_owned()), @@ -1084,21 +1085,21 @@ mod tests { )), ..v1alpha1::OpenSearchConfigFragment::default() }, - config_overrides: [( - "opensearch.yml".to_owned(), - [ - ( - "setting2".to_owned(), - "value from role-group level".to_owned(), - ), - ( - "setting3".to_owned(), - "value from role-group level".to_owned(), - ), - ] - .into(), - )] - .into(), + config_overrides: v1alpha1::OpenSearchConfigOverrides { + opensearch_yml: KeyValueConfigOverrides { + overrides: [ + ( + "setting2".to_owned(), + Some("value from role-group level".to_owned()), + ), + ( + "setting3".to_owned(), + Some("value from role-group level".to_owned()), + ), + ] + .into() + } + }, env_overrides: [ ("ENV2".to_owned(), "value from role-group level".to_owned()), ("ENV3".to_owned(), "value from role-group level".to_owned()), diff --git a/rust/operator-binary/src/crd/mod.rs b/rust/operator-binary/src/crd/mod.rs index dde1eb6..219b6d8 100644 --- a/rust/operator-binary/src/crd/mod.rs +++ b/rust/operator-binary/src/crd/mod.rs @@ -20,7 +20,7 @@ use stackable_operator::{ k8s_openapi::{api::core::v1::PodAntiAffinity, apimachinery::pkg::api::resource::Quantity}, kube::CustomResource, product_logging::{self, spec::Logging}, - role_utils::{GenericRoleConfig, Role}, + role_utils::{GenericRoleConfig, Role, RoleGroup}, schemars::{self, JsonSchema}, shared::time::Duration, status::condition::{ClusterCondition, HasStatusCondition}, @@ -33,6 +33,7 @@ use crate::{ attributed_string_type, constant, framework::{ NameIsValidLabelValue, + config_overrides::KeyValueConfigOverrides, role_utils::GenericProductSpecificCommonConfig, types::{ kubernetes::{ @@ -48,6 +49,19 @@ constant!(DEFAULT_ROLE_GROUP_LISTENER_CLASS: ListenerClassName = "cluster-intern constant!(DEFAULT_DISCOVERY_SERVICE_LISTENER_CLASS: ListenerClassName = "cluster-internal"); constant!(TLS_DEFAULT_SECRET_CLASS: SecretClassName = "tls"); +type OpenSearchRole = Role< + v1alpha1::OpenSearchConfigFragment, + v1alpha1::OpenSearchConfigOverrides, + v1alpha1::OpenSearchRoleConfig, + GenericProductSpecificCommonConfig, +>; + +pub type OpenSearchRoleGroup = RoleGroup< + v1alpha1::OpenSearchConfigFragment, + GenericProductSpecificCommonConfig, + v1alpha1::OpenSearchConfigOverrides, +>; + #[versioned( version(name = "v1alpha1"), crates( @@ -90,11 +104,7 @@ pub mod versioned { pub object_overrides: ObjectOverrides, // no doc - docs in Role struct - pub nodes: Role< - OpenSearchConfigFragment, - OpenSearchRoleConfig, - GenericProductSpecificCommonConfig, - >, + pub nodes: OpenSearchRole, } #[derive(Clone, Debug, Default, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] @@ -477,6 +487,13 @@ pub mod versioned { pub discovery_service_listener_class: ListenerClassName, } + #[derive(Clone, Debug, Default, Deserialize, JsonSchema, Merge, PartialEq, Serialize)] + #[serde(rename_all = "camelCase")] + pub struct OpenSearchConfigOverrides { + #[serde(default, rename = "opensearch.yml")] + pub opensearch_yml: KeyValueConfigOverrides, + } + #[derive(Clone, Default, Debug, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] #[serde(rename_all = "camelCase")] pub struct OpenSearchClusterStatus { diff --git a/rust/operator-binary/src/framework.rs b/rust/operator-binary/src/framework.rs index e6f58e9..08967a7 100644 --- a/rust/operator-binary/src/framework.rs +++ b/rust/operator-binary/src/framework.rs @@ -24,6 +24,7 @@ use types::kubernetes::Uid; pub mod builder; pub mod cluster_resources; +pub mod config_overrides; pub mod controller_utils; pub mod kvp; pub mod macros; diff --git a/rust/operator-binary/src/framework/builder/pod/container.rs b/rust/operator-binary/src/framework/builder/pod/container.rs index 244bf00..53f5385 100644 --- a/rust/operator-binary/src/framework/builder/pod/container.rs +++ b/rust/operator-binary/src/framework/builder/pod/container.rs @@ -174,6 +174,15 @@ impl From for Vec { } } +impl IntoIterator for EnvVarSet { + type IntoIter = std::collections::btree_map::IntoValues; + type Item = EnvVar; + + fn into_iter(self) -> Self::IntoIter { + self.0.into_values() + } +} + #[cfg(test)] mod tests { use std::str::FromStr; diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs new file mode 100644 index 0000000..8a08f59 --- /dev/null +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -0,0 +1,12 @@ +use std::collections::BTreeMap; + +use schemars::JsonSchema; +use serde::{Deserialize, Serialize}; +use stackable_operator::{config::merge::Merge, schemars}; + +/// Mergeable variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] +#[derive(Clone, Debug, Default, Deserialize, Eq, JsonSchema, Merge, PartialEq, Serialize)] +pub struct KeyValueConfigOverrides { + #[serde(flatten)] + pub overrides: BTreeMap>, +} diff --git a/rust/operator-binary/src/framework/kvp/label.rs b/rust/operator-binary/src/framework/kvp/label.rs index 918e69a..d20f176 100644 --- a/rust/operator-binary/src/framework/kvp/label.rs +++ b/rust/operator-binary/src/framework/kvp/label.rs @@ -29,7 +29,7 @@ pub fn recommended_labels( role: &role_name.to_label_value(), role_group: &role_group_name.to_label_value(), }; - Labels::recommended(object_labels).expect( + Labels::recommended(&object_labels).expect( "Labels should be created because the owner has an object name and all given parameters \ produce valid label values.", ) diff --git a/rust/operator-binary/src/framework/product_logging/framework.rs b/rust/operator-binary/src/framework/product_logging/framework.rs index e04d6f3..fd88fb3 100644 --- a/rust/operator-binary/src/framework/product_logging/framework.rs +++ b/rust/operator-binary/src/framework/product_logging/framework.rs @@ -209,7 +209,7 @@ pub fn vector_container( kill $vector_pid", vector_control_directory = format!("{STACKABLE_LOG_DIR}/{VECTOR_CONTROL_DIR}"), )]) - .add_env_vars(env_vars.into()) + .add_env_vars(env_vars) .add_volume_mounts([ VolumeMount { mount_path: format!( diff --git a/rust/operator-binary/src/framework/role_utils.rs b/rust/operator-binary/src/framework/role_utils.rs index b57659e..dcb9b40 100644 --- a/rust/operator-binary/src/framework/role_utils.rs +++ b/rust/operator-binary/src/framework/role_utils.rs @@ -7,7 +7,7 @@ use serde::{Deserialize, Serialize}; use stackable_operator::{ config::{ fragment::{self, FromFragment}, - merge::{Merge, merge}, + merge::{self, Merge, merge}, }, k8s_openapi::{DeepMerge, api::core::v1::PodTemplateSpec}, role_utils::{CommonConfiguration, Role, RoleGroup}, @@ -38,10 +38,10 @@ impl Merge for GenericProductSpecificCommonConfig { /// * `config` is flattened. /// * The [`HashMap`] in `env_overrides` is replaced with an [`EnvVarSet`]. #[derive(Clone, Debug, PartialEq)] -pub struct RoleGroupConfig { +pub struct RoleGroupConfig { pub replicas: u16, - pub config: T, - pub config_overrides: HashMap>, + pub config: Config, + pub config_overrides: ConfigOverrides, pub env_overrides: EnvVarSet, pub cli_overrides: BTreeMap, pub pod_overrides: PodTemplateSpec, @@ -50,7 +50,9 @@ pub struct RoleGroupConfig { pub product_specific_common_config: ProductSpecificCommonConfig, } -impl RoleGroupConfig { +impl + RoleGroupConfig +{ pub fn cli_overrides_to_vec(&self) -> Vec { self.cli_overrides .clone() @@ -60,45 +62,25 @@ impl RoleGroupConfig( - role_group: &RoleGroup, - role: &Role, - default_config: &T, -) -> Result -where - C: FromFragment, - ProductSpecificCommonConfig: Default + JsonSchema + Serialize, - T: Merge + Clone, - U: Default + JsonSchema + Serialize, -{ - let mut role_config = role.config.config.clone(); - role_config.merge(default_config); - let mut rolegroup_config = role_group.config.config.clone(); - rolegroup_config.merge(&role_config); - fragment::validate(rolegroup_config) -} - /// Merges and validates the [`RoleGroup`] with the given `role` and `default_config` -pub fn with_validated_config( - role_group: &RoleGroup, - role: &Role, - default_config: &T, -) -> Result, fragment::ValidationError> +pub fn with_validated_config( + role_group: &RoleGroup, + role: &Role, + default_config: &Config, +) -> Result, fragment::ValidationError> where - C: FromFragment, - ProductSpecificCommonConfig: Clone + Default + JsonSchema + Merge + Serialize, - T: Clone + Merge, - U: Default + JsonSchema + Serialize, + C: FromFragment, + CommonConfig: Clone + Default + JsonSchema + Merge + Serialize, + Config: Clone + Merge, + RoleConfig: Default + JsonSchema + Serialize, + ConfigOverrides: Clone + Default + JsonSchema + Merge + Serialize, { - let validated_config = validate_config(role_group, role, default_config)?; + let validated_config = role_group.validate_config(role, default_config)?; Ok(RoleGroup { config: CommonConfiguration { config: validated_config, config_overrides: merged_config_overrides( - role.config.config_overrides.clone(), + &role.config.config_overrides, role_group.config.config_overrides.clone(), ), env_overrides: merged_env_overrides( @@ -122,20 +104,14 @@ where }) } -fn merged_config_overrides( - role_config_overrides: HashMap>, - role_group_config_overrides: HashMap>, -) -> HashMap> { - let mut merged_config_overrides = role_config_overrides; - - for (filename, role_group_config_file_overrides) in role_group_config_overrides { - merged_config_overrides - .entry(filename) - .or_default() - .extend(role_group_config_file_overrides); - } - - merged_config_overrides +fn merged_config_overrides( + role_config_overrides: &ConfigOverrides, + role_group_config_overrides: ConfigOverrides, +) -> ConfigOverrides +where + ConfigOverrides: Merge, +{ + merge::merge(role_group_config_overrides, role_config_overrides) } fn merged_env_overrides( @@ -268,27 +244,30 @@ mod tests { } #[derive(Clone, Debug, Default, JsonSchema, Merge, PartialEq, Serialize)] - struct ProductCommonConfig { + struct CommonConfig { property: Option, } - fn new_common_config( - config: T, + #[derive(Clone, Debug, Default, JsonSchema, Merge, PartialEq, Serialize)] + struct ConfigOverrides(HashMap>); + + fn new_common_config( + config: Config, override_value: Option<&str>, - ) -> CommonConfiguration { + ) -> CommonConfiguration { let mut config_file_overrides = HashMap::new(); let mut env_overrides = HashMap::new(); let mut cli_overrides = BTreeMap::new(); if let Some(value) = override_value { - config_file_overrides.insert("property".to_owned(), value.to_owned()); + config_file_overrides.insert("property".to_owned(), Some(value.to_owned())); env_overrides.insert("PROPERTY".to_owned(), value.to_owned()); cli_overrides.insert("--property".to_owned(), value.to_owned()); } CommonConfiguration { config, - config_overrides: [("config.file".to_owned(), config_file_overrides)].into(), + config_overrides: ConfigOverrides(config_file_overrides), env_overrides, cli_overrides, pod_overrides: PodTemplateSpec { @@ -298,7 +277,7 @@ mod tests { }), ..PodTemplateSpec::default() }, - product_specific_common_config: ProductCommonConfig { + product_specific_common_config: CommonConfig { property: override_value.map(str::to_owned), }, } @@ -341,7 +320,7 @@ mod tests { config: new_common_config(ConfigFragment::new(role_group_value), role_group_value), replicas: Some(3), }; - let role = Role::<_, GenericRoleConfig, _> { + let role = Role::<_, _, GenericRoleConfig, _> { config: new_common_config(ConfigFragment::new(role_value), role_value), ..Role::default() }; @@ -367,13 +346,13 @@ mod tests { config: new_common_config(ConfigFragment::new(None), None), replicas: None, }; - let role = Role::<_, GenericRoleConfig, _> { + let role = Role::<_, _, GenericRoleConfig, _> { config: new_common_config(ConfigFragment::new(None), None), ..Role::default() }; let default_config = ConfigFragment::new(None); - let result: Result, _> = + let result: Result, _> = with_validated_config(&role_group, &role, &default_config); assert!(result.is_err()) diff --git a/rust/operator-binary/src/main.rs b/rust/operator-binary/src/main.rs index 5729d62..a7541a3 100644 --- a/rust/operator-binary/src/main.rs +++ b/rust/operator-binary/src/main.rs @@ -110,7 +110,7 @@ async fn main() -> Result<()> { Command::Crd => { OpenSearchCluster::merged_crd(OpenSearchClusterVersion::V1Alpha1) .context(MergeCrdSnafu)? - .print_yaml_schema(built_info::PKG_VERSION, SerializeOptions::default()) + .print_yaml_schema(built_info::PKG_VERSION, &SerializeOptions::default()) .context(SerializeCrdSnafu)?; } Command::Run(RunArguments { @@ -139,7 +139,7 @@ async fn main() -> Result<()> { let sigterm_watcher = SignalWatcher::sigterm().context(CreateSignalWatcherSnafu)?; let eos_checker = - EndOfSupportChecker::new(built_info::BUILT_TIME_UTC, maintenance.end_of_support) + EndOfSupportChecker::new(built_info::BUILT_TIME_UTC, &maintenance.end_of_support) .context(InitEndOfSupportCheckerSnafu)? .run(sigterm_watcher.handle()) .map(Ok); diff --git a/tests/templates/kuttl/smoke/10-assert.yaml.j2 b/tests/templates/kuttl/smoke/10-assert.yaml.j2 index c2cd2a5..1318a6e 100644 --- a/tests/templates/kuttl/smoke/10-assert.yaml.j2 +++ b/tests/templates/kuttl/smoke/10-assert.yaml.j2 @@ -327,6 +327,7 @@ spec: secrets.stackable.tech/backend.autotls.cert.lifetime: 1d secrets.stackable.tech/class: tls secrets.stackable.tech/format: tls-pem + secrets.stackable.tech/provision-parts: public-private secrets.stackable.tech/scope: pod,listener-volume=listener,service=opensearch-seed-nodes spec: accessModes: @@ -345,6 +346,7 @@ spec: secrets.stackable.tech/backend.autotls.cert.lifetime: 1d secrets.stackable.tech/class: tls secrets.stackable.tech/format: tls-pem + secrets.stackable.tech/provision-parts: public-private secrets.stackable.tech/scope: pod,listener-volume=listener,listener-volume=discovery-service-listener spec: accessModes: From 3af18407a8ca71a32a5feea714875e835680230b Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Mon, 27 Apr 2026 15:33:15 +0200 Subject: [PATCH 02/17] chore: Regenerate charts --- extra/crds.yaml | 2 -- rust/operator-binary/src/framework/config_overrides.rs | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/extra/crds.yaml b/extra/crds.yaml index 8c11d8b..d907f81 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1871,7 +1871,6 @@ spec: nullable: true type: string default: {} - description: Mergable variant of ... type: object type: object envOverrides: @@ -2565,7 +2564,6 @@ spec: nullable: true type: string default: {} - description: Mergable variant of ... type: object type: object envOverrides: diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index 8a08f59..40dc2f4 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -4,7 +4,7 @@ use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use stackable_operator::{config::merge::Merge, schemars}; -/// Mergeable variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] +// Mergeable variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] #[derive(Clone, Debug, Default, Deserialize, Eq, JsonSchema, Merge, PartialEq, Serialize)] pub struct KeyValueConfigOverrides { #[serde(flatten)] From 514c49813d9d42c56be87373779de2a602561418 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Mon, 27 Apr 2026 16:10:42 +0200 Subject: [PATCH 03/17] chore: Rename GenericProductSpecificCommonConfig to GenericCommonConfig --- rust/operator-binary/src/controller.rs | 8 ++++---- rust/operator-binary/src/controller/build.rs | 4 ++-- rust/operator-binary/src/controller/build/node_config.rs | 4 ++-- .../operator-binary/src/controller/build/role_builder.rs | 4 ++-- .../src/controller/build/role_group_builder.rs | 4 ++-- rust/operator-binary/src/controller/validate.rs | 9 ++++----- rust/operator-binary/src/crd/mod.rs | 6 +++--- rust/operator-binary/src/framework/role_utils.rs | 7 +++---- 8 files changed, 22 insertions(+), 24 deletions(-) diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index af6cb72..f2a709a 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -41,7 +41,7 @@ use crate::{ framework::{ HasName, HasUid, NameIsValidLabelValue, product_logging::framework::{ValidatedContainerLogConfigChoice, VectorContainerLogConfig}, - role_utils::{GenericProductSpecificCommonConfig, RoleGroupConfig}, + role_utils::{GenericCommonConfig, RoleGroupConfig}, types::{ common::Port, kubernetes::{Hostname, ListenerClassName, NamespaceName, SecretClassName, Uid}, @@ -147,7 +147,7 @@ impl ReconcilerError for Error { } type OpenSearchRoleGroupConfig = RoleGroupConfig< - GenericProductSpecificCommonConfig, + GenericCommonConfig, ValidatedOpenSearchConfig, v1alpha1::OpenSearchConfigOverrides, >; @@ -511,7 +511,7 @@ mod tests { framework::{ builder::pod::container::EnvVarSet, product_logging::framework::ValidatedContainerLogConfigChoice, - role_utils::GenericProductSpecificCommonConfig, + role_utils::GenericCommonConfig, types::{ kubernetes::{ListenerClassName, NamespaceName, SecretClassName}, operator::{ClusterName, OperatorName, ProductVersion, RoleGroupName}, @@ -665,7 +665,7 @@ mod tests { env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), - product_specific_common_config: GenericProductSpecificCommonConfig::default(), + product_specific_common_config: GenericCommonConfig::default(), } } } diff --git a/rust/operator-binary/src/controller/build.rs b/rust/operator-binary/src/controller/build.rs index b2f0234..8e7c389 100644 --- a/rust/operator-binary/src/controller/build.rs +++ b/rust/operator-binary/src/controller/build.rs @@ -87,7 +87,7 @@ mod tests { crd::v1alpha1, framework::{ builder::pod::container::EnvVarSet, - role_utils::GenericProductSpecificCommonConfig, + role_utils::GenericCommonConfig, types::{ common::Port, kubernetes::{Hostname, ListenerClassName, NamespaceName, SecretClassName}, @@ -249,7 +249,7 @@ mod tests { env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), - product_specific_common_config: GenericProductSpecificCommonConfig::default(), + product_specific_common_config: GenericCommonConfig::default(), } } } diff --git a/rust/operator-binary/src/controller/build/node_config.rs b/rust/operator-binary/src/controller/build/node_config.rs index 65f6dcd..8575e30 100644 --- a/rust/operator-binary/src/controller/build/node_config.rs +++ b/rust/operator-binary/src/controller/build/node_config.rs @@ -562,7 +562,7 @@ mod tests { framework::{ config_overrides::KeyValueConfigOverrides, product_logging::framework::ValidatedContainerLogConfigChoice, - role_utils::GenericProductSpecificCommonConfig, + role_utils::GenericCommonConfig, types::{ kubernetes::{ ConfigMapKey, ConfigMapName, ListenerClassName, NamespaceName, SecretClassName, @@ -635,7 +635,7 @@ mod tests { ), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), - product_specific_common_config: GenericProductSpecificCommonConfig::default(), + product_specific_common_config: GenericCommonConfig::default(), }; let security_settings = v1alpha1::SecuritySettings { diff --git a/rust/operator-binary/src/controller/build/role_builder.rs b/rust/operator-binary/src/controller/build/role_builder.rs index 51f4f53..c9ebfd0 100644 --- a/rust/operator-binary/src/controller/build/role_builder.rs +++ b/rust/operator-binary/src/controller/build/role_builder.rs @@ -390,7 +390,7 @@ mod tests { crd::v1alpha1, framework::{ builder::pod::container::EnvVarSet, - role_utils::GenericProductSpecificCommonConfig, + role_utils::GenericCommonConfig, types::{ common::Port, kubernetes::{ @@ -447,7 +447,7 @@ mod tests { env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), - product_specific_common_config: GenericProductSpecificCommonConfig::default(), + product_specific_common_config: GenericCommonConfig::default(), }; let cluster = ValidatedCluster::new( diff --git a/rust/operator-binary/src/controller/build/role_group_builder.rs b/rust/operator-binary/src/controller/build/role_group_builder.rs index f5f386a..12b7fba 100644 --- a/rust/operator-binary/src/controller/build/role_group_builder.rs +++ b/rust/operator-binary/src/controller/build/role_group_builder.rs @@ -1471,7 +1471,7 @@ mod tests { framework::{ builder::pod::container::EnvVarSet, product_logging::framework::VectorContainerLogConfig, - role_utils::GenericProductSpecificCommonConfig, + role_utils::GenericCommonConfig, types::{ kubernetes::{ ConfigMapKey, ConfigMapName, ListenerClassName, ListenerName, NamespaceName, @@ -1583,7 +1583,7 @@ mod tests { env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), - product_specific_common_config: GenericProductSpecificCommonConfig::default(), + product_specific_common_config: GenericCommonConfig::default(), }; let security_settings = v1alpha1::SecuritySettings { diff --git a/rust/operator-binary/src/controller/validate.rs b/rust/operator-binary/src/controller/validate.rs index b8bda15..14a4272 100644 --- a/rust/operator-binary/src/controller/validate.rs +++ b/rust/operator-binary/src/controller/validate.rs @@ -465,7 +465,7 @@ mod tests { product_logging::framework::{ ValidatedContainerLogConfigChoice, VectorContainerLogConfig, }, - role_utils::{GenericProductSpecificCommonConfig, RoleGroupConfig}, + role_utils::{GenericCommonConfig, RoleGroupConfig}, types::{ common::Port, kubernetes::{ @@ -684,8 +684,7 @@ mod tests { }), ..PodTemplateSpec::default() }, - product_specific_common_config: GenericProductSpecificCommonConfig::default( - ) + product_specific_common_config: GenericCommonConfig::default() } )] .into(), @@ -1071,7 +1070,7 @@ mod tests { }), ..PodTemplateSpec::default() }, - product_specific_common_config: GenericProductSpecificCommonConfig::default( + product_specific_common_config: GenericCommonConfig::default( ), }, role_config: v1alpha1::OpenSearchRoleConfig::default(), @@ -1136,7 +1135,7 @@ mod tests { ..PodTemplateSpec::default() }, product_specific_common_config: - GenericProductSpecificCommonConfig::default(), + GenericCommonConfig::default(), }, replicas: Some(3), }, diff --git a/rust/operator-binary/src/crd/mod.rs b/rust/operator-binary/src/crd/mod.rs index 219b6d8..93c3d75 100644 --- a/rust/operator-binary/src/crd/mod.rs +++ b/rust/operator-binary/src/crd/mod.rs @@ -34,7 +34,7 @@ use crate::{ framework::{ NameIsValidLabelValue, config_overrides::KeyValueConfigOverrides, - role_utils::GenericProductSpecificCommonConfig, + role_utils::GenericCommonConfig, types::{ kubernetes::{ ConfigMapKey, ConfigMapName, ContainerName, ListenerClassName, SecretClassName, @@ -53,12 +53,12 @@ type OpenSearchRole = Role< v1alpha1::OpenSearchConfigFragment, v1alpha1::OpenSearchConfigOverrides, v1alpha1::OpenSearchRoleConfig, - GenericProductSpecificCommonConfig, + GenericCommonConfig, >; pub type OpenSearchRoleGroup = RoleGroup< v1alpha1::OpenSearchConfigFragment, - GenericProductSpecificCommonConfig, + GenericCommonConfig, v1alpha1::OpenSearchConfigOverrides, >; diff --git a/rust/operator-binary/src/framework/role_utils.rs b/rust/operator-binary/src/framework/role_utils.rs index dcb9b40..76ebf5a 100644 --- a/rust/operator-binary/src/framework/role_utils.rs +++ b/rust/operator-binary/src/framework/role_utils.rs @@ -22,12 +22,11 @@ use super::{ }, }; -/// Variant of [`stackable_operator::role_utils::GenericProductSpecificCommonConfig`] that -/// implements [`Merge`] +/// Variant of [`stackable_operator::role_utils::GenericCommonConfig`] that implements [`Merge`] #[derive(Clone, Debug, Default, Deserialize, JsonSchema, PartialEq, Serialize)] -pub struct GenericProductSpecificCommonConfig {} +pub struct GenericCommonConfig {} -impl Merge for GenericProductSpecificCommonConfig { +impl Merge for GenericCommonConfig { fn merge(&mut self, _defaults: &Self) {} } From b107b84caf3a0dbb54ff2fe964754900850680e3 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Mon, 27 Apr 2026 16:24:41 +0200 Subject: [PATCH 04/17] chore: Upgrade rustls-webpki --- Cargo.lock | 4 ++-- Cargo.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fd0d894..54a3603 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2509,9 +2509,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.9" +version = "0.103.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7df23109aa6c1567d1c575b9952556388da57401e4ace1d15f79eedad0d8f53" +checksum = "61c429a8649f110dddef65e2a5ad240f747e85f7758a6bccc7e5777bd33f756e" dependencies = [ "ring", "rustls-pki-types", diff --git a/Cargo.nix b/Cargo.nix index 16dff24..1b5a74e 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -8336,9 +8336,9 @@ rec { }; "rustls-webpki" = rec { crateName = "rustls-webpki"; - version = "0.103.9"; + version = "0.103.13"; edition = "2021"; - sha256 = "0lwg1nnyv7pp2lfwwjhy81bxm233am99jnsp3iymdhd6k8827pyp"; + sha256 = "0vkm7z9pnxz5qz66p2kmyy2pwx0g4jnsbqk5xzfhs4czcjl2ki31"; libName = "webpki"; dependencies = [ { From fd9d88a6f68478f56a56a01ffe7cdd85df8a1539 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Mon, 27 Apr 2026 17:04:18 +0200 Subject: [PATCH 05/17] chore: Regenerate charts --- extra/crds.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/extra/crds.yaml b/extra/crds.yaml index d907f81..9090c1d 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1945,9 +1945,7 @@ spec: type: object roleGroups: additionalProperties: - description: |- - Variant of [`stackable_operator::role_utils::GenericProductSpecificCommonConfig`] that - implements [`Merge`] + description: Variant of [`stackable_operator::role_utils::GenericCommonConfig`] that implements [`Merge`] properties: cliOverrides: additionalProperties: From fb5583115292fa0022ecde0444c600b04f39e4ce Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Thu, 30 Apr 2026 13:10:40 +0200 Subject: [PATCH 06/17] chore: Improve code style --- extra/crds.yaml | 10 ++++++++++ rust/operator-binary/src/controller.rs | 2 +- .../src/controller/build/role_group_builder.rs | 4 ++++ rust/operator-binary/src/crd/mod.rs | 2 +- .../src/framework/config_overrides.rs | 4 ++++ rust/operator-binary/src/framework/role_utils.rs | 14 ++++++-------- 6 files changed, 26 insertions(+), 10 deletions(-) diff --git a/extra/crds.yaml b/extra/crds.yaml index 9090c1d..671725d 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1871,6 +1871,11 @@ spec: nullable: true type: string default: {} + description: |- + Flat key-value overrides for `*.properties`, Hadoop XML, etc. + + This is backwards-compatible with the existing flat key-value YAML format + used by `HashMap`. type: object type: object envOverrides: @@ -2562,6 +2567,11 @@ spec: nullable: true type: string default: {} + description: |- + Flat key-value overrides for `*.properties`, Hadoop XML, etc. + + This is backwards-compatible with the existing flat key-value YAML format + used by `HashMap`. type: object type: object envOverrides: diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index f2a709a..262968d 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -147,8 +147,8 @@ impl ReconcilerError for Error { } type OpenSearchRoleGroupConfig = RoleGroupConfig< - GenericCommonConfig, ValidatedOpenSearchConfig, + GenericCommonConfig, v1alpha1::OpenSearchConfigOverrides, >; diff --git a/rust/operator-binary/src/controller/build/role_group_builder.rs b/rust/operator-binary/src/controller/build/role_group_builder.rs index 12b7fba..38e8195 100644 --- a/rust/operator-binary/src/controller/build/role_group_builder.rs +++ b/rust/operator-binary/src/controller/build/role_group_builder.rs @@ -1073,6 +1073,8 @@ impl<'a> RoleGroupBuilder<'a> { ) -> Vec { let mut volume_source_builder = SecretOperatorVolumeSourceBuilder::new( tls_internal_secret_class, + // OpenSearch requires both the public certificate and the private key to serve the + // transport layer via TLS. SecretClassVolumeProvisionParts::PublicPrivate, ); @@ -1110,6 +1112,8 @@ impl<'a> RoleGroupBuilder<'a> { ) -> Vec { let mut volume_source_builder = SecretOperatorVolumeSourceBuilder::new( tls_server_secret_class, + // OpenSearch requires both the public certificate and the private key to serve the + // REST layer via TLS. SecretClassVolumeProvisionParts::PublicPrivate, ); diff --git a/rust/operator-binary/src/crd/mod.rs b/rust/operator-binary/src/crd/mod.rs index 93c3d75..d1bc6ad 100644 --- a/rust/operator-binary/src/crd/mod.rs +++ b/rust/operator-binary/src/crd/mod.rs @@ -488,8 +488,8 @@ pub mod versioned { } #[derive(Clone, Debug, Default, Deserialize, JsonSchema, Merge, PartialEq, Serialize)] - #[serde(rename_all = "camelCase")] pub struct OpenSearchConfigOverrides { + // File name defined in [`crate::controller::build::node_config::CONFIGURATION_FILE_OPENSEARCH_YML`] #[serde(default, rename = "opensearch.yml")] pub opensearch_yml: KeyValueConfigOverrides, } diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index 40dc2f4..75696a8 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -5,6 +5,10 @@ use serde::{Deserialize, Serialize}; use stackable_operator::{config::merge::Merge, schemars}; // Mergeable variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] +/// Flat key-value overrides for `*.properties`, Hadoop XML, etc. +/// +/// This is backwards-compatible with the existing flat key-value YAML format +/// used by `HashMap`. #[derive(Clone, Debug, Default, Deserialize, Eq, JsonSchema, Merge, PartialEq, Serialize)] pub struct KeyValueConfigOverrides { #[serde(flatten)] diff --git a/rust/operator-binary/src/framework/role_utils.rs b/rust/operator-binary/src/framework/role_utils.rs index 76ebf5a..b75e018 100644 --- a/rust/operator-binary/src/framework/role_utils.rs +++ b/rust/operator-binary/src/framework/role_utils.rs @@ -37,7 +37,7 @@ impl Merge for GenericCommonConfig { /// * `config` is flattened. /// * The [`HashMap`] in `env_overrides` is replaced with an [`EnvVarSet`]. #[derive(Clone, Debug, PartialEq)] -pub struct RoleGroupConfig { +pub struct RoleGroupConfig { pub replicas: u16, pub config: Config, pub config_overrides: ConfigOverrides, @@ -46,12 +46,10 @@ pub struct RoleGroupConfig pub pod_overrides: PodTemplateSpec, // allow(dead_code) is not necessary anymore when moved to operator-rs #[allow(dead_code)] - pub product_specific_common_config: ProductSpecificCommonConfig, + pub product_specific_common_config: CommonConfig, } -impl - RoleGroupConfig -{ +impl RoleGroupConfig { pub fn cli_overrides_to_vec(&self) -> Vec { self.cli_overrides .clone() @@ -62,13 +60,13 @@ impl } /// Merges and validates the [`RoleGroup`] with the given `role` and `default_config` -pub fn with_validated_config( +pub fn with_validated_config( role_group: &RoleGroup, role: &Role, default_config: &Config, -) -> Result, fragment::ValidationError> +) -> Result, fragment::ValidationError> where - C: FromFragment, + ValidatedConfig: FromFragment, CommonConfig: Clone + Default + JsonSchema + Merge + Serialize, Config: Clone + Merge, RoleConfig: Default + JsonSchema + Serialize, From 4abc6a4f212cab21e5c5f72857476c7730bfb589 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Tue, 5 May 2026 12:09:09 +0200 Subject: [PATCH 07/17] feat: Support jsonMergePatch in configOverrides --- Cargo.lock | 8 +- Cargo.nix | 14 +- Cargo.toml | 2 + extra/crds.yaml | 24 +--- rust/operator-binary/Cargo.toml | 2 + .../src/controller/build/node_config.rs | 90 +++++------- .../src/controller/build/role_builder.rs | 6 +- .../src/controller/validate.rs | 35 ++--- rust/operator-binary/src/crd/mod.rs | 44 +++++- .../src/framework/config_overrides.rs | 100 ++++++++++++- .../kuttl/security-config/11-assert.yaml | 51 ++++++- .../kuttl/security-config/21-assert.yaml | 51 ++++++- tests/templates/kuttl/smoke/10-assert.yaml.j2 | 135 +++++++++++++----- .../kuttl/smoke/10-install-opensearch.yaml.j2 | 17 +-- 14 files changed, 414 insertions(+), 165 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 54a3603..7451fce 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1474,14 +1474,14 @@ dependencies = [ [[package]] name = "json-patch" -version = "4.1.0" +version = "4.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f300e415e2134745ef75f04562dd0145405c2f7fd92065db029ac4b16b57fe90" +checksum = "7421438de105a0827e44fadd05377727847d717c80ce29a229f85fd04c427b72" dependencies = [ "jsonptr", "serde", "serde_json", - "thiserror 1.0.69", + "thiserror 2.0.18", ] [[package]] @@ -2926,11 +2926,13 @@ dependencies = [ "built", "clap", "futures 0.3.32", + "json-patch", "pretty_assertions", "regex", "rstest", "serde", "serde_json", + "serde_yaml", "snafu 0.9.0", "stackable-operator", "strum", diff --git a/Cargo.nix b/Cargo.nix index 1b5a74e..382f304 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -4667,9 +4667,9 @@ rec { }; "json-patch" = rec { crateName = "json-patch"; - version = "4.1.0"; + version = "4.2.0"; edition = "2021"; - sha256 = "147yaxmv3i4s0bdna86rgwpmqh2507fn4ighfpplaiqkw8ay807k"; + sha256 = "0wkv896d0pzq56i2kkl0giqpv117fwvhbpgs8iz85805w66l68bl"; libName = "json_patch"; authors = [ "Ivan Dubrov " @@ -4690,7 +4690,7 @@ rec { } { name = "thiserror"; - packageId = "thiserror 1.0.69"; + packageId = "thiserror 2.0.18"; } ]; devDependencies = [ @@ -9639,6 +9639,10 @@ rec { packageId = "futures 0.3.32"; features = [ "compat" ]; } + { + name = "json-patch"; + packageId = "json-patch"; + } { name = "regex"; packageId = "regex"; @@ -9652,6 +9656,10 @@ rec { name = "serde_json"; packageId = "serde_json"; } + { + name = "serde_yaml"; + packageId = "serde_yaml"; + } { name = "snafu"; packageId = "snafu 0.9.0"; diff --git a/Cargo.toml b/Cargo.toml index ee4f316..12c82c4 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,11 +15,13 @@ stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", built = { version = "0.8.0", features = ["chrono", "git2"] } clap = "4.5" futures = { version = "0.3", features = ["compat"] } +json-patch = "4.2" pretty_assertions = "1.4" regex = "1.11" rstest = "0.26" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" +serde_yaml = "0.9" snafu = { version = "0.9", features = ["futures"] } strum = { version = "0.28", features = ["derive"] } tokio = { version = "1.47", features = ["full"] } diff --git a/extra/crds.yaml b/extra/crds.yaml index 671725d..bf47187 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1867,16 +1867,10 @@ spec: available config files and settings for the specific product. properties: opensearch.yml: - additionalProperties: - nullable: true - type: string - default: {} - description: |- - Flat key-value overrides for `*.properties`, Hadoop XML, etc. - - This is backwards-compatible with the existing flat key-value YAML format - used by `HashMap`. + default: + jsonMergePatch: {} type: object + x-kubernetes-preserve-unknown-fields: true type: object envOverrides: additionalProperties: @@ -2563,16 +2557,10 @@ spec: available config files and settings for the specific product. properties: opensearch.yml: - additionalProperties: - nullable: true - type: string - default: {} - description: |- - Flat key-value overrides for `*.properties`, Hadoop XML, etc. - - This is backwards-compatible with the existing flat key-value YAML format - used by `HashMap`. + default: + jsonMergePatch: {} type: object + x-kubernetes-preserve-unknown-fields: true type: object envOverrides: additionalProperties: diff --git a/rust/operator-binary/Cargo.toml b/rust/operator-binary/Cargo.toml index dfff78d..6a23107 100644 --- a/rust/operator-binary/Cargo.toml +++ b/rust/operator-binary/Cargo.toml @@ -14,9 +14,11 @@ stackable-operator.workspace = true clap.workspace = true futures.workspace = true +json-patch.workspace = true regex.workspace = true serde.workspace = true serde_json.workspace = true +serde_yaml.workspace = true snafu.workspace = true strum.workspace = true tokio.workspace = true diff --git a/rust/operator-binary/src/controller/build/node_config.rs b/rust/operator-binary/src/controller/build/node_config.rs index 8575e30..fd32028 100644 --- a/rust/operator-binary/src/controller/build/node_config.rs +++ b/rust/operator-binary/src/controller/build/node_config.rs @@ -1,10 +1,10 @@ //! Configuration of an OpenSearch node -use serde_json::{Value, json}; +use serde_json::json; use stackable_operator::{ builder::pod::container::FieldPathEnvVar, commons::networking::DomainName, + k8s_openapi::DeepMerge, }; -use tracing::warn; use super::ValidatedCluster; use crate::{ @@ -15,6 +15,7 @@ use crate::{ crd::v1alpha1, framework::{ builder::pod::container::{EnvVarName, EnvVarSet}, + config_overrides::JsonConfigOverrides, product_logging::framework::STACKABLE_LOG_DIR, role_group_utils, types::{kubernetes::ServiceName, operator::RoleGroupName}, @@ -174,39 +175,30 @@ impl NodeConfig { /// Creates the main OpenSearch configuration file in YAML format pub fn opensearch_config_file_content(&self) -> String { - Self::to_yaml(self.opensearch_config()) + serde_yaml::to_string(&self.opensearch_config()) + .expect("serde_json::Value should always be serializable") } - pub fn opensearch_config(&self) -> serde_json::Map { + pub fn opensearch_config(&self) -> serde_json::Value { let mut config = self.static_opensearch_config(); - config.append(&mut self.tls_config()); + config.merge_from(self.tls_config()); - for (setting, value) in &self + let json_config_overrides: JsonConfigOverrides = self .role_group_config .config_overrides .opensearch_yml - .overrides - { - let old_value = config.insert(setting.to_owned(), json!(value)); - if let Some(old_value) = old_value { - warn!( - "configOverrides: Configuration setting {setting:?} changed from {old_value} to {value:?}." - ); - } - } - - // Ensure a deterministic result - config.sort_keys(); + .clone() + .into(); - config + json_config_overrides.apply(&config).into_owned() } /// Creates the main OpenSearch configuration file as JSON map /// /// The file should only contain cluster-wide configuration options. Node-specific options /// should be defined as environment variables. - pub fn static_opensearch_config(&self) -> serde_json::Map { + pub fn static_opensearch_config(&self) -> serde_json::Value { let mut config = serde_json::Map::new(); config.insert( @@ -262,7 +254,7 @@ impl NodeConfig { } }; - config + json!(config) } /// Distinguished name (DN) of the super admin certificate @@ -271,7 +263,7 @@ impl NodeConfig { format!("CN=update-security-config.{}", self.cluster.uid) } - pub fn tls_config(&self) -> serde_json::Map { + pub fn tls_config(&self) -> serde_json::Value { let mut config = serde_json::Map::new(); let opensearch_path_conf = self.opensearch_path_conf(); @@ -327,7 +319,7 @@ impl NodeConfig { ); } - config + json!(config) } /// Creates environment variables for the OpenSearch configurations @@ -396,13 +388,6 @@ impl NodeConfig { env_vars.merge(self.role_group_config.env_overrides.clone()) } - fn to_yaml(kv: serde_json::Map) -> String { - kv.iter() - .map(|(key, value)| format!("{key}: {value}")) - .collect::>() - .join("\n") - } - /// Configuration for `discovery.type` /// /// "zen" is the default if `discovery.type` is not set. @@ -619,13 +604,15 @@ mod tests { termination_grace_period_seconds: 30, }, config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: KeyValueConfigOverrides { - overrides: test_config - .config_settings - .iter() - .map(|(k, v)| (k.to_string(), Some(v.to_string()))) - .collect(), - }, + opensearch_yml: v1alpha1::ConfigOverridesChoice::KeyValue( + KeyValueConfigOverrides { + overrides: test_config + .config_settings + .iter() + .map(|(k, v)| (k.to_string(), Some(v.to_string()))) + .collect(), + }, + ), }, env_overrides: EnvVarSet::new().with_values( test_config @@ -712,22 +699,23 @@ mod tests { assert_eq!( concat!( - "cluster.name: \"my-opensearch-cluster\"\n", - "discovery.type: \"zen\"\n", - "network.host: \"0.0.0.0\"\n", - "node.attr.role-group: \"data\"\n", - "path.logs: \"/stackable/log/opensearch\"\n", - "plugins.security.authcz.admin_dn: \"CN=update-security-config.0b1e30e6-326e-4c1a-868d-ad6598b49e8b\"\n", - "plugins.security.nodes_dn: [\"CN=generated certificate for pod\"]\n", + "cluster.name: my-opensearch-cluster\n", + "discovery.type: zen\n", + "network.host: 0.0.0.0\n", + "node.attr.role-group: data\n", + "path.logs: /stackable/log/opensearch\n", + "plugins.security.authcz.admin_dn: CN=update-security-config.0b1e30e6-326e-4c1a-868d-ad6598b49e8b\n", + "plugins.security.nodes_dn:\n", + "- CN=generated certificate for pod\n", "plugins.security.ssl.http.enabled: true\n", - "plugins.security.ssl.http.pemcert_filepath: \"/stackable/opensearch/config/tls/server/tls.crt\"\n", - "plugins.security.ssl.http.pemkey_filepath: \"/stackable/opensearch/config/tls/server/tls.key\"\n", - "plugins.security.ssl.http.pemtrustedcas_filepath: \"/stackable/opensearch/config/tls/server/ca.crt\"\n", + "plugins.security.ssl.http.pemcert_filepath: /stackable/opensearch/config/tls/server/tls.crt\n", + "plugins.security.ssl.http.pemkey_filepath: /stackable/opensearch/config/tls/server/tls.key\n", + "plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/server/ca.crt\n", "plugins.security.ssl.transport.enabled: true\n", - "plugins.security.ssl.transport.pemcert_filepath: \"/stackable/opensearch/config/tls/internal/tls.crt\"\n", - "plugins.security.ssl.transport.pemkey_filepath: \"/stackable/opensearch/config/tls/internal/tls.key\"\n", - "plugins.security.ssl.transport.pemtrustedcas_filepath: \"/stackable/opensearch/config/tls/internal/ca.crt\"\n", - "test: \"value\"", + "plugins.security.ssl.transport.pemcert_filepath: /stackable/opensearch/config/tls/internal/tls.crt\n", + "plugins.security.ssl.transport.pemkey_filepath: /stackable/opensearch/config/tls/internal/tls.key\n", + "plugins.security.ssl.transport.pemtrustedcas_filepath: /stackable/opensearch/config/tls/internal/ca.crt\n", + "test: value\n", ) .to_owned(), node_config.opensearch_config_file_content() diff --git a/rust/operator-binary/src/controller/build/role_builder.rs b/rust/operator-binary/src/controller/build/role_builder.rs index c9ebfd0..cd59459 100644 --- a/rust/operator-binary/src/controller/build/role_builder.rs +++ b/rust/operator-binary/src/controller/build/role_builder.rs @@ -223,7 +223,11 @@ impl<'a> RoleBuilder<'a> { v1alpha1::SecuritySettingsFileTypeContentValue { value }, ) = &file_type.content { - data.insert(file_type.filename.to_owned(), value.to_string()); + data.insert( + file_type.filename.to_owned(), + serde_yaml::to_string(value) + .expect("serde_json::Value should be serializable"), + ); } } } diff --git a/rust/operator-binary/src/controller/validate.rs b/rust/operator-binary/src/controller/validate.rs index 14a4272..28be4d7 100644 --- a/rust/operator-binary/src/controller/validate.rs +++ b/rust/operator-binary/src/controller/validate.rs @@ -423,6 +423,7 @@ mod tests { use std::{collections::BTreeMap, str::FromStr}; use pretty_assertions::assert_eq; + use serde_json::json; use stackable_operator::{ commons::{ affinity::StackableAffinity, @@ -461,7 +462,7 @@ mod tests { crd::{NodeRoles, OpenSearchKeystoreKey, v1alpha1}, framework::{ builder::pod::container::{EnvVarName, EnvVarSet}, - config_overrides::KeyValueConfigOverrides, + config_overrides::{JsonConfigOverrides, KeyValueConfigOverrides}, product_logging::framework::{ ValidatedContainerLogConfigChoice, VectorContainerLogConfig, }, @@ -620,23 +621,13 @@ mod tests { termination_grace_period_seconds: 300, }, config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: KeyValueConfigOverrides { - overrides: [ - ( - "setting1".to_owned(), - Some("value from role level".to_owned()) - ), - ( - "setting2".to_owned(), - Some("value from role-group level".to_owned()) - ), - ( - "setting3".to_owned(), - Some("value from role-group level".to_owned()) - ), - ] - .into() - } + opensearch_yml: v1alpha1::ConfigOverridesChoice::Json( + JsonConfigOverrides::JsonMergePatch(json!({ + "setting1": "value from role level", + "setting2": "value from role-group level", + "setting3": "value from role-group level", + })), + ) }, env_overrides: EnvVarSet::new().with_values([ ( @@ -1039,13 +1030,13 @@ mod tests { ..v1alpha1::OpenSearchConfigFragment::default() }, config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: KeyValueConfigOverrides { + opensearch_yml: v1alpha1::ConfigOverridesChoice::KeyValue(KeyValueConfigOverrides { overrides: [ ("setting1".to_owned(), Some("value from role level".to_owned())), ("setting2".to_owned(), Some("value from role level".to_owned())), ] .into() - } + }) }, env_overrides: [ ("ENV1".to_owned(), "value from role level".to_owned()), @@ -1085,7 +1076,7 @@ mod tests { ..v1alpha1::OpenSearchConfigFragment::default() }, config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: KeyValueConfigOverrides { + opensearch_yml: v1alpha1::ConfigOverridesChoice::KeyValue(KeyValueConfigOverrides { overrides: [ ( "setting2".to_owned(), @@ -1097,7 +1088,7 @@ mod tests { ), ] .into() - } + }) }, env_overrides: [ ("ENV2".to_owned(), "value from role-group level".to_owned()), diff --git a/rust/operator-binary/src/crd/mod.rs b/rust/operator-binary/src/crd/mod.rs index d1bc6ad..d6fc1ae 100644 --- a/rust/operator-binary/src/crd/mod.rs +++ b/rust/operator-binary/src/crd/mod.rs @@ -33,7 +33,7 @@ use crate::{ attributed_string_type, constant, framework::{ NameIsValidLabelValue, - config_overrides::KeyValueConfigOverrides, + config_overrides::{JsonConfigOverrides, KeyValueConfigOverrides}, role_utils::GenericCommonConfig, types::{ kubernetes::{ @@ -489,9 +489,18 @@ pub mod versioned { #[derive(Clone, Debug, Default, Deserialize, JsonSchema, Merge, PartialEq, Serialize)] pub struct OpenSearchConfigOverrides { - // File name defined in [`crate::controller::build::node_config::CONFIGURATION_FILE_OPENSEARCH_YML`] + // File name defined in + // [`crate::controller::build::node_config::CONFIGURATION_FILE_OPENSEARCH_YML`] #[serde(default, rename = "opensearch.yml")] - pub opensearch_yml: KeyValueConfigOverrides, + pub opensearch_yml: ConfigOverridesChoice, + } + + #[derive(Clone, Debug, Deserialize, JsonSchema, PartialEq, Serialize)] + #[serde(untagged)] + #[schemars(schema_with = "raw_object_schema")] + pub enum ConfigOverridesChoice { + Json(JsonConfigOverrides), + KeyValue(KeyValueConfigOverrides), } #[derive(Clone, Default, Debug, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] @@ -500,11 +509,40 @@ pub mod versioned { /// An opaque value that changes every time a discovery detail does #[serde(default, skip_serializing_if = "Option::is_none")] pub discovery_hash: Option, + #[serde(default)] pub conditions: Vec, } } +impl Default for v1alpha1::ConfigOverridesChoice { + fn default() -> Self { + v1alpha1::ConfigOverridesChoice::Json(JsonConfigOverrides::default()) + } +} + +impl From for JsonConfigOverrides { + fn from(value: v1alpha1::ConfigOverridesChoice) -> Self { + match value { + v1alpha1::ConfigOverridesChoice::KeyValue(key_value_config_overrides) => { + key_value_config_overrides.into() + } + v1alpha1::ConfigOverridesChoice::Json(json_config_overrides) => json_config_overrides, + } + } +} + +impl Merge for v1alpha1::ConfigOverridesChoice { + fn merge(&mut self, defaults: &Self) { + let mut self_json_config_overrides: JsonConfigOverrides = self.clone().into(); + let defaults_json_config_overrides = defaults.clone().into(); + + self_json_config_overrides.merge(&defaults_json_config_overrides); + + *self = v1alpha1::ConfigOverridesChoice::Json(self_json_config_overrides); + } +} + impl HasStatusCondition for v1alpha1::OpenSearchCluster { fn conditions(&self) -> Vec { match &self.status { diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index 75696a8..74e6852 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -1,10 +1,12 @@ -use std::collections::BTreeMap; +use std::{borrow::Cow, collections::BTreeMap}; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; -use stackable_operator::{config::merge::Merge, schemars}; +use serde_json::json; +use stackable_operator::{config::merge::Merge, schemars, utils::crds::raw_object_schema}; -// Mergeable variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] +// Variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] that implements +// Merge /// Flat key-value overrides for `*.properties`, Hadoop XML, etc. /// /// This is backwards-compatible with the existing flat key-value YAML format @@ -14,3 +16,95 @@ pub struct KeyValueConfigOverrides { #[serde(flatten)] pub overrides: BTreeMap>, } + +// Variant of [`stackable_operator::config_overrides::JsonConfigOverrides`] with the following +// changes: +// - It implements Default. +// - It implements Merge. +// - The JsonPatches variant was removed because it could fail in the build stage. +// - The UserProvided variant also contains a JSON value instead of a string. +/// ConfigOverrides that can be applied to a JSON file. +#[derive(Clone, Debug, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] +#[serde(rename_all = "camelCase")] +pub enum JsonConfigOverrides { + /// Can be set to arbitrary YAML content, which is converted to JSON and used as + /// [RFC 7396](https://datatracker.ietf.org/doc/html/rfc7396) JSON merge patch. + #[schemars(schema_with = "raw_object_schema")] + JsonMergePatch(serde_json::Value), + + /// Override the entire config file with the specified JSON value. + #[schemars(schema_with = "raw_object_schema")] + UserProvided(serde_json::Value), +} + +impl JsonConfigOverrides { + // Infallible variant of [`stackable_operator::config_overrides::JsonConfigOverrides::apply`] + pub fn apply(&self, base: &serde_json::Value) -> Cow<'_, serde_json::Value> { + match self { + Self::JsonMergePatch(patch) => { + let mut doc = base.clone(); + json_patch::merge(&mut doc, patch); + Cow::Owned(doc) + } + Self::UserProvided(content) => Cow::Borrowed(content), + } + } +} + +impl Default for JsonConfigOverrides { + fn default() -> Self { + JsonConfigOverrides::JsonMergePatch(json!({})) + } +} + +impl Merge for JsonConfigOverrides { + fn merge(&mut self, defaults: &Self) { + match (&self, defaults) { + ( + JsonConfigOverrides::JsonMergePatch(patch), + JsonConfigOverrides::JsonMergePatch(base), + ) => { + let mut doc = base.clone(); + json_patch::merge(&mut doc, patch); + *self = JsonConfigOverrides::JsonMergePatch(doc); + } + ( + JsonConfigOverrides::JsonMergePatch(patch), + JsonConfigOverrides::UserProvided(base), + ) => { + let mut doc = base.clone(); + json_patch::merge(&mut doc, patch); + *self = JsonConfigOverrides::UserProvided(doc); + } + (JsonConfigOverrides::UserProvided(patch), _) => { + *self = JsonConfigOverrides::UserProvided(patch.clone()); + } + } + } +} + +impl From for JsonConfigOverrides { + fn from(value: KeyValueConfigOverrides) -> Self { + JsonConfigOverrides::JsonMergePatch(value.overrides.into_iter().collect()) + } +} + +#[cfg(test)] +mod tests { + use serde_json::json; + + use super::*; + + #[test] + fn json_config_overrides_from_key_value_config_overrides() { + let key_value_config_overrides = KeyValueConfigOverrides { + overrides: [("a".to_owned(), Some("b".to_owned()))].into(), + }; + + let actual_json_config_overrides: JsonConfigOverrides = key_value_config_overrides.into(); + + let expected_json_config_overrides = JsonConfigOverrides::JsonMergePatch(json!({"a": "b"})); + + assert_eq!(expected_json_config_overrides, actual_json_config_overrides); + } +} diff --git a/tests/templates/kuttl/security-config/11-assert.yaml b/tests/templates/kuttl/security-config/11-assert.yaml index 85668c8..f511862 100644 --- a/tests/templates/kuttl/security-config/11-assert.yaml +++ b/tests/templates/kuttl/security-config/11-assert.yaml @@ -38,10 +38,47 @@ kind: ConfigMap metadata: name: opensearch-security-config data: - action_groups.yml: '{"_meta":{"config_version":2,"type":"actiongroups"}}' - allowlist.yml: '{"_meta":{"config_version":2,"type":"allowlist"},"config":{"enabled":false}}' - audit.yml: '{"_meta":{"config_version":2,"type":"audit"},"config":{"enabled":false}}' - config.yml: '{"_meta":{"config_version":2,"type":"config"},"config":{"dynamic":{"authc":{"basic_internal_auth_domain":{"authentication_backend":{"type":"intern"},"description":"Authenticate - via HTTP Basic against internal users database","http_authenticator":{"challenge":true,"type":"basic"},"http_enabled":true,"order":1,"transport_enabled":true}},"authz":{},"http":{"anonymous_auth_enabled":true}}}}' - nodes_dn.yml: '{"_meta":{"config_version":2,"type":"nodesdn"}}' - tenants.yml: '{"_meta":{"config_version":2,"type":"tenants"}}' + action_groups.yml: | + _meta: + config_version: 2 + type: actiongroups + allowlist.yml: | + _meta: + config_version: 2 + type: allowlist + config: + enabled: false + audit.yml: | + _meta: + config_version: 2 + type: audit + config: + enabled: false + config.yml: | + _meta: + config_version: 2 + type: config + config: + dynamic: + authc: + basic_internal_auth_domain: + authentication_backend: + type: intern + description: Authenticate via HTTP Basic against internal users database + http_authenticator: + challenge: true + type: basic + http_enabled: true + order: 1 + transport_enabled: true + authz: {} + http: + anonymous_auth_enabled: true + nodes_dn.yml: | + _meta: + config_version: 2 + type: nodesdn + tenants.yml: | + _meta: + config_version: 2 + type: tenants diff --git a/tests/templates/kuttl/security-config/21-assert.yaml b/tests/templates/kuttl/security-config/21-assert.yaml index 9cab8a4..78a756a 100644 --- a/tests/templates/kuttl/security-config/21-assert.yaml +++ b/tests/templates/kuttl/security-config/21-assert.yaml @@ -8,10 +8,47 @@ kind: ConfigMap metadata: name: opensearch-security-config data: - action_groups.yml: '{"_meta":{"config_version":2,"type":"actiongroups"}}' - allowlist.yml: '{"_meta":{"config_version":2,"type":"allowlist"},"config":{"enabled":false}}' - audit.yml: '{"_meta":{"config_version":2,"type":"audit"},"config":{"enabled":false}}' - config.yml: '{"_meta":{"config_version":2,"type":"config"},"config":{"dynamic":{"authc":{"basic_internal_auth_domain":{"authentication_backend":{"type":"intern"},"description":"Authenticate - via HTTP Basic against internal users database","http_authenticator":{"challenge":true,"type":"basic"},"http_enabled":true,"order":1,"transport_enabled":true}},"authz":{},"http":{"anonymous_auth_enabled":false}}}}' - nodes_dn.yml: '{"_meta":{"config_version":2,"type":"nodesdn"}}' - tenants.yml: '{"_meta":{"config_version":2,"type":"tenants"}}' + action_groups.yml: | + _meta: + config_version: 2 + type: actiongroups + allowlist.yml: | + _meta: + config_version: 2 + type: allowlist + config: + enabled: false + audit.yml: | + _meta: + config_version: 2 + type: audit + config: + enabled: false + config.yml: | + _meta: + config_version: 2 + type: config + config: + dynamic: + authc: + basic_internal_auth_domain: + authentication_backend: + type: intern + description: Authenticate via HTTP Basic against internal users database + http_authenticator: + challenge: true + type: basic + http_enabled: true + order: 1 + transport_enabled: true + authz: {} + http: + anonymous_auth_enabled: false + nodes_dn.yml: | + _meta: + config_version: 2 + type: nodesdn + tenants.yml: | + _meta: + config_version: 2 + type: tenants diff --git a/tests/templates/kuttl/smoke/10-assert.yaml.j2 b/tests/templates/kuttl/smoke/10-assert.yaml.j2 index 1318a6e..74bbb0d 100644 --- a/tests/templates/kuttl/smoke/10-assert.yaml.j2 +++ b/tests/templates/kuttl/smoke/10-assert.yaml.j2 @@ -965,15 +965,70 @@ metadata: kind: OpenSearchCluster name: opensearch data: - action_groups.yml: '{"_meta":{"config_version":2,"type":"actiongroups"}}' - allowlist.yml: '{"_meta":{"config_version":2,"type":"allowlist"},"config":{"enabled":false}}' - audit.yml: '{"_meta":{"config_version":2,"type":"audit"},"config":{"enabled":false}}' - config.yml: '{"_meta":{"config_version":2,"type":"config"},"config":{"dynamic":{"authc":{"basic_internal_auth_domain":{"authentication_backend":{"type":"intern"},"description":"Authenticate via HTTP Basic against internal users database","http_authenticator":{"challenge":true,"type":"basic"},"http_enabled":true,"order":1,"transport_enabled":true}},"authz":{}}}}' - internal_users.yml: '{"_meta":{"config_version":2,"type":"internalusers"},"admin":{"backend_roles":["admin"],"description":"OpenSearch admin user","hash":"$2y$10$xRtHZFJ9QhG9GcYhRpAGpufCZYsk//nxsuel5URh0GWEBgmiI4Q/e","reserved":true}}' - nodes_dn.yml: '{"_meta":{"config_version":2,"type":"nodesdn"}}' - roles.yml: '{"_meta":{"config_version":2,"type":"roles"}}' - roles_mapping.yml: '{"_meta":{"config_version":2,"type":"rolesmapping"},"all_access":{"backend_roles":["admin"],"reserved":false}}' - tenants.yml: '{"_meta":{"config_version":2,"type":"tenants"}}' + action_groups.yml: | + _meta: + config_version: 2 + type: actiongroups + allowlist.yml: | + _meta: + config_version: 2 + type: allowlist + config: + enabled: false + audit.yml: | + _meta: + config_version: 2 + type: audit + config: + enabled: false + config.yml: | + _meta: + config_version: 2 + type: config + config: + dynamic: + authc: + basic_internal_auth_domain: + authentication_backend: + type: intern + description: Authenticate via HTTP Basic against internal users database + http_authenticator: + challenge: true + type: basic + http_enabled: true + order: 1 + transport_enabled: true + authz: {} + internal_users.yml: | + _meta: + config_version: 2 + type: internalusers + admin: + backend_roles: + - admin + description: OpenSearch admin user + hash: $2y$10$xRtHZFJ9QhG9GcYhRpAGpufCZYsk//nxsuel5URh0GWEBgmiI4Q/e + reserved: true + nodes_dn.yml: | + _meta: + config_version: 2 + type: nodesdn + roles.yml: | + _meta: + config_version: 2 + type: roles + roles_mapping.yml: | + _meta: + config_version: 2 + type: rolesmapping + all_access: + backend_roles: + - admin + reserved: false + tenants.yml: | + _meta: + config_version: 2 + type: tenants --- apiVersion: v1 kind: ConfigMap @@ -993,28 +1048,29 @@ metadata: kind: OpenSearchCluster name: opensearch data: - opensearch.yml: |- - cluster.name: "opensearch" - cluster.routing.allocation.disk.threshold_enabled: "false" - discovery.type: "zen" - network.host: "0.0.0.0" - node.attr.role-group: "cluster-manager" - node.store.allow_mmap: "false" - path.logs: "/stackable/log/opensearch" + opensearch.yml: | + cluster.name: opensearch + cluster.routing.allocation.disk.threshold_enabled: false + discovery.type: zen + network.host: 0.0.0.0 + node.attr.role-group: cluster-manager + node.store.allow_mmap: false + path.logs: /stackable/log/opensearch plugins.security.allow_default_init_securityindex: true - plugins.security.nodes_dn: ["CN=generated certificate for pod"] + plugins.security.nodes_dn: + - CN=generated certificate for pod {% if test_scenario['values']['server-use-tls'] == 'true' %} plugins.security.ssl.http.enabled: true - plugins.security.ssl.http.pemcert_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.crt" - plugins.security.ssl.http.pemkey_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.key" - plugins.security.ssl.http.pemtrustedcas_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/server/ca.crt" + plugins.security.ssl.http.pemcert_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.crt + plugins.security.ssl.http.pemkey_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.key + plugins.security.ssl.http.pemtrustedcas_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/server/ca.crt {% else %} plugins.security.ssl.http.enabled: false {% endif %} plugins.security.ssl.transport.enabled: true - plugins.security.ssl.transport.pemcert_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.crt" - plugins.security.ssl.transport.pemkey_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.key" - plugins.security.ssl.transport.pemtrustedcas_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/ca.crt" + plugins.security.ssl.transport.pemcert_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.crt + plugins.security.ssl.transport.pemkey_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.key + plugins.security.ssl.transport.pemtrustedcas_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/ca.crt --- apiVersion: v1 kind: ConfigMap @@ -1034,28 +1090,29 @@ metadata: kind: OpenSearchCluster name: opensearch data: - opensearch.yml: |- - cluster.name: "opensearch" - cluster.routing.allocation.disk.threshold_enabled: "false" - discovery.type: "zen" - network.host: "0.0.0.0" - node.attr.role-group: "data" - node.store.allow_mmap: "false" - path.logs: "/stackable/log/opensearch" + opensearch.yml: | + cluster.name: opensearch + cluster.routing.allocation.disk.threshold_enabled: false + discovery.type: zen + network.host: 0.0.0.0 + node.attr.role-group: data + node.store.allow_mmap: false + path.logs: /stackable/log/opensearch plugins.security.allow_default_init_securityindex: true - plugins.security.nodes_dn: ["CN=generated certificate for pod"] + plugins.security.nodes_dn: + - CN=generated certificate for pod {% if test_scenario['values']['server-use-tls'] == 'true' %} plugins.security.ssl.http.enabled: true - plugins.security.ssl.http.pemcert_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.crt" - plugins.security.ssl.http.pemkey_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.key" - plugins.security.ssl.http.pemtrustedcas_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/server/ca.crt" + plugins.security.ssl.http.pemcert_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.crt + plugins.security.ssl.http.pemkey_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/server/tls.key + plugins.security.ssl.http.pemtrustedcas_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/server/ca.crt {% else %} plugins.security.ssl.http.enabled: false {% endif %} plugins.security.ssl.transport.enabled: true - plugins.security.ssl.transport.pemcert_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.crt" - plugins.security.ssl.transport.pemkey_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.key" - plugins.security.ssl.transport.pemtrustedcas_filepath: "{{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/ca.crt" + plugins.security.ssl.transport.pemcert_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.crt + plugins.security.ssl.transport.pemkey_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/tls.key + plugins.security.ssl.transport.pemtrustedcas_filepath: {{ test_scenario['values']['opensearch_home'] }}/config/tls/internal/ca.crt --- apiVersion: v1 kind: Service diff --git a/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 b/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 index 5a371b7..2c8ef67 100644 --- a/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 @@ -105,11 +105,12 @@ spec: OPENSEARCH_HOME: {{ test_scenario['values']['opensearch_home'] }} configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel setting + # vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could + # not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false From 0f97bf22d037291599111a85a9a301f998c5bdea Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Tue, 5 May 2026 12:56:07 +0200 Subject: [PATCH 08/17] chore: Remove dependency json-patch --- Cargo.lock | 493 ++++---- Cargo.nix | 1069 ++++++----------- Cargo.toml | 1 - rust/operator-binary/Cargo.toml | 1 - .../src/controller/build/role_builder.rs | 18 +- .../src/framework/config_overrides.rs | 22 +- 6 files changed, 623 insertions(+), 981 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7451fce..295e49d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -47,9 +47,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.21" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43d5b281e737544384e969a5ccad3f1cdd24b48086a0fc1b2a5262a26b8f4f4a" +checksum = "824a212faf96e9acacdbd09febd34438f8f711fb84e09a8916013cd7815ca28d" dependencies = [ "anstyle", "anstyle-parse", @@ -62,15 +62,15 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.13" +version = "1.0.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5192cca8006f1fd4f7237516f40fa183bb07f8fbdfedaa0036de5ea9b0b45e78" +checksum = "940b3a0ca603d1eade50a4846a2afffd5ef57a9feac2c0e2ec2e14f9ead76000" [[package]] name = "anstyle-parse" -version = "0.2.7" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" +checksum = "52ce7f38b242319f7cabaa6813055467063ecdc9d355bbb4ce0c68908cd8130e" dependencies = [ "utf8parse", ] @@ -103,9 +103,9 @@ checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c" [[package]] name = "arc-swap" -version = "1.8.2" +version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9f3647c145568cec02c42054e07bdf9a5a698e15b466fb2341bfc393cd24aa5" +checksum = "6a3a1fd6f75306b68087b831f025c712524bcb19aad54e557b1129cfa0a2b207" dependencies = [ "rustversion", ] @@ -169,9 +169,9 @@ checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" [[package]] name = "axum" -version = "0.8.8" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b52af3cb4058c895d37317bb27508dccc8e5f2d39454016b297bf4a400597b8" +checksum = "31b698c5f9a010f6573133b09e0de5408834d0c82f8d7475a89fc1867a71cd90" dependencies = [ "axum-core", "bytes", @@ -265,9 +265,9 @@ checksum = "5e764a1d40d510daf35e07be9eb06e75770908c27d411ee6c92109c9840eaaf7" [[package]] name = "bitflags" -version = "2.11.0" +version = "2.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "843867be96c8daad0d758b57df9392b6d8d271134fce549de6ce169ff98a92af" +checksum = "c4512299f36f043ab09a583e57bceb5a5aab7a73db1805848e8fef3c9e8c78b3" [[package]] name = "block-buffer" @@ -302,9 +302,9 @@ checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33" [[package]] name = "cc" -version = "1.2.56" +version = "1.2.61" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aebf35691d1bfb0ac386a69bac2fde4dd276fb618cf8bf4f5318fe285e821bb2" +checksum = "d16d90359e986641506914ba71350897565610e87ce0ad9e6f28569db3dd5c6d" dependencies = [ "find-msvc-tools", "jobserver", @@ -331,9 +331,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.60" +version = "4.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2797f34da339ce31042b27d23607e051786132987f595b02ba4f6a6dffb7030a" +checksum = "1ddb117e43bbf7dacf0a4190fef4d345b9bad68dfc649cb349e7d17d28428e51" dependencies = [ "clap_builder", "clap_derive", @@ -341,9 +341,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.60" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24a241312cea5059b13574bb9b3861cabf758b879c15190b37b6d6fd63ab6876" +checksum = "714a53001bf66416adb0e2ef5ac857140e7dc3a0c48fb28b2f10762fc4b5069f" dependencies = [ "anstream", "anstyle", @@ -353,9 +353,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.55" +version = "4.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a92793da1a46a5f2a02a6f4c46c6496b28c43638adea8306fcb0caa1634f24e5" +checksum = "f2ce8604710f6733aa641a2b3731eaa1e8b3d9973d5e3565da11800813f997a9" dependencies = [ "heck", "proc-macro2", @@ -365,15 +365,15 @@ dependencies = [ [[package]] name = "clap_lex" -version = "1.0.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a822ea5bc7590f9d40f1ba12c0dc3c2760f3482c6984db1573ad11031420831" +checksum = "c8d4a3bb8b1e0c1050499d1815f5ab16d04f0959b233085fb31653fbfc9d98f9" [[package]] name = "colorchoice" -version = "1.0.4" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" +checksum = "1d07550c9036bf2ae0c684c4297d503f838287c83c53686d05370d0e139ae570" [[package]] name = "concurrent-queue" @@ -392,11 +392,12 @@ checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" [[package]] name = "const_format" -version = "0.2.35" +version = "0.2.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7faa7469a93a566e9ccc1c73fe783b4a65c274c5ace346038dca9c39fe0030ad" +checksum = "4481a617ad9a412be3b97c5d403fef8ed023103368908b9c50af598ff467cc1e" dependencies = [ "const_format_proc_macros", + "konst", ] [[package]] @@ -793,9 +794,9 @@ dependencies = [ [[package]] name = "fastrand" -version = "2.3.0" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" +checksum = "9f1f227452a390804cdb637b74a86990f2a7d7ba4b7d5693aac9b4dd6defd8d6" [[package]] name = "ff" @@ -1030,9 +1031,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.4.13" +version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f44da3a8150a6703ed5d34e164b875fd14c2cdab9af1252a9a1020bde2bdc54" +checksum = "171fefbc92fe4a4de27e0698d6a5b392d6a0e333506bc49133760b3bcf948733" dependencies = [ "atomic-waker", "bytes", @@ -1058,6 +1059,12 @@ dependencies = [ "foldhash", ] +[[package]] +name = "hashbrown" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f467dd6dccf739c208452f8014c75c18bb8301b050ad1cfb27153803edb0f51" + [[package]] name = "heck" version = "0.5.0" @@ -1137,9 +1144,9 @@ checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" [[package]] name = "hyper" -version = "1.8.1" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2ab2d4f250c3d7b1c9fcdff1cece94ea4e2dfbec68614f7b87cb205f24ca9d11" +checksum = "6299f016b246a94207e63da54dbe807655bf9e00044f73ded42c3ac5305fbcca" dependencies = [ "atomic-waker", "bytes", @@ -1152,7 +1159,6 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "pin-utils", "smallvec", "tokio", "want", @@ -1160,9 +1166,9 @@ dependencies = [ [[package]] name = "hyper-rustls" -version = "0.27.7" +version = "0.27.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58" +checksum = "33ca68d021ef39cf6463ab54c1d0f5daf03377b70561305bb89a8f83aab66e0f" dependencies = [ "http", "hyper", @@ -1170,7 +1176,6 @@ dependencies = [ "log", "rustls", "rustls-native-certs", - "rustls-pki-types", "tokio", "tokio-rustls", "tower-service", @@ -1238,12 +1243,13 @@ dependencies = [ [[package]] name = "icu_collections" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c6b649701667bbe825c3b7e6388cb521c23d88644678e83c0c4d0a621a34b43" +checksum = "2984d1cd16c883d7935b9e07e44071dca8d917fd52ecc02c04d5fa0b5a3f191c" dependencies = [ "displaydoc", "potential_utf", + "utf8_iter", "yoke", "zerofrom", "zerovec", @@ -1251,9 +1257,9 @@ dependencies = [ [[package]] name = "icu_locale_core" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "edba7861004dd3714265b4db54a3c390e880ab658fec5f7db895fae2046b5bb6" +checksum = "92219b62b3e2b4d88ac5119f8904c10f8f61bf7e95b640d25ba3075e6cac2c29" dependencies = [ "displaydoc", "litemap", @@ -1264,9 +1270,9 @@ dependencies = [ [[package]] name = "icu_normalizer" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f6c8828b67bf8908d82127b2054ea1b4427ff0230ee9141c54251934ab1b599" +checksum = "c56e5ee99d6e3d33bd91c5d85458b6005a22140021cc324cea84dd0e72cff3b4" dependencies = [ "icu_collections", "icu_normalizer_data", @@ -1278,15 +1284,15 @@ dependencies = [ [[package]] name = "icu_normalizer_data" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7aedcccd01fc5fe81e6b489c15b247b8b0690feb23304303a9e560f37efc560a" +checksum = "da3be0ae77ea334f4da67c12f149704f19f81d1adf7c51cf482943e84a2bad38" [[package]] name = "icu_properties" -version = "2.1.2" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "020bfc02fe870ec3a66d93e677ccca0562506e5872c650f893269e08615d74ec" +checksum = "bee3b67d0ea5c2cca5003417989af8996f8604e34fb9ddf96208a033901e70de" dependencies = [ "icu_collections", "icu_locale_core", @@ -1298,15 +1304,15 @@ dependencies = [ [[package]] name = "icu_properties_data" -version = "2.1.2" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "616c294cf8d725c6afcd8f55abc17c56464ef6211f9ed59cccffe534129c77af" +checksum = "8e2bbb201e0c04f7b4b3e14382af113e17ba4f63e2c9d2ee626b720cbce54a14" [[package]] name = "icu_provider" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85962cf0ce02e1e0a629cc34e7ca3e373ce20dda4c4d7294bbd0bf1fdb59e614" +checksum = "139c4cf31c8b5f33d7e199446eff9c1e02decfc2f0eec2c8d71f65befa45b421" dependencies = [ "displaydoc", "icu_locale_core", @@ -1336,9 +1342,9 @@ dependencies = [ [[package]] name = "idna_adapter" -version = "1.2.1" +version = "1.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344" +checksum = "cb68373c0d6620ef8105e855e7745e18b0d00d3bdb07fb532e434244cdb9a714" dependencies = [ "icu_normalizer", "icu_properties", @@ -1346,12 +1352,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.13.0" +version = "2.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7714e70437a7dc3ac8eb7e6f8df75fd8eb422675fc7678aff7364301092b1017" +checksum = "d466e9454f08e4a911e14806c24e16fba1b4c121d1ea474396f396069cf949d9" dependencies = [ "equivalent", - "hashbrown", + "hashbrown 0.17.0", ] [[package]] @@ -1371,9 +1377,9 @@ checksum = "d98f6fed1fde3f8c21bc40a1abb88dd75e67924f9cffc3ef95607bad8017f8e2" [[package]] name = "iri-string" -version = "0.7.10" +version = "0.7.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c91338f0783edbd6195decb37bae672fd3b165faffb89bf7b9e6942f8b1a731a" +checksum = "25e659a4bb38e810ebc252e53b5814ff908a8c58c2a9ce2fae1bbec24cbf4e20" dependencies = [ "memchr", "serde", @@ -1396,9 +1402,9 @@ dependencies = [ [[package]] name = "itoa" -version = "1.0.17" +version = "1.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92ecc6618181def0457392ccd0ee51198e065e016d1d527a7ac1b6dc7c1f09d2" +checksum = "8f42a60cbdf9a97f5d2305f08a87dc4e09308d1276d28c869c684d7777685682" [[package]] name = "java-properties" @@ -1413,9 +1419,9 @@ dependencies = [ [[package]] name = "jiff" -version = "0.2.22" +version = "0.2.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "819b44bc7c87d9117eb522f14d46e918add69ff12713c475946b0a29363ed1c2" +checksum = "f00b5dbd620d61dfdcb6007c9c1f6054ebd75319f163d886a9055cec1155073d" dependencies = [ "jiff-static", "jiff-tzdb-platform", @@ -1428,9 +1434,9 @@ dependencies = [ [[package]] name = "jiff-static" -version = "0.2.22" +version = "0.2.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "470252db18ecc35fd766c0891b1e3ec6cbbcd62507e85276c01bf75d8e94d4a1" +checksum = "e000de030ff8022ea1da3f466fbb0f3a809f5e51ed31f6dd931c35181ad8e6d7" dependencies = [ "proc-macro2", "quote", @@ -1439,9 +1445,9 @@ dependencies = [ [[package]] name = "jiff-tzdb" -version = "0.1.5" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68971ebff725b9e2ca27a601c5eb38a4c5d64422c4cbab0c535f248087eda5c2" +checksum = "c900ef84826f1338a557697dc8fc601df9ca9af4ac137c7fb61d4c6f2dfd3076" [[package]] name = "jiff-tzdb-platform" @@ -1464,10 +1470,12 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.91" +version = "0.3.97" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b49715b7073f385ba4bc528e5747d02e66cb39c6146efb66b781f131f0fb399c" +checksum = "a1840c94c045fbcf8ba2812c95db44499f7c64910a912551aaaa541decebcacf" dependencies = [ + "cfg-if", + "futures-util", "once_cell", "wasm-bindgen", ] @@ -1509,9 +1517,9 @@ dependencies = [ [[package]] name = "k8s-openapi" -version = "0.27.0" +version = "0.27.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05a6d6f3611ad1d21732adbd7a2e921f598af6c92d71ae6e2620da4b67ee1f0d" +checksum = "51b326f5219dd55872a72c1b6ddd1b830b8334996c667449c29391d657d78d5e" dependencies = [ "base64", "jiff", @@ -1530,6 +1538,21 @@ dependencies = [ "snafu 0.9.0", ] +[[package]] +name = "konst" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "128133ed7824fcd73d6e7b17957c5eb7bacb885649bd8c69708b2331a10bcefb" +dependencies = [ + "konst_macro_rules", +] + +[[package]] +name = "konst_macro_rules" +version = "0.2.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4933f3f57a8e9d9da04db23fb153356ecaf00cbd14aee46279c33dc80925c37" + [[package]] name = "kube" version = "3.1.0" @@ -1623,7 +1646,7 @@ dependencies = [ "backon", "educe", "futures 0.3.32", - "hashbrown", + "hashbrown 0.16.1", "hostname", "json-patch", "k8s-openapi", @@ -1649,9 +1672,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.182" +version = "0.2.186" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6800badb6cb2082ffd7b6a67e6125bb39f18782f793520caee8cb8846be06112" +checksum = "68ab91017fe16c622486840e4c83c9a37afeff978bd239b5293d61ece587de66" [[package]] name = "libgit2-sys" @@ -1673,9 +1696,9 @@ checksum = "b6d2cec3eae94f9f509c767b45932f1ada8350c4bdb85af2fcab4a3c14807981" [[package]] name = "libz-sys" -version = "1.1.24" +version = "1.1.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4735e9cbde5aac84a5ce588f6b23a90b9b0b528f6c5a8db8a4aff300463a0839" +checksum = "fc3a226e576f50782b3305c5ccf458698f92798987f551c6a02efe8276721e22" dependencies = [ "cc", "libc", @@ -1685,9 +1708,9 @@ dependencies = [ [[package]] name = "litemap" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6373607a59f0be73a39b6fe456b8192fcc3585f602af20751600e974dd455e77" +checksum = "92daf443525c4cce67b150400bc2316076100ce0b3686209eb8cf3c31612e6f0" [[package]] name = "lock_api" @@ -1743,9 +1766,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a69bcab0ad47271a0234d9422b131806bf3968021e5dc9328caf2d4cd58557fc" +checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1" dependencies = [ "libc", "wasi", @@ -1772,16 +1795,16 @@ dependencies = [ "num-integer", "num-iter", "num-traits", - "rand 0.8.5", + "rand 0.8.6", "smallvec", "zeroize", ] [[package]] name = "num-conv" -version = "0.2.0" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf97ec579c3c42f953ef76dbf8d55ac91fb219dde70e49aa4a6b7d74e9919050" +checksum = "c6673768db2d862beb9b39a78fdcb1a69439615d5794a1be50caa9bc92c81967" [[package]] name = "num-integer" @@ -1815,9 +1838,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.21.3" +version = "1.21.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" +checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50" [[package]] name = "once_cell_polyfill" @@ -1872,9 +1895,9 @@ dependencies = [ [[package]] name = "opentelemetry-otlp" -version = "0.31.0" +version = "0.31.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a2366db2dca4d2ad033cad11e6ee42844fd727007af5ad04a1730f4cb8163bf" +checksum = "1f69cd6acbb9af919df949cd1ec9e5e7fdc2ef15d234b6b795aaa525cc02f71f" dependencies = [ "http", "opentelemetry", @@ -1919,7 +1942,7 @@ dependencies = [ "futures-util", "opentelemetry", "percent-encoding", - "rand 0.9.2", + "rand 0.9.4", "thiserror 2.0.18", "tokio", "tokio-stream", @@ -2045,18 +2068,18 @@ dependencies = [ [[package]] name = "pin-project" -version = "1.1.11" +version = "1.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1749c7ed4bcaf4c3d0a3efc28538844fb29bcdd7d2b67b2be7e20ba861ff517" +checksum = "cbf0d9e68100b3a7989b4901972f265cd542e560a3a8a724e1e20322f4d06ce9" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.11" +version = "1.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9b20ed30f105399776b9c883e68e536ef602a16ae6f596d2c473591d6ad64c6" +checksum = "a990e22f43e84855daf260dded30524ef4a9021cc7541c26540500a50b624389" dependencies = [ "proc-macro2", "quote", @@ -2069,12 +2092,6 @@ version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a89322df9ebe1c1578d689c92318e070967d1042b512afbe49518723f4e6d5cd" -[[package]] -name = "pin-utils" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" - [[package]] name = "pkcs1" version = "0.7.5" @@ -2098,9 +2115,9 @@ dependencies = [ [[package]] name = "pkg-config" -version = "0.3.32" +version = "0.3.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c" +checksum = "19f132c84eca552bf34cab8ec81f1c1dcc229b811638f9d283dceabe58c5569e" [[package]] name = "portable-atomic" @@ -2110,18 +2127,18 @@ checksum = "c33a9471896f1c69cecef8d20cbe2f7accd12527ce60845ff44c153bb2a21b49" [[package]] name = "portable-atomic-util" -version = "0.2.5" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a9db96d7fa8782dd8c15ce32ffe8680bbd1e978a43bf51a34d39483540495f5" +checksum = "c2a106d1259c23fac8e543272398ae0e3c0b8d33c88ed73d0cc71b0f1d902618" dependencies = [ "portable-atomic", ] [[package]] name = "potential_utf" -version = "0.1.4" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b73949432f5e2a09657003c25bca5e19a0e9c84f8058ca374f49e0ebe605af77" +checksum = "0103b1cef7ec0cf76490e969665504990193874ea05c85ff9bab8b911d0a0564" dependencies = [ "zerovec", ] @@ -2162,9 +2179,9 @@ dependencies = [ [[package]] name = "proc-macro-crate" -version = "3.4.0" +version = "3.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "219cb19e96be00ab2e37d6e299658a0cfa83e52429179969b0f0121b4ac46983" +checksum = "e67ba7e9b2b56446f1d419b1d807906278ffa1a658a8a5d8a39dcb1f5a78614f" dependencies = [ "toml_edit", ] @@ -2219,9 +2236,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.44" +version = "1.0.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4" +checksum = "41f2619966050689382d2b44f664f4bc593e129785a36d6ee376ddf37259b924" dependencies = [ "proc-macro2", ] @@ -2234,9 +2251,9 @@ checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" [[package]] name = "rand" -version = "0.8.5" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a" dependencies = [ "rand_chacha 0.3.1", "rand_core 0.6.4", @@ -2244,9 +2261,9 @@ dependencies = [ [[package]] name = "rand" -version = "0.9.2" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1" +checksum = "44c5af06bb1b7d3216d91932aed5265164bf384dc89cd6ba05cf59a35f5f76ea" dependencies = [ "rand_chacha 0.9.0", "rand_core 0.9.5", @@ -2473,9 +2490,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.37" +version = "0.23.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "758025cb5fccfd3bc2fd74708fd4682be41d99e5dff73c377c0646c6012c73a4" +checksum = "ef86cd5876211988985292b91c96a8f2d298df24e75989a43a3c73f2d4d8168b" dependencies = [ "log", "once_cell", @@ -2500,9 +2517,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.14.0" +version = "1.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be040f8b0a225e40375822a563fa9524378b9d63112f53e19ffff34df5d33fdd" +checksum = "30a7197ae7eb376e574fe940d068c30fe0462554a3ddbe4eca7838e049c937a9" dependencies = [ "zeroize", ] @@ -2532,9 +2549,9 @@ checksum = "9774ba4a74de5f7b1c1451ed6cd5285a32eddb5cccb8cc655a4e50009e06477f" [[package]] name = "schannel" -version = "0.1.28" +version = "0.1.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "891d81b926048e76efe18581bf793546b4c0eaf8448d72be8de2bbee5fd166e1" +checksum = "91c1b7e4904c873ef0710c1f407dde2e6287de2bebc1bbbf7d430bb7cbffd939" dependencies = [ "windows-sys 0.61.2", ] @@ -2619,9 +2636,9 @@ dependencies = [ [[package]] name = "semver" -version = "1.0.27" +version = "1.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2" +checksum = "8a7852d02fc848982e0c167ef163aaff9cd91dc640ba85e263cb1ce46fae51cd" [[package]] name = "serde" @@ -2782,9 +2799,9 @@ dependencies = [ [[package]] name = "simd-adler32" -version = "0.3.8" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e320a6c5ad31d271ad523dcf3ad13e2767ad8b1cb8f047f75a8aeaf8da139da2" +checksum = "703d5c7ef118737c72f1af64ad2f6f8c5e1921f818cdcb97b8fe6fc69bf66214" [[package]] name = "slab" @@ -2865,12 +2882,12 @@ dependencies = [ [[package]] name = "socket2" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86f4aa3ad99f2088c990dfa82d367e19cb29268ed67c574d10d0a4bfe71f07e0" +checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e" dependencies = [ "libc", - "windows-sys 0.60.2", + "windows-sys 0.61.2", ] [[package]] @@ -2905,7 +2922,7 @@ dependencies = [ "k8s-openapi", "kube", "p256", - "rand 0.9.2", + "rand 0.9.4", "rand_core 0.6.4", "rsa", "sha2", @@ -2926,7 +2943,6 @@ dependencies = [ "built", "clap", "futures 0.3.32", - "json-patch", "pretty_assertions", "regex", "rstest", @@ -2961,7 +2977,7 @@ dependencies = [ "k8s-openapi", "kube", "product-config", - "rand 0.9.2", + "rand 0.9.4", "regex", "schemars", "semver", @@ -3081,7 +3097,7 @@ dependencies = [ "kube", "opentelemetry", "opentelemetry-semantic-conventions", - "rand 0.9.2", + "rand 0.9.4", "serde", "serde_json", "snafu 0.9.0", @@ -3130,6 +3146,12 @@ version = "2.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" +[[package]] +name = "symlink" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7973cce6668464ea31f176d85b13c7ab3bba2cb3b77a2ed26abd7801688010a" + [[package]] name = "syn" version = "1.0.109" @@ -3254,9 +3276,9 @@ dependencies = [ [[package]] name = "tinystr" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42d3e9c45c09de15d06dd8acf5f4e0e399e85927b7f00711024eb7ae10fa4869" +checksum = "c8323304221c2a851516f22236c5722a72eaa19749016521d6dff0824447d96d" dependencies = [ "displaydoc", "zerovec", @@ -3285,9 +3307,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.50.0" +version = "1.52.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27ad5e34374e03cfffefc301becb44e9dc3c17584f414349ebe29ed26661822d" +checksum = "110a78583f19d5cdb2c5ccf321d1290344e71313c6c37d43520d386027d18386" dependencies = [ "bytes", "libc", @@ -3302,9 +3324,9 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "2.6.1" +version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c55a2eff8b69ce66c84f85e1da1c233edc36ceb85a2058d11b0d6a3c7e7569c" +checksum = "385a6cb71ab9ab790c5fe8d67f1645e6c450a7ce006a33de03daa956cf70a496" dependencies = [ "proc-macro2", "quote", @@ -3348,18 +3370,18 @@ dependencies = [ [[package]] name = "toml_datetime" -version = "0.7.5+spec-1.1.0" +version = "1.1.1+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92e1cfed4a3038bc5a127e35a2d360f145e1f4b971b551a2ba5fd7aedf7e1347" +checksum = "3165f65f62e28e0115a00b2ebdd37eb6f3b641855f9d636d3cd4103767159ad7" dependencies = [ "serde_core", ] [[package]] name = "toml_edit" -version = "0.23.10+spec-1.0.0" +version = "0.25.11+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84c8b9f757e028cee9fa244aea147aab2a9ec09d5325a9b01e0a49730c2b5269" +checksum = "0b59c4d22ed448339746c59b905d24568fcbb3ab65a500494f7b8c3e97739f2b" dependencies = [ "indexmap", "toml_datetime", @@ -3369,9 +3391,9 @@ dependencies = [ [[package]] name = "toml_parser" -version = "1.0.9+spec-1.1.0" +version = "1.1.2+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "702d4415e08923e7e1ef96cd5727c0dfed80b4d2fa25db9647fe5eb6f7c5a4c4" +checksum = "a2abe9b86193656635d2411dc43050282ca48aa31c2451210f4202550afb7526" dependencies = [ "winnow", ] @@ -3480,11 +3502,12 @@ dependencies = [ [[package]] name = "tracing-appender" -version = "0.2.4" +version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "786d480bce6247ab75f005b14ae1624ad978d3029d9113f0a22fa1ac773faeaf" +checksum = "050686193eb999b4bb3bc2acfa891a13da00f79734704c4b8b4ef1a10b368a3c" dependencies = [ "crossbeam-channel", + "symlink", "thiserror 2.0.18", "time", "tracing-subscriber", @@ -3550,9 +3573,9 @@ dependencies = [ [[package]] name = "tracing-subscriber" -version = "0.3.22" +version = "0.3.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f30143827ddab0d256fd843b7a66d164e9f271cfa0dde49142c5ca0ca291f1e" +checksum = "cb7f578e5945fb242538965c2d0b04418d38ec25c79d160cd279bf0731c8d319" dependencies = [ "matchers", "nu-ansi-term", @@ -3577,9 +3600,9 @@ checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" [[package]] name = "typenum" -version = "1.19.0" +version = "1.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "562d481066bde0658276a35467c4af00bdc6ee726305698a55b86e61d7ad82bb" +checksum = "40ce102ab67701b8526c123c1bab5cbe42d7040ccfd0f64af1a385808d2f43de" [[package]] name = "ucd-trie" @@ -3595,9 +3618,9 @@ checksum = "e6e4313cd5fcd3dad5cafa179702e2b244f760991f45397d14d4ebf38247da75" [[package]] name = "unicode-segmentation" -version = "1.12.0" +version = "1.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6ccf251212114b54433ec949fd6a7841275f9ada20dddd2f29e9ceea4501493" +checksum = "9629274872b2bfaf8d66f5f15725007f635594914870f65218920345aa11aa8c" [[package]] name = "unicode-xid" @@ -3644,9 +3667,9 @@ checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" [[package]] name = "uuid" -version = "1.21.0" +version = "1.23.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b672338555252d43fd2240c714dc444b8c6fb0a5c5335e65a07bba7742735ddb" +checksum = "ddd74a9687298c6858e9b88ec8935ec45d22e8fd5e6394fa1bd4e99a87789c76" dependencies = [ "js-sys", "wasm-bindgen", @@ -3687,18 +3710,18 @@ checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b" [[package]] name = "wasip2" -version = "1.0.2+wasi-0.2.9" +version = "1.0.3+wasi-0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9517f9239f02c069db75e65f174b3da828fe5f5b945c4dd26bd25d89c03ebcf5" +checksum = "20064672db26d7cdc89c7798c48a0fdfac8213434a1186e5ef29fd560ae223d6" dependencies = [ "wit-bindgen", ] [[package]] name = "wasm-bindgen" -version = "0.2.114" +version = "0.2.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6532f9a5c1ece3798cb1c2cfdba640b9b3ba884f5db45973a6f442510a87d38e" +checksum = "df52b6d9b87e0c74c9edfa1eb2d9bf85e5d63515474513aa50fa181b3c4f5db1" dependencies = [ "cfg-if", "once_cell", @@ -3709,23 +3732,19 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.64" +version = "0.4.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e9c5522b3a28661442748e09d40924dfb9ca614b21c00d3fd135720e48b67db8" +checksum = "af934872acec734c2d80e6617bbb5ff4f12b052dd8e6332b0817bce889516084" dependencies = [ - "cfg-if", - "futures-util", "js-sys", - "once_cell", "wasm-bindgen", - "web-sys", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.114" +version = "0.2.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18a2d50fcf105fb33bb15f00e7a77b772945a2ee45dcf454961fd843e74c18e6" +checksum = "78b1041f495fb322e64aca85f5756b2172e35cd459376e67f2a6c9dffcedb103" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -3733,9 +3752,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.114" +version = "0.2.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03ce4caeaac547cdf713d280eda22a730824dd11e6b8c3ca9e42247b25c631e3" +checksum = "9dcd0ff20416988a18ac686d4d4d0f6aae9ebf08a389ff5d29012b05af2a1b41" dependencies = [ "bumpalo", "proc-macro2", @@ -3746,18 +3765,18 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.114" +version = "0.2.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75a326b8c223ee17883a4251907455a2431acc2791c98c26279376490c378c16" +checksum = "49757b3c82ebf16c57d69365a142940b384176c24df52a087fb748e2085359ea" dependencies = [ "unicode-ident", ] [[package]] name = "web-sys" -version = "0.3.91" +version = "0.3.97" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854ba17bb104abfb26ba36da9729addc7ce7f06f5c0f90f3c391f8461cca21f9" +checksum = "2eadbac71025cd7b0834f20d1fe8472e8495821b4e9801eb0a60bd1f19827602" dependencies = [ "js-sys", "wasm-bindgen", @@ -3838,16 +3857,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.6", -] - -[[package]] -name = "windows-sys" -version = "0.60.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" -dependencies = [ - "windows-targets 0.53.5", + "windows-targets", ] [[package]] @@ -3865,31 +3875,14 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" dependencies = [ - "windows_aarch64_gnullvm 0.52.6", - "windows_aarch64_msvc 0.52.6", - "windows_i686_gnu 0.52.6", - "windows_i686_gnullvm 0.52.6", - "windows_i686_msvc 0.52.6", - "windows_x86_64_gnu 0.52.6", - "windows_x86_64_gnullvm 0.52.6", - "windows_x86_64_msvc 0.52.6", -] - -[[package]] -name = "windows-targets" -version = "0.53.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4945f9f551b88e0d65f3db0bc25c33b8acea4d9e41163edf90dcd0b19f9069f3" -dependencies = [ - "windows-link", - "windows_aarch64_gnullvm 0.53.1", - "windows_aarch64_msvc 0.53.1", - "windows_i686_gnu 0.53.1", - "windows_i686_gnullvm 0.53.1", - "windows_i686_msvc 0.53.1", - "windows_x86_64_gnu 0.53.1", - "windows_x86_64_gnullvm 0.53.1", - "windows_x86_64_msvc 0.53.1", + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_gnullvm", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", ] [[package]] @@ -3898,116 +3891,68 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" -[[package]] -name = "windows_aarch64_gnullvm" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a9d8416fa8b42f5c947f8482c43e7d89e73a173cead56d044f6a56104a6d1b53" - [[package]] name = "windows_aarch64_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" -[[package]] -name = "windows_aarch64_msvc" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9d782e804c2f632e395708e99a94275910eb9100b2114651e04744e9b125006" - [[package]] name = "windows_i686_gnu" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" -[[package]] -name = "windows_i686_gnu" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "960e6da069d81e09becb0ca57a65220ddff016ff2d6af6a223cf372a506593a3" - [[package]] name = "windows_i686_gnullvm" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" -[[package]] -name = "windows_i686_gnullvm" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa7359d10048f68ab8b09fa71c3daccfb0e9b559aed648a8f95469c27057180c" - [[package]] name = "windows_i686_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" -[[package]] -name = "windows_i686_msvc" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e7ac75179f18232fe9c285163565a57ef8d3c89254a30685b57d83a38d326c2" - [[package]] name = "windows_x86_64_gnu" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" -[[package]] -name = "windows_x86_64_gnu" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c3842cdd74a865a8066ab39c8a7a473c0778a3f29370b5fd6b4b9aa7df4a499" - [[package]] name = "windows_x86_64_gnullvm" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" -[[package]] -name = "windows_x86_64_gnullvm" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ffa179e2d07eee8ad8f57493436566c7cc30ac536a3379fdf008f47f6bb7ae1" - [[package]] name = "windows_x86_64_msvc" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" -[[package]] -name = "windows_x86_64_msvc" -version = "0.53.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650" - [[package]] name = "winnow" -version = "0.7.14" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a5364e9d77fcdeeaa6062ced926ee3381faa2ee02d3eb83a5c27a8825540829" +checksum = "2ee1708bef14716a11bae175f579062d4554d95be2c6829f518df847b7b3fdd0" dependencies = [ "memchr", ] [[package]] name = "wit-bindgen" -version = "0.51.0" +version = "0.57.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7249219f66ced02969388cf2bb044a09756a083d0fab1e566056b04d9fbcaa5" +checksum = "1ebf944e87a7c253233ad6766e082e3cd714b5d03812acc24c318f549614536e" [[package]] name = "writeable" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9edde0db4769d2dc68579893f2306b26c6ecfbe0ef499b013d731b7b9247e0b9" +checksum = "1ffae5123b2d3fc086436f8834ae3ab053a283cfac8fe0a0b8eaae044768a4c4" [[package]] name = "x509-cert" @@ -4037,9 +3982,9 @@ checksum = "cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049" [[package]] name = "yoke" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72d6e5c6afb84d73944e5cedb052c4680d5657337201555f9f2a16b7406d4954" +checksum = "abe8c5fda708d9ca3df187cae8bfb9ceda00dd96231bed36e445a1a48e66f9ca" dependencies = [ "stable_deref_trait", "yoke-derive", @@ -4048,9 +3993,9 @@ dependencies = [ [[package]] name = "yoke-derive" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b659052874eb698efe5b9e8cf382204678a0086ebf46982b79d6ca3182927e5d" +checksum = "de844c262c8848816172cef550288e7dc6c7b7814b4ee56b3e1553f275f1858e" dependencies = [ "proc-macro2", "quote", @@ -4060,18 +4005,18 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.8.40" +version = "0.8.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a789c6e490b576db9f7e6b6d661bcc9799f7c0ac8352f56ea20193b2681532e5" +checksum = "eed437bf9d6692032087e337407a86f04cd8d6a16a37199ed57949d415bd68e9" dependencies = [ "zerocopy-derive", ] [[package]] name = "zerocopy-derive" -version = "0.8.40" +version = "0.8.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f65c489a7071a749c849713807783f70672b28094011623e200cb86dcb835953" +checksum = "70e3cd084b1788766f53af483dd21f93881ff30d7320490ec3ef7526d203bad4" dependencies = [ "proc-macro2", "quote", @@ -4080,18 +4025,18 @@ dependencies = [ [[package]] name = "zerofrom" -version = "0.1.6" +version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5" +checksum = "69faa1f2a1ea75661980b013019ed6687ed0e83d069bc1114e2cc74c6c04c4df" dependencies = [ "zerofrom-derive", ] [[package]] name = "zerofrom-derive" -version = "0.1.6" +version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" +checksum = "11532158c46691caf0f2593ea8358fed6bbf68a0315e80aae9bd41fbade684a1" dependencies = [ "proc-macro2", "quote", @@ -4121,9 +4066,9 @@ dependencies = [ [[package]] name = "zerotrie" -version = "0.2.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a59c17a5562d507e4b54960e8569ebee33bee890c70aa3fe7b97e85a9fd7851" +checksum = "0f9152d31db0792fa83f70fb2f83148effb5c1f5b8c7686c3459e361d9bc20bf" dependencies = [ "displaydoc", "yoke", @@ -4132,9 +4077,9 @@ dependencies = [ [[package]] name = "zerovec" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c28719294829477f525be0186d13efa9a3c602f7ec202ca9e353d310fb9a002" +checksum = "90f911cbc359ab6af17377d242225f4d75119aec87ea711a880987b18cd7b239" dependencies = [ "yoke", "zerofrom", @@ -4143,9 +4088,9 @@ dependencies = [ [[package]] name = "zerovec-derive" -version = "0.11.2" +version = "0.11.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eadce39539ca5cb3985590102671f2567e659fca9666581ad3411d59207951f3" +checksum = "625dc425cab0dca6dc3c3319506e6593dcb08a9f387ea3b284dbd52a92c40555" dependencies = [ "proc-macro2", "quote", diff --git a/Cargo.nix b/Cargo.nix index 382f304..7c6079d 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -216,9 +216,9 @@ rec { }; "anstream" = rec { crateName = "anstream"; - version = "0.6.21"; + version = "1.0.0"; edition = "2021"; - sha256 = "0jjgixms4qjj58dzr846h2s29p8w7ynwr9b9x6246m1pwy0v5ma3"; + sha256 = "13d2bj0xfg012s4rmq44zc8zgy1q8k9yp7yhvfnarscnmwpj2jl2"; dependencies = [ { name = "anstyle"; @@ -261,9 +261,9 @@ rec { }; "anstyle" = rec { crateName = "anstyle"; - version = "1.0.13"; + version = "1.0.14"; edition = "2021"; - sha256 = "0y2ynjqajpny6q0amvfzzgw0gfw3l47z85km4gvx87vg02lcr4ji"; + sha256 = "0030szmgj51fxkic1hpakxxgappxzwm6m154a3gfml83lq63l2wl"; features = { "default" = [ "std" ]; }; @@ -271,9 +271,9 @@ rec { }; "anstyle-parse" = rec { crateName = "anstyle-parse"; - version = "0.2.7"; + version = "1.0.0"; edition = "2021"; - sha256 = "1hhmkkfr95d462b3zf6yl2vfzdqfy5726ya572wwg8ha9y148xjf"; + sha256 = "03hkv2690s0crssbnmfkr76kw1k7ah2i6s5amdy9yca2n8w7zkjj"; libName = "anstyle_parse"; dependencies = [ { @@ -345,9 +345,9 @@ rec { }; "arc-swap" = rec { crateName = "arc-swap"; - version = "1.8.2"; + version = "1.9.1"; edition = "2018"; - sha256 = "19aas8y3kz0v6jr6yijvw6cad9grpl3lw1a25k0cws2m2iy69wzr"; + sha256 = "01xjlahcya8igdalxmda375lnlhjqwjz0cdqhy0bc1jkyzb1yfka"; libName = "arc_swap"; authors = [ "Michal 'vorner' Vaner " @@ -499,9 +499,9 @@ rec { }; "axum" = rec { crateName = "axum"; - version = "0.8.8"; + version = "0.8.9"; edition = "2021"; - sha256 = "1f4p0m04mgwpn8b40i9r5mgqxk6w11sv4yri6xfqk305nhyayllb"; + sha256 = "146df5x8dhczm1sp939gr3839220wl6rxc1k65bzc450z72ridii"; dependencies = [ { name = "axum-core"; @@ -866,9 +866,9 @@ rec { }; "bitflags" = rec { crateName = "bitflags"; - version = "2.11.0"; + version = "2.11.1"; edition = "2021"; - sha256 = "1bwjibwry5nfwsfm9kjg2dqx5n5nja9xymwbfl6svnn8jsz6ff44"; + sha256 = "1cvqijg3rvwgis20a66vfdxannjsxfy5fgjqkaq3l13gyfcj4lf4"; authors = [ "The Rust Project Developers" ]; @@ -961,9 +961,9 @@ rec { }; "cc" = rec { crateName = "cc"; - version = "1.2.56"; + version = "1.2.61"; edition = "2018"; - sha256 = "1chvh9g2izhqad7vzy4cc7xpdljdvqpsr6x6hv1hmyqv3mlkbgxf"; + sha256 = "0vawvnrrsmi8dygavq3wx085cmlp10sp3fhld5842rlqkqsr0vfi"; authors = [ "Alex Crichton " ]; @@ -1060,10 +1060,10 @@ rec { }; "clap" = rec { crateName = "clap"; - version = "4.5.60"; - edition = "2021"; + version = "4.6.1"; + edition = "2024"; crateBin = []; - sha256 = "02h3nzznssjgp815nnbzk0r62y2iw03kdli75c233kirld6z75r7"; + sha256 = "0lcf88l7vlg796rrqr7wipbbmfa5sgsgx4211b7xmxxv8dz13nqx"; dependencies = [ { name = "clap_builder"; @@ -1102,9 +1102,9 @@ rec { }; "clap_builder" = rec { crateName = "clap_builder"; - version = "4.5.60"; - edition = "2021"; - sha256 = "0xk8mdizvmmn6w5ij5cwhy5pbgyac4w9pfvl6nqmjl7a5hql38i4"; + version = "4.6.0"; + edition = "2024"; + sha256 = "17q6np22yxhh5y5v53y4l31ps3hlaz45mvz2n2nicr7n3c056jki"; dependencies = [ { name = "anstream"; @@ -1141,9 +1141,9 @@ rec { }; "clap_derive" = rec { crateName = "clap_derive"; - version = "4.5.55"; - edition = "2021"; - sha256 = "1r949xis3jmhzh387smd70vc8a3b9734ck3g5ahg59a63bd969x9"; + version = "4.6.1"; + edition = "2024"; + sha256 = "1acpz49hi00iv9jkapixjzcv7s51x8qkfaqscjm36rqgf428dkpj"; procMacro = true; dependencies = [ { @@ -1173,16 +1173,16 @@ rec { }; "clap_lex" = rec { crateName = "clap_lex"; - version = "1.0.0"; - edition = "2021"; - sha256 = "0c8888qi1l9sayqlv666h8s0yxn2qc6jr88v1zagk43mpjjjx0is"; + version = "1.1.0"; + edition = "2024"; + sha256 = "1ycqkpygnlqnndghhcxjb44lzl0nmgsia64x9581030yifxs7m68"; }; "colorchoice" = rec { crateName = "colorchoice"; - version = "1.0.4"; + version = "1.0.5"; edition = "2021"; - sha256 = "0x8ymkz1xr77rcj1cfanhf416pc4v681gmkc9dzb3jqja7f62nxh"; + sha256 = "0w75k89hw39p0mnnhlrwr23q50rza1yjki44qvh2mgrnj065a1qx"; }; "concurrent-queue" = rec { @@ -1226,9 +1226,9 @@ rec { }; "const_format" = rec { crateName = "const_format"; - version = "0.2.35"; + version = "0.2.36"; edition = "2021"; - sha256 = "1b9h03z3k76ail1ldqxcqmsc4raa7dwgwwqwrjf6wmism5lp9akz"; + sha256 = "07ncczs8yndga2f8p4386c827l4fxwzl0pbwp7ijnhcsmlbsd0a4"; authors = [ "rodrimati1992 " ]; @@ -1237,6 +1237,12 @@ rec { name = "const_format_proc_macros"; packageId = "const_format_proc_macros"; } + { + name = "konst"; + packageId = "konst"; + usesDefaultFeatures = false; + features = [ "rust_1_64" ]; + } ]; features = { "__debug" = [ "const_format_proc_macros/debug" ]; @@ -1250,10 +1256,9 @@ rec { "constant_time_as_str" = [ "fmt" ]; "derive" = [ "fmt" "const_format_proc_macros/derive" ]; "fmt" = [ "rust_1_83" ]; - "konst" = [ "dep:konst" ]; "more_str_macros" = [ "rust_1_64" ]; "nightly_const_generics" = [ "const_generics" ]; - "rust_1_64" = [ "rust_1_51" "konst" "konst/rust_1_64" ]; + "rust_1_64" = [ "rust_1_51" ]; "rust_1_83" = [ "rust_1_64" ]; }; resolvedDefaultFeatures = [ "default" ]; @@ -2462,9 +2467,9 @@ rec { }; "fastrand" = rec { crateName = "fastrand"; - version = "2.3.0"; + version = "2.4.1"; edition = "2018"; - sha256 = "1ghiahsw1jd68df895cy5h3gzwk30hndidn3b682zmshpgmrx41p"; + sha256 = "1mnqxxnxvd69ma9mczabpbbsgwlhd6l78yv3vd681453a9s247wz"; authors = [ "Stjepan Glavina " ]; @@ -3219,9 +3224,9 @@ rec { }; "h2" = rec { crateName = "h2"; - version = "0.4.13"; + version = "0.4.14"; edition = "2021"; - sha256 = "0m6w5gg0n0m1m5915bxrv8n4rlazhx5icknkslz719jhh4xdli1g"; + sha256 = "0cw7jk7kn2vn6f8w8ssh6gis1mljnfjxd606gvi4sjpyjayfy7qp"; authors = [ "Carl Lerche " "Sean McArthur " @@ -3289,7 +3294,7 @@ rec { features = { }; }; - "hashbrown" = rec { + "hashbrown 0.16.1" = rec { crateName = "hashbrown"; version = "0.16.1"; edition = "2021"; @@ -3332,6 +3337,27 @@ rec { }; resolvedDefaultFeatures = [ "allocator-api2" "default" "default-hasher" "equivalent" "inline-more" "raw-entry" ]; }; + "hashbrown 0.17.0" = rec { + crateName = "hashbrown"; + version = "0.17.0"; + edition = "2024"; + sha256 = "0l8gvcz80lvinb7x22h53cqbi2y1fm603y2jhhh9qwygvkb7sijg"; + authors = [ + "Amanieu d'Antras " + ]; + features = { + "alloc" = [ "dep:alloc" ]; + "allocator-api2" = [ "dep:allocator-api2" ]; + "core" = [ "dep:core" ]; + "default" = [ "default-hasher" "inline-more" "allocator-api2" "equivalent" "raw-entry" ]; + "default-hasher" = [ "dep:foldhash" ]; + "equivalent" = [ "dep:equivalent" ]; + "nightly" = [ "foldhash?/nightly" "bumpalo/allocator_api" ]; + "rayon" = [ "dep:rayon" ]; + "rustc-dep-of-std" = [ "nightly" "core" "alloc" "rustc-internal-api" ]; + "serde" = [ "dep:serde_core" "dep:serde" ]; + }; + }; "heck" = rec { crateName = "heck"; version = "0.5.0"; @@ -3512,9 +3538,9 @@ rec { }; "hyper" = rec { crateName = "hyper"; - version = "1.8.1"; + version = "1.9.0"; edition = "2021"; - sha256 = "04cxr8j5y86bhxxlyqb8xkxjskpajk7cxwfzzk4v3my3a3rd9cia"; + sha256 = "1jmwbwqcaficskg76kq402gbymbnh2z4v99xwq3l5aa6n8bg16b2"; authors = [ "Sean McArthur " ]; @@ -3571,11 +3597,6 @@ rec { packageId = "pin-project-lite"; optional = true; } - { - name = "pin-utils"; - packageId = "pin-utils"; - optional = true; - } { name = "smallvec"; packageId = "smallvec"; @@ -3613,7 +3634,7 @@ rec { "client" = [ "dep:want" "dep:pin-project-lite" "dep:smallvec" ]; "ffi" = [ "dep:http-body-util" "dep:futures-util" ]; "full" = [ "client" "http1" "http2" "server" ]; - "http1" = [ "dep:atomic-waker" "dep:futures-channel" "dep:futures-core" "dep:httparse" "dep:itoa" "dep:pin-utils" ]; + "http1" = [ "dep:atomic-waker" "dep:futures-channel" "dep:futures-core" "dep:httparse" "dep:itoa" ]; "http2" = [ "dep:futures-channel" "dep:futures-core" "dep:h2" ]; "server" = [ "dep:httpdate" "dep:pin-project-lite" "dep:smallvec" ]; "tracing" = [ "dep:tracing" ]; @@ -3622,9 +3643,9 @@ rec { }; "hyper-rustls" = rec { crateName = "hyper-rustls"; - version = "0.27.7"; + version = "0.27.9"; edition = "2021"; - sha256 = "0n6g8998szbzhnvcs1b7ibn745grxiqmlpg53xz206v826v3xjg3"; + sha256 = "03vfnsm873wsp1dk0q85nxvk7w6syp8c2m5bcdjcyfgg4786ijik"; libName = "hyper_rustls"; dependencies = [ { @@ -3657,11 +3678,6 @@ rec { packageId = "rustls-native-certs"; optional = true; } - { - name = "rustls-pki-types"; - packageId = "rustls-pki-types"; - rename = "pki-types"; - } { name = "tokio"; packageId = "tokio"; @@ -3961,9 +3977,9 @@ rec { }; "icu_collections" = rec { crateName = "icu_collections"; - version = "2.1.1"; + version = "2.2.0"; edition = "2021"; - sha256 = "0hsblchsdl64q21qwrs4hvc2672jrf466zivbj1bwyv606bn8ssc"; + sha256 = "070r7xd0pynm0hnc1v2jzlbxka6wf50f81wybf9xg0y82v6x3119"; authors = [ "The ICU4X Project Developers" ]; @@ -3979,6 +3995,11 @@ rec { usesDefaultFeatures = false; features = [ "zerovec" ]; } + { + name = "utf8_iter"; + packageId = "utf8_iter"; + usesDefaultFeatures = false; + } { name = "yoke"; packageId = "yoke"; @@ -4006,9 +4027,9 @@ rec { }; "icu_locale_core" = rec { crateName = "icu_locale_core"; - version = "2.1.1"; + version = "2.2.0"; edition = "2021"; - sha256 = "1djvdc2f5ylmp1ymzv4gcnmq1s4hqfim9nxlcm173lsd01hpifpd"; + sha256 = "0a9cmin5w1x3bg941dlmgszn33qgq428k7qiqn5did72ndi9n8cj"; authors = [ "The ICU4X Project Developers" ]; @@ -4040,6 +4061,14 @@ rec { usesDefaultFeatures = false; } ]; + devDependencies = [ + { + name = "litemap"; + packageId = "litemap"; + usesDefaultFeatures = false; + features = [ "testing" ]; + } + ]; features = { "alloc" = [ "litemap/alloc" "tinystr/alloc" "writeable/alloc" "serde?/alloc" ]; "databake" = [ "dep:databake" "alloc" ]; @@ -4050,9 +4079,9 @@ rec { }; "icu_normalizer" = rec { crateName = "icu_normalizer"; - version = "2.1.1"; + version = "2.2.0"; edition = "2021"; - sha256 = "16dmn5596la2qm0r3vih0bzjfi0vx9a20yqjha6r1y3vnql8hv2z"; + sha256 = "1d7krxr0xpc4x9635k1100a24nh0nrc59n65j6yk6gbfkplmwvn5"; authors = [ "The ICU4X Project Developers" ]; @@ -4094,6 +4123,7 @@ rec { "compiled_data" = [ "dep:icu_normalizer_data" "icu_properties?/compiled_data" "icu_provider/baked" ]; "datagen" = [ "serde" "dep:databake" "icu_properties" "icu_collections/databake" "zerovec/databake" "icu_properties?/datagen" "icu_provider/export" ]; "default" = [ "compiled_data" "utf8_iter" "utf16_iter" ]; + "harfbuzz_traits" = [ "dep:harfbuzz-traits" ]; "icu_properties" = [ "dep:icu_properties" ]; "serde" = [ "dep:serde" "icu_collections/serde" "zerovec/serde" "icu_properties?/serde" "icu_provider/serde" ]; "utf16_iter" = [ "dep:utf16_iter" "dep:write16" ]; @@ -4103,9 +4133,9 @@ rec { }; "icu_normalizer_data" = rec { crateName = "icu_normalizer_data"; - version = "2.1.1"; + version = "2.2.0"; edition = "2021"; - sha256 = "02jnzizg6q75m41l6c13xc7nkc5q8yr1b728dcgfhpzw076wrvbs"; + sha256 = "0f5d5d5fhhr9937m2z6z38fzh6agf14z24kwlr6lyczafypf0fys"; authors = [ "The ICU4X Project Developers" ]; @@ -4113,9 +4143,9 @@ rec { }; "icu_properties" = rec { crateName = "icu_properties"; - version = "2.1.2"; + version = "2.2.0"; edition = "2021"; - sha256 = "1v3lbmhhi7i6jgw51ikjb1p50qh5rb67grlkdnkc63l7zq1gq2q2"; + sha256 = "1pkh3s837808cbwxvfagwc28cvwrz2d9h5rl02jwrhm51ryvdqxy"; authors = [ "The ICU4X Project Developers" ]; @@ -4160,6 +4190,7 @@ rec { "compiled_data" = [ "dep:icu_properties_data" "icu_provider/baked" ]; "datagen" = [ "serde" "dep:databake" "zerovec/databake" "icu_collections/databake" "icu_locale_core/databake" "zerotrie/databake" "icu_provider/export" ]; "default" = [ "compiled_data" ]; + "harfbuzz_traits" = [ "dep:harfbuzz-traits" ]; "serde" = [ "dep:serde" "icu_locale_core/serde" "zerovec/serde" "icu_collections/serde" "icu_provider/serde" "zerotrie/serde" ]; "unicode_bidi" = [ "dep:unicode-bidi" ]; }; @@ -4167,9 +4198,9 @@ rec { }; "icu_properties_data" = rec { crateName = "icu_properties_data"; - version = "2.1.2"; + version = "2.2.0"; edition = "2021"; - sha256 = "1bvpkh939rgzrjfdb7hz47v4wijngk0snmcgrnpwc9fpz162jv31"; + sha256 = "052awny0qwkbcbpd5jg2cd7vl5ry26pq4hz1nfsgf10c3qhbnawf"; authors = [ "The ICU4X Project Developers" ]; @@ -4177,9 +4208,9 @@ rec { }; "icu_provider" = rec { crateName = "icu_provider"; - version = "2.1.1"; + version = "2.2.0"; edition = "2021"; - sha256 = "0576b7dizgyhpfa74kacv86y4g1p7v5ffd6c56kf1q82rvq2r5l5"; + sha256 = "08dl8pxbwr8zsz4c5vphqb7xw0hykkznwi4rw7bk6pwb3krlr70k"; authors = [ "The ICU4X Project Developers" ]; @@ -4280,9 +4311,9 @@ rec { }; "idna_adapter" = rec { crateName = "idna_adapter"; - version = "1.2.1"; - edition = "2021"; - sha256 = "0i0339pxig6mv786nkqcxnwqa87v4m94b2653f6k3aj0jmhfkjis"; + version = "1.2.2"; + edition = "2024"; + sha256 = "0557p76l8hj35r9zn1yv7c6x1c0qbrsffmg80n0yy8361ly3fs6b"; authors = [ "The rust-url developers" ]; @@ -4305,9 +4336,9 @@ rec { }; "indexmap" = rec { crateName = "indexmap"; - version = "2.13.0"; - edition = "2021"; - sha256 = "05qh5c4h2hrnyypphxpwflk45syqbzvqsvvyxg43mp576w2ff53p"; + version = "2.14.0"; + edition = "2024"; + sha256 = "1na9z6f0d5pkjr1lgsni470v98gv2r7c41j8w48skr089x2yjrnl"; dependencies = [ { name = "equivalent"; @@ -4316,7 +4347,7 @@ rec { } { name = "hashbrown"; - packageId = "hashbrown"; + packageId = "hashbrown 0.17.0"; usesDefaultFeatures = false; } ]; @@ -4376,9 +4407,9 @@ rec { }; "iri-string" = rec { crateName = "iri-string"; - version = "0.7.10"; + version = "0.7.12"; edition = "2021"; - sha256 = "06kk3a5jz576p7vrpf7zz9jv3lrgcyp7pczcblcxdnryg3q3h4y9"; + sha256 = "082fpx6c5ghvmqpwxaf2b268m47z2ic3prajqbmi1s1qpfj5kri5"; libName = "iri_string"; authors = [ "YOSHIOKA Takuma " @@ -4439,9 +4470,9 @@ rec { }; "itoa" = rec { crateName = "itoa"; - version = "1.0.17"; + version = "1.0.18"; edition = "2021"; - sha256 = "1lh93xydrdn1g9x547bd05g0d3hra7pd1k4jfd2z1pl1h5hwdv4j"; + sha256 = "10jnd1vpfkb8kj38rlkn2a6k02afvj3qmw054dfpzagrpl6achlg"; authors = [ "David Tolnay " ]; @@ -4476,9 +4507,9 @@ rec { }; "jiff" = rec { crateName = "jiff"; - version = "0.2.22"; + version = "0.2.24"; edition = "2021"; - sha256 = "1hni7qv2j2kbjisw84r7y6gxdb8qx534vw92nmz13nc7gjy496w1"; + sha256 = "0g87al8yqp05m63dhqzi359xgsslc0grqz00nvfdyq8dcayms2zh"; authors = [ "Andrew Gallant " ]; @@ -4558,9 +4589,9 @@ rec { }; "jiff-static" = rec { crateName = "jiff-static"; - version = "0.2.22"; + version = "0.2.24"; edition = "2021"; - sha256 = "18fljj75vxqvq1v55s074pbbrjy67qg1p2f0cvbmzhzc33dm40j7"; + sha256 = "1mz6v0d1hd8wjgfzccgda5g9z01s1yxnyiizvahjw0pq1w1xw070"; procMacro = true; libName = "jiff_static"; authors = [ @@ -4587,9 +4618,9 @@ rec { }; "jiff-tzdb" = rec { crateName = "jiff-tzdb"; - version = "0.1.5"; + version = "0.1.6"; edition = "2021"; - sha256 = "1hm5xn3q092zac6apjy4492ddid473mwa0d64z5f5f95yyzix5v8"; + sha256 = "0xihzlnnyk0xnrzpq4xcyjdcmy8xc3ychzb9ayjkh4vgha2fy069"; libName = "jiff_tzdb"; libPath = "lib.rs"; authors = [ @@ -4640,14 +4671,25 @@ rec { }; "js-sys" = rec { crateName = "js-sys"; - version = "0.3.91"; + version = "0.3.97"; edition = "2021"; - sha256 = "171rzgq33wc1nxkgnvhlqqwwnrifs13mg3jjpjj5nf1z0yvib5xl"; + sha256 = "1kyaxgn1sm5am98jb48aj5j7r7s98kdrab41la5wzys5q2a0r151"; libName = "js_sys"; authors = [ "The wasm-bindgen Developers" ]; dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + { + name = "futures-util"; + packageId = "futures-util"; + optional = true; + usesDefaultFeatures = false; + features = [ "std" ]; + } { name = "once_cell"; packageId = "once_cell"; @@ -4661,7 +4703,8 @@ rec { ]; features = { "default" = [ "std" "unsafe-eval" ]; - "std" = [ "wasm-bindgen/std" ]; + "futures-core-03-stream" = [ "dep:futures-util" "dep:futures-core" ]; + "std" = [ "wasm-bindgen/std" "dep:futures-util" ]; }; resolvedDefaultFeatures = [ "default" "std" "unsafe-eval" ]; }; @@ -4778,10 +4821,10 @@ rec { }; "k8s-openapi" = rec { crateName = "k8s-openapi"; - version = "0.27.0"; + version = "0.27.1"; edition = "2021"; - links = "k8s-openapi-0.27.0"; - sha256 = "038zxrklpni04rpaww9dr7v8ln8zj8p7mgdd68bx5l8sc7rxd9h5"; + links = "k8s-openapi-0.27.1"; + sha256 = "0pldsxbxd4ckq94p8rkck4s862w33gfns6rclxr5imcx47sjdcsi"; libName = "k8s_openapi"; authors = [ "Arnav Singh " @@ -4860,6 +4903,53 @@ rec { }; resolvedDefaultFeatures = [ "darling" ]; }; + "konst" = rec { + crateName = "konst"; + version = "0.2.20"; + edition = "2018"; + sha256 = "1yyf1fhk28wbf1lqrga9as4cpfmpbry9a5vvdqyxgz14g3nk708j"; + authors = [ + "rodrimati1992 " + ]; + dependencies = [ + { + name = "konst_macro_rules"; + packageId = "konst_macro_rules"; + } + ]; + features = { + "__ui" = [ "__test" "trybuild" "rust_latest_stable" ]; + "const_generics" = [ "rust_1_51" ]; + "constant_time_slice" = [ "rust_latest_stable" ]; + "default" = [ "cmp" "parsing" ]; + "deref_raw_in_fn" = [ "rust_1_56" ]; + "konst_proc_macros" = [ "dep:konst_proc_macros" ]; + "mut_refs" = [ "rust_latest_stable" "konst_macro_rules/mut_refs" ]; + "nightly_mut_refs" = [ "mut_refs" "konst_macro_rules/nightly_mut_refs" ]; + "parsing" = [ "parsing_no_proc" "konst_proc_macros" ]; + "rust_1_51" = [ "konst_macro_rules/rust_1_51" ]; + "rust_1_55" = [ "rust_1_51" "konst_macro_rules/rust_1_55" ]; + "rust_1_56" = [ "rust_1_55" "konst_macro_rules/rust_1_56" ]; + "rust_1_57" = [ "rust_1_56" "konst_macro_rules/rust_1_57" ]; + "rust_1_61" = [ "rust_1_57" "konst_macro_rules/rust_1_61" ]; + "rust_1_64" = [ "rust_1_61" ]; + "rust_latest_stable" = [ "rust_1_64" ]; + "trybuild" = [ "dep:trybuild" ]; + }; + resolvedDefaultFeatures = [ "rust_1_51" "rust_1_55" "rust_1_56" "rust_1_57" "rust_1_61" "rust_1_64" ]; + }; + "konst_macro_rules" = rec { + crateName = "konst_macro_rules"; + version = "0.2.19"; + edition = "2018"; + sha256 = "0dswja0dqcww4x3fwjnirc0azv2n6cazn8yv0kddksd8awzkz4x4"; + authors = [ + "rodrimati1992 " + ]; + features = { + }; + resolvedDefaultFeatures = [ "rust_1_51" "rust_1_55" "rust_1_56" "rust_1_57" "rust_1_61" ]; + }; "kube" = rec { crateName = "kube"; version = "3.1.0"; @@ -5334,7 +5424,7 @@ rec { } { name = "hashbrown"; - packageId = "hashbrown"; + packageId = "hashbrown 0.16.1"; } { name = "hostname"; @@ -5436,9 +5526,9 @@ rec { }; "libc" = rec { crateName = "libc"; - version = "0.2.182"; + version = "0.2.186"; edition = "2021"; - sha256 = "04k1w1mq9f4cxv520dbr5xw1i7xkbc9fcrvaggyjy25jdkdvl038"; + sha256 = "0rnyhzjyqq9x56skkllbjzzzwym3r61lq3l4hqj64v71gw0r3av8"; authors = [ "The Rust Project Developers" ]; @@ -5513,10 +5603,10 @@ rec { }; "libz-sys" = rec { crateName = "libz-sys"; - version = "1.1.24"; + version = "1.1.28"; edition = "2018"; links = "z"; - sha256 = "0f8879301wxgljw8snkcix90p6qbm4inp3sqrsjq9b2svv5yjda7"; + sha256 = "08hyf9v85zifl3353xc7i5wr53v9b3scri856cmphl3gaxp24fpw"; libName = "libz_sys"; authors = [ "Alex Crichton " @@ -5555,9 +5645,9 @@ rec { }; "litemap" = rec { crateName = "litemap"; - version = "0.8.1"; + version = "0.8.2"; edition = "2021"; - sha256 = "0xsy8pfp9s802rsj1bq2ys2kbk1g36w5dr3gkfip7gphb5x60wv3"; + sha256 = "1w7628bc7wwcxc4n4s5kw0610xk06710nh2hn5kwwk2wa91z9nlj"; authors = [ "The ICU4X Project Developers" ]; @@ -5712,9 +5802,9 @@ rec { }; "mio" = rec { crateName = "mio"; - version = "1.1.1"; + version = "1.2.0"; edition = "2021"; - sha256 = "1z2phpalqbdgihrcjp8y09l3kgq6309jnhnr6h11l9s7mnqcm6x6"; + sha256 = "1hanrh4fwsfkdqdaqfidz48zz1wdix23zwn3r2x78am0garfbdsh"; authors = [ "Carl Lerche " "Thomas de Zeeuw " @@ -5724,17 +5814,7 @@ rec { { name = "libc"; packageId = "libc"; - target = { target, features }: ("hermit" == target."os" or null); - } - { - name = "libc"; - packageId = "libc"; - target = { target, features }: ("wasi" == target."os" or null); - } - { - name = "libc"; - packageId = "libc"; - target = { target, features }: (target."unix" or false); + target = { target, features }: ((target."unix" or false) || ("hermit" == target."os" or null) || ("wasi" == target."os" or null)); } { name = "wasi"; @@ -5823,7 +5903,7 @@ rec { } { name = "rand"; - packageId = "rand 0.8.5"; + packageId = "rand 0.8.6"; optional = true; usesDefaultFeatures = false; } @@ -5842,7 +5922,7 @@ rec { devDependencies = [ { name = "rand"; - packageId = "rand 0.8.5"; + packageId = "rand 0.8.6"; features = [ "small_rng" ]; } ]; @@ -5860,9 +5940,9 @@ rec { }; "num-conv" = rec { crateName = "num-conv"; - version = "0.2.0"; + version = "0.2.1"; edition = "2021"; - sha256 = "0l4hj7lp8zbb9am4j3p7vlcv47y9bbazinvnxx9zjhiwkibyr5yg"; + sha256 = "0rqrr29brafaa2za352pbmhkk556n7f8z9rrkgmjp1idvdl3fry6"; libName = "num_conv"; authors = [ "Jacob Pratt " @@ -5956,9 +6036,9 @@ rec { }; "once_cell" = rec { crateName = "once_cell"; - version = "1.21.3"; + version = "1.21.4"; edition = "2021"; - sha256 = "0b9x77lb9f1j6nqgf5aka4s2qj0nly176bpbrv6f9iakk5ff3xa2"; + sha256 = "0l1v676wf71kjg2khch4dphwh1jp3291ffiymr2mvy1kxd5kwz4z"; authors = [ "Aleksey Kladov " ]; @@ -6148,9 +6228,9 @@ rec { }; "opentelemetry-otlp" = rec { crateName = "opentelemetry-otlp"; - version = "0.31.0"; + version = "0.31.1"; edition = "2021"; - sha256 = "1gv3h75z8c0p9b85mbq7f1rgsi18wip1xlfa6g82lkfa5pdnc8vs"; + sha256 = "07zp0b62b9dajnvvcd6j2ppw5zg7wp4ixka9z6fr3bxrrdmcss8z"; libName = "opentelemetry_otlp"; dependencies = [ { @@ -6262,6 +6342,9 @@ rec { "serde_json" = [ "dep:serde_json" ]; "serialize" = [ "serde" "serde_json" ]; "tls" = [ "tonic/tls-ring" ]; + "tls-aws-lc" = [ "tonic/tls-aws-lc" ]; + "tls-provider-agnostic" = [ "tonic/_tls-any" ]; + "tls-ring" = [ "tonic/tls-ring" ]; "tls-roots" = [ "tls" "tonic/tls-native-roots" ]; "tls-webpki-roots" = [ "tls" "tonic/tls-webpki-roots" ]; "tokio" = [ "dep:tokio" ]; @@ -6383,7 +6466,7 @@ rec { } { name = "rand"; - packageId = "rand 0.9.2"; + packageId = "rand 0.9.4"; optional = true; usesDefaultFeatures = false; features = [ "std" "std_rng" "small_rng" "os_rng" "thread_rng" ]; @@ -6807,9 +6890,9 @@ rec { }; "pin-project" = rec { crateName = "pin-project"; - version = "1.1.11"; + version = "1.1.12"; edition = "2021"; - sha256 = "05zm3y3bl83ypsr6favxvny2kys4i19jiz1y18ylrbxwsiz9qx7i"; + sha256 = "1sbcs3s240z2w4jaga53c3jl5maw4qprf0a9kfcagcq0h7kdkw6b"; libName = "pin_project"; dependencies = [ { @@ -6821,9 +6904,9 @@ rec { }; "pin-project-internal" = rec { crateName = "pin-project-internal"; - version = "1.1.11"; + version = "1.1.12"; edition = "2021"; - sha256 = "1ik4mpb92da75inmjvxf2qm61vrnwml3x24wddvrjlqh1z9hxcnr"; + sha256 = "12a3c85sa005ahk1qm673h1akx2fa8qfvpb0ybd5aj788cpy5459"; procMacro = true; libName = "pin_project_internal"; dependencies = [ @@ -6851,17 +6934,6 @@ rec { sha256 = "1kfmwvs271si96zay4mm8887v5khw0c27jc9srw1a75ykvgj54x8"; libName = "pin_project_lite"; - }; - "pin-utils" = rec { - crateName = "pin-utils"; - version = "0.1.0"; - edition = "2018"; - sha256 = "117ir7vslsl2z1a7qzhws4pd01cg2d3338c47swjyvqv2n60v1wb"; - libName = "pin_utils"; - authors = [ - "Josef Brandl " - ]; - }; "pkcs1" = rec { crateName = "pkcs1"; @@ -6933,9 +7005,9 @@ rec { }; "pkg-config" = rec { crateName = "pkg-config"; - version = "0.3.32"; + version = "0.3.33"; edition = "2018"; - sha256 = "0k4h3gnzs94sjb2ix6jyksacs52cf1fanpwsmlhjnwrdnp8dppby"; + sha256 = "17jnqmcbxsnwhg9gjf0nh6dj5k0x3hgwi3mb9krjnmfa9v435w8r"; libName = "pkg_config"; authors = [ "Alex Crichton " @@ -6957,9 +7029,9 @@ rec { }; "portable-atomic-util" = rec { crateName = "portable-atomic-util"; - version = "0.2.5"; + version = "0.2.7"; edition = "2018"; - sha256 = "1xcm0ia8756k6hdgafx4g3lx3fw0hvz2zqswq7c2sy58gxnvk7bs"; + sha256 = "0616j0fhy6y71hyxg3n86f6hng0fmsc269s3wp4gl8ww4p8hd8f2"; libName = "portable_atomic_util"; dependencies = [ { @@ -6970,15 +7042,16 @@ rec { } ]; features = { + "serde" = [ "dep:serde" ]; "std" = [ "alloc" ]; }; resolvedDefaultFeatures = [ "alloc" ]; }; "potential_utf" = rec { crateName = "potential_utf"; - version = "0.1.4"; + version = "0.1.5"; edition = "2021"; - sha256 = "0xxg0pkfpq299wvwln409z4fk80rbv55phh3f1jhjajy5x1ljfdp"; + sha256 = "0r0518fr32xbkgzqap509s3r60cr0iancsg9j1jgf37cyz7b20q1"; authors = [ "The ICU4X Project Developers" ]; @@ -7085,9 +7158,9 @@ rec { }; "proc-macro-crate" = rec { crateName = "proc-macro-crate"; - version = "3.4.0"; + version = "3.5.0"; edition = "2021"; - sha256 = "10v9qi51n4phn1lrj5r94kjq7yhci9jrkqnn6wpan05yjsgb3711"; + sha256 = "0kv1g1d1zjwxlgcaba2qlshzyy32j03xic8rskqlcr5mnblsfyz6"; libName = "proc_macro_crate"; authors = [ "Bastian Köcher " @@ -7247,9 +7320,9 @@ rec { }; "quote" = rec { crateName = "quote"; - version = "1.0.44"; + version = "1.0.45"; edition = "2021"; - sha256 = "1r7c7hxl66vz3q9qizgjhy77pdrrypqgk4ghc7260xvvfb7ypci1"; + sha256 = "095rb5rg7pbnwdp6v8w5jw93wndwyijgci1b5lw8j1h5cscn3wj1"; authors = [ "David Tolnay " ]; @@ -7278,11 +7351,11 @@ rec { "rustc-dep-of-std" = [ "core" ]; }; }; - "rand 0.8.5" = rec { + "rand 0.8.6" = rec { crateName = "rand"; - version = "0.8.5"; + version = "0.8.6"; edition = "2018"; - sha256 = "013l6931nn7gkc23jz5mm3qdhf93jjf0fg64nz2lp4i51qd8vbrl"; + sha256 = "12kd4rljn86m00rcaz4c1rcya4mb4gk5ig6i8xq00a8wjgxfr82w"; authors = [ "The Rand Project Developers" "The Rust Project Developers" @@ -7304,22 +7377,19 @@ rec { "default" = [ "std" "std_rng" ]; "getrandom" = [ "rand_core/getrandom" ]; "libc" = [ "dep:libc" ]; - "log" = [ "dep:log" ]; - "packed_simd" = [ "dep:packed_simd" ]; "rand_chacha" = [ "dep:rand_chacha" ]; "serde" = [ "dep:serde" ]; "serde1" = [ "serde" "rand_core/serde1" ]; - "simd_support" = [ "packed_simd" ]; "std" = [ "rand_core/std" "rand_chacha/std" "alloc" "getrandom" "libc" ]; "std_rng" = [ "rand_chacha" ]; }; resolvedDefaultFeatures = [ "rand_chacha" "std_rng" ]; }; - "rand 0.9.2" = rec { + "rand 0.9.4" = rec { crateName = "rand"; - version = "0.9.2"; + version = "0.9.4"; edition = "2021"; - sha256 = "1lah73ainvrgl7brcxx0pwhpnqa3sm3qaj672034jz8i0q7pgckd"; + sha256 = "1sknbxgs6nfg0nxdd7689lwbyr2i4vaswchrv4b34z8vpc3azia4"; authors = [ "The Rand Project Developers" "The Rust Project Developers" @@ -7339,7 +7409,6 @@ rec { ]; features = { "default" = [ "std" "std_rng" "os_rng" "small_rng" "thread_rng" ]; - "log" = [ "dep:log" ]; "os_rng" = [ "rand_core/os_rng" ]; "serde" = [ "dep:serde" "rand_core/serde" ]; "std" = [ "rand_core/std" "rand_chacha?/std" "alloc" ]; @@ -8214,9 +8283,9 @@ rec { }; "rustls" = rec { crateName = "rustls"; - version = "0.23.37"; + version = "0.23.40"; edition = "2021"; - sha256 = "193k5h0wcih6ghvkrxyzwncivr1bd3a8yw3lzp13pzfcbz5jb03m"; + sha256 = "12qnv3ag4wrw7aj8jng74kgrilpjm2b1rfcjaac8h691frccv1pg"; dependencies = [ { name = "log"; @@ -8314,9 +8383,9 @@ rec { }; "rustls-pki-types" = rec { crateName = "rustls-pki-types"; - version = "1.14.0"; + version = "1.14.1"; edition = "2021"; - sha256 = "1p9zsgslvwzzkzhm6bqicffqndr4jpx67992b0vl0pi21a5hy15y"; + sha256 = "1a9pr54y0f3qr97bxpd3ahjldq0gqdld0h799xbnwdzbwxx1k9rh"; libName = "rustls_pki_types"; dependencies = [ { @@ -8395,9 +8464,9 @@ rec { }; "schannel" = rec { crateName = "schannel"; - version = "0.1.28"; + version = "0.1.29"; edition = "2018"; - sha256 = "1qb6s5gyxfz2inz753a4z3mc1d266mwvz0c5w7ppd3h44swq27c9"; + sha256 = "0ffrzz5vf2s3gnzvphgb5gg8fqifvryl07qcf7q3x1scj3jbghci"; authors = [ "Steven Fackler " "Steffen Butzer " @@ -8693,9 +8762,9 @@ rec { }; "semver" = rec { crateName = "semver"; - version = "1.0.27"; - edition = "2018"; - sha256 = "1qmi3akfrnqc2hfkdgcxhld5bv961wbk8my3ascv5068mc5fnryp"; + version = "1.0.28"; + edition = "2021"; + sha256 = "1kaimrpy876bcgi8bfj0qqfxk77zm9iz2zhn1hp9hj685z854y4a"; authors = [ "David Tolnay " ]; @@ -9165,9 +9234,9 @@ rec { }; "simd-adler32" = rec { crateName = "simd-adler32"; - version = "0.3.8"; + version = "0.3.9"; edition = "2018"; - sha256 = "18lx2gdgislabbvlgw5q3j5ssrr77v8kmkrxaanp3liimp2sc873"; + sha256 = "0532ysdwcvzyp2bwpk8qz0hijplcdwpssr5gy5r7qwqqy5z5qgbh"; libName = "simd_adler32"; authors = [ "Marvin Countryman " @@ -9417,9 +9486,9 @@ rec { }; "socket2" = rec { crateName = "socket2"; - version = "0.6.2"; + version = "0.6.3"; edition = "2021"; - sha256 = "1q073zkvz96h216mfz6niqk2kjqrgqv2va6zj34qh84zv4xamx46"; + sha256 = "0gkjjcyn69hqhhlh5kl8byk5m0d7hyrp2aqwzbs3d33q208nwxis"; authors = [ "Alex Crichton " "Thomas de Zeeuw " @@ -9428,11 +9497,11 @@ rec { { name = "libc"; packageId = "libc"; - target = { target, features }: (target."unix" or false); + target = { target, features }: ((target."unix" or false) || ("wasi" == target."os" or null)); } { name = "windows-sys"; - packageId = "windows-sys 0.60.2"; + packageId = "windows-sys 0.61.2"; target = { target, features }: (target."windows" or false); features = [ "Win32_Foundation" "Win32_Networking_WinSock" "Win32_System_IO" "Win32_System_Threading" "Win32_System_WindowsProgramming" ]; } @@ -9555,7 +9624,7 @@ rec { } { name = "rand"; - packageId = "rand 0.9.2"; + packageId = "rand 0.9.4"; } { name = "rand_core"; @@ -9639,10 +9708,6 @@ rec { packageId = "futures 0.3.32"; features = [ "compat" ]; } - { - name = "json-patch"; - packageId = "json-patch"; - } { name = "regex"; packageId = "regex"; @@ -9792,7 +9857,7 @@ rec { } { name = "rand"; - packageId = "rand 0.9.2"; + packageId = "rand 0.9.4"; } { name = "regex"; @@ -10293,7 +10358,7 @@ rec { } { name = "rand"; - packageId = "rand 0.9.2"; + packageId = "rand 0.9.4"; } { name = "serde"; @@ -10436,6 +10501,16 @@ rec { }; resolvedDefaultFeatures = [ "i128" ]; }; + "symlink" = rec { + crateName = "symlink"; + version = "0.1.0"; + edition = "2015"; + sha256 = "02h1i0b81mxb4vns4xrvrfibpcvs7jqqav8p3yilwik8cv73r5x7"; + authors = [ + "Chris Morgan " + ]; + + }; "syn 1.0.109" = rec { crateName = "syn"; version = "1.0.109"; @@ -10776,9 +10851,9 @@ rec { }; "tinystr" = rec { crateName = "tinystr"; - version = "0.8.2"; + version = "0.8.3"; edition = "2021"; - sha256 = "0sa8z88axdsf088hgw5p4xcyi6g3w3sgbb6qdp81bph9bk2fkls2"; + sha256 = "0vfr8x285w6zsqhna0a9jyhylwiafb2kc8pj2qaqaahw48236cn8"; authors = [ "The ICU4X Project Developers" ]; @@ -10868,9 +10943,9 @@ rec { }; "tokio" = rec { crateName = "tokio"; - version = "1.50.0"; + version = "1.52.2"; edition = "2021"; - sha256 = "0bc2c5kd57p2xd4l6hagb0bkrp798k5vw0f3xzzwy0sf6ws5xb97"; + sha256 = "11l3s4kn0f0da91pvhy62c9yfi03578j3wycqnrcvm8r7xc7h2hi"; authors = [ "Tokio Contributors " ]; @@ -10886,6 +10961,12 @@ rec { optional = true; target = { target, features }: ((target."tokio_unstable" or false) && ("linux" == target."os" or null)); } + { + name = "libc"; + packageId = "libc"; + optional = true; + target = { target, features }: ("wasi" == target."os" or null); + } { name = "libc"; packageId = "libc"; @@ -10925,7 +11006,7 @@ rec { name = "socket2"; packageId = "socket2"; optional = true; - target = { target, features }: (!(builtins.elem "wasm" target."family")); + target = { target, features }: ((!(builtins.elem "wasm" target."family")) || (("wasi" == target."os" or null) && (!("p1" == target."env" or null)))); features = [ "all" ]; } { @@ -10983,9 +11064,9 @@ rec { }; "tokio-macros" = rec { crateName = "tokio-macros"; - version = "2.6.1"; + version = "2.7.0"; edition = "2021"; - sha256 = "172nwz3s7mmh266hb8l5xdnc7v9kqahisppqhinfd75nz3ps4maw"; + sha256 = "15m4f37mdafs0gg36sh0rskm1i768lb7zmp8bw67kaxr3avnqniq"; procMacro = true; libName = "tokio_macros"; authors = [ @@ -11153,9 +11234,9 @@ rec { }; "toml_datetime" = rec { crateName = "toml_datetime"; - version = "0.7.5+spec-1.1.0"; - edition = "2021"; - sha256 = "0iqkgvgsxmszpai53dbip7sf2igic39s4dby29dbqf1h9bnwzqcj"; + version = "1.1.1+spec-1.1.0"; + edition = "2024"; + sha256 = "1mws2mkkf46l7inn77azhm0vdwxngv9vsbhbl0ah33p2c9gzcr9i"; dependencies = [ { name = "serde_core"; @@ -11174,9 +11255,9 @@ rec { }; "toml_edit" = rec { crateName = "toml_edit"; - version = "0.23.10+spec-1.0.0"; - edition = "2021"; - sha256 = "0saj5c676j8a3sqaj9akkp09wambg8aflji4zblwwa70azvvkj44"; + version = "0.25.11+spec-1.1.0"; + edition = "2024"; + sha256 = "0awzffbkx33v9x4h19b5mfrwp3sn4ifr16y58sbk6j6l5v9c8n8b"; dependencies = [ { name = "indexmap"; @@ -11209,9 +11290,9 @@ rec { }; "toml_parser" = rec { crateName = "toml_parser"; - version = "1.0.9+spec-1.1.0"; - edition = "2021"; - sha256 = "1i54qpvvcppy8ybdn9gssas81vfzq0kmgkcnxzhyf8w9w0al8bbh"; + version = "1.1.2+spec-1.1.0"; + edition = "2024"; + sha256 = "09kmzc55a0j21whm290wlf5a8b18a0qc87a1s8sncrckc6wfkax2"; dependencies = [ { name = "winnow"; @@ -11703,9 +11784,9 @@ rec { }; "tracing-appender" = rec { crateName = "tracing-appender"; - version = "0.2.4"; + version = "0.2.5"; edition = "2018"; - sha256 = "1bxf7xvsr89glbq174cx0b9pinaacbhlmc85y1ssniv2rq5lhvbq"; + sha256 = "0g4a6q5s3wafid5lqw1ljzvh1nhk3a4zmb627fxv96dr7qcqc1h5"; libName = "tracing_appender"; authors = [ "Zeki Sherif " @@ -11716,6 +11797,10 @@ rec { name = "crossbeam-channel"; packageId = "crossbeam-channel"; } + { + name = "symlink"; + packageId = "symlink"; + } { name = "thiserror"; packageId = "thiserror 2.0.18"; @@ -11937,9 +12022,9 @@ rec { }; "tracing-subscriber" = rec { crateName = "tracing-subscriber"; - version = "0.3.22"; + version = "0.3.23"; edition = "2018"; - sha256 = "07hz575a0p1c2i4xw3gs3hkrykhndnkbfhyqdwjhvayx4ww18c1g"; + sha256 = "06fkr0qhggvrs861d7f74pn3i3a10h5jsp4n70jj9ys5b675fzyb"; libName = "tracing_subscriber"; authors = [ "Eliza Weisman " @@ -12070,9 +12155,9 @@ rec { }; "typenum" = rec { crateName = "typenum"; - version = "1.19.0"; + version = "1.20.0"; edition = "2018"; - sha256 = "1fw2mpbn2vmqan56j1b3fbpcdg80mz26fm53fs16bq5xcq84hban"; + sha256 = "1pj35y6q11d3y55gdl6g1h2dfhmybjming0jdi9bh0bpnqm11kj0"; authors = [ "Paho Lurie-Gregg " "Andre Bogus " @@ -12109,9 +12194,9 @@ rec { }; "unicode-segmentation" = rec { crateName = "unicode-segmentation"; - version = "1.12.0"; + version = "1.13.2"; edition = "2018"; - sha256 = "14qla2jfx74yyb9ds3d2mpwpa4l4lzb9z57c6d2ba511458z5k7n"; + sha256 = "135a26m4a0wj319gcw28j6a5aqvz00jmgwgmcs6szgxjf942facn"; libName = "unicode_segmentation"; authors = [ "kwantam " @@ -12239,9 +12324,9 @@ rec { }; "uuid" = rec { crateName = "uuid"; - version = "1.21.0"; + version = "1.23.1"; edition = "2021"; - sha256 = "1nsxfd17gfkvl1jmwcy5lnq6z32b8kf19is04byl6b95an2k6wmn"; + sha256 = "0xlwg23rmsfl3gx98qsyzpl24pf4bs9wi3mqx5c6i319hyb4mmyx"; authors = [ "Ashley Mannix" "Dylan DPC" @@ -12261,7 +12346,6 @@ rec { optional = true; usesDefaultFeatures = false; target = { target, features }: (("wasm32" == target."arch" or null) && (("unknown" == target."os" or null) || ("none" == target."os" or null))); - features = [ "msrv" ]; } ]; devDependencies = [ @@ -12365,9 +12449,9 @@ rec { }; "wasip2" = rec { crateName = "wasip2"; - version = "1.0.2+wasi-0.2.9"; + version = "1.0.3+wasi-0.2.9"; edition = "2021"; - sha256 = "1xdw7v08jpfjdg94sp4lbdgzwa587m5ifpz6fpdnkh02kwizj5wm"; + sha256 = "1mi3w855dz99xzjqc4aa8c9q5b6z1y5c963pkk4cvmr6vdr4c1i0"; dependencies = [ { name = "wit-bindgen"; @@ -12385,9 +12469,9 @@ rec { }; "wasm-bindgen" = rec { crateName = "wasm-bindgen"; - version = "0.2.114"; + version = "0.2.120"; edition = "2021"; - sha256 = "13nkhw552hpllrrmkd2x9y4bmcxr82kdpky2n667kqzcq6jzjck5"; + sha256 = "1cax9wy1n67sa2m16ia72lsxdrc5pzcv47psxp4p833yp3cvclnz"; libName = "wasm_bindgen"; authors = [ "The wasm-bindgen Developers" @@ -12432,66 +12516,41 @@ rec { "serde_json" = [ "dep:serde_json" ]; "strict-macro" = [ "wasm-bindgen-macro/strict-macro" ]; }; - resolvedDefaultFeatures = [ "default" "msrv" "std" ]; + resolvedDefaultFeatures = [ "default" "std" ]; }; "wasm-bindgen-futures" = rec { crateName = "wasm-bindgen-futures"; - version = "0.4.64"; + version = "0.4.70"; edition = "2021"; - sha256 = "1f3xnr40wwims4zhvh119dhwmffz4h4x82cffi118ri878mm5ig9"; + sha256 = "1130a64yig0p10mk7rnq5l2jpwglbyxpnqg6h0nlqwzcmir4i4xg"; libName = "wasm_bindgen_futures"; authors = [ "The wasm-bindgen Developers" ]; dependencies = [ - { - name = "cfg-if"; - packageId = "cfg-if"; - } - { - name = "futures-util"; - packageId = "futures-util"; - optional = true; - usesDefaultFeatures = false; - features = [ "std" ]; - } { name = "js-sys"; packageId = "js-sys"; usesDefaultFeatures = false; } - { - name = "once_cell"; - packageId = "once_cell"; - usesDefaultFeatures = false; - } { name = "wasm-bindgen"; packageId = "wasm-bindgen"; usesDefaultFeatures = false; } - { - name = "web-sys"; - packageId = "web-sys"; - usesDefaultFeatures = false; - target = { target, features }: (builtins.elem "atomics" targetFeatures); - features = [ "MessageEvent" "Worker" ]; - } ]; features = { "default" = [ "std" ]; - "futures-core" = [ "dep:futures-core" ]; - "futures-core-03-stream" = [ "futures-core" ]; - "futures-util" = [ "dep:futures-util" ]; - "std" = [ "wasm-bindgen/std" "js-sys/std" "web-sys/std" "futures-util" ]; + "futures-core-03-stream" = [ "js-sys/futures-core-03-stream" ]; + "std" = [ "wasm-bindgen/std" "js-sys/std" ]; }; - resolvedDefaultFeatures = [ "default" "futures-util" "std" ]; + resolvedDefaultFeatures = [ "default" "std" ]; }; "wasm-bindgen-macro" = rec { crateName = "wasm-bindgen-macro"; - version = "0.2.114"; + version = "0.2.120"; edition = "2021"; - sha256 = "1rhq9kkl7n0zjrag9p25xsi4aabpgfkyf02zn4xv6pqhrw7xb8hq"; + sha256 = "00xixpydzjd6y9knwdsrsiff6wi1ddszb1fa9bk25csz94gh9cbq"; procMacro = true; libName = "wasm_bindgen_macro"; authors = [ @@ -12513,9 +12572,9 @@ rec { }; "wasm-bindgen-macro-support" = rec { crateName = "wasm-bindgen-macro-support"; - version = "0.2.114"; + version = "0.2.120"; edition = "2021"; - sha256 = "1qriqqjpn922kv5c7f7627fj823k5aifv06j2gvwsiy5map4rkh3"; + sha256 = "0h8v5aphaaq155fzz2d312zrxbka1x6lsvb8mhc8m60n0kr0zkcx"; libName = "wasm_bindgen_macro_support"; authors = [ "The wasm-bindgen Developers" @@ -12549,10 +12608,10 @@ rec { }; "wasm-bindgen-shared" = rec { crateName = "wasm-bindgen-shared"; - version = "0.2.114"; + version = "0.2.120"; edition = "2021"; links = "wasm_bindgen"; - sha256 = "05lc6w64jxlk4wk8rjci4z61lhx2ams90la27a41gvi3qaw2d8vm"; + sha256 = "1sjrac4f4j5pgw42mxadq9v42f0bji1a2rcksrbnrwgbh8y7nxa9"; libName = "wasm_bindgen_shared"; authors = [ "The wasm-bindgen Developers" @@ -12567,9 +12626,9 @@ rec { }; "web-sys" = rec { crateName = "web-sys"; - version = "0.3.91"; + version = "0.3.97"; edition = "2021"; - sha256 = "1y91r8f4dy4iqgrr03swdzqffz6wmllrgninp8kgpaq4n5xs2jw5"; + sha256 = "00knh8cizgb01bmh362f3f19b11f8zl1y3gj6h47pk95233vmb9f"; libName = "web_sys"; authors = [ "The wasm-bindgen Developers" @@ -13059,7 +13118,7 @@ rec { "default" = [ "std" ]; "std" = [ "wasm-bindgen/std" "js-sys/std" ]; }; - resolvedDefaultFeatures = [ "AbortController" "AbortSignal" "Blob" "BlobPropertyBag" "Event" "EventTarget" "File" "FormData" "Headers" "MessageEvent" "ReadableStream" "Request" "RequestCache" "RequestCredentials" "RequestInit" "RequestMode" "Response" "ServiceWorkerGlobalScope" "Window" "Worker" "WorkerGlobalScope" "default" "std" ]; + resolvedDefaultFeatures = [ "AbortController" "AbortSignal" "Blob" "BlobPropertyBag" "EventTarget" "File" "FormData" "Headers" "ReadableStream" "Request" "RequestCache" "RequestCredentials" "RequestInit" "RequestMode" "Response" "ServiceWorkerGlobalScope" "Window" "WorkerGlobalScope" "default" "std" ]; }; "web-time" = rec { crateName = "web-time"; @@ -13233,7 +13292,7 @@ rec { dependencies = [ { name = "windows-targets"; - packageId = "windows-targets 0.52.6"; + packageId = "windows-targets"; } ]; features = { @@ -13469,19 +13528,16 @@ rec { }; resolvedDefaultFeatures = [ "Win32" "Win32_Foundation" "Win32_System" "Win32_System_Threading" "default" ]; }; - "windows-sys 0.60.2" = rec { + "windows-sys 0.61.2" = rec { crateName = "windows-sys"; - version = "0.60.2"; + version = "0.61.2"; edition = "2021"; - sha256 = "1jrbc615ihqnhjhxplr2kw7rasrskv9wj3lr80hgfd42sbj01xgj"; + sha256 = "1z7k3y9b6b5h52kid57lvmvm05362zv1v8w0gc7xyv5xphlp44xf"; libName = "windows_sys"; - authors = [ - "Microsoft" - ]; dependencies = [ { - name = "windows-targets"; - packageId = "windows-targets 0.53.5"; + name = "windows-link"; + packageId = "windows-link"; usesDefaultFeatures = false; } ]; @@ -13732,380 +13788,62 @@ rec { "Win32_Web" = [ "Win32" ]; "Win32_Web_InternetExplorer" = [ "Win32_Web" ]; }; - resolvedDefaultFeatures = [ "Win32" "Win32_Foundation" "Win32_Networking" "Win32_Networking_WinSock" "Win32_System" "Win32_System_IO" "Win32_System_Threading" "Win32_System_WindowsProgramming" "default" ]; + resolvedDefaultFeatures = [ "Wdk" "Wdk_Foundation" "Wdk_Storage" "Wdk_Storage_FileSystem" "Wdk_System" "Wdk_System_IO" "Win32" "Win32_Foundation" "Win32_Networking" "Win32_Networking_WinSock" "Win32_Security" "Win32_Security_Authentication" "Win32_Security_Authentication_Identity" "Win32_Security_Credentials" "Win32_Security_Cryptography" "Win32_Storage" "Win32_Storage_FileSystem" "Win32_System" "Win32_System_Console" "Win32_System_Diagnostics" "Win32_System_Diagnostics_Debug" "Win32_System_IO" "Win32_System_LibraryLoader" "Win32_System_Memory" "Win32_System_Pipes" "Win32_System_SystemInformation" "Win32_System_SystemServices" "Win32_System_Threading" "Win32_System_Time" "Win32_System_WindowsProgramming" "default" ]; }; - "windows-sys 0.61.2" = rec { - crateName = "windows-sys"; - version = "0.61.2"; + "windows-targets" = rec { + crateName = "windows-targets"; + version = "0.52.6"; edition = "2021"; - sha256 = "1z7k3y9b6b5h52kid57lvmvm05362zv1v8w0gc7xyv5xphlp44xf"; - libName = "windows_sys"; + sha256 = "0wwrx625nwlfp7k93r2rra568gad1mwd888h1jwnl0vfg5r4ywlv"; + libName = "windows_targets"; + authors = [ + "Microsoft" + ]; dependencies = [ { - name = "windows-link"; - packageId = "windows-link"; - usesDefaultFeatures = false; - } - ]; - features = { - "Wdk" = [ "Win32_Foundation" ]; - "Wdk_Devices" = [ "Wdk" ]; - "Wdk_Devices_Bluetooth" = [ "Wdk_Devices" ]; - "Wdk_Devices_HumanInterfaceDevice" = [ "Wdk_Devices" ]; - "Wdk_Foundation" = [ "Wdk" ]; - "Wdk_Graphics" = [ "Wdk" ]; - "Wdk_Graphics_Direct3D" = [ "Wdk_Graphics" ]; - "Wdk_NetworkManagement" = [ "Wdk" ]; - "Wdk_NetworkManagement_Ndis" = [ "Wdk_NetworkManagement" ]; - "Wdk_NetworkManagement_WindowsFilteringPlatform" = [ "Wdk_NetworkManagement" ]; - "Wdk_Storage" = [ "Wdk" ]; - "Wdk_Storage_FileSystem" = [ "Wdk_Storage" ]; - "Wdk_Storage_FileSystem_Minifilters" = [ "Wdk_Storage_FileSystem" ]; - "Wdk_System" = [ "Wdk" ]; - "Wdk_System_IO" = [ "Wdk_System" ]; - "Wdk_System_Memory" = [ "Wdk_System" ]; - "Wdk_System_OfflineRegistry" = [ "Wdk_System" ]; - "Wdk_System_Registry" = [ "Wdk_System" ]; - "Wdk_System_SystemInformation" = [ "Wdk_System" ]; - "Wdk_System_SystemServices" = [ "Wdk_System" ]; - "Wdk_System_Threading" = [ "Wdk_System" ]; - "Win32" = [ "Win32_Foundation" ]; - "Win32_Data" = [ "Win32" ]; - "Win32_Data_HtmlHelp" = [ "Win32_Data" ]; - "Win32_Data_RightsManagement" = [ "Win32_Data" ]; - "Win32_Devices" = [ "Win32" ]; - "Win32_Devices_AllJoyn" = [ "Win32_Devices" ]; - "Win32_Devices_Beep" = [ "Win32_Devices" ]; - "Win32_Devices_BiometricFramework" = [ "Win32_Devices" ]; - "Win32_Devices_Bluetooth" = [ "Win32_Devices" ]; - "Win32_Devices_Cdrom" = [ "Win32_Devices" ]; - "Win32_Devices_Communication" = [ "Win32_Devices" ]; - "Win32_Devices_DeviceAndDriverInstallation" = [ "Win32_Devices" ]; - "Win32_Devices_DeviceQuery" = [ "Win32_Devices" ]; - "Win32_Devices_Display" = [ "Win32_Devices" ]; - "Win32_Devices_Dvd" = [ "Win32_Devices" ]; - "Win32_Devices_Enumeration" = [ "Win32_Devices" ]; - "Win32_Devices_Enumeration_Pnp" = [ "Win32_Devices_Enumeration" ]; - "Win32_Devices_Fax" = [ "Win32_Devices" ]; - "Win32_Devices_HumanInterfaceDevice" = [ "Win32_Devices" ]; - "Win32_Devices_Nfc" = [ "Win32_Devices" ]; - "Win32_Devices_Nfp" = [ "Win32_Devices" ]; - "Win32_Devices_PortableDevices" = [ "Win32_Devices" ]; - "Win32_Devices_Properties" = [ "Win32_Devices" ]; - "Win32_Devices_Pwm" = [ "Win32_Devices" ]; - "Win32_Devices_Sensors" = [ "Win32_Devices" ]; - "Win32_Devices_SerialCommunication" = [ "Win32_Devices" ]; - "Win32_Devices_Tapi" = [ "Win32_Devices" ]; - "Win32_Devices_Usb" = [ "Win32_Devices" ]; - "Win32_Devices_WebServicesOnDevices" = [ "Win32_Devices" ]; - "Win32_Foundation" = [ "Win32" ]; - "Win32_Gaming" = [ "Win32" ]; - "Win32_Globalization" = [ "Win32" ]; - "Win32_Graphics" = [ "Win32" ]; - "Win32_Graphics_Dwm" = [ "Win32_Graphics" ]; - "Win32_Graphics_Gdi" = [ "Win32_Graphics" ]; - "Win32_Graphics_GdiPlus" = [ "Win32_Graphics" ]; - "Win32_Graphics_Hlsl" = [ "Win32_Graphics" ]; - "Win32_Graphics_OpenGL" = [ "Win32_Graphics" ]; - "Win32_Graphics_Printing" = [ "Win32_Graphics" ]; - "Win32_Graphics_Printing_PrintTicket" = [ "Win32_Graphics_Printing" ]; - "Win32_Management" = [ "Win32" ]; - "Win32_Management_MobileDeviceManagementRegistration" = [ "Win32_Management" ]; - "Win32_Media" = [ "Win32" ]; - "Win32_Media_Audio" = [ "Win32_Media" ]; - "Win32_Media_DxMediaObjects" = [ "Win32_Media" ]; - "Win32_Media_KernelStreaming" = [ "Win32_Media" ]; - "Win32_Media_Multimedia" = [ "Win32_Media" ]; - "Win32_Media_Streaming" = [ "Win32_Media" ]; - "Win32_Media_WindowsMediaFormat" = [ "Win32_Media" ]; - "Win32_NetworkManagement" = [ "Win32" ]; - "Win32_NetworkManagement_Dhcp" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_Dns" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_InternetConnectionWizard" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_IpHelper" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_Multicast" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_Ndis" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_NetBios" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_NetManagement" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_NetShell" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_NetworkDiagnosticsFramework" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_P2P" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_QoS" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_Rras" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_Snmp" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WNet" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WebDav" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WiFi" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WindowsConnectionManager" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WindowsFilteringPlatform" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WindowsFirewall" = [ "Win32_NetworkManagement" ]; - "Win32_NetworkManagement_WindowsNetworkVirtualization" = [ "Win32_NetworkManagement" ]; - "Win32_Networking" = [ "Win32" ]; - "Win32_Networking_ActiveDirectory" = [ "Win32_Networking" ]; - "Win32_Networking_Clustering" = [ "Win32_Networking" ]; - "Win32_Networking_HttpServer" = [ "Win32_Networking" ]; - "Win32_Networking_Ldap" = [ "Win32_Networking" ]; - "Win32_Networking_WebSocket" = [ "Win32_Networking" ]; - "Win32_Networking_WinHttp" = [ "Win32_Networking" ]; - "Win32_Networking_WinInet" = [ "Win32_Networking" ]; - "Win32_Networking_WinSock" = [ "Win32_Networking" ]; - "Win32_Networking_WindowsWebServices" = [ "Win32_Networking" ]; - "Win32_Security" = [ "Win32" ]; - "Win32_Security_AppLocker" = [ "Win32_Security" ]; - "Win32_Security_Authentication" = [ "Win32_Security" ]; - "Win32_Security_Authentication_Identity" = [ "Win32_Security_Authentication" ]; - "Win32_Security_Authorization" = [ "Win32_Security" ]; - "Win32_Security_Credentials" = [ "Win32_Security" ]; - "Win32_Security_Cryptography" = [ "Win32_Security" ]; - "Win32_Security_Cryptography_Catalog" = [ "Win32_Security_Cryptography" ]; - "Win32_Security_Cryptography_Certificates" = [ "Win32_Security_Cryptography" ]; - "Win32_Security_Cryptography_Sip" = [ "Win32_Security_Cryptography" ]; - "Win32_Security_Cryptography_UI" = [ "Win32_Security_Cryptography" ]; - "Win32_Security_DiagnosticDataQuery" = [ "Win32_Security" ]; - "Win32_Security_DirectoryServices" = [ "Win32_Security" ]; - "Win32_Security_EnterpriseData" = [ "Win32_Security" ]; - "Win32_Security_ExtensibleAuthenticationProtocol" = [ "Win32_Security" ]; - "Win32_Security_Isolation" = [ "Win32_Security" ]; - "Win32_Security_LicenseProtection" = [ "Win32_Security" ]; - "Win32_Security_NetworkAccessProtection" = [ "Win32_Security" ]; - "Win32_Security_WinTrust" = [ "Win32_Security" ]; - "Win32_Security_WinWlx" = [ "Win32_Security" ]; - "Win32_Storage" = [ "Win32" ]; - "Win32_Storage_Cabinets" = [ "Win32_Storage" ]; - "Win32_Storage_CloudFilters" = [ "Win32_Storage" ]; - "Win32_Storage_Compression" = [ "Win32_Storage" ]; - "Win32_Storage_DistributedFileSystem" = [ "Win32_Storage" ]; - "Win32_Storage_FileHistory" = [ "Win32_Storage" ]; - "Win32_Storage_FileSystem" = [ "Win32_Storage" ]; - "Win32_Storage_Imapi" = [ "Win32_Storage" ]; - "Win32_Storage_IndexServer" = [ "Win32_Storage" ]; - "Win32_Storage_InstallableFileSystems" = [ "Win32_Storage" ]; - "Win32_Storage_IscsiDisc" = [ "Win32_Storage" ]; - "Win32_Storage_Jet" = [ "Win32_Storage" ]; - "Win32_Storage_Nvme" = [ "Win32_Storage" ]; - "Win32_Storage_OfflineFiles" = [ "Win32_Storage" ]; - "Win32_Storage_OperationRecorder" = [ "Win32_Storage" ]; - "Win32_Storage_Packaging" = [ "Win32_Storage" ]; - "Win32_Storage_Packaging_Appx" = [ "Win32_Storage_Packaging" ]; - "Win32_Storage_ProjectedFileSystem" = [ "Win32_Storage" ]; - "Win32_Storage_StructuredStorage" = [ "Win32_Storage" ]; - "Win32_Storage_Vhd" = [ "Win32_Storage" ]; - "Win32_Storage_Xps" = [ "Win32_Storage" ]; - "Win32_System" = [ "Win32" ]; - "Win32_System_AddressBook" = [ "Win32_System" ]; - "Win32_System_Antimalware" = [ "Win32_System" ]; - "Win32_System_ApplicationInstallationAndServicing" = [ "Win32_System" ]; - "Win32_System_ApplicationVerifier" = [ "Win32_System" ]; - "Win32_System_ClrHosting" = [ "Win32_System" ]; - "Win32_System_Com" = [ "Win32_System" ]; - "Win32_System_Com_Marshal" = [ "Win32_System_Com" ]; - "Win32_System_Com_StructuredStorage" = [ "Win32_System_Com" ]; - "Win32_System_Com_Urlmon" = [ "Win32_System_Com" ]; - "Win32_System_ComponentServices" = [ "Win32_System" ]; - "Win32_System_Console" = [ "Win32_System" ]; - "Win32_System_CorrelationVector" = [ "Win32_System" ]; - "Win32_System_DataExchange" = [ "Win32_System" ]; - "Win32_System_DeploymentServices" = [ "Win32_System" ]; - "Win32_System_DeveloperLicensing" = [ "Win32_System" ]; - "Win32_System_Diagnostics" = [ "Win32_System" ]; - "Win32_System_Diagnostics_Ceip" = [ "Win32_System_Diagnostics" ]; - "Win32_System_Diagnostics_Debug" = [ "Win32_System_Diagnostics" ]; - "Win32_System_Diagnostics_Debug_Extensions" = [ "Win32_System_Diagnostics_Debug" ]; - "Win32_System_Diagnostics_Etw" = [ "Win32_System_Diagnostics" ]; - "Win32_System_Diagnostics_ProcessSnapshotting" = [ "Win32_System_Diagnostics" ]; - "Win32_System_Diagnostics_ToolHelp" = [ "Win32_System_Diagnostics" ]; - "Win32_System_Diagnostics_TraceLogging" = [ "Win32_System_Diagnostics" ]; - "Win32_System_DistributedTransactionCoordinator" = [ "Win32_System" ]; - "Win32_System_Environment" = [ "Win32_System" ]; - "Win32_System_ErrorReporting" = [ "Win32_System" ]; - "Win32_System_EventCollector" = [ "Win32_System" ]; - "Win32_System_EventLog" = [ "Win32_System" ]; - "Win32_System_EventNotificationService" = [ "Win32_System" ]; - "Win32_System_GroupPolicy" = [ "Win32_System" ]; - "Win32_System_HostCompute" = [ "Win32_System" ]; - "Win32_System_HostComputeNetwork" = [ "Win32_System" ]; - "Win32_System_HostComputeSystem" = [ "Win32_System" ]; - "Win32_System_Hypervisor" = [ "Win32_System" ]; - "Win32_System_IO" = [ "Win32_System" ]; - "Win32_System_Iis" = [ "Win32_System" ]; - "Win32_System_Ioctl" = [ "Win32_System" ]; - "Win32_System_JobObjects" = [ "Win32_System" ]; - "Win32_System_Js" = [ "Win32_System" ]; - "Win32_System_Kernel" = [ "Win32_System" ]; - "Win32_System_LibraryLoader" = [ "Win32_System" ]; - "Win32_System_Mailslots" = [ "Win32_System" ]; - "Win32_System_Mapi" = [ "Win32_System" ]; - "Win32_System_Memory" = [ "Win32_System" ]; - "Win32_System_Memory_NonVolatile" = [ "Win32_System_Memory" ]; - "Win32_System_MessageQueuing" = [ "Win32_System" ]; - "Win32_System_MixedReality" = [ "Win32_System" ]; - "Win32_System_Ole" = [ "Win32_System" ]; - "Win32_System_PasswordManagement" = [ "Win32_System" ]; - "Win32_System_Performance" = [ "Win32_System" ]; - "Win32_System_Performance_HardwareCounterProfiling" = [ "Win32_System_Performance" ]; - "Win32_System_Pipes" = [ "Win32_System" ]; - "Win32_System_Power" = [ "Win32_System" ]; - "Win32_System_ProcessStatus" = [ "Win32_System" ]; - "Win32_System_Recovery" = [ "Win32_System" ]; - "Win32_System_Registry" = [ "Win32_System" ]; - "Win32_System_RemoteDesktop" = [ "Win32_System" ]; - "Win32_System_RemoteManagement" = [ "Win32_System" ]; - "Win32_System_RestartManager" = [ "Win32_System" ]; - "Win32_System_Restore" = [ "Win32_System" ]; - "Win32_System_Rpc" = [ "Win32_System" ]; - "Win32_System_Search" = [ "Win32_System" ]; - "Win32_System_Search_Common" = [ "Win32_System_Search" ]; - "Win32_System_SecurityCenter" = [ "Win32_System" ]; - "Win32_System_Services" = [ "Win32_System" ]; - "Win32_System_SetupAndMigration" = [ "Win32_System" ]; - "Win32_System_Shutdown" = [ "Win32_System" ]; - "Win32_System_StationsAndDesktops" = [ "Win32_System" ]; - "Win32_System_SubsystemForLinux" = [ "Win32_System" ]; - "Win32_System_SystemInformation" = [ "Win32_System" ]; - "Win32_System_SystemServices" = [ "Win32_System" ]; - "Win32_System_Threading" = [ "Win32_System" ]; - "Win32_System_Time" = [ "Win32_System" ]; - "Win32_System_TpmBaseServices" = [ "Win32_System" ]; - "Win32_System_UserAccessLogging" = [ "Win32_System" ]; - "Win32_System_Variant" = [ "Win32_System" ]; - "Win32_System_VirtualDosMachines" = [ "Win32_System" ]; - "Win32_System_WindowsProgramming" = [ "Win32_System" ]; - "Win32_System_Wmi" = [ "Win32_System" ]; - "Win32_UI" = [ "Win32" ]; - "Win32_UI_Accessibility" = [ "Win32_UI" ]; - "Win32_UI_ColorSystem" = [ "Win32_UI" ]; - "Win32_UI_Controls" = [ "Win32_UI" ]; - "Win32_UI_Controls_Dialogs" = [ "Win32_UI_Controls" ]; - "Win32_UI_HiDpi" = [ "Win32_UI" ]; - "Win32_UI_Input" = [ "Win32_UI" ]; - "Win32_UI_Input_Ime" = [ "Win32_UI_Input" ]; - "Win32_UI_Input_KeyboardAndMouse" = [ "Win32_UI_Input" ]; - "Win32_UI_Input_Pointer" = [ "Win32_UI_Input" ]; - "Win32_UI_Input_Touch" = [ "Win32_UI_Input" ]; - "Win32_UI_Input_XboxController" = [ "Win32_UI_Input" ]; - "Win32_UI_InteractionContext" = [ "Win32_UI" ]; - "Win32_UI_Magnification" = [ "Win32_UI" ]; - "Win32_UI_Shell" = [ "Win32_UI" ]; - "Win32_UI_Shell_Common" = [ "Win32_UI_Shell" ]; - "Win32_UI_Shell_PropertiesSystem" = [ "Win32_UI_Shell" ]; - "Win32_UI_TabletPC" = [ "Win32_UI" ]; - "Win32_UI_TextServices" = [ "Win32_UI" ]; - "Win32_UI_WindowsAndMessaging" = [ "Win32_UI" ]; - "Win32_Web" = [ "Win32" ]; - "Win32_Web_InternetExplorer" = [ "Win32_Web" ]; - }; - resolvedDefaultFeatures = [ "Wdk" "Wdk_Foundation" "Wdk_Storage" "Wdk_Storage_FileSystem" "Wdk_System" "Wdk_System_IO" "Win32" "Win32_Foundation" "Win32_Networking" "Win32_Networking_WinSock" "Win32_Security" "Win32_Security_Authentication" "Win32_Security_Authentication_Identity" "Win32_Security_Credentials" "Win32_Security_Cryptography" "Win32_Storage" "Win32_Storage_FileSystem" "Win32_System" "Win32_System_Console" "Win32_System_Diagnostics" "Win32_System_Diagnostics_Debug" "Win32_System_IO" "Win32_System_LibraryLoader" "Win32_System_Memory" "Win32_System_Pipes" "Win32_System_SystemInformation" "Win32_System_SystemServices" "Win32_System_Threading" "Win32_System_Time" "Win32_System_WindowsProgramming" "default" ]; - }; - "windows-targets 0.52.6" = rec { - crateName = "windows-targets"; - version = "0.52.6"; - edition = "2021"; - sha256 = "0wwrx625nwlfp7k93r2rra568gad1mwd888h1jwnl0vfg5r4ywlv"; - libName = "windows_targets"; - authors = [ - "Microsoft" - ]; - dependencies = [ - { - name = "windows_aarch64_gnullvm"; - packageId = "windows_aarch64_gnullvm 0.52.6"; - target = { target, features }: (target.name == "aarch64-pc-windows-gnullvm"); - } - { - name = "windows_aarch64_msvc"; - packageId = "windows_aarch64_msvc 0.52.6"; - target = { target, features }: (("aarch64" == target."arch" or null) && ("msvc" == target."env" or null) && (!(target."windows_raw_dylib" or false))); - } - { - name = "windows_i686_gnu"; - packageId = "windows_i686_gnu 0.52.6"; - target = { target, features }: (("x86" == target."arch" or null) && ("gnu" == target."env" or null) && (!("llvm" == target."abi" or null)) && (!(target."windows_raw_dylib" or false))); - } - { - name = "windows_i686_gnullvm"; - packageId = "windows_i686_gnullvm 0.52.6"; - target = { target, features }: (target.name == "i686-pc-windows-gnullvm"); - } - { - name = "windows_i686_msvc"; - packageId = "windows_i686_msvc 0.52.6"; - target = { target, features }: (("x86" == target."arch" or null) && ("msvc" == target."env" or null) && (!(target."windows_raw_dylib" or false))); - } - { - name = "windows_x86_64_gnu"; - packageId = "windows_x86_64_gnu 0.52.6"; - target = { target, features }: (("x86_64" == target."arch" or null) && ("gnu" == target."env" or null) && (!("llvm" == target."abi" or null)) && (!(target."windows_raw_dylib" or false))); - } - { - name = "windows_x86_64_gnullvm"; - packageId = "windows_x86_64_gnullvm 0.52.6"; - target = { target, features }: (target.name == "x86_64-pc-windows-gnullvm"); - } - { - name = "windows_x86_64_msvc"; - packageId = "windows_x86_64_msvc 0.52.6"; - target = { target, features }: ((("x86_64" == target."arch" or null) || ("arm64ec" == target."arch" or null)) && ("msvc" == target."env" or null) && (!(target."windows_raw_dylib" or false))); - } - ]; - - }; - "windows-targets 0.53.5" = rec { - crateName = "windows-targets"; - version = "0.53.5"; - edition = "2021"; - sha256 = "1wv9j2gv3l6wj3gkw5j1kr6ymb5q6dfc42yvydjhv3mqa7szjia9"; - libName = "windows_targets"; - dependencies = [ - { - name = "windows-link"; - packageId = "windows-link"; - usesDefaultFeatures = false; - target = { target, features }: (target."windows_raw_dylib" or false); - } - { - name = "windows_aarch64_gnullvm"; - packageId = "windows_aarch64_gnullvm 0.53.1"; - target = { target, features }: (target.name == "aarch64-pc-windows-gnullvm"); + name = "windows_aarch64_gnullvm"; + packageId = "windows_aarch64_gnullvm"; + target = { target, features }: (target.name == "aarch64-pc-windows-gnullvm"); } { name = "windows_aarch64_msvc"; - packageId = "windows_aarch64_msvc 0.53.1"; + packageId = "windows_aarch64_msvc"; target = { target, features }: (("aarch64" == target."arch" or null) && ("msvc" == target."env" or null) && (!(target."windows_raw_dylib" or false))); } { name = "windows_i686_gnu"; - packageId = "windows_i686_gnu 0.53.1"; + packageId = "windows_i686_gnu"; target = { target, features }: (("x86" == target."arch" or null) && ("gnu" == target."env" or null) && (!("llvm" == target."abi" or null)) && (!(target."windows_raw_dylib" or false))); } { name = "windows_i686_gnullvm"; - packageId = "windows_i686_gnullvm 0.53.1"; + packageId = "windows_i686_gnullvm"; target = { target, features }: (target.name == "i686-pc-windows-gnullvm"); } { name = "windows_i686_msvc"; - packageId = "windows_i686_msvc 0.53.1"; + packageId = "windows_i686_msvc"; target = { target, features }: (("x86" == target."arch" or null) && ("msvc" == target."env" or null) && (!(target."windows_raw_dylib" or false))); } { name = "windows_x86_64_gnu"; - packageId = "windows_x86_64_gnu 0.53.1"; + packageId = "windows_x86_64_gnu"; target = { target, features }: (("x86_64" == target."arch" or null) && ("gnu" == target."env" or null) && (!("llvm" == target."abi" or null)) && (!(target."windows_raw_dylib" or false))); } { name = "windows_x86_64_gnullvm"; - packageId = "windows_x86_64_gnullvm 0.53.1"; + packageId = "windows_x86_64_gnullvm"; target = { target, features }: (target.name == "x86_64-pc-windows-gnullvm"); } { name = "windows_x86_64_msvc"; - packageId = "windows_x86_64_msvc 0.53.1"; + packageId = "windows_x86_64_msvc"; target = { target, features }: ((("x86_64" == target."arch" or null) || ("arm64ec" == target."arch" or null)) && ("msvc" == target."env" or null) && (!(target."windows_raw_dylib" or false))); } ]; }; - "windows_aarch64_gnullvm 0.52.6" = rec { + "windows_aarch64_gnullvm" = rec { crateName = "windows_aarch64_gnullvm"; version = "0.52.6"; edition = "2021"; @@ -14115,14 +13853,7 @@ rec { ]; }; - "windows_aarch64_gnullvm 0.53.1" = rec { - crateName = "windows_aarch64_gnullvm"; - version = "0.53.1"; - edition = "2021"; - sha256 = "0lqvdm510mka9w26vmga7hbkmrw9glzc90l4gya5qbxlm1pl3n59"; - - }; - "windows_aarch64_msvc 0.52.6" = rec { + "windows_aarch64_msvc" = rec { crateName = "windows_aarch64_msvc"; version = "0.52.6"; edition = "2021"; @@ -14132,14 +13863,7 @@ rec { ]; }; - "windows_aarch64_msvc 0.53.1" = rec { - crateName = "windows_aarch64_msvc"; - version = "0.53.1"; - edition = "2021"; - sha256 = "01jh2adlwx043rji888b22whx4bm8alrk3khjpik5xn20kl85mxr"; - - }; - "windows_i686_gnu 0.52.6" = rec { + "windows_i686_gnu" = rec { crateName = "windows_i686_gnu"; version = "0.52.6"; edition = "2021"; @@ -14149,14 +13873,7 @@ rec { ]; }; - "windows_i686_gnu 0.53.1" = rec { - crateName = "windows_i686_gnu"; - version = "0.53.1"; - edition = "2021"; - sha256 = "18wkcm82ldyg4figcsidzwbg1pqd49jpm98crfz0j7nqd6h6s3ln"; - - }; - "windows_i686_gnullvm 0.52.6" = rec { + "windows_i686_gnullvm" = rec { crateName = "windows_i686_gnullvm"; version = "0.52.6"; edition = "2021"; @@ -14166,14 +13883,7 @@ rec { ]; }; - "windows_i686_gnullvm 0.53.1" = rec { - crateName = "windows_i686_gnullvm"; - version = "0.53.1"; - edition = "2021"; - sha256 = "030qaxqc4salz6l4immfb6sykc6gmhyir9wzn2w8mxj8038mjwzs"; - - }; - "windows_i686_msvc 0.52.6" = rec { + "windows_i686_msvc" = rec { crateName = "windows_i686_msvc"; version = "0.52.6"; edition = "2021"; @@ -14183,14 +13893,7 @@ rec { ]; }; - "windows_i686_msvc 0.53.1" = rec { - crateName = "windows_i686_msvc"; - version = "0.53.1"; - edition = "2021"; - sha256 = "1hi6scw3mn2pbdl30ji5i4y8vvspb9b66l98kkz350pig58wfyhy"; - - }; - "windows_x86_64_gnu 0.52.6" = rec { + "windows_x86_64_gnu" = rec { crateName = "windows_x86_64_gnu"; version = "0.52.6"; edition = "2021"; @@ -14200,14 +13903,7 @@ rec { ]; }; - "windows_x86_64_gnu 0.53.1" = rec { - crateName = "windows_x86_64_gnu"; - version = "0.53.1"; - edition = "2021"; - sha256 = "16d4yiysmfdlsrghndr97y57gh3kljkwhfdbcs05m1jasz6l4f4w"; - - }; - "windows_x86_64_gnullvm 0.52.6" = rec { + "windows_x86_64_gnullvm" = rec { crateName = "windows_x86_64_gnullvm"; version = "0.52.6"; edition = "2021"; @@ -14217,14 +13913,7 @@ rec { ]; }; - "windows_x86_64_gnullvm 0.53.1" = rec { - crateName = "windows_x86_64_gnullvm"; - version = "0.53.1"; - edition = "2021"; - sha256 = "1qbspgv4g3q0vygkg8rnql5c6z3caqv38japiynyivh75ng1gyhg"; - - }; - "windows_x86_64_msvc 0.52.6" = rec { + "windows_x86_64_msvc" = rec { crateName = "windows_x86_64_msvc"; version = "0.52.6"; edition = "2021"; @@ -14233,19 +13922,12 @@ rec { "Microsoft" ]; - }; - "windows_x86_64_msvc 0.53.1" = rec { - crateName = "windows_x86_64_msvc"; - version = "0.53.1"; - edition = "2021"; - sha256 = "0l6npq76vlq4ksn4bwsncpr8508mk0gmznm6wnhjg95d19gzzfyn"; - }; "winnow" = rec { crateName = "winnow"; - version = "0.7.14"; + version = "1.0.2"; edition = "2021"; - sha256 = "0a88ahjqhyn2ln1yplq2xsigm09kxqkdkkk2c2mfxkbzszln8lss"; + sha256 = "1l7xnfvlgy4da6gq5ip2bgcm8i9d0rwzaxg1p88nlw8lxy5p1q9f"; dependencies = [ { name = "memchr"; @@ -14255,38 +13937,42 @@ rec { } ]; features = { + "ascii" = [ "parser" ]; + "binary" = [ "parser" ]; "debug" = [ "std" "dep:anstream" "dep:anstyle" "dep:is_terminal_polyfill" "dep:terminal_size" ]; - "default" = [ "std" ]; + "default" = [ "std" "ascii" "binary" ]; "simd" = [ "dep:memchr" ]; "std" = [ "alloc" "memchr?/std" ]; - "unstable-doc" = [ "alloc" "std" "simd" "unstable-recover" ]; + "unstable-doc" = [ "alloc" "std" "ascii" "binary" "simd" "unstable-recover" ]; + "unstable-recover" = [ "parser" ]; }; - resolvedDefaultFeatures = [ "alloc" "default" "std" ]; + resolvedDefaultFeatures = [ "alloc" "ascii" "binary" "default" "parser" "std" ]; }; "wit-bindgen" = rec { crateName = "wit-bindgen"; - version = "0.51.0"; + version = "0.57.1"; edition = "2024"; - sha256 = "19fazgch8sq5cvjv3ynhhfh5d5x08jq2pkw8jfb05vbcyqcr496p"; + sha256 = "0vjk2jb593ri9k1aq4iqs2si9mrw5q46wxnn78im7hm7hx799gqy"; libName = "wit_bindgen"; authors = [ "Alex Crichton " ]; features = { - "async" = [ "std" "wit-bindgen-rust-macro?/async" ]; - "async-spawn" = [ "async" "dep:futures" ]; + "async-spawn" = [ "async" "dep:futures" "std" ]; "bitflags" = [ "dep:bitflags" ]; - "default" = [ "macros" "realloc" "async" "std" "bitflags" ]; + "default" = [ "macros" "realloc" "async" "std" "bitflags" "macro-string" ]; + "futures-stream" = [ "async" "dep:futures" ]; "inter-task-wakeup" = [ "async" ]; + "macro-string" = [ "wit-bindgen-rust-macro?/macro-string" ]; "macros" = [ "dep:wit-bindgen-rust-macro" ]; "rustc-dep-of-std" = [ "dep:core" "dep:alloc" ]; }; }; "writeable" = rec { crateName = "writeable"; - version = "0.6.2"; + version = "0.6.3"; edition = "2021"; - sha256 = "1fg08y97n6vk7l0rnjggw3xyrii6dcqg54wqaxldrlk98zdy1pcy"; + sha256 = "1i54d13h9bpap2hf13xcry1s4lxh7ap3923g8f3c0grd7c9fbyhz"; authors = [ "The ICU4X Project Developers" ]; @@ -14382,9 +14068,9 @@ rec { }; "yoke" = rec { crateName = "yoke"; - version = "0.8.1"; + version = "0.8.2"; edition = "2021"; - sha256 = "0m29dm0bf5iakxgma0bj6dbmc3b8qi9b1vaw9sa76kdqmz3fbmkj"; + sha256 = "1jprcs7a98a5whvfs6r3jvfh1nnfp6zyijl7y4ywmn88lzywbs5b"; authors = [ "Manish Goregaokar " ]; @@ -14417,9 +14103,9 @@ rec { }; "yoke-derive" = rec { crateName = "yoke-derive"; - version = "0.8.1"; + version = "0.8.2"; edition = "2021"; - sha256 = "0pbyja133jnng4mrhimzdq4a0y26421g734ybgz8wsgbfhl0andn"; + sha256 = "13l5y5sz4lqm7rmyakjbh6vwgikxiql51xfff9hq2j485hk4r16y"; procMacro = true; libName = "yoke_derive"; authors = [ @@ -14448,9 +14134,9 @@ rec { }; "zerocopy" = rec { crateName = "zerocopy"; - version = "0.8.40"; + version = "0.8.48"; edition = "2021"; - sha256 = "1r9j2mlb54q1l9pgall3mk0gg6cprhdncvbbgsgxnxmmj3jcd2d7"; + sha256 = "1sb8plax8jbrsng1jdval7bdhk7hhrx40dz3hwh074k6knzkgm7f"; authors = [ "Joshua Liebow-Feeser " "Jack Wrenn " @@ -14484,9 +14170,9 @@ rec { }; "zerocopy-derive" = rec { crateName = "zerocopy-derive"; - version = "0.8.40"; + version = "0.8.48"; edition = "2021"; - sha256 = "0lsrhg5nvf0c40z644a014l2nrvh7xw0ff3i9744k9vif2d4hp7n"; + sha256 = "1m5s0g92cxggqc74j83k1priz24k3z93sj5gadppd20p9c4cvqvh"; procMacro = true; libName = "zerocopy_derive"; authors = [ @@ -14519,9 +14205,9 @@ rec { }; "zerofrom" = rec { crateName = "zerofrom"; - version = "0.1.6"; + version = "0.1.7"; edition = "2021"; - sha256 = "19dyky67zkjichsb7ykhv0aqws3q0jfvzww76l66c19y6gh45k2h"; + sha256 = "1py40in4rirc9q8w36q67pld0zk8ssg024xhh0cncxgal7ra3yk9"; authors = [ "Manish Goregaokar " ]; @@ -14541,9 +14227,9 @@ rec { }; "zerofrom-derive" = rec { crateName = "zerofrom-derive"; - version = "0.1.6"; + version = "0.1.7"; edition = "2021"; - sha256 = "00l5niw7c1b0lf1vhvajpjmcnbdp2vn96jg4nmkhq2db0rp5s7np"; + sha256 = "18c4wsnznhdxx6m80piil1lbyszdiwsshgjrybqcm4b6qic22lqi"; procMacro = true; libName = "zerofrom_derive"; authors = [ @@ -14622,9 +14308,9 @@ rec { }; "zerotrie" = rec { crateName = "zerotrie"; - version = "0.2.3"; + version = "0.2.4"; edition = "2021"; - sha256 = "0lbqznlqazmrwwzslw0ci7p3pqxykrbfhq29npj0gmb2amxc2n9a"; + sha256 = "1gr0pkcn3qsr6in6iixqyp0vbzwf2j1jzyvh7yl2yydh3p9m548g"; authors = [ "The ICU4X Project Developers" ]; @@ -14649,7 +14335,9 @@ rec { } ]; features = { + "alloc" = [ "zerovec?/alloc" ]; "databake" = [ "dep:databake" "zerovec?/databake" ]; + "dense" = [ "dep:zerovec" ]; "litemap" = [ "dep:litemap" "alloc" ]; "serde" = [ "dep:serde_core" "dep:litemap" "alloc" "litemap/serde" "zerovec?/serde" ]; "yoke" = [ "dep:yoke" ]; @@ -14660,9 +14348,9 @@ rec { }; "zerovec" = rec { crateName = "zerovec"; - version = "0.11.5"; + version = "0.11.6"; edition = "2021"; - sha256 = "00m0p47k2g9mkv505hky5xh3r6ps7v8qc0dy4pspg542jj972a3c"; + sha256 = "0fdjsy6b31q9i0d73sl7xjd12xadbwi45lkpfgqnmasrqg5i3ych"; authors = [ "The ICU4X Project Developers" ]; @@ -14685,11 +14373,20 @@ rec { usesDefaultFeatures = false; } ]; + devDependencies = [ + { + name = "yoke"; + packageId = "yoke"; + usesDefaultFeatures = false; + features = [ "derive" ]; + } + ]; features = { "alloc" = [ "serde?/alloc" ]; "databake" = [ "dep:databake" ]; "derive" = [ "dep:zerovec-derive" ]; "hashmap" = [ "dep:twox-hash" "alloc" ]; + "schemars" = [ "dep:schemars" "alloc" ]; "serde" = [ "dep:serde" ]; "yoke" = [ "dep:yoke" ]; }; @@ -14697,9 +14394,9 @@ rec { }; "zerovec-derive" = rec { crateName = "zerovec-derive"; - version = "0.11.2"; + version = "0.11.3"; edition = "2021"; - sha256 = "1wsig4h5j7a1scd5hrlnragnazjny9qjc44hancb6p6a76ay7p7a"; + sha256 = "0m85qj92mmfvhjra6ziqky5b1p4kcmp5069k7kfadp5hr8jw8pb2"; procMacro = true; libName = "zerovec_derive"; authors = [ diff --git a/Cargo.toml b/Cargo.toml index 12c82c4..2aa701c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,7 +15,6 @@ stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", built = { version = "0.8.0", features = ["chrono", "git2"] } clap = "4.5" futures = { version = "0.3", features = ["compat"] } -json-patch = "4.2" pretty_assertions = "1.4" regex = "1.11" rstest = "0.26" diff --git a/rust/operator-binary/Cargo.toml b/rust/operator-binary/Cargo.toml index 6a23107..d3a8976 100644 --- a/rust/operator-binary/Cargo.toml +++ b/rust/operator-binary/Cargo.toml @@ -14,7 +14,6 @@ stackable-operator.workspace = true clap.workspace = true futures.workspace = true -json-patch.workspace = true regex.workspace = true serde.workspace = true serde_json.workspace = true diff --git a/rust/operator-binary/src/controller/build/role_builder.rs b/rust/operator-binary/src/controller/build/role_builder.rs index cd59459..53aa7b6 100644 --- a/rust/operator-binary/src/controller/build/role_builder.rs +++ b/rust/operator-binary/src/controller/build/role_builder.rs @@ -769,15 +769,15 @@ mod tests { ], }, "data": { - "action_groups.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"actiongroups\"}}", - "allowlist.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"allowlist\"},\"config\":{\"enabled\":false}}", - "audit.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"audit\"},\"config\":{\"enabled\":false}}", - "config.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"config\"},\"config\":{\"dynamic\":{\"authc\":{},\"authz\":{},\"http\":{}}}}", - "internal_users.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"internalusers\"}}", - "nodes_dn.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"nodesdn\"}}", - "roles.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"roles\"}}", - "roles_mapping.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"rolesmapping\"}}", - "tenants.yml": "{\"_meta\":{\"config_version\":2,\"type\":\"tenants\"}}", + "action_groups.yml": "_meta:\n config_version: 2\n type: actiongroups\n", + "allowlist.yml": "_meta:\n config_version: 2\n type: allowlist\nconfig:\n enabled: false\n", + "audit.yml": "_meta:\n config_version: 2\n type: audit\nconfig:\n enabled: false\n", + "config.yml": "_meta:\n config_version: 2\n type: config\nconfig:\n dynamic:\n authc: {}\n authz: {}\n http: {}\n", + "internal_users.yml": "_meta:\n config_version: 2\n type: internalusers\n", + "nodes_dn.yml": "_meta:\n config_version: 2\n type: nodesdn\n", + "roles.yml": "_meta:\n config_version: 2\n type: roles\n", + "roles_mapping.yml": "_meta:\n config_version: 2\n type: rolesmapping\n", + "tenants.yml": "_meta:\n config_version: 2\n type: tenants\n", }, }), security_config_map diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index 74e6852..bfb7123 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -3,7 +3,9 @@ use std::{borrow::Cow, collections::BTreeMap}; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use serde_json::json; -use stackable_operator::{config::merge::Merge, schemars, utils::crds::raw_object_schema}; +use stackable_operator::{ + config::merge::Merge, k8s_openapi::DeepMerge, schemars, utils::crds::raw_object_schema, +}; // Variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] that implements // Merge @@ -42,9 +44,9 @@ impl JsonConfigOverrides { pub fn apply(&self, base: &serde_json::Value) -> Cow<'_, serde_json::Value> { match self { Self::JsonMergePatch(patch) => { - let mut doc = base.clone(); - json_patch::merge(&mut doc, patch); - Cow::Owned(doc) + let mut merged = base.clone(); + merged.merge_from(patch.clone()); + Cow::Owned(merged) } Self::UserProvided(content) => Cow::Borrowed(content), } @@ -64,17 +66,17 @@ impl Merge for JsonConfigOverrides { JsonConfigOverrides::JsonMergePatch(patch), JsonConfigOverrides::JsonMergePatch(base), ) => { - let mut doc = base.clone(); - json_patch::merge(&mut doc, patch); - *self = JsonConfigOverrides::JsonMergePatch(doc); + let mut merged = base.clone(); + merged.merge_from(patch.clone()); + *self = JsonConfigOverrides::JsonMergePatch(merged); } ( JsonConfigOverrides::JsonMergePatch(patch), JsonConfigOverrides::UserProvided(base), ) => { - let mut doc = base.clone(); - json_patch::merge(&mut doc, patch); - *self = JsonConfigOverrides::UserProvided(doc); + let mut merged = base.clone(); + merged.merge_from(patch.clone()); + *self = JsonConfigOverrides::UserProvided(merged); } (JsonConfigOverrides::UserProvided(patch), _) => { *self = JsonConfigOverrides::UserProvided(patch.clone()); From ca2fe91c4c348483b4f2212216e4bb83b7fc6404 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Tue, 5 May 2026 17:47:26 +0200 Subject: [PATCH 09/17] chore: Revise the code and fix the tests --- rust/operator-binary/src/controller.rs | 12 +- rust/operator-binary/src/controller/build.rs | 5 +- .../src/controller/build/node_config.rs | 156 ++++++------------ .../src/controller/build/role_builder.rs | 10 +- .../controller/build/role_group_builder.rs | 4 +- .../src/controller/validate.rs | 67 ++++---- rust/operator-binary/src/crd/mod.rs | 40 +---- .../src/framework/builder/pod/container.rs | 8 +- .../src/framework/config_overrides.rs | 149 ++++++++++++++++- .../src/framework/role_utils.rs | 12 +- .../21-install-opensearch-1.yaml.j2 | 35 ++-- .../51-install-opensearch-2.yaml.j2 | 37 +++-- .../external-access/20_opensearch.yaml.j2 | 17 +- .../kuttl/ldap/21-install-opensearch.yaml.j2 | 17 +- .../logging/20-install-opensearch.yaml.j2 | 17 +- .../metrics/20-install-opensearch.yaml.j2 | 17 +- .../11-install-opensearch.yaml.j2 | 17 +- .../11-install-opensearch.yaml.j2 | 21 +-- .../10-install-opensearch.yaml.j2 | 17 +- .../kuttl/smoke/10-install-opensearch.yaml.j2 | 8 +- 20 files changed, 376 insertions(+), 290 deletions(-) diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index 262968d..a686ee6 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -40,6 +40,7 @@ use crate::{ crd::v1alpha1, framework::{ HasName, HasUid, NameIsValidLabelValue, + config_overrides::JsonConfigOverrides, product_logging::framework::{ValidatedContainerLogConfigChoice, VectorContainerLogConfig}, role_utils::{GenericCommonConfig, RoleGroupConfig}, types::{ @@ -149,7 +150,7 @@ impl ReconcilerError for Error { type OpenSearchRoleGroupConfig = RoleGroupConfig< ValidatedOpenSearchConfig, GenericCommonConfig, - v1alpha1::OpenSearchConfigOverrides, + ValidatedOpenSearchConfigOverrides, >; type OpenSearchNodeResources = @@ -173,6 +174,11 @@ pub struct ValidatedOpenSearchConfig { pub termination_grace_period_seconds: i64, } +#[derive(Clone, Debug, Default, PartialEq)] +pub struct ValidatedOpenSearchConfigOverrides { + pub opensearch_yml: JsonConfigOverrides, +} + /// Validated log configuration per container #[derive(Clone, Debug, PartialEq)] pub struct ValidatedLogging { @@ -505,7 +511,7 @@ mod tests { use crate::{ controller::{ OpenSearchNodeResources, ValidatedNodeRole, ValidatedNodeRoles, - ValidatedOpenSearchConfig, ValidatedSecurity, + ValidatedOpenSearchConfig, ValidatedOpenSearchConfigOverrides, ValidatedSecurity, }, crd::v1alpha1, framework::{ @@ -661,7 +667,7 @@ mod tests { resources: OpenSearchNodeResources::default(), termination_grace_period_seconds: 120, }, - config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), + config_overrides: ValidatedOpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/build.rs b/rust/operator-binary/src/controller/build.rs index 8e7c389..6f374bf 100644 --- a/rust/operator-binary/src/controller/build.rs +++ b/rust/operator-binary/src/controller/build.rs @@ -82,7 +82,8 @@ mod tests { controller::{ ContextNames, OpenSearchNodeResources, OpenSearchRoleGroupConfig, ValidatedCluster, ValidatedContainerLogConfigChoice, ValidatedDiscoveryEndpoint, ValidatedLogging, - ValidatedNodeRole, ValidatedNodeRoles, ValidatedOpenSearchConfig, ValidatedSecurity, + ValidatedNodeRole, ValidatedNodeRoles, ValidatedOpenSearchConfig, + ValidatedOpenSearchConfigOverrides, ValidatedSecurity, }, crd::v1alpha1, framework::{ @@ -245,7 +246,7 @@ mod tests { resources: OpenSearchNodeResources::default(), termination_grace_period_seconds: 120, }, - config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), + config_overrides: ValidatedOpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/build/node_config.rs b/rust/operator-binary/src/controller/build/node_config.rs index fd32028..d152378 100644 --- a/rust/operator-binary/src/controller/build/node_config.rs +++ b/rust/operator-binary/src/controller/build/node_config.rs @@ -176,7 +176,7 @@ impl NodeConfig { /// Creates the main OpenSearch configuration file in YAML format pub fn opensearch_config_file_content(&self) -> String { serde_yaml::to_string(&self.opensearch_config()) - .expect("serde_json::Value should always be serializable") + .expect("serde_json::Value should always be serializable as a string of YAML") } pub fn opensearch_config(&self) -> serde_json::Value { @@ -184,14 +184,13 @@ impl NodeConfig { config.merge_from(self.tls_config()); - let json_config_overrides: JsonConfigOverrides = self + let overrides: JsonConfigOverrides = self .role_group_config .config_overrides .opensearch_yml - .clone() - .into(); + .clone(); - json_config_overrides.apply(&config).into_owned() + overrides.apply(&config).into_owned() } /// Creates the main OpenSearch configuration file as JSON map @@ -199,62 +198,42 @@ impl NodeConfig { /// The file should only contain cluster-wide configuration options. Node-specific options /// should be defined as environment variables. pub fn static_opensearch_config(&self) -> serde_json::Value { - let mut config = serde_json::Map::new(); - - config.insert( - CONFIG_OPTION_CLUSTER_NAME.to_owned(), - json!(self.cluster.name.to_string()), - ); - config.insert( - CONFIG_OPTION_NETWORK_HOST.to_owned(), + let mut config = json!({ + CONFIG_OPTION_CLUSTER_NAME: self.cluster.name, // Bind to all interfaces because the IP address is not known in advance. - json!("0.0.0.0".to_owned()), - ); - config.insert( - CONFIG_OPTION_DISCOVERY_TYPE.to_owned(), - json!(self.discovery_type()), - ); - config.insert - // Accept certificates generated by the secret-operator - ( - CONFIG_OPTION_PLUGINS_SECURITY_NODES_DN.to_owned(), - json!(["CN=generated certificate for pod".to_owned()]), - ); - config.insert( - CONFIG_OPTION_NODE_ATTR_ROLE_GROUP.to_owned(), - json!(self.role_group_name), - ); - config.insert( - CONFIG_OPTION_PATH_LOGS.to_owned(), - json!(format!( + CONFIG_OPTION_NETWORK_HOST: "0.0.0.0", + CONFIG_OPTION_DISCOVERY_TYPE: self.discovery_type(), + // Accept certificates generated by the secret-operator + CONFIG_OPTION_PLUGINS_SECURITY_NODES_DN: [ + "CN=generated certificate for pod" + ], + CONFIG_OPTION_NODE_ATTR_ROLE_GROUP: self.role_group_name, + CONFIG_OPTION_PATH_LOGS: format!( "{STACKABLE_LOG_DIR}/{container}", container = v1alpha1::Container::OpenSearch.to_container_name() - )), - ); + ), + }); - match self.role_group_security_mode { + config.merge_from(match self.role_group_security_mode { RoleGroupSecurityMode::Initializing { .. } => { - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX.to_owned(), - json!(true), - ); + json!({ + CONFIG_OPTION_PLUGINS_SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX: true + }) } RoleGroupSecurityMode::Managing { .. } | RoleGroupSecurityMode::Participating { .. } => { - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_AUTHCZ_ADMIN_DN.to_owned(), - json!(self.super_admin_dn()), - ); + json!({ + CONFIG_OPTION_PLUGINS_SECURITY_AUTHCZ_ADMIN_DN: self.super_admin_dn() + }) } RoleGroupSecurityMode::Disabled => { - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_DISABLED.to_owned(), - json!(true), - ); + json!({ + CONFIG_OPTION_PLUGINS_SECURITY_DISABLED: true + }) } - }; + }); - json!(config) + config } /// Distinguished name (DN) of the super admin certificate @@ -264,7 +243,7 @@ impl NodeConfig { } pub fn tls_config(&self) -> serde_json::Value { - let mut config = serde_json::Map::new(); + let mut config = json!({}); let opensearch_path_conf = self.opensearch_path_conf(); @@ -273,22 +252,12 @@ impl NodeConfig { .tls_internal_secret_class() .is_some() { - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_ENABLED.to_owned(), - json!(true), - ); - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_PEMCERT_FILEPATH.to_owned(), - json!(format!("{opensearch_path_conf}/tls/internal/tls.crt")), - ); - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_PEMKEY_FILEPATH.to_owned(), - json!(format!("{opensearch_path_conf}/tls/internal/tls.key")), - ); - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_PEMTRUSTEDCAS_FILEPATH.to_owned(), - json!(format!("{opensearch_path_conf}/tls/internal/ca.crt")), - ); + config.merge_from(json!({ + CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_ENABLED: true, + CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_PEMCERT_FILEPATH: format!("{opensearch_path_conf}/tls/internal/tls.crt"), + CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_PEMKEY_FILEPATH: format!("{opensearch_path_conf}/tls/internal/tls.key"), + CONFIG_OPTION_PLUGINS_SECURITY_SSL_TRANSPORT_PEMTRUSTEDCAS_FILEPATH: format!("{opensearch_path_conf}/tls/internal/ca.crt"), + })); } if self @@ -296,30 +265,19 @@ impl NodeConfig { .tls_server_secret_class() .is_some() { - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_ENABLED.to_owned(), - json!(true), - ); - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_PEMCERT_FILEPATH.to_owned(), - json!(format!("{opensearch_path_conf}/tls/server/tls.crt")), - ); - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_PEMKEY_FILEPATH.to_owned(), - json!(format!("{opensearch_path_conf}/tls/server/tls.key")), - ); - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_PEMTRUSTEDCAS_FILEPATH.to_owned(), - json!(format!("{opensearch_path_conf}/tls/server/ca.crt")), - ); + config.merge_from(json!({ + CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_ENABLED: true, + CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_PEMCERT_FILEPATH: format!("{opensearch_path_conf}/tls/server/tls.crt"), + CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_PEMKEY_FILEPATH: format!("{opensearch_path_conf}/tls/server/tls.key"), + CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_PEMTRUSTEDCAS_FILEPATH: format!("{opensearch_path_conf}/tls/server/ca.crt"), + })); } else { - config.insert( - CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_ENABLED.to_owned(), - json!(false), - ); + config.merge_from(json!({ + CONFIG_OPTION_PLUGINS_SECURITY_SSL_HTTP_ENABLED: false + })); } - json!(config) + config } /// Creates environment variables for the OpenSearch configurations @@ -542,10 +500,12 @@ mod tests { use super::*; use crate::{ - controller::{ValidatedLogging, ValidatedOpenSearchConfig, ValidatedSecurity}, + controller::{ + ValidatedLogging, ValidatedOpenSearchConfig, ValidatedOpenSearchConfigOverrides, + ValidatedSecurity, + }, crd::v1alpha1, framework::{ - config_overrides::KeyValueConfigOverrides, product_logging::framework::ValidatedContainerLogConfigChoice, role_utils::GenericCommonConfig, types::{ @@ -559,7 +519,7 @@ mod tests { struct TestConfig { replicas: u16, - config_settings: &'static [(&'static str, &'static str)], + config_settings: serde_json::Value, env_vars: &'static [(&'static str, &'static str)], } @@ -567,7 +527,7 @@ mod tests { fn default() -> Self { Self { replicas: 3, - config_settings: &[], + config_settings: json!({}), env_vars: &[], } } @@ -603,16 +563,8 @@ mod tests { resources: Resources::default(), termination_grace_period_seconds: 30, }, - config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: v1alpha1::ConfigOverridesChoice::KeyValue( - KeyValueConfigOverrides { - overrides: test_config - .config_settings - .iter() - .map(|(k, v)| (k.to_string(), Some(v.to_string()))) - .collect(), - }, - ), + config_overrides: ValidatedOpenSearchConfigOverrides { + opensearch_yml: JsonConfigOverrides::JsonMergePatch(test_config.config_settings), }, env_overrides: EnvVarSet::new().with_values( test_config @@ -693,7 +645,7 @@ mod tests { #[test] pub fn test_static_opensearch_config_file() { let node_config = node_config(TestConfig { - config_settings: &[("test", "value")], + config_settings: json!({"test": "value"}), ..TestConfig::default() }); diff --git a/rust/operator-binary/src/controller/build/role_builder.rs b/rust/operator-binary/src/controller/build/role_builder.rs index 53aa7b6..95979e0 100644 --- a/rust/operator-binary/src/controller/build/role_builder.rs +++ b/rust/operator-binary/src/controller/build/role_builder.rs @@ -225,8 +225,9 @@ impl<'a> RoleBuilder<'a> { { data.insert( file_type.filename.to_owned(), - serde_yaml::to_string(value) - .expect("serde_json::Value should be serializable"), + serde_yaml::to_string(value).expect( + "serde_json::Value should always be serializable as a string of YAML", + ), ); } } @@ -386,7 +387,8 @@ mod tests { controller::{ ContextNames, OpenSearchRoleGroupConfig, ValidatedCluster, ValidatedContainerLogConfigChoice, ValidatedDiscoveryEndpoint, ValidatedLogging, - ValidatedNodeRole, ValidatedOpenSearchConfig, ValidatedSecurity, + ValidatedNodeRole, ValidatedOpenSearchConfig, ValidatedOpenSearchConfigOverrides, + ValidatedSecurity, build::role_builder::{ discovery_config_map_name, discovery_service_listener_name, seed_nodes_service_name, }, @@ -447,7 +449,7 @@ mod tests { resources: Resources::default(), termination_grace_period_seconds: 30, }, - config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), + config_overrides: ValidatedOpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/build/role_group_builder.rs b/rust/operator-binary/src/controller/build/role_group_builder.rs index 38e8195..9273ecc 100644 --- a/rust/operator-binary/src/controller/build/role_group_builder.rs +++ b/rust/operator-binary/src/controller/build/role_group_builder.rs @@ -1465,7 +1465,7 @@ mod tests { controller::{ ContextNames, OpenSearchRoleGroupConfig, ValidatedCluster, ValidatedContainerLogConfigChoice, ValidatedLogging, ValidatedNodeRole, - ValidatedOpenSearchConfig, ValidatedSecurity, + ValidatedOpenSearchConfig, ValidatedOpenSearchConfigOverrides, ValidatedSecurity, build::role_group_builder::{ DISCOVERY_SERVICE_LISTENER_VOLUME_NAME, OPENSEARCH_KEYSTORE_VOLUME_NAME, TLS_INTERNAL_VOLUME_NAME, TLS_SERVER_CA_VOLUME_NAME, TLS_SERVER_VOLUME_NAME, @@ -1583,7 +1583,7 @@ mod tests { resources: Resources::default(), termination_grace_period_seconds: 30, }, - config_overrides: v1alpha1::OpenSearchConfigOverrides::default(), + config_overrides: ValidatedOpenSearchConfigOverrides::default(), env_overrides: EnvVarSet::default(), cli_overrides: BTreeMap::default(), pod_overrides: PodTemplateSpec::default(), diff --git a/rust/operator-binary/src/controller/validate.rs b/rust/operator-binary/src/controller/validate.rs index 28be4d7..543e455 100644 --- a/rust/operator-binary/src/controller/validate.rs +++ b/rust/operator-binary/src/controller/validate.rs @@ -16,7 +16,7 @@ use super::{ use crate::{ controller::{ DereferencedObjects, HTTP_PORT_NAME, ValidatedDiscoveryEndpoint, ValidatedNodeRole, - ValidatedNodeRoles, ValidatedSecurity, + ValidatedNodeRoles, ValidatedOpenSearchConfigOverrides, ValidatedSecurity, }, crd::{NodeRoles, OpenSearchRoleGroup, v1alpha1}, framework::{ @@ -231,6 +231,14 @@ fn validate_role_group_config( termination_grace_period_seconds, }; + let validated_config_overrides = ValidatedOpenSearchConfigOverrides { + opensearch_yml: merged_role_group + .config + .config_overrides + .opensearch_yml + .into(), + }; + let mut env_overrides = EnvVarSet::new(); for (env_var_name, env_var_value) in merged_role_group.config.env_overrides { @@ -244,7 +252,7 @@ fn validate_role_group_config( // Kubernetes defaults to 1 if not set replicas: merged_role_group.replicas.unwrap_or(1), config: validated_config, - config_overrides: merged_role_group.config.config_overrides, + config_overrides: validated_config_overrides, env_overrides, cli_overrides: merged_role_group.config.cli_overrides, pod_overrides: merged_role_group.config.pod_overrides, @@ -457,12 +465,13 @@ mod tests { built_info, controller::{ ContextNames, DereferencedObjects, ValidatedCluster, ValidatedDiscoveryEndpoint, - ValidatedLogging, ValidatedNodeRole, ValidatedOpenSearchConfig, ValidatedSecurity, + ValidatedLogging, ValidatedNodeRole, ValidatedOpenSearchConfig, + ValidatedOpenSearchConfigOverrides, ValidatedSecurity, }, crd::{NodeRoles, OpenSearchKeystoreKey, v1alpha1}, framework::{ builder::pod::container::{EnvVarName, EnvVarSet}, - config_overrides::{JsonConfigOverrides, KeyValueConfigOverrides}, + config_overrides::{JsonConfigOverrides, JsonOrKeyValueConfigOverrides}, product_logging::framework::{ ValidatedContainerLogConfigChoice, VectorContainerLogConfig, }, @@ -620,14 +629,12 @@ mod tests { }, termination_grace_period_seconds: 300, }, - config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: v1alpha1::ConfigOverridesChoice::Json( - JsonConfigOverrides::JsonMergePatch(json!({ - "setting1": "value from role level", - "setting2": "value from role-group level", - "setting3": "value from role-group level", - })), - ) + config_overrides: ValidatedOpenSearchConfigOverrides { + opensearch_yml: JsonConfigOverrides::JsonMergePatch(json!({ + "setting1": "value from role level", + "setting2": "value from role-group level", + "setting3": "value from role-group level", + }),) }, env_overrides: EnvVarSet::new().with_values([ ( @@ -1030,13 +1037,14 @@ mod tests { ..v1alpha1::OpenSearchConfigFragment::default() }, config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: v1alpha1::ConfigOverridesChoice::KeyValue(KeyValueConfigOverrides { - overrides: [ - ("setting1".to_owned(), Some("value from role level".to_owned())), - ("setting2".to_owned(), Some("value from role level".to_owned())), - ] - .into() - }) + opensearch_yml: JsonOrKeyValueConfigOverrides::Json( + JsonConfigOverrides::JsonMergePatch( + json!({ + "setting1": "value from role level", + "setting2": "value from role level", + }) + ) + ) }, env_overrides: [ ("ENV1".to_owned(), "value from role level".to_owned()), @@ -1076,19 +1084,14 @@ mod tests { ..v1alpha1::OpenSearchConfigFragment::default() }, config_overrides: v1alpha1::OpenSearchConfigOverrides { - opensearch_yml: v1alpha1::ConfigOverridesChoice::KeyValue(KeyValueConfigOverrides { - overrides: [ - ( - "setting2".to_owned(), - Some("value from role-group level".to_owned()), - ), - ( - "setting3".to_owned(), - Some("value from role-group level".to_owned()), - ), - ] - .into() - }) + opensearch_yml: JsonOrKeyValueConfigOverrides::Json( + JsonConfigOverrides::JsonMergePatch( + json!({ + "setting2": "value from role-group level", + "setting3": "value from role-group level", + }) + ) + ) }, env_overrides: [ ("ENV2".to_owned(), "value from role-group level".to_owned()), diff --git a/rust/operator-binary/src/crd/mod.rs b/rust/operator-binary/src/crd/mod.rs index d6fc1ae..a8842ec 100644 --- a/rust/operator-binary/src/crd/mod.rs +++ b/rust/operator-binary/src/crd/mod.rs @@ -33,7 +33,7 @@ use crate::{ attributed_string_type, constant, framework::{ NameIsValidLabelValue, - config_overrides::{JsonConfigOverrides, KeyValueConfigOverrides}, + config_overrides::JsonOrKeyValueConfigOverrides, role_utils::GenericCommonConfig, types::{ kubernetes::{ @@ -492,15 +492,7 @@ pub mod versioned { // File name defined in // [`crate::controller::build::node_config::CONFIGURATION_FILE_OPENSEARCH_YML`] #[serde(default, rename = "opensearch.yml")] - pub opensearch_yml: ConfigOverridesChoice, - } - - #[derive(Clone, Debug, Deserialize, JsonSchema, PartialEq, Serialize)] - #[serde(untagged)] - #[schemars(schema_with = "raw_object_schema")] - pub enum ConfigOverridesChoice { - Json(JsonConfigOverrides), - KeyValue(KeyValueConfigOverrides), + pub opensearch_yml: JsonOrKeyValueConfigOverrides, } #[derive(Clone, Default, Debug, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] @@ -515,34 +507,6 @@ pub mod versioned { } } -impl Default for v1alpha1::ConfigOverridesChoice { - fn default() -> Self { - v1alpha1::ConfigOverridesChoice::Json(JsonConfigOverrides::default()) - } -} - -impl From for JsonConfigOverrides { - fn from(value: v1alpha1::ConfigOverridesChoice) -> Self { - match value { - v1alpha1::ConfigOverridesChoice::KeyValue(key_value_config_overrides) => { - key_value_config_overrides.into() - } - v1alpha1::ConfigOverridesChoice::Json(json_config_overrides) => json_config_overrides, - } - } -} - -impl Merge for v1alpha1::ConfigOverridesChoice { - fn merge(&mut self, defaults: &Self) { - let mut self_json_config_overrides: JsonConfigOverrides = self.clone().into(); - let defaults_json_config_overrides = defaults.clone().into(); - - self_json_config_overrides.merge(&defaults_json_config_overrides); - - *self = v1alpha1::ConfigOverridesChoice::Json(self_json_config_overrides); - } -} - impl HasStatusCondition for v1alpha1::OpenSearchCluster { fn conditions(&self) -> Vec { match &self.status { diff --git a/rust/operator-binary/src/framework/builder/pod/container.rs b/rust/operator-binary/src/framework/builder/pod/container.rs index 53f5385..f5cb34b 100644 --- a/rust/operator-binary/src/framework/builder/pod/container.rs +++ b/rust/operator-binary/src/framework/builder/pod/container.rs @@ -1,4 +1,8 @@ -use std::{collections::BTreeMap, fmt::Display, str::FromStr}; +use std::{ + collections::{BTreeMap, btree_map}, + fmt::Display, + str::FromStr, +}; use snafu::Snafu; use stackable_operator::{ @@ -175,7 +179,7 @@ impl From for Vec { } impl IntoIterator for EnvVarSet { - type IntoIter = std::collections::btree_map::IntoValues; + type IntoIter = btree_map::IntoValues; type Item = EnvVar; fn into_iter(self) -> Self::IntoIter { diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index bfb7123..8e13c96 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -21,8 +21,8 @@ pub struct KeyValueConfigOverrides { // Variant of [`stackable_operator::config_overrides::JsonConfigOverrides`] with the following // changes: -// - It implements Default. -// - It implements Merge. +// - Implements Default +// - Implements Merge // - The JsonPatches variant was removed because it could fail in the build stage. // - The UserProvided variant also contains a JSON value instead of a string. /// ConfigOverrides that can be applied to a JSON file. @@ -91,14 +91,157 @@ impl From for JsonConfigOverrides { } } +/// Combination of [`JsonConfigOverrides`] and [`KeyValueConfigOverrides`] +/// +/// Provides a backwards-compatible way to supply config overrides either as key-value pairs or as +/// a JSON value. +#[derive(Clone, Debug, Deserialize, JsonSchema, PartialEq, Serialize)] +#[serde(untagged)] +#[schemars(schema_with = "raw_object_schema")] +pub enum JsonOrKeyValueConfigOverrides { + Json(JsonConfigOverrides), + KeyValue(KeyValueConfigOverrides), +} + +impl Default for JsonOrKeyValueConfigOverrides { + fn default() -> Self { + Self::Json(JsonConfigOverrides::default()) + } +} + +impl From for JsonConfigOverrides { + fn from(value: JsonOrKeyValueConfigOverrides) -> Self { + match value { + JsonOrKeyValueConfigOverrides::KeyValue(key_value_config_overrides) => { + key_value_config_overrides.into() + } + JsonOrKeyValueConfigOverrides::Json(json_config_overrides) => json_config_overrides, + } + } +} + +impl Merge for JsonOrKeyValueConfigOverrides { + fn merge(&mut self, defaults: &Self) { + let mut self_json_config_overrides: JsonConfigOverrides = self.clone().into(); + let defaults_json_config_overrides = defaults.clone().into(); + + self_json_config_overrides.merge(&defaults_json_config_overrides); + + *self = Self::Json(self_json_config_overrides); + } +} + #[cfg(test)] mod tests { use serde_json::json; + use stackable_operator::config::merge; use super::*; #[test] - fn json_config_overrides_from_key_value_config_overrides() { + fn test_json_config_overrides_apply() { + let base = json!({ + "keyA": "valueA1", + "keyB": "valueB1" + }); + + let json_merge_patch = JsonConfigOverrides::JsonMergePatch(json!({ + "keyA": "valueA2" + })); + + assert_eq!( + json!({ + "keyA": "valueA2", + "keyB": "valueB1" + }), + json_merge_patch.apply(&base).into_owned() + ); + + let user_provided = JsonConfigOverrides::UserProvided(json!({ + "keyB": "valueB2" + })); + + assert_eq!( + json!({ + "keyB": "valueB2", + }), + user_provided.apply(&base).into_owned() + ); + } + + #[test] + fn test_json_config_overrides_merge() { + let json_merge_patch = JsonConfigOverrides::JsonMergePatch(json!({ + "keyA": "base A", + "keyB": "base B" + })); + + let user_provided = JsonConfigOverrides::UserProvided(json!({ + "keyA": "base A", + "keyB": "base B" + })); + + assert_eq!( + JsonConfigOverrides::JsonMergePatch(json!({ + "keyA": "base A", + "keyB": "patch B", + "keyC": "patch C" + })), + merge::merge( + JsonConfigOverrides::JsonMergePatch(json!({ + "keyB": "patch B", + "keyC": "patch C" + })), + &json_merge_patch + ) + ); + + assert_eq!( + JsonConfigOverrides::UserProvided(json!({ + "keyA": "base A", + "keyB": "patch B", + "keyC": "patch C" + })), + merge::merge( + JsonConfigOverrides::JsonMergePatch(json!({ + "keyB": "patch B", + "keyC": "patch C" + })), + &user_provided + ) + ); + + assert_eq!( + JsonConfigOverrides::UserProvided(json!({ + "keyB": "patch B", + "keyC": "patch C" + })), + merge::merge( + JsonConfigOverrides::UserProvided(json!({ + "keyB": "patch B", + "keyC": "patch C" + })), + &json_merge_patch + ) + ); + + assert_eq!( + JsonConfigOverrides::UserProvided(json!({ + "keyB": "patch B", + "keyC": "patch C" + })), + merge::merge( + JsonConfigOverrides::UserProvided(json!({ + "keyB": "patch B", + "keyC": "patch C" + })), + &user_provided + ) + ); + } + + #[test] + fn test_json_config_overrides_from_key_value_config_overrides() { let key_value_config_overrides = KeyValueConfigOverrides { overrides: [("a".to_owned(), Some("b".to_owned()))].into(), }; diff --git a/rust/operator-binary/src/framework/role_utils.rs b/rust/operator-binary/src/framework/role_utils.rs index b75e018..672b9a0 100644 --- a/rust/operator-binary/src/framework/role_utils.rs +++ b/rust/operator-binary/src/framework/role_utils.rs @@ -211,6 +211,7 @@ mod tests { use super::ResourceNames; use crate::framework::{ + config_overrides::KeyValueConfigOverrides, role_utils::with_validated_config, types::{ kubernetes::{ClusterRoleName, RoleBindingName, ServiceAccountName}, @@ -245,14 +246,11 @@ mod tests { property: Option, } - #[derive(Clone, Debug, Default, JsonSchema, Merge, PartialEq, Serialize)] - struct ConfigOverrides(HashMap>); - fn new_common_config( config: Config, override_value: Option<&str>, - ) -> CommonConfiguration { - let mut config_file_overrides = HashMap::new(); + ) -> CommonConfiguration { + let mut config_file_overrides = BTreeMap::new(); let mut env_overrides = HashMap::new(); let mut cli_overrides = BTreeMap::new(); @@ -264,7 +262,9 @@ mod tests { CommonConfiguration { config, - config_overrides: ConfigOverrides(config_file_overrides), + config_overrides: KeyValueConfigOverrides { + overrides: config_file_overrides, + }, env_overrides, cli_overrides, pod_overrides: PodTemplateSpec { diff --git a/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 b/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 index 7864cea..37ce1d3 100644 --- a/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 +++ b/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 @@ -74,26 +74,27 @@ spec: replicas: 1 configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" - plugins.security.authcz.admin_dn: CN=opensearch-1-admin-certificate - plugins.security.restapi.roles_enabled: all_access - plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/concatenated/ca.crt + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false + plugins.security.authcz.admin_dn: CN=opensearch-1-admin-certificate + plugins.security.restapi.roles_enabled: all_access + plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/concatenated/ca.crt {% if test_scenario['values']['s3-use-tls'] == 'true' %} - s3.client.default.endpoint: https://minio:9000/ - s3.client.default.protocol: https + s3.client.default.endpoint: https://minio:9000/ + s3.client.default.protocol: https {% else %} - s3.client.default.endpoint: http://minio:9000/ - s3.client.default.protocol: http + s3.client.default.endpoint: http://minio:9000/ + s3.client.default.protocol: http {% endif %} - s3.client.default.region: unused # but required - s3.client.default.path_style_access: "true" + s3.client.default.region: unused # but required + s3.client.default.path_style_access: true podOverrides: spec: initContainers: diff --git a/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 b/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 index e91ad3b..7a80855 100644 --- a/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 +++ b/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 @@ -74,26 +74,29 @@ spec: replicas: 1 configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" - plugins.security.authcz.admin_dn: CN=opensearch-2-admin-certificate - plugins.security.restapi.roles_enabled: all_access - plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/concatenated/ca.crt + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false + # Allows the test jobs to access the security REST API. + plugins.security.restapi.roles_enabled: all_access + plugins.security.authcz.admin_dn: CN=opensearch-2-admin-certificate + plugins.security.restapi.roles_enabled: all_access + plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/concatenated/ca.crt {% if test_scenario['values']['s3-use-tls'] == 'true' %} - s3.client.default.endpoint: https://minio:9000/ - s3.client.default.protocol: https + s3.client.default.endpoint: https://minio:9000/ + s3.client.default.protocol: https {% else %} - s3.client.default.endpoint: http://minio:9000/ - s3.client.default.protocol: http + s3.client.default.endpoint: http://minio:9000/ + s3.client.default.protocol: http {% endif %} - s3.client.default.region: unused # but required - s3.client.default.path_style_access: "true" + s3.client.default.region: unused # but required + s3.client.default.path_style_access: true podOverrides: spec: initContainers: diff --git a/tests/templates/kuttl/external-access/20_opensearch.yaml.j2 b/tests/templates/kuttl/external-access/20_opensearch.yaml.j2 index f6c35d9..1968f1d 100644 --- a/tests/templates/kuttl/external-access/20_opensearch.yaml.j2 +++ b/tests/templates/kuttl/external-access/20_opensearch.yaml.j2 @@ -47,11 +47,12 @@ spec: OPENSEARCH_HOME: {{ test_scenario['values']['opensearch_home'] }} configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false diff --git a/tests/templates/kuttl/ldap/21-install-opensearch.yaml.j2 b/tests/templates/kuttl/ldap/21-install-opensearch.yaml.j2 index cb8a248..67e2766 100644 --- a/tests/templates/kuttl/ldap/21-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/ldap/21-install-opensearch.yaml.j2 @@ -69,11 +69,12 @@ spec: OPENSEARCH_HOME: {{ test_scenario['values']['opensearch_home'] }} configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false diff --git a/tests/templates/kuttl/logging/20-install-opensearch.yaml.j2 b/tests/templates/kuttl/logging/20-install-opensearch.yaml.j2 index 2d77a76..0fa168e 100644 --- a/tests/templates/kuttl/logging/20-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/logging/20-install-opensearch.yaml.j2 @@ -89,14 +89,15 @@ spec: replicas: 1 configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false podOverrides: spec: containers: diff --git a/tests/templates/kuttl/metrics/20-install-opensearch.yaml.j2 b/tests/templates/kuttl/metrics/20-install-opensearch.yaml.j2 index 6915432..c4ab73c 100644 --- a/tests/templates/kuttl/metrics/20-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/metrics/20-install-opensearch.yaml.j2 @@ -75,11 +75,12 @@ spec: replicas: 3 configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false diff --git a/tests/templates/kuttl/opensearch-dashboards/11-install-opensearch.yaml.j2 b/tests/templates/kuttl/opensearch-dashboards/11-install-opensearch.yaml.j2 index 872495f..2412a39 100644 --- a/tests/templates/kuttl/opensearch-dashboards/11-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/opensearch-dashboards/11-install-opensearch.yaml.j2 @@ -80,11 +80,12 @@ spec: OPENSEARCH_HOME: {{ test_scenario['values']['opensearch_home'] }} configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false diff --git a/tests/templates/kuttl/security-config/11-install-opensearch.yaml.j2 b/tests/templates/kuttl/security-config/11-install-opensearch.yaml.j2 index da75fe2..02606ee 100644 --- a/tests/templates/kuttl/security-config/11-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/security-config/11-install-opensearch.yaml.j2 @@ -90,13 +90,14 @@ spec: replicas: 2 configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" - # Allows the test jobs to access the security REST API. - plugins.security.restapi.roles_enabled: all_access + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false + # Allows the test jobs to access the security REST API. + plugins.security.restapi.roles_enabled: all_access diff --git a/tests/templates/kuttl/security-disabled/10-install-opensearch.yaml.j2 b/tests/templates/kuttl/security-disabled/10-install-opensearch.yaml.j2 index 72655e0..c220405 100644 --- a/tests/templates/kuttl/security-disabled/10-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/security-disabled/10-install-opensearch.yaml.j2 @@ -38,11 +38,12 @@ spec: OPENSEARCH_HOME: {{ test_scenario['values']['opensearch_home'] }} configOverrides: opensearch.yml: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. - node.store.allow_mmap: "false" - # Disable the disk allocation decider in this test; Otherwise the test depends on the disk - # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. - cluster.routing.allocation.disk.threshold_enabled: "false" + jsonMergePatch: + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. + node.store.allow_mmap: false + # Disable the disk allocation decider in this test; Otherwise the test depends on the disk + # usage of the node and if the relative watermark set in + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. + cluster.routing.allocation.disk.threshold_enabled: false diff --git a/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 b/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 index 2c8ef67..90a2106 100644 --- a/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 +++ b/tests/templates/kuttl/smoke/10-install-opensearch.yaml.j2 @@ -106,11 +106,11 @@ spec: configOverrides: opensearch.yml: jsonMergePatch: - # Disable memory mapping in this test; If memory mapping were activated, the kernel setting - # vm.max_map_count would have to be increased to 262144 on the node. + # Disable memory mapping in this test; If memory mapping were activated, the kernel + # setting vm.max_map_count would have to be increased to 262144 on the node. node.store.allow_mmap: false # Disable the disk allocation decider in this test; Otherwise the test depends on the disk # usage of the node and if the relative watermark set in - # `cluster.routing.allocation.disk.watermark.high` is reached then the security index could - # not be created even if enough disk space would be available. + # `cluster.routing.allocation.disk.watermark.high` is reached then the security index + # could not be created even if enough disk space would be available. cluster.routing.allocation.disk.threshold_enabled: false From 010778e4225be862060b1ac7522088c3bab29b3c Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Wed, 6 May 2026 08:56:53 +0200 Subject: [PATCH 10/17] test: Add unit tests for config overrides --- extra/crds.yaml | 10 ++++ .../src/framework/config_overrides.rs | 52 ++++++++++++++++++- 2 files changed, 60 insertions(+), 2 deletions(-) diff --git a/extra/crds.yaml b/extra/crds.yaml index bf47187..1629ebc 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1869,6 +1869,11 @@ spec: opensearch.yml: default: jsonMergePatch: {} + description: |- + Combination of [`JsonConfigOverrides`] and [`KeyValueConfigOverrides`] + + Provides a backwards-compatible way to supply config overrides either as key-value pairs or as + a JSON value. type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -2559,6 +2564,11 @@ spec: opensearch.yml: default: jsonMergePatch: {} + description: |- + Combination of [`JsonConfigOverrides`] and [`KeyValueConfigOverrides`] + + Provides a backwards-compatible way to supply config overrides either as key-value pairs or as + a JSON value. type: object x-kubernetes-preserve-unknown-fields: true type: object diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index 8e13c96..047a34b 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -243,13 +243,61 @@ mod tests { #[test] fn test_json_config_overrides_from_key_value_config_overrides() { let key_value_config_overrides = KeyValueConfigOverrides { - overrides: [("a".to_owned(), Some("b".to_owned()))].into(), + overrides: [("key".to_owned(), Some("value".to_owned()))].into(), }; let actual_json_config_overrides: JsonConfigOverrides = key_value_config_overrides.into(); - let expected_json_config_overrides = JsonConfigOverrides::JsonMergePatch(json!({"a": "b"})); + let expected_json_config_overrides = + JsonConfigOverrides::JsonMergePatch(json!({"key": "value"})); assert_eq!(expected_json_config_overrides, actual_json_config_overrides); } + + #[test] + fn test_json_config_overrides_from_json_or_key_value_config_overrides() { + let key_value_config_overrides = + JsonOrKeyValueConfigOverrides::KeyValue(KeyValueConfigOverrides { + overrides: [("key".to_owned(), Some("value".to_owned()))].into(), + }); + + let actual_json_config_overrides: JsonConfigOverrides = key_value_config_overrides.into(); + + let expected_json_config_overrides = + JsonConfigOverrides::JsonMergePatch(json!({"key": "value"})); + + assert_eq!(expected_json_config_overrides, actual_json_config_overrides); + } + + #[test] + fn test_json_or_key_value_config_overrides_merge() { + let base = JsonOrKeyValueConfigOverrides::KeyValue(KeyValueConfigOverrides { + overrides: [ + ("keyA".to_owned(), Some("base A".to_owned())), + ("keyB".to_owned(), Some("base B".to_owned())), + ] + .into(), + }); + + let patch = JsonOrKeyValueConfigOverrides::KeyValue(KeyValueConfigOverrides { + overrides: [ + ("keyB".to_owned(), Some("patch B".to_owned())), + ("keyC".to_owned(), Some("patch C".to_owned())), + ] + .into(), + }); + + // The merge implementation internally converts KeyValueConfigOverrides to + // JsonConfigOverrides. It is already tested in [`test_json_config_overrides_merge`] that + // merging JsonConfigOverrides works. Therefore, one test case with KeyValueConfigOverrides + // is sufficient. + assert_eq!( + JsonOrKeyValueConfigOverrides::Json(JsonConfigOverrides::JsonMergePatch(json!({ + "keyA": "base A", + "keyB": "patch B", + "keyC": "patch C" + }))), + merge::merge(patch, &base) + ); + } } From a9e51becf856e33140d0600f0f0f0d8a2a007bc4 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Wed, 6 May 2026 09:04:03 +0200 Subject: [PATCH 11/17] chore: Fix clippy warnings --- rust/operator-binary/src/main.rs | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/rust/operator-binary/src/main.rs b/rust/operator-binary/src/main.rs index a7541a3..1db46e3 100644 --- a/rust/operator-binary/src/main.rs +++ b/rust/operator-binary/src/main.rs @@ -7,7 +7,7 @@ use clap::Parser as _; use crd::{OpenSearchCluster, OpenSearchClusterVersion, v1alpha1}; use framework::types::operator::OperatorName; use futures::{FutureExt, StreamExt}; -use snafu::{ResultExt as _, Snafu, futures::TryFutureExt}; +use snafu::{ResultExt, Snafu, futures::TryFutureExt}; use stackable_operator::{ YamlSchema as _, cli::{Command, RunArguments}, @@ -72,7 +72,8 @@ pub enum Error { #[snafu(display("failed to create Kubernetes client"))] CreateClient { - source: stackable_operator::client::Error, + #[snafu(source(from(stackable_operator::client::Error, Box::new)))] + source: Box, }, #[snafu(display("failed to create SIGTERM signal watcher"))] @@ -81,17 +82,22 @@ pub enum Error { }, #[snafu(display("failed to create webhook server"))] - CreateWebhook { source: webhooks::conversion::Error }, + CreateWebhook { + #[snafu(source(from(webhooks::conversion::Error, Box::new)))] + source: Box, + }, #[snafu(display("failed to run webhook server"))] RunWebhook { - source: stackable_operator::webhook::WebhookServerError, + #[snafu(source(from(stackable_operator::webhook::WebhookServerError, Box::new)))] + source: Box, }, #[snafu(display("failed to establish if CRD {crd_name:?} is available"))] EstablishCrd { crd_name: String, - source: stackable_operator::utils::signal::CrdEstablishedError, + #[snafu(source(from(stackable_operator::utils::signal::CrdEstablishedError, Box::new)))] + source: Box, }, } From 6135034faaff3220bbde1e1ad66904a41f351051 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Wed, 6 May 2026 10:01:29 +0200 Subject: [PATCH 12/17] docs: Improve the descriptions of the CRD --- extra/crds.yaml | 55 ++++++++++++++++--- .../src/framework/config_overrides.rs | 27 ++++++++- .../src/framework/role_utils.rs | 2 +- 3 files changed, 73 insertions(+), 11 deletions(-) diff --git a/extra/crds.yaml b/extra/crds.yaml index 1629ebc..b0ff0c6 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1870,10 +1870,31 @@ spec: default: jsonMergePatch: {} description: |- - Combination of [`JsonConfigOverrides`] and [`KeyValueConfigOverrides`] + ConfigOverrides as key-value pairs, JSON merge patch or JSON object. - Provides a backwards-compatible way to supply config overrides either as key-value pairs or as - a JSON value. + The key-value pairs and the JSON merge patch are merged with the configuration provided by the + operator. The user provided JSON object replaces the configuration of the operator. + + Example for key-value pairs: + + stringProperty: new value + booleanProperty: "true" + + Example for a JSON merge patch: + + jsonMergePatch: + stringProperty: new value + booleanProperty: true + nestedProperty: + key: value + + Example for a JSON object: + + userProvided: + stringProperty: new value + booleanProperty: true + nestedProperty: + key: value type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -1949,7 +1970,6 @@ spec: type: object roleGroups: additionalProperties: - description: Variant of [`stackable_operator::role_utils::GenericCommonConfig`] that implements [`Merge`] properties: cliOverrides: additionalProperties: @@ -2565,10 +2585,31 @@ spec: default: jsonMergePatch: {} description: |- - Combination of [`JsonConfigOverrides`] and [`KeyValueConfigOverrides`] + ConfigOverrides as key-value pairs, JSON merge patch or JSON object. + + The key-value pairs and the JSON merge patch are merged with the configuration provided by the + operator. The user provided JSON object replaces the configuration of the operator. + + Example for key-value pairs: + + stringProperty: new value + booleanProperty: "true" + + Example for a JSON merge patch: + + jsonMergePatch: + stringProperty: new value + booleanProperty: true + nestedProperty: + key: value + + Example for a JSON object: - Provides a backwards-compatible way to supply config overrides either as key-value pairs or as - a JSON value. + userProvided: + stringProperty: new value + booleanProperty: true + nestedProperty: + key: value type: object x-kubernetes-preserve-unknown-fields: true type: object diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index 047a34b..e5943ac 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -91,10 +91,31 @@ impl From for JsonConfigOverrides { } } -/// Combination of [`JsonConfigOverrides`] and [`KeyValueConfigOverrides`] +/// ConfigOverrides as key-value pairs, JSON merge patch or JSON object. /// -/// Provides a backwards-compatible way to supply config overrides either as key-value pairs or as -/// a JSON value. +/// The key-value pairs and the JSON merge patch are merged with the configuration provided by the +/// operator. The user provided JSON object replaces the configuration of the operator. +/// +/// Example for key-value pairs: +/// +/// stringProperty: new value +/// booleanProperty: "true" +/// +/// Example for a JSON merge patch: +/// +/// jsonMergePatch: +/// stringProperty: new value +/// booleanProperty: true +/// nestedProperty: +/// key: value +/// +/// Example for a JSON object: +/// +/// userProvided: +/// stringProperty: new value +/// booleanProperty: true +/// nestedProperty: +/// key: value #[derive(Clone, Debug, Deserialize, JsonSchema, PartialEq, Serialize)] #[serde(untagged)] #[schemars(schema_with = "raw_object_schema")] diff --git a/rust/operator-binary/src/framework/role_utils.rs b/rust/operator-binary/src/framework/role_utils.rs index 672b9a0..1ff99ff 100644 --- a/rust/operator-binary/src/framework/role_utils.rs +++ b/rust/operator-binary/src/framework/role_utils.rs @@ -22,7 +22,7 @@ use super::{ }, }; -/// Variant of [`stackable_operator::role_utils::GenericCommonConfig`] that implements [`Merge`] +// Variant of [`stackable_operator::role_utils::GenericCommonConfig`] that implements [`Merge`] #[derive(Clone, Debug, Default, Deserialize, JsonSchema, PartialEq, Serialize)] pub struct GenericCommonConfig {} From 854c98e2b73b3e6d7b197cade146f0105db3eba1 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Wed, 6 May 2026 10:39:09 +0200 Subject: [PATCH 13/17] docs: Document typed config overrides --- .../configuration-environment-overrides.adoc | 91 ++++--------------- 1 file changed, 19 insertions(+), 72 deletions(-) diff --git a/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc b/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc index 38a31af..09feee9 100644 --- a/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc +++ b/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc @@ -35,89 +35,36 @@ nodes: config: {} ---- -All override property values must be strings. -They are added unchanged to the configuration file. -Care must be taken to produce a valid configuration. - -For a list of configuration options, we refer to the -https://docs.opensearch.org/docs/latest/install-and-configure/configuring-opensearch/index/[Configuring OpenSearch{external-link-icon}^] section in the OpenSearch documentation. - -The file `opensearch.yml` is a YAML file, where deep structures are possible. -On the other hand, `configOverrides` are only flat key-value pairs. -Fortunately, this is not a problem because the OpenSearch YAML parser allows both representations. -Keys can be flattened as follows: +Property values must be strings when defined as key-value pairs. +To override properties using other types or nested structures, use a JSON merge patch by placing the properties under `jsonMergePatch`: [source,yaml] ---- -# File: opensearch.yml - -plugins.security.restapi.roles_enabled: all_access - -# is equivalent to - -plugins: - security: - restapi: - roles_enabled: all_access +nodes: + configOverrides: + opensearch.yml: + jsonMergePatch: + plugins.security.restapi.roles_enabled: all_access + cluster.routing.allocation.disk.threshold_enabled: false + plugins.security.authcz.admin_dn: + - CN=opensearch-admin-certificate ---- -Lists can be flattened as follows: +The entire configuration file can be replaced using the `userProvided` property: [source,yaml] ---- -# File: opensearch.yml - -# as a comma-separated list: <1> -plugins.security.restapi.roles_enabled: role1,role2,role3 - -# as a JSON list: <2> -plugins.security.restapi.roles_enabled: ["role1", "role2", "role3"] - -# as an indexed flat list: <3> -plugins.security.restapi.roles_enabled.0: role1 -plugins.security.restapi.roles_enabled.1: role2 -plugins.security.restapi.roles_enabled.2: role3 - -# All options above are equivalent to - -plugins: - security: - restapi: - roles_enabled: - - role1 - - role2 - - role3 ----- -<1> Commas in list entries cannot be escaped. -<2> The brackets must be escaped in `configOverrides` as follows: `"[\"role1\", \"role2\", \"role3\"]"` -<3> Indexed flat lists are considered "legacy" in the OpenSearch code. -// see https://github.com/opensearch-project/OpenSearch/blob/3.4.0/server/src/main/java/org/opensearch/common/settings/Settings.java#L1049 - -Other types can be set as strings in `configOverrides` because OpenSearch parses them: - -[source,yaml] +nodes: + configOverrides: + opensearch.yml: + userProvided: + plugins.security.restapi.roles_enabled: all_access ---- -# File: opensearch.yml -# Boolean as string -cluster.blocks.read_only: "true" +NOTE: Replacing the entire configuration file is not recommended, as all properties normally managed by the operator must be explicitly provided to obtain a working OpenSearch cluster. -# Integer as string -cluster.max_shards_per_node: "10000" - -# Floating point as string -cluster.routing.allocation.balance.index: "0.6" - -# Time unit as string -cluster.info.update.interval: "10s" - -# The options above are equivalent to - -cluster.blocks.read_only: true -cluster.max_shards_per_node: 10000 -cluster.routing.allocation.balance.index: 0.6 -cluster.info.update.interval: 10s ----- +For a list of configuration options, we refer to the +https://docs.opensearch.org/docs/latest/install-and-configure/configuring-opensearch/index/[Configuring OpenSearch{external-link-icon}^] section in the OpenSearch documentation. == Environment Variables From e62d296eb2170dc1fad258c1310312c7ff83ff21 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Wed, 6 May 2026 10:55:29 +0200 Subject: [PATCH 14/17] tests: Use a list for plugins.security.authcz.admin_dn --- .../kuttl/backup-restore/21-install-opensearch-1.yaml.j2 | 3 ++- .../kuttl/backup-restore/51-install-opensearch-2.yaml.j2 | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 b/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 index 37ce1d3..4d7af2e 100644 --- a/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 +++ b/tests/templates/kuttl/backup-restore/21-install-opensearch-1.yaml.j2 @@ -83,7 +83,8 @@ spec: # `cluster.routing.allocation.disk.watermark.high` is reached then the security index # could not be created even if enough disk space would be available. cluster.routing.allocation.disk.threshold_enabled: false - plugins.security.authcz.admin_dn: CN=opensearch-1-admin-certificate + plugins.security.authcz.admin_dn: + - CN=opensearch-1-admin-certificate plugins.security.restapi.roles_enabled: all_access plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/concatenated/ca.crt {% if test_scenario['values']['s3-use-tls'] == 'true' %} diff --git a/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 b/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 index 7a80855..d5c5694 100644 --- a/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 +++ b/tests/templates/kuttl/backup-restore/51-install-opensearch-2.yaml.j2 @@ -85,7 +85,8 @@ spec: cluster.routing.allocation.disk.threshold_enabled: false # Allows the test jobs to access the security REST API. plugins.security.restapi.roles_enabled: all_access - plugins.security.authcz.admin_dn: CN=opensearch-2-admin-certificate + plugins.security.authcz.admin_dn: + - CN=opensearch-2-admin-certificate plugins.security.restapi.roles_enabled: all_access plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/concatenated/ca.crt {% if test_scenario['values']['s3-use-tls'] == 'true' %} From 7bfd029b9bb02939b71dffa47a25eb66c93a3d3d Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Fri, 8 May 2026 15:42:07 +0200 Subject: [PATCH 15/17] feat: Support jsonPatch in configOverrides --- Cargo.lock | 2 + Cargo.nix | 16 +- Cargo.toml | 1 + extra/crds.yaml | 28 +- rust/operator-binary/Cargo.toml | 1 + .../src/controller/build/node_config.rs | 2 +- .../src/controller/validate.rs | 19 +- .../src/framework/config_overrides.rs | 325 ++++++++++++------ 8 files changed, 277 insertions(+), 117 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 295e49d..d44cf07 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1487,6 +1487,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7421438de105a0827e44fadd05377727847d717c80ce29a229f85fd04c427b72" dependencies = [ "jsonptr", + "schemars", "serde", "serde_json", "thiserror 2.0.18", @@ -2943,6 +2944,7 @@ dependencies = [ "built", "clap", "futures 0.3.32", + "json-patch", "pretty_assertions", "regex", "rstest", diff --git a/Cargo.nix b/Cargo.nix index 7c6079d..c4ed3a5 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -4722,6 +4722,11 @@ rec { name = "jsonptr"; packageId = "jsonptr"; } + { + name = "schemars"; + packageId = "schemars"; + optional = true; + } { name = "serde"; packageId = "serde"; @@ -4737,6 +4742,10 @@ rec { } ]; devDependencies = [ + { + name = "schemars"; + packageId = "schemars"; + } { name = "serde_json"; packageId = "serde_json"; @@ -4748,7 +4757,7 @@ rec { "schemars" = [ "dep:schemars" ]; "utoipa" = [ "dep:utoipa" ]; }; - resolvedDefaultFeatures = [ "default" "diff" ]; + resolvedDefaultFeatures = [ "default" "diff" "schemars" ]; }; "jsonpath-rust" = rec { crateName = "jsonpath-rust"; @@ -9708,6 +9717,11 @@ rec { packageId = "futures 0.3.32"; features = [ "compat" ]; } + { + name = "json-patch"; + packageId = "json-patch"; + features = [ "schemars" ]; + } { name = "regex"; packageId = "regex"; diff --git a/Cargo.toml b/Cargo.toml index 2aa701c..c1a284b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,6 +15,7 @@ stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", built = { version = "0.8.0", features = ["chrono", "git2"] } clap = "4.5" futures = { version = "0.3", features = ["compat"] } +json-patch = { version = "4.2", features = ["schemars"] } pretty_assertions = "1.4" regex = "1.11" rstest = "0.26" diff --git a/extra/crds.yaml b/extra/crds.yaml index b0ff0c6..547d522 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -1870,10 +1870,11 @@ spec: default: jsonMergePatch: {} description: |- - ConfigOverrides as key-value pairs, JSON merge patch or JSON object. + ConfigOverrides as key-value pairs, JSON merge patch, JSON patch or JSON object. - The key-value pairs and the JSON merge patch are merged with the configuration provided by the - operator. The user provided JSON object replaces the configuration of the operator. + The key-value pairs, JSON merge patch and JSON patch are merged with/applied to the + configuration provided by the operator. The user-provided JSON object replaces the + configuration of the operator. Example for key-value pairs: @@ -1888,6 +1889,13 @@ spec: nestedProperty: key: value + Example for a JSON patch: + + jsonPatch: + - op: replace + path: /stringProperty + value: new value + Example for a JSON object: userProvided: @@ -2585,10 +2593,11 @@ spec: default: jsonMergePatch: {} description: |- - ConfigOverrides as key-value pairs, JSON merge patch or JSON object. + ConfigOverrides as key-value pairs, JSON merge patch, JSON patch or JSON object. - The key-value pairs and the JSON merge patch are merged with the configuration provided by the - operator. The user provided JSON object replaces the configuration of the operator. + The key-value pairs, JSON merge patch and JSON patch are merged with/applied to the + configuration provided by the operator. The user-provided JSON object replaces the + configuration of the operator. Example for key-value pairs: @@ -2603,6 +2612,13 @@ spec: nestedProperty: key: value + Example for a JSON patch: + + jsonPatch: + - op: replace + path: /stringProperty + value: new value + Example for a JSON object: userProvided: diff --git a/rust/operator-binary/Cargo.toml b/rust/operator-binary/Cargo.toml index d3a8976..6a23107 100644 --- a/rust/operator-binary/Cargo.toml +++ b/rust/operator-binary/Cargo.toml @@ -14,6 +14,7 @@ stackable-operator.workspace = true clap.workspace = true futures.workspace = true +json-patch.workspace = true regex.workspace = true serde.workspace = true serde_json.workspace = true diff --git a/rust/operator-binary/src/controller/build/node_config.rs b/rust/operator-binary/src/controller/build/node_config.rs index d152378..8a6805d 100644 --- a/rust/operator-binary/src/controller/build/node_config.rs +++ b/rust/operator-binary/src/controller/build/node_config.rs @@ -190,7 +190,7 @@ impl NodeConfig { .opensearch_yml .clone(); - overrides.apply(&config).into_owned() + overrides.apply(&config) } /// Creates the main OpenSearch configuration file as JSON map diff --git a/rust/operator-binary/src/controller/validate.rs b/rust/operator-binary/src/controller/validate.rs index 543e455..ce37a49 100644 --- a/rust/operator-binary/src/controller/validate.rs +++ b/rust/operator-binary/src/controller/validate.rs @@ -630,11 +630,20 @@ mod tests { termination_grace_period_seconds: 300, }, config_overrides: ValidatedOpenSearchConfigOverrides { - opensearch_yml: JsonConfigOverrides::JsonMergePatch(json!({ - "setting1": "value from role level", - "setting2": "value from role-group level", - "setting3": "value from role-group level", - }),) + opensearch_yml: JsonConfigOverrides::Sequence(vec![ + JsonConfigOverrides::JsonMergePatch(json!( + { + "setting2": "value from role-group level", + "setting3": "value from role-group level" + } + )), + JsonConfigOverrides::JsonMergePatch(json!( + { + "setting1": "value from role level", + "setting2": "value from role level" + } + )) + ]), }, env_overrides: EnvVarSet::new().with_values([ ( diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index e5943ac..c871a8c 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -1,4 +1,4 @@ -use std::{borrow::Cow, collections::BTreeMap}; +use std::collections::BTreeMap; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; @@ -6,6 +6,7 @@ use serde_json::json; use stackable_operator::{ config::merge::Merge, k8s_openapi::DeepMerge, schemars, utils::crds::raw_object_schema, }; +use tracing::warn; // Variant of [`stackable_operator::config_overrides::KeyValueConfigOverrides`] that implements // Merge @@ -22,66 +23,96 @@ pub struct KeyValueConfigOverrides { // Variant of [`stackable_operator::config_overrides::JsonConfigOverrides`] with the following // changes: // - Implements Default -// - Implements Merge -// - The JsonPatches variant was removed because it could fail in the build stage. -// - The UserProvided variant also contains a JSON value instead of a string. +// - Implements Merge by using a Sequence variant which is not exposed in the CRD +// - `JsonPatches` was renamed to `JsonPatch` because it is one patch consisting of multiple +// operations. +// - `JsonPatch` contains a `json_patch::Patch` instead of a vector of strings /// ConfigOverrides that can be applied to a JSON file. #[derive(Clone, Debug, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] #[serde(rename_all = "camelCase")] pub enum JsonConfigOverrides { /// Can be set to arbitrary YAML content, which is converted to JSON and used as /// [RFC 7396](https://datatracker.ietf.org/doc/html/rfc7396) JSON merge patch. - #[schemars(schema_with = "raw_object_schema")] JsonMergePatch(serde_json::Value), + /// An [RFC 6902](https://datatracker.ietf.org/doc/html/rfc6902) JSON patch. + /// + /// Can be used when more flexibility is needed, e.g. to only modify elements + /// in a list based on a condition. + /// + /// A patch looks something like + /// + /// `- {"op": "test", "path": "/0/name", "value": "Andrew"}` + /// + /// or + /// + /// `- {"op": "add", "path": "/0/happy", "value": true}` + JsonPatch(json_patch::Patch), + /// Override the entire config file with the specified JSON value. - #[schemars(schema_with = "raw_object_schema")] UserProvided(serde_json::Value), + + /// Sequence of [`JsonConfigOverrides`] starting with the latest patch + /// + /// This variant is used internally to combine the role and role group configOverrides. They + /// cannot be merged right away because the order of JsonPatch application affects the result. + #[serde(skip)] + Sequence(Vec), } impl JsonConfigOverrides { // Infallible variant of [`stackable_operator::config_overrides::JsonConfigOverrides::apply`] - pub fn apply(&self, base: &serde_json::Value) -> Cow<'_, serde_json::Value> { + pub fn apply(&self, base: &serde_json::Value) -> serde_json::Value { match self { Self::JsonMergePatch(patch) => { - let mut merged = base.clone(); - merged.merge_from(patch.clone()); - Cow::Owned(merged) + let mut doc = base.clone(); + doc.merge_from(patch.clone()); + doc + } + Self::JsonPatch(patch) => { + let mut doc = base.clone(); + if let Err(error) = json_patch::patch(&mut doc, patch) { + warn!("The JSON patch could not be applied: {error}"); + } + doc + } + Self::UserProvided(content) => content.clone(), + Self::Sequence(sequence) => { + let mut doc = base.clone(); + for patch in sequence.iter().rev() { + doc = patch.apply(&doc); + } + doc } - Self::UserProvided(content) => Cow::Borrowed(content), } } } impl Default for JsonConfigOverrides { fn default() -> Self { + // There are several options to represent an empty patch, e.g. + // `JsonConfigOverrides::Sequence(vec![])`. As this is exposed as the default in the CRD, + // an empty JSON merge patch is returned, because JSON merge patches are the preferred way + // to override the configuration. JsonConfigOverrides::JsonMergePatch(json!({})) } } impl Merge for JsonConfigOverrides { fn merge(&mut self, defaults: &Self) { - match (&self, defaults) { - ( - JsonConfigOverrides::JsonMergePatch(patch), - JsonConfigOverrides::JsonMergePatch(base), - ) => { - let mut merged = base.clone(); - merged.merge_from(patch.clone()); - *self = JsonConfigOverrides::JsonMergePatch(merged); - } - ( - JsonConfigOverrides::JsonMergePatch(patch), - JsonConfigOverrides::UserProvided(base), - ) => { - let mut merged = base.clone(); - merged.merge_from(patch.clone()); - *self = JsonConfigOverrides::UserProvided(merged); - } - (JsonConfigOverrides::UserProvided(patch), _) => { - *self = JsonConfigOverrides::UserProvided(patch.clone()); - } + let mut sequence = if let JsonConfigOverrides::Sequence(sequence) = self { + sequence.clone() + } else { + vec![self.clone()] + }; + + if let JsonConfigOverrides::Sequence(base) = defaults { + sequence.extend(base.clone()); + } else { + sequence.push(defaults.clone()); } + + *self = JsonConfigOverrides::Sequence(sequence); } } @@ -91,10 +122,11 @@ impl From for JsonConfigOverrides { } } -/// ConfigOverrides as key-value pairs, JSON merge patch or JSON object. +/// ConfigOverrides as key-value pairs, JSON merge patch, JSON patch or JSON object. /// -/// The key-value pairs and the JSON merge patch are merged with the configuration provided by the -/// operator. The user provided JSON object replaces the configuration of the operator. +/// The key-value pairs, JSON merge patch and JSON patch are merged with/applied to the +/// configuration provided by the operator. The user-provided JSON object replaces the +/// configuration of the operator. /// /// Example for key-value pairs: /// @@ -109,6 +141,13 @@ impl From for JsonConfigOverrides { /// nestedProperty: /// key: value /// +/// Example for a JSON patch: +/// +/// jsonPatch: +/// - op: replace +/// path: /stringProperty +/// value: new value +/// /// Example for a JSON object: /// /// userProvided: @@ -162,102 +201,185 @@ mod tests { #[test] fn test_json_config_overrides_apply() { let base = json!({ - "keyA": "valueA1", - "keyB": "valueB1" + "keyA": "base A", + "keyB": "base B" }); let json_merge_patch = JsonConfigOverrides::JsonMergePatch(json!({ - "keyA": "valueA2" + "keyB": "patch B", + "keyC": "patch C" })); assert_eq!( json!({ - "keyA": "valueA2", - "keyB": "valueB1" + "keyA": "base A", + "keyB": "patch B", + "keyC": "patch C" + }), + json_merge_patch.apply(&base) + ); + + let json_patch = JsonConfigOverrides::JsonPatch( + serde_json::from_value(json!([ + { "op": "replace", "path": "/keyB", "value": "patch B" }, + { "op": "add", "path": "/keyC", "value": "patch C" }, + ])) + .expect("should contain valid JSON patch operations"), + ); + + assert_eq!( + json!({ + "keyA": "base A", + "keyB": "patch B", + "keyC": "patch C", + }), + json_patch.apply(&base) + ); + + let invalid_json_patch = JsonConfigOverrides::JsonPatch( + serde_json::from_value(json!([ + { "op": "replace", "path": "/keyB", "value": "patch B" }, + { "op": "remove", "path": "/keyD" } + ])) + .expect("should contain valid JSON patch operations"), + ); + + // invalid_json_patch cannot be applied because the path "/keyD" does not exist in base. + // A warning should be logged and the changes should be rolled back, i.e. "keyB" should be + // "base B" instead of "patch B". + assert_eq!( + json!({ + "keyA": "base A", + "keyB": "base B", }), - json_merge_patch.apply(&base).into_owned() + invalid_json_patch.apply(&base) ); let user_provided = JsonConfigOverrides::UserProvided(json!({ - "keyB": "valueB2" + "keyB": "patch B", + "keyC": "patch C" })); assert_eq!( json!({ - "keyB": "valueB2", + "keyB": "patch B", + "keyC": "patch C" }), - user_provided.apply(&base).into_owned() + user_provided.apply(&base) + ); + + let sequence = JsonConfigOverrides::Sequence(vec![ + // There should be no nested sequences, but as it is not technically prevented, it is + // tested nevertheless. + JsonConfigOverrides::Sequence(vec![JsonConfigOverrides::JsonMergePatch(json!({ + "keyC": "patch C.2", + "keyD": "patch D.2" + }))]), + JsonConfigOverrides::JsonMergePatch(json!({ + "keyB": "patch B.1", + "keyC": "patch C.1" + })), + ]); + + assert_eq!( + json!({ + "keyA": "base A", + "keyB": "patch B.1", + "keyC": "patch C.2", + "keyD": "patch D.2" + }), + sequence.apply(&base) ); } #[test] fn test_json_config_overrides_merge() { - let json_merge_patch = JsonConfigOverrides::JsonMergePatch(json!({ - "keyA": "base A", - "keyB": "base B" + let sequence1 = JsonConfigOverrides::Sequence(vec![ + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 1.2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 1.1", + })), + ]); + + let sequence2 = JsonConfigOverrides::Sequence(vec![ + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 2.2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 2.1", + })), + ]); + + // It does not matter for the test case if the JsonMergePatch, JsonPatch or UserProvided + // variant is chosen. + let json_merge_patch1 = JsonConfigOverrides::JsonMergePatch(json!({ + "key": "patch 1", })); - let user_provided = JsonConfigOverrides::UserProvided(json!({ - "keyA": "base A", - "keyB": "base B" + let json_merge_patch2 = JsonConfigOverrides::JsonMergePatch(json!({ + "key": "patch 2", })); assert_eq!( - JsonConfigOverrides::JsonMergePatch(json!({ - "keyA": "base A", - "keyB": "patch B", - "keyC": "patch C" - })), - merge::merge( + JsonConfigOverrides::Sequence(vec![ JsonConfigOverrides::JsonMergePatch(json!({ - "keyB": "patch B", - "keyC": "patch C" + "key": "sequence 2.2", })), - &json_merge_patch - ) + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 2.1", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 1.2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 1.1", + })), + ]), + merge::merge(sequence2.clone(), &sequence1) ); assert_eq!( - JsonConfigOverrides::UserProvided(json!({ - "keyA": "base A", - "keyB": "patch B", - "keyC": "patch C" - })), - merge::merge( + JsonConfigOverrides::Sequence(vec![ JsonConfigOverrides::JsonMergePatch(json!({ - "keyB": "patch B", - "keyC": "patch C" + "key": "patch 2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 1.2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 1.1", })), - &user_provided - ) + ]), + merge::merge(json_merge_patch2.clone(), &sequence1) ); assert_eq!( - JsonConfigOverrides::UserProvided(json!({ - "keyB": "patch B", - "keyC": "patch C" - })), - merge::merge( - JsonConfigOverrides::UserProvided(json!({ - "keyB": "patch B", - "keyC": "patch C" + JsonConfigOverrides::Sequence(vec![ + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 2.2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "sequence 2.1", })), - &json_merge_patch - ) + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "patch 1", + })), + ]), + merge::merge(sequence2.clone(), &json_merge_patch1) ); assert_eq!( - JsonConfigOverrides::UserProvided(json!({ - "keyB": "patch B", - "keyC": "patch C" - })), - merge::merge( - JsonConfigOverrides::UserProvided(json!({ - "keyB": "patch B", - "keyC": "patch C" + JsonConfigOverrides::Sequence(vec![ + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "patch 2", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "patch 1", })), - &user_provided - ) + ]), + merge::merge(json_merge_patch2.clone(), &json_merge_patch1) ); } @@ -293,19 +415,11 @@ mod tests { #[test] fn test_json_or_key_value_config_overrides_merge() { let base = JsonOrKeyValueConfigOverrides::KeyValue(KeyValueConfigOverrides { - overrides: [ - ("keyA".to_owned(), Some("base A".to_owned())), - ("keyB".to_owned(), Some("base B".to_owned())), - ] - .into(), + overrides: [("key".to_owned(), Some("base".to_owned()))].into(), }); let patch = JsonOrKeyValueConfigOverrides::KeyValue(KeyValueConfigOverrides { - overrides: [ - ("keyB".to_owned(), Some("patch B".to_owned())), - ("keyC".to_owned(), Some("patch C".to_owned())), - ] - .into(), + overrides: [("key".to_owned(), Some("patch".to_owned()))].into(), }); // The merge implementation internally converts KeyValueConfigOverrides to @@ -313,11 +427,14 @@ mod tests { // merging JsonConfigOverrides works. Therefore, one test case with KeyValueConfigOverrides // is sufficient. assert_eq!( - JsonOrKeyValueConfigOverrides::Json(JsonConfigOverrides::JsonMergePatch(json!({ - "keyA": "base A", - "keyB": "patch B", - "keyC": "patch C" - }))), + JsonOrKeyValueConfigOverrides::Json(JsonConfigOverrides::Sequence(vec![ + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "patch", + })), + JsonConfigOverrides::JsonMergePatch(json!({ + "key": "base", + })) + ])), merge::merge(patch, &base) ); } From d7ff3a4083af220736ff87f3471a9f0022838f0b Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Fri, 8 May 2026 16:11:06 +0200 Subject: [PATCH 16/17] chore: Add a comment --- rust/operator-binary/src/framework/config_overrides.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rust/operator-binary/src/framework/config_overrides.rs b/rust/operator-binary/src/framework/config_overrides.rs index c871a8c..4cc31ff 100644 --- a/rust/operator-binary/src/framework/config_overrides.rs +++ b/rust/operator-binary/src/framework/config_overrides.rs @@ -79,6 +79,8 @@ impl JsonConfigOverrides { Self::UserProvided(content) => content.clone(), Self::Sequence(sequence) => { let mut doc = base.clone(); + // `sequence` starts with the latest patch. Iterate in reverse order, to apply the + // patches from the first to the last one. for patch in sequence.iter().rev() { doc = patch.apply(&doc); } From a5e2027fd147b2fa095768d1abb3112981547486 Mon Sep 17 00:00:00 2001 From: Siegfried Weber Date: Fri, 8 May 2026 16:35:08 +0200 Subject: [PATCH 17/17] docs: Document JSON Patch --- .../configuration-environment-overrides.adoc | 26 ++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc b/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc index 09feee9..316e8c2 100644 --- a/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc +++ b/docs/modules/opensearch/pages/usage-guide/configuration-environment-overrides.adoc @@ -4,7 +4,7 @@ The cluster definition also supports overriding configuration properties, enviro either per role or per role group, where the more specific override (role group) has precedence over the less specific one (role). -IMPORTANT: Overriding certain properties which are set by the operator (such as the `network.host`) can interfere with the operator and can lead to problems. +CAUTION: Overriding certain properties which are set by the operator (such as the `network.host`) can interfere with the operator and can lead to problems. == Configuration Properties @@ -36,7 +36,7 @@ nodes: ---- Property values must be strings when defined as key-value pairs. -To override properties using other types or nested structures, use a JSON merge patch by placing the properties under `jsonMergePatch`: +To override properties using other types or nested structures, use a JSON Merge Patch by placing the properties under `jsonMergePatch`: [source,yaml] ---- @@ -50,6 +50,26 @@ nodes: - CN=opensearch-admin-certificate ---- +NOTE: A JSON Merge Patch is the recommended method for overriding configuration settings. + +Use a JSON Patch when you need finer-grained control, e.g. to remove a setting. +Define a JSON Patch using the `jsonPatch` property, which accepts a list of operations: + +[source,yaml] +---- +nodes: + configOverrides: + opensearch.yml: + jsonPatch: + - op: add + path: /plugins.security.authcz.admin_dn + value: CN=opensearch-admin-certificate + - op: remove + path: /plugins.security.allow_default_init_securityindex +---- + +CAUTION: The operator only logs a warning if the JSON Patch could not be applied and continues with the unpatched configuration. + The entire configuration file can be replaced using the `userProvided` property: [source,yaml] @@ -61,7 +81,7 @@ nodes: plugins.security.restapi.roles_enabled: all_access ---- -NOTE: Replacing the entire configuration file is not recommended, as all properties normally managed by the operator must be explicitly provided to obtain a working OpenSearch cluster. +WARNING: Replacing the entire configuration file is not recommended, as all properties normally managed by the operator must be explicitly provided to obtain a working OpenSearch cluster. For a list of configuration options, we refer to the https://docs.opensearch.org/docs/latest/install-and-configure/configuring-opensearch/index/[Configuring OpenSearch{external-link-icon}^] section in the OpenSearch documentation.