From d00ac5b6551ad2475017e6f2be18838492e2861a Mon Sep 17 00:00:00 2001 From: Techassi Date: Wed, 22 Oct 2025 16:39:46 +0200 Subject: [PATCH 1/4] feat(crd): Mark certManager as non-experimental --- extra/crds.yaml | 4 ++-- rust/operator-binary/src/crd/secret_class/mod.rs | 2 +- rust/operator-binary/src/crd/secret_class/v1alpha1_impl.rs | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/extra/crds.yaml b/extra/crds.yaml index e175dc24..9f889bbe 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -35,7 +35,7 @@ spec: - required: - autoTls - required: - - experimentalCertManager + - certManager - required: - kerberosKeytab properties: @@ -169,7 +169,7 @@ spec: required: - ca type: object - experimentalCertManager: + certManager: description: |- The [`experimentalCertManager` backend][1] injects a TLS certificate issued by [cert-manager](https://cert-manager.io/). diff --git a/rust/operator-binary/src/crd/secret_class/mod.rs b/rust/operator-binary/src/crd/secret_class/mod.rs index 383cd6fc..068451e9 100644 --- a/rust/operator-binary/src/crd/secret_class/mod.rs +++ b/rust/operator-binary/src/crd/secret_class/mod.rs @@ -60,7 +60,7 @@ pub mod versioned { /// will be reused after that (subject to cert-manager renewal rules). /// /// [1]: DOCS_BASE_URL_PLACEHOLDER/secret-operator/secretclass#backend-certmanager - #[serde(rename = "experimentalCertManager")] + #[versioned(changed(since = "v1alpha2", from_name = "ExperimentalCertManager"))] CertManager(CertManagerBackend), /// The [`kerberosKeytab` backend](DOCS_BASE_URL_PLACEHOLDER/secret-operator/secretclass#backend-kerberoskeytab) diff --git a/rust/operator-binary/src/crd/secret_class/v1alpha1_impl.rs b/rust/operator-binary/src/crd/secret_class/v1alpha1_impl.rs index 8d22454d..2c9b80fe 100644 --- a/rust/operator-binary/src/crd/secret_class/v1alpha1_impl.rs +++ b/rust/operator-binary/src/crd/secret_class/v1alpha1_impl.rs @@ -30,7 +30,7 @@ impl SecretClassBackend { .and_then(|cm_ns| backend.search_namespace.matches_namespace(cm_ns)) } Self::AutoTls(_) => None, - Self::CertManager(_) => None, + Self::ExperimentalCertManager(_) => None, Self::KerberosKeytab(_) => None, } .into_iter() @@ -46,7 +46,7 @@ impl SecretClassBackend { (backend.ca.secret == *secret).then_some(SearchNamespaceMatchCondition::True) } Self::K8sSearch(_) => None, - Self::CertManager(_) => None, + Self::ExperimentalCertManager(_) => None, Self::KerberosKeytab(_) => None, } .into_iter() From c0ab1ca38f1058690c986a5f7614655a195a4427 Mon Sep 17 00:00:00 2001 From: Techassi Date: Wed, 22 Oct 2025 16:40:41 +0200 Subject: [PATCH 2/4] chore: Bump stackable-operator to 0.100.1 --- Cargo.lock | 73 +++++++---------------- Cargo.nix | 143 +++++++++++----------------------------------- Cargo.toml | 2 +- crate-hashes.json | 18 +++--- 4 files changed, 65 insertions(+), 171 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 05ca34d7..db400255 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1365,7 +1365,7 @@ dependencies = [ "js-sys", "log", "wasm-bindgen", - "windows-core 0.62.2", + "windows-core", ] [[package]] @@ -1644,7 +1644,7 @@ dependencies = [ [[package]] name = "k8s-version" version = "0.1.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "darling", "regex", @@ -3365,7 +3365,7 @@ checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" [[package]] name = "stackable-certs" version = "0.4.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "const-oid", "ecdsa", @@ -3408,8 +3408,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.100.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +version = "0.100.1" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "chrono", "clap", @@ -3434,7 +3434,7 @@ dependencies = [ "snafu 0.8.9", "stackable-operator-derive", "stackable-shared", - "stackable-telemetry 0.6.1 (git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0)", + "stackable-telemetry 0.6.1 (git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1)", "stackable-versioned", "stackable-webhook", "strum", @@ -3448,7 +3448,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "darling", "proc-macro2", @@ -3529,7 +3529,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.0.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "chrono", "k8s-openapi", @@ -3546,7 +3546,7 @@ dependencies = [ [[package]] name = "stackable-telemetry" version = "0.6.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "axum", "clap", @@ -3593,8 +3593,8 @@ dependencies = [ [[package]] name = "stackable-versioned" -version = "0.8.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +version = "0.8.3" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "schemars", "serde", @@ -3606,8 +3606,8 @@ dependencies = [ [[package]] name = "stackable-versioned-macros" -version = "0.8.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +version = "0.8.3" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "convert_case", "darling", @@ -3624,7 +3624,7 @@ dependencies = [ [[package]] name = "stackable-webhook" version = "0.7.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#5ff7d2ea14a06e9d66ba4410b94cd23e43666d55" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#184423db7409f853bd69db7eeecd1affbf97ef40" dependencies = [ "arc-swap", "axum", @@ -3640,7 +3640,7 @@ dependencies = [ "snafu 0.8.9", "stackable-certs", "stackable-shared", - "stackable-telemetry 0.6.1 (git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0)", + "stackable-telemetry 0.6.1 (git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1)", "tokio", "tokio-rustls", "tower", @@ -4470,7 +4470,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9babd3a767a4c1aef6900409f85f5d53ce2544ccdfaa86dad48c91782c6d6893" dependencies = [ "windows-collections", - "windows-core 0.61.2", + "windows-core", "windows-future", "windows-link 0.1.3", "windows-numerics", @@ -4482,7 +4482,7 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3beeceb5e5cfd9eb1d76b381630e82c4241ccd0d27f1a39ed41b2760b255c5e8" dependencies = [ - "windows-core 0.61.2", + "windows-core", ] [[package]] @@ -4494,21 +4494,8 @@ dependencies = [ "windows-implement", "windows-interface", "windows-link 0.1.3", - "windows-result 0.3.4", - "windows-strings 0.4.2", -] - -[[package]] -name = "windows-core" -version = "0.62.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb" -dependencies = [ - "windows-implement", - "windows-interface", - "windows-link 0.2.1", - "windows-result 0.4.1", - "windows-strings 0.5.1", + "windows-result", + "windows-strings", ] [[package]] @@ -4517,7 +4504,7 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fc6a41e98427b19fe4b73c550f060b59fa592d7d686537eebf9385621bfbad8e" dependencies = [ - "windows-core 0.61.2", + "windows-core", "windows-link 0.1.3", "windows-threading", ] @@ -4562,7 +4549,7 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9150af68066c4c5c07ddc0ce30421554771e528bde427614c61038bc2c92c2b1" dependencies = [ - "windows-core 0.61.2", + "windows-core", "windows-link 0.1.3", ] @@ -4575,15 +4562,6 @@ dependencies = [ "windows-link 0.1.3", ] -[[package]] -name = "windows-result" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5" -dependencies = [ - "windows-link 0.2.1", -] - [[package]] name = "windows-strings" version = "0.4.2" @@ -4593,15 +4571,6 @@ dependencies = [ "windows-link 0.1.3", ] -[[package]] -name = "windows-strings" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091" -dependencies = [ - "windows-link 0.2.1", -] - [[package]] name = "windows-sys" version = "0.52.0" diff --git a/Cargo.nix b/Cargo.nix index 9f797968..4e2476c8 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -3517,15 +3517,15 @@ rec { }; resolvedDefaultFeatures = [ "std" ]; }; - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-telemetry@0.6.1" = rec { + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-telemetry@0.6.1" = rec { crateName = "stackable-telemetry"; version = "0.6.1"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "stackable_telemetry"; authors = [ @@ -4643,7 +4643,7 @@ rec { } { name = "windows-core"; - packageId = "windows-core 0.62.2"; + packageId = "windows-core"; target = { target, features }: ("windows" == target."os" or null); } ]; @@ -5459,8 +5459,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "k8s_version"; authors = [ @@ -11456,8 +11456,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "stackable_certs"; authors = [ @@ -11637,13 +11637,13 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.100.0"; + version = "0.100.1"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "stackable_operator"; authors = [ @@ -11688,7 +11688,7 @@ rec { } { name = "stackable-telemetry"; - packageId = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-telemetry@0.6.1"; + packageId = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-telemetry@0.6.1"; optional = true; features = [ "clap" ]; } @@ -11816,8 +11816,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; procMacro = true; libName = "stackable_operator_derive"; @@ -12146,8 +12146,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "stackable_shared"; authors = [ @@ -12223,13 +12223,13 @@ rec { }; "stackable-versioned" = rec { crateName = "stackable-versioned"; - version = "0.8.2"; + version = "0.8.3"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "stackable_versioned"; authors = [ @@ -12267,13 +12267,13 @@ rec { }; "stackable-versioned-macros" = rec { crateName = "stackable-versioned-macros"; - version = "0.8.2"; + version = "0.8.3"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; procMacro = true; libName = "stackable_versioned_macros"; @@ -12336,8 +12336,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "5ff7d2ea14a06e9d66ba4410b94cd23e43666d55"; - sha256 = "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d"; + rev = "184423db7409f853bd69db7eeecd1affbf97ef40"; + sha256 = "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l"; }; libName = "stackable_webhook"; authors = [ @@ -12359,7 +12359,7 @@ rec { } { name = "stackable-telemetry"; - packageId = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-telemetry@0.6.1"; + packageId = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-telemetry@0.6.1"; } { name = "hyper"; @@ -15722,7 +15722,7 @@ rec { } { name = "windows-core"; - packageId = "windows-core 0.61.2"; + packageId = "windows-core"; usesDefaultFeatures = false; } { @@ -16446,7 +16446,7 @@ rec { dependencies = [ { name = "windows-core"; - packageId = "windows-core 0.61.2"; + packageId = "windows-core"; usesDefaultFeatures = false; } ]; @@ -16454,7 +16454,7 @@ rec { "default" = [ "std" ]; }; }; - "windows-core 0.61.2" = rec { + "windows-core" = rec { crateName = "windows-core"; version = "0.61.2"; edition = "2021"; @@ -16481,51 +16481,12 @@ rec { } { name = "windows-result"; - packageId = "windows-result 0.3.4"; + packageId = "windows-result"; usesDefaultFeatures = false; } { name = "windows-strings"; - packageId = "windows-strings 0.4.2"; - usesDefaultFeatures = false; - } - ]; - features = { - "default" = [ "std" ]; - "std" = [ "windows-result/std" "windows-strings/std" ]; - }; - resolvedDefaultFeatures = [ "std" ]; - }; - "windows-core 0.62.2" = rec { - crateName = "windows-core"; - version = "0.62.2"; - edition = "2021"; - sha256 = "1swxpv1a8qvn3bkxv8cn663238h2jccq35ff3nsj61jdsca3ms5q"; - libName = "windows_core"; - dependencies = [ - { - name = "windows-implement"; - packageId = "windows-implement"; - usesDefaultFeatures = false; - } - { - name = "windows-interface"; - packageId = "windows-interface"; - usesDefaultFeatures = false; - } - { - name = "windows-link"; - packageId = "windows-link 0.2.1"; - usesDefaultFeatures = false; - } - { - name = "windows-result"; - packageId = "windows-result 0.4.1"; - usesDefaultFeatures = false; - } - { - name = "windows-strings"; - packageId = "windows-strings 0.5.1"; + packageId = "windows-strings"; usesDefaultFeatures = false; } ]; @@ -16544,7 +16505,7 @@ rec { dependencies = [ { name = "windows-core"; - packageId = "windows-core 0.61.2"; + packageId = "windows-core"; usesDefaultFeatures = false; } { @@ -16644,7 +16605,7 @@ rec { dependencies = [ { name = "windows-core"; - packageId = "windows-core 0.61.2"; + packageId = "windows-core"; usesDefaultFeatures = false; } { @@ -16657,7 +16618,7 @@ rec { "default" = [ "std" ]; }; }; - "windows-result 0.3.4" = rec { + "windows-result" = rec { crateName = "windows-result"; version = "0.3.4"; edition = "2021"; @@ -16678,25 +16639,7 @@ rec { }; resolvedDefaultFeatures = [ "std" ]; }; - "windows-result 0.4.1" = rec { - crateName = "windows-result"; - version = "0.4.1"; - edition = "2021"; - sha256 = "1d9yhmrmmfqh56zlj751s5wfm9a2aa7az9rd7nn5027nxa4zm0bp"; - libName = "windows_result"; - dependencies = [ - { - name = "windows-link"; - packageId = "windows-link 0.2.1"; - usesDefaultFeatures = false; - } - ]; - features = { - "default" = [ "std" ]; - }; - resolvedDefaultFeatures = [ "std" ]; - }; - "windows-strings 0.4.2" = rec { + "windows-strings" = rec { crateName = "windows-strings"; version = "0.4.2"; edition = "2021"; @@ -16717,24 +16660,6 @@ rec { }; resolvedDefaultFeatures = [ "std" ]; }; - "windows-strings 0.5.1" = rec { - crateName = "windows-strings"; - version = "0.5.1"; - edition = "2021"; - sha256 = "14bhng9jqv4fyl7lqjz3az7vzh8pw0w4am49fsqgcz67d67x0dvq"; - libName = "windows_strings"; - dependencies = [ - { - name = "windows-link"; - packageId = "windows-link 0.2.1"; - usesDefaultFeatures = false; - } - ]; - features = { - "default" = [ "std" ]; - }; - resolvedDefaultFeatures = [ "std" ]; - }; "windows-sys 0.52.0" = rec { crateName = "windows-sys"; version = "0.52.0"; diff --git a/Cargo.toml b/Cargo.toml index 85ad8d45..743dce6d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ edition = "2021" repository = "https://github.com/stackabletech/secret-operator" [workspace.dependencies] -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", features = ["time", "telemetry", "versioned", "webhook"], tag = "stackable-operator-0.100.0" } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", features = ["time", "telemetry", "versioned", "webhook"], tag = "stackable-operator-0.100.1" } krb5 = { git = "https://github.com/stackabletech/krb5-rs.git", tag = "v0.1.0" } anyhow = "1.0" diff --git a/crate-hashes.json b/crate-hashes.json index 7f1b9343..fb762a1e 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -1,15 +1,15 @@ { "git+https://github.com/stackabletech/krb5-rs.git?tag=v0.1.0#krb5-sys@0.1.0": "148zr0q04163hpirkrff5q7cbxqgwzzxh0091zr4g23x7l64jh39", "git+https://github.com/stackabletech/krb5-rs.git?tag=v0.1.0#krb5@0.1.0": "148zr0q04163hpirkrff5q7cbxqgwzzxh0091zr4g23x7l64jh39", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#k8s-version@0.1.3": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-certs@0.4.0": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-operator-derive@0.3.1": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-operator@0.100.0": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-shared@0.0.3": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-telemetry@0.6.1": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-versioned-macros@0.8.2": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-versioned@0.8.2": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.0#stackable-webhook@0.7.0": "0330rzvnq05xai5dfx4ghhsz2162himcbj46fvh27a9pgqd92y4d", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#k8s-version@0.1.3": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-certs@0.4.0": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-operator-derive@0.3.1": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-operator@0.100.1": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-shared@0.0.3": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-telemetry@0.6.1": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-versioned-macros@0.8.3": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-versioned@0.8.3": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.100.1#stackable-webhook@0.7.0": "1a98klljvifnc168f1wc3d6szcry1lamxgjjdq89plr99p4b953l", "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-telemetry-0.6.1#stackable-telemetry@0.6.1": "0hiymhr40ix4jv9dmvp5d009xs6v0frvllr2xkf5mw43rcg44mgd", "git+https://github.com/stackabletech/product-config.git?tag=0.8.0#product-config@0.8.0": "1dz70kapm2wdqcr7ndyjji0lhsl98bsq95gnb2lw487wf6yr7987" } \ No newline at end of file From eab4d611ac9418cfdf62ac67b0be01b369d6b5b7 Mon Sep 17 00:00:00 2001 From: Techassi Date: Wed, 22 Oct 2025 16:52:51 +0200 Subject: [PATCH 3/4] docs: Mark certManager as non-experimental --- .../secret-operator/pages/secretclass.adoc | 33 +++++++++---------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/docs/modules/secret-operator/pages/secretclass.adoc b/docs/modules/secret-operator/pages/secretclass.adoc index 07247e69..345ebfcc 100644 --- a/docs/modules/secret-operator/pages/secretclass.adoc +++ b/docs/modules/secret-operator/pages/secretclass.adoc @@ -148,7 +148,7 @@ spec: `autoTls.maxCertificateLifetime`:: Maximum lifetime the created certificates are allowed to have. In case consumers request a longer lifetime than allowed by this setting, the lifetime will be the minimum of both. [#backend-certmanager] -=== `experimentalCertManager` +=== `certManager` *Format*: xref:#format-tls-pem[] @@ -156,9 +156,8 @@ spec: Injects a TLS certificate issued by {cert-manager}[Cert-Manager]. -WARNING: This backend is experimental, and subject to change. - -NOTE: This backend requires {cert-manager}[Cert-Manager] to already be installed and configured. +NOTE: This backend was marked as non-experimental in SDP 25.11.0. + This backend requires {cert-manager}[Cert-Manager] to already be installed and configured. A new certificate will be requested the first time it is used by a Pod, it will be reused after that (subject to Cert-Manager's renewal rules). @@ -167,15 +166,15 @@ Node-scoped requests will cause a Pod to become "sticky" to the Node that it was [#backend-certmanager-certificate-key-pair-generation] ==== `TLS certificate key pair generation` -Currently, only RSA is supported in the `experimentalCertManager` backend. +Currently, only RSA is supported in the `certManager` backend. You can however configure the key length for generated private keys. If not specified it will default to `2048` bits. ---- include::example$secretclass-certmanager-key-length.yaml[] ---- -<1> `experimentalCertManager.ca.keyGeneration` specifies which algorithm and additional parameters are used -<2> `experimentalCertManager.ca.keyGeneration.rsa` specifies the RSA key pair algorithm (RSA currently is the only one supported) -<3> `experimentalCertManager.ca.keyGeneration.rsa.length` specifies the amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits. +<1> `certManager.ca.keyGeneration` specifies which algorithm and additional parameters are used +<2> `certManager.ca.keyGeneration.rsa` specifies the RSA key pair algorithm (RSA currently is the only one supported) +<3> `certManager.ca.keyGeneration.rsa.length` specifies the amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits. CAUTION ==== @@ -193,7 +192,7 @@ If options higher than `2048` are chosen, the CPU resources for the issuer may n ---- spec: backend: - experimentalCertManager: + certManager: issuer: kind: Issuer name: secret-operator-demonstration @@ -203,14 +202,14 @@ spec: length: 4096 ---- -`experimentalCertManager`:: Declares that the `experimentalCertManager` backend is used. -`experimentalCertManager.issuer`:: The reference to the Cert-Manager issuer that should issue the certificates. -`experimentalCertManager.issuer.kind`:: The kind of the Cert-Manager issuer, either Issuer or ClusterIssuer. Note that Issuer must be in the same namespace as the Pod requesting the secret. -`experimentalCertManager.issuer.name`:: The name of the Issuer or ClusterIssuer to be used. -`experimentalCertManager.defaultCertificateLifetime`:: The default duration of the certificates. This may need to be increased for backends that impose stricter rate limits, such as https://letsencrypt.org/[Let's Encrypt]. -`experimentalCertManager.keyGeneration`:: Configures how keys should be generated. -`experimentalCertManager.keyGeneration.rsa`:: Declares that keys should be generated using the RSA algorithm. -`experimentalCertManager.keyGeneration.rsa.length`:: The amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits. +`certManager`:: Declares that the `certManager` backend is used. +`certManager.issuer`:: The reference to the Cert-Manager issuer that should issue the certificates. +`certManager.issuer.kind`:: The kind of the Cert-Manager issuer, either Issuer or ClusterIssuer. Note that Issuer must be in the same namespace as the Pod requesting the secret. +`certManager.issuer.name`:: The name of the Issuer or ClusterIssuer to be used. +`certManager.defaultCertificateLifetime`:: The default duration of the certificates. This may need to be increased for backends that impose stricter rate limits, such as https://letsencrypt.org/[Let's Encrypt]. +`certManager.keyGeneration`:: Configures how keys should be generated. +`certManager.keyGeneration.rsa`:: Declares that keys should be generated using the RSA algorithm. +`certManager.keyGeneration.rsa.length`:: The amount of bits used for generating the RSA key pair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits. [#backend-kerberoskeytab] === `kerberosKeytab` From 08eaa313c10e1e8fec1e9a823f6c8fe8ef877db9 Mon Sep 17 00:00:00 2001 From: Techassi Date: Fri, 24 Oct 2025 16:12:25 +0200 Subject: [PATCH 4/4] docs: Remove remaining mentions of experimentalCertManager --- docs/modules/secret-operator/pages/cert-manager.adoc | 2 +- extra/crds.yaml | 8 ++++---- rust/operator-binary/src/crd/secret_class/mod.rs | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/modules/secret-operator/pages/cert-manager.adoc b/docs/modules/secret-operator/pages/cert-manager.adoc index aa88c1ce..50774d2f 100644 --- a/docs/modules/secret-operator/pages/cert-manager.adoc +++ b/docs/modules/secret-operator/pages/cert-manager.adoc @@ -43,7 +43,7 @@ include::example$cert-manager/issuer.yaml[] == Creating a SecretClass The Stackable Secret Operator needs to know how to request the certificates from Cert-Manager. -Do this by creating a xref:secretclass.adoc[] using the xref:secretclass.adoc#backend-certmanager[`experimentalCertManager` backend]. +Do this by creating a xref:secretclass.adoc[] using the xref:secretclass.adoc#backend-certmanager[`certManager` backend]. [source,yaml] ---- diff --git a/extra/crds.yaml b/extra/crds.yaml index 9f889bbe..928af03f 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -171,13 +171,13 @@ spec: type: object certManager: description: |- - The [`experimentalCertManager` backend][1] injects a TLS certificate issued - by [cert-manager](https://cert-manager.io/). + The [`certManager` backend][1] injects a TLS certificate issued by [cert-manager]. A new certificate will be requested the first time it is used by a Pod, it will be reused after that (subject to cert-manager renewal rules). [1]: https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-certmanager + [cert-manager]: https://cert-manager.io/ properties: defaultCertificateLifetime: default: 1d @@ -576,13 +576,13 @@ spec: type: object experimentalCertManager: description: |- - The [`experimentalCertManager` backend][1] injects a TLS certificate issued - by [cert-manager](https://cert-manager.io/). + The [`certManager` backend][1] injects a TLS certificate issued by [cert-manager]. A new certificate will be requested the first time it is used by a Pod, it will be reused after that (subject to cert-manager renewal rules). [1]: https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-certmanager + [cert-manager]: https://cert-manager.io/ properties: defaultCertificateLifetime: default: 1d diff --git a/rust/operator-binary/src/crd/secret_class/mod.rs b/rust/operator-binary/src/crd/secret_class/mod.rs index 068451e9..ec1cc1c7 100644 --- a/rust/operator-binary/src/crd/secret_class/mod.rs +++ b/rust/operator-binary/src/crd/secret_class/mod.rs @@ -53,13 +53,13 @@ pub mod versioned { /// A new certificate and key pair will be generated and signed for each Pod, keys or certificates are never reused. AutoTls(AutoTlsBackend), - /// The [`experimentalCertManager` backend][1] injects a TLS certificate issued - /// by [cert-manager](https://cert-manager.io/). + /// The [`certManager` backend][1] injects a TLS certificate issued by [cert-manager]. /// /// A new certificate will be requested the first time it is used by a Pod, it /// will be reused after that (subject to cert-manager renewal rules). /// /// [1]: DOCS_BASE_URL_PLACEHOLDER/secret-operator/secretclass#backend-certmanager + /// [cert-manager]: https://cert-manager.io/ #[versioned(changed(since = "v1alpha2", from_name = "ExperimentalCertManager"))] CertManager(CertManagerBackend),