Merge "bump manila to latest stable to fix mount issue" into stable/2024.1
diff --git a/.ansible-lint b/.ansible-lint
index c81fa73..2776884 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,5 +1,6 @@
---
exclude_paths:
+ - .ansible
- .github
- atmosphere
- charts
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index bd2d792..2c0ca4e 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -41,6 +41,6 @@
args: ["--profile", "black", "--filter-files"]
- repo: https://github.com/ansible/ansible-lint.git
- rev: v24.7.0
+ rev: v25.1.2
hooks:
- id: ansible-lint
diff --git a/Cargo.lock b/Cargo.lock
index 1ea12db..6c32272 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -98,6 +98,23 @@
checksum = "34ac096ce696dc2fcabef30516bb13c0a68a11d30131d3df6f04711467681b04"
[[package]]
+name = "arc-swap"
+version = "1.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457"
+
+[[package]]
+name = "async-trait"
+version = "0.1.86"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "644dd749086bf3771a2fbc5f256fdb982d53f011c7d5d560304eafeecebce79d"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
name = "atmosphere"
version = "0.0.0"
dependencies = [
@@ -106,6 +123,12 @@
]
[[package]]
+name = "atomic-waker"
+version = "1.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
+
+[[package]]
name = "autocfg"
version = "1.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -183,6 +206,17 @@
]
[[package]]
+name = "build-it"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fb13a73a10ff7e425c3b397e54848825ce396d7e6c16be83bc9af81923e51191"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
name = "bumpalo"
version = "3.17.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -202,9 +236,9 @@
[[package]]
name = "cc"
-version = "1.2.13"
+version = "1.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c7777341816418c02e033934a09f20dc0ccaf65a5201ef8a450ae0105a573fda"
+checksum = "0c3d1b2e905a3a7b00a6141adb0e4c0bb941d11caf55349d863942a1cc44e3c9"
dependencies = [
"shlex",
]
@@ -223,16 +257,18 @@
dependencies = [
"android-tzdata",
"iana-time-zone",
+ "js-sys",
"num-traits",
"serde",
+ "wasm-bindgen",
"windows-targets",
]
[[package]]
name = "clap"
-version = "4.5.29"
+version = "4.5.30"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8acebd8ad879283633b343856142139f2da2317c96b05b4dd6181c61e2480184"
+checksum = "92b7b18d71fad5313a1e320fa9897994228ce274b60faa4d694fe0ea89cd9e6d"
dependencies = [
"clap_builder",
"clap_derive",
@@ -240,9 +276,9 @@
[[package]]
name = "clap_builder"
-version = "4.5.29"
+version = "4.5.30"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6ba32cbda51c7e1dfd49acc1457ba1a7dec5b64fe360e828acb13ca8dc9c2f9"
+checksum = "a35db2071778a7344791a4fb4f95308b5673d219dee3ae348b86642574ecc90c"
dependencies = [
"anstream",
"anstyle",
@@ -275,6 +311,26 @@
checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990"
[[package]]
+name = "core-foundation"
+version = "0.9.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
+[[package]]
+name = "core-foundation"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b55271e5c8c478ad3f38ad24ef34923091e0548492a266d19b3c0b4d82574c63"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
+[[package]]
name = "core-foundation-sys"
version = "0.8.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -302,6 +358,21 @@
]
[[package]]
+name = "either"
+version = "1.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "60b1af1c220855b6ceac025d3f6ecdd2b7c4894bfe9cd9bda4fbb4bc7c0d4cf0"
+
+[[package]]
+name = "encoding_rs"
+version = "0.8.35"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3"
+dependencies = [
+ "cfg-if",
+]
+
+[[package]]
name = "env_filter"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -326,9 +397,9 @@
[[package]]
name = "equivalent"
-version = "1.0.1"
+version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5"
+checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
[[package]]
name = "errno"
@@ -341,6 +412,12 @@
]
[[package]]
+name = "fastrand"
+version = "2.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
+
+[[package]]
name = "filetime"
version = "0.2.25"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -359,6 +436,21 @@
checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
[[package]]
+name = "foreign-types"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
+dependencies = [
+ "foreign-types-shared",
+]
+
+[[package]]
+name = "foreign-types-shared"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
+
+[[package]]
name = "form_urlencoded"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -463,8 +555,22 @@
checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
dependencies = [
"cfg-if",
+ "js-sys",
"libc",
- "wasi",
+ "wasi 0.11.0+wasi-snapshot-preview1",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43a49c392881ce6d5c3b8cb70f98717b7c07aabbdff06687b9030dbfbe2725f8"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "wasi 0.13.3+wasi-0.2.2",
+ "windows-targets",
]
[[package]]
@@ -474,6 +580,38 @@
checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f"
[[package]]
+name = "gitea-sdk"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7afd05f4bb5661b4562f00ad4e37d6af7184205d382b8d697bc5958331ca4909"
+dependencies = [
+ "base64",
+ "build-it",
+ "reqwest",
+ "serde",
+ "serde_json",
+]
+
+[[package]]
+name = "h2"
+version = "0.4.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ccae279728d634d083c00f6099cb58f01cc99c145b84b8be2f6c74618d79922e"
+dependencies = [
+ "atomic-waker",
+ "bytes",
+ "fnv",
+ "futures-core",
+ "futures-sink",
+ "http",
+ "indexmap 2.7.1",
+ "slab",
+ "tokio",
+ "tokio-util",
+ "tracing",
+]
+
+[[package]]
name = "hashbrown"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -558,6 +696,7 @@
"bytes",
"futures-channel",
"futures-util",
+ "h2",
"http",
"http-body",
"httparse",
@@ -585,6 +724,54 @@
]
[[package]]
+name = "hyper-rustls"
+version = "0.27.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2d191583f3da1305256f22463b9bb0471acad48a4e534a5218b9963e9c1f59b2"
+dependencies = [
+ "futures-util",
+ "http",
+ "hyper",
+ "hyper-util",
+ "log",
+ "rustls",
+ "rustls-native-certs",
+ "rustls-pki-types",
+ "tokio",
+ "tokio-rustls",
+ "tower-service",
+]
+
+[[package]]
+name = "hyper-timeout"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2b90d566bffbce6a75bd8b09a05aa8c2cb1fabb6cb348f8840c9e4c90a0d83b0"
+dependencies = [
+ "hyper",
+ "hyper-util",
+ "pin-project-lite",
+ "tokio",
+ "tower-service",
+]
+
+[[package]]
+name = "hyper-tls"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0"
+dependencies = [
+ "bytes",
+ "http-body-util",
+ "hyper",
+ "hyper-util",
+ "native-tls",
+ "tokio",
+ "tokio-native-tls",
+ "tower-service",
+]
+
+[[package]]
name = "hyper-util"
version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -781,6 +968,23 @@
]
[[package]]
+name = "imagebumper"
+version = "0.1.0"
+dependencies = [
+ "async-trait",
+ "clap",
+ "env_logger",
+ "gitea-sdk",
+ "log",
+ "octocrab",
+ "regex",
+ "reqwest",
+ "serde_json",
+ "tokio",
+ "url",
+]
+
+[[package]]
name = "indexmap"
version = "1.9.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -809,6 +1013,16 @@
checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130"
[[package]]
+name = "iri-string"
+version = "0.7.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc0f0a572e8ffe56e2ff4f769f32ffe919282c3916799f8b68688b6030063bea"
+dependencies = [
+ "memchr",
+ "serde",
+]
+
+[[package]]
name = "is_terminal_polyfill"
version = "1.70.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -831,6 +1045,21 @@
]
[[package]]
+name = "jsonwebtoken"
+version = "9.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a87cc7a48537badeae96744432de36f4be2b4a34a05a5ef32e9dd8a1c169dde"
+dependencies = [
+ "base64",
+ "js-sys",
+ "pem",
+ "ring",
+ "serde",
+ "serde_json",
+ "simple_asn1",
+]
+
+[[package]]
name = "libc"
version = "0.2.169"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -872,6 +1101,12 @@
checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3"
[[package]]
+name = "mime"
+version = "0.3.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
+
+[[package]]
name = "miniz_oxide"
version = "0.8.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -887,11 +1122,28 @@
checksum = "2886843bf800fba2e3377cff24abf6379b4c4d5c6681eaf9ea5b0d15090450bd"
dependencies = [
"libc",
- "wasi",
+ "wasi 0.11.0+wasi-snapshot-preview1",
"windows-sys 0.52.0",
]
[[package]]
+name = "native-tls"
+version = "0.2.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0dab59f8e050d5df8e4dd87d9206fb6f65a483e20ac9fda365ade4fab353196c"
+dependencies = [
+ "libc",
+ "log",
+ "openssl",
+ "openssl-probe",
+ "openssl-sys",
+ "schannel",
+ "security-framework 2.11.1",
+ "security-framework-sys",
+ "tempfile",
+]
+
+[[package]]
name = "netlink-packet-core"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -967,12 +1219,31 @@
]
[[package]]
+name = "num-bigint"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9"
+dependencies = [
+ "num-integer",
+ "num-traits",
+]
+
+[[package]]
name = "num-conv"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
[[package]]
+name = "num-integer"
+version = "0.1.46"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
+dependencies = [
+ "num-traits",
+]
+
+[[package]]
name = "num-traits"
version = "0.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -991,12 +1262,106 @@
]
[[package]]
+name = "octocrab"
+version = "0.43.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "27527d68322f4c603319f7958973db8f9fa4be62c0e3fafe084f5562cf6353df"
+dependencies = [
+ "arc-swap",
+ "async-trait",
+ "base64",
+ "bytes",
+ "cfg-if",
+ "chrono",
+ "either",
+ "futures",
+ "futures-util",
+ "http",
+ "http-body",
+ "http-body-util",
+ "hyper",
+ "hyper-rustls",
+ "hyper-timeout",
+ "hyper-util",
+ "jsonwebtoken",
+ "once_cell",
+ "percent-encoding",
+ "pin-project",
+ "secrecy",
+ "serde",
+ "serde_json",
+ "serde_path_to_error",
+ "serde_urlencoded",
+ "snafu",
+ "tokio",
+ "tower",
+ "tower-http",
+ "tracing",
+ "url",
+ "web-time",
+]
+
+[[package]]
name = "once_cell"
version = "1.20.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "945462a4b81e43c4e3ba96bd7b49d834c6f61198356aa858733bc4acf3cbe62e"
[[package]]
+name = "openssl"
+version = "0.10.71"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e14130c6a98cd258fdcb0fb6d744152343ff729cbfcb28c656a9d12b999fbcd"
+dependencies = [
+ "bitflags",
+ "cfg-if",
+ "foreign-types",
+ "libc",
+ "once_cell",
+ "openssl-macros",
+ "openssl-sys",
+]
+
+[[package]]
+name = "openssl-macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "openssl-probe"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"
+
+[[package]]
+name = "openssl-src"
+version = "300.4.2+3.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "168ce4e058f975fe43e89d9ccf78ca668601887ae736090aacc23ae353c298e2"
+dependencies = [
+ "cc",
+]
+
+[[package]]
+name = "openssl-sys"
+version = "0.9.106"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8bb61ea9811cc39e3c2069f40b8b8e2e70d8569b361f879786cc7ed48b777cdd"
+dependencies = [
+ "cc",
+ "libc",
+ "openssl-src",
+ "pkg-config",
+ "vcpkg",
+]
+
+[[package]]
name = "ovsinit"
version = "0.1.0"
dependencies = [
@@ -1029,12 +1394,42 @@
checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a"
[[package]]
+name = "pem"
+version = "3.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae"
+dependencies = [
+ "base64",
+ "serde",
+]
+
+[[package]]
name = "percent-encoding"
version = "2.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"
[[package]]
+name = "pin-project"
+version = "1.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dfe2e71e1471fe07709406bf725f710b02927c9c54b2b5b2ec0e8087d97c327d"
+dependencies = [
+ "pin-project-internal",
+]
+
+[[package]]
+name = "pin-project-internal"
+version = "1.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f6e859e6e5bd50440ab63c47e3ebabc90f26251f7c73c3d3e837b74a1cc3fa67"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
name = "pin-project-lite"
version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1047,6 +1442,12 @@
checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
[[package]]
+name = "pkg-config"
+version = "0.3.31"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "953ec861398dccce10c670dfeaf3ec4911ca479e9c02154b3a215178c5f566f2"
+
+[[package]]
name = "powerfmt"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1106,7 +1507,7 @@
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
dependencies = [
- "getrandom",
+ "getrandom 0.2.15",
]
[[package]]
@@ -1148,6 +1549,64 @@
checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"
[[package]]
+name = "reqwest"
+version = "0.12.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43e734407157c3c2034e0258f5e4473ddb361b1e85f95a66690d67264d7cd1da"
+dependencies = [
+ "base64",
+ "bytes",
+ "encoding_rs",
+ "futures-core",
+ "futures-util",
+ "h2",
+ "http",
+ "http-body",
+ "http-body-util",
+ "hyper",
+ "hyper-rustls",
+ "hyper-tls",
+ "hyper-util",
+ "ipnet",
+ "js-sys",
+ "log",
+ "mime",
+ "native-tls",
+ "once_cell",
+ "percent-encoding",
+ "pin-project-lite",
+ "rustls-pemfile",
+ "serde",
+ "serde_json",
+ "serde_urlencoded",
+ "sync_wrapper",
+ "system-configuration",
+ "tokio",
+ "tokio-native-tls",
+ "tower",
+ "tower-service",
+ "url",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+ "web-sys",
+ "windows-registry",
+]
+
+[[package]]
+name = "ring"
+version = "0.17.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e75ec5e92c4d8aede845126adc388046234541629e76029599ed35a003c7ed24"
+dependencies = [
+ "cc",
+ "cfg-if",
+ "getrandom 0.2.15",
+ "libc",
+ "untrusted",
+ "windows-sys 0.52.0",
+]
+
+[[package]]
name = "rtnetlink"
version = "0.14.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1199,6 +1658,59 @@
]
[[package]]
+name = "rustls"
+version = "0.23.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "47796c98c480fce5406ef69d1c76378375492c3b0a0de587be0c1d9feb12f395"
+dependencies = [
+ "log",
+ "once_cell",
+ "ring",
+ "rustls-pki-types",
+ "rustls-webpki",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls-native-certs"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3"
+dependencies = [
+ "openssl-probe",
+ "rustls-pki-types",
+ "schannel",
+ "security-framework 3.2.0",
+]
+
+[[package]]
+name = "rustls-pemfile"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50"
+dependencies = [
+ "rustls-pki-types",
+]
+
+[[package]]
+name = "rustls-pki-types"
+version = "1.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c"
+
+[[package]]
+name = "rustls-webpki"
+version = "0.102.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "64ca1bc8749bd4cf37b5ce386cc146580777b4e8572c7b97baf22c83f444bee9"
+dependencies = [
+ "ring",
+ "rustls-pki-types",
+ "untrusted",
+]
+
+[[package]]
name = "rustversion"
version = "1.0.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1211,6 +1723,60 @@
checksum = "6ea1a2d0a644769cc99faa24c3ad26b379b786fe7c36fd3c546254801650e6dd"
[[package]]
+name = "schannel"
+version = "0.1.27"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f29ebaa345f945cec9fbbc532eb307f0fdad8161f281b6369539c8d84876b3d"
+dependencies = [
+ "windows-sys 0.59.0",
+]
+
+[[package]]
+name = "secrecy"
+version = "0.10.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e891af845473308773346dc847b2c23ee78fe442e0472ac50e22a18a93d3ae5a"
+dependencies = [
+ "zeroize",
+]
+
+[[package]]
+name = "security-framework"
+version = "2.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02"
+dependencies = [
+ "bitflags",
+ "core-foundation 0.9.4",
+ "core-foundation-sys",
+ "libc",
+ "security-framework-sys",
+]
+
+[[package]]
+name = "security-framework"
+version = "3.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "271720403f46ca04f7ba6f55d438f8bd878d6b8ca0a1046e8228c4145bcbb316"
+dependencies = [
+ "bitflags",
+ "core-foundation 0.10.0",
+ "core-foundation-sys",
+ "libc",
+ "security-framework-sys",
+]
+
+[[package]]
+name = "security-framework-sys"
+version = "2.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
+[[package]]
name = "serde"
version = "1.0.217"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1243,6 +1809,16 @@
]
[[package]]
+name = "serde_path_to_error"
+version = "0.1.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "af99884400da37c88f5e9146b7f1fd0fbcae8f6eec4e9da38b67d05486f814a6"
+dependencies = [
+ "itoa",
+ "serde",
+]
+
+[[package]]
name = "serde_repr"
version = "0.1.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1289,6 +1865,18 @@
checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
[[package]]
+name = "simple_asn1"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "297f631f50729c8c99b84667867963997ec0b50f32b2a7dbcab828ef0541e8bb"
+dependencies = [
+ "num-bigint",
+ "num-traits",
+ "thiserror 2.0.11",
+ "time",
+]
+
+[[package]]
name = "slab"
version = "0.4.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1299,9 +1887,30 @@
[[package]]
name = "smallvec"
-version = "1.13.2"
+version = "1.14.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67"
+checksum = "7fcf8323ef1faaee30a44a340193b1ac6814fd9b7b4e88e9d4519a3e4abe1cfd"
+
+[[package]]
+name = "snafu"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "223891c85e2a29c3fe8fb900c1fae5e69c2e42415e3177752e8718475efa5019"
+dependencies = [
+ "snafu-derive",
+]
+
+[[package]]
+name = "snafu-derive"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03c3c6b7927ffe7ecaa769ee0e3994da3b8cafc8f444578982c83ecb161af917"
+dependencies = [
+ "heck",
+ "proc-macro2",
+ "quote",
+ "syn",
+]
[[package]]
name = "socket2"
@@ -1326,6 +1935,12 @@
checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
[[package]]
+name = "subtle"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
+
+[[package]]
name = "syn"
version = "2.0.98"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1337,6 +1952,15 @@
]
[[package]]
+name = "sync_wrapper"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263"
+dependencies = [
+ "futures-core",
+]
+
+[[package]]
name = "synstructure"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1348,6 +1972,27 @@
]
[[package]]
+name = "system-configuration"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
+dependencies = [
+ "bitflags",
+ "core-foundation 0.9.4",
+ "system-configuration-sys",
+]
+
+[[package]]
+name = "system-configuration-sys"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e1d1b10ced5ca923a1fcb8d03e96b8d3268065d724548c0211415ff6ac6bac4"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
+[[package]]
name = "tar"
version = "0.4.43"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1359,6 +2004,20 @@
]
[[package]]
+name = "tempfile"
+version = "3.17.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "22e5a0acb1f3f55f65cc4a866c361b2fb2a0ff6366785ae6fbb5f85df07ba230"
+dependencies = [
+ "cfg-if",
+ "fastrand",
+ "getrandom 0.3.1",
+ "once_cell",
+ "rustix",
+ "windows-sys 0.59.0",
+]
+
+[[package]]
name = "thiserror"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1467,6 +2126,26 @@
]
[[package]]
+name = "tokio-native-tls"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2"
+dependencies = [
+ "native-tls",
+ "tokio",
+]
+
+[[package]]
+name = "tokio-rustls"
+version = "0.26.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5f6d0975eaace0cf0fcadee4e4aaa5da15b5c079146f2cffb67c113be122bf37"
+dependencies = [
+ "rustls",
+ "tokio",
+]
+
+[[package]]
name = "tokio-util"
version = "0.7.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1480,6 +2159,48 @@
]
[[package]]
+name = "tower"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9"
+dependencies = [
+ "futures-core",
+ "futures-util",
+ "pin-project-lite",
+ "sync_wrapper",
+ "tokio",
+ "tokio-util",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
+[[package]]
+name = "tower-http"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "403fa3b783d4b626a8ad51d766ab03cb6d2dbfc46b1c5d4448395e6628dc9697"
+dependencies = [
+ "bitflags",
+ "bytes",
+ "futures-util",
+ "http",
+ "http-body",
+ "iri-string",
+ "pin-project-lite",
+ "tower",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
+[[package]]
+name = "tower-layer"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e"
+
+[[package]]
name = "tower-service"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1491,11 +2212,24 @@
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0"
dependencies = [
+ "log",
"pin-project-lite",
+ "tracing-attributes",
"tracing-core",
]
[[package]]
+name = "tracing-attributes"
+version = "0.1.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
name = "tracing-core"
version = "0.1.33"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1517,6 +2251,12 @@
checksum = "a210d160f08b701c8721ba1c726c11662f877ea6b7094007e1ca9a1041945034"
[[package]]
+name = "untrusted"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
+
+[[package]]
name = "url"
version = "2.5.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1525,6 +2265,7 @@
"form_urlencoded",
"idna",
"percent-encoding",
+ "serde",
]
[[package]]
@@ -1546,6 +2287,12 @@
checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821"
[[package]]
+name = "vcpkg"
+version = "0.2.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
+
+[[package]]
name = "want"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1561,6 +2308,15 @@
checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
+name = "wasi"
+version = "0.13.3+wasi-0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26816d2e1a4a36a2940b96c5296ce403917633dff8f3440e9b236ed6f6bacad2"
+dependencies = [
+ "wit-bindgen-rt",
+]
+
+[[package]]
name = "wasm-bindgen"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1587,6 +2343,19 @@
]
[[package]]
+name = "wasm-bindgen-futures"
+version = "0.4.50"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "555d470ec0bc3bb57890405e5d4322cc9ea83cebb085523ced7be4144dac1e61"
+dependencies = [
+ "cfg-if",
+ "js-sys",
+ "once_cell",
+ "wasm-bindgen",
+ "web-sys",
+]
+
+[[package]]
name = "wasm-bindgen-macro"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1619,6 +2388,27 @@
]
[[package]]
+name = "web-sys"
+version = "0.3.77"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "33b6dd2ef9186f1f2072e409e99cd22a975331a6b3591b12c764e0e55c60d5d2"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "web-time"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
+dependencies = [
+ "js-sys",
+ "serde",
+ "wasm-bindgen",
+]
+
+[[package]]
name = "winapi"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1650,6 +2440,36 @@
]
[[package]]
+name = "windows-registry"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e400001bb720a623c1c69032f8e3e4cf09984deec740f007dd2b03ec864804b0"
+dependencies = [
+ "windows-result",
+ "windows-strings",
+ "windows-targets",
+]
+
+[[package]]
+name = "windows-result"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d1043d8214f791817bab27572aaa8af63732e11bf84aa21a45a78d6c317ae0e"
+dependencies = [
+ "windows-targets",
+]
+
+[[package]]
+name = "windows-strings"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10"
+dependencies = [
+ "windows-result",
+ "windows-targets",
+]
+
+[[package]]
name = "windows-sys"
version = "0.52.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1732,6 +2552,15 @@
checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
[[package]]
+name = "wit-bindgen-rt"
+version = "0.33.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3268f3d866458b787f390cf61f4bbb563b922d091359f9608842999eaee3943c"
+dependencies = [
+ "bitflags",
+]
+
+[[package]]
name = "write16"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -1821,6 +2650,12 @@
]
[[package]]
+name = "zeroize"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde"
+
+[[package]]
name = "zerovec"
version = "0.10.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
diff --git a/Cargo.toml b/Cargo.toml
index 746bdd0..d874e76 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -7,4 +7,4 @@
tokio = { version = "1", features = ["macros", "rt-multi-thread"] }
[workspace]
-members = [ "crates/ovsinit","crates/passwd", "crates/rustainers"]
+members = [ "crates/*" ]
diff --git a/charts/patches/0001-fix-Use-more-standard-configs-for-staffeln-DBdropjob.patch b/charts/patches/0001-fix-Use-more-standard-configs-for-staffeln-DBdropjob.patch
deleted file mode 100644
index 1a491cf..0000000
--- a/charts/patches/0001-fix-Use-more-standard-configs-for-staffeln-DBdropjob.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From f74a254e87acaafb9493630cb8521fda145c6c5c Mon Sep 17 00:00:00 2001
-From: ricolin <rlin@vexxhost.com>
-Date: Wed, 8 Jan 2025 21:29:08 +0800
-Subject: [PATCH] fix: Use more standard configs for staffeln DB drop job
-
----
- charts/staffeln/templates/job-db-drop.yaml | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/charts/staffeln/templates/job-db-drop.yaml b/charts/staffeln/templates/job-db-drop.yaml
-index dffa5aba..519e0b31 100644
---- a/charts/staffeln/templates/job-db-drop.yaml
-+++ b/charts/staffeln/templates/job-db-drop.yaml
-@@ -13,11 +13,9 @@ limitations under the License.
- */}}
-
- {{- if .Values.manifests.job_db_drop }}
--{{- $serviceName := "staffeln" -}}
--{{- $dbToDrop := dict "adminSecret" .Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "DEFAULT" "configDbKey" "sql_connection" -}}
--{{- $dbDropJob := dict "envAll" . "serviceName" $serviceName "dbToDrop" $dbToDrop -}}
-+{{- $dbDropJob := dict "envAll" . "serviceName" "staffeln" -}}
- {{- if .Values.manifests.certificates -}}
--{{- $_ := set $dbToDrop "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
-+{{- $_ := set $dbDropJob "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
- {{- end -}}
- {{- if .Values.pod.tolerations.staffeln.enabled -}}
- {{- $_ := set $dbDropJob "tolerationsEnabled" true -}}
---
-2.25.1
-
diff --git a/charts/staffeln/charts/helm-toolkit/Chart.yaml b/charts/staffeln/charts/helm-toolkit/Chart.yaml
index e6aec81..d4c0ea2 100644
--- a/charts/staffeln/charts/helm-toolkit/Chart.yaml
+++ b/charts/staffeln/charts/helm-toolkit/Chart.yaml
@@ -9,4 +9,4 @@
sources:
- https://opendev.org/openstack/openstack-helm-infra
- https://opendev.org/openstack/openstack-helm
-version: 0.2.54
+version: 0.2.69
diff --git a/charts/staffeln/charts/helm-toolkit/requirements.lock b/charts/staffeln/charts/helm-toolkit/requirements.lock
new file mode 100644
index 0000000..e28bc5d
--- /dev/null
+++ b/charts/staffeln/charts/helm-toolkit/requirements.lock
@@ -0,0 +1,3 @@
+dependencies: []
+digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726
+generated: "0001-01-01T00:00:00Z"
diff --git a/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl b/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
index 12b84de..d7390d8 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
@@ -50,7 +50,7 @@
{{- $endpointScheme := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
{{- $userMap := index $context.Values.endpoints ( $type | replace "-" "_" ) "auth" $userclass }}
{{- $endpointUser := index $userMap "username" }}
-{{- $endpointPass := index $userMap "password" }}
+{{- $endpointPass := index $userMap "password" | urlquery }}
{{- $endpointHost := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
{{- $endpointPort := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- $endpointPath := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl b/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl
index b7cf287..b9ac9d9 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl
@@ -100,7 +100,7 @@
{{- $ssMap := index $context.Values.endpoints ( $type | replace "-" "_" ) "statefulset" | default false}}
{{- $hostFqdnOverride := index $context.Values.endpoints ( $type | replace "-" "_" ) "host_fqdn_override" }}
{{- $endpointUser := index $userMap "username" }}
-{{- $endpointPass := index $userMap "password" }}
+{{- $endpointPass := index $userMap "password" | urlquery }}
{{- $endpointHostSuffix := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
{{- $endpointPort := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- $local := dict "endpointCredsAndHosts" list -}}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_ingress.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_ingress.tpl
index 4c476b2..cacb4b8 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_ingress.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_ingress.tpl
@@ -59,7 +59,7 @@
default: 9311
public: 80
usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
+ {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "pathType" "Prefix" ) -}}
return: |
---
apiVersion: networking.k8s.io/v1
@@ -67,16 +67,16 @@
metadata:
name: barbican
annotations:
- kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx"
rules:
- host: barbican
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -86,7 +86,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -96,7 +96,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -108,10 +108,10 @@
metadata:
name: barbican-namespace-fqdn
annotations:
- kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx"
tls:
- secretName: barbican-tls-public
hosts:
@@ -121,7 +121,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -133,10 +133,10 @@
metadata:
name: barbican-cluster-fqdn
annotations:
- kubernetes.io/ingress.class: "nginx-cluster"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx-cluster"
tls:
- secretName: barbican-tls-public
hosts:
@@ -146,7 +146,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -194,7 +194,7 @@
default: 9311
public: 80
usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
+ {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "pathType" "Prefix" ) -}}
return: |
---
apiVersion: networking.k8s.io/v1
@@ -202,10 +202,10 @@
metadata:
name: barbican
annotations:
- kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx"
tls:
- secretName: barbican-tls-public
hosts:
@@ -217,7 +217,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -227,7 +227,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -237,7 +237,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -294,7 +294,7 @@
name: ca-issuer
kind: Issuer
usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer" ) -}}
+ {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer" "pathType" "Prefix" ) -}}
return: |
---
apiVersion: networking.k8s.io/v1
@@ -302,12 +302,12 @@
metadata:
name: barbican
annotations:
- kubernetes.io/ingress.class: "nginx"
cert-manager.io/issuer: ca-issuer
certmanager.k8s.io/issuer: ca-issuer
nginx.ingress.kubernetes.io/backend-protocol: https
nginx.ingress.kubernetes.io/secure-backends: "true"
spec:
+ ingressClassName: "nginx"
tls:
- secretName: barbican-tls-public-certmanager
hosts:
@@ -319,7 +319,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -329,7 +329,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -339,7 +339,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -396,7 +396,7 @@
name: ca-issuer
kind: ClusterIssuer
usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer") -}}
+ {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer" "pathType" "Prefix" ) -}}
return: |
---
apiVersion: networking.k8s.io/v1
@@ -404,12 +404,12 @@
metadata:
name: barbican
annotations:
- kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: ca-issuer
certmanager.k8s.io/cluster-issuer: ca-issuer
nginx.ingress.kubernetes.io/backend-protocol: https
nginx.ingress.kubernetes.io/secure-backends: "true"
spec:
+ ingressClassName: "nginx"
tls:
- secretName: barbican-tls-public-certmanager
hosts:
@@ -421,7 +421,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -431,7 +431,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -441,7 +441,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: barbican-api
@@ -479,7 +479,7 @@
grafana:
public: grafana-tls-public
usage: |
- {{- $ingressOpts := dict "envAll" . "backendService" "grafana" "backendServiceType" "grafana" "backendPort" "dashboard" -}}
+ {{- $ingressOpts := dict "envAll" . "backendService" "grafana" "backendServiceType" "grafana" "backendPort" "dashboard" "pathType" "Prefix" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
return: |
---
@@ -488,16 +488,16 @@
metadata:
name: grafana
annotations:
- kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx"
rules:
- host: grafana
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -507,7 +507,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -517,7 +517,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -529,10 +529,10 @@
metadata:
name: grafana-namespace-fqdn
annotations:
- kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx"
tls:
- secretName: grafana-tls-public
hosts:
@@ -543,7 +543,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -553,7 +553,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -565,10 +565,10 @@
metadata:
name: grafana-cluster-fqdn
annotations:
- kubernetes.io/ingress.class: "nginx-cluster"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
+ ingressClassName: "nginx-cluster"
tls:
- secretName: grafana-tls-public
hosts:
@@ -579,7 +579,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -589,7 +589,7 @@
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: Prefix
backend:
service:
name: grafana-dashboard
@@ -602,11 +602,12 @@
{{- $vHost := index . "vHost" -}}
{{- $backendName := index . "backendName" -}}
{{- $backendPort := index . "backendPort" -}}
+{{- $pathType := index . "pathType" -}}
- host: {{ $vHost }}
http:
paths:
- path: /
- pathType: ImplementationSpecific
+ pathType: {{ $pathType }}
backend:
service:
name: {{ $backendName }}
@@ -624,6 +625,7 @@
{{- $backendServiceType := index . "backendServiceType" -}}
{{- $backendPort := index . "backendPort" -}}
{{- $endpoint := index . "endpoint" | default "public" -}}
+{{- $pathType := index . "pathType" | default "Prefix" -}}
{{- $certIssuer := index . "certIssuer" | default "" -}}
{{- $ingressName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $backendName := tuple $backendServiceType "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
@@ -639,7 +641,6 @@
metadata:
name: {{ $ingressName }}
annotations:
- kubernetes.io/ingress.class: {{ index $envAll.Values.network $backendService "ingress" "classes" "namespace" | quote }}
{{- if $certIssuer }}
cert-manager.io/{{ $certIssuerType }}: {{ $certIssuer }}
certmanager.k8s.io/{{ $certIssuerType }}: {{ $certIssuer }}
@@ -650,6 +651,7 @@
{{- end }}
{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
spec:
+ ingressClassName: {{ index $envAll.Values.network $backendService "ingress" "classes" "namespace" | quote }}
{{- $host := index $envAll.Values.endpoints ( $backendServiceType | replace "-" "_" ) "hosts" }}
{{- if $certIssuer }}
{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
@@ -681,7 +683,7 @@
{{- end }}
rules:
{{- range $key1, $vHost := tuple $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) }}
-{{- $hostRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort }}
+{{- $hostRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort "pathType" $pathType }}
{{ $hostRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
{{- end }}
{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
@@ -695,9 +697,9 @@
metadata:
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
annotations:
- kubernetes.io/ingress.class: {{ index $envAll.Values.network $backendService "ingress" "classes" $ingressController | quote }}
{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
spec:
+ ingressClassName: {{ index $envAll.Values.network $backendService "ingress" "classes" $ingressController | quote }}
{{- $host := index $envAll.Values.endpoints ( $backendServiceType | replace "-" "_" ) "host_fqdn_override" }}
{{- if hasKey $host $endpoint }}
{{- $endpointHost := index $host $endpoint }}
@@ -719,7 +721,7 @@
{{- end }}
rules:
{{- range $vHost := $vHosts }}
-{{- $hostNameFullRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort }}
+{{- $hostNameFullRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort "pathType" $pathType }}
{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
{{- end }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl
index 5d98c8b..6b77004 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl
@@ -51,6 +51,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
index 62ed119..2b7ff2c 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
@@ -54,6 +54,7 @@
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": hook-succeeded
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
index 745e8da..b8a1dce 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
@@ -52,6 +52,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
index 24d2496..4696c88 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
@@ -49,6 +49,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
index 3a7df7f..d69c9e6 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
@@ -52,6 +52,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl
index a109e3c..9604c63 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl
@@ -52,6 +52,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
index 905eb71..58dcdc5 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
@@ -74,6 +74,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
index 6982064..2cfadaf 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
@@ -42,6 +42,7 @@
{{ toYaml $jobLabels | indent 4 }}
{{- end }}
annotations:
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
index 29cb993..b5fdc09 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
@@ -49,6 +49,7 @@
{{- end }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
index 50d9af5..77d1a71 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
@@ -47,6 +47,7 @@
annotations:
"helm.sh/hook-delete-policy": before-hook-creation
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
{{- if $jobAnnotations }}
{{ toYaml $jobAnnotations | indent 4 }}
{{- end }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl
index 4854bb1..7ad505b 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl
@@ -17,6 +17,11 @@
Creates a manifest for a authenticating a registry with a secret
examples:
- values: |
+ annotations:
+ secret:
+ oci_image_registry:
+ {{ $serviceName }}:
+ custom.tld/key: "value"
secrets:
oci_image_registry:
{{ $serviceName }}: {{ $keyName }}
@@ -36,30 +41,8 @@
kind: Secret
metadata:
name: {{ $secretName }}
- type: kubernetes.io/dockerconfigjson
- data:
- dockerconfigjson: {{ $dockerAuth }}
-
- - values: |
- secrets:
- oci_image_registry:
- {{ $serviceName }}: {{ $keyName }}
- endpoints:
- oci_image_registry:
- name: oci-image-registry
- auth:
- enabled: true
- {{ $serviceName }}:
- name: {{ $userName }}
- password: {{ $password }}
- usage: |
- {{- include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) -}}
- return: |
- ---
- apiVersion: v1
- kind: Secret
- metadata:
- name: {{ $secretName }}
+ annotations:
+ custom.tld/key: "value"
type: kubernetes.io/dockerconfigjson
data:
dockerconfigjson: {{ $dockerAuth }}
@@ -87,6 +70,8 @@
kind: Secret
metadata:
name: {{ $secretName }}
+ annotations:
+{{ tuple "oci_image_registry" $registryUser $envAll | include "helm-toolkit.snippets.custom_secret_annotations" | indent 4 }}
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ $dockerAuth }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
index 24a7045..c800340 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
@@ -17,6 +17,11 @@
Creates a manifest for a services public tls secret
examples:
- values: |
+ annotations:
+ secret:
+ tls:
+ key_manager_api_public:
+ custom.tld/key: "value"
secrets:
tls:
key_manager:
@@ -41,6 +46,8 @@
kind: Secret
metadata:
name: barbican-tls-public
+ annotations:
+ custom.tld/key: "value"
type: kubernetes.io/tls
data:
tls.key: Rk9PLUtFWQo=
@@ -88,11 +95,15 @@
{{- if kindIs "map" $endpointHost }}
{{- if hasKey $endpointHost "tls" }}
{{- if and $endpointHost.tls.key $endpointHost.tls.crt }}
+
+{{- $customAnnotationKey := printf "%s_%s_%s" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ index $envAll.Values.secrets.tls ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
+ annotations:
+{{ tuple "tls" $customAnnotationKey $envAll | include "helm-toolkit.snippets.custom_secret_annotations" | indent 4 }}
type: kubernetes.io/tls
data:
tls.key: {{ $endpointHost.tls.key | b64enc }}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl b/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl
index 03884fa..c6a7521 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl
@@ -33,6 +33,7 @@
PARSER_OPTS = {"strict": False}
import logging
from sqlalchemy import create_engine
+from sqlalchemy import text
# Create logger, console handler and formatter
logger = logging.getLogger('OpenStack-Helm DB Drop')
@@ -124,7 +125,12 @@
# Delete DB
try:
- root_engine.execute("DROP DATABASE IF EXISTS {0}".format(database))
+ with root_engine.connect() as connection:
+ connection.execute(text("DROP DATABASE IF EXISTS {0}".format(database)))
+ try:
+ connection.commit()
+ except AttributeError:
+ pass
logger.info("Deleted database {0}".format(database))
except:
logger.critical("Could not drop database {0}".format(database))
@@ -132,7 +138,12 @@
# Delete DB User
try:
- root_engine.execute("DROP USER IF EXISTS {0}".format(user))
+ with root_engine.connect() as connection:
+ connection.execute(text("DROP USER IF EXISTS {0}".format(user)))
+ try:
+ connection.commit()
+ except AttributeError:
+ pass
logger.info("Deleted user {0}".format(user))
except:
logger.critical("Could not delete user {0}".format(user))
diff --git a/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-init.py.tpl b/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-init.py.tpl
index 6027b95..1917f78 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-init.py.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/scripts/_db-init.py.tpl
@@ -33,6 +33,7 @@
PARSER_OPTS = {"strict": False}
import logging
from sqlalchemy import create_engine
+from sqlalchemy import text
# Create logger, console handler and formatter
logger = logging.getLogger('OpenStack-Helm DB Init')
@@ -124,7 +125,12 @@
# Create DB
try:
- root_engine.execute("CREATE DATABASE IF NOT EXISTS {0}".format(database))
+ with root_engine.connect() as connection:
+ connection.execute(text("CREATE DATABASE IF NOT EXISTS {0}".format(database)))
+ try:
+ connection.commit()
+ except AttributeError:
+ pass
logger.info("Created database {0}".format(database))
except:
logger.critical("Could not create database {0}".format(database))
@@ -132,11 +138,16 @@
# Create DB User
try:
- root_engine.execute(
- "CREATE USER IF NOT EXISTS \'{0}\'@\'%%\' IDENTIFIED BY \'{1}\' {2}".format(
- user, password, mysql_x509))
- root_engine.execute(
- "GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\'".format(database, user))
+ with root_engine.connect() as connection:
+ connection.execute(
+ text("CREATE USER IF NOT EXISTS \'{0}\'@\'%%\' IDENTIFIED BY \'{1}\' {2}".format(
+ user, password, mysql_x509)))
+ connection.execute(
+ text("GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\'".format(database, user)))
+ try:
+ connection.commit()
+ except AttributeError:
+ pass
logger.info("Created user {0} for {1}".format(user, database))
except:
logger.critical("Could not create user {0} for {1}".format(user, database))
diff --git a/charts/staffeln/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl b/charts/staffeln/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
index 3963bd4..695cb2e 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
@@ -49,6 +49,13 @@
# A random number between min and max delay is generated
# to set the delay.
#
+# RGW backup throttle limits variables:
+# export THROTTLE_BACKUPS_ENABLED Boolean variableto control backup functionality
+# export THROTTLE_LIMIT Number of simultaneous RGW upload sessions
+# export THROTTLE_LOCK_EXPIRE_AFTER Time in seconds to expire flag file is orphaned
+# export THROTTLE_RETRY_AFTER Time in seconds to wait before retry
+# export THROTTLE_CONTAINER_NAME Name of RGW container to place flag falies into
+#
# The database-specific functions that need to be implemented are:
# dump_databases_to_directory <directory> <err_logfile> [scope]
# where:
@@ -84,8 +91,10 @@
# specified by the "LOCAL_DAYS_TO_KEEP" variable.
# 4) Removing remote backup tarballs (from the remote gateway) which are older
# than the number of days specified by the "REMOTE_DAYS_TO_KEEP" variable.
+# 5) Controlling remote storage gateway load from client side and throttling it
+# by using a dedicated RGW container to store flag files defining upload session
+# in progress
#
-
# Note: not using set -e in this script because more elaborate error handling
# is needed.
@@ -95,7 +104,7 @@
log ERROR "${DB_NAME}_backup" "${DB_NAMESPACE} namespace: ${MSG}"
rm -f $ERR_LOG_FILE
rm -rf $TMP_DIR
- exit $ERRCODE
+ exit 0
}
log_verify_backup_exit() {
@@ -104,7 +113,7 @@
log ERROR "${DB_NAME}_verify_backup" "${DB_NAMESPACE} namespace: ${MSG}"
rm -f $ERR_LOG_FILE
# rm -rf $TMP_DIR
- exit $ERRCODE
+ exit 0
}
@@ -218,6 +227,113 @@
echo "Sleeping for ${DELAY} seconds to spread the load in time..."
sleep ${DELAY}
+ #---------------------------------------------------------------------------
+ # Remote backup throttling
+ export THROTTLE_BACKUPS_ENABLED=$(echo $THROTTLE_BACKUPS_ENABLED | sed 's/"//g')
+ if $THROTTLE_BACKUPS_ENABLED; then
+ # Remove Quotes from the constants which were added due to reading
+ # from secret.
+ export THROTTLE_LIMIT=$(echo $THROTTLE_LIMIT | sed 's/"//g')
+ export THROTTLE_LOCK_EXPIRE_AFTER=$(echo $THROTTLE_LOCK_EXPIRE_AFTER | sed 's/"//g')
+ export THROTTLE_RETRY_AFTER=$(echo $THROTTLE_RETRY_AFTER | sed 's/"//g')
+ export THROTTLE_CONTAINER_NAME=$(echo $THROTTLE_CONTAINER_NAME | sed 's/"//g')
+
+ # load balance delay
+ RESULT=$(openstack container list 2>&1)
+
+ if [[ $? -eq 0 ]]; then
+ echo $RESULT | grep $THROTTLE_CONTAINER_NAME
+ if [[ $? -ne 0 ]]; then
+ # Find the swift URL from the keystone endpoint list
+ SWIFT_URL=$(openstack catalog show object-store -c endpoints | grep public | awk '{print $4}')
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Unable to get object-store enpoints from keystone catalog."
+ return 2
+ fi
+
+ # Get a token from keystone
+ TOKEN=$(openstack token issue -f value -c id)
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Unable to get keystone token."
+ return 2
+ fi
+
+ # Create the container
+ RES_FILE=$(mktemp -p /tmp)
+ curl -g -i -X PUT ${SWIFT_URL}/${THROTTLE_CONTAINER_NAME} \
+ -H "X-Auth-Token: ${TOKEN}" \
+ -H "X-Storage-Policy: ${STORAGE_POLICY}" 2>&1 > $RES_FILE
+
+ if [[ $? -ne 0 || $(grep "HTTP" $RES_FILE | awk '{print $2}') -ge 400 ]]; then
+ log WARN "${DB_NAME}_backup" "Unable to create container ${THROTTLE_CONTAINER_NAME}"
+ cat $RES_FILE
+ rm -f $RES_FILE
+ return 2
+ fi
+ rm -f $RES_FILE
+
+ swift stat $THROTTLE_CONTAINER_NAME
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Unable to retrieve container ${THROTTLE_CONTAINER_NAME} details after creation."
+ return 2
+ fi
+ fi
+ else
+ echo $RESULT | grep -E "HTTP 401|HTTP 403"
+ if [[ $? -eq 0 ]]; then
+ log ERROR "${DB_NAME}_backup" "Access denied by keystone: ${RESULT}"
+ return 1
+ else
+ echo $RESULT | grep -E "ConnectionError|Failed to discover available identity versions|Service Unavailable|HTTP 50"
+ if [[ $? -eq 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Could not reach the RGW: ${RESULT}"
+ # In this case, keystone or the site/node may be temporarily down.
+ # Return slightly different error code so the calling code can retry
+ return 2
+ else
+ log ERROR "${DB_NAME}_backup" "Could not get container list: ${RESULT}"
+ return 1
+ fi
+ fi
+ fi
+
+ NUMBER_OF_SESSIONS=$(openstack object list $THROTTLE_CONTAINER_NAME -f value | wc -l)
+ log INFO "${DB_NAME}_backup" "There are ${NUMBER_OF_SESSIONS} remote sessions right now."
+ while [[ ${NUMBER_OF_SESSIONS} -ge ${THROTTLE_LIMIT} ]]
+ do
+ log INFO "${DB_NAME}_backup" "Current number of active uploads is ${NUMBER_OF_SESSIONS}>=${THROTTLE_LIMIT}!"
+ log INFO "${DB_NAME}_backup" "Retrying in ${THROTTLE_RETRY_AFTER} seconds...."
+ sleep ${THROTTLE_RETRY_AFTER}
+ NUMBER_OF_SESSIONS=$(openstack object list $THROTTLE_CONTAINER_NAME -f value | wc -l)
+ log INFO "${DB_NAME}_backup" "There are ${NUMBER_OF_SESSIONS} remote sessions right now."
+ done
+
+ # Create a lock file in THROTTLE_CONTAINER
+ THROTTLE_FILEPATH=$(mktemp -d)
+ THROTTLE_FILE=${CONTAINER_NAME}.lock
+ date +%s > $THROTTLE_FILEPATH/$THROTTLE_FILE
+
+ # Create an object to store the file
+ openstack object create --name $THROTTLE_FILE $THROTTLE_CONTAINER_NAME $THROTTLE_FILEPATH/$THROTTLE_FILE
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Cannot create throttle container object ${THROTTLE_FILE}!"
+ return 2
+ fi
+
+ swift post $THROTTLE_CONTAINER_NAME $THROTTLE_FILE -H "X-Delete-After:${THROTTLE_LOCK_EXPIRE_AFTER}"
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Cannot set throttle container object ${THROTTLE_FILE} expiration header!"
+ return 2
+ fi
+ openstack object show $THROTTLE_CONTAINER_NAME $THROTTLE_FILE
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Unable to retrieve throttle container object $THROTTLE_FILE after creation."
+ return 2
+ fi
+ fi
+
+ #---------------------------------------------------------------------------
+
# Create an object to store the file
openstack object create --name $FILE $CONTAINER_NAME $FILEPATH/$FILE
if [[ $? -ne 0 ]]; then
@@ -243,7 +359,25 @@
log ERROR "${DB_NAME}_backup" "Mismatch between the local backup & remote backup MD5 hash values"
return 2
fi
- rm -rf ${REMOTE_FILE}
+ rm -f ${REMOTE_FILE}
+
+ #---------------------------------------------------------------------------
+ # Remote backup throttling
+ export THROTTLE_BACKUPS_ENABLED=$(echo $THROTTLE_BACKUPS_ENABLED | sed 's/"//g')
+ if $THROTTLE_BACKUPS_ENABLED; then
+ # Remove flag file
+ # Delete an object to remove the flag file
+ openstack object delete $THROTTLE_CONTAINER_NAME $THROTTLE_FILE
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Cannot delete throttle container object ${THROTTLE_FILE}"
+ return 0
+ else
+ log INFO "${DB_NAME}_backup" "The throttle container object ${THROTTLE_FILE} has been successfully removed."
+ fi
+ rm -f ${THROTTLE_FILEPATH}/${THROTTLE_FILE}
+ fi
+
+ #---------------------------------------------------------------------------
log INFO "${DB_NAME}_backup" "Created file $FILE in container $CONTAINER_NAME successfully."
return 0
diff --git a/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_job_annotations.tpl b/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_job_annotations.tpl
new file mode 100644
index 0000000..fc42614
--- /dev/null
+++ b/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_job_annotations.tpl
@@ -0,0 +1,76 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{/*
+abstract: |
+ Adds custom annotations to the job spec of a component.
+examples:
+ - values: |
+ annotations:
+ job:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ keystone_domain_manage:
+ another.tld/foo: "bar"
+ usage: |
+ {{ tuple "keystone_domain_manage" . | include "helm-toolkit.snippets.custom_job_annotations" }}
+ return: |
+ another.tld/foo: bar
+ - values: |
+ annotations:
+ job:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ keystone_domain_manage:
+ another.tld/foo: "bar"
+ usage: |
+ {{ tuple "keystone_bootstrap" . | include "helm-toolkit.snippets.custom_job_annotations" }}
+ return: |
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ - values: |
+ annotations:
+ job:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ keystone_domain_manage:
+ another.tld/foo: "bar"
+ keystone_bootstrap:
+ usage: |
+ {{ tuple "keystone_bootstrap" . | include "helm-toolkit.snippets.custom_job_annotations" }}
+ return: |
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+*/}}
+
+{{- define "helm-toolkit.snippets.custom_job_annotations" -}}
+{{- $envAll := index . 1 -}}
+{{- $component := index . 0 | replace "-" "_" -}}
+{{- if (hasKey $envAll.Values "annotations") -}}
+{{- if (hasKey $envAll.Values.annotations "job") -}}
+{{- $annotationsMap := $envAll.Values.annotations.job -}}
+{{- $defaultAnnotations := dict -}}
+{{- if (hasKey $annotationsMap "default" ) -}}
+{{- $defaultAnnotations = $annotationsMap.default -}}
+{{- end -}}
+{{- $annotations := index $annotationsMap $component | default $defaultAnnotations -}}
+{{- if (not (empty $annotations)) -}}
+{{- toYaml $annotations -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_pod_annotations.tpl b/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_pod_annotations.tpl
new file mode 100644
index 0000000..ecff6e9
--- /dev/null
+++ b/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_pod_annotations.tpl
@@ -0,0 +1,76 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{/*
+abstract: |
+ Adds custom annotations to the pod spec of a component.
+examples:
+ - values: |
+ annotations:
+ pod:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ nova_compute:
+ another.tld/foo: "bar"
+ usage: |
+ {{ tuple "nova_compute" . | include "helm-toolkit.snippets.custom_pod_annotations" }}
+ return: |
+ another.tld/foo: bar
+ - values: |
+ annotations:
+ pod:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ nova_compute:
+ another.tld/foo: "bar"
+ usage: |
+ {{ tuple "nova_api" . | include "helm-toolkit.snippets.custom_pod_annotations" }}
+ return: |
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ - values: |
+ annotations:
+ pod:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ nova_compute:
+ another.tld/foo: "bar"
+ nova_api:
+ usage: |
+ {{ tuple "nova_api" . | include "helm-toolkit.snippets.custom_pod_annotations" }}
+ return: |
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+*/}}
+
+{{- define "helm-toolkit.snippets.custom_pod_annotations" -}}
+{{- $component := index . 0 -}}
+{{- $envAll := index . 1 -}}
+{{- if (hasKey $envAll.Values "annotations") -}}
+{{- if (hasKey $envAll.Values.annotations "pod") -}}
+{{- $annotationsMap := $envAll.Values.annotations.pod -}}
+{{- $defaultAnnotations := dict -}}
+{{- if (hasKey $annotationsMap "default" ) -}}
+{{- $defaultAnnotations = $annotationsMap.default -}}
+{{- end -}}
+{{- $annotations := index $annotationsMap $component | default $defaultAnnotations -}}
+{{- if (not (empty $annotations)) -}}
+{{- toYaml $annotations -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_secret_annotations.tpl b/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_secret_annotations.tpl
new file mode 100644
index 0000000..19c4380
--- /dev/null
+++ b/charts/staffeln/charts/helm-toolkit/templates/snippets/_custom_secret_annotations.tpl
@@ -0,0 +1,81 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{/*
+abstract: |
+ Adds custom annotations to the secret spec of a component.
+examples:
+ - values: |
+ annotations:
+ secret:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ identity:
+ admin:
+ another.tld/foo: "bar"
+ usage: |
+ {{ tuple "identity" "admin" . | include "helm-toolkit.snippets.custom_secret_annotations" }}
+ return: |
+ another.tld/foo: bar
+ - values: |
+ annotations:
+ secret:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ identity:
+ admin:
+ another.tld/foo: "bar"
+ usage: |
+ {{ tuple "oslo_db" "admin" . | include "helm-toolkit.snippets.custom_secret_annotations" }}
+ return: |
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ - values: |
+ annotations:
+ secret:
+ default:
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+ identity:
+ admin:
+ another.tld/foo: "bar"
+ oslo_db:
+ admin:
+ usage: |
+ {{ tuple "oslo_db" "admin" . | include "helm-toolkit.snippets.custom_secret_annotations" }}
+ return: |
+ custom.tld/key: "value"
+ custom.tld/key2: "value2"
+*/}}
+
+{{- define "helm-toolkit.snippets.custom_secret_annotations" -}}
+{{- $secretType := index . 0 -}}
+{{- $userClass := index . 1 | replace "-" "_" -}}
+{{- $envAll := index . 2 -}}
+{{- if (hasKey $envAll.Values "annotations") -}}
+{{- if (hasKey $envAll.Values.annotations "secret") -}}
+{{- $annotationsMap := index $envAll.Values.annotations.secret $secretType | default dict -}}
+{{- $defaultAnnotations := dict -}}
+{{- if (hasKey $envAll.Values.annotations.secret "default" ) -}}
+{{- $defaultAnnotations = $envAll.Values.annotations.secret.default -}}
+{{- end -}}
+{{- $annotations := index $annotationsMap $userClass | default $defaultAnnotations -}}
+{{- if (not (empty $annotations)) -}}
+{{- toYaml $annotations -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/staffeln/charts/helm-toolkit/templates/snippets/_image.tpl b/charts/staffeln/charts/helm-toolkit/templates/snippets/_image.tpl
index 029c93d..678b844 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/snippets/_image.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/snippets/_image.tpl
@@ -19,7 +19,7 @@
images:
tags:
test_image: docker.io/port/test:version-foo
- image_foo: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
+ image_foo: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
pull_policy: IfNotPresent
local_registry:
active: true
diff --git a/charts/staffeln/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl b/charts/staffeln/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl
index bed712e..ad628da 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl
@@ -19,7 +19,7 @@
values: |
images:
tags:
- dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
+ dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
pull_policy: IfNotPresent
local_registry:
active: true
@@ -76,7 +76,7 @@
{{ tuple . "calico_node" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" }}
return: |
- name: init
- image: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
+ image: "quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal"
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
diff --git a/charts/staffeln/charts/helm-toolkit/templates/snippets/_rgw_s3_bucket_user_env_vars_rook.tpl b/charts/staffeln/charts/helm-toolkit/templates/snippets/_rgw_s3_bucket_user_env_vars_rook.tpl
new file mode 100644
index 0000000..08521e0
--- /dev/null
+++ b/charts/staffeln/charts/helm-toolkit/templates/snippets/_rgw_s3_bucket_user_env_vars_rook.tpl
@@ -0,0 +1,28 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- define "helm-toolkit.snippets.rgw_s3_bucket_user_env_vars_rook" }}
+{{- range $s3Bucket := .Values.storage.s3.buckets }}
+- name: {{ printf "%s_S3_ACCESS_KEY" ($s3Bucket.client | replace "-" "_" | upper) }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ $s3Bucket.name }}
+ key: AWS_ACCESS_KEY_ID
+- name: {{ printf "%s_S3_SECRET_KEY" ($s3Bucket.client | replace "-" "_" | upper) }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ $s3Bucket.name }}
+ key: AWS_SECRET_ACCESS_KEY
+{{- end }}
+{{- end }}
diff --git a/crates/imagebumper/Cargo.toml b/crates/imagebumper/Cargo.toml
new file mode 100644
index 0000000..b8af954
--- /dev/null
+++ b/crates/imagebumper/Cargo.toml
@@ -0,0 +1,17 @@
+[package]
+name = "imagebumper"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+async-trait = "0.1.86"
+clap = { version = "4.5.29", features = ["derive"] }
+env_logger = { version = "0.11.6", features = ["unstable-kv"] }
+gitea-sdk = "0.5.0"
+log = { version = "0.4.25", features = ["kv"] }
+octocrab = "0.43.0"
+regex = "1.11.1"
+reqwest = { version = "0.12.12", features = ["json", "native-tls-vendored"] }
+serde_json = "1.0.138"
+tokio = { version = "1.43.0", features = ["fs", "macros", "rt-multi-thread"] }
+url = "2.5.4"
diff --git a/crates/imagebumper/src/clients/github.rs b/crates/imagebumper/src/clients/github.rs
new file mode 100644
index 0000000..b8ac5f3
--- /dev/null
+++ b/crates/imagebumper/src/clients/github.rs
@@ -0,0 +1,36 @@
+use crate::RepositoryClient;
+use async_trait::async_trait;
+use octocrab::Octocrab;
+use std::error::Error;
+use std::sync::Arc;
+
+pub struct Client {
+ client: Arc<Octocrab>,
+}
+
+impl Client {
+ pub fn new() -> Self {
+ Client {
+ client: octocrab::instance(),
+ }
+ }
+}
+
+#[async_trait]
+impl RepositoryClient for Client {
+ async fn get_latest_commit(
+ &self,
+ repository: &crate::repository::Repository,
+ branch: &str,
+ ) -> Result<String, Box<dyn Error>> {
+ let commits = self
+ .client
+ .repos(repository.owner.clone(), repository.name.clone())
+ .list_commits()
+ .branch(branch)
+ .send()
+ .await?;
+
+ Ok(commits.items[0].sha.clone())
+ }
+}
diff --git a/crates/imagebumper/src/clients/mod.rs b/crates/imagebumper/src/clients/mod.rs
new file mode 100644
index 0000000..8c2bfde
--- /dev/null
+++ b/crates/imagebumper/src/clients/mod.rs
@@ -0,0 +1,19 @@
+pub mod github;
+pub mod opendev;
+
+use crate::clients::github::Client as GitHubClient;
+use crate::clients::opendev::Client as OpenDevClient;
+
+pub struct ClientSet {
+ pub github: GitHubClient,
+ pub opendev: OpenDevClient,
+}
+
+impl ClientSet {
+ pub fn new() -> Self {
+ ClientSet {
+ github: GitHubClient::new(),
+ opendev: OpenDevClient::new(),
+ }
+ }
+}
diff --git a/crates/imagebumper/src/clients/opendev.rs b/crates/imagebumper/src/clients/opendev.rs
new file mode 100644
index 0000000..252ed60
--- /dev/null
+++ b/crates/imagebumper/src/clients/opendev.rs
@@ -0,0 +1,35 @@
+use crate::RepositoryClient;
+use async_trait::async_trait;
+use gitea_sdk::Auth;
+use gitea_sdk::Client as GiteaClient;
+use std::error::Error;
+
+pub struct Client {
+ client: GiteaClient,
+}
+
+impl Client {
+ pub fn new() -> Self {
+ Client {
+ client: GiteaClient::new("https://opendev.org", Auth::None::<String>),
+ }
+ }
+}
+
+#[async_trait]
+impl RepositoryClient for Client {
+ async fn get_latest_commit(
+ &self,
+ repository: &crate::repository::Repository,
+ branch: &str,
+ ) -> Result<String, Box<dyn Error>> {
+ let branch_info = self
+ .client
+ .repos(repository.owner.clone(), repository.name.clone())
+ .get_branch(branch)
+ .send(&self.client)
+ .await?;
+
+ Ok(branch_info.commit.id)
+ }
+}
diff --git a/crates/imagebumper/src/lib.rs b/crates/imagebumper/src/lib.rs
new file mode 100644
index 0000000..6142e02
--- /dev/null
+++ b/crates/imagebumper/src/lib.rs
@@ -0,0 +1,15 @@
+pub mod repository;
+pub mod clients;
+
+use async_trait::async_trait;
+use std::any::Any;
+use std::error::Error;
+
+#[async_trait]
+pub trait RepositoryClient: Any + Send + Sync {
+ async fn get_latest_commit(
+ &self,
+ repository: &crate::repository::Repository,
+ branch: &str,
+ ) -> Result<String, Box<dyn Error>>;
+}
diff --git a/crates/imagebumper/src/main.rs b/crates/imagebumper/src/main.rs
new file mode 100644
index 0000000..9958331
--- /dev/null
+++ b/crates/imagebumper/src/main.rs
@@ -0,0 +1,176 @@
+use clap::Parser;
+use imagebumper::clients::ClientSet;
+use imagebumper::repository::Repository;
+use log::error;
+use log::{info, warn};
+use regex::Regex;
+use std::collections::HashMap;
+use std::path::{Path, PathBuf};
+use tokio::fs;
+use tokio::io::AsyncWriteExt;
+
+#[derive(Parser, Debug)]
+#[clap(author, version, about)]
+struct Args {
+ #[clap(short, long)]
+ branch: String,
+
+ #[clap(required = true)]
+ files: Vec<PathBuf>,
+}
+
+fn get_repo_map(clientset: &ClientSet) -> HashMap<&'static str, Repository> {
+ let mut map = HashMap::new();
+
+ map.insert(
+ "BARBICAN_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/barbican.git").unwrap(),
+ );
+ map.insert(
+ "CINDER_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/cinder.git").unwrap(),
+ );
+ map.insert(
+ "DESIGNATE_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/designate.git").unwrap(),
+ );
+ map.insert(
+ "GLANCE_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/glance.git").unwrap(),
+ );
+ map.insert(
+ "HEAT_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/heat.git").unwrap(),
+ );
+ map.insert(
+ "HORIZON_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/horizon.git").unwrap(),
+ );
+ map.insert(
+ "IRONIC_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/ironic.git").unwrap(),
+ );
+ map.insert(
+ "KEYSTONE_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/keystone.git").unwrap(),
+ );
+ map.insert(
+ "KUBERNETES_ENTRYPOINT_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/airship/kubernetes-entrypoint").unwrap(),
+ );
+ map.insert(
+ "MAGNUM_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/magnum.git").unwrap(),
+ );
+ map.insert(
+ "MANILA_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/manila.git").unwrap(),
+ );
+ map.insert(
+ "NETOFFLOAD_GIT_REF",
+ Repository::from_url(clientset, "https://github.com/vexxhost/netoffload.git").unwrap(),
+ );
+ map.insert(
+ "NEUTRON_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/neutron.git").unwrap(),
+ );
+ map.insert(
+ "NEUTRON_VPNAAS_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/neutron-vpnaas.git").unwrap(),
+ );
+ map.insert(
+ "NETWORKING_BAREMETAL_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/networking-baremetal.git").unwrap(),
+ );
+ map.insert(
+ "POLICY_SERVER_GIT_REF",
+ Repository::from_url(clientset, "https://github.com/vexxhost/neutron-policy-server.git").unwrap(),
+ );
+ map.insert(
+ "LOG_PASER_GIT_REF",
+ Repository::from_url(clientset, "https://github.com/vexxhost/neutron-ovn-network-logging-parser.git")
+ .unwrap(),
+ );
+ map.insert(
+ "NOVA_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/nova.git").unwrap(),
+ );
+ map.insert(
+ "SCHEDULER_FILTERS_GIT_REF",
+ Repository::from_url(clientset, "https://github.com/vexxhost/nova-scheduler-filters.git").unwrap(),
+ );
+ map.insert(
+ "OCTAVIA_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/octavia.git").unwrap(),
+ );
+ map.insert(
+ "REQUIREMENTS_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/requirements.git").unwrap(),
+ );
+ map.insert(
+ "PLACEMENT_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/placement.git").unwrap(),
+ );
+ map.insert(
+ "STAFFELN_GIT_REF",
+ Repository::from_url(clientset, "https://github.com/vexxhost/staffeln.git").unwrap(),
+ );
+ map.insert(
+ "TEMPEST_GIT_REF",
+ Repository::from_url(clientset, "https://opendev.org/openstack/tempest.git").unwrap(),
+ );
+
+ map
+}
+
+async fn update_dockerfile(clientset: &ClientSet, path: &Path, branch: &str) -> Result<(), Box<dyn std::error::Error>> {
+ let content = fs::read_to_string(path).await?;
+ let re = Regex::new(r"(ARG\s+(\w+_GIT_REF)=)(\S+)")?;
+ let mut new_content = content.clone();
+
+ for cap in re.captures_iter(&content) {
+ let arg_name = cap.get(2).unwrap().as_str();
+ if let Some(repo) = get_repo_map(clientset).get(arg_name) {
+ let new_git_ref = match repo.get_latest_commit(branch).await {
+ Ok(commit) => commit,
+ Err(e) => {
+ error!(arg = arg_name, error = e.to_string().as_str().trim(); "Failed to get latest commit");
+ continue;
+ }
+ };
+
+ new_content = new_content.replace(
+ &format!("{}{}", &cap[1], &cap[3]),
+ &format!("{}{}", &cap[1], new_git_ref),
+ );
+
+ info!(arg = arg_name, path = path.to_str(), ref = new_git_ref.as_str(); "Updated Dockerfile");
+ } else {
+ error!(arg = arg_name; "No repository URL found.");
+ }
+ }
+
+ if new_content != content {
+ let mut file = fs::File::create(path).await?;
+ file.write_all(new_content.as_bytes()).await?;
+ }
+ Ok(())
+}
+
+#[tokio::main]
+async fn main() -> Result<(), Box<dyn std::error::Error>> {
+ env_logger::init();
+ let args = Args::parse();
+
+ let clientset = ClientSet::new();
+
+ for file_path in args.files {
+ if file_path.is_file() {
+ update_dockerfile(&clientset, &file_path, &args.branch).await?;
+ } else {
+ warn!("{:?} is not a file, skipping", file_path);
+ }
+ }
+
+ Ok(())
+}
diff --git a/crates/imagebumper/src/repository.rs b/crates/imagebumper/src/repository.rs
new file mode 100644
index 0000000..2f1a274
--- /dev/null
+++ b/crates/imagebumper/src/repository.rs
@@ -0,0 +1,66 @@
+use crate::clients::ClientSet;
+use crate::RepositoryClient;
+use std::error::Error;
+use url::Url;
+
+pub struct Repository<'a> {
+ pub owner: String,
+ pub name: String,
+ client: &'a dyn RepositoryClient,
+}
+
+impl<'a> Repository<'a> {
+ pub fn from_url(clientset: &'a ClientSet, url: &str) -> Result<Self, Box<dyn Error>> {
+ let url = url.trim_end_matches(".git");
+ let parsed_url = Url::parse(url)?;
+ let hostname = parsed_url.host_str().ok_or("Invalid repository URL")?;
+ let parts: Vec<&str> = parsed_url
+ .path_segments()
+ .ok_or("Invalid repository URL")?
+ .collect();
+ if parts.len() < 2 {
+ return Err("Invalid repository URL".into());
+ }
+
+ let client: &dyn RepositoryClient = match hostname {
+ "opendev.org" => &clientset.opendev,
+ "github.com" => &clientset.github,
+ _ => return Err("Unsupported repository host".into()),
+ };
+
+ Ok(Repository {
+ owner: parts[parts.len() - 2].to_string(),
+ name: parts[parts.len() - 1].to_string(),
+ client,
+ })
+ }
+
+ pub async fn get_latest_commit(&self, branch: &str) -> Result<String, Box<dyn Error>> {
+ self.client.get_latest_commit(self, branch).await
+ }
+}
+
+#[cfg(test)]
+mod tests {
+ use super::*;
+
+ #[tokio::test]
+ async fn test_from_url_for_opendev() {
+ let clientset = ClientSet::new();
+ let repo =
+ Repository::from_url(&clientset, "https://opendev.org/openstack/nova.git").unwrap();
+
+ assert_eq!(repo.owner, "openstack");
+ assert_eq!(repo.name, "nova");
+ }
+
+ #[tokio::test]
+ async fn test_from_url_for_github() {
+ let clientset = ClientSet::new();
+ let repo =
+ Repository::from_url(&clientset, "https://github.com/vexxhost/atmosphere.git").unwrap();
+
+ assert_eq!(repo.owner, "vexxhost");
+ assert_eq!(repo.name, "atmosphere");
+ }
+}
diff --git a/images/cinder/Dockerfile b/images/cinder/Dockerfile
index 3c7a0fb..8fc9118 100644
--- a/images/cinder/Dockerfile
+++ b/images/cinder/Dockerfile
@@ -17,6 +17,12 @@
storpool \
storpool.spopenstack
EOF
+ADD --chmod=644 \
+ https://github.com/storpool/storpool-openstack-integration/raw/master/drivers/cinder/openstack/caracal/storpool.py \
+ /var/lib/openstack/lib/python3.10/site-packages/cinder/volume/drivers/storpool.py
+ADD --chmod=644 \
+ https://github.com/storpool/storpool-openstack-integration/raw/master/drivers/os_brick/openstack/caracal/storpool.py \
+ /var/lib/openstack/lib/python3.10/site-packages/os_brick/initiator/connectors/storpool.py
FROM openstack-python-runtime
RUN <<EOF bash -xe
diff --git a/images/glance/Dockerfile b/images/glance/Dockerfile
index b3fc6ed..252fa6d 100644
--- a/images/glance/Dockerfile
+++ b/images/glance/Dockerfile
@@ -16,6 +16,9 @@
storpool \
storpool.spopenstack
EOF
+ADD --chmod=644 \
+ https://github.com/storpool/storpool-openstack-integration/raw/master/drivers/os_brick/openstack/caracal/storpool.py \
+ /var/lib/openstack/lib/python3.10/site-packages/os_brick/initiator/connectors/storpool.py
FROM openstack-python-runtime
RUN <<EOF bash -xe
diff --git a/images/nova/Dockerfile b/images/nova/Dockerfile
index 1f59932..a63be01 100644
--- a/images/nova/Dockerfile
+++ b/images/nova/Dockerfile
@@ -20,6 +20,9 @@
storpool \
storpool.spopenstack
EOF
+ADD --chmod=644 \
+ https://github.com/storpool/storpool-openstack-integration/raw/master/drivers/os_brick/openstack/caracal/storpool.py \
+ /var/lib/openstack/lib/python3.10/site-packages/os_brick/initiator/connectors/storpool.py
FROM openstack-python-runtime
ADD https://github.com/novnc/noVNC.git#v1.4.0 /usr/share/novnc
diff --git a/releasenotes/notes/bump-storpool-caracal-525bae827bef1f62.yaml b/releasenotes/notes/bump-storpool-caracal-525bae827bef1f62.yaml
new file mode 100644
index 0000000..13de75f
--- /dev/null
+++ b/releasenotes/notes/bump-storpool-caracal-525bae827bef1f62.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Storpool driver has been updated from the Bobcat release to the Caracal
+ release.