diff --git a/CHANGELOG.md b/CHANGELOG.md index 14684bef..55baa7b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file. ### Added +- BREAKING: Add required CLI argument and env var to set the image repository used to construct final product image names: `IMAGE_REPOSITORY` (`--image-repository`), eg. `oci.example.org/my/namespace` ([#928]). - Support for passing CAs to GitSync ([#903]). - Added support for NiFi `2.9.0` ([#922]). @@ -25,6 +26,7 @@ All notable changes to this project will be documented in this file. [#921]: https://github.com/stackabletech/nifi-operator/pull/921 [#922]: https://github.com/stackabletech/nifi-operator/pull/922 [#924]: https://github.com/stackabletech/nifi-operator/pull/924 +[#928]: https://github.com/stackabletech/nifi-operator/pull/928 ## [26.3.0] - 2026-03-16 diff --git a/Cargo.lock b/Cargo.lock index 198cb40e..25ac572e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1582,7 +1582,7 @@ dependencies = [ [[package]] name = "k8s-version" version = "0.1.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "darling", "regex", @@ -2606,9 +2606,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.12" +version = "0.103.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8279bb85272c9f10811ae6a6c547ff594d6a7f3c6c6b02ee9726d1d0dcfcdd06" +checksum = "61c429a8649f110dddef65e2a5ad240f747e85f7758a6bccc7e5777bd33f756e" dependencies = [ "ring", "rustls-pki-types", @@ -2993,7 +2993,7 @@ checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" [[package]] name = "stackable-certs" version = "0.4.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "const-oid", "ecdsa", @@ -3043,8 +3043,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.110.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +version = "0.111.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "base64", "clap", @@ -3085,7 +3085,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "darling", "proc-macro2", @@ -3096,7 +3096,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.1.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "jiff", "k8s-openapi", @@ -3113,7 +3113,7 @@ dependencies = [ [[package]] name = "stackable-telemetry" version = "0.6.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "axum", "clap", @@ -3136,9 +3136,10 @@ dependencies = [ [[package]] name = "stackable-versioned" -version = "0.9.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +version = "0.10.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ + "kube", "schemars", "serde", "serde_json", @@ -3149,8 +3150,8 @@ dependencies = [ [[package]] name = "stackable-versioned-macros" -version = "0.9.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +version = "0.10.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "convert_case", "convert_case_extras", @@ -3168,7 +3169,7 @@ dependencies = [ [[package]] name = "stackable-webhook" version = "0.9.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#96f42571ea185a3cd76fedde351fcabbeefcae16" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51" dependencies = [ "arc-swap", "async-trait", diff --git a/Cargo.nix b/Cargo.nix index b7ed7465..109e8557 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -5107,7 +5107,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "k8s_version"; @@ -8723,9 +8723,9 @@ rec { }; "rustls-webpki" = rec { crateName = "rustls-webpki"; - version = "0.103.12"; + version = "0.103.13"; edition = "2021"; - sha256 = "01nxzkfd1l96jzp04svc7iznlkarzx3wb9p63a0i17rc4y2vnyc2"; + sha256 = "0vkm7z9pnxz5qz66p2kmyy2pwx0g4jnsbqk5xzfhs4czcjl2ki31"; libName = "webpki"; dependencies = [ { @@ -9892,7 +9892,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "stackable_certs"; @@ -10103,12 +10103,12 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.110.1"; + version = "0.111.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "stackable_operator"; @@ -10288,7 +10288,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; procMacro = true; @@ -10323,7 +10323,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "stackable_shared"; @@ -10404,7 +10404,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "stackable_telemetry"; @@ -10509,12 +10509,12 @@ rec { }; "stackable-versioned" = rec { crateName = "stackable-versioned"; - version = "0.9.0"; + version = "0.10.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "stackable_versioned"; @@ -10522,6 +10522,12 @@ rec { "Stackable GmbH " ]; dependencies = [ + { + name = "kube"; + packageId = "kube"; + usesDefaultFeatures = false; + features = [ "client" "jsonpatch" "runtime" "derive" "admission" "rustls-tls" "ring" ]; + } { name = "schemars"; packageId = "schemars"; @@ -10553,12 +10559,12 @@ rec { }; "stackable-versioned-macros" = rec { crateName = "stackable-versioned-macros"; - version = "0.9.0"; + version = "0.10.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; procMacro = true; @@ -10626,7 +10632,7 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "96f42571ea185a3cd76fedde351fcabbeefcae16"; + rev = "b7c8a3a5483b4d35d0abfa11f6db6c153bda8a51"; sha256 = "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i"; }; libName = "stackable_webhook"; diff --git a/Cargo.toml b/Cargo.toml index e7cc7c1d..7ad6543a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ repository = "https://github.com/stackabletech/nifi-operator" [workspace.dependencies] product-config = { git = "https://github.com/stackabletech/product-config.git", tag = "0.8.0" } -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.110.1", features = ["webhook"] } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.111.0", features = ["webhook"] } anyhow = "1.0" built = { version = "0.8", features = ["chrono", "git2"] } diff --git a/crate-hashes.json b/crate-hashes.json index 3a28591b..e4a66a4c 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -1,12 +1,12 @@ { - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#k8s-version@0.1.3": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-certs@0.4.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-operator-derive@0.3.1": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-operator@0.110.1": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-shared@0.1.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-telemetry@0.6.3": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-versioned-macros@0.9.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-versioned@0.9.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.110.1#stackable-webhook@0.9.1": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#k8s-version@0.1.3": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-certs@0.4.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-operator-derive@0.3.1": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-operator@0.111.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-shared@0.1.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-telemetry@0.6.3": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-versioned-macros@0.10.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-versioned@0.10.0": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.111.0#stackable-webhook@0.9.1": "1g6m1rhrvj7szgk6xybcbhn77njj599bldzipi0d50sd5z0m9x3i", "git+https://github.com/stackabletech/product-config.git?tag=0.8.0#product-config@0.8.0": "1dz70kapm2wdqcr7ndyjji0lhsl98bsq95gnb2lw487wf6yr7987" } \ No newline at end of file diff --git a/extra/crds.yaml b/extra/crds.yaml index ee8a4e18..7a9c0e3d 100644 --- a/extra/crds.yaml +++ b/extra/crds.yaml @@ -465,8 +465,9 @@ spec: properties: custom: description: |- - Overwrite the docker image. - Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0` + Provide a custom container image. + + Specify the full container image name, e.g. `oci.example.tech/namespace/superset:1.4.1-my-tag` type: string productVersion: description: Version of the product, e.g. `1.4.1`. @@ -493,14 +494,20 @@ spec: nullable: true type: array repo: - description: Name of the docker repo, e.g. `oci.stackable.tech/sdp` + description: |- + The repository on the container image registry where the container image is located, e.g. + `oci.example.com/namespace`. + + If not specified, the operator will use the image registry provided via the operator + environment options. nullable: true type: string stackableVersion: description: |- Stackable version of the product, e.g. `23.4`, `23.4.1` or `0.0.0-dev`. - If not specified, the operator will use its own version, e.g. `23.4.1`. - When using a nightly operator or a pr version, it will use the nightly `0.0.0-dev` image. + + If not specified, the operator will use its own version, e.g. `23.4.1`. When using a nightly + operator or a PR version, it will use the nightly `0.0.0-dev` image. nullable: true type: string type: object diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index cc59ebb6..a869cc64 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -24,6 +24,7 @@ use stackable_operator::{ security::PodSecurityContextBuilder, volume::SecretFormat, }, }, + cli::OperatorEnvironmentOptions, client::Client, cluster_resources::{ClusterResourceApplyStrategy, ClusterResources}, commons::{ @@ -115,12 +116,13 @@ use crate::{ pub const NIFI_CONTROLLER_NAME: &str = "nificluster"; pub const NIFI_FULL_CONTROLLER_NAME: &str = concatcp!(NIFI_CONTROLLER_NAME, '.', OPERATOR_NAME); -const DOCKER_IMAGE_BASE_NAME: &str = "nifi"; +const CONTAINER_IMAGE_BASE_NAME: &str = "nifi"; const LOG_VOLUME_NAME: &str = "log"; pub struct Ctx { pub client: Client, pub product_config: ProductConfigManager, + pub operator_environment: OperatorEnvironmentOptions, } #[derive(Snafu, Debug, EnumDiscriminants)] @@ -377,7 +379,11 @@ pub async fn reconcile_nifi( let resolved_product_image = nifi .spec .image - .resolve(DOCKER_IMAGE_BASE_NAME, crate::built_info::PKG_VERSION) + .resolve( + CONTAINER_IMAGE_BASE_NAME, + &ctx.operator_environment.image_repository, + crate::built_info::PKG_VERSION, + ) .context(ResolveProductImageSnafu)?; tracing::info!("Checking for sensitive key configuration"); diff --git a/rust/operator-binary/src/crd/mod.rs b/rust/operator-binary/src/crd/mod.rs index 0681492c..fd10c060 100644 --- a/rust/operator-binary/src/crd/mod.rs +++ b/rust/operator-binary/src/crd/mod.rs @@ -586,3 +586,104 @@ impl Default for NifiNodeRoleConfig { fn node_default_listener_class() -> String { "cluster-internal".to_string() } + +#[cfg(test)] +mod tests { + use stackable_operator::versioned::test_utils::RoundtripTestData; + + use super::v1alpha1; + + impl RoundtripTestData for v1alpha1::NifiClusterSpec { + fn roundtrip_test_data() -> Vec { + stackable_operator::utils::yaml_from_str_singleton_map(indoc::indoc! {r#" + - image: + productVersion: 1.2.3 + pullPolicy: IfNotPresent + clusterOperation: + stopped: false + reconciliationPaused: false + clusterConfig: + zookeeperConfigMapName: nifi-znode + authentication: + - authenticationClass: nifi-users + hostHeaderCheck: + allowAll: false + additionalAllowedHosts: + - example.com:1234 + sensitiveProperties: + keySecret: nifi-sensitive-property-key + customComponentsGitSync: + - repo: ssh://git@github.com/stackable-airflow/dags.git + - repo: https://github.com/stackable-airflow/dags + branch: main + credentials: + basicAuthSecretName: my-basic-auth + wait: 5s + gitSyncConf: + foo: bar + gitFolder: "mount-dags-gitsync/dags_airflow3" + tls: + verification: + server: + caCert: + secretClass: git-ca-cert + - repo: ssh://git@github.com/stackable-airflow/dags.git + # FIXME: The roundtrip looses data when private keys are used. + # See https://github.com/stackabletech/issues/issues/849 for details. + credentials: + sshPrivateKeySecretName: my-private-key + vectorAggregatorConfigMapName: vector-aggregator-discovery + nodes: + envOverrides: + COMMON_VAR: role-value + ROLE_VAR: role-value + configOverrides: + nifi.properties: + nifi.diagnostics.on.shutdown.enabled: "true" + nifi.diagnostics.on.shutdown.verbose: "false" + config: + logging: + enableVectorAgent: true + resources: + cpu: + min: 500m + max: "1" + memory: + limit: 2Gi + storage: + flowfileRepo: + capacity: 2Gi + provenanceRepo: + capacity: 2Gi + databaseRepo: + capacity: 2Gi + contentRepo: + capacity: 2Gi + stateRepo: + capacity: 2Gi + roleConfig: + listenerClass: my-listener-class + roleGroups: + default: + replicas: 2 + envOverrides: + COMMON_VAR: group-value + GROUP_VAR: group-value + configOverrides: + nifi.properties: + nifi.diagnostics.on.shutdown.enabled: "false" + nifi.diagnostics.on.shutdown.max.filecount: "20" + podOverrides: + spec: + containers: + - name: nifi + resources: + requests: + cpu: 700m + limits: + cpu: 1200m + "#}) + .expect("Failed to parse NifiClusterSpec YAML") + } + } +} diff --git a/rust/operator-binary/src/main.rs b/rust/operator-binary/src/main.rs index a898f65e..d20eea0d 100644 --- a/rust/operator-binary/src/main.rs +++ b/rust/operator-binary/src/main.rs @@ -181,6 +181,7 @@ async fn main() -> anyhow::Result<()> { controller::error_policy, Arc::new(controller::Ctx { client: client.clone(), + operator_environment, product_config, }), )