diff --git a/Cargo.nix b/Cargo.nix index a8a32ce3..3cf47ea1 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -11898,7 +11898,7 @@ rec { "stackable-opa-bundle-builder" = rec { crateName = "stackable-opa-bundle-builder"; version = "0.0.0-dev"; - edition = "2021"; + edition = "2024"; crateBin = [ { name = "stackable-opa-bundle-builder"; @@ -11974,7 +11974,7 @@ rec { "stackable-opa-operator" = rec { crateName = "stackable-opa-operator"; version = "0.0.0-dev"; - edition = "2021"; + edition = "2024"; crateBin = [ { name = "stackable-opa-operator"; @@ -12073,7 +12073,7 @@ rec { "stackable-opa-regorule-library" = rec { crateName = "stackable-opa-regorule-library"; version = "0.0.0-dev"; - edition = "2021"; + edition = "2024"; src = lib.cleanSourceWith { filter = sourceFilter; src = ./rust/regorule-library; }; libName = "stackable_opa_regorule_library"; authors = [ @@ -12084,7 +12084,7 @@ rec { "stackable-opa-user-info-fetcher" = rec { crateName = "stackable-opa-user-info-fetcher"; version = "0.0.0-dev"; - edition = "2021"; + edition = "2024"; crateBin = [ { name = "stackable-opa-user-info-fetcher"; diff --git a/Cargo.toml b/Cargo.toml index 493f0045..61ce19d3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,7 @@ resolver = "2" version = "0.0.0-dev" authors = ["Stackable GmbH "] license = "OSL-3.0" -edition = "2021" +edition = "2024" repository = "https://github.com/stackabletech/opa-operator" [workspace.dependencies] diff --git a/rust/bundle-builder/src/main.rs b/rust/bundle-builder/src/main.rs index 601e9c75..98ff33ae 100644 --- a/rust/bundle-builder/src/main.rs +++ b/rust/bundle-builder/src/main.rs @@ -210,7 +210,8 @@ async fn main() -> Result<(), StartupError> { .context(RunServerSnafu) }); - future::select(reflector, server).await.factor_first().0 + future::select(reflector, server).await.factor_first().0?; + Ok(()) } #[derive(Snafu, Debug)] @@ -244,7 +245,7 @@ enum BundleError { } impl BundleError { - fn to_http_response(&self) -> impl IntoResponse { + fn to_http_response(&self) -> impl IntoResponse + use<> { ( http::StatusCode::INTERNAL_SERVER_ERROR, "failed to build bundle, see opa-bundle-builder logs for more details", diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index 23034272..c48622e7 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -1203,10 +1203,9 @@ fn build_config_file( if let Some(ContainerLogConfig { choice: Some(ContainerLogConfigChoice::Automatic(log_config)), }) = merged_config.logging.containers.get(&Container::Opa) + && let Some(config) = log_config.loggers.get("decision") { - if let Some(config) = log_config.loggers.get("decision") { - decision_logging_enabled = config.level != LogLevel::NONE; - } + decision_logging_enabled = config.level != LogLevel::NONE; } let decision_logging = if decision_logging_enabled { @@ -1341,13 +1340,11 @@ fn build_bundle_builder_start_command(merged_config: &OpaConfig, container_name: .logging .containers .get(&Container::BundleBuilder) - { - if let Some(AppenderConfig { + && let Some(AppenderConfig { level: Some(log_level), }) = log_config.console - { - console_logging_off = log_level == LogLevel::NONE - } + { + console_logging_off = log_level == LogLevel::NONE }; formatdoc! {" @@ -1401,13 +1398,11 @@ fn sidecar_container_log_level( if let Some(ContainerLogConfig { choice: Some(ContainerLogConfigChoice::Automatic(log_config)), }) = merged_config.logging.containers.get(sidecar_container) - { - if let Some(logger) = log_config + && let Some(logger) = log_config .loggers .get(AutomaticContainerLogConfig::ROOT_LOGGER) - { - return BundleBuilderLogLevel::from(logger.level); - } + { + return BundleBuilderLogLevel::from(logger.level); } BundleBuilderLogLevel::Info diff --git a/rust/operator-binary/src/webhooks/conversion.rs b/rust/operator-binary/src/webhooks/conversion.rs index f224b07b..bbb3f248 100644 --- a/rust/operator-binary/src/webhooks/conversion.rs +++ b/rust/operator-binary/src/webhooks/conversion.rs @@ -34,7 +34,7 @@ pub async fn create_webhook_server( disable_crd_maintenance, }; - let (conversion_webhook, _initial_reconcile_rx) = + let (conversion_webhook, _) = ConversionWebhook::new(crds_and_handlers, client, conversion_webhook_options); let webhook_server_options = WebhookServerOptions { diff --git a/rust/user-info-fetcher/src/backend/active_directory.rs b/rust/user-info-fetcher/src/backend/active_directory.rs index c3b5f280..93fc487a 100644 --- a/rust/user-info-fetcher/src/backend/active_directory.rs +++ b/rust/user-info-fetcher/src/backend/active_directory.rs @@ -181,14 +181,15 @@ pub(crate) async fn get_user_info( .context(UserNotFoundSnafu { request })?; let user = SearchEntry::construct(user); tracing::debug!(?user, "got user from LDAP"); - user_attributes( + let attrs = user_attributes( &mut ldap, base_distinguished_name, &user, custom_attribute_mappings, additional_group_attribute_filters, ) - .await + .await?; + Ok(attrs) } /// Constructs a user filter that searches both the UPN as well as the sAMAccountName attributes. diff --git a/rust/user-info-fetcher/src/backend/openldap.rs b/rust/user-info-fetcher/src/backend/openldap.rs index 92c73d02..07ed34f8 100644 --- a/rust/user-info-fetcher/src/backend/openldap.rs +++ b/rust/user-info-fetcher/src/backend/openldap.rs @@ -178,14 +178,15 @@ impl ResolvedOpenLdapBackend { // Search for groups that contain this user let groups = search_user_groups(&mut ldap, &user, &self.config).await?; - user_attributes( + let attrs = user_attributes( user_id_attribute, user_name_attribute, &user, groups, &self.config.custom_attribute_mappings, ) - .await + .await?; + Ok(attrs) } } diff --git a/rust/user-info-fetcher/src/main.rs b/rust/user-info-fetcher/src/main.rs index 1776b3be..65925c32 100644 --- a/rust/user-info-fetcher/src/main.rs +++ b/rust/user-info-fetcher/src/main.rs @@ -209,7 +209,8 @@ async fn main() -> Result<(), StartupError> { axum::serve(listener, app.into_make_service()) .with_graceful_shutdown(shutdown_requested) .await - .context(RunServerSnafu) + .context(RunServerSnafu)?; + Ok(()) } #[derive(Debug, Deserialize, PartialEq, Eq, Hash, Clone)] @@ -315,64 +316,64 @@ async fn get_user_info( backend, user_info_cache, } = state; - Ok(Json( - user_info_cache - .try_get_with_by_ref(&req, async { - match backend.as_ref() { - ResolvedBackend::None => { - let user_id = match &req { - UserInfoRequest::UserInfoRequestById(UserInfoRequestById { id }) => { - Some(id) - } - _ => None, - }; - let username = match &req { - UserInfoRequest::UserInfoRequestByName(UserInfoRequestByName { - username, - }) => Some(username), - _ => None, - }; - Ok(UserInfo { - id: user_id.cloned(), - username: username.cloned(), - groups: vec![], - custom_attributes: HashMap::new(), - }) - } - ResolvedBackend::Keycloak(keycloak) => keycloak - .get_user_info(&req) - .await - .context(get_user_info_error::KeycloakSnafu), - ResolvedBackend::ExperimentalXfscAas(aas) => aas - .get_user_info(&req) - .await - .context(get_user_info_error::ExperimentalXfscAasSnafu), - ResolvedBackend::ActiveDirectory { - ldap_server, - tls, - base_distinguished_name, - custom_attribute_mappings, - additional_group_attribute_filters, - } => backend::active_directory::get_user_info( - &req, - ldap_server, - tls, - base_distinguished_name, - custom_attribute_mappings, - additional_group_attribute_filters, - ) - .await - .context(get_user_info_error::ActiveDirectorySnafu), - ResolvedBackend::Entra(entra) => entra - .get_user_info(&req) - .await - .context(get_user_info_error::EntraSnafu), - ResolvedBackend::OpenLdap(openldap) => openldap - .get_user_info(&req) - .await - .context(get_user_info_error::OpenLdapSnafu), + let user_info = user_info_cache + .try_get_with_by_ref(&req, async { + match backend.as_ref() { + ResolvedBackend::None => { + let user_id = match &req { + UserInfoRequest::UserInfoRequestById(UserInfoRequestById { id }) => { + Some(id) + } + _ => None, + }; + let username = match &req { + UserInfoRequest::UserInfoRequestByName(UserInfoRequestByName { + username, + }) => Some(username), + _ => None, + }; + Ok(UserInfo { + id: user_id.cloned(), + username: username.cloned(), + groups: vec![], + custom_attributes: HashMap::new(), + }) } - }) - .await?, - )) + ResolvedBackend::Keycloak(keycloak) => keycloak + .get_user_info(&req) + .await + .context(get_user_info_error::KeycloakSnafu), + ResolvedBackend::ExperimentalXfscAas(aas) => aas + .get_user_info(&req) + .await + .context(get_user_info_error::ExperimentalXfscAasSnafu), + ResolvedBackend::ActiveDirectory { + ldap_server, + tls, + base_distinguished_name, + custom_attribute_mappings, + additional_group_attribute_filters, + } => backend::active_directory::get_user_info( + &req, + ldap_server, + tls, + base_distinguished_name, + custom_attribute_mappings, + additional_group_attribute_filters, + ) + .await + .context(get_user_info_error::ActiveDirectorySnafu), + ResolvedBackend::Entra(entra) => entra + .get_user_info(&req) + .await + .context(get_user_info_error::EntraSnafu), + ResolvedBackend::OpenLdap(openldap) => openldap + .get_user_info(&req) + .await + .context(get_user_info_error::OpenLdapSnafu), + } + }) + .await?; + + Ok(Json(user_info)) }