Dreaded_X/lldap-controller
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

Small tweaks to bring in line with other Kubernetes tools

Browse Source
This commit is contained in:
Dreaded_X 2025-04-18 16:06:53 +02:00
parent 2d2ef6903b
commit 884c37aa1b
Signed by: Dreaded_X
GPG Key ID: 5A0CBFE3C3377FAA
12 changed files with 84 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cargo/audit.toml
View File

@ -1,2 +1,2 @@
[advisories] [advisories]
ignore = ["RUSTSEC-2024-0344"] ignore = ["RUSTSEC-2024-0344", "RUSTSEC-2025-0023"]

2
.cargo/config.toml Normal file
View File

@ -0,0 +1,2 @@
[env]
RUSTC_BOOTSTRAP = "1"

1
.dockerignore
View File

@ -2,3 +2,4 @@
!queries !queries
!src !src
!Cargo.* !Cargo.*
!.cargo/config.toml

40
.gitea/workflows/build.yaml
View File

@ -18,8 +18,12 @@ jobs:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Get Git commit timestamps - name: Set timestamp and release version
run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV run: |
echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
git fetch --prune --unshallow --tags --force
echo "RELEASE_VERSION=$(git describe --always --dirty='--modified')" >> $GITHUB_ENV
cat $GITHUB_ENV
- name: Login to registry - name: Login to registry
uses: docker/login-action@v3 uses: docker/login-action@v3
@ -52,25 +56,9 @@ jobs:
type=semver,pattern=v{{major}}.{{minor}} type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}} type=semver,pattern=v{{major}}
- name: Build and export to docker - name: Build container
id: build id: build
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with:
context: .
load: true
annotations: ${{ steps.meta.outputs.annotations }}
cache-from: type=gha
cache-to: type=gha,mode=max
env:
SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }}
- name: Generate CRDs
run: |
docker run --rm ${{ steps.build.outputs.imageid }} /crdgen > ./manifests/crds.yaml
- name: Push container
uses: docker/build-push-action@v6
id: push
with: with:
context: . context: .
push: true push: true
@ -78,20 +66,28 @@ jobs:
provenance: mode=max provenance: mode=max
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
annotations: ${{ steps.meta.outputs.annotations }} annotations: ${{ steps.meta.outputs.annotations }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
"RELEASE_VERSION=${{ env.RELEASE_VERSION }}"
env: env:
SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }} SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }}
- name: Generate CRDs
run: |
docker run --rm ${{ env.OCI_REPO }}@${{ steps.build.outputs.imageid }} /crdgen > ./manifests/crds.yaml
- name: Kustomize manifests - name: Kustomize manifests
run: | run: |
./kustomize build ./manifests | sed "s/\${DIGEST}/${{ steps.push.outputs.digest }}/" > ./manifests.yaml ./kustomize build ./manifests | sed "s/\${DIGEST}/${{ steps.build.outputs.digest }}/" > ./manifests.yaml
- name: Push manifests - name: Push manifests
run: | run: |
flux push artifact oci://$OCI_REPO/manifests:latest \ flux push artifact oci://${{ env.OCI_REPO }}/manifests:${{ gitea.head_ref || gitea.ref_name }} \
--path="./manifests.yaml" \ --path="./manifests.yaml" \
--source="$(git config --get remote.origin.url)" \ --source="$(git config --get remote.origin.url)" \
--revision="$(git rev-parse HEAD)" \ --revision="$(git rev-parse HEAD)" \
$(echo "${{ steps.meta.outputs.labels }}" | sed -e 's/^/-a /') $(echo "${{ steps.meta.outputs.labels }}" | sed -e 's/^/-a /')
flux tag artifact oci://$OCI_REPO/manifests:latest \ flux tag artifact oci://${{ env.OCI_REPO }}/manifests:${{ gitea.head_ref || gitea.ref_name }} \
$(echo "${{ steps.meta.outputs.tags }}" | sed -e 's/^.*:/--tag /') $(echo "${{ steps.meta.outputs.tags }}" | sed -e 's/^.*:/--tag /')

17
.pre-commit-config.yaml
View File

@ -2,17 +2,19 @@ fail_fast: true
repos: repos:
- repo: https://github.com/pre-commit/pre-commit-hooks - repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0 rev: v5.0.0
hooks: hooks:
- id: trailing-whitespace - id: trailing-whitespace
- id: end-of-file-fixer - id: end-of-file-fixer
- id: check-yaml - id: check-yaml
args:
- --allow-multiple-documents
- id: check-toml - id: check-toml
- id: check-added-large-files - id: check-added-large-files
- id: check-merge-conflict - id: check-merge-conflict
- repo: https://github.com/crate-ci/typos - repo: https://github.com/crate-ci/typos
rev: v1.21.0 rev: v1.31.1
hooks: hooks:
- id: typos - id: typos
args: ["--force-exclude"] args: ["--force-exclude"]
@ -43,6 +45,17 @@ repos:
name: audit name: audit
description: Audit packages description: Audit packages
entry: cargo audit entry: cargo audit
args: ["--deny", "warnings"]
language: system
pass_filenames: false
verbose: true
always_run: true
- id: udeps
name: unused
description: Check for unused crates
entry: cargo +nightly udeps
args: ["--workspace"]
language: system language: system
types: [file] types: [file]
files: (\.rs|Cargo.lock)$ files: (\.rs|Cargo.lock)$

21
Cargo.lock generated
View File

@ -785,6 +785,26 @@ version = "0.31.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f"
[[package]]
name = "git-version"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ad568aa3db0fcbc81f2f116137f263d7304f512a1209b35b85150d3ef88ad19"
dependencies = [
"git-version-macro",
]
[[package]]
name = "git-version-macro"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "53010ccb100b96a67bc32c0175f0ed1426b31b655d562898e57325f81c023ac0"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.100",
]
[[package]] [[package]]
name = "gloo-timers" name = "gloo-timers"
version = "0.3.0" version = "0.3.0"
@ -1428,6 +1448,7 @@ dependencies = [
"chrono", "chrono",
"cynic", "cynic",
"futures", "futures",
"git-version",
"insta", "insta",
"k8s-openapi", "k8s-openapi",
"kube", "kube",

1
Cargo.toml
View File

@ -34,6 +34,7 @@ reqwest = { version = "0.12.14", default-features = false, features = [
"json", "json",
"rustls-tls", "rustls-tls",
] } ] }
git-version = "0.3.9"
[dev-dependencies] [dev-dependencies]
insta = { workspace = true } insta = { workspace = true }

2
Dockerfile
View File

@ -13,6 +13,8 @@ COPY --from=planner /app/recipe.json recipe.json
RUN cargo chef cook --release --recipe-path recipe.json RUN cargo chef cook --release --recipe-path recipe.json
COPY . . COPY . .
ARG RELEASE_VERSION
ENV RELEASE_VERSION=${RELEASE_VERSION}
RUN cargo auditable build --release RUN cargo auditable build --release
FROM gcr.io/distroless/cc-debian12:nonroot AS runtime FROM gcr.io/distroless/cc-debian12:nonroot AS runtime

4
src/lib.rs
View File

@ -1,3 +1,7 @@
#![feature(let_chains)]
pub mod context; pub mod context;
pub mod lldap; pub mod lldap;
pub mod resources; pub mod resources;
mod version;
pub use version::VERSION;

3
src/main.rs
View File

@ -7,6 +7,7 @@ use kube::runtime::controller::{self, Action};
use kube::runtime::reflector::ObjectRef; use kube::runtime::reflector::ObjectRef;
use kube::runtime::{Controller, watcher}; use kube::runtime::{Controller, watcher};
use kube::{Api, Client as KubeClient, Resource}; use kube::{Api, Client as KubeClient, Resource};
use lldap_controller::VERSION;
use lldap_controller::context::Context; use lldap_controller::context::Context;
use lldap_controller::lldap::LldapConfig; use lldap_controller::lldap::LldapConfig;
use lldap_controller::resources::{ use lldap_controller::resources::{
@ -47,7 +48,7 @@ async fn main() -> anyhow::Result<()> {
Registry::default().with(logger).with(env_filter).init(); Registry::default().with(logger).with(env_filter).init();
} }
info!("Starting controller"); info!(version = VERSION, "Starting");
let client = KubeClient::try_default().await?; let client = KubeClient::try_default().await?;

13
src/resources/user_attribute.rs
View File

@ -1,19 +1,18 @@
use std::time::Duration; use std::time::Duration;
use kube::{ use kube::api::{Patch, PatchParams};
Api, CELSchema, CustomResource, use kube::runtime::controller::Action;
api::{Patch, PatchParams}, use kube::{Api, CELSchema, CustomResource};
runtime::controller::Action,
};
use queries::AttributeType; use queries::AttributeType;
use schemars::JsonSchema; use schemars::JsonSchema;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::json; use serde_json::json;
use tracing::{debug, trace, warn}; use tracing::{debug, trace, warn};
use crate::{context::ControllerEvents, lldap, resources::Error};
use super::Reconcile; use super::Reconcile;
use crate::context::ControllerEvents;
use crate::lldap;
use crate::resources::Error;
#[derive(Deserialize, Serialize, Clone, Copy, Debug, JsonSchema)] #[derive(Deserialize, Serialize, Clone, Copy, Debug, JsonSchema)]
pub enum Type { pub enum Type {

11
src/version.rs Normal file
View File

@ -0,0 +1,11 @@
pub const VERSION: &str = get_version();
const fn get_version() -> &'static str {
if let Some(version) = std::option_env!("RELEASE_VERSION")
&& !version.is_empty()
{
version
} else {
git_version::git_version!(fallback = "unknown")
}
}