mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Begin 1.5.0 Development Cycle (#3150)

Browse source
This commit is contained in:
Firstyear 2024-10-27 11:53:24 +10:00 committed by GitHub
parent 243a020bdb
commit a76a0f5a6e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 80 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
Cargo.lock generated
View file

@ -1092,7 +1092,7 @@ dependencies = [
[[package]] [[package]]
name = "daemon" name = "daemon"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"clap", "clap",
"clap_complete", "clap_complete",
@ -2831,7 +2831,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm-ipa-sync" name = "kanidm-ipa-sync"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"chrono", "chrono",
"clap", "clap",
@ -2855,7 +2855,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm-ldap-sync" name = "kanidm-ldap-sync"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"chrono", "chrono",
"clap", "clap",
@ -2880,7 +2880,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_build_profiles" name = "kanidm_build_profiles"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"base64 0.22.1", "base64 0.22.1",
"gix", "gix",
@ -2891,7 +2891,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_client" name = "kanidm_client"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"compact_jwt 0.4.2", "compact_jwt 0.4.2",
"http 1.1.0", "http 1.1.0",
@ -2913,7 +2913,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_device_flow" name = "kanidm_device_flow"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"base64 0.22.1", "base64 0.22.1",
@ -2928,7 +2928,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_lib_crypto" name = "kanidm_lib_crypto"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"argon2", "argon2",
"base64 0.22.1", "base64 0.22.1",
@ -2949,7 +2949,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_lib_file_permissions" name = "kanidm_lib_file_permissions"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"kanidm_utils_users", "kanidm_utils_users",
"whoami", "whoami",
@ -2957,7 +2957,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_proto" name = "kanidm_proto"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"base32", "base32",
"base64 0.22.1", "base64 0.22.1",
@ -2982,7 +2982,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_tools" name = "kanidm_tools"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
@ -3013,7 +3013,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_unix_common" name = "kanidm_unix_common"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"bytes", "bytes",
"csv", "csv",
@ -3032,7 +3032,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_unix_int" name = "kanidm_unix_int"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"bytes", "bytes",
@ -3073,14 +3073,14 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_utils_users" name = "kanidm_utils_users"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"libc", "libc",
] ]
[[package]] [[package]]
name = "kanidmd_core" name = "kanidmd_core"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"askama", "askama",
"askama_axum", "askama_axum",
@ -3133,7 +3133,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidmd_lib" name = "kanidmd_lib"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"base64 0.22.1", "base64 0.22.1",
"base64urlsafedata 0.5.0", "base64urlsafedata 0.5.0",
@ -3186,7 +3186,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidmd_lib_macros" name = "kanidmd_lib_macros"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
@ -3195,7 +3195,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidmd_testkit" name = "kanidmd_testkit"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"assert_cmd", "assert_cmd",
"compact_jwt 0.4.2", "compact_jwt 0.4.2",
@ -3658,7 +3658,7 @@ dependencies = [
[[package]] [[package]]
name = "nss_kanidm" name = "nss_kanidm"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"kanidm_unix_common", "kanidm_unix_common",
"lazy_static", "lazy_static",
@ -4016,7 +4016,7 @@ dependencies = [
[[package]] [[package]]
name = "orca" name = "orca"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"chrono", "chrono",
@ -4062,7 +4062,7 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
[[package]] [[package]]
name = "pam_kanidm" name = "pam_kanidm"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"kanidm_unix_common", "kanidm_unix_common",
"libc", "libc",
@ -4936,7 +4936,7 @@ dependencies = [
[[package]] [[package]]
name = "scim_proto" name = "scim_proto"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"base64urlsafedata 0.5.0", "base64urlsafedata 0.5.0",
"peg", "peg",
@ -5211,7 +5211,7 @@ dependencies = [
[[package]] [[package]]
name = "sketching" name = "sketching"
version = "1.4.0-dev" version = "1.5.0-dev"
dependencies = [ dependencies = [
"gethostname", "gethostname",
"num_enum", "num_enum",

28
Cargo.toml
View file

@ -1,5 +1,5 @@
[workspace.package] [workspace.package]
version = "1.4.0-dev" version = "1.5.0-dev"
authors = [ authors = [
"William Brown <william@blackhats.net.au>", "William Brown <william@blackhats.net.au>",
"James Hodgkinson <james@terminaloutcomes.com>", "James Hodgkinson <james@terminaloutcomes.com>",
@ -121,20 +121,20 @@ codegen-units = 256
# kanidm-hsm-crypto = { path = "../hsm-crypto" } # kanidm-hsm-crypto = { path = "../hsm-crypto" }
[workspace.dependencies] [workspace.dependencies]
kanidmd_core = { path = "./server/core", version = "=1.4.0-dev" } kanidmd_core = { path = "./server/core", version = "=1.5.0-dev" }
kanidmd_lib = { path = "./server/lib", version = "=1.4.0-dev" } kanidmd_lib = { path = "./server/lib", version = "=1.5.0-dev" }
kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.4.0-dev" } kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.5.0-dev" }
kanidmd_testkit = { path = "./server/testkit", version = "=1.4.0-dev" } kanidmd_testkit = { path = "./server/testkit", version = "=1.5.0-dev" }
kanidm_build_profiles = { path = "./libs/profiles", version = "=1.4.0-dev" } kanidm_build_profiles = { path = "./libs/profiles", version = "=1.5.0-dev" }
kanidm_client = { path = "./libs/client", version = "=1.4.0-dev" } kanidm_client = { path = "./libs/client", version = "=1.5.0-dev" }
kanidm-hsm-crypto = "^0.2.0" kanidm-hsm-crypto = "^0.2.0"
kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.4.0-dev" } kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.5.0-dev" }
kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.4.0-dev" } kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.5.0-dev" }
kanidm_proto = { path = "./proto", version = "=1.4.0-dev" } kanidm_proto = { path = "./proto", version = "=1.5.0-dev" }
kanidm_unix_common = { path = "./unix_integration/common", version = "=1.4.0-dev" } kanidm_unix_common = { path = "./unix_integration/common", version = "=1.5.0-dev" }
kanidm_utils_users = { path = "./libs/users", version = "=1.4.0-dev" } kanidm_utils_users = { path = "./libs/users", version = "=1.5.0-dev" }
scim_proto = { path = "./libs/scim_proto", version = "=1.4.0-dev" } scim_proto = { path = "./libs/scim_proto", version = "=1.5.0-dev" }
sketching = { path = "./libs/sketching", version = "=1.4.0-dev" } sketching = { path = "./libs/sketching", version = "=1.5.0-dev" }
anyhow = { version = "1.0.90" } anyhow = { version = "1.0.90" }
argon2 = { version = "0.5.3", features = ["alloc"] } argon2 = { version = "0.5.3", features = ["alloc"] }

31
book/src/developers/release_checklist.md
View file

@ -6,6 +6,7 @@
cargo install cargo-audit cargo install cargo-audit
cargo install cargo-outdated cargo install cargo-outdated
cargo install cargo-udeps cargo install cargo-udeps
cargo install cargo-machete
``` ```
## Pre Release Check List ## Pre Release Check List
@ -19,6 +20,7 @@ cargo install cargo-udeps
- [ ] Update MSRV if applicable - [ ] Update MSRV if applicable
- [ ] cargo update - [ ] cargo update
- [ ] `RUSTC_BOOTSTRAP=1 cargo udeps` - [ ] `RUSTC_BOOTSTRAP=1 cargo udeps`
- [ ] `cargo machete`
- [ ] cargo outdated -R - [ ] cargo outdated -R
- [ ] cargo audit - [ ] cargo audit
- [ ] cargo test - [ ] cargo test
@ -36,7 +38,7 @@ cargo install cargo-udeps
- [ ] Update `RELEASE_NOTES.md` - [ ] Update `RELEASE_NOTES.md`
- [ ] Update `README.md` - [ ] Update `README.md`
- [ ] cargo test - [ ] cargo test
- [ ] git commit - [ ] git commit -a -m "Release Notes"
- [ ] git push origin YYYYMMDD-pre-release - [ ] git push origin YYYYMMDD-pre-release
- [ ] Merge PR - [ ] Merge PR
@ -44,16 +46,14 @@ cargo install cargo-udeps
- [ ] git checkout master - [ ] git checkout master
- [ ] git pull - [ ] git pull
- [ ] git checkout -b 1.1.x (Note no v to prevent ref conflict) - [ ] git checkout -b 1.x.0 (Note no v to prevent ref conflict)
- [ ] update version to set pre tag in ./Cargo.toml - [ ] update version to set pre tag in ./Cargo.toml
- [ ] update version to set pre tag in ./Makefile - [ ] git commit -m "Release 1.x.0-pre"
- [ ] git commit - [ ] git tag v1.x.0-pre
- [ ] git tag v1.1.x-pre
- [ ] Final inspect of the branch - [ ] Final inspect of the branch
- [ ] git push origin 1.1.x - [ ] git push origin 1.x.0 --tags
- [ ] git push origin 1.1.x --tags
- [ ] github -> Ensure release branch is protected - [ ] github -> Ensure release branch is protected
@ -63,20 +63,21 @@ cargo install cargo-udeps
- [ ] git pull - [ ] git pull
- [ ] git checkout -b YYYYMMDD-dev-version - [ ] git checkout -b YYYYMMDD-dev-version
- [ ] update version to +1 and add dev tag in ./Cargo.toml - [ ] update version to +1 and add dev tag in ./Cargo.toml
- [ ] update version to +1 and add dev tag in ./Makefile
- [ ] update `DOMAIN_*_LEVEL` in server/lib/src/constants/mod.rs - [ ] update `DOMAIN_*_LEVEL` in server/lib/src/constants/mod.rs
- [ ] update and add new migrations
## Final Release Check List ## Final Release Check List
### Git Management Part Deux ### Git Management Part Deux
- [ ] git checkout 1.1.x - [ ] git checkout 1.x.0
- [ ] git pull origin 1.1.x - [ ] git pull origin 1.x.0
- [ ] update version to remove pre tag in ./Cargo.toml - [ ] update version to remove pre tag in ./Cargo.toml
- [ ] update version to remove pre tag in ./Makefile - [ ] update Makefile to set docker image to latest
- [ ] git tag v1.1.x - [ ] git commit -a -m 'Release 1.x.0'
- [ ] git push origin 1.1.x --tags - [ ] git tag v1.x.0
- [ ] git push origin 1.x.0 --tags
- [ ] github -> create new release based on tag (not branch) - use tag because then tools will get - [ ] github -> create new release based on tag (not branch) - use tag because then tools will get
the tag + patches we apply. the tag + patches we apply.
@ -99,10 +100,10 @@ cargo install cargo-udeps
### Docker ### Docker
- [ ] docker buildx use cluster - [ ] docker buildx use cluster
- [ ] `make buildx/kanidmd/x86_64_v3 buildx/kanidmd buildx/kanidm_tools buildx/radiusd` - [ ] `make buildx`
- [ ] `IMAGE_VERSION=latest make buildx`
- [ ] Update the readme on docker <https://hub.docker.com/repository/docker/kanidm/server> - [ ] Update the readme on docker <https://hub.docker.com/repository/docker/kanidm/server>
### Distro ### Distro
- [ ] vendor and release to build.opensuse.org - [ ] vendor and release to build.opensuse.org

14
server/lib/src/constants/mod.rs
View file

@ -74,22 +74,26 @@ pub const DOMAIN_LEVEL_8: DomainVersion = 8;
/// Deprecated as of 1.7.0 /// Deprecated as of 1.7.0
pub const DOMAIN_LEVEL_9: DomainVersion = 9; pub const DOMAIN_LEVEL_9: DomainVersion = 9;
/// Domain Level introduced with 1.6.0.
/// Deprecated as of 1.8.0
pub const DOMAIN_LEVEL_10: DomainVersion = 10;
// The minimum level that we can re-migrate from. // The minimum level that we can re-migrate from.
// This should be DOMAIN_TGT_LEVEL minus 2 // This should be DOMAIN_TGT_LEVEL minus 2
pub const DOMAIN_MIN_REMIGRATION_LEVEL: DomainVersion = DOMAIN_LEVEL_6; pub const DOMAIN_MIN_REMIGRATION_LEVEL: DomainVersion = DOMAIN_LEVEL_7;
// The minimum supported domain functional level (for replication) // The minimum supported domain functional level (for replication)
pub const DOMAIN_MIN_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL; pub const DOMAIN_MIN_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL;
// The previous releases domain functional level // The previous releases domain functional level
pub const DOMAIN_PREVIOUS_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_7; pub const DOMAIN_PREVIOUS_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_8;
// The target supported domain functional level. During development this is // The target supported domain functional level. During development this is
// the NEXT level that users will upgrade too. // the NEXT level that users will upgrade too.
pub const DOMAIN_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_8; pub const DOMAIN_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_9;
// The current patch level if any out of band fixes are required. // The current patch level if any out of band fixes are required.
pub const DOMAIN_TGT_PATCH_LEVEL: u32 = PATCH_LEVEL_1; pub const DOMAIN_TGT_PATCH_LEVEL: u32 = PATCH_LEVEL_1;
// The target domain functional level for the SUBSEQUENT release/dev cycle. // The target domain functional level for the SUBSEQUENT release/dev cycle.
pub const DOMAIN_TGT_NEXT_LEVEL: DomainVersion = DOMAIN_LEVEL_9; pub const DOMAIN_TGT_NEXT_LEVEL: DomainVersion = DOMAIN_LEVEL_10;
// The maximum supported domain functional level // The maximum supported domain functional level
pub const DOMAIN_MAX_LEVEL: DomainVersion = DOMAIN_LEVEL_9; pub const DOMAIN_MAX_LEVEL: DomainVersion = DOMAIN_LEVEL_10;
// On test builds define to 60 seconds // On test builds define to 60 seconds
#[cfg(test)] #[cfg(test)]

16
server/lib/src/server/migrations.rs
View file

@ -624,7 +624,7 @@ impl<'a> QueryServerWriteTransaction<'a> {
Ok(()) Ok(())
} }
/// Migration domain level 8 to 9 /// Migration domain level 8 to 9 (1.5.0)
#[instrument(level = "info", skip_all)] #[instrument(level = "info", skip_all)]
pub(crate) fn migrate_domain_8_to_9(&mut self) -> Result<(), OperationError> { pub(crate) fn migrate_domain_8_to_9(&mut self) -> Result<(), OperationError> {
if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 { if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 {
@ -665,6 +665,17 @@ impl<'a> QueryServerWriteTransaction<'a> {
Ok(()) Ok(())
} }
/// Migration domain level 9 to 10 (1.6.0)
#[instrument(level = "info", skip_all)]
pub(crate) fn migrate_domain_9_to_10(&mut self) -> Result<(), OperationError> {
if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 {
error!("Unable to raise domain level from 8 to 9.");
return Err(OperationError::MG0004DomainLevelInDevelopment);
}
Ok(())
}
#[instrument(level = "info", skip_all)] #[instrument(level = "info", skip_all)]
pub fn initialise_schema_core(&mut self) -> Result<(), OperationError> { pub fn initialise_schema_core(&mut self) -> Result<(), OperationError> {
admin_debug!("initialise_schema_core -> start ..."); admin_debug!("initialise_schema_core -> start ...");
@ -1381,4 +1392,7 @@ mod tests {
#[qs_test(domain_level=DOMAIN_LEVEL_8)] #[qs_test(domain_level=DOMAIN_LEVEL_8)]
async fn test_migrations_dl8_dl9(_server: &QueryServer) {} async fn test_migrations_dl8_dl9(_server: &QueryServer) {}
#[qs_test(domain_level=DOMAIN_LEVEL_9)]
async fn test_migrations_dl9_dl10(_server: &QueryServer) {}
} }

4
server/lib/src/server/mod.rs
View file

@ -2075,6 +2075,10 @@ impl<'a> QueryServerWriteTransaction<'a> {
self.migrate_domain_8_to_9()?; self.migrate_domain_8_to_9()?;
} }
if previous_version <= DOMAIN_LEVEL_9 && domain_info_version >= DOMAIN_LEVEL_10 {
self.migrate_domain_9_to_10()?;
}
// This is here to catch when we increase domain levels but didn't create the migration // This is here to catch when we increase domain levels but didn't create the migration
// hooks. If this fails it probably means you need to add another migration hook // hooks. If this fails it probably means you need to add another migration hook
// in the above. // in the above.