Begin 1.5.0 Development Cycle (#3150)

Cargo.lock

@@ -1092,7 +1092,7 @@ dependencies = [
 
 [[package]]
 name = "daemon"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "clap",
  "clap_complete",
@@ -2831,7 +2831,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm-ipa-sync"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "chrono",
  "clap",
@@ -2855,7 +2855,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm-ldap-sync"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "chrono",
  "clap",
@@ -2880,7 +2880,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_build_profiles"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "base64 0.22.1",
  "gix",
@@ -2891,7 +2891,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_client"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "compact_jwt 0.4.2",
  "http 1.1.0",
@@ -2913,7 +2913,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_device_flow"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "anyhow",
  "base64 0.22.1",
@@ -2928,7 +2928,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_lib_crypto"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "argon2",
  "base64 0.22.1",
@@ -2949,7 +2949,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_lib_file_permissions"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "kanidm_utils_users",
  "whoami",
@@ -2957,7 +2957,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_proto"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "base32",
  "base64 0.22.1",
@@ -2982,7 +2982,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_tools"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "anyhow",
  "clap",
@@ -3013,7 +3013,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_unix_common"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "bytes",
  "csv",
@@ -3032,7 +3032,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_unix_int"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "async-trait",
  "bytes",
@@ -3073,14 +3073,14 @@ dependencies = [
 
 [[package]]
 name = "kanidm_utils_users"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "libc",
 ]
 
 [[package]]
 name = "kanidmd_core"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "askama",
  "askama_axum",
@@ -3133,7 +3133,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_lib"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "base64 0.22.1",
  "base64urlsafedata 0.5.0",
@@ -3186,7 +3186,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_lib_macros"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -3195,7 +3195,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_testkit"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "assert_cmd",
  "compact_jwt 0.4.2",
@@ -3658,7 +3658,7 @@ dependencies = [
 
 [[package]]
 name = "nss_kanidm"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "kanidm_unix_common",
  "lazy_static",
@@ -4016,7 +4016,7 @@ dependencies = [
 
 [[package]]
 name = "orca"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "async-trait",
  "chrono",
@@ -4062,7 +4062,7 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
 
 [[package]]
 name = "pam_kanidm"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "kanidm_unix_common",
  "libc",
@@ -4936,7 +4936,7 @@ dependencies = [
 
 [[package]]
 name = "scim_proto"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "base64urlsafedata 0.5.0",
  "peg",
@@ -5211,7 +5211,7 @@ dependencies = [
 
 [[package]]
 name = "sketching"
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 dependencies = [
  "gethostname",
  "num_enum",

Cargo.toml

@@ -1,5 +1,5 @@
 [workspace.package]
-version = "1.4.0-dev"
+version = "1.5.0-dev"
 authors = [
     "William Brown <william@blackhats.net.au>",
     "James Hodgkinson <james@terminaloutcomes.com>",
@@ -121,20 +121,20 @@ codegen-units = 256
 # kanidm-hsm-crypto = { path = "../hsm-crypto" }
 
 [workspace.dependencies]
-kanidmd_core = { path = "./server/core", version = "=1.4.0-dev" }
-kanidmd_lib = { path = "./server/lib", version = "=1.4.0-dev" }
-kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.4.0-dev" }
-kanidmd_testkit = { path = "./server/testkit", version = "=1.4.0-dev" }
-kanidm_build_profiles = { path = "./libs/profiles", version = "=1.4.0-dev" }
-kanidm_client = { path = "./libs/client", version = "=1.4.0-dev" }
+kanidmd_core = { path = "./server/core", version = "=1.5.0-dev" }
+kanidmd_lib = { path = "./server/lib", version = "=1.5.0-dev" }
+kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.5.0-dev" }
+kanidmd_testkit = { path = "./server/testkit", version = "=1.5.0-dev" }
+kanidm_build_profiles = { path = "./libs/profiles", version = "=1.5.0-dev" }
+kanidm_client = { path = "./libs/client", version = "=1.5.0-dev" }
 kanidm-hsm-crypto = "^0.2.0"
-kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.4.0-dev" }
-kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.4.0-dev" }
-kanidm_proto = { path = "./proto", version = "=1.4.0-dev" }
-kanidm_unix_common = { path = "./unix_integration/common", version = "=1.4.0-dev" }
-kanidm_utils_users = { path = "./libs/users", version = "=1.4.0-dev" }
-scim_proto = { path = "./libs/scim_proto", version = "=1.4.0-dev" }
-sketching = { path = "./libs/sketching", version = "=1.4.0-dev" }
+kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.5.0-dev" }
+kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.5.0-dev" }
+kanidm_proto = { path = "./proto", version = "=1.5.0-dev" }
+kanidm_unix_common = { path = "./unix_integration/common", version = "=1.5.0-dev" }
+kanidm_utils_users = { path = "./libs/users", version = "=1.5.0-dev" }
+scim_proto = { path = "./libs/scim_proto", version = "=1.5.0-dev" }
+sketching = { path = "./libs/sketching", version = "=1.5.0-dev" }
 
 anyhow = { version = "1.0.90" }
 argon2 = { version = "0.5.3", features = ["alloc"] }

book/src/developers/release_checklist.md

@@ -6,6 +6,7 @@
 cargo install cargo-audit
 cargo install cargo-outdated
 cargo install cargo-udeps
+cargo install cargo-machete
 ```
 
 ## Pre Release Check List
@@ -19,6 +20,7 @@ cargo install cargo-udeps
 - [ ] Update MSRV if applicable
 - [ ] cargo update
 - [ ] `RUSTC_BOOTSTRAP=1 cargo udeps`
+- [ ] `cargo machete`
 - [ ] cargo outdated -R
 - [ ] cargo audit
 - [ ] cargo test
@@ -36,7 +38,7 @@ cargo install cargo-udeps
 - [ ] Update `RELEASE_NOTES.md`
 - [ ] Update `README.md`
 - [ ] cargo test
-- [ ] git commit
+- [ ] git commit -a -m "Release Notes"
 - [ ] git push origin YYYYMMDD-pre-release
 - [ ] Merge PR
 
@@ -44,16 +46,14 @@ cargo install cargo-udeps
 
 - [ ] git checkout master
 - [ ] git pull
-- [ ] git checkout -b 1.1.x (Note no v to prevent ref conflict)
+- [ ] git checkout -b 1.x.0 (Note no v to prevent ref conflict)
 - [ ] update version to set pre tag in ./Cargo.toml
-- [ ] update version to set pre tag in ./Makefile
-- [ ] git commit
-- [ ] git tag v1.1.x-pre
+- [ ] git commit -m "Release 1.x.0-pre"
+- [ ] git tag v1.x.0-pre
 
 - [ ] Final inspect of the branch
 
-- [ ] git push origin 1.1.x
-- [ ] git push origin 1.1.x --tags
+- [ ] git push origin 1.x.0 --tags
 
 - [ ] github -> Ensure release branch is protected
 
@@ -63,20 +63,21 @@ cargo install cargo-udeps
 - [ ] git pull
 - [ ] git checkout -b YYYYMMDD-dev-version
 - [ ] update version to +1 and add dev tag in ./Cargo.toml
-- [ ] update version to +1 and add dev tag in ./Makefile
 - [ ] update `DOMAIN_*_LEVEL` in server/lib/src/constants/mod.rs
+- [ ] update and add new migrations
 
 ## Final Release Check List
 
 ### Git Management Part Deux
 
-- [ ] git checkout 1.1.x
-- [ ] git pull origin 1.1.x
+- [ ] git checkout 1.x.0
+- [ ] git pull origin 1.x.0
 
 - [ ] update version to remove pre tag in ./Cargo.toml
-- [ ] update version to remove pre tag in ./Makefile
-- [ ] git tag v1.1.x
-- [ ] git push origin 1.1.x --tags
+- [ ] update Makefile to set docker image to latest
+- [ ] git commit -a -m 'Release 1.x.0'
+- [ ] git tag v1.x.0
+- [ ] git push origin 1.x.0 --tags
 
 - [ ] github -> create new release based on tag (not branch) - use tag because then tools will get
       the tag + patches we apply.
@@ -99,10 +100,10 @@ cargo install cargo-udeps
 ### Docker
 
 - [ ] docker buildx use cluster
-- [ ] `make buildx/kanidmd/x86_64_v3 buildx/kanidmd buildx/kanidm_tools buildx/radiusd`
-- [ ] `IMAGE_VERSION=latest make buildx`
+- [ ] `make buildx`
 - [ ] Update the readme on docker <https://hub.docker.com/repository/docker/kanidm/server>
 
 ### Distro
 
 - [ ] vendor and release to build.opensuse.org
+

server/lib/src/constants/mod.rs

@@ -74,22 +74,26 @@ pub const DOMAIN_LEVEL_8: DomainVersion = 8;
 /// Deprecated as of 1.7.0
 pub const DOMAIN_LEVEL_9: DomainVersion = 9;
 
+/// Domain Level introduced with 1.6.0.
+/// Deprecated as of 1.8.0
+pub const DOMAIN_LEVEL_10: DomainVersion = 10;
+
 // The minimum level that we can re-migrate from.
 // This should be DOMAIN_TGT_LEVEL minus 2
-pub const DOMAIN_MIN_REMIGRATION_LEVEL: DomainVersion = DOMAIN_LEVEL_6;
+pub const DOMAIN_MIN_REMIGRATION_LEVEL: DomainVersion = DOMAIN_LEVEL_7;
 // The minimum supported domain functional level (for replication)
 pub const DOMAIN_MIN_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL;
 // The previous releases domain functional level
-pub const DOMAIN_PREVIOUS_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_7;
+pub const DOMAIN_PREVIOUS_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_8;
 // The target supported domain functional level. During development this is
 // the NEXT level that users will upgrade too.
-pub const DOMAIN_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_8;
+pub const DOMAIN_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_9;
 // The current patch level if any out of band fixes are required.
 pub const DOMAIN_TGT_PATCH_LEVEL: u32 = PATCH_LEVEL_1;
 // The target domain functional level for the SUBSEQUENT release/dev cycle.
-pub const DOMAIN_TGT_NEXT_LEVEL: DomainVersion = DOMAIN_LEVEL_9;
+pub const DOMAIN_TGT_NEXT_LEVEL: DomainVersion = DOMAIN_LEVEL_10;
 // The maximum supported domain functional level
-pub const DOMAIN_MAX_LEVEL: DomainVersion = DOMAIN_LEVEL_9;
+pub const DOMAIN_MAX_LEVEL: DomainVersion = DOMAIN_LEVEL_10;
 
 // On test builds define to 60 seconds
 #[cfg(test)]

server/lib/src/server/migrations.rs

@@ -624,7 +624,7 @@ impl<'a> QueryServerWriteTransaction<'a> {
         Ok(())
     }
 
-    /// Migration domain level 8 to 9
+    /// Migration domain level 8 to 9 (1.5.0)
     #[instrument(level = "info", skip_all)]
     pub(crate) fn migrate_domain_8_to_9(&mut self) -> Result<(), OperationError> {
         if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 {
@@ -665,6 +665,17 @@ impl<'a> QueryServerWriteTransaction<'a> {
         Ok(())
     }
 
+    /// Migration domain level 9 to 10 (1.6.0)
+    #[instrument(level = "info", skip_all)]
+    pub(crate) fn migrate_domain_9_to_10(&mut self) -> Result<(), OperationError> {
+        if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 {
+            error!("Unable to raise domain level from 8 to 9.");
+            return Err(OperationError::MG0004DomainLevelInDevelopment);
+        }
+
+        Ok(())
+    }
+
     #[instrument(level = "info", skip_all)]
     pub fn initialise_schema_core(&mut self) -> Result<(), OperationError> {
         admin_debug!("initialise_schema_core -> start ...");
@@ -1381,4 +1392,7 @@ mod tests {
 
     #[qs_test(domain_level=DOMAIN_LEVEL_8)]
     async fn test_migrations_dl8_dl9(_server: &QueryServer) {}
+
+    #[qs_test(domain_level=DOMAIN_LEVEL_9)]
+    async fn test_migrations_dl9_dl10(_server: &QueryServer) {}
 }

server/lib/src/server/mod.rs

@@ -2075,6 +2075,10 @@ impl<'a> QueryServerWriteTransaction<'a> {
             self.migrate_domain_8_to_9()?;
         }
 
+        if previous_version <= DOMAIN_LEVEL_9 && domain_info_version >= DOMAIN_LEVEL_10 {
+            self.migrate_domain_9_to_10()?;
+        }
+
         // This is here to catch when we increase domain levels but didn't create the migration
         // hooks. If this fails it probably means you need to add another migration hook
         // in the above.