mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 04:27:02 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

Update to 1.6.0-dev (#3418)

Browse source
This commit is contained in:
Firstyear 2025-02-11 17:26:07 +10:00 committed by GitHub
parent 211e7d4e89
commit af6f55b1fe
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 67 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
Cargo.lock generated
View file

@ -1030,7 +1030,7 @@ dependencies = [
[[package]] [[package]]
name = "daemon" name = "daemon"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"clap", "clap",
"clap_complete", "clap_complete",
@ -2866,7 +2866,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm-ipa-sync" name = "kanidm-ipa-sync"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"chrono", "chrono",
"clap", "clap",
@ -2890,7 +2890,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm-ldap-sync" name = "kanidm-ldap-sync"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"chrono", "chrono",
"clap", "clap",
@ -2915,7 +2915,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_build_profiles" name = "kanidm_build_profiles"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"base64 0.22.1", "base64 0.22.1",
"gix", "gix",
@ -2926,7 +2926,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_client" name = "kanidm_client"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"compact_jwt", "compact_jwt",
"http 1.2.0", "http 1.2.0",
@ -2948,7 +2948,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_device_flow" name = "kanidm_device_flow"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"kanidm_proto", "kanidm_proto",
@ -2961,7 +2961,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_lib_crypto" name = "kanidm_lib_crypto"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"argon2", "argon2",
"base64 0.22.1", "base64 0.22.1",
@ -2982,14 +2982,14 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_lib_file_permissions" name = "kanidm_lib_file_permissions"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"kanidm_utils_users", "kanidm_utils_users",
] ]
[[package]] [[package]]
name = "kanidm_proto" name = "kanidm_proto"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"base32", "base32",
"base64 0.22.1", "base64 0.22.1",
@ -3015,7 +3015,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_tools" name = "kanidm_tools"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
@ -3046,7 +3046,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_unix_common" name = "kanidm_unix_common"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"bytes", "bytes",
"csv", "csv",
@ -3065,7 +3065,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_unix_int" name = "kanidm_unix_int"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"bytes", "bytes",
@ -3106,14 +3106,14 @@ dependencies = [
[[package]] [[package]]
name = "kanidm_utils_users" name = "kanidm_utils_users"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"libc", "libc",
] ]
[[package]] [[package]]
name = "kanidmd_core" name = "kanidmd_core"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"askama", "askama",
"askama_axum", "askama_axum",
@ -3168,7 +3168,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidmd_lib" name = "kanidmd_lib"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"base64 0.22.1", "base64 0.22.1",
"base64urlsafedata", "base64urlsafedata",
@ -3221,7 +3221,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidmd_lib_macros" name = "kanidmd_lib_macros"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
@ -3230,7 +3230,7 @@ dependencies = [
[[package]] [[package]]
name = "kanidmd_testkit" name = "kanidmd_testkit"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"compact_jwt", "compact_jwt",
"escargot", "escargot",
@ -3702,7 +3702,7 @@ dependencies = [
[[package]] [[package]]
name = "nss_kanidm" name = "nss_kanidm"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"cc", "cc",
"kanidm_unix_common", "kanidm_unix_common",
@ -4062,7 +4062,7 @@ dependencies = [
[[package]] [[package]]
name = "orca" name = "orca"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"chrono", "chrono",
@ -4099,7 +4099,7 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
[[package]] [[package]]
name = "pam_kanidm" name = "pam_kanidm"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"kanidm_unix_common", "kanidm_unix_common",
"libc", "libc",
@ -4917,7 +4917,7 @@ dependencies = [
[[package]] [[package]]
name = "scim_proto" name = "scim_proto"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"base64urlsafedata", "base64urlsafedata",
"peg", "peg",
@ -5198,7 +5198,7 @@ dependencies = [
[[package]] [[package]]
name = "sketching" name = "sketching"
version = "1.5.0-dev" version = "1.6.0-dev"
dependencies = [ dependencies = [
"num_enum", "num_enum",
"opentelemetry", "opentelemetry",

28
Cargo.toml
View file

@ -1,5 +1,5 @@
[workspace.package] [workspace.package]
version = "1.5.0-dev" version = "1.6.0-dev"
authors = [ authors = [
"William Brown <william@blackhats.net.au>", "William Brown <william@blackhats.net.au>",
"James Hodgkinson <james@terminaloutcomes.com>", "James Hodgkinson <james@terminaloutcomes.com>",
@ -123,20 +123,20 @@ codegen-units = 256
libnss = { git = "https://github.com/Firstyear/libnss-rs.git", branch = "20250207-freebsd" } libnss = { git = "https://github.com/Firstyear/libnss-rs.git", branch = "20250207-freebsd" }
[workspace.dependencies] [workspace.dependencies]
kanidmd_core = { path = "./server/core", version = "=1.5.0-dev" } kanidmd_core = { path = "./server/core", version = "=1.6.0-dev" }
kanidmd_lib = { path = "./server/lib", version = "=1.5.0-dev" } kanidmd_lib = { path = "./server/lib", version = "=1.6.0-dev" }
kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.5.0-dev" } kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.6.0-dev" }
kanidmd_testkit = { path = "./server/testkit", version = "=1.5.0-dev" } kanidmd_testkit = { path = "./server/testkit", version = "=1.6.0-dev" }
kanidm_build_profiles = { path = "./libs/profiles", version = "=1.5.0-dev" } kanidm_build_profiles = { path = "./libs/profiles", version = "=1.6.0-dev" }
kanidm_client = { path = "./libs/client", version = "=1.5.0-dev" } kanidm_client = { path = "./libs/client", version = "=1.6.0-dev" }
kanidm-hsm-crypto = "^0.2.0" kanidm-hsm-crypto = "^0.2.0"
kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.5.0-dev" } kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.6.0-dev" }
kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.5.0-dev" } kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.6.0-dev" }
kanidm_proto = { path = "./proto", version = "=1.5.0-dev" } kanidm_proto = { path = "./proto", version = "=1.6.0-dev" }
kanidm_unix_common = { path = "./unix_integration/common", version = "=1.5.0-dev" } kanidm_unix_common = { path = "./unix_integration/common", version = "=1.6.0-dev" }
kanidm_utils_users = { path = "./libs/users", version = "=1.5.0-dev" } kanidm_utils_users = { path = "./libs/users", version = "=1.6.0-dev" }
scim_proto = { path = "./libs/scim_proto", version = "=1.5.0-dev" } scim_proto = { path = "./libs/scim_proto", version = "=1.6.0-dev" }
sketching = { path = "./libs/sketching", version = "=1.5.0-dev" } sketching = { path = "./libs/sketching", version = "=1.6.0-dev" }
anyhow = { version = "1.0.95" } anyhow = { version = "1.0.95" }
argon2 = { version = "0.5.3", features = ["alloc"] } argon2 = { version = "0.5.3", features = ["alloc"] }

18
server/lib/src/constants/mod.rs
View file

@ -79,22 +79,28 @@ pub const PATCH_LEVEL_2: u32 = 2;
/// Deprecated as of 1.8.0 /// Deprecated as of 1.8.0
pub const DOMAIN_LEVEL_10: DomainVersion = 10; pub const DOMAIN_LEVEL_10: DomainVersion = 10;
/// Domain Level introduced with 1.7.0.
/// Deprecated as of 1.9.0
pub const DOMAIN_LEVEL_11: DomainVersion = 11;
// The minimum level that we can re-migrate from. // The minimum level that we can re-migrate from.
// This should be DOMAIN_TGT_LEVEL minus 2 // This should be DOMAIN_TGT_LEVEL minus 2
pub const DOMAIN_MIN_REMIGRATION_LEVEL: DomainVersion = DOMAIN_LEVEL_7; pub const DOMAIN_MIN_REMIGRATION_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL - 2;
// The minimum supported domain functional level (for replication) // The minimum supported domain functional level (for replication)
pub const DOMAIN_MIN_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL; pub const DOMAIN_MIN_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL;
// The previous releases domain functional level // The previous releases domain functional level
pub const DOMAIN_PREVIOUS_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_8; pub const DOMAIN_PREVIOUS_TGT_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL - 1;
// The target supported domain functional level. During development this is // The target supported domain functional level. During development this is
// the NEXT level that users will upgrade too. // the NEXT level that users will upgrade too. In other words if we are
pub const DOMAIN_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_9; // developing 1.6.0-dev, then we need to set TGT_LEVEL to 10 which is
// the corresponding level.
pub const DOMAIN_TGT_LEVEL: DomainVersion = DOMAIN_LEVEL_10;
// The current patch level if any out of band fixes are required. // The current patch level if any out of band fixes are required.
pub const DOMAIN_TGT_PATCH_LEVEL: u32 = PATCH_LEVEL_2; pub const DOMAIN_TGT_PATCH_LEVEL: u32 = PATCH_LEVEL_2;
// The target domain functional level for the SUBSEQUENT release/dev cycle. // The target domain functional level for the SUBSEQUENT release/dev cycle.
pub const DOMAIN_TGT_NEXT_LEVEL: DomainVersion = DOMAIN_LEVEL_10; pub const DOMAIN_TGT_NEXT_LEVEL: DomainVersion = DOMAIN_TGT_LEVEL + 1;
// The maximum supported domain functional level // The maximum supported domain functional level
pub const DOMAIN_MAX_LEVEL: DomainVersion = DOMAIN_LEVEL_10; pub const DOMAIN_MAX_LEVEL: DomainVersion = DOMAIN_LEVEL_11;
// On test builds define to 60 seconds // On test builds define to 60 seconds
#[cfg(test)] #[cfg(test)]

16
server/lib/src/server/migrations.rs
View file

@ -760,7 +760,18 @@ impl QueryServerWriteTransaction<'_> {
#[instrument(level = "info", skip_all)] #[instrument(level = "info", skip_all)]
pub(crate) fn migrate_domain_9_to_10(&mut self) -> Result<(), OperationError> { pub(crate) fn migrate_domain_9_to_10(&mut self) -> Result<(), OperationError> {
if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 { if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_9 {
error!("Unable to raise domain level from 8 to 9."); error!("Unable to raise domain level from 9 to 10.");
return Err(OperationError::MG0004DomainLevelInDevelopment);
}
Ok(())
}
/// Migration domain level 10 to 11 (1.7.0)
#[instrument(level = "info", skip_all)]
pub(crate) fn migrate_domain_10_to_11(&mut self) -> Result<(), OperationError> {
if !cfg!(test) && DOMAIN_TGT_LEVEL < DOMAIN_LEVEL_10 {
error!("Unable to raise domain level from 10 to 11.");
return Err(OperationError::MG0004DomainLevelInDevelopment); return Err(OperationError::MG0004DomainLevelInDevelopment);
} }
@ -1489,4 +1500,7 @@ mod tests {
#[qs_test(domain_level=DOMAIN_LEVEL_9)] #[qs_test(domain_level=DOMAIN_LEVEL_9)]
async fn test_migrations_dl9_dl10(_server: &QueryServer) {} async fn test_migrations_dl9_dl10(_server: &QueryServer) {}
#[qs_test(domain_level=DOMAIN_LEVEL_10)]
async fn test_migrations_dl10_dl11(_server: &QueryServer) {}
} }

4
server/lib/src/server/mod.rs
View file

@ -2369,6 +2369,10 @@ impl<'a> QueryServerWriteTransaction<'a> {
self.migrate_domain_9_to_10()?; self.migrate_domain_9_to_10()?;
} }
if previous_version <= DOMAIN_LEVEL_10 && domain_info_version >= DOMAIN_LEVEL_11 {
self.migrate_domain_10_to_11()?;
}
// This is here to catch when we increase domain levels but didn't create the migration // This is here to catch when we increase domain levels but didn't create the migration
// hooks. If this fails it probably means you need to add another migration hook // hooks. If this fails it probably means you need to add another migration hook
// in the above. // in the above.