diff --git a/CHANGELOG.md b/CHANGELOG.md index 8bf008b4..2989e9a1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ All notable changes to this project will be documented in this file. - Support objectOverrides using `.spec.objectOverrides`. See [objectOverrides concepts page](https://docs.stackable.tech/home/nightly/concepts/overrides/#object-overrides) for details ([#885]). +- Enable the [restart-controller](https://docs.stackable.tech/home/nightly/commons-operator/restarter/), so that the Pods are automatically restarted on config changes ([#888]). ### Changed @@ -23,6 +24,7 @@ All notable changes to this project will be documented in this file. [#881]: https://github.com/stackabletech/nifi-operator/pull/881 [#884]: https://github.com/stackabletech/nifi-operator/pull/884 [#885]: https://github.com/stackabletech/nifi-operator/pull/885 +[#888]: https://github.com/stackabletech/nifi-operator/pull/888 ## [25.11.0] - 2025-11-07 diff --git a/Cargo.lock b/Cargo.lock index b86d47ec..8446e11f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1372,7 +1372,7 @@ dependencies = [ [[package]] name = "k8s-version" version = "0.1.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "darling 0.23.0", "regex", @@ -2512,8 +2512,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.101.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +version = "0.102.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "chrono", "clap", @@ -2551,7 +2551,7 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "darling 0.23.0", "proc-macro2", @@ -2562,7 +2562,7 @@ dependencies = [ [[package]] name = "stackable-shared" version = "0.0.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "chrono", "k8s-openapi", @@ -2579,7 +2579,7 @@ dependencies = [ [[package]] name = "stackable-telemetry" version = "0.6.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "axum", "clap", @@ -2603,7 +2603,7 @@ dependencies = [ [[package]] name = "stackable-versioned" version = "0.8.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "schemars", "serde", @@ -2616,7 +2616,7 @@ dependencies = [ [[package]] name = "stackable-versioned-macros" version = "0.8.3" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#13cf69454684ccf105d7377ca369d62b7b07250c" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#402911782469fd689308f3e57c38ad249dec83f3" dependencies = [ "convert_case", "darling 0.23.0", diff --git a/Cargo.nix b/Cargo.nix index 3ba42e5d..b3cbd443 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -4275,8 +4275,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; libName = "k8s_version"; authors = [ @@ -8205,13 +8205,13 @@ rec { }; "stackable-operator" = rec { crateName = "stackable-operator"; - version = "0.101.2"; + version = "0.102.0"; edition = "2024"; workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; libName = "stackable_operator"; authors = [ @@ -8379,8 +8379,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; procMacro = true; libName = "stackable_operator_derive"; @@ -8414,8 +8414,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; libName = "stackable_shared"; authors = [ @@ -8496,8 +8496,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; libName = "stackable_telemetry"; authors = [ @@ -8606,8 +8606,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; libName = "stackable_versioned"; authors = [ @@ -8650,8 +8650,8 @@ rec { workspace_member = null; src = pkgs.fetchgit { url = "https://github.com/stackabletech/operator-rs.git"; - rev = "13cf69454684ccf105d7377ca369d62b7b07250c"; - sha256 = "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j"; + rev = "402911782469fd689308f3e57c38ad249dec83f3"; + sha256 = "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy"; }; procMacro = true; libName = "stackable_versioned_macros"; diff --git a/Cargo.toml b/Cargo.toml index 1570be0f..6ab00f98 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ repository = "https://github.com/stackabletech/nifi-operator" [workspace.dependencies] product-config = { git = "https://github.com/stackabletech/product-config.git", tag = "0.8.0" } -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.101.2", features = ["telemetry", "versioned"] } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.102.0", features = ["telemetry", "versioned"] } anyhow = "1.0" built = { version = "0.8", features = ["chrono", "git2"] } diff --git a/crate-hashes.json b/crate-hashes.json index 269d6950..68215a44 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -4,12 +4,12 @@ "git+https://github.com/stackabletech/kube-rs?branch=2.0.1-fix-schema-hoisting#kube-derive@2.0.1": "1a7bcl0w1jg71jc4iml0vjp8dpzy71mhxl012grxcy2xp5i6xvgf", "git+https://github.com/stackabletech/kube-rs?branch=2.0.1-fix-schema-hoisting#kube-runtime@2.0.1": "1a7bcl0w1jg71jc4iml0vjp8dpzy71mhxl012grxcy2xp5i6xvgf", "git+https://github.com/stackabletech/kube-rs?branch=2.0.1-fix-schema-hoisting#kube@2.0.1": "1a7bcl0w1jg71jc4iml0vjp8dpzy71mhxl012grxcy2xp5i6xvgf", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#k8s-version@0.1.3": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#stackable-operator-derive@0.3.1": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#stackable-operator@0.101.2": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#stackable-shared@0.0.3": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#stackable-telemetry@0.6.1": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#stackable-versioned-macros@0.8.3": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.101.2#stackable-versioned@0.8.3": "09nmd5pqrmc49dzm7y26qlh1np528d9xq4q8vm4d04sd8z9rd46j", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#k8s-version@0.1.3": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#stackable-operator-derive@0.3.1": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#stackable-operator@0.102.0": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#stackable-shared@0.0.3": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#stackable-telemetry@0.6.1": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#stackable-versioned-macros@0.8.3": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", + "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.102.0#stackable-versioned@0.8.3": "16j834cchvq6psb4lm5fjz6nm04cg3aqhsffyls20y617ky7whpy", "git+https://github.com/stackabletech/product-config.git?tag=0.8.0#product-config@0.8.0": "1dz70kapm2wdqcr7ndyjji0lhsl98bsq95gnb2lw487wf6yr7987" } \ No newline at end of file diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index c373a6aa..e8b6402a 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -30,6 +30,7 @@ use stackable_operator::{ product_image_selection::{self, ResolvedProductImage}, rbac::build_rbac_resources, }, + constants::RESTART_CONTROLLER_ENABLED_LABEL, crd::{authentication::oidc::v1alpha1::AuthenticationProvider, git_sync}, k8s_openapi::{ DeepMerge, @@ -598,6 +599,10 @@ pub async fn reconcile_nifi( .with_context(|_| ApplyRoleGroupConfigSnafu { rolegroup: rolegroup.clone(), })?; + + // Note: The StatefulSet needs to be applied after all ConfigMaps and Secrets it mounts + // to prevent unnecessary Pod restarts. + // See https://github.com/stackabletech/commons-operator/issues/111 for details. ss_cond_builder.add( cluster_resources .add(client, rg_statefulset) @@ -1416,6 +1421,7 @@ async fn build_node_rolegroup_statefulset( .context(ObjectMissingMetadataForOwnerRefSnafu)? .with_recommended_labels(recommended_object_labels) .context(MetadataBuildSnafu)? + .with_label(RESTART_CONTROLLER_ENABLED_LABEL.to_owned()) .build(), spec: Some(StatefulSetSpec { pod_management_policy: Some("Parallel".to_string()), diff --git a/tests/templates/kuttl/smoke_v1/30-assert.yaml b/tests/templates/kuttl/smoke_v1/30-assert.yaml index d075654f..672f1375 100644 --- a/tests/templates/kuttl/smoke_v1/30-assert.yaml +++ b/tests/templates/kuttl/smoke_v1/30-assert.yaml @@ -7,6 +7,10 @@ apiVersion: apps/v1 kind: StatefulSet metadata: name: nifi-node-default + # generation: 1 # Im not sure why we end up with generation 2 instead of 1... + # But at least we don't have any unnecessary Pod restart :) + labels: + restarter.stackable.tech/enabled: "true" spec: template: spec: diff --git a/tests/templates/kuttl/smoke_v1/30-install-nifi.yaml.j2 b/tests/templates/kuttl/smoke_v1/30-install-nifi.yaml.j2 index 9e6ddfe1..daf9da91 100644 --- a/tests/templates/kuttl/smoke_v1/30-install-nifi.yaml.j2 +++ b/tests/templates/kuttl/smoke_v1/30-install-nifi.yaml.j2 @@ -1,4 +1,39 @@ --- +apiVersion: authentication.stackable.tech/v1alpha1 +kind: AuthenticationClass +metadata: + name: nifi-users +spec: + provider: + static: + userCredentialsSecret: + name: nifi-users +--- +apiVersion: v1 +kind: Secret +metadata: + name: nifi-users +stringData: + admin: > + passwordWithSpecialCharacter\@<&>"' +--- +apiVersion: v1 +kind: Secret +metadata: + name: nifi-sensitive-property-key +stringData: + nifiSensitivePropsKey: mYsUp3rS3cr3tk3y +--- +apiVersion: zookeeper.stackable.tech/v1alpha1 +kind: ZookeeperZnode +metadata: + name: nifi-znode +spec: + clusterRef: + name: zookeeper +--- +# We need to create the NifiCluster last, so that the ConfigMaps/Secrets it mounts are already +# existing to prevent unnecessary Pod restarts. apiVersion: nifi.stackable.tech/v1alpha1 kind: NifiCluster metadata: @@ -49,36 +84,3 @@ spec: "nifi.properties": "nifi.diagnostics.on.shutdown.enabled": "false" "nifi.diagnostics.on.shutdown.max.filecount": "20" ---- -apiVersion: authentication.stackable.tech/v1alpha1 -kind: AuthenticationClass -metadata: - name: nifi-users -spec: - provider: - static: - userCredentialsSecret: - name: nifi-users ---- -apiVersion: v1 -kind: Secret -metadata: - name: nifi-users -stringData: - admin: > - passwordWithSpecialCharacter\@<&>"' ---- -apiVersion: v1 -kind: Secret -metadata: - name: nifi-sensitive-property-key -stringData: - nifiSensitivePropsKey: mYsUp3rS3cr3tk3y ---- -apiVersion: zookeeper.stackable.tech/v1alpha1 -kind: ZookeeperZnode -metadata: - name: nifi-znode -spec: - clusterRef: - name: zookeeper diff --git a/tests/templates/kuttl/smoke_v2/30-assert.yaml b/tests/templates/kuttl/smoke_v2/30-assert.yaml index d075654f..672f1375 100644 --- a/tests/templates/kuttl/smoke_v2/30-assert.yaml +++ b/tests/templates/kuttl/smoke_v2/30-assert.yaml @@ -7,6 +7,10 @@ apiVersion: apps/v1 kind: StatefulSet metadata: name: nifi-node-default + # generation: 1 # Im not sure why we end up with generation 2 instead of 1... + # But at least we don't have any unnecessary Pod restart :) + labels: + restarter.stackable.tech/enabled: "true" spec: template: spec: diff --git a/tests/templates/kuttl/smoke_v2/30-install-nifi.yaml.j2 b/tests/templates/kuttl/smoke_v2/30-install-nifi.yaml.j2 index 06cfae19..36c457fd 100644 --- a/tests/templates/kuttl/smoke_v2/30-install-nifi.yaml.j2 +++ b/tests/templates/kuttl/smoke_v2/30-install-nifi.yaml.j2 @@ -1,4 +1,41 @@ --- +apiVersion: authentication.stackable.tech/v1alpha1 +kind: AuthenticationClass +metadata: + name: nifi-users +spec: + provider: + static: + userCredentialsSecret: + name: nifi-users +--- +apiVersion: v1 +kind: Secret +metadata: + name: nifi-users +stringData: + admin: > + passwordWithSpecialCharacter\@<&>"' +--- +apiVersion: v1 +kind: Secret +metadata: + name: nifi-sensitive-property-key +stringData: + nifiSensitivePropsKey: mYsUp3rS3cr3tk3y +{% if test_scenario['values']['use-zookeeper-manager'] == 'true' %} +--- +apiVersion: zookeeper.stackable.tech/v1alpha1 +kind: ZookeeperZnode +metadata: + name: nifi-znode +spec: + clusterRef: + name: zookeeper +{% endif %} +--- +# We need to create the NifiCluster last, so that the ConfigMaps/Secrets it mounts are already +# existing to prevent unnecessary Pod restarts. apiVersion: nifi.stackable.tech/v1alpha1 kind: NifiCluster metadata: @@ -51,38 +88,3 @@ spec: "nifi.properties": "nifi.diagnostics.on.shutdown.enabled": "false" "nifi.diagnostics.on.shutdown.max.filecount": "20" ---- -apiVersion: authentication.stackable.tech/v1alpha1 -kind: AuthenticationClass -metadata: - name: nifi-users -spec: - provider: - static: - userCredentialsSecret: - name: nifi-users ---- -apiVersion: v1 -kind: Secret -metadata: - name: nifi-users -stringData: - admin: > - passwordWithSpecialCharacter\@<&>"' ---- -apiVersion: v1 -kind: Secret -metadata: - name: nifi-sensitive-property-key -stringData: - nifiSensitivePropsKey: mYsUp3rS3cr3tk3y -{% if test_scenario['values']['use-zookeeper-manager'] == 'true' %} ---- -apiVersion: zookeeper.stackable.tech/v1alpha1 -kind: ZookeeperZnode -metadata: - name: nifi-znode -spec: - clusterRef: - name: zookeeper -{% endif %}