stackabletech
diff --git a/‎.github/dependabot.yml
+29 b/‎.github/dependabot.yml
+29
diff --git a/‎.github/pull_request_template.md
+8 b/‎.github/pull_request_template.md
+8
diff --git a/‎.github/workflows/daily_security.yml
+19 b/‎.github/workflows/daily_security.yml
+19
diff --git a/‎.github/workflows/docker.yml
+21 b/‎.github/workflows/docker.yml
+21
diff --git a/‎.github/workflows/publish_dev_artifacts.yml
+79 b/‎.github/workflows/publish_dev_artifacts.yml
+79
diff --git a/‎.github/workflows/publish_release_artifacts.yml
+78 b/‎.github/workflows/publish_release_artifacts.yml
+78
diff --git a/‎.github/workflows/rust.yml
+117 b/‎.github/workflows/rust.yml
+117
diff --git a/‎.gitignore
+4 b/‎.gitignore
+4
diff --git a/‎CHANGELOG.md
+5 b/‎CHANGELOG.md
+5
@@ -0,0 +1,29 @@
+# =============
+# This file is automatically generated from the templates in stackabletech/operator-templating
+# DON'T MANUALLY EDIT THIS FILE
+# =============
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "type/dependencies"
+    reviewers:
+      - "stackabletech/developers"
+
+  - package-ecosystem: "cargo"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "type/dependencies"
+    reviewers:
+      - "stackabletech/rust-developers"
+    ignore:
+      # We never want to be notified about a kube-rs update.
+      # It often contains breaking changes so it has to be updated manually anyway
+      # and it needs to be updated together with kube-runtime, kube-derive etc.
+      - dependency-name: "kube*"
+      - dependency-name: "k8s-openapi"
@@ -0,0 +1,8 @@
+## Description
+
+## Review Checklist
+- [ ] Code contains useful comments
+- [ ] (Integration-)Test cases added (or not applicable)
+- [ ] Documentation added (or not applicable)
+- [ ] Changelog updated (or not applicable)
+- [ ] Cargo.toml only contains references to git tags (not specific commits or branches)
@@ -0,0 +1,19 @@
+# =============
+# This file is automatically generated from the templates in stackabletech/operator-templating
+# DON'T MANUALLY EDIT THIS FILE
+# =============
+name: Security audit
+
+on:
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
@@ -0,0 +1,21 @@
+# =============
+# This file is automatically generated from the templates in stackabletech/operator-templating
+# DON'T MANUALLY EDIT THIS FILE
+# =============
+name: Docker
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Build Docker image
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - shell: bash
+        env:
+          NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+        run: make docker
@@ -0,0 +1,79 @@
+# =============
+# This file is automatically generated from the templates in stackabletech/operator-templating
+# DON'T MANUALLY EDIT THIS FILE
+# =============
+name: Publish Dev Artifacts
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+env:
+  PRODUCT_NAME: trino
+  CARGO_TERM_COLOR: always
+  CARGO_INCREMENTAL: '0'
+  CARGO_PROFILE_DEV_DEBUG: '0'
+  RUSTFLAGS: "-D warnings -W rust-2021-compatibility"
+  REPO_APT_DEV_URL: https://repo.stackable.tech/repository/deb-dev
+  REPO_RPM_DEV_URL: https://repo.stackable.tech/repository/rpm-dev
+
+jobs:
+  debian10:
+    runs-on: debian10
+    steps:
+      - uses: actions/checkout@v2
+      - name: Change version if is PR
+        if: ${{ github.event_name == 'pull_request' }}
+        # We use "mr" instead of "pr" to denote pull request builds, as this prefix comes before "nightly" when lexically
+        # sorting packages by version. This means that when installing the package without specifying a version the
+        # nighly version is considered more current than mr versions and installed by default
+        run: sed -i -e 's/^version = "\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/version = "\1-mr${{ github.event.number }}"/' rust/operator-binary/Cargo.toml
+      - name: Build
+        run: ~/.cargo/bin/cargo +nightly build --verbose --release
+      - name: Build apt package
+        run: ~/.cargo/bin/cargo deb --manifest-path rust/operator-binary/Cargo.toml --no-build
+      - name: Publish apt package
+        env:
+          NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+        if: env.NEXUS_PASSWORD != null
+        run: >-
+          /usr/bin/curl
+          --fail
+          -u 'github:${{ secrets.NEXUS_PASSWORD }}'
+          -H "Content-Type: multipart/form-data"
+          --data-binary "@./$(find target/debian/ -name *.deb)"
+          "${{ env.REPO_APT_DEV_URL }}/"
+      - name: Clean
+        run: ~/.cargo/bin/cargo clean
+
+  centos:
+    runs-on: centos${{ matrix.node }}
+    strategy:
+      matrix:
+        node: [ 7, 8 ]
+    steps:
+      - uses: actions/checkout@v2
+      - name: Change version if is PR
+        if: ${{ github.event_name == 'pull_request' }}
+        # We use "mr" instead of "pr" to denote pull request builds, as this prefix comes before "nightly" when lexically
+        # sorting packages by version. This means that when installing the package without specifying a version the
+        # nighly version is considered more current than mr versions and installed by default
+        run: sed -i -e 's/^version = "\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/version = "\1-mr${{ github.event.number }}"/' rust/operator-binary/Cargo.toml
+      - name: Build
+        run: ~/.cargo/bin/cargo +nightly build --verbose --release
+      - name: Build RPM package
+        run: packaging/buildrpm.sh stackable-${{ env.PRODUCT_NAME }}-operator-binary stackable-${{ env.PRODUCT_NAME }}-operator
+      - name: Publish RPM package
+        env:
+          NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+        if: env.NEXUS_PASSWORD != null
+        run: >-
+          /usr/bin/curl
+          --fail
+          -u 'github:${{ secrets.NEXUS_PASSWORD }}'
+          --upload-file "./$(find  target/rpm/RPMS/x86_64/ -name *.rpm)"
+          "${{ env.REPO_RPM_DEV_URL }}/el${{ matrix.node }}/"
+      - name: Clean
+        run: ~/.cargo/bin/cargo clean
@@ -0,0 +1,78 @@
+# =============
+# This file is automatically generated from the templates in stackabletech/operator-templating
+# DON'T MANUALLY EDIT THIS FILE
+# =============
+name: Publish-Release-Artifacts
+
+on:
+  push:
+    tags:
+      - "*"
+
+env:
+  PRODUCT_NAME: trino
+  CARGO_TERM_COLOR: always
+  CARGO_INCREMENTAL: '0'
+  CARGO_PROFILE_DEV_DEBUG: '0'
+  RUSTFLAGS: "-D warnings -W rust-2021-compatibility"
+  REPO_APT_RELEASE_URL: https://repo.stackable.tech/repository/deb-release
+  REPO_RPM_RELEASE_URL: https://repo.stackable.tech/repository/rpm-release
+
+jobs:
+  debian10:
+    runs-on: debian10
+    steps:
+      - uses: actions/checkout@v2
+      - name: Change version if is PR
+        if: ${{ github.event_name == 'pull_request' }}
+        # We use "mr" instead of "pr" to denote pull request builds, as this prefix comes before "nightly" when lexically
+        # sorting packages by version. This means that when installing the package without specifying a version the
+        # nighly version is considered more current than mr versions and installed by default
+        run: sed -i -e 's/^version = "\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/version = "\1-mr${{ github.event.number }}"/' rust/operator-binary/Cargo.toml
+      - name: Build
+        run: ~/.cargo/bin/cargo +nightly build --verbose --release
+      - name: Build apt package
+        run: ~/.cargo/bin/cargo deb --manifest-path rust/operator-binary/Cargo.toml --no-build
+      - name: Publish apt package
+        env:
+          NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+        if: env.NEXUS_PASSWORD != null
+        run: >-
+          /usr/bin/curl
+          --fail
+          -u 'github:${{ secrets.NEXUS_PASSWORD }}'
+          -H "Content-Type: multipart/form-data"
+          --data-binary "@./$(find target/debian/ -name *.deb)"
+          "${{ env.REPO_APT_RELEASE_URL }}/"
+      - name: Clean
+        run: ~/.cargo/bin/cargo clean
+
+  centos:
+    runs-on: centos${{ matrix.node }}
+    strategy:
+      matrix:
+        node: [ 7, 8 ]
+    steps:
+      - uses: actions/checkout@v2
+      - name: Change version if is PR
+        if: ${{ github.event_name == 'pull_request' }}
+        # We use "mr" instead of "pr" to denote pull request builds, as this prefix comes before "nightly" when lexically
+        # sorting packages by version. This means that when installing the package without specifying a version the
+        # nighly version is considered more current than mr versions and installed by default
+        run: sed -i -e 's/^version = "\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/version = "\1-mr${{ github.event.number }}"/' rust/operator-binary/Cargo.toml
+      - name: Build
+        run: ~/.cargo/bin/cargo +nightly build --verbose --release
+      - name: Build RPM package
+        run: packaging/buildrpm.sh stackable-${{ env.PRODUCT_NAME }}-operator-binary stackable-${{ env.PRODUCT_NAME }}-operator
+      - name: Publish RPM package
+        env:
+          NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+        if: env.NEXUS_PASSWORD != null
+        run: >-
+          /usr/bin/curl
+          --fail
+          -u 'github:${{ secrets.NEXUS_PASSWORD }}'
+          --upload-file "./$(find  target/rpm/RPMS/x86_64/ -name *.rpm)"
+          "${{ env.REPO_RPM_RELEASE_URL }}/el${{ matrix.node }}/"
+      - name: Clean
+        run: ~/.cargo/bin/cargo clean
@@ -0,0 +1,117 @@
+# =============
+# This file is automatically generated from the templates in stackabletech/operator-templating
+# DON'T MANUALLY EDIT THIS FILE
+# =============
+name: Rust
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+env:
+  CARGO_TERM_COLOR: always
+  CARGO_INCREMENTAL: '0'
+  CARGO_PROFILE_DEV_DEBUG: '0'
+  RUSTFLAGS: "-D warnings -W rust-2021-compatibility"
+
+jobs:
+
+  test:
+    name: Run tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+          profile: minimal
+          toolchain: stable
+          override: true
+      - uses: Swatinem/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+          command: test
+      - uses: actions-rs/[email protected]
+        with:
+          command: clean
+
+  rustfmt:
+    name: Run rustfmt
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+          profile: minimal
+          toolchain: stable
+          components: rustfmt
+          override: true
+      - uses: actions-rs/[email protected]
+        with:
+          command: fmt
+          args: --all -- --check
+
+  doc:
+    name: Run rustdoc
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+          profile: minimal
+          toolchain: stable
+          components: rustfmt
+          override: true
+      - uses: Swatinem/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+          command: doc
+          args: --document-private-items
+
+  clippy:
+    name: Run clippy
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - uses: actions-rs/[email protected]
+        with:
+            profile: minimal
+            toolchain: stable
+            components: clippy
+            override: true
+      # We need this due to: https://github.com/actions-rs/clippy-check/issues/2
+      - name: Check workflow permissions
+        id: check_permissions
+        uses: scherermichael-oss/[email protected]
+        with:
+          required-permission: write
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Run clippy action to produce annotations
+        uses: actions-rs/clippy-check@v1
+        if: steps.check_permissions.outputs.has-permission
+        with:
+          args: --all-targets -- -D warnings
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Run clippy manually without annotations
+        if: ${{ !steps.check_permissions.outputs.has-permission }}
+        run: cargo clippy --all-targets -- -D warnings
+
+  cargo-deny:
+    name: Run cargo deny
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        checks:
+          - advisories
+          - bans licenses sources
+
+    # Prevent sudden announcement of a new advisory from failing ci:
+    continue-on-error: ${{ matrix.checks == 'advisories' }}
+
+    steps:
+      - uses: actions/[email protected]
+      - uses: EmbarkStudios/[email protected]
+        with:
+          command: check ${{ matrix.checks }}
@@ -0,0 +1,4 @@
+*.iml
+.idea
+target
+
@@ -0,0 +1,5 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [Unreleased]
-Original file line number
+Diff line change
 +*.iml
 +.idea
 +target
++