Skip to content

fix: address operator production readiness blockers#136

Open
GatewayJ wants to merge 2 commits into
rustfs:mainfrom
GatewayJ:fix/production-readiness-blockers
Open

fix: address operator production readiness blockers#136
GatewayJ wants to merge 2 commits into
rustfs:mainfrom
GatewayJ:fix/production-readiness-blockers

Conversation

@GatewayJ

@GatewayJ GatewayJ commented Jun 11, 2026
edited
Loading

Copy link
Copy Markdown
Member

Type of Change

  • New Feature
  • Bug Fix
  • Documentation
  • Performance Improvement
  • Test/CI
  • Refactor
  • Other:

Related Issues

N/A

Summary of Changes

This PR addresses the main production-readiness blockers found in the operator review without adding live e2e or destructive fault suites to CI.

  • Removes the README not production-ready wording while keeping the pre-release status clear.
  • Hardens Console auth by encrypting Kubernetes bearer tokens inside HttpOnly/SameSite/Secure stateless session cookies, rejecting tampered cookies, removing the hard-coded JWT fallback, and making CORS explicit instead of default-open for localhost.
  • Keeps Console sessions compatible with multiple replicas when all replicas share the same JWT_SECRET / console.jwtSecret.
  • Fixes CI/release coverage gaps by wiring Docker publishing to the actual CI workflow, running CI for deploy changes, and adding non-live e2e harness plus console-web lint/build/format checks.
  • Fixes Helm/deployment readiness issues, including Console Ingress range scoping, operator probes, stable Console Secret reuse across upgrades, and explicit HTTP-only dev cookie configuration.
  • Aligns console-web package management on pnpm and removes the stale npm lockfile.

Checklist

  • I have read and followed the CONTRIBUTING.md guidelines
  • Passed make pre-commit (fmt-check + clippy + test + console-lint + console-fmt-check)
  • Added/updated necessary tests
  • Documentation updated (if needed)
  • CHANGELOG.md updated under [Unreleased] (if user-visible change)
  • CI/CD passed (if applicable)

Impact

  • Breaking change (CRD/API compatibility)
  • Requires doc/config/deployment update
  • Other impact: Multi-replica Console deployments require a stable shared console.jwtSecret; the chart reuses the generated Secret across upgrades when the value is unset.

Verification

The full make pre-commit target was not run as a single command, but the relevant checks were run individually:

cargo fmt --all --check
cargo test --all
cargo clippy --all-features -- -D warnings
make e2e-check
cd console-web && npx --yes pnpm@10.28.1 install --frozen-lockfile
cd console-web && npx --yes pnpm@10.28.1 run lint
cd console-web && npx --yes pnpm@10.28.1 run build
cd console-web && npx --yes pnpm@10.28.1 run format:check
git diff --check

Additional Notes

Live e2e and destructive fault suites remain opt-in manual checks and are intentionally not added to CI to avoid extra CI pressure and cost.

@GatewayJ GatewayJ force-pushed the fix/production-readiness-blockers branch from 8da9c97 to 734c466 Compare June 11, 2026 01:52
@GatewayJ GatewayJ marked this pull request as ready for review June 11, 2026 11:42
@chatgpt-codex-connector

chatgpt-codex-connector Bot commented Jun 11, 2026

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GatewayJ