diff --git a/Makefile b/Makefile index 9807303..d3a1ab0 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ # Image URL to use all building/pushing image targets IMG ?= quay.io/tinkerbell/rufio:latest # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. -ENVTEST_K8S_VERSION = 1.23 +ENVTEST_K8S_VERSION = 1.28 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) @@ -68,7 +68,7 @@ cover: test ## Run unit tests with coverage report .PHONY: integration-test integration-test: manifests generate fmt vet envtest ## Run integration tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... integration -coverprofile cover.out -tags=integration + KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile cover.out -tags=integration ##@ Build @@ -114,7 +114,7 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi CONTROLLER_GEN = $(shell pwd)/bin/controller-gen .PHONY: controller-gen controller-gen: ## Download controller-gen locally if necessary. - $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.13.0) + $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.15.0) KUSTOMIZE = $(shell pwd)/bin/kustomize .PHONY: kustomize @@ -177,4 +177,4 @@ puml: ## Generate PlantUML diagrams. echo "Generating $$(basename $$pml)" ; \ filename=$$(basename $$pml .puml) ; \ plantuml -tpng $$pml ; \ - done \ No newline at end of file + done diff --git a/api/v1alpha1/provider_opts.go b/api/v1alpha1/provider_opts.go index 12e01d7..06df397 100644 --- a/api/v1alpha1/provider_opts.go +++ b/api/v1alpha1/provider_opts.go @@ -26,6 +26,12 @@ type IPMITOOLOptions struct { type IntelAMTOptions struct { // Port that intelAMT will use for calls. Port int `json:"port"` + + // HostScheme determines whether to use http or https for intelAMT calls. + // +optional + // +kubebuilder:validation:Enum=http;https + // +kubebuilder:default:=http + HostScheme string `json:"hostScheme"` } // HMACAlgorithm is a type for HMAC algorithms. diff --git a/config/crd/bases/bmc.tinkerbell.org_jobs.yaml b/config/crd/bases/bmc.tinkerbell.org_jobs.yaml index 544080e..35195bc 100644 --- a/config/crd/bases/bmc.tinkerbell.org_jobs.yaml +++ b/config/crd/bases/bmc.tinkerbell.org_jobs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.15.0 name: jobs.bmc.tinkerbell.org spec: group: bmc.tinkerbell.org @@ -25,14 +24,19 @@ spec: description: Job is the Schema for the bmcjobs API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -40,8 +44,9 @@ spec: description: JobSpec defines the desired state of Job. properties: machineRef: - description: MachineRef represents the Machine resource to execute - the job. All the tasks in the job are executed for the same Machine. + description: |- + MachineRef represents the Machine resource to execute the job. + All the tasks in the job are executed for the same Machine. properties: name: description: Name of the Machine. @@ -54,15 +59,16 @@ spec: - namespace type: object tasks: - description: Tasks represents a list of baseboard management actions - to be executed. The tasks are executed sequentially. Controller - waits for one task to complete before executing the next. If a single - task fails, job execution stops and sets condition Failed. Condition - Completed is set only if all the tasks were successful. + description: |- + Tasks represents a list of baseboard management actions to be executed. + The tasks are executed sequentially. Controller waits for one task to complete before executing the next. + If a single task fails, job execution stops and sets condition Failed. + Condition Completed is set only if all the tasks were successful. items: - description: Action represents the action to be performed. A single - task can only perform one type of action. For example either PowerAction - or OneTimeBootDeviceAction. + description: |- + Action represents the action to be performed. + A single task can only perform one type of action. + For example either PowerAction or OneTimeBootDeviceAction. maxProperties: 1 properties: oneTimeBootDeviceAction: @@ -70,9 +76,9 @@ spec: management one time set boot device operation. properties: device: - description: Devices represents the boot devices, in order - for setting one time boot. Currently only the first device - in the slice is used to set one time boot. + description: |- + Devices represents the boot devices, in order for setting one time boot. + Currently only the first device in the slice is used to set one time boot. items: description: BootDevice represents boot device of the Machine. @@ -102,9 +108,9 @@ spec: kind: type: string mediaURL: - description: mediaURL represents the URL of the image to - be inserted into the virtual media, or empty to eject - media. + description: |- + mediaURL represents the URL of the image to be inserted into the virtual media, or empty to + eject media. type: string required: - kind @@ -120,7 +126,8 @@ spec: description: JobStatus defines the observed state of Job. properties: completionTime: - description: CompletionTime represents time when the job was completed. + description: |- + CompletionTime represents time when the job was completed. The completion time is only set when the job finishes successfully. format: date-time type: string @@ -134,8 +141,9 @@ spec: details about last transition. type: string status: - description: Status is the status of the Job condition. Can - be True or False. + description: |- + Status is the status of the Job condition. + Can be True or False. type: string type: description: Type of the Job condition. @@ -156,9 +164,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crd/bases/bmc.tinkerbell.org_machines.yaml b/config/crd/bases/bmc.tinkerbell.org_machines.yaml index 546a05d..a4052af 100644 --- a/config/crd/bases/bmc.tinkerbell.org_machines.yaml +++ b/config/crd/bases/bmc.tinkerbell.org_machines.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.15.0 name: machines.bmc.tinkerbell.org spec: group: bmc.tinkerbell.org @@ -23,14 +22,19 @@ spec: description: Machine is the Schema for the machines API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,10 +46,10 @@ spec: Controller. properties: authSecretRef: - description: AuthSecretRef is the SecretReference that contains - authentication information of the Machine. The Secret must contain - username and password keys. This is optional as it is not required - when using the RPC provider. + description: |- + AuthSecretRef is the SecretReference that contains authentication information of the Machine. + The Secret must contain username and password keys. This is optional as it is not required when using + the RPC provider. properties: name: description: name is unique within a namespace to reference @@ -56,6 +60,7 @@ spec: secret name must be unique. type: string type: object + x-kubernetes-map-type: atomic host: description: Host is the host IP address or hostname of the Machine. minLength: 1 @@ -74,6 +79,14 @@ spec: description: IntelAMT contains the options to customize the IntelAMT provider. properties: + hostScheme: + default: http + description: HostScheme determines whether to use http + or https for intelAMT calls. + enum: + - http + - https + type: string port: description: Port that intelAMT will use for calls. type: integer @@ -106,9 +119,9 @@ spec: provider. properties: consumerURL: - description: ConsumerURL is the URL where an rpc consumer/listener - is running and to which we will send and receive all - notifications. + description: |- + ConsumerURL is the URL where an rpc consumer/listener is running + and to which we will send and receive all notifications. type: string experimental: description: Experimental options. @@ -134,9 +147,9 @@ spec: secrets: additionalProperties: items: - description: SecretReference represents a Secret - Reference. It has enough information to retrieve - secret in any namespace + description: |- + SecretReference represents a Secret Reference. It has enough information to retrieve secret + in any namespace properties: name: description: name is unique within a namespace @@ -147,6 +160,7 @@ spec: which the secret name must be unique. type: string type: object + x-kubernetes-map-type: atomic type: array description: Secrets are a map of algorithms to secrets used for signing. @@ -191,21 +205,19 @@ spec: an HMAC signature to an HTTP request. properties: appendAlgoToHeaderDisabled: - description: 'AppendAlgoToHeaderDisabled decides whether - to append the algorithm to the signature header - or not. Example: X-BMCLIB-Signature becomes X-BMCLIB-Signature-256 - When set to true, a header will be added for each - algorithm. Example: X-BMCLIB-Signature-256 and X-BMCLIB-Signature-512' + description: |- + AppendAlgoToHeaderDisabled decides whether to append the algorithm to the signature header or not. + Example: X-BMCLIB-Signature becomes X-BMCLIB-Signature-256 + When set to true, a header will be added for each algorithm. Example: X-BMCLIB-Signature-256 and X-BMCLIB-Signature-512 type: boolean headerName: description: 'HeaderName is the header name that should contain the signature(s). Example: X-BMCLIB-Signature' type: string includedPayloadHeaders: - description: 'IncludedPayloadHeaders are headers whose - values will be included in the signature payload. - Example: X-BMCLIB-My-Custom-Header All headers will - be deduplicated.' + description: |- + IncludedPayloadHeaders are headers whose values will be included in the signature payload. Example: X-BMCLIB-My-Custom-Header + All headers will be deduplicated. items: type: string type: array @@ -263,9 +275,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crd/bases/bmc.tinkerbell.org_tasks.yaml b/config/crd/bases/bmc.tinkerbell.org_tasks.yaml index 57f04a9..eb4a316 100644 --- a/config/crd/bases/bmc.tinkerbell.org_tasks.yaml +++ b/config/crd/bases/bmc.tinkerbell.org_tasks.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.15.0 name: tasks.bmc.tinkerbell.org spec: group: bmc.tinkerbell.org @@ -25,14 +24,19 @@ spec: description: Task is the Schema for the Task API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -43,10 +47,10 @@ spec: description: Connection represents the Machine connectivity information. properties: authSecretRef: - description: AuthSecretRef is the SecretReference that contains - authentication information of the Machine. The Secret must contain - username and password keys. This is optional as it is not required - when using the RPC provider. + description: |- + AuthSecretRef is the SecretReference that contains authentication information of the Machine. + The Secret must contain username and password keys. This is optional as it is not required when using + the RPC provider. properties: name: description: name is unique within a namespace to reference @@ -57,6 +61,7 @@ spec: secret name must be unique. type: string type: object + x-kubernetes-map-type: atomic host: description: Host is the host IP address or hostname of the Machine. minLength: 1 @@ -75,6 +80,14 @@ spec: description: IntelAMT contains the options to customize the IntelAMT provider. properties: + hostScheme: + default: http + description: HostScheme determines whether to use http + or https for intelAMT calls. + enum: + - http + - https + type: string port: description: Port that intelAMT will use for calls. type: integer @@ -107,9 +120,9 @@ spec: provider. properties: consumerURL: - description: ConsumerURL is the URL where an rpc consumer/listener - is running and to which we will send and receive all - notifications. + description: |- + ConsumerURL is the URL where an rpc consumer/listener is running + and to which we will send and receive all notifications. type: string experimental: description: Experimental options. @@ -135,9 +148,9 @@ spec: secrets: additionalProperties: items: - description: SecretReference represents a Secret - Reference. It has enough information to retrieve - secret in any namespace + description: |- + SecretReference represents a Secret Reference. It has enough information to retrieve secret + in any namespace properties: name: description: name is unique within a namespace @@ -148,6 +161,7 @@ spec: which the secret name must be unique. type: string type: object + x-kubernetes-map-type: atomic type: array description: Secrets are a map of algorithms to secrets used for signing. @@ -192,21 +206,19 @@ spec: an HMAC signature to an HTTP request. properties: appendAlgoToHeaderDisabled: - description: 'AppendAlgoToHeaderDisabled decides whether - to append the algorithm to the signature header - or not. Example: X-BMCLIB-Signature becomes X-BMCLIB-Signature-256 - When set to true, a header will be added for each - algorithm. Example: X-BMCLIB-Signature-256 and X-BMCLIB-Signature-512' + description: |- + AppendAlgoToHeaderDisabled decides whether to append the algorithm to the signature header or not. + Example: X-BMCLIB-Signature becomes X-BMCLIB-Signature-256 + When set to true, a header will be added for each algorithm. Example: X-BMCLIB-Signature-256 and X-BMCLIB-Signature-512 type: boolean headerName: description: 'HeaderName is the header name that should contain the signature(s). Example: X-BMCLIB-Signature' type: string includedPayloadHeaders: - description: 'IncludedPayloadHeaders are headers whose - values will be included in the signature payload. - Example: X-BMCLIB-My-Custom-Header All headers will - be deduplicated.' + description: |- + IncludedPayloadHeaders are headers whose values will be included in the signature payload. Example: X-BMCLIB-My-Custom-Header + All headers will be deduplicated. items: type: string type: array @@ -228,9 +240,9 @@ spec: one time set boot device operation. properties: device: - description: Devices represents the boot devices, in order - for setting one time boot. Currently only the first device - in the slice is used to set one time boot. + description: |- + Devices represents the boot devices, in order for setting one time boot. + Currently only the first device in the slice is used to set one time boot. items: description: BootDevice represents boot device of the Machine. type: string @@ -259,8 +271,9 @@ spec: kind: type: string mediaURL: - description: mediaURL represents the URL of the image to be - inserted into the virtual media, or empty to eject media. + description: |- + mediaURL represents the URL of the image to be inserted into the virtual media, or empty to + eject media. type: string required: - kind @@ -273,7 +286,8 @@ spec: description: TaskStatus defines the observed state of Task. properties: completionTime: - description: CompletionTime represents time when the task was completed. + description: |- + CompletionTime represents time when the task was completed. The completion time is only set when the task finishes successfully. format: date-time type: string @@ -287,8 +301,9 @@ spec: details about last transition. type: string status: - description: Status is the status of the Task condition. Can - be True or False. + description: |- + Status is the status of the Task condition. + Can be True or False. type: string type: description: Type of the Task condition. @@ -308,9 +323,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 45d0b8f..93dc1e1 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: manager-role rules: - apiGroups: diff --git a/controller/client.go b/controller/client.go index e124a98..c74c656 100644 --- a/controller/client.go +++ b/controller/client.go @@ -77,8 +77,9 @@ func (b BMCOptions) Translate(host string) []bmclib.Option { // intelAmt options if b.IntelAMT != nil { - amt := bmclib.WithIntelAMTPort(uint32(b.IntelAMT.Port)) - o = append(o, amt) + amtPort := bmclib.WithIntelAMTPort(uint32(b.IntelAMT.Port)) + amtScheme := bmclib.WithIntelAMTHostScheme(b.IntelAMT.HostScheme) + o = append(o, amtPort, amtScheme) } // rpc options