aws · eks-distro-bot · Oct 6, 2023 · Sep 22, 2023 · Sep 22, 2023 · Sep 29, 2023
diff --git a/internal/test/envtest/environment.go b/internal/test/envtest/environment.go
@@ -12,7 +12,6 @@ import (
 	eksdv1alpha1 "github.com/aws/eks-distro-build-tooling/release/api/v1alpha1"
 	etcdv1 "github.com/aws/etcdadm-controller/api/v1beta1"
 	tinkerbellv1 "github.com/tinkerbell/cluster-api-provider-tinkerbell/api/v1beta1"
-	rufiov1alpha1 "github.com/tinkerbell/rufio/api/v1alpha1"
 	tinkv1alpha1 "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1"
 	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	corev1 "k8s.io/api/core/v1"
@@ -35,6 +34,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 
 	anywherev1 "github.com/aws/eks-anywhere/pkg/api/v1alpha1"
+	rufiov1alpha1 "github.com/aws/eks-anywhere/pkg/api/v1alpha1/thirdparty/tinkerbell/rufio"
 	snowv1 "github.com/aws/eks-anywhere/pkg/providers/snow/api/v1beta1"
 	releasev1 "github.com/aws/eks-anywhere/release/api/v1alpha1"
 )

diff --git a/manager/main.go b/manager/main.go
@@ -11,7 +11,6 @@ import (
 	nutanixv1 "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/api/v1beta1"
 	"github.com/spf13/pflag"
 	tinkerbellv1 "github.com/tinkerbell/cluster-api-provider-tinkerbell/api/v1beta1"
-	rufiov1alpha1 "github.com/tinkerbell/rufio/api/v1alpha1"
 	tinkv1alpha1 "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@@ -33,6 +32,7 @@ import (
 
 	"github.com/aws/eks-anywhere/controllers"
 	anywherev1 "github.com/aws/eks-anywhere/pkg/api/v1alpha1"
+	rufiov1alpha1 "github.com/aws/eks-anywhere/pkg/api/v1alpha1/thirdparty/tinkerbell/rufio"
 	"github.com/aws/eks-anywhere/pkg/clusterapi"
 	"github.com/aws/eks-anywhere/pkg/controller/clientutil"
 	"github.com/aws/eks-anywhere/pkg/features"

diff --git a/pkg/api/v1alpha1/thirdparty/tinkerbell/rufio/machine.go b/pkg/api/v1alpha1/thirdparty/tinkerbell/rufio/machine.go
@@ -0,0 +1,216 @@
+// +kubebuilder:object:generate=true
+package rufio
+
+/*
+Copyright 2022 Tinkerbell.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// These types are the Rufio v1alpha1 APIs/types copied from https://github.com/tinkerbell/rufio/tree/main/api/v1alpha1
+
+import (
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+var (
+	// GroupVersion is group version used to register these objects.
+	GroupVersion = schema.GroupVersion{Group: "bmc.tinkerbell.org", Version: "v1alpha1"}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
+	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
+
+	// AddToScheme adds the types in this group-version to the given scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
+)
+
+// PowerState represents power state of a Machine.
+type PowerState string
+
+const (
+	// On represents that a Machine is powered on.
+	On PowerState = "on"
+	// Off represents that a Machine is powered off.
+	Off PowerState = "off"
+	// Unknown represents that a Machine's power state is unknown.
+	Unknown PowerState = "unknown"
+	// PXE is the boot device name for PXE booting a machine.
+	PXE string = "pxe"
+)
+
+// MachineConditionType represents the condition of the Machine.
+type MachineConditionType string
+
+const (
+	// Contactable defines that a connection can be made to the Machine.
+	Contactable MachineConditionType = "Contactable"
+)
+
+// ConditionStatus represents the status of a Condition.
+type ConditionStatus string
+
+const (
+	// ConditionTrue represents that a Machine is contactable.
+	ConditionTrue ConditionStatus = "True"
+	// ConditionFalse represents that a Machine is not contactable.
+	ConditionFalse ConditionStatus = "False"
+)
+
+// MachineSpec defines desired machine state.
+type MachineSpec struct {
+	// Connection contains connection data for a Baseboard Management Controller.
+	Connection Connection `json:"connection"`
+}
+
+// ProviderOptions contains all the provider specific options.
+type ProviderOptions struct {
+	// IntelAMT contains the options to customize the IntelAMT provider.
+	// +optional
+	IntelAMT *IntelAMTOptions `json:"intelAMT"`
+
+	// IPMITOOL contains the options to customize the Ipmitool provider.
+	// +optional
+	IPMITOOL *IPMITOOLOptions `json:"ipmitool"`
+
+	// Redfish contains the options to customize the Redfish provider.
+	// +optional
+	Redfish *RedfishOptions `json:"redfish"`
+
+	// RPC contains the options to customize the RPC provider.
+	// +optional
+	RPC *RPCOptions `json:"rpc"`
+}
+
+// Connection contains connection data for a Baseboard Management Controller.
+type Connection struct {
+	// Host is the host IP address or hostname of the Machine.
+	// +kubebuilder:validation:MinLength=1
+	Host string `json:"host"`
+
+	// Port is the port number for connecting with the Machine.
+	// +kubebuilder:default:=623
+	// +optional
+	Port int `json:"port"`
+
+	// AuthSecretRef is the SecretReference that contains authentication information of the Machine.
+	// The Secret must contain username and password keys. This is optional as it is not required when using
+	// the RPC provider.
+	// +optional
+	AuthSecretRef corev1.SecretReference `json:"authSecretRef"`
+
+	// InsecureTLS specifies trusted TLS connections.
+	InsecureTLS bool `json:"insecureTLS"`
+
+	// ProviderOptions contains provider specific options.
+	// +optional
+	ProviderOptions *ProviderOptions `json:"providerOptions,omitempty"`
+}
+
+// MachineStatus defines the observed state of Machine.
+type MachineStatus struct {
+	// Power is the current power state of the Machine.
+	// +kubebuilder:validation:Enum=on;off;unknown
+	// +optional
+	Power PowerState `json:"powerState,omitempty"`
+
+	// Conditions represents the latest available observations of an object's current state.
+	// +optional
+	Conditions []MachineCondition `json:"conditions,omitempty"`
+}
+
+// MachineCondition defines an observed condition of a Machine.
+type MachineCondition struct {
+	// Type of the Machine condition.
+	Type MachineConditionType `json:"type"`
+
+	// Status of the condition.
+	Status ConditionStatus `json:"status"`
+
+	// LastUpdateTime of the condition.
+	LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`
+
+	// Message is a human readable message indicating with details of the last transition.
+	// +optional
+	Message string `json:"message,omitempty"`
+}
+
+// MachineSetConditionOption is a function that manipulates a MachineCondition.
+// +kubebuilder:object:generate=false
+type MachineSetConditionOption func(*MachineCondition)
+
+// SetCondition applies the cType condition to bm. If the condition already exists,
+// it is updated.
+func (bm *Machine) SetCondition(cType MachineConditionType, status ConditionStatus, opts ...MachineSetConditionOption) {
+	var condition *MachineCondition
+
+	// Check if there's an existing condition.
+	for i, c := range bm.Status.Conditions {
+		if c.Type == cType {
+			condition = &bm.Status.Conditions[i]
+			break
+		}
+	}
+
+	// We didn't find an existing condition so create a new one and append it.
+	if condition == nil {
+		bm.Status.Conditions = append(bm.Status.Conditions, MachineCondition{
+			Type: cType,
+		})
+		condition = &bm.Status.Conditions[len(bm.Status.Conditions)-1]
+	}
+
+	if condition.Status != status {
+		condition.Status = status
+		condition.LastUpdateTime = metav1.Now()
+	}
+
+	for _, opt := range opts {
+		opt(condition)
+	}
+}
+
+// WithMachineConditionMessage sets message m to the MachineCondition.
+func WithMachineConditionMessage(m string) MachineSetConditionOption {
+	return func(c *MachineCondition) {
+		c.Message = m
+	}
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+//+kubebuilder:resource:path=machines,scope=Namespaced,categories=tinkerbell,singular=machine
+
+// Machine is the Schema for the machines API.
+type Machine struct {
+	metav1.TypeMeta   `json:""`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   MachineSpec   `json:"spec,omitempty"`
+	Status MachineStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// MachineList contains a list of Machines.
+type MachineList struct {
+	metav1.TypeMeta `json:""`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Machine `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Machine{}, &MachineList{})
+}
diff --git a/pkg/api/v1alpha1/thirdparty/tinkerbell/rufio/opts.go b/pkg/api/v1alpha1/thirdparty/tinkerbell/rufio/opts.go
@@ -0,0 +1,113 @@
+package rufio
+
+import (
+	"net/http"
+
+	corev1 "k8s.io/api/core/v1"
+)
+
+// RedfishOptions contains the redfish provider specific options.
+type RedfishOptions struct {
+	// Port that redfish will use for calls.
+	Port int `json:"port"`
+}
+
+// IPMITOOLOptions contains the ipmitool provider specific options.
+type IPMITOOLOptions struct {
+	// Port that ipmitool will use for calls.
+	// +optional
+	Port int `json:"port"`
+	// CipherSuite that ipmitool will use for calls.
+	// +optional
+	CipherSuite string `json:"cipherSuite"`
+}
+
+// IntelAMTOptions contains the intelAMT provider specific options.
+type IntelAMTOptions struct {
+	// Port that intelAMT will use for calls.
+	Port int `json:"port"`
+}
+
+// HMACAlgorithm is a type for HMAC algorithms.
+type HMACAlgorithm string
+
+// HMACSecrets holds per Algorithm slice secrets.
+// These secrets will be used to create HMAC signatures.
+type HMACSecrets map[HMACAlgorithm][]corev1.SecretReference
+
+// RPCOptions defines the configurable options to use when sending rpc notifications.
+type RPCOptions struct {
+	// ConsumerURL is the URL where an rpc consumer/listener is running
+	// and to which we will send and receive all notifications.
+	ConsumerURL string `json:"consumerURL"`
+	// LogNotificationsDisabled determines whether responses from rpc consumer/listeners will be logged or not.
+	// +optional
+	LogNotificationsDisabled bool `json:"logNotificationsDisabled"`
+	// Request is the options used to create the rpc HTTP request.
+	// +optional
+	Request *RequestOpts `json:"request"`
+	// Signature is the options used for adding an HMAC signature to an HTTP request.
+	// +optional
+	Signature *SignatureOpts `json:"signature"`
+	// HMAC is the options used to create a HMAC signature.
+	// +optional
+	HMAC *HMACOpts `json:"hmac"`
+	// Experimental options.
+	// +optional
+	Experimental *ExperimentalOpts `json:"experimental"`
+}
+
+// RequestOpts are the options used when creating an HTTP request.
+type RequestOpts struct {
+	// HTTPContentType is the content type to use for the rpc request notification.
+	// +optional
+	HTTPContentType string `json:"httpContentType"`
+	// HTTPMethod is the HTTP method to use for the rpc request notification.
+	// +optional
+	HTTPMethod string `json:"httpMethod"`
+	// StaticHeaders are predefined headers that will be added to every request.
+	// +optional
+	StaticHeaders http.Header `json:"staticHeaders"`
+	// TimestampFormat is the time format for the timestamp header.
+	// +optional
+	TimestampFormat string `json:"timestampFormat"`
+	// TimestampHeader is the header name that should contain the timestamp. Example: X-BMCLIB-Timestamp
+	// +optional
+	TimestampHeader string `json:"timestampHeader"`
+}
+
+// SignatureOpts are the options used for adding an HMAC signature to an HTTP request.
+type SignatureOpts struct {
+	// HeaderName is the header name that should contain the signature(s). Example: X-BMCLIB-Signature
+	// +optional
+	HeaderName string `json:"headerName"`
+	// AppendAlgoToHeaderDisabled decides whether to append the algorithm to the signature header or not.
+	// Example: X-BMCLIB-Signature becomes X-BMCLIB-Signature-256
+	// When set to true, a header will be added for each algorithm. Example: X-BMCLIB-Signature-256 and X-BMCLIB-Signature-512
+	// +optional
+	AppendAlgoToHeaderDisabled bool `json:"appendAlgoToHeaderDisabled"`
+	// IncludedPayloadHeaders are headers whose values will be included in the signature payload. Example: X-BMCLIB-My-Custom-Header
+	// All headers will be deduplicated.
+	// +optional
+	IncludedPayloadHeaders []string `json:"includedPayloadHeaders"`
+}
+
+// HMACOpts are the options used to create an HMAC signature.
+type HMACOpts struct {
+	// PrefixSigDisabled determines whether the algorithm will be prefixed to the signature. Example: sha256=abc123
+	// +optional
+	PrefixSigDisabled bool `json:"prefixSigDisabled"`
+	// Secrets are a map of algorithms to secrets used for signing.
+	// +optional
+	Secrets HMACSecrets `json:"secrets"`
+}
+
+// ExperimentalOpts are options we're still learning about and should be used carefully.
+type ExperimentalOpts struct {
+	// CustomRequestPayload must be in json.
+	// +optional
+	CustomRequestPayload string `json:"customRequestPayload"`
+	// DotPath is the path to the json object where the bmclib RequestPayload{} struct will be embedded. For example: object.data.body
+	// +optional
+	DotPath string `json:"dotPath"`
+}