Add ServerBootConfiguration controller

Makefile

@@ -53,13 +53,21 @@ generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and
 	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
 
 .PHONY: fmt
-fmt: ## Run go fmt against code.
-	go fmt ./...
+fmt: goimports ## Run goimports against code.
+	$(GOIMPORTS) -w .
 
 .PHONY: vet
 vet: ## Run go vet against code.
 	go vet ./...
 
+.PHONY: add-license
+add-license: addlicense ## Add license headers to all go files.
+	find . -name '*.go' -exec $(ADDLICENSE) -f hack/license-header.txt {} +
+
+.PHONY: check-license
+check-license: addlicense ## Check that every file has a license header present.
+	find . -name '*.go' -exec $(ADDLICENSE) -check -c 'IronCore authors' {} +
+
 .PHONY: test
 test: manifests generate fmt vet envtest ## Run tests.
 	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test $$(go list ./... | grep -v /e2e) -coverprofile cover.out
@@ -195,13 +203,10 @@ addlicense: $(ADDLICENSE) ## Download addlicense locally if necessary.
 $(ADDLICENSE): $(LOCALBIN)
 	test -s $(LOCALBIN)/addlicense || GOBIN=$(LOCALBIN) go install github.com/google/addlicense@$(ADDLICENSE_VERSION)
 
-.PHONY: add-license
-add-license: addlicense ## Add license headers to all go files.
-	find . -name '*.go' -exec $(ADDLICENSE) -f hack/license-header.txt {} +
-
-.PHONY: check-license
-check-license: addlicense ## Check that every file has a license header present.
-	find . -name '*.go' -exec $(ADDLICENSE) -check -c 'IronCore authors' {} +
+.PHONY: goimports
+goimports: $(GOIMPORTS) ## Download goimports locally if necessary.
+$(GOIMPORTS): $(LOCALBIN)
+	$(call go-install-tool,$(GOIMPORTS),golang.org/x/tools/cmd/goimports,$(GOIMPORTS_VERSION))
 
 # go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist
 # $1 - target path with name of binary (ideally with version)

api/v1alpha1/ipxebootconfig_types.go

@@ -14,12 +14,14 @@ import (
 // IPXEBootConfigSpec defines the desired state of IPXEBootConfig
 type IPXEBootConfigSpec struct {
 	// Important: Run "make" to regenerate code after modifying this file
-	SystemUUID        string                       `json:"systemUUID,omitempty"`
-	SystemIP          string                       `json:"systemIP,omitempty"` // TODO: Add the custom serialization. For now validate at the controller.
-	Image             string                       `json:"image,omitempty"`
-	KernelURL         string                       `json:"kernelURL,omitempty"`
-	InitrdURL         string                       `json:"initrdURL,omitempty"`
-	SquashfsURL       string                       `json:"squashfsURL,omitempty"`
+	SystemUUID string `json:"systemUUID,omitempty"`
+	SystemIP   string `json:"systemIP,omitempty"` // TODO: Add the custom serialization. For now validate at the controller.
+	// TODO: remove image as this is not needed
+	Image       string `json:"image,omitempty"`
+	KernelURL   string `json:"kernelURL,omitempty"`
+	InitrdURL   string `json:"initrdURL,omitempty"`
+	SquashfsURL string `json:"squashfsURL,omitempty"`
+	// TODO: remove later
 	IPXEServerURL     string                       `json:"ipxeServerURL,omitempty"`
 	IgnitionSecretRef *corev1.LocalObjectReference `json:"ignitionSecretRef,omitempty"`
 }

cmd/main.go

@@ -7,8 +7,12 @@ import (
 	"context"
 	"crypto/tls"
 	"flag"
+	"fmt"
 	"os"
 
+	metalv1alpha1 "github.com/afritzler/metal-operator/api/v1alpha1"
+	"github.com/ironcore-dev/controller-utils/cmdutils/switches"
+
 	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
 	// to ensure that exec-entrypoint and run can make use of them.
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
@@ -40,9 +44,16 @@ const (
 	systemIPIndexKey   = "spec.systemIP"
 )
 
+const (
+	// core controllers
+	ipxeBootConfigController   = "ipxebootconfig"
+	serverBootConfigController = "serverbootconfig"
+)
+
 func init() {
 	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
 
+	utilruntime.Must(metalv1alpha1.AddToScheme(scheme))
 	utilruntime.Must(bootv1alpha1.AddToScheme(scheme))
 	//+kubebuilder:scaffold:scheme
 }
@@ -58,7 +69,13 @@ func main() {
 	var enableHTTP2 bool
 	var ipxeServerAddr string
 	var imageProxyServerAddr string
+	var ipxeServiceURL string
+	var ipxeServiceProtocol string
+	var ipxeServicePort int
 
+	flag.IntVar(&ipxeServicePort, "ipxe-service-port", 5000, "IPXE Service port to listen on.")
+	flag.StringVar(&ipxeServiceProtocol, "ipxe-service-protocol", "http", "IPXE Service Protocol.")
+	flag.StringVar(&ipxeServiceURL, "ipxe-service-url", "", "IPXE Service URL.")
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
 	flag.StringVar(&ipxeServerAddr, "ipxe-server-address", ":8082", "The address the ipxe-server binds to.")
@@ -70,6 +87,20 @@ func main() {
 		"If set the metrics endpoint is served securely")
 	flag.BoolVar(&enableHTTP2, "enable-http2", false,
 		"If set, HTTP/2 will be enabled for the metrics and webhook servers")
+
+	controllers := switches.New(
+		// core controllers
+		ipxeBootConfigController,
+		serverBootConfigController,
+	)
+
+	flag.Var(controllers, "controllers",
+		fmt.Sprintf("Controllers to enable. All controllers: %v. Disabled-by-default controllers: %v",
+			controllers.All(),
+			controllers.DisabledByDefault(),
+		),
+	)
+
 	opts := zap.Options{
 		Development: true,
 	}
@@ -78,6 +109,17 @@ func main() {
 
 	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
 
+	// set the correct ipxe service URL by getting the address from the environment
+	var ipxeServiceAddr string
+	if ipxeServiceURL == "" {
+		ipxeServiceAddr = os.Getenv("IPXE_SERVER_ADDRESS")
+		if ipxeServiceAddr == "" {
+			setupLog.Error(nil, "failed to set the ipxe service URL as no address is provided")
+			os.Exit(1)
+		}
+		ipxeServiceURL = fmt.Sprintf("%s://%s:%d", ipxeServiceProtocol, ipxeServiceAddr, ipxeServicePort)
+	}
+
 	// if the enable-http2 flag is false (the default), http/2 should be disabled
 	// due to its vulnerabilities. More specifically, disabling http/2 will
 	// prevent from being vulnerable to the HTTP/2 Stream Cancelation and
@@ -126,12 +168,25 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err = (&controller.IPXEBootConfigReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "IPXEBootConfig")
-		os.Exit(1)
+	if controllers.Enabled(ipxeBootConfigController) {
+		if err = (&controller.IPXEBootConfigReconciler{
+			Client: mgr.GetClient(),
+			Scheme: mgr.GetScheme(),
+		}).SetupWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create controller", "controller", "IPXEBootConfig")
+			os.Exit(1)
+		}
+	}
+
+	if controllers.Enabled(serverBootConfigController) {
+		if err = (&controller.ServerBootConfigurationReconciler{
+			Client:         mgr.GetClient(),
+			Scheme:         mgr.GetScheme(),
+			IPXEServiceURL: ipxeServiceURL,
+		}).SetupWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create controller", "controller", "ServerBootConfiguration")
+			os.Exit(1)
+		}
 	}
 	//+kubebuilder:scaffold:builder
 
@@ -155,7 +210,7 @@ func main() {
 	}
 
 	setupLog.Info("starting ipxe-server")
-	go ipxeserver.RunIPXEServer(ipxeServerAddr, mgr.GetClient(), serverLog.WithName("ipxeserver"), *defaultIpxeTemplateData)
+	go ipxeserver.RunIPXEServer(ipxeServerAddr, ipxeServiceURL, mgr.GetClient(), serverLog.WithName("ipxeserver"), *defaultIpxeTemplateData)
 
 	setupLog.Info("starting image-proxy-server")
 	go ipxeserver.RunImageProxyServer(imageProxyServerAddr, mgr.GetClient(), serverLog.WithName("imageproxyserver"))

config/crd/bases/boot.ironcore.dev_ipxebootconfigs.yaml

@@ -60,10 +60,12 @@ spec:
                 type: object
                 x-kubernetes-map-type: atomic
               image:
+                description: 'TODO: remove image as this is not needed'
                 type: string
               initrdURL:
                 type: string
               ipxeServerURL:
+                description: 'TODO: remove later'
                 type: string
               kernelURL:
                 type: string

config/rbac/role.yaml

@@ -12,6 +12,23 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - boot.ironcore.dev
+  resources:
+  - ipxebootconfig
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - watch
+- apiGroups:
+  - boot.ironcore.dev
+  resources:
+  - ipxebootconfig/status
+  verbs:
+  - get
 - apiGroups:
   - boot.ironcore.dev
   resources:
@@ -38,3 +55,25 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - metal.ironcore.dev
+  resources:
+  - serverbootconfigurations
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - metal.ironcore.dev
+  resources:
+  - serverbootconfigurations/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - metal.ironcore.dev
+  resources:
+  - serverbootconfigurations/status
+  verbs:
+  - get
+  - patch
+  - update

go.mod

@@ -1,9 +1,12 @@
 module github.com/ironcore-dev/ipxe-operator
 
-go 1.21
+go 1.22.2
 
 require (
+	github.com/afritzler/metal-operator v0.0.0-20240412131812-1fa9454427d0
 	github.com/go-logr/logr v1.4.1
+	github.com/ironcore-dev/controller-utils v0.9.3
+	github.com/ironcore-dev/ironcore-image v0.2.1
 	github.com/onsi/ginkgo/v2 v2.17.1
 	github.com/onsi/gomega v1.32.0
 	github.com/opencontainers/image-spec v1.1.0
@@ -14,8 +17,11 @@ require (
 )
 
 require (
+	github.com/Microsoft/hcsshim v0.11.4 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/containerd/containerd v1.7.14 // indirect
+	github.com/containerd/log v0.1.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
 	github.com/evanphx/json-patch/v5 v5.8.0 // indirect
@@ -36,6 +42,7 @@ require (
 	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/compress v1.16.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -47,20 +54,23 @@ require (
 	github.com/prometheus/client_model v0.5.0 // indirect
 	github.com/prometheus/common v0.45.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/stretchr/testify v1.9.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/zap v1.26.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
 	golang.org/x/net v0.20.0 // indirect
 	golang.org/x/oauth2 v0.12.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/term v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.17.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
+	google.golang.org/grpc v1.58.3 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect