✨ HostFirmwareComponents CRD and Controller & Tests

PROJECT

@@ -64,10 +64,11 @@ resources:
 - api:
     crdVersion: v1
     namespaced: true
+  controller: true
   domain: metal3.io
   group: metal3.io
   kind: HostFirmwareComponents
-  path: github.com/metal3-io/baremetal-operator/apis/metal3.io/v1alpha
+  path: github.com/metal3-io/baremetal-operator/apis/metal3.io/v1alpha1
   version: v1alpha1
 - api:
     crdVersion: v1

apis/metal3.io/v1alpha1/hostfirmwarecomponents_types.go

@@ -22,8 +22,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-
 // FirmwareUpdate defines a firmware update specification.
 type FirmwareUpdate struct {
 	Component string `json:"component"`
@@ -34,9 +32,9 @@ type FirmwareUpdate struct {
 type FirmwareComponentStatus struct {
 	Component          string      `json:"component"`
 	InitialVersion     string      `json:"initialVersion"`
-	CurrentVersion     string      `json:"currentVersion"`
-	LastVersionFlashed string      `json:"lastVersionFlashed"`
-	UpdatedAt          metav1.Time `json:"updatedAt"`
+	CurrentVersion     string      `json:"currentVersion,omitempty"`
+	LastVersionFlashed string      `json:"lastVersionFlashed,omitempty"`
+	UpdatedAt          metav1.Time `json:"updatedAt,omitempty"`
 }
 
 type UpdatesConditionType string
@@ -77,7 +75,6 @@ type HostFirmwareComponentsStatus struct {
 }
 
 //+kubebuilder:object:root=true
-//+kubebuilder:resource:shortName=hfc
 //+kubebuilder:subresource:status
 
 // HostFirmwareComponents is the Schema for the hostfirmwarecomponents API.

apis/metal3.io/v1alpha1/hostfirmwarecomponents_types_test.go

@@ -24,7 +24,6 @@ func TestValidateHostFirmwareComponents(t *testing.T) {
 					Component:      "bios",
 					InitialVersion: "1.0",
 					CurrentVersion: "1.0",
-					UpdatedAt:      metav1.NewTime(time.Now()),
 				},
 				{
 					Component:          "bmc",

config/base/crds/bases/metal3.io_hostfirmwarecomponents.yaml

@@ -11,8 +11,6 @@ spec:
     kind: HostFirmwareComponents
     listKind: HostFirmwareComponentsList
     plural: hostfirmwarecomponents
-    shortNames:
-    - hfc
     singular: hostfirmwarecomponents
   scope: Namespaced
   versions:
@@ -77,10 +75,7 @@ spec:
                       type: string
                   required:
                   - component
-                  - currentVersion
                   - initialVersion
-                  - lastVersionFlashed
-                  - updatedAt
                   type: object
                 type: array
               conditions:

config/base/crds/kustomization.yaml

@@ -3,6 +3,7 @@
 # It should be run by config/default
 resources:
 - bases/metal3.io_baremetalhosts.yaml
+- bases/metal3.io_hostfirmwarecomponents.yaml
 - bases/metal3.io_hostfirmwaresettings.yaml
 - bases/metal3.io_firmwareschemas.yaml
 - bases/metal3.io_preprovisioningimages.yaml
@@ -15,6 +16,7 @@ patches:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
 # patches here are for enabling the conversion webhook for each CRD
 #- patches/webhook_in_baremetalhosts.yaml
+#- patches/webhook_in_hostfirmwarecomponents.yaml
 #- patches/webhook_in_hostfirmwaresettings.yaml
 #- patches/webhook_in_firmwareschemas.yaml
 #- patches/webhook_in_preprovisioningimages.yaml
@@ -26,6 +28,7 @@ patches:
 # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
 # patches here are for enabling the CA injection for each CRD
 - path: patches/cainjection_in_baremetalhosts.yaml
+#- patches/cainjection_in_hostfirmwarecomponents.yaml
 #- patches/cainjection_in_hostfirmwaresettings.yaml
 #- patches/cainjection_in_firmwareschemas.yaml
 #- patches/cainjection_in_preprovisioningimages.yaml

config/base/crds/patches/cainjection_in_hostfirmwarecomponents.yaml

@@ -0,0 +1,7 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: hostfirmwarecomponents.metal3.io

config/base/crds/patches/webhook_in_hostfirmwarecomponents.yaml

@@ -0,0 +1,16 @@
+# The following patch enables a conversion webhook for the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: hostfirmwarecomponents.metal3.io
+spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          namespace: system
+          name: webhook-service
+          path: /convert
+      conversionReviewVersions:
+      - v1

config/base/rbac/hostfirmwarecomponents_editor_role.yaml

@@ -2,23 +2,30 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: hostfirmwarecomponents-editor-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: baremetal-operator
+    app.kubernetes.io/part-of: baremetal-operator
+    app.kubernetes.io/managed-by: kustomize
   name: hostfirmwarecomponents-editor-role
 rules:
 - apiGroups:
   - metal3.io
   resources:
   - hostfirmwarecomponents
   verbs:
+  - create
+  - delete
   - get
   - list
-  - watch
-  - create
-  - update
   - patch
-  - delete
+  - update
+  - watch
 - apiGroups:
   - metal3.io
   resources:
   - hostfirmwarecomponents/status
   verbs:
-  - get
+  - get

config/base/rbac/hostfirmwarecomponents_viewer_role.yaml

@@ -1,7 +1,14 @@
-# permissions for end users to edit hostfirmwarecomponents.
+# permissions for end users to view hostfirmwarecomponents.
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: hostfirmwarecomponents-viewer-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: baremetal-operator
+    app.kubernetes.io/part-of: baremetal-operator
+    app.kubernetes.io/managed-by: kustomize
   name: hostfirmwarecomponents-viewer-role
 rules:
 - apiGroups:
@@ -17,4 +24,4 @@ rules:
   resources:
   - hostfirmwarecomponents/status
   verbs:
-  - get
+  - get

config/base/rbac/role.yaml

@@ -109,6 +109,32 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - metal3.io
+  resources:
+  - hostfirmwarecomponents
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - metal3.io
+  resources:
+  - hostfirmwarecomponents/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - metal3.io
+  resources:
+  - hostfirmwarecomponents/status
+  verbs:
+  - get
+  - patch
+  - update
 - apiGroups:
   - metal3.io
   resources: