├── docs
├── architecture
│ └── overview.md
├── assets
│ ├── logo.png
│ └── favicon
│ │ ├── favicon.ico
│ │ ├── apple-icon.png
│ │ ├── favicon-16x16.png
│ │ ├── favicon-32x32.png
│ │ ├── favicon-96x96.png
│ │ ├── ms-icon-70x70.png
│ │ ├── apple-icon-57x57.png
│ │ ├── apple-icon-60x60.png
│ │ ├── apple-icon-72x72.png
│ │ ├── apple-icon-76x76.png
│ │ ├── ms-icon-144x144.png
│ │ ├── ms-icon-150x150.png
│ │ ├── ms-icon-310x310.png
│ │ ├── android-icon-36x36.png
│ │ ├── android-icon-48x48.png
│ │ ├── android-icon-72x72.png
│ │ ├── android-icon-96x96.png
│ │ ├── apple-icon-114x114.png
│ │ ├── apple-icon-120x120.png
│ │ ├── apple-icon-144x144.png
│ │ ├── apple-icon-152x152.png
│ │ ├── apple-icon-180x180.png
│ │ ├── android-icon-144x144.png
│ │ ├── android-icon-192x192.png
│ │ ├── apple-icon-precomposed.png
│ │ └── browserconfig.xml
├── api-reference
│ ├── do-not-edit.txt
│ └── overview.md
└── proposals
│ ├── README.md
│ └── 00-template.md
├── CODEOWNERS
├── .github
├── pull_request_template.md
├── ISSUE_TEMPLATE
│ ├── question.md
│ ├── feature_request.md
│ └── bug_report.md
└── workflows
│ ├── reuse.yml
│ ├── lint.yml
│ ├── size-label.yml
│ ├── test.yml
│ ├── kustomize-validation.yml
│ ├── check-codegen.yml
│ └── release-drafter.yml
├── config
├── samples
│ ├── e2e
│ │ ├── bases
│ │ │ ├── ignition
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── install-nginx.sh
│ │ │ │ └── regenerate-ignition.sh
│ │ │ ├── ipam-ipv4
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── parent-prefix.yaml
│ │ │ │ └── child-prefix.yaml
│ │ │ ├── ipam-ipv6
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── parent-prefix.yaml
│ │ │ │ └── child-prefix.yaml
│ │ │ ├── machine-with-ephemeral-resources
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── network.yaml
│ │ │ ├── network-peering
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── network1.yaml
│ │ │ │ └── network2.yaml
│ │ │ ├── network-policy
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── network.yaml
│ │ │ │ └── network-policy.yaml
│ │ │ ├── loadbalancer-public
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── network.yaml
│ │ │ │ └── loadbalancer.yaml
│ │ │ └── machine-with-nonephemeral-resources
│ │ │ │ ├── network.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── virtualIP.yaml
│ │ │ │ ├── volume.yaml
│ │ │ │ ├── networkinterface.yaml
│ │ │ │ └── machine.yaml
│ │ ├── ipam-ipv4
│ │ │ ├── kustomization.yaml
│ │ │ └── README.md
│ │ ├── ipam-ipv6
│ │ │ ├── kustomization.yaml
│ │ │ └── README.md
│ │ ├── network-policy
│ │ │ └── kustomization.yaml
│ │ ├── network-peering
│ │ │ └── kustomization.yaml
│ │ ├── loadbalancer-public
│ │ │ └── kustomization.yaml
│ │ ├── machine-with-ephemeral-resources
│ │ │ └── kustomization.yaml
│ │ └── machine-with-non-ephemeral-resources
│ │ │ └── kustomization.yaml
│ ├── networking_v1alpha1_network.yaml
│ ├── storage_v1alpha1_bucketclass.yaml
│ ├── storage_v1alpha1_volumeclass.yaml
│ ├── compute_v1alpha1_machineclass.yaml
│ ├── storage_v1alpha1_bucket.yaml
│ ├── compute_v1alpha1_machinepool.yaml
│ ├── networking_v1alpha1_virtualip.yaml
│ ├── core_v1alpha1_resourcequota.yaml
│ ├── storage_v1alpha1_bucketpool.yaml
│ ├── storage_v1alpha1_volumepool.yaml
│ ├── storage_v1alpha1_volume.yaml
│ ├── storage_v1alpha1_volumesnapshot.yaml
│ ├── compute_v1alpha1_machine.yaml
│ ├── networking_v1alpha1_loadbalancer.yaml
│ ├── networking_v1alpha1_natgateway.yaml
│ └── networking_v1alpha1_networkpolicy.yaml
├── apiserver
│ ├── certmanager
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── server
│ │ └── kustomization.yaml
│ ├── rbac
│ │ ├── apiserver_service_account.yaml
│ │ ├── bucketpool_rolebinding.yaml
│ │ ├── volumepool_rolebinding.yaml
│ │ ├── machinepool_rolebinding.yaml
│ │ ├── networkplugin_rolebinding.yaml
│ │ ├── bucketpool_bootstrapper_role.yaml
│ │ ├── volumepool_bootstrapper_role.yaml
│ │ ├── machinepool_bootstrapper_role.yaml
│ │ ├── networkplugin_bootstrapper_role.yaml
│ │ ├── apiserver_role_binding.yaml
│ │ ├── bucketpool_bootstrapper_rolebinding.yaml
│ │ ├── machinepool_bootstrapper_rolebinding.yaml
│ │ ├── volumepool_bootstrapper_rolebinding.yaml
│ │ └── networkplugin_bootstrapper_rolebinding.yaml
│ ├── etcd
│ │ ├── kustomization.yaml
│ │ └── service.yaml
│ ├── kind
│ │ ├── kustomization.yaml
│ │ └── patch-apiserver.yaml
│ ├── apiservice
│ │ ├── patch-apiservice.yaml
│ │ ├── service.yaml
│ │ ├── bases
│ │ │ ├── kustomization.yaml
│ │ │ ├── v1alpha1.core.ironcore.dev.yaml
│ │ │ ├── v1alpha1.ipam.ironcore.dev.yaml
│ │ │ ├── v1alpha1.compute.ironcore.dev.yaml
│ │ │ ├── v1alpha1.storage.ironcore.dev.yaml
│ │ │ └── v1alpha1.networking.ironcore.dev.yaml
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── default
│ │ └── apiservicecainjection_patch.yaml
│ └── etcdless
│ │ └── apiservicecainjection_patch.yaml
├── controller
│ ├── certmanager
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── rbac
│ │ ├── service_account.yaml
│ │ ├── metrics_reader_role.yaml
│ │ ├── role_binding.yaml
│ │ ├── leader_election_role_binding.yaml
│ │ ├── metrics_auth_role_binding.yaml
│ │ ├── metrics_service.yaml
│ │ ├── metrics_auth_role.yaml
│ │ ├── prefix_viewer_role.yaml
│ │ ├── volume_viewer_role.yaml
│ │ ├── machine_viewer_role.yaml
│ │ ├── storagepool_viewer_role.yaml
│ │ ├── machinepool_viewer_role.yaml
│ │ ├── machineclass_viewer_role.yaml
│ │ ├── storageclass_viewer_role.yaml
│ │ ├── prefixallocation_viewer_role.yaml
│ │ ├── prefix_editor_role.yaml
│ │ ├── volume_editor_role.yaml
│ │ ├── machine_editor_role.yaml
│ │ ├── storagepool_editor_role.yaml
│ │ ├── machinepool_editor_role.yaml
│ │ ├── storageclass_editor_role.yaml
│ │ ├── machineclass_editor_role.yaml
│ │ ├── prefixallocation_editor_role.yaml
│ │ └── leader_election_role.yaml
│ ├── kind
│ │ ├── kustomization.yaml
│ │ └── patch-manager.yaml
│ ├── manager
│ │ ├── kustomization.yaml
│ │ └── controller_manager_config.yaml
│ ├── default
│ │ ├── manager_metrics_patch.yaml
│ │ └── manager_config_patch.yaml
│ └── prometheus
│ │ ├── kustomization.yaml
│ │ └── monitor_tls_patch.yaml
├── default
│ ├── apiserver
│ │ ├── remove-namespace.yaml
│ │ └── kustomization.yaml
│ ├── controller
│ │ ├── remove-namespace.yaml
│ │ └── kustomization.yaml
│ ├── namespace.yaml
│ └── kustomization.yaml
├── etcdless
│ ├── apiserver
│ │ ├── remove-namespace.yaml
│ │ └── kustomization.yaml
│ ├── controller
│ │ ├── remove-namespace.yaml
│ │ └── kustomization.yaml
│ ├── namespace.yaml
│ └── kustomization.yaml
├── bucketpoollet-broker
│ ├── manager
│ │ └── kustomization.yaml
│ ├── certmanager
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── broker-rbac
│ │ ├── service_account.yaml
│ │ ├── metrics_reader_role.yaml
│ │ ├── role_binding.yaml
│ │ ├── cluster_role_binding.yaml
│ │ ├── leader_election_role_binding.yaml
│ │ ├── metrics_auth_role_binding.yaml
│ │ ├── metrics_service.yaml
│ │ ├── metrics_auth_role.yaml
│ │ ├── cluster_role.yaml
│ │ ├── role.yaml
│ │ └── leader_election_role.yaml
│ ├── poollet-rbac
│ │ ├── service_account.yaml
│ │ ├── role_binding.yaml
│ │ └── kustomization.yaml
│ ├── kind
│ │ ├── poollet-rbac
│ │ │ ├── delete_service_account.yaml
│ │ │ └── kustomization.yaml
│ │ ├── patch-manager.yaml
│ │ ├── kustomization.yaml
│ │ └── add-args.yaml
│ ├── default
│ │ ├── manager_metrics_patch.yaml
│ │ └── manager_config_patch.yaml
│ └── prometheus
│ │ ├── kustomization.yaml
│ │ └── monitor_tls_patch.yaml
├── volumepoollet-broker
│ ├── manager
│ │ └── kustomization.yaml
│ ├── certmanager
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── broker-rbac
│ │ ├── service_account.yaml
│ │ ├── metrics_reader_role.yaml
│ │ ├── role_binding.yaml
│ │ ├── cluster_role_binding.yaml
│ │ ├── leader_election_role_binding.yaml
│ │ ├── metrics_auth_role_binding.yaml
│ │ ├── metrics_service.yaml
│ │ ├── metrics_auth_role.yaml
│ │ ├── cluster_role.yaml
│ │ ├── role.yaml
│ │ └── leader_election_role.yaml
│ ├── poollet-rbac
│ │ ├── service_account.yaml
│ │ ├── role_binding.yaml
│ │ └── kustomization.yaml
│ ├── kind
│ │ ├── poollet-rbac
│ │ │ ├── delete_service_account.yaml
│ │ │ └── kustomization.yaml
│ │ ├── patch-manager.yaml
│ │ ├── kustomization.yaml
│ │ └── add-args.yaml
│ ├── default
│ │ ├── manager_metrics_patch.yaml
│ │ └── manager_config_patch.yaml
│ └── prometheus
│ │ ├── kustomization.yaml
│ │ └── monitor_tls_patch.yaml
├── machinepoollet-broker
│ ├── certmanager
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── broker-rbac
│ │ ├── service_account.yaml
│ │ ├── metrics_reader_role.yaml
│ │ ├── role_binding.yaml
│ │ ├── cluster_role_binding.yaml
│ │ ├── leader_election_role_binding.yaml
│ │ ├── metrics_auth_role_binding.yaml
│ │ ├── metrics_service.yaml
│ │ ├── metrics_auth_role.yaml
│ │ ├── cluster_role.yaml
│ │ └── leader_election_role.yaml
│ ├── poollet-rbac
│ │ ├── service_account.yaml
│ │ ├── role_binding.yaml
│ │ └── kustomization.yaml
│ ├── kind
│ │ ├── poollet-rbac
│ │ │ ├── delete_service_account.yaml
│ │ │ └── kustomization.yaml
│ │ ├── patch-manager.yaml
│ │ ├── kustomization.yaml
│ │ └── add-args.yaml
│ ├── default
│ │ ├── manager_metrics_patch.yaml
│ │ └── manager_config_patch.yaml
│ ├── manager
│ │ ├── kustomization.yaml
│ │ ├── service.yaml
│ │ └── irictl-machine-config.yaml
│ └── prometheus
│ │ ├── kustomization.yaml
│ │ └── monitor_tls_patch.yaml
└── kind
│ ├── kustomization.yaml
│ ├── patch-apiserver.yaml
│ └── patch-manager.yaml
├── irictl-machine
├── config
│ └── samples
│ │ ├── machine-networkinterface.yaml
│ │ ├── machine-volume.yaml
│ │ └── machine.yaml
├── tableconverters
│ └── register.go
└── cmd
│ └── irictl-machine
│ ├── main.go
│ └── irictlmachine
│ ├── create
│ └── create.go
│ └── delete
│ └── delete.go
├── hack
├── license-header.txt
├── boilerplate.go.txt
├── replace.sh
├── api-reference
│ └── template
│ │ └── placeholder.go
├── tools.go
└── validate-kustomize.sh
├── poollet
├── machinepoollet
│ ├── addresses
│ │ ├── testdata
│ │ │ └── addresses.yaml
│ │ └── addresses_suite_test.go
│ ├── iri
│ │ └── streaming
│ │ │ └── remotecommand
│ │ │ └── COPYING
│ ├── controllers
│ │ ├── events
│ │ │ └── events.go
│ │ └── rbac.go
│ ├── cmd
│ │ └── machinepoollet
│ │ │ └── main.go
│ └── predicate
│ │ └── predicate.go
├── bucketpoollet
│ ├── controllers
│ │ ├── events
│ │ │ └── events.go
│ │ └── rbac.go
│ ├── cmd
│ │ └── bucketpoollet
│ │ │ └── main.go
│ ├── api
│ │ └── v1alpha1
│ │ │ └── common_types.go
│ └── bcm
│ │ └── bcm.go
├── irievent
│ └── listener.go
├── volumepoollet
│ ├── controllers
│ │ ├── events
│ │ │ └── events.go
│ │ └── rbac.go
│ └── cmd
│ │ └── volumepoollet
│ │ └── main.go
└── common
│ └── utils
│ └── topology.go
├── api
├── doc.go
├── core
│ └── v1alpha1
│ │ ├── doc.go
│ │ └── types.go
├── ipam
│ └── v1alpha1
│ │ └── doc.go
├── compute
│ └── v1alpha1
│ │ └── doc.go
├── networking
│ └── v1alpha1
│ │ └── doc.go
├── storage
│ └── v1alpha1
│ │ └── doc.go
└── common
│ └── v1alpha1
│ ├── doc.go
│ ├── suite_test.go
│ ├── zz_generated.defaults.go
│ └── register.go
├── client-go
├── doc.go
├── ironcore
│ └── versioned
│ │ ├── fake
│ │ └── doc.go
│ │ ├── typed
│ │ ├── core
│ │ │ └── v1alpha1
│ │ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ │ ├── doc.go
│ │ │ │ └── generated_expansion.go
│ │ ├── ipam
│ │ │ └── v1alpha1
│ │ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ │ ├── doc.go
│ │ │ │ └── generated_expansion.go
│ │ ├── compute
│ │ │ └── v1alpha1
│ │ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ │ ├── doc.go
│ │ │ │ └── generated_expansion.go
│ │ ├── storage
│ │ │ └── v1alpha1
│ │ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ │ ├── doc.go
│ │ │ │ └── generated_expansion.go
│ │ └── networking
│ │ │ └── v1alpha1
│ │ │ ├── fake
│ │ │ └── doc.go
│ │ │ ├── doc.go
│ │ │ └── generated_expansion.go
│ │ └── scheme
│ │ └── doc.go
└── listers
│ ├── core
│ └── v1alpha1
│ │ └── expansion_generated.go
│ └── compute
│ └── v1alpha1
│ └── expansion_generated.go
├── buf.yaml
├── irictl-volume
├── config
│ └── samples
│ │ ├── volumesnapshot.yaml
│ │ └── volume.yaml
├── tableconverters
│ └── register.go
├── cmd
│ └── irictl-volume
│ │ └── main.go
└── renderers
│ └── register.go
├── buf.gen.yaml
├── irictl
├── renderer
│ ├── renderers.go
│ ├── json.go
│ └── yaml.go
├── tableconverter
│ ├── errors.go
│ └── tableconverter_suite_test.go
└── tabwriter
│ └── tabwriter.go
├── broker
├── bucketbroker
│ ├── version
│ │ └── version.go
│ ├── cmd
│ │ └── bucketbroker
│ │ │ └── main.go
│ ├── api
│ │ └── v1alpha1
│ │ │ └── common_types.go
│ └── client
│ │ └── config
│ │ └── getter.go
├── machinebroker
│ ├── version
│ │ └── version.go
│ ├── cmd
│ │ └── machinebroker
│ │ │ └── main.go
│ ├── api
│ │ └── v1alpha1
│ │ │ └── common_types.go
│ └── client
│ │ └── config
│ │ └── getter.go
├── volumebroker
│ ├── version
│ │ └── version.go
│ ├── cmd
│ │ └── volumebroker
│ │ │ └── main.go
│ ├── api
│ │ └── v1alpha1
│ │ │ └── common_types.go
│ └── client
│ │ └── config
│ │ └── getter.go
└── common
│ ├── manager
│ └── manager.go
│ └── sync
│ └── sync_suite_test.go
├── internal
├── controllers
│ └── core
│ │ ├── certificate
│ │ ├── compute
│ │ │ └── compute.go
│ │ ├── storage
│ │ │ └── storage.go
│ │ ├── networking
│ │ │ └── networking.go
│ │ └── ironcore
│ │ │ └── ironcore.go
│ │ └── quota
│ │ ├── compute
│ │ └── compute.go
│ │ ├── storage
│ │ └── storage.go
│ │ └── ironcore
│ │ └── ironcore.go
├── apis
│ ├── storage
│ │ ├── v1alpha1
│ │ │ ├── v1alpha1_suite_test.go
│ │ │ ├── doc.go
│ │ │ └── defaults_test.go
│ │ ├── validation
│ │ │ └── validation_suite_test.go
│ │ ├── doc.go
│ │ ├── install
│ │ │ └── install.go
│ │ └── zz_generated.defaults.go
│ ├── networking
│ │ ├── v1alpha1
│ │ │ ├── v1alpha1_suite_test.go
│ │ │ └── doc.go
│ │ ├── doc.go
│ │ ├── validation
│ │ │ └── validation_suite_test.go
│ │ ├── install
│ │ │ └── install.go
│ │ └── zz_generated.defaults.go
│ ├── ipam
│ │ ├── validation
│ │ │ └── validation_suite_test.go
│ │ ├── doc.go
│ │ ├── v1alpha1
│ │ │ └── doc.go
│ │ ├── install
│ │ │ └── install.go
│ │ └── zz_generated.defaults.go
│ ├── compute
│ │ ├── validation
│ │ │ └── validation_suite_test.go
│ │ ├── doc.go
│ │ ├── v1alpha1
│ │ │ └── doc.go
│ │ ├── install
│ │ │ └── install.go
│ │ └── zz_generated.defaults.go
│ └── core
│ │ ├── validation
│ │ └── validation_suite_test.go
│ │ ├── doc.go
│ │ ├── types.go
│ │ ├── v1alpha1
│ │ ├── doc.go
│ │ └── zz_generated.defaults.go
│ │ ├── install
│ │ └── install.go
│ │ └── zz_generated.defaults.go
├── admission
│ └── plugin
│ │ └── machinevolumedevices
│ │ ├── device
│ │ └── device_suite_test.go
│ │ └── machinevolumedevices_suite_test.go
├── tableconvertor
│ └── tableconvertor.go
└── client
│ └── networking
│ └── natgateway.go
├── iri
└── apis
│ ├── meta
│ └── v1alpha1
│ │ ├── api.proto
│ │ └── interfaces.go
│ ├── event
│ └── v1alpha1
│ │ └── api.proto
│ └── bucket
│ └── bucket.go
├── utils
├── debug
│ └── debug.go
├── client
│ └── config
│ │ └── errors.go
├── context
│ └── context_suite_test.go
├── generic
│ └── generic_suite_test.go
├── quota
│ └── scopeselector.go
├── labels
│ └── helpers.go
├── maps
│ └── maps.go
├── meta
│ └── meta.go
└── runtime
│ └── runtime.go
├── irictl-bucket
├── tableconverters
│ └── register.go
├── cmd
│ └── irictl-bucket
│ │ ├── main.go
│ │ └── irictlbucket
│ │ ├── create
│ │ └── create.go
│ │ └── delete
│ │ └── delete.go
└── renderers
│ └── register.go
├── .gitignore
├── cmd
└── ironcore-apiserver
│ └── main.go
└── third_party
└── kubernetes
└── pkg
└── util
└── flock
├── errors.go
└── doc.go
/docs/architecture/overview.md:
--------------------------------------------------------------------------------
1 | # IronCore Architecture
--------------------------------------------------------------------------------
/CODEOWNERS:
--------------------------------------------------------------------------------
1 | # ironcore maintainers
2 | * @ironcore-dev/core
3 |
--------------------------------------------------------------------------------
/.github/pull_request_template.md:
--------------------------------------------------------------------------------
1 | # Proposed Changes
2 |
3 | -
4 | -
5 | -
6 |
7 | Fixes #
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ignition/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ignition-secret.yaml
--------------------------------------------------------------------------------
/docs/assets/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/logo.png
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ipam-ipv4/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - parent-prefix.yaml
3 | - child-prefix.yaml
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ipam-ipv6/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - parent-prefix.yaml
3 | - child-prefix.yaml
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ignition/install-nginx.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | apt-get update
4 | apt-get -yq install nginx
--------------------------------------------------------------------------------
/docs/assets/favicon/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/favicon.ico
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-ephemeral-resources/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - network.yaml
3 | - machine.yaml
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon.png
--------------------------------------------------------------------------------
/docs/assets/favicon/favicon-16x16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/favicon-16x16.png
--------------------------------------------------------------------------------
/docs/assets/favicon/favicon-32x32.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/favicon-32x32.png
--------------------------------------------------------------------------------
/docs/assets/favicon/favicon-96x96.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/favicon-96x96.png
--------------------------------------------------------------------------------
/docs/assets/favicon/ms-icon-70x70.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/ms-icon-70x70.png
--------------------------------------------------------------------------------
/irictl-machine/config/samples/machine-networkinterface.yaml:
--------------------------------------------------------------------------------
1 | name: my-nic
2 | network_id: my-network
3 | ips:
4 | - 192.168.178.1
5 |
--------------------------------------------------------------------------------
/irictl-machine/config/samples/machine-volume.yaml:
--------------------------------------------------------------------------------
1 | name: my-volume
2 | device: oda
3 | empty_disk:
4 | size_bytes: 1099511627776
5 |
--------------------------------------------------------------------------------
/config/apiserver/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/docs/api-reference/do-not-edit.txt:
--------------------------------------------------------------------------------
1 | !!! The content of this folder is generated via 'make docs'. Any manual changes will be overwritten. !!!
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-57x57.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-57x57.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-60x60.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-60x60.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-72x72.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-72x72.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-76x76.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-76x76.png
--------------------------------------------------------------------------------
/docs/assets/favicon/ms-icon-144x144.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/ms-icon-144x144.png
--------------------------------------------------------------------------------
/docs/assets/favicon/ms-icon-150x150.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/ms-icon-150x150.png
--------------------------------------------------------------------------------
/docs/assets/favicon/ms-icon-310x310.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/ms-icon-310x310.png
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/question.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Question ❓
3 | about: Is something unclear?
4 | labels: question
5 | ---
6 |
7 | # Question?
--------------------------------------------------------------------------------
/docs/assets/favicon/android-icon-36x36.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/android-icon-36x36.png
--------------------------------------------------------------------------------
/docs/assets/favicon/android-icon-48x48.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/android-icon-48x48.png
--------------------------------------------------------------------------------
/docs/assets/favicon/android-icon-72x72.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/android-icon-72x72.png
--------------------------------------------------------------------------------
/docs/assets/favicon/android-icon-96x96.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/android-icon-96x96.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-114x114.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-114x114.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-120x120.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-120x120.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-144x144.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-144x144.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-152x152.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-152x152.png
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-180x180.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-180x180.png
--------------------------------------------------------------------------------
/config/controller/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate-metrics.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/config/default/apiserver/remove-namespace.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: Namespace
4 | metadata:
5 | name: ironcore-system
6 |
--------------------------------------------------------------------------------
/config/default/controller/remove-namespace.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: Namespace
4 | metadata:
5 | name: ironcore-system
6 |
--------------------------------------------------------------------------------
/config/etcdless/apiserver/remove-namespace.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: Namespace
4 | metadata:
5 | name: ironcore-system
6 |
--------------------------------------------------------------------------------
/config/etcdless/controller/remove-namespace.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: Namespace
4 | metadata:
5 | name: ironcore-system
6 |
--------------------------------------------------------------------------------
/docs/assets/favicon/android-icon-144x144.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/android-icon-144x144.png
--------------------------------------------------------------------------------
/docs/assets/favicon/android-icon-192x192.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/android-icon-192x192.png
--------------------------------------------------------------------------------
/config/apiserver/server/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - server.yaml
6 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 |
4 | generatorOptions:
5 | disableNameSuffixHash: true
6 |
--------------------------------------------------------------------------------
/config/controller/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/config/samples/e2e/bases/network-peering/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - network1.yaml
3 | - network2.yaml
4 | - machine1.yaml
5 | - machine2.yaml
--------------------------------------------------------------------------------
/config/samples/e2e/bases/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - network.yaml
3 | - machine1.yaml
4 | - machine2.yaml
5 | - network-policy.yaml
--------------------------------------------------------------------------------
/config/volumepoollet-broker/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 |
4 | generatorOptions:
5 | disableNameSuffixHash: true
6 |
--------------------------------------------------------------------------------
/docs/assets/favicon/apple-icon-precomposed.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ironcore-dev/ironcore/HEAD/docs/assets/favicon/apple-icon-precomposed.png
--------------------------------------------------------------------------------
/config/apiserver/rbac/apiserver_service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: apiserver
5 | namespace: system
6 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate-metrics.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate-metrics.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/loadbalancer-public/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - network.yaml
3 | - machine1.yaml
4 | - machine2.yaml
5 | - loadbalancer.yaml
--------------------------------------------------------------------------------
/config/volumepoollet-broker/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate-metrics.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/hack/license-header.txt:
--------------------------------------------------------------------------------
1 | SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | SPDX-License-Identifier: Apache-2.0
3 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/network-policy/network.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | name: network-sample
5 |
--------------------------------------------------------------------------------
/config/samples/e2e/ipam-ipv4/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../bases/ipam-ipv4
--------------------------------------------------------------------------------
/config/samples/e2e/ipam-ipv6/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../bases/ipam-ipv6
--------------------------------------------------------------------------------
/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/addresses/testdata/addresses.yaml:
--------------------------------------------------------------------------------
1 | addresses:
2 | - type: Hostname
3 | address: foo.bar
4 | - type: InternalIP
5 | address: 10.0.0.1
6 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/config/default/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: ironcore-system
5 | labels:
6 | control-plane: apiserver-controller
7 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/loadbalancer-public/network.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | name: network-sample
5 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/api/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package api
5 |
--------------------------------------------------------------------------------
/config/apiserver/etcd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - etcd.yaml
6 | - service.yaml
7 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/poollet-rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/config/etcdless/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: ironcore-system
5 | labels:
6 | control-plane: apiserver-controller
7 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/config/machinepoollet-broker/poollet-rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-ephemeral-resources/network.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | name: network-sample
--------------------------------------------------------------------------------
/config/volumepoollet-broker/poollet-rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller-manager
5 | namespace: system
--------------------------------------------------------------------------------
/client-go/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package clientgo
5 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-nonephemeral-resources/network.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | name: network-sample
5 |
--------------------------------------------------------------------------------
/config/samples/networking_v1alpha1_network.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | namespace: default
5 | name: network-sample
6 |
--------------------------------------------------------------------------------
/config/default/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - namespace.yaml
6 | - apiserver
7 | - controller
8 |
--------------------------------------------------------------------------------
/config/etcdless/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - namespace.yaml
6 | - apiserver
7 | - controller
8 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-nonephemeral-resources/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - network.yaml
3 | - virtualIP.yaml
4 | - networkinterface.yaml
5 | - volume.yaml
6 | - machine.yaml
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/kind/poollet-rbac/delete_service_account.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | namespace: system
6 | name: controller-manager
7 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/kind/poollet-rbac/delete_service_account.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | namespace: system
6 | name: controller-manager
7 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/kind/poollet-rbac/delete_service_account.yaml:
--------------------------------------------------------------------------------
1 | $patch: delete
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | namespace: system
6 | name: controller-manager
7 |
--------------------------------------------------------------------------------
/config/apiserver/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../default
6 |
7 | patchesStrategicMerge:
8 | - patch-apiserver.yaml
9 |
--------------------------------------------------------------------------------
/config/controller/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../default
6 |
7 | patchesStrategicMerge:
8 | - patch-manager.yaml
9 |
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_bucketclass.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: BucketClass
3 | metadata:
4 | name: bucketclass-sample
5 | capabilities:
6 | tps: 100Mi
7 | iops: 100
8 |
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_volumeclass.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: VolumeClass
3 | metadata:
4 | name: volumeclass-sample
5 | capabilities:
6 | tps: 100Mi
7 | iops: 100
8 |
--------------------------------------------------------------------------------
/config/samples/compute_v1alpha1_machineclass.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: compute.ironcore.dev/v1alpha1
2 | kind: MachineClass
3 | metadata:
4 | name: machineclass-sample
5 | capabilities:
6 | cpu: 4
7 | memory: 16Gi
8 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ipam-ipv4/parent-prefix.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ipam.ironcore.dev/v1alpha1
2 | kind: Prefix
3 | metadata:
4 | name: root-1
5 | labels:
6 | subnet-type: public
7 | spec:
8 | prefix: 10.0.0.0/8
--------------------------------------------------------------------------------
/buf.yaml:
--------------------------------------------------------------------------------
1 | version: v2
2 | deps:
3 | - buf.build/google/googleapis
4 | - buf.build/grpc/grpc
5 | modules:
6 | - path: iri/apis
7 | lint:
8 | use:
9 | - STANDARD
10 | breaking:
11 | use:
12 | - FILE
--------------------------------------------------------------------------------
/config/samples/e2e/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: test
5 |
6 | resources:
7 | - ../bases/ignition
8 | - ../bases/network-policy
9 |
--------------------------------------------------------------------------------
/irictl-volume/config/samples/volumesnapshot.yaml:
--------------------------------------------------------------------------------
1 | metadata:
2 | annotations:
3 | foo: bar
4 | labels:
5 | bar: baz
6 | spec:
7 | volume_id: 2992076108895c9fb7a3f46ccac649763ed3370922ed5dd33c1695cb5f770cd
8 |
--------------------------------------------------------------------------------
/buf.gen.yaml:
--------------------------------------------------------------------------------
1 | version: v2
2 | plugins:
3 | - local: ./bin/protoc-gen-go
4 | out: iri/apis
5 | opt: paths=source_relative
6 | - local: ./bin/protoc-gen-go-grpc
7 | out: iri/apis
8 | opt: paths=source_relative
--------------------------------------------------------------------------------
/config/samples/e2e/network-peering/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: test
5 |
6 | resources:
7 | - ../bases/ignition
8 | - ../bases/network-peering
9 |
--------------------------------------------------------------------------------
/config/default/apiserver/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../../apiserver/default
6 |
7 | patchesStrategicMerge:
8 | - remove-namespace.yaml
9 |
--------------------------------------------------------------------------------
/config/default/controller/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../../controller/default
6 |
7 | patchesStrategicMerge:
8 | - remove-namespace.yaml
9 |
--------------------------------------------------------------------------------
/config/etcdless/apiserver/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../../apiserver/etcdless
6 |
7 | patchesStrategicMerge:
8 | - remove-namespace.yaml
9 |
--------------------------------------------------------------------------------
/config/etcdless/controller/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../../controller/default
6 |
7 | patchesStrategicMerge:
8 | - remove-namespace.yaml
9 |
--------------------------------------------------------------------------------
/config/samples/e2e/loadbalancer-public/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: test
5 |
6 | resources:
7 | - ../bases/ignition
8 | - ../bases/loadbalancer-public
9 |
--------------------------------------------------------------------------------
/hack/replace.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -o errexit
4 | set -o nounset
5 | set -o pipefail
6 |
7 | FILE="$1"
8 | EXPRESSION="$2"
9 |
10 | sed "$EXPRESSION" "$FILE" > "$FILE.bak"
11 | mv "$FILE.bak" "$FILE"
12 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/patch-apiservice.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiregistration.k8s.io/v1
2 | kind: APIService
3 | metadata:
4 | name: not-important
5 | spec:
6 | service:
7 | namespace: system
8 | name: apiserver-service
9 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ipam-ipv6/parent-prefix.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ipam.ironcore.dev/v1alpha1
2 | kind: Prefix
3 | metadata:
4 | name: root-1
5 | labels:
6 | subnet-type: public
7 | spec:
8 | prefix: 2000::/8
9 |
10 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-nonephemeral-resources/virtualIP.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: VirtualIP
3 | metadata:
4 | name: virtualip-sample
5 | spec:
6 | type: Public
7 | ipFamily: IPv4
8 |
--------------------------------------------------------------------------------
/config/controller/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/config/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../default
6 |
7 | patchesStrategicMerge:
8 | - patch-apiserver.yaml
9 | - patch-manager.yaml
10 |
--------------------------------------------------------------------------------
/irictl-machine/config/samples/machine.yaml:
--------------------------------------------------------------------------------
1 | metadata:
2 | annotations:
3 | foo: bar
4 | labels:
5 | bar: baz
6 | spec:
7 | class: small
8 | image:
9 | image: ghcr.io/ironcore-dev/ironcore-image/gardenlinux:latest
10 |
--------------------------------------------------------------------------------
/config/apiserver/etcd/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: etcd
5 | namespace: system
6 | spec:
7 | ports:
8 | - port: 2379
9 | targetPort: 2379
10 | selector:
11 | control-plane: etcd
12 |
--------------------------------------------------------------------------------
/config/controller/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 |
4 | generatorOptions:
5 | disableNameSuffixHash: true
6 |
7 | configMapGenerator:
8 | - name: manager-config
9 | files:
10 | - controller_manager_config.yaml
11 |
--------------------------------------------------------------------------------
/config/samples/e2e/machine-with-ephemeral-resources/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: test
5 |
6 | resources:
7 | - ../bases/ignition
8 | - ../bases/machine-with-ephemeral-resources
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/config/controller/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds an argument to the manager container to enable the metrics endpoint over HTTPS.
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/config/samples/e2e/machine-with-non-ephemeral-resources/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: test
5 |
6 | resources:
7 | - ../bases/ignition
8 | - ../bases/machine-with-nonephemeral-resources
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ignition/regenerate-ignition.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | butane -d . ignition.yaml | \
4 | kubectl create secret generic ignition --from-file=ignition.yaml=/dev/stdin --dry-run=client -o yaml \
5 | > ../ignition/ignition-secret.yaml
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds an argument to the manager container to enable the metrics endpoint over HTTPS.
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds an argument to the manager container to enable the metrics endpoint over HTTPS.
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds an argument to the manager container to enable the metrics endpoint over HTTPS.
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: apiserver-service
5 | namespace: system
6 | spec:
7 | ports:
8 | - port: 443
9 | targetPort: 8443
10 | selector:
11 | control-plane: apiserver
12 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/network-peering/network1.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | name: network-sample1
5 | spec:
6 | peerings:
7 | - name: peering1
8 | networkRef:
9 | name: network-sample2
10 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/network-peering/network2.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: Network
3 | metadata:
4 | name: network-sample2
5 | spec:
6 | peerings:
7 | - name: peering2
8 | networkRef:
9 | name: network-sample1
10 |
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_bucket.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: Bucket
3 | metadata:
4 | name: bucket-sample
5 | spec:
6 | bucketClassRef:
7 | name: bucketclass-sample
8 | # bucketPoolRef:
9 | # name: bucketpool-sample
10 |
--------------------------------------------------------------------------------
/irictl-volume/config/samples/volume.yaml:
--------------------------------------------------------------------------------
1 | metadata:
2 | annotations:
3 | foo: bar
4 | labels:
5 | bar: baz
6 | spec:
7 | class: volumeclass-sample
8 | image: ghcr.io/ironcore-dev/ironcore-image/gardenlinux:latest
9 | resources:
10 | storage_bytes: 1073741824
--------------------------------------------------------------------------------
/poollet/bucketpoollet/controllers/events/events.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package events
5 |
6 | const (
7 | BucketClassNotReady = "BucketClassNotReady"
8 | )
9 |
--------------------------------------------------------------------------------
/hack/api-reference/template/placeholder.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Package template Placeholder file to make Go vendor this directory properly.
5 | package template
6 |
--------------------------------------------------------------------------------
/config/kind/patch-apiserver.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: ironcore-system
5 | name: ironcore-apiserver
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: apiserver
11 | imagePullPolicy: Never
12 |
--------------------------------------------------------------------------------
/config/kind/patch-manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: ironcore-system
5 | name: ironcore-controller-manager
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | imagePullPolicy: Never
12 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | - service.yaml
4 |
5 | configMapGenerator:
6 | - name: irictl-machine-config
7 | files:
8 | - config=irictl-machine-config.yaml
9 |
10 | generatorOptions:
11 | disableNameSuffixHash: true
12 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/manager/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: server
5 | spec:
6 | type: ClusterIP
7 | selector:
8 | control-plane: controller-manager
9 | ports:
10 | - name: server
11 | port: 20250
12 | targetPort: server
13 |
--------------------------------------------------------------------------------
/config/samples/compute_v1alpha1_machinepool.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: compute.ironcore.dev/v1alpha1
2 | kind: MachinePool
3 | metadata:
4 | name: machinepool-sample
5 | labels:
6 | ironcore.dev/az: az1
7 | spec:
8 | providerID: ironcore://shared
9 | # status:
10 | # state: Available
11 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/iri/streaming/remotecommand/COPYING:
--------------------------------------------------------------------------------
1 | Copied this package adding some adaptations from
2 | https://github.com/kubernetes/kubernetes/tree/9e644106593f3f4aa98f8a84b23db5fa378900bd/pkg/kubelet/cri/streaming/remotecommand
3 | to avoid a direct dependency on kubernetes/kubernetes.
4 |
--------------------------------------------------------------------------------
/config/apiserver/kind/patch-apiserver.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: ironcore-system
5 | name: ironcore-apiserver
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: apiserver
11 | imagePullPolicy: Never
12 |
--------------------------------------------------------------------------------
/.github/workflows/reuse.yml:
--------------------------------------------------------------------------------
1 | name: REUSE Compliance Check
2 |
3 | on: pull_request
4 |
5 | jobs:
6 | test:
7 | name: reuse
8 | runs-on: ubuntu-latest
9 | steps:
10 | - uses: actions/checkout@v6
11 | - name: REUSE Compliance Check
12 | uses: fsfe/reuse-action@v6
13 |
--------------------------------------------------------------------------------
/config/controller/kind/patch-manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: ironcore-system
5 | name: ironcore-controller-manager
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | imagePullPolicy: Never
12 |
--------------------------------------------------------------------------------
/config/samples/networking_v1alpha1_virtualip.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: VirtualIP
3 | metadata:
4 | name: virtualip-sample
5 | spec:
6 | type: Public
7 | ipFamily: IPv4
8 | #status:
9 | # ip: 10.0.0.1 # This will be populated by the corresponding controller.
10 |
--------------------------------------------------------------------------------
/hack/tools.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Package tools
5 |
6 | //go:build tools
7 | // +build tools
8 |
9 | package hack
10 |
11 | import (
12 | _ "k8s.io/code-generator"
13 | )
14 |
--------------------------------------------------------------------------------
/docs/assets/favicon/browserconfig.xml:
--------------------------------------------------------------------------------
1 |
2 | #ffffff
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/fake/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package has the automatically generated fake clientset.
7 | package fake
8 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-nonephemeral-resources/volume.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: Volume
3 | metadata:
4 | name: volume-sample
5 | spec:
6 | volumeClassRef:
7 | name: volumeclass-sample
8 | image: gardenlinux:rootfs-image
9 | resources:
10 | storage: 10Gi
11 |
--------------------------------------------------------------------------------
/irictl/renderer/renderers.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package renderer
5 |
6 | var (
7 | LocalRegistryBuilder RegistryBuilder
8 | AddToRegistry = LocalRegistryBuilder.AddToRegistry
9 | )
10 |
--------------------------------------------------------------------------------
/broker/bucketbroker/version/version.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package version
5 |
6 | const (
7 | RuntimeName = "bucketbroker"
8 | )
9 |
10 | var (
11 | Version string
12 | Commit string
13 | )
14 |
--------------------------------------------------------------------------------
/broker/machinebroker/version/version.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package version
5 |
6 | const (
7 | RuntimeName = "machinebroker"
8 | )
9 |
10 | var (
11 | Version string
12 | Commit string
13 | )
14 |
--------------------------------------------------------------------------------
/broker/volumebroker/version/version.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package version
5 |
6 | const (
7 | RuntimeName = "volumebroker"
8 | )
9 |
10 | var (
11 | Version string
12 | Commit string
13 | )
14 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/core/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // Package fake has the automatically generated clients.
7 | package fake
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/ipam/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // Package fake has the automatically generated clients.
7 | package fake
8 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/kind/poollet-rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: bucketpoollet-system
5 | namePrefix: bucketpoollet-
6 |
7 | resources:
8 | - ../../poollet-rbac
9 |
10 | patchesStrategicMerge:
11 | - delete_service_account.yaml
12 |
--------------------------------------------------------------------------------
/config/controller/manager/controller_manager_config.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1
2 | kind: ControllerManagerConfig
3 | health:
4 | healthProbeBindAddress: :8081
5 | metrics:
6 | bindAddress: 127.0.0.1:8080
7 | leaderElection:
8 | leaderElect: true
9 | resourceName: d0ae00be.ironcore.dev
10 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/kind/poollet-rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: machinepoollet-system
5 | namePrefix: machinepoollet-
6 |
7 | resources:
8 | - ../../poollet-rbac
9 |
10 | patchesStrategicMerge:
11 | - delete_service_account.yaml
12 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/kind/poollet-rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: volumepoollet-system
5 | namePrefix: volumepoollet-
6 |
7 | resources:
8 | - ../../poollet-rbac
9 |
10 | patchesStrategicMerge:
11 | - delete_service_account.yaml
12 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/scheme/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package contains the scheme of the automatically generated clientset.
7 | package scheme
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/compute/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // Package fake has the automatically generated clients.
7 | package fake
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/core/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package has the automatically generated typed clients.
7 | package v1alpha1
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/core/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | type ResourceQuotaExpansion interface{}
9 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/ipam/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package has the automatically generated typed clients.
7 | package v1alpha1
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/storage/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // Package fake has the automatically generated clients.
7 | package fake
8 |
--------------------------------------------------------------------------------
/config/samples/core_v1alpha1_resourcequota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: core.ironcore.dev/v1alpha1
2 | kind: ResourceQuota
3 | metadata:
4 | name: resource-quota-sample
5 | spec:
6 | hard: # Hard is the mapping of strictly enforced resource limits.
7 | requests.cpu: "10"
8 | requests.memory: 100Gi
9 | requests.storage: 10Ti
10 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/compute/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package has the automatically generated typed clients.
7 | package v1alpha1
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/networking/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // Package fake has the automatically generated clients.
7 | package fake
8 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/storage/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package has the automatically generated typed clients.
7 | package v1alpha1
8 |
--------------------------------------------------------------------------------
/broker/common/manager/manager.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package manager
5 |
6 | import "sigs.k8s.io/controller-runtime/pkg/manager"
7 |
8 | type Manager interface {
9 | Add(runnable manager.Runnable) error
10 | }
11 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/networking/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | // This package has the automatically generated typed clients.
7 | package v1alpha1
8 |
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_bucketpool.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: BucketPool
3 | metadata:
4 | name: bucketpool-sample
5 | spec:
6 | providerID: ironcore://shared
7 | #status:
8 | # state: Available
9 | # available:
10 | # ironcore.dev/fast-class: 10Gi
11 | # ironcore.dev/slow-class: 100Gi
12 |
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_volumepool.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: VolumePool
3 | metadata:
4 | name: volumepool-sample
5 | spec:
6 | providerID: ironcore://shared
7 | #status:
8 | # state: Available
9 | # available:
10 | # ironcore.dev/fast-class: 10Gi
11 | # ironcore.dev/slow-class: 100Gi
12 |
--------------------------------------------------------------------------------
/irictl/tableconverter/errors.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tableconverter
5 |
6 | import "errors"
7 |
8 | var (
9 | ErrNotFound = errors.New("not found")
10 | ErrAlreadyExists = errors.New("already exists")
11 | )
12 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/bases/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - v1alpha1.compute.ironcore.dev.yaml
6 | - v1alpha1.core.ironcore.dev.yaml
7 | - v1alpha1.storage.ironcore.dev.yaml
8 | - v1alpha1.networking.ironcore.dev.yaml
9 | - v1alpha1.ipam.ironcore.dev.yaml
10 |
--------------------------------------------------------------------------------
/config/controller/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: manager-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: manager-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: broker-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: broker-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: broker-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: broker-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: broker-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: broker-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/poollet-rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: manager-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: manager-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/machinepoollet-broker/poollet-rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: manager-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: manager-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/volumepoollet-broker/poollet-rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: manager-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: manager-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/apiserver/apiservice/bases/v1alpha1.core.ironcore.dev.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiregistration.k8s.io/v1
2 | kind: APIService
3 | metadata:
4 | name: v1alpha1.core.ironcore.dev
5 | spec:
6 | group: core.ironcore.dev
7 | version: v1alpha1
8 | service:
9 | namespace: system
10 | name: apiserver-service
11 | groupPriorityMinimum: 2000
12 | versionPriority: 100
13 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/bases/v1alpha1.ipam.ironcore.dev.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiregistration.k8s.io/v1
2 | kind: APIService
3 | metadata:
4 | name: v1alpha1.ipam.ironcore.dev
5 | spec:
6 | group: ipam.ironcore.dev
7 | version: v1alpha1
8 | service:
9 | namespace: system
10 | name: apiserver-service
11 | groupPriorityMinimum: 2000
12 | versionPriority: 100
13 |
--------------------------------------------------------------------------------
/config/controller/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: leader-election-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: leader-election-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/loadbalancer-public/loadbalancer.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: LoadBalancer
3 | metadata:
4 | name: loadbalancer-sample
5 | spec:
6 | type: Public
7 | ipFamilies: [IPv4]
8 | networkRef:
9 | name: network-sample
10 | networkInterfaceSelector:
11 | matchLabels:
12 | app: web
13 | ports:
14 | - port: 80
--------------------------------------------------------------------------------
/internal/controllers/core/certificate/compute/compute.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package compute
5 |
6 | import "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/generic"
7 |
8 | var Recognizers []generic.CertificateSigningRequestRecognizer
9 |
--------------------------------------------------------------------------------
/internal/controllers/core/certificate/storage/storage.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package storage
5 |
6 | import "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/generic"
7 |
8 | var Recognizers []generic.CertificateSigningRequestRecognizer
9 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/ipam/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | type PrefixExpansion interface{}
9 |
10 | type PrefixAllocationExpansion interface{}
11 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/cluster_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: broker-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: broker-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/kind/patch-manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: bucketpoollet-system
5 | name: bucketpoollet-controller-manager
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | imagePullPolicy: Never
12 | - name: broker
13 | imagePullPolicy: Never
14 |
--------------------------------------------------------------------------------
/config/controller/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/cluster_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: broker-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: broker-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/cluster_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: broker-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: broker-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
--------------------------------------------------------------------------------
/config/volumepoollet-broker/kind/patch-manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: volumepoollet-system
5 | name: volumepoollet-controller-manager
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | imagePullPolicy: Never
12 | - name: broker
13 | imagePullPolicy: Never
14 |
--------------------------------------------------------------------------------
/internal/controllers/core/certificate/networking/networking.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package networking
5 |
6 | import "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/generic"
7 |
8 | var Recognizers []generic.CertificateSigningRequestRecognizer
9 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/bases/v1alpha1.compute.ironcore.dev.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiregistration.k8s.io/v1
2 | kind: APIService
3 | metadata:
4 | name: v1alpha1.compute.ironcore.dev
5 | spec:
6 | group: compute.ironcore.dev
7 | version: v1alpha1
8 | service:
9 | namespace: system
10 | name: apiserver-service
11 | groupPriorityMinimum: 2000
12 | versionPriority: 100
13 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/bases/v1alpha1.storage.ironcore.dev.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiregistration.k8s.io/v1
2 | kind: APIService
3 | metadata:
4 | name: v1alpha1.storage.ironcore.dev
5 | spec:
6 | group: storage.ironcore.dev
7 | version: v1alpha1
8 | service:
9 | namespace: system
10 | name: apiserver-service
11 | groupPriorityMinimum: 2000
12 | versionPriority: 100
13 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - bases
6 | - service.yaml
7 |
8 | patches:
9 | - path: patch-apiservice.yaml
10 | target:
11 | group: apiregistration.k8s.io
12 | version: v1
13 | kind: APIService
14 |
15 | configurations:
16 | - kustomizeconfig.yaml
17 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/kind/patch-manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | namespace: machinepoollet-system
5 | name: machinepoollet-controller-manager
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | imagePullPolicy: Never
12 | - name: broker
13 | imagePullPolicy: Never
14 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: leader-election-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: leader-election-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/controller/rbac/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | name: controller-manager-metrics-service
7 | namespace: system
8 | spec:
9 | ports:
10 | - name: https
11 | port: 8443
12 | protocol: TCP
13 | targetPort: 8443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: leader-election-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: leader-election-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/bases/v1alpha1.networking.ironcore.dev.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiregistration.k8s.io/v1
2 | kind: APIService
3 | metadata:
4 | name: v1alpha1.networking.ironcore.dev
5 | spec:
6 | group: networking.ironcore.dev
7 | version: v1alpha1
8 | service:
9 | namespace: system
10 | name: apiserver-service
11 | groupPriorityMinimum: 2000
12 | versionPriority: 100
13 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: leader-election-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: Role
8 | name: leader-election-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/iri/apis/meta/v1alpha1/api.proto:
--------------------------------------------------------------------------------
1 | syntax = "proto3";
2 |
3 | package meta.v1alpha1;
4 | option go_package = "github.com/ironcore-dev/ironcore/iri/apis/meta/v1alpha1";
5 |
6 | message ObjectMetadata {
7 | string id = 1;
8 | map annotations = 2;
9 | map labels = 3;
10 | int64 generation = 4;
11 | int64 created_at = 5;
12 | int64 deleted_at = 6;
13 | }
14 |
--------------------------------------------------------------------------------
/utils/debug/debug.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package debug
5 |
6 | import ctrl "sigs.k8s.io/controller-runtime"
7 |
8 | var (
9 | log = ctrl.Log.WithName("debug")
10 |
11 | handlerLog = log.WithName("handler")
12 |
13 | predicateLog = log.WithName("predicate")
14 | )
15 |
--------------------------------------------------------------------------------
/config/controller/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/config/apiserver/apiservice/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in APIService
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: APIService
7 | version: v1
8 | group: apiregistration.k8s.io
9 | path: spec/service/name
10 | varReference:
11 | - path: metadata/annotations
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | name: controller-manager-metrics-service
7 | namespace: system
8 | spec:
9 | ports:
10 | - name: https
11 | port: 8443
12 | protocol: TCP
13 | targetPort: 8443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | name: controller-manager-metrics-service
7 | namespace: system
8 | spec:
9 | ports:
10 | - name: https
11 | port: 8443
12 | protocol: TCP
13 | targetPort: 8443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | name: controller-manager-metrics-service
7 | namespace: system
8 | spec:
9 | ports:
10 | - name: https
11 | port: 8443
12 | protocol: TCP
13 | targetPort: 8443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/api/core/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +groupName=core.ironcore.dev
7 |
8 | // Package v1alpha1 is the v1alpha1 version of the API.
9 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/api/core/v1alpha1"
10 |
--------------------------------------------------------------------------------
/api/ipam/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +groupName=ipam.ironcore.dev
7 |
8 | // Package v1alpha1 is the v1alpha1 version of the API.
9 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/api/ipam/v1alpha1"
10 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-nonephemeral-resources/networkinterface.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: NetworkInterface
3 | metadata:
4 | name: networkinterface-sample
5 | spec:
6 | networkRef:
7 | name: network-sample
8 | ipFamilies:
9 | - IPv4
10 | ips:
11 | - value: 10.0.0.1 # internal IP
12 | virtualIP:
13 | virtualIPRef:
14 | name: virtualip-sample
--------------------------------------------------------------------------------
/iri/apis/meta/v1alpha1/interfaces.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | import (
7 | "google.golang.org/protobuf/proto"
8 | )
9 |
10 | type Object interface {
11 | proto.Message
12 | GetMetadata() *ObjectMetadata
13 | Reset()
14 | String() string
15 | ProtoMessage()
16 | }
17 |
--------------------------------------------------------------------------------
/api/compute/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:openapi-gen=true
5 | // +k8s:deepcopy-gen=package
6 | // +groupName=compute.ironcore.dev
7 |
8 | // Package v1alpha1 is the v1alpha1 version of the API.
9 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/api/compute/v1alpha1"
10 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/broker/common/sync/sync_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package sync_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestSync(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Sync Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/irictl-bucket/tableconverters/register.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tableconverters
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl/tableconverter"
8 | )
9 |
10 | var (
11 | RegistryBuilder tableconverter.RegistryBuilder
12 | AddToRegistry = RegistryBuilder.AddToRegistry
13 | )
14 |
--------------------------------------------------------------------------------
/irictl-machine/tableconverters/register.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tableconverters
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl/tableconverter"
8 | )
9 |
10 | var (
11 | RegistryBuilder tableconverter.RegistryBuilder
12 | AddToRegistry = RegistryBuilder.AddToRegistry
13 | )
14 |
--------------------------------------------------------------------------------
/irictl-volume/tableconverters/register.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tableconverters
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl/tableconverter"
8 | )
9 |
10 | var (
11 | RegistryBuilder tableconverter.RegistryBuilder
12 | AddToRegistry = RegistryBuilder.AddToRegistry
13 | )
14 |
--------------------------------------------------------------------------------
/api/networking/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +groupName=networking.ironcore.dev
7 |
8 | // Package v1alpha1 is the v1alpha1 version of the API.
9 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/api/networking/v1alpha1"
10 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/compute/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | type MachineExpansion interface{}
9 |
10 | type MachineClassExpansion interface{}
11 |
12 | type MachinePoolExpansion interface{}
13 |
--------------------------------------------------------------------------------
/utils/client/config/errors.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package config
5 |
6 | import "errors"
7 |
8 | var ErrConfigNotFound = errors.New("config not found")
9 |
10 | func IgnoreErrConfigNotFound(err error) error {
11 | if errors.Is(err, ErrConfigNotFound) {
12 | return nil
13 | }
14 | return err
15 | }
16 |
--------------------------------------------------------------------------------
/utils/context/context_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package context_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestContext(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Context Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/utils/generic/generic_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package generic_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestGeneric(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Generic Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/poollet-rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources: # All RBAC will be applied under this service account in
2 | # the deployment namespace. You may comment out this resource
3 | # if your manager will use a service account that exists at
4 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
5 | # subjects if changing service account names.
6 | - service_account.yaml
7 | - role.yaml
8 | - role_binding.yaml
--------------------------------------------------------------------------------
/config/machinepoollet-broker/poollet-rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources: # All RBAC will be applied under this service account in
2 | # the deployment namespace. You may comment out this resource
3 | # if your manager will use a service account that exists at
4 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
5 | # subjects if changing service account names.
6 | - service_account.yaml
7 | - role.yaml
8 | - role_binding.yaml
--------------------------------------------------------------------------------
/config/samples/e2e/ipam-ipv4/README.md:
--------------------------------------------------------------------------------
1 | # `IP` allocation to Subnets with `IPv4`
2 |
3 | This example allocates IPs of type `IPv4` to child subnets with the specified prefix length referring to the parent prefix.
4 | The following artifacts will be deployed in your namespace:
5 | - 1 IronCore parent `Prefix`, and 2 child `Prefixes`
6 |
7 | ## Usage
8 | 1. Adapt the `namespace` in `kustomization.yaml`
9 |
10 | 2. Run (`kubectl apply -k ./`)
--------------------------------------------------------------------------------
/config/samples/e2e/ipam-ipv6/README.md:
--------------------------------------------------------------------------------
1 | # `IP` allocation to Subnets with `IPv6`
2 |
3 | This example allocates IPs of type `IPv6` to child subnets with the specified prefix length referring to the parent prefix.
4 | The following artifacts will be deployed in your namespace:
5 | - 1 IronCore parent `Prefix`, and 2 child `Prefixes`
6 |
7 | ## Usage
8 | 1. Adapt the `namespace` in `kustomization.yaml`
9 |
10 | 2. Run (`kubectl apply -k ./`)
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_volume.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: Volume
3 | metadata:
4 | name: volume-sample
5 | spec:
6 | volumeClassRef:
7 | name: volumeclass-sample
8 | # volumePoolRef:
9 | # name: volumepool-sample
10 | resources:
11 | storage: 100Gi
12 | # volumeSnapshotRef:
13 | # name: volume-snapshot-sample
14 | # osImage:
15 | # name: ghcr.io/ironcore-dev/gardenlinux:latest
16 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/poollet-rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources: # All RBAC will be applied under this service account in
2 | # the deployment namespace. You may comment out this resource
3 | # if your manager will use a service account that exists at
4 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
5 | # subjects if changing service account names.
6 | - service_account.yaml
7 | - role.yaml
8 | - role_binding.yaml
--------------------------------------------------------------------------------
/config/apiserver/rbac/bucketpool_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: storage.ironcore.dev:system:bucketpools
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: storage.ironcore.dev:system:bucketpools
9 | subjects:
10 | - kind: Group
11 | name: storage.ironcore.dev:system:bucketpools
12 | apiGroup: rbac.authorization.k8s.io
13 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/volumepool_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: storage.ironcore.dev:system:volumepools
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: storage.ironcore.dev:system:volumepools
9 | subjects:
10 | - kind: Group
11 | name: storage.ironcore.dev:system:volumepools
12 | apiGroup: rbac.authorization.k8s.io
13 |
--------------------------------------------------------------------------------
/internal/apis/storage/v1alpha1/v1alpha1_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestV1alpha1(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "V1alpha1 Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/controllers/events/events.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package events
5 |
6 | const (
7 | MachineClassNotReady = "MachineClassNotReady"
8 | NetworkInterfaceNotReady = "NetworkInterfaceNotReady"
9 | VolumeNotReady = "VolumeNotReady"
10 | IgnitionNotReady = "IgnitionNotReady"
11 | )
12 |
--------------------------------------------------------------------------------
/api/storage/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +k8s:protobuf-gen=package
7 | // +groupName=storage.ironcore.dev
8 |
9 | // Package v1alpha1 is the v1alpha1 version of the API.
10 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/api/storage/v1alpha1"
11 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/machinepool_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: compute.ironcore.dev:system:machinepools
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: compute.ironcore.dev:system:machinepools
9 | subjects:
10 | - kind: Group
11 | name: compute.ironcore.dev:system:machinepools
12 | apiGroup: rbac.authorization.k8s.io
13 |
--------------------------------------------------------------------------------
/internal/apis/networking/v1alpha1/v1alpha1_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestV1alpha1(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "V1alpha1 Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/addresses/addresses_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package addresses_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestAddresses(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Addresses Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/internal/apis/ipam/validation/validation_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package validation_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestValidation(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Validation Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/internal/apis/storage/validation/validation_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package validation_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestValidation(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Validation Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/config/samples/storage_v1alpha1_volumesnapshot.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.ironcore.dev/v1alpha1
2 | kind: VolumeSnapshot
3 | metadata:
4 | name: volume-snapshot-sample
5 | namespace: default
6 | spec:
7 | volumeRef:
8 | name: volume-sample
9 | #status:
10 | # snapshotID: volumeBroker://485030403393016897f9af4a80726e6b6586d9765d2f1c0b3d7ef40793d20cb
11 | # state: Pending/Ready/Failed
12 | # lastStateTransitionTime: 2025-08-20T08:24:25Z
13 | # size: 10Gi
14 |
--------------------------------------------------------------------------------
/internal/admission/plugin/machinevolumedevices/device/device_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package device_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestDevice(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Device Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/internal/apis/compute/validation/validation_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package validation
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestValidation(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Compute Validation Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/internal/apis/core/validation/validation_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package validation_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestValidation(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Core Validation Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/irictl/tableconverter/tableconverter_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tableconverter_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestTableconverter(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Tableconverter Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/networkplugin_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: networking.ironcore.dev:system:networkplugins
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: networking.ironcore.dev:system:networkplugins
9 | subjects:
10 | - kind: Group
11 | name: networking.ironcore.dev:system:networkplugins
12 | apiGroup: rbac.authorization.k8s.io
13 |
--------------------------------------------------------------------------------
/internal/apis/core/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:protobuf-gen=package
8 | // +groupName=core.ironcore.dev
9 |
10 | // Package core is the internal version of the API.
11 | package core // import "github.com/ironcore-dev/ironcore/internal/core"
12 |
--------------------------------------------------------------------------------
/internal/apis/ipam/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:protobuf-gen=package
8 | // +groupName=ipam.ironcore.dev
9 |
10 | // Package ipam is the internal version of the API.
11 | package ipam // import "github.com/ironcore-dev/ironcore/internal/ipam"
12 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../default
6 | - poollet-rbac
7 |
8 | patchesStrategicMerge:
9 | - patch-manager.yaml
10 |
11 | patchesJson6902:
12 | - target:
13 | group: apps
14 | version: v1
15 | kind: Deployment
16 | namespace: bucketpoollet-system
17 | name: bucketpoollet-controller-manager
18 | path: add-args.yaml
19 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../default
6 | - poollet-rbac
7 |
8 | patchesStrategicMerge:
9 | - patch-manager.yaml
10 |
11 | patchesJson6902:
12 | - target:
13 | group: apps
14 | version: v1
15 | kind: Deployment
16 | namespace: volumepoollet-system
17 | name: volumepoollet-controller-manager
18 | path: add-args.yaml
19 |
--------------------------------------------------------------------------------
/iri/apis/event/v1alpha1/api.proto:
--------------------------------------------------------------------------------
1 | syntax = "proto3";
2 |
3 | package event.v1alpha1;
4 | option go_package = "github.com/ironcore-dev/ironcore/iri/apis/event/v1alpha1";
5 |
6 | import "meta/v1alpha1/api.proto";
7 |
8 | message Event {
9 | EventSpec spec = 2;
10 | }
11 |
12 | message EventSpec {
13 | meta.v1alpha1.ObjectMetadata involved_object_meta = 1;
14 | string reason = 2;
15 | string message = 3;
16 | string type = 4;
17 | int64 event_time = 5;
18 | }
19 |
--------------------------------------------------------------------------------
/poollet/irievent/listener.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package irievent
5 |
6 | type Listener interface {
7 | Enqueue()
8 | }
9 |
10 | type EnqueueFunc struct {
11 | EnqueueFunc func()
12 | }
13 |
14 | func (n EnqueueFunc) Enqueue() {
15 | if n.EnqueueFunc != nil {
16 | n.EnqueueFunc()
17 | }
18 | }
19 |
20 | type ListenerRegistration interface{}
21 |
--------------------------------------------------------------------------------
/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
1 | name: Lint
2 |
3 | on:
4 | pull_request:
5 | paths-ignore:
6 | - 'docs/**'
7 | - '**/*.md'
8 | jobs:
9 | golangci:
10 | name: lint
11 | runs-on: ubuntu-latest
12 | steps:
13 | - uses: actions/checkout@v6
14 | - uses: actions/setup-go@v6
15 | with:
16 | go-version-file: 'go.mod'
17 | - name: golangci-lint
18 | uses: golangci/golangci-lint-action@v9
19 | with:
20 | version: v2.1
21 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - ../default
6 | - poollet-rbac
7 |
8 | patchesStrategicMerge:
9 | - patch-manager.yaml
10 |
11 | patchesJson6902:
12 | - target:
13 | group: apps
14 | version: v1
15 | kind: Deployment
16 | namespace: machinepoollet-system
17 | name: machinepoollet-controller-manager
18 | path: add-args.yaml
19 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Feature Request 💡
3 | about: Suggest a new idea for the project.
4 | labels: enhancement
5 | ---
6 |
7 | # Summary
8 |
9 | Brief explanation of the feature.
10 |
11 | ## Basic example
12 |
13 | If the proposal involves a new or changed API, include a basic code example. Omit this section if it's not applicable.
14 |
15 | ## Motivation
16 |
17 | Why are we doing this? What use cases does it support? What is the expected outcome?
--------------------------------------------------------------------------------
/.github/workflows/size-label.yml:
--------------------------------------------------------------------------------
1 | name: Size Label
2 |
3 | on:
4 | pull_request_target:
5 | types:
6 | - opened
7 | - edited
8 | - synchronize
9 |
10 | jobs:
11 | size-label:
12 | permissions:
13 | contents: read
14 | pull-requests: write
15 | runs-on: ubuntu-latest
16 | steps:
17 | - name: size-label
18 | uses: pascalgn/size-label-action@v0.5.5
19 | env:
20 | GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
21 |
--------------------------------------------------------------------------------
/api/common/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:protobuf-gen=package
8 | // +groupName=common.ironcore.dev
9 |
10 | // Package v1alpha1 is the v1alpha1 version of the API.
11 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/api/common/v1alpha1"
12 |
--------------------------------------------------------------------------------
/config/samples/compute_v1alpha1_machine.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: compute.ironcore.dev/v1alpha1
2 | kind: Machine
3 | metadata:
4 | name: machine-sample
5 | spec:
6 | machineClassRef:
7 | name: machineclass-sample
8 | # machinePoolRef:
9 | # name: default
10 | image: my-image
11 | volumes:
12 | - name: rootdisk # first disk is root disk
13 | # priority: 0 # optional
14 | volumeRef:
15 | name: my-volume
16 | ignitionRef:
17 | name: my-ignition-secret
18 |
--------------------------------------------------------------------------------
/internal/apis/compute/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:protobuf-gen=package
8 | // +groupName=compute.ironcore.dev
9 |
10 | // Package compute is the internal version of the API.
11 | package compute // import "github.com/ironcore-dev/ironcore/internal/apis/compute"
12 |
--------------------------------------------------------------------------------
/config/samples/networking_v1alpha1_loadbalancer.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: LoadBalancer
3 | metadata:
4 | namespace: default
5 | name: loadbalancer-sample
6 | spec:
7 | type: Public
8 | ipFamilies: [IPv4]
9 | networkRef:
10 | name: network-sample
11 | networkInterfaceSelector:
12 | matchLabels:
13 | app: web
14 | ports:
15 | - port: 80
16 | #status:
17 | # ips:
18 | # - 10.0.0.1 # The publicly available ip of the load balancer
19 |
--------------------------------------------------------------------------------
/internal/apis/storage/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package,register
5 | // +k8s:openapi-gen=true
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:protobuf-gen=package
8 | // +groupName=storage.ironcore.dev
9 |
10 | // Package storage is the internal version of the API.
11 | package storage // import "github.com/ironcore-dev/ironcore/internal/storage"
12 |
--------------------------------------------------------------------------------
/.github/workflows/test.yml:
--------------------------------------------------------------------------------
1 | name: Pull Request Code test
2 |
3 | on:
4 | pull_request:
5 | types: [ assigned, opened, synchronize, reopened ]
6 | paths-ignore:
7 | - 'docs/**'
8 | - '**/*.md'
9 |
10 | jobs:
11 | checks:
12 | name: test
13 | runs-on: ubuntu-latest
14 | steps:
15 | - uses: actions/checkout@v6
16 | - uses: actions/setup-go@v6
17 | with:
18 | go-version-file: 'go.mod'
19 | - name: Run make test
20 | run: make test-only
21 |
--------------------------------------------------------------------------------
/config/samples/networking_v1alpha1_natgateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: NATGateway
3 | metadata:
4 | namespace: default
5 | name: natgateway-sample
6 | spec:
7 | type: Public
8 | ipFamilies: [ IPv4 ]
9 | ips:
10 | - name: ip1
11 | portsPerNetworkInterface: 64
12 | networkRef:
13 | name: network-sample
14 | networkInterfaceSelector:
15 | matchLabels:
16 | app: web
17 | #status:
18 | # ips:
19 | # - name: ip1
20 | # ip: 10.0.0.1
21 |
--------------------------------------------------------------------------------
/docs/proposals/README.md:
--------------------------------------------------------------------------------
1 | # Proposals
2 |
3 | This is the home of the `ironcore` enhancement/extension proposals. You can find the list of accepted proposals
4 | in the [poposal folder of our Github repository](https://github.com/ironcore-dev/ironcore/tree/main/docs/proposals).
5 |
6 | ## Submitting a new proposal
7 |
8 | Please use our [proposal template](https://github.com/ironcore-dev/ironcore/blob/main/docs/proposals/00-template.md)
9 | to write and submit your proposal via a pull request.
10 |
--------------------------------------------------------------------------------
/internal/apis/networking/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:deepcopy-gen=package
5 | // +k8s:openapi-gen=true
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:protobuf-gen=package
8 | // +groupName=networking.ironcore.dev
9 |
10 | // Package networking is the internal version of the API.
11 | package networking // import "github.com/ironcore-dev/ironcore/internal/networking"
12 |
--------------------------------------------------------------------------------
/config/apiserver/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref and var substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
10 | varReference:
11 | - kind: Certificate
12 | group: cert-manager.io
13 | path: spec/commonName
14 | - kind: Certificate
15 | group: cert-manager.io
16 | path: spec/dnsNames
17 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/kind/add-args.yaml:
--------------------------------------------------------------------------------
1 | - op: add
2 | path: /spec/template/spec/containers/0/args/-
3 | value: --bucket-pool-name=broker
4 | - op: add
5 | path: /spec/template/spec/containers/0/args/-
6 | value: --provider-id=broker
7 | - op: add
8 | path: /spec/template/spec/containers/0/args/-
9 | value: --provider-id=broker
10 | - op: add
11 | path: /spec/template/spec/containers/1/args
12 | value:
13 | - --namespace=bucketpoollet-system
14 | - --bucket-pool-name=virtual
15 |
--------------------------------------------------------------------------------
/config/controller/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref and var substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
10 | varReference:
11 | - kind: Certificate
12 | group: cert-manager.io
13 | path: spec/commonName
14 | - kind: Certificate
15 | group: cert-manager.io
16 | path: spec/dnsNames
17 |
--------------------------------------------------------------------------------
/config/controller/rbac/prefix_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view prefixes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: prefix-viewer-role
6 | rules:
7 | - apiGroups:
8 | - ipam.ironcore.dev
9 | resources:
10 | - prefixes
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - ipam.ironcore.dev
17 | resources:
18 | - prefixes/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/kind/add-args.yaml:
--------------------------------------------------------------------------------
1 | - op: add
2 | path: /spec/template/spec/containers/0/args/-
3 | value: --volume-pool-name=broker
4 | - op: add
5 | path: /spec/template/spec/containers/0/args/-
6 | value: --provider-id=broker
7 | - op: add
8 | path: /spec/template/spec/containers/0/args/-
9 | value: --provider-id=broker
10 | - op: add
11 | path: /spec/template/spec/containers/1/args
12 | value:
13 | - --namespace=volumepoollet-system
14 | - --volume-pool-name=virtual
15 |
--------------------------------------------------------------------------------
/config/controller/rbac/volume_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view volumes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: volume-viewer-role
6 | rules:
7 | - apiGroups:
8 | - storage.ironcore.dev
9 | resources:
10 | - volumes
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - storage.ironcore.dev
17 | resources:
18 | - volumes/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/kind/add-args.yaml:
--------------------------------------------------------------------------------
1 | - op: add
2 | path: /spec/template/spec/containers/0/args/-
3 | value: --machine-pool-name=broker
4 | - op: add
5 | path: /spec/template/spec/containers/0/args/-
6 | value: --provider-id=broker
7 | - op: add
8 | path: /spec/template/spec/containers/0/args/-
9 | value: --provider-id=broker
10 | - op: add
11 | path: /spec/template/spec/containers/1/args
12 | value:
13 | - --namespace=machinepoollet-system
14 | - --machine-pool-name=virtual
15 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref and var substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
10 | varReference:
11 | - kind: Certificate
12 | group: cert-manager.io
13 | path: spec/commonName
14 | - kind: Certificate
15 | group: cert-manager.io
16 | path: spec/dnsNames
17 |
--------------------------------------------------------------------------------
/config/controller/rbac/machine_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view machines.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: machine-viewer-role
6 | rules:
7 | - apiGroups:
8 | - compute.ironcore.dev
9 | resources:
10 | - machines
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - compute.ironcore.dev
17 | resources:
18 | - machines/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref and var substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
10 | varReference:
11 | - kind: Certificate
12 | group: cert-manager.io
13 | path: spec/commonName
14 | - kind: Certificate
15 | group: cert-manager.io
16 | path: spec/dnsNames
17 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref and var substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
10 | varReference:
11 | - kind: Certificate
12 | group: cert-manager.io
13 | path: spec/commonName
14 | - kind: Certificate
15 | group: cert-manager.io
16 | path: spec/dnsNames
17 |
--------------------------------------------------------------------------------
/internal/admission/plugin/machinevolumedevices/machinevolumedevices_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package machinevolumedevices_test
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | func TestMachinevolumedevices(t *testing.T) {
14 | RegisterFailHandler(Fail)
15 | RunSpecs(t, "Machinevolumedevices Suite")
16 | }
17 |
--------------------------------------------------------------------------------
/config/controller/rbac/storagepool_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view volumepools.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: volumepool-viewer-role
6 | rules:
7 | - apiGroups:
8 | - storage.ironcore.dev
9 | resources:
10 | - volumepools
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - storage.ironcore.dev
17 | resources:
18 | - volumepools/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ipam-ipv4/child-prefix.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ipam.ironcore.dev/v1alpha1
2 | kind: Prefix
3 | metadata:
4 | name: customer-subnet-1
5 | spec:
6 | ipFamily: IPv4
7 | prefixLength: 9
8 | parentSelector:
9 | matchLabels:
10 | subnet-type: public
11 | ---
12 | apiVersion: ipam.ironcore.dev/v1alpha1
13 | kind: Prefix
14 | metadata:
15 | name: customer-subnet-2
16 | spec:
17 | ipFamily: IPv4
18 | prefixLength: 9
19 | parentSelector:
20 | matchLabels:
21 | subnet-type: public
22 |
23 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/ipam-ipv6/child-prefix.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ipam.ironcore.dev/v1alpha1
2 | kind: Prefix
3 | metadata:
4 | name: customer-subnet-1
5 | spec:
6 | ipFamily: IPv6
7 | prefixLength: 9
8 | parentSelector:
9 | matchLabels:
10 | subnet-type: public
11 | ---
12 | apiVersion: ipam.ironcore.dev/v1alpha1
13 | kind: Prefix
14 | metadata:
15 | name: customer-subnet-2
16 | spec:
17 | ipFamily: IPv6
18 | prefixLength: 9
19 | parentSelector:
20 | matchLabels:
21 | subnet-type: public
22 |
23 |
--------------------------------------------------------------------------------
/config/controller/rbac/machinepool_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view machinepools.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: machinepool-viewer-role
6 | rules:
7 | - apiGroups:
8 | - compute.ironcore.dev
9 | resources:
10 | - machinepools
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - compute.ironcore.dev
17 | resources:
18 | - machinepools/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/config/controller/rbac/machineclass_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view machineclasses.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: machineclass-viewer-role
6 | rules:
7 | - apiGroups:
8 | - compute.ironcore.dev
9 | resources:
10 | - machineclasses
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - compute.ironcore.dev
17 | resources:
18 | - machineclasses/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/config/controller/rbac/storageclass_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view volumeclasses.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: volumeclass-viewer-role
6 | rules:
7 | - apiGroups:
8 | - storage.ironcore.dev
9 | resources:
10 | - volumeclasses
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - storage.ironcore.dev
17 | resources:
18 | - volumeclasses/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/irictl/renderer/json.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package renderer
5 |
6 | import (
7 | gojson "encoding/json"
8 | "io"
9 | )
10 |
11 | type json struct{}
12 |
13 | func (json) Render(v any, w io.Writer) error {
14 | enc := gojson.NewEncoder(w)
15 | enc.SetIndent("", " ")
16 | return enc.Encode(v)
17 | }
18 |
19 | var JSON = json{}
20 |
21 | func init() {
22 | LocalRegistryBuilder.Register("json", JSON)
23 | }
24 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/cluster_role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | creationTimestamp: null
6 | name: broker-role
7 | rules:
8 | - apiGroups:
9 | - storage.ironcore.dev
10 | resources:
11 | - bucketclasses
12 | verbs:
13 | - get
14 | - list
15 | - watch
16 | - apiGroups:
17 | - storage.ironcore.dev
18 | resources:
19 | - bucketpools
20 | verbs:
21 | - get
22 | - list
23 | - watch
24 |
--------------------------------------------------------------------------------
/config/samples/networking_v1alpha1_networkpolicy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: NetworkPolicy
3 | metadata:
4 | namespace: default
5 | name: networkpolicy-sample
6 | spec:
7 | networkRef:
8 | name: network-sample
9 | networkInterfaceSelector:
10 | matchLabels:
11 | app: db
12 | ingress:
13 | - from:
14 | - objectSelector:
15 | kind: NetworkInterface
16 | matchLabels:
17 | app: web
18 | egress:
19 | - to:
20 | - ipBlock:
21 | cidr: 10.0.0.0/16
22 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/cluster_role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | creationTimestamp: null
6 | name: broker-role
7 | rules:
8 | - apiGroups:
9 | - storage.ironcore.dev
10 | resources:
11 | - volumeclasses
12 | verbs:
13 | - get
14 | - list
15 | - watch
16 | - apiGroups:
17 | - storage.ironcore.dev
18 | resources:
19 | - volumepools
20 | verbs:
21 | - get
22 | - list
23 | - watch
24 |
--------------------------------------------------------------------------------
/internal/apis/core/types.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package core
5 |
6 | import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
7 |
8 | // ObjectSelector specifies how to select objects of a certain kind.
9 | type ObjectSelector struct {
10 | // Kind is the kind of object to select.
11 | Kind string
12 | // LabelSelector is the label selector to select objects of the specified Kind by.
13 | metav1.LabelSelector
14 | }
15 |
--------------------------------------------------------------------------------
/utils/quota/scopeselector.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package quota
5 |
6 | import (
7 | corev1alpha1 "github.com/ironcore-dev/ironcore/api/core/v1alpha1"
8 | )
9 |
10 | func GetResourceScopeSelectorRequirements(scopeSelector *corev1alpha1.ResourceScopeSelector) []corev1alpha1.ResourceScopeSelectorRequirement {
11 | if scopeSelector == nil {
12 | return nil
13 | }
14 |
15 | return scopeSelector.MatchExpressions
16 | }
17 |
--------------------------------------------------------------------------------
/config/controller/rbac/prefixallocation_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view prefixallocations.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: prefixallocation-viewer-role
6 | rules:
7 | - apiGroups:
8 | - ipam.ironcore.dev
9 | resources:
10 | - prefixallocations
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - ipam.ironcore.dev
17 | resources:
18 | - prefixallocations/status
19 | verbs:
20 | - get
21 |
--------------------------------------------------------------------------------
/.github/workflows/kustomize-validation.yml:
--------------------------------------------------------------------------------
1 | name: Kustomize Validation
2 |
3 | on:
4 | pull_request:
5 | types: [ assigned, opened, synchronize, reopened ]
6 | paths-ignore:
7 | - 'docs/**'
8 | - '**/*.md'
9 |
10 | jobs:
11 | kustomize-validation:
12 | runs-on: ubuntu-latest
13 | steps:
14 | - name: Check out code
15 | uses: actions/checkout@v6
16 | - uses: imranismail/setup-kustomize@v2
17 | with:
18 | kustomize-version: '5.0.0'
19 | - run: |
20 | ./hack/validate-kustomize.sh
21 |
--------------------------------------------------------------------------------
/api/common/v1alpha1/suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | )
12 |
13 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to
14 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo.
15 |
16 | func TestAPIs(t *testing.T) {
17 | RegisterFailHandler(Fail)
18 | RunSpecs(t, "common API")
19 | }
20 |
--------------------------------------------------------------------------------
/config/controller/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
5 | # to securely reference certificates created and managed by cert-manager.
6 | # Additionally, ensure that you uncomment the [METRICS-WITH-CERTS] patch under config/controller/default/kustomization.yaml
7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
8 | # patches:
9 | # - path: monitor_tls_patch.yaml
10 | # target:
11 | # kind: ServiceMonitor
12 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/bucketpool_bootstrapper_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: storage.ironcore.dev:system:bucketpools-bootstrapper
5 | rules:
6 | - apiGroups:
7 | - certificates.k8s.io
8 | resources:
9 | - certificatesigningrequests
10 | verbs:
11 | - create
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - certificates.k8s.io
17 | resources:
18 | - certificatesigningrequests/bucketpoolclient
19 | verbs:
20 | - create
21 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/volumepool_bootstrapper_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: storage.ironcore.dev:system:volumepools-bootstrapper
5 | rules:
6 | - apiGroups:
7 | - certificates.k8s.io
8 | resources:
9 | - certificatesigningrequests
10 | verbs:
11 | - create
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - certificates.k8s.io
17 | resources:
18 | - certificatesigningrequests/volumepoolclient
19 | verbs:
20 | - create
21 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/machine-with-nonephemeral-resources/machine.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: compute.ironcore.dev/v1alpha1
2 | kind: Machine
3 | metadata:
4 | name: machine-sample
5 | spec:
6 | machineClassRef:
7 | name: machineclass-sample
8 | volumes:
9 | - name: rootdisk # first disk is root disk
10 | volumeRef:
11 | name: volume-sample
12 | ignitionRef:
13 | name: ignition
14 | key: ignition.yaml
15 | networkInterfaces:
16 | - name: primary
17 | networkInterfaceRef:
18 | name: networkinterface-sample
19 |
20 |
21 |
--------------------------------------------------------------------------------
/broker/bucketbroker/cmd/bucketbroker/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "fmt"
8 | "os"
9 |
10 | "github.com/ironcore-dev/ironcore/broker/bucketbroker/cmd/bucketbroker/app"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | func main() {
15 | ctx := ctrl.SetupSignalHandler()
16 |
17 | if err := app.Command().ExecuteContext(ctx); err != nil {
18 | fmt.Println(err.Error())
19 | os.Exit(1)
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/broker/volumebroker/cmd/volumebroker/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "fmt"
8 | "os"
9 |
10 | "github.com/ironcore-dev/ironcore/broker/volumebroker/cmd/volumebroker/app"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | func main() {
15 | ctx := ctrl.SetupSignalHandler()
16 |
17 | if err := app.Command().ExecuteContext(ctx); err != nil {
18 | fmt.Println(err.Error())
19 | os.Exit(1)
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/machinepool_bootstrapper_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: compute.ironcore.dev:system:machinepools-bootstrapper
5 | rules:
6 | - apiGroups:
7 | - certificates.k8s.io
8 | resources:
9 | - certificatesigningrequests
10 | verbs:
11 | - create
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - certificates.k8s.io
17 | resources:
18 | - certificatesigningrequests/machinepoolclient
19 | verbs:
20 | - create
21 |
--------------------------------------------------------------------------------
/api/core/v1alpha1/types.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
7 |
8 | // ObjectSelector specifies how to select objects of a certain kind.
9 | type ObjectSelector struct {
10 | // Kind is the kind of object to select.
11 | Kind string `json:"kind"`
12 | // LabelSelector is the label selector to select objects of the specified Kind by.
13 | metav1.LabelSelector `json:",inline"`
14 | }
15 |
--------------------------------------------------------------------------------
/broker/bucketbroker/api/v1alpha1/common_types.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | const (
7 | LabelsAnnotation = "bucketbroker.ironcore.dev/labels"
8 |
9 | AnnotationsAnnotation = "bucketbroker.ironcore.dev/annotations"
10 |
11 | CreatedLabel = "bucketbroker.ironcore.dev/created"
12 | )
13 |
14 | const (
15 | ManagerLabel = "bucketbroker.ironcore.dev/manager"
16 | )
17 |
18 | const (
19 | BucketBrokerManager = "bucketbroker"
20 | )
21 |
--------------------------------------------------------------------------------
/broker/machinebroker/cmd/machinebroker/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "fmt"
8 | "os"
9 |
10 | "github.com/ironcore-dev/ironcore/broker/machinebroker/cmd/machinebroker/app"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | func main() {
15 | ctx := ctrl.SetupSignalHandler()
16 |
17 | if err := app.Command().ExecuteContext(ctx); err != nil {
18 | fmt.Println(err.Error())
19 | os.Exit(1)
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/config/samples/e2e/bases/network-policy/network-policy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.ironcore.dev/v1alpha1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: my-networkpolicy
5 | spec:
6 | networkRef:
7 | name: network-sample
8 | networkInterfaceSelector:
9 | matchLabels:
10 | nic: machine-sample2
11 | policyTypes:
12 | - Ingress
13 | ingress:
14 | - from:
15 | - objectSelector:
16 | kind: NetworkInterface
17 | matchLabels:
18 | nic: machine-sample1
19 | ports:
20 | - endPort: 22
21 | port: 22
22 | protocol: TCP
--------------------------------------------------------------------------------
/config/apiserver/rbac/networkplugin_bootstrapper_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: networking.ironcore.dev:system:networkplugins-bootstrapper
5 | rules:
6 | - apiGroups:
7 | - certificates.k8s.io
8 | resources:
9 | - certificatesigningrequests
10 | verbs:
11 | - create
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - certificates.k8s.io
17 | resources:
18 | - certificatesigningrequests/networkpluginclient
19 | verbs:
20 | - create
21 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
5 | # to securely reference certificates created and managed by cert-manager.
6 | # Additionally, ensure that you uncomment the [METRICS-WITH-CERTS] patch under config/bucketpoollet-broker/default/kustomization.yaml
7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
8 | # patches:
9 | # - path: monitor_tls_patch.yaml
10 | # target:
11 | # kind: ServiceMonitor
12 |
--------------------------------------------------------------------------------
/config/controller/rbac/prefix_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit prefixes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: prefix-editor-role
6 | rules:
7 | - apiGroups:
8 | - ipam.ironcore.dev
9 | resources:
10 | - prefixes
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - ipam.ironcore.dev
21 | resources:
22 | - prefixes/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
5 | # to securely reference certificates created and managed by cert-manager.
6 | # Additionally, ensure that you uncomment the [METRICS-WITH-CERTS] patch under config/machinepoollet-broker/default/kustomization.yaml
7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
8 | # patches:
9 | # - path: monitor_tls_patch.yaml
10 | # target:
11 | # kind: ServiceMonitor
12 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
5 | # to securely reference certificates created and managed by cert-manager.
6 | # Additionally, ensure that you uncomment the [METRICS-WITH-CERTS] patch under config/volumepoollet-broker/default/kustomization.yaml
7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
8 | # patches:
9 | # - path: monitor_tls_patch.yaml
10 | # target:
11 | # kind: ServiceMonitor
12 |
--------------------------------------------------------------------------------
/config/controller/rbac/volume_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit volumes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: volume-editor-role
6 | rules:
7 | - apiGroups:
8 | - storage.ironcore.dev
9 | resources:
10 | - volumes
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - storage.ironcore.dev
21 | resources:
22 | - volumes/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/config/controller/rbac/machine_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit machines.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: machine-editor-role
6 | rules:
7 | - apiGroups:
8 | - compute.ironcore.dev
9 | resources:
10 | - machines
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - compute.ironcore.dev
21 | resources:
22 | - machines/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 |
2 | # Binaries for programs and plugins
3 | *.exe
4 | *.exe~
5 | *.dll
6 | *.so
7 | *.dylib
8 | bin
9 |
10 | # Test binary, build with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Kubernetes Generated files - skip generated files, except for vendored files
17 |
18 | !vendor/**/zz_generated.*
19 | vendor/
20 |
21 | # editor and IDE paraphernalia
22 | .idea
23 | *.swp
24 | *.swo
25 | *~
26 | .vscode/
27 | testbin/
28 | dev/
29 | charts/
30 | apiserver.local.config/
31 | default.etcd/
32 | .DS_Store
33 |
34 |
--------------------------------------------------------------------------------
/internal/apis/networking/validation/validation_suite_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package validation
5 |
6 | import (
7 | "testing"
8 |
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | corev1 "k8s.io/api/core/v1"
12 | )
13 |
14 | func TestValidation(t *testing.T) {
15 | RegisterFailHandler(Fail)
16 | RunSpecs(t, "Networking Validation Suite")
17 | }
18 |
19 | func ProtocolPtr(protocol corev1.Protocol) *corev1.Protocol {
20 | return &protocol
21 | }
22 |
--------------------------------------------------------------------------------
/irictl/tabwriter/tabwriter.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tabwriter
5 |
6 | import (
7 | "io"
8 | "text/tabwriter"
9 | )
10 |
11 | const (
12 | tabwriterMinWidth = 6
13 | tabwriterWidth = 4
14 | tabwriterPadding = 3
15 | tabwriterPadChar = ' '
16 | tabwriterFlags = 0
17 | )
18 |
19 | func New(output io.Writer) *tabwriter.Writer {
20 | return tabwriter.NewWriter(output, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags)
21 | }
22 |
--------------------------------------------------------------------------------
/config/controller/rbac/storagepool_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit volumepools.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: volumepool-editor-role
6 | rules:
7 | - apiGroups:
8 | - storage.ironcore.dev
9 | resources:
10 | - volumepools
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - storage.ironcore.dev
21 | resources:
22 | - volumepools/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/client-go/listers/core/v1alpha1/expansion_generated.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by lister-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | // ResourceQuotaListerExpansion allows custom methods to be added to
9 | // ResourceQuotaLister.
10 | type ResourceQuotaListerExpansion interface{}
11 |
12 | // ResourceQuotaNamespaceListerExpansion allows custom methods to be added to
13 | // ResourceQuotaNamespaceLister.
14 | type ResourceQuotaNamespaceListerExpansion interface{}
15 |
--------------------------------------------------------------------------------
/config/controller/default/manager_config_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | args:
12 | - "--config=controller_manager_config.yaml"
13 | volumeMounts:
14 | - name: manager-config
15 | mountPath: /controller_manager_config.yaml
16 | subPath: controller_manager_config.yaml
17 | volumes:
18 | - name: manager-config
19 | configMap:
20 | name: manager-config
21 |
--------------------------------------------------------------------------------
/config/controller/rbac/machinepool_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit machinepools.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: machinepool-editor-role
6 | rules:
7 | - apiGroups:
8 | - compute.ironcore.dev
9 | resources:
10 | - machinepools
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - compute.ironcore.dev
21 | resources:
22 | - machinepools/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/config/controller/rbac/storageclass_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit volumeclasses.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: volumeclass-editor-role
6 | rules:
7 | - apiGroups:
8 | - storage.ironcore.dev
9 | resources:
10 | - volumeclasses
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - storage.ironcore.dev
21 | resources:
22 | - volumeclasses/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/storage/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | type BucketExpansion interface{}
9 |
10 | type BucketClassExpansion interface{}
11 |
12 | type BucketPoolExpansion interface{}
13 |
14 | type VolumeExpansion interface{}
15 |
16 | type VolumeClassExpansion interface{}
17 |
18 | type VolumePoolExpansion interface{}
19 |
20 | type VolumeSnapshotExpansion interface{}
21 |
--------------------------------------------------------------------------------
/config/controller/rbac/machineclass_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit machineclasses.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: machineclass-editor-role
6 | rules:
7 | - apiGroups:
8 | - compute.ironcore.dev
9 | resources:
10 | - machineclasses
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - compute.ironcore.dev
21 | resources:
22 | - machineclasses/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/poollet/volumepoollet/controllers/events/events.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package events
5 |
6 | const (
7 | VolumeClassNotReady = "VolumeClassNotReady"
8 | VolumeEncryptionSecretNotReady = "VolumeEncryptionSecretNotReady"
9 | VolumeSnapshotNotFound = "VolumeSnapshotNotFound"
10 | VolumeSnapshotNotReady = "VolumeSnapshotNotReady"
11 | SourceVolumeNotFound = "SourceVolumeNotFound"
12 | SourceVolumeNotAvailable = "SourceVolumeNotAvailable"
13 | )
14 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/default/manager_config_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | args:
12 | - "--config=controller_manager_config.yaml"
13 | volumeMounts:
14 | - name: manager-config
15 | mountPath: /controller_manager_config.yaml
16 | subPath: controller_manager_config.yaml
17 | volumes:
18 | - name: manager-config
19 | configMap:
20 | name: manager-config
21 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/default/manager_config_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | args:
12 | - "--config=controller_manager_config.yaml"
13 | volumeMounts:
14 | - name: manager-config
15 | mountPath: /controller_manager_config.yaml
16 | subPath: controller_manager_config.yaml
17 | volumes:
18 | - name: manager-config
19 | configMap:
20 | name: manager-config
21 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/default/manager_config_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: manager
11 | args:
12 | - "--config=controller_manager_config.yaml"
13 | volumeMounts:
14 | - name: manager-config
15 | mountPath: /controller_manager_config.yaml
16 | subPath: controller_manager_config.yaml
17 | volumes:
18 | - name: manager-config
19 | configMap:
20 | name: manager-config
21 |
--------------------------------------------------------------------------------
/internal/apis/core/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:conversion-gen=github.com/ironcore-dev/ironcore/internal/apis/core
5 | // +k8s:conversion-gen-external-types=github.com/ironcore-dev/ironcore/api/core/v1alpha1
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:defaulter-gen-input=github.com/ironcore-dev/ironcore/api/core/v1alpha1
8 |
9 | // Package v1alpha1 is the v1alpha1 version of the API.
10 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/internal/apis/core/v1alpha1"
11 |
--------------------------------------------------------------------------------
/internal/apis/ipam/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:conversion-gen=github.com/ironcore-dev/ironcore/internal/apis/ipam
5 | // +k8s:conversion-gen-external-types=github.com/ironcore-dev/ironcore/api/ipam/v1alpha1
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:defaulter-gen-input=github.com/ironcore-dev/ironcore/api/ipam/v1alpha1
8 |
9 | // Package v1alpha1 is the v1alpha1 version of the API.
10 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/internal/apis/ipam/v1alpha1"
11 |
--------------------------------------------------------------------------------
/poollet/bucketpoollet/controllers/rbac.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package controllers
5 |
6 | // Additional required RBAC rules
7 |
8 | // Rules required for kubeconfig-rotation
9 | //+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;patch
10 | //+kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests,verbs=create;get;list;watch
11 | //+kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests/bucketpoolclient,verbs=create
12 |
--------------------------------------------------------------------------------
/poollet/volumepoollet/controllers/rbac.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package controllers
5 |
6 | // Additional required RBAC rules
7 |
8 | // Rules required for kubeconfig-rotation
9 | //+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;patch
10 | //+kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests,verbs=create;get;list;watch
11 | //+kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests/volumepoolclient,verbs=create
12 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report 🐞
3 | about: Create a report to help us improve
4 | title: ''
5 | labels: bug
6 | assignees: ''
7 | ---
8 |
9 | **Describe the bug**
10 | A clear and concise description of what the bug is.
11 |
12 | **To Reproduce**
13 | Steps to reproduce the behavior e.g. provide example action definition.
14 |
15 | **Expected behavior**
16 | A clear and concise description of what you expected to happen.
17 |
18 | **Screenshots**
19 | If applicable, add screenshots to help explain your problem.
20 |
21 | **Additional context**
22 | Add any other context about the problem here.
--------------------------------------------------------------------------------
/config/controller/rbac/prefixallocation_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit prefixallocations.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: prefixallocation-editor-role
6 | rules:
7 | - apiGroups:
8 | - ipam.ironcore.dev
9 | resources:
10 | - prefixallocations
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - ipam.ironcore.dev
21 | resources:
22 | - prefixallocations/status
23 | verbs:
24 | - get
25 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/cluster_role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | creationTimestamp: null
6 | name: broker-role
7 | rules:
8 | - apiGroups:
9 | - compute.ironcore.dev
10 | resources:
11 | - machineclasses
12 | verbs:
13 | - get
14 | - list
15 | - watch
16 | - apiGroups:
17 | - compute.ironcore.dev
18 | resources:
19 | - machinepools
20 | verbs:
21 | - get
22 | - list
23 | - watch
24 | - apiGroups:
25 | - compute.ironcore.dev
26 | resources:
27 | - machinepools/proxy
28 | verbs:
29 | - get
30 | - create
31 |
--------------------------------------------------------------------------------
/broker/machinebroker/api/v1alpha1/common_types.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | const (
7 | LabelsAnnotation = "machinebroker.ironcore.dev/labels"
8 | AnnotationsAnnotation = "machinebroker.ironcore.dev/annotations"
9 | )
10 |
11 | const (
12 | ManagerLabel = "machinebroker.ironcore.dev/manager"
13 |
14 | CreatedLabel = "machinebroker.ironcore.dev/created"
15 | )
16 |
17 | const (
18 | MachineBrokerManager = "machinebroker"
19 |
20 | VolumeAccessPurpose = "volume-access"
21 | )
22 |
--------------------------------------------------------------------------------
/cmd/ironcore-apiserver/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/internal/app/apiserver"
10 | genericapiserver "k8s.io/apiserver/pkg/server"
11 | "k8s.io/component-base/cli"
12 | )
13 |
14 | func main() {
15 | ctx := genericapiserver.SetupSignalContext()
16 | options := apiserver.NewIronCoreAPIServerOptions()
17 | cmd := apiserver.NewCommandStartIronCoreAPIServer(ctx, options)
18 | code := cli.Run(cmd)
19 | os.Exit(code)
20 | }
21 |
--------------------------------------------------------------------------------
/client-go/ironcore/versioned/typed/networking/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by client-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | type LoadBalancerExpansion interface{}
9 |
10 | type LoadBalancerRoutingExpansion interface{}
11 |
12 | type NATGatewayExpansion interface{}
13 |
14 | type NetworkExpansion interface{}
15 |
16 | type NetworkInterfaceExpansion interface{}
17 |
18 | type NetworkPolicyExpansion interface{}
19 |
20 | type VirtualIPExpansion interface{}
21 |
--------------------------------------------------------------------------------
/internal/apis/compute/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:conversion-gen=github.com/ironcore-dev/ironcore/internal/apis/compute
5 | // +k8s:conversion-gen-external-types=github.com/ironcore-dev/ironcore/api/compute/v1alpha1
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:defaulter-gen-input=github.com/ironcore-dev/ironcore/api/compute/v1alpha1
8 |
9 | // Package v1alpha1 is the v1alpha1 version of the API.
10 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/internal/apis/compute/v1alpha1"
11 |
--------------------------------------------------------------------------------
/internal/apis/storage/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:conversion-gen=github.com/ironcore-dev/ironcore/internal/apis/storage
5 | // +k8s:conversion-gen-external-types=github.com/ironcore-dev/ironcore/api/storage/v1alpha1
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:defaulter-gen-input=github.com/ironcore-dev/ironcore/api/storage/v1alpha1
8 |
9 | // Package v1alpha1 is the v1alpha1 version of the API.
10 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/internal/apis/storage/v1alpha1"
11 |
--------------------------------------------------------------------------------
/poollet/bucketpoollet/cmd/bucketpoollet/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/poollet/bucketpoollet/cmd/bucketpoollet/app"
10 | ctrl "sigs.k8s.io/controller-runtime"
11 | )
12 |
13 | func main() {
14 | ctx := ctrl.SetupSignalHandler()
15 | setupLog := ctrl.Log.WithName("setup")
16 |
17 | if err := app.Command().ExecuteContext(ctx); err != nil {
18 | setupLog.Error(err, "Error running bucketpoollet")
19 | os.Exit(1)
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/poollet/volumepoollet/cmd/volumepoollet/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/poollet/volumepoollet/cmd/volumepoollet/app"
10 | ctrl "sigs.k8s.io/controller-runtime"
11 | )
12 |
13 | func main() {
14 | ctx := ctrl.SetupSignalHandler()
15 | setupLog := ctrl.Log.WithName("setup")
16 |
17 | if err := app.Command().ExecuteContext(ctx); err != nil {
18 | setupLog.Error(err, "Error running volumepoollet")
19 | os.Exit(1)
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/cmd/machinepoollet/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/poollet/machinepoollet/cmd/machinepoollet/app"
10 | ctrl "sigs.k8s.io/controller-runtime"
11 | )
12 |
13 | func main() {
14 | ctx := ctrl.SetupSignalHandler()
15 | setupLog := ctrl.Log.WithName("setup")
16 |
17 | if err := app.Command().ExecuteContext(ctx); err != nil {
18 | setupLog.Error(err, "Error running machinepoollet")
19 | os.Exit(1)
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/internal/apis/networking/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // +k8s:conversion-gen=github.com/ironcore-dev/ironcore/internal/apis/networking
5 | // +k8s:conversion-gen-external-types=github.com/ironcore-dev/ironcore/api/networking/v1alpha1
6 | // +k8s:defaulter-gen=TypeMeta
7 | // +k8s:defaulter-gen-input=github.com/ironcore-dev/ironcore/api/networking/v1alpha1
8 |
9 | // Package v1alpha1 is the v1alpha1 version of the API.
10 | package v1alpha1 // import "github.com/ironcore-dev/ironcore/internal/apis/networking/v1alpha1"
11 |
--------------------------------------------------------------------------------
/utils/labels/helpers.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package labels
5 |
6 | import (
7 | commonv1alpha1 "github.com/ironcore-dev/ironcore/api/common/v1alpha1"
8 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
9 | )
10 |
11 | // HasWatchLabel returns true if the object has a label with the WatchLabel key matching the given value.
12 | func HasWatchLabel(o metav1.Object, labelValue string) bool {
13 | val, ok := o.GetLabels()[commonv1alpha1.WatchLabel]
14 | if !ok {
15 | return false
16 | }
17 | return val == labelValue
18 | }
19 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: broker-role
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - events
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - ""
17 | resources:
18 | - secrets
19 | verbs:
20 | - create
21 | - delete
22 | - get
23 | - list
24 | - patch
25 | - update
26 | - watch
27 | - apiGroups:
28 | - storage.ironcore.dev
29 | resources:
30 | - buckets
31 | verbs:
32 | - create
33 | - delete
34 | - get
35 | - list
36 | - patch
37 | - update
38 | - watch
39 |
--------------------------------------------------------------------------------
/irictl-bucket/cmd/irictl-bucket/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/irictl-bucket/cmd/irictl-bucket/irictlbucket"
10 | irictlcmd "github.com/ironcore-dev/ironcore/irictl/cmd"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | func main() {
15 | ctx := ctrl.SetupSignalHandler()
16 | if err := irictlbucket.Command(irictlcmd.OSStreams).ExecuteContext(ctx); err != nil {
17 | ctrl.Log.Error(err, "Error running command")
18 | os.Exit(1)
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/irictl-volume/cmd/irictl-volume/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/irictl-volume/cmd/irictl-volume/irictlvolume"
10 | clicommon "github.com/ironcore-dev/ironcore/irictl/cmd"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | func main() {
15 | ctx := ctrl.SetupSignalHandler()
16 | if err := irictlvolume.Command(clicommon.OSStreams).ExecuteContext(ctx); err != nil {
17 | ctrl.Log.Error(err, "Error running command")
18 | os.Exit(1)
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/docs/api-reference/overview.md:
--------------------------------------------------------------------------------
1 | # API Reference Documentation
2 |
3 | This is the home of the API reference documentation grouped by the various API groups. The content in each subgroup is
4 | automatically generated from the Go types in the `apis` folder. For more information on how the documentation is built
5 | and how it can be updated please refer to
6 | the [Updating API Reference Documentation](../development/documentation.md#api-reference-documentation)
7 | in the documentation development guide.
8 |
9 | * [Core](core.md)
10 | * [IPAM](ipam.md)
11 | * [Compute](compute.md)
12 | * [Networking](networking.md)
13 | * [Storage](storage.md)
14 | * [Common](common.md)
15 |
--------------------------------------------------------------------------------
/irictl-machine/cmd/irictl-machine/main.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package main
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/irictl-machine/cmd/irictl-machine/irictlmachine"
10 | clicommon "github.com/ironcore-dev/ironcore/irictl/cmd"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | func main() {
15 | ctx := ctrl.SetupSignalHandler()
16 | if err := irictlmachine.Command(clicommon.OSStreams).ExecuteContext(ctx); err != nil {
17 | ctrl.Log.Error(err, "Error running command")
18 | os.Exit(1)
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/utils/maps/maps.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package maps
5 |
6 | // Pop gets the value associated with the key (if any) and deletes it from the map.
7 | func Pop[M ~map[K]V, K comparable, V any](m M, key K) (V, bool) {
8 | v, ok := m[key]
9 | delete(m, key)
10 | return v, ok
11 | }
12 |
13 | func AppendMap[M ~map[K]V, K comparable, V any](m M, ms ...M) map[K]V {
14 | for _, mi := range ms {
15 | if len(mi) > 0 && m == nil {
16 | m = make(map[K]V)
17 | }
18 | for k, v := range mi {
19 | m[k] = v
20 | }
21 | }
22 | return m
23 | }
24 |
--------------------------------------------------------------------------------
/internal/apis/core/install/install.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package install
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/apis/core"
8 | "github.com/ironcore-dev/ironcore/internal/apis/core/v1alpha1"
9 | "k8s.io/apimachinery/pkg/runtime"
10 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
11 | )
12 |
13 | func Install(scheme *runtime.Scheme) {
14 | utilruntime.Must(core.AddToScheme(scheme))
15 | utilruntime.Must(v1alpha1.AddToScheme(scheme))
16 | utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
17 | }
18 |
--------------------------------------------------------------------------------
/internal/apis/ipam/install/install.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package install
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/apis/ipam"
8 | "github.com/ironcore-dev/ironcore/internal/apis/ipam/v1alpha1"
9 | "k8s.io/apimachinery/pkg/runtime"
10 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
11 | )
12 |
13 | func Install(scheme *runtime.Scheme) {
14 | utilruntime.Must(ipam.AddToScheme(scheme))
15 | utilruntime.Must(v1alpha1.AddToScheme(scheme))
16 | utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
17 | }
18 |
--------------------------------------------------------------------------------
/internal/tableconvertor/tableconvertor.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package tableconvertor
5 |
6 | import (
7 | "fmt"
8 | "strings"
9 | )
10 |
11 | func JoinStringsMore(elems []string, sep string, max int) string {
12 | if max < 1 {
13 | panic(fmt.Sprintf("JoinStringsMore: max < 1 (%d)", max))
14 | }
15 |
16 | if len(elems) == 0 {
17 | return ""
18 | }
19 |
20 | diff := len(elems) - max
21 | if diff <= 0 {
22 | return strings.Join(elems, sep)
23 | }
24 | return fmt.Sprintf("%s + %d more", strings.Join(elems[:max], sep), diff)
25 | }
26 |
--------------------------------------------------------------------------------
/config/controller/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
2 | # using certificates managed by cert-manager
3 | - op: replace
4 | path: /spec/endpoints/0/tlsConfig
5 | value:
6 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
7 | serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
8 | insecureSkipVerify: false
9 | ca:
10 | secret:
11 | name: metrics-server-cert
12 | key: ca.crt
13 | cert:
14 | secret:
15 | name: metrics-server-cert
16 | key: tls.crt
17 | keySecret:
18 | name: metrics-server-cert
19 | key: tls.key
20 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: broker-role
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - events
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - apiGroups:
16 | - ""
17 | resources:
18 | - secrets
19 | verbs:
20 | - create
21 | - delete
22 | - get
23 | - list
24 | - patch
25 | - update
26 | - watch
27 | - apiGroups:
28 | - storage.ironcore.dev
29 | resources:
30 | - volumes
31 | - volumesnapshots
32 | verbs:
33 | - create
34 | - delete
35 | - get
36 | - list
37 | - patch
38 | - update
39 | - watch
40 |
--------------------------------------------------------------------------------
/internal/controllers/core/quota/compute/compute.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package compute
5 |
6 | import (
7 | computev1alpha1 "github.com/ironcore-dev/ironcore/api/compute/v1alpha1"
8 | "github.com/ironcore-dev/ironcore/internal/controllers/core/quota/generic"
9 | )
10 |
11 | var (
12 | replenishReconcilersBuilder generic.ReplenishReconcilersBuilder
13 | NewReplenishReconcilers = replenishReconcilersBuilder.NewReplenishReconcilers
14 | )
15 |
16 | func init() {
17 | replenishReconcilersBuilder.Register(
18 | &computev1alpha1.Machine{},
19 | )
20 | }
21 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
2 | # using certificates managed by cert-manager
3 | - op: replace
4 | path: /spec/endpoints/0/tlsConfig
5 | value:
6 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
7 | serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
8 | insecureSkipVerify: false
9 | ca:
10 | secret:
11 | name: metrics-server-cert
12 | key: ca.crt
13 | cert:
14 | secret:
15 | name: metrics-server-cert
16 | key: tls.crt
17 | keySecret:
18 | name: metrics-server-cert
19 | key: tls.key
20 |
--------------------------------------------------------------------------------
/config/controller/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: leader-election-role
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - configmaps
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - create
16 | - update
17 | - patch
18 | - delete
19 | - apiGroups:
20 | - coordination.k8s.io
21 | resources:
22 | - leases
23 | verbs:
24 | - get
25 | - list
26 | - watch
27 | - create
28 | - update
29 | - patch
30 | - delete
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
2 | # using certificates managed by cert-manager
3 | - op: replace
4 | path: /spec/endpoints/0/tlsConfig
5 | value:
6 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
7 | serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
8 | insecureSkipVerify: false
9 | ca:
10 | secret:
11 | name: metrics-server-cert
12 | key: ca.crt
13 | cert:
14 | secret:
15 | name: metrics-server-cert
16 | key: tls.crt
17 | keySecret:
18 | name: metrics-server-cert
19 | key: tls.key
20 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
2 | # using certificates managed by cert-manager
3 | - op: replace
4 | path: /spec/endpoints/0/tlsConfig
5 | value:
6 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
7 | serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
8 | insecureSkipVerify: false
9 | ca:
10 | secret:
11 | name: metrics-server-cert
12 | key: ca.crt
13 | cert:
14 | secret:
15 | name: metrics-server-cert
16 | key: tls.crt
17 | keySecret:
18 | name: metrics-server-cert
19 | key: tls.key
20 |
--------------------------------------------------------------------------------
/internal/apis/compute/install/install.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package install
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/apis/compute"
8 | "github.com/ironcore-dev/ironcore/internal/apis/compute/v1alpha1"
9 | "k8s.io/apimachinery/pkg/runtime"
10 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
11 | )
12 |
13 | func Install(scheme *runtime.Scheme) {
14 | utilruntime.Must(compute.AddToScheme(scheme))
15 | utilruntime.Must(v1alpha1.AddToScheme(scheme))
16 | utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
17 | }
18 |
--------------------------------------------------------------------------------
/internal/apis/storage/install/install.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package install
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/apis/storage"
8 | "github.com/ironcore-dev/ironcore/internal/apis/storage/v1alpha1"
9 | "k8s.io/apimachinery/pkg/runtime"
10 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
11 | )
12 |
13 | func Install(scheme *runtime.Scheme) {
14 | utilruntime.Must(storage.AddToScheme(scheme))
15 | utilruntime.Must(v1alpha1.AddToScheme(scheme))
16 | utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
17 | }
18 |
--------------------------------------------------------------------------------
/utils/meta/meta.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package meta
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/utils/generic"
8 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
9 | "k8s.io/apimachinery/pkg/runtime/schema"
10 | )
11 |
12 | func MakeControllerRef(gvk schema.GroupVersionKind, obj metav1.Object) metav1.OwnerReference {
13 | return metav1.OwnerReference{
14 | APIVersion: gvk.GroupVersion().String(),
15 | Kind: gvk.Kind,
16 | Name: obj.GetName(),
17 | UID: obj.GetUID(),
18 | Controller: generic.Pointer(true),
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/predicate/predicate.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package predicate
5 |
6 | import (
7 | "sigs.k8s.io/controller-runtime/pkg/client"
8 | "sigs.k8s.io/controller-runtime/pkg/predicate"
9 | )
10 |
11 | // NamespaceNamePredicate is a predicate that can only be satisfied by objects with the given namespace & name.
12 | func NamespaceNamePredicate(namespace, name string) predicate.Predicate {
13 | return predicate.NewPredicateFuncs(func(object client.Object) bool {
14 | return object.GetNamespace() == namespace && object.GetName() == name
15 | })
16 | }
17 |
--------------------------------------------------------------------------------
/internal/apis/core/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package core
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/internal/apis/ipam/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package ipam
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/internal/apis/networking/install/install.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package install
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/apis/networking"
8 | "github.com/ironcore-dev/ironcore/internal/apis/networking/v1alpha1"
9 | "k8s.io/apimachinery/pkg/runtime"
10 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
11 | )
12 |
13 | func Install(scheme *runtime.Scheme) {
14 | utilruntime.Must(networking.AddToScheme(scheme))
15 | utilruntime.Must(v1alpha1.AddToScheme(scheme))
16 | utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
17 | }
18 |
--------------------------------------------------------------------------------
/api/common/v1alpha1/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package v1alpha1
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/config/bucketpoollet-broker/broker-rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: leader-election-role
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - configmaps
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - create
16 | - update
17 | - patch
18 | - delete
19 | - apiGroups:
20 | - coordination.k8s.io
21 | resources:
22 | - leases
23 | verbs:
24 | - get
25 | - list
26 | - watch
27 | - create
28 | - update
29 | - patch
30 | - delete
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/broker-rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: leader-election-role
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - configmaps
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - create
16 | - update
17 | - patch
18 | - delete
19 | - apiGroups:
20 | - coordination.k8s.io
21 | resources:
22 | - leases
23 | verbs:
24 | - get
25 | - list
26 | - watch
27 | - create
28 | - update
29 | - patch
30 | - delete
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 |
--------------------------------------------------------------------------------
/config/volumepoollet-broker/broker-rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: leader-election-role
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - configmaps
11 | verbs:
12 | - get
13 | - list
14 | - watch
15 | - create
16 | - update
17 | - patch
18 | - delete
19 | - apiGroups:
20 | - coordination.k8s.io
21 | resources:
22 | - leases
23 | verbs:
24 | - get
25 | - list
26 | - watch
27 | - create
28 | - update
29 | - patch
30 | - delete
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 |
--------------------------------------------------------------------------------
/internal/apis/compute/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package compute
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/internal/apis/storage/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package storage
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/internal/apis/core/v1alpha1/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package v1alpha1
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/internal/apis/networking/zz_generated.defaults.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
5 | // SPDX-License-Identifier: Apache-2.0
6 |
7 | // Code generated by defaulter-gen. DO NOT EDIT.
8 |
9 | package networking
10 |
11 | import (
12 | runtime "k8s.io/apimachinery/pkg/runtime"
13 | )
14 |
15 | // RegisterDefaults adds defaulters functions to the given scheme.
16 | // Public to allow building arbitrary schemes.
17 | // All generated defaulters are covering - they call all nested defaulters.
18 | func RegisterDefaults(scheme *runtime.Scheme) error {
19 | return nil
20 | }
21 |
--------------------------------------------------------------------------------
/broker/volumebroker/api/v1alpha1/common_types.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | const (
7 | LabelsAnnotation = "volumebroker.ironcore.dev/labels"
8 |
9 | AnnotationsAnnotation = "volumebroker.ironcore.dev/annotations"
10 |
11 | CreatedLabel = "volumebroker.ironcore.dev/created"
12 |
13 | PurposeLabel = "machinebroker.ironcore.dev/purpose"
14 | )
15 |
16 | const (
17 | VolumeEncryptionPurpose = "volume-encryption"
18 | )
19 |
20 | const (
21 | ManagerLabel = "volumebroker.ironcore.dev/manager"
22 | )
23 |
24 | const (
25 | VolumeBrokerManager = "volumebroker"
26 | )
27 |
--------------------------------------------------------------------------------
/poollet/bucketpoollet/api/v1alpha1/common_types.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1
5 |
6 | const (
7 | BucketUIDLabel = "bucketpoollet.ironcore.dev/bucket-uid"
8 | BucketNamespaceLabel = "bucketpoollet.ironcore.dev/bucket-namespace"
9 | BucketNameLabel = "bucketpoollet.ironcore.dev/bucket-name"
10 |
11 | FieldOwner = "bucketpoollet.ironcore.dev/field-owner"
12 | BucketFinalizer = "bucketpoollet.ironcore.dev/bucket"
13 |
14 | // DownwardAPIPrefix is the prefix for any downward label.
15 | BucketDownwardAPIPrefix = "downward-api.bucketpoollet.ironcore.dev/"
16 | )
17 |
--------------------------------------------------------------------------------
/internal/controllers/core/quota/storage/storage.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package storage
5 |
6 | import (
7 | storagev1alpha1 "github.com/ironcore-dev/ironcore/api/storage/v1alpha1"
8 | "github.com/ironcore-dev/ironcore/internal/controllers/core/quota/generic"
9 | )
10 |
11 | var (
12 | replenishReconcilersBuilder generic.ReplenishReconcilersBuilder
13 | NewReplenishReconcilers = replenishReconcilersBuilder.NewReplenishReconcilers
14 | )
15 |
16 | func init() {
17 | replenishReconcilersBuilder.Register(
18 | &storagev1alpha1.Volume{},
19 | &storagev1alpha1.Bucket{},
20 | )
21 | }
22 |
--------------------------------------------------------------------------------
/api/common/v1alpha1/register.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Package v1alpha1 contains API Schema definitions for the common v1alpha1 API group
5 | // +groupName=common.ironcore.dev
6 | package v1alpha1
7 |
8 | import (
9 | "k8s.io/apimachinery/pkg/runtime/schema"
10 | )
11 |
12 | var (
13 | // SchemeGroupVersion is group version used to register these objects
14 | SchemeGroupVersion = schema.GroupVersion{Group: "common.ironcore.dev", Version: "v1alpha1"}
15 | )
16 |
17 | func Resource(resource string) schema.GroupResource {
18 | return SchemeGroupVersion.WithResource(resource).GroupResource()
19 | }
20 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/apiserver_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: apiserver-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: apiserver-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: apiserver
12 | namespace: system
13 | ---
14 | apiVersion: rbac.authorization.k8s.io/v1
15 | kind: ClusterRoleBinding
16 | metadata:
17 | name: apiserver-auth-delegator-rolebinding
18 | roleRef:
19 | apiGroup: rbac.authorization.k8s.io
20 | kind: ClusterRole
21 | name: system:auth-delegator
22 | subjects:
23 | - kind: ServiceAccount
24 | name: apiserver
25 | namespace: system
26 |
--------------------------------------------------------------------------------
/docs/proposals/00-template.md:
--------------------------------------------------------------------------------
1 | ---
2 | title: IEP Title
3 |
4 | iep-number: NNNN
5 |
6 | creation-date: 20XX-XX-XX
7 |
8 | status: implementable|implemented
9 |
10 | authors:
11 |
12 | - "@you"
13 | - "@maybe-another-author"
14 |
15 | reviewers:
16 |
17 | - "@main-reviewer-1"
18 | - "@main-reviewer-2"
19 |
20 | ---
21 |
22 | # IEP-NNNN: Your short, descriptive title
23 |
24 | ## Table of Contents
25 |
26 | - [Summary](#summary)
27 | - [Motivation](#motivation)
28 | - [Goals](#goals)
29 | - [Non-Goals](#non-goals)
30 | - [Proposal](#proposal)
31 | - [Alternatives](#alternatives)
32 |
33 | ## Summary
34 |
35 | ## Motivation
36 |
37 | ### Goals
38 |
39 | ### Non-Goals
40 |
41 | ## Proposal
42 |
43 | ## Alternatives
--------------------------------------------------------------------------------
/hack/validate-kustomize.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -e
4 |
5 | BASEDIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
6 | export TERM="xterm-256color"
7 |
8 | bold="$(tput bold)"
9 | red="$(tput setaf 1)"
10 | green="$(tput setaf 2)"
11 | normal="$(tput sgr0)"
12 |
13 | for kustomization in "$BASEDIR"/../config/*/**/kustomization.yaml; do
14 | path="$(dirname "$kustomization")"
15 | dir="$(realpath --relative-to "$BASEDIR"/.. "$path")"
16 | echo "${bold}Validating $dir${normal}"
17 | if ! kustomize_output="$(kustomize build "$path" 2>&1)"; then
18 | echo "${red}Kustomize build $dir failed:"
19 | echo "$kustomize_output"
20 | exit 1
21 | fi
22 | echo "${green}Successfully validated $dir${normal}"
23 | done
24 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/bucketpool_bootstrapper_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: storage.ironcore.dev:system:bucketpools-bootstrapper
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: storage.ironcore.dev:system:bucketpools-bootstrapper
9 | subjects:
10 | - kind: Group
11 | # Group name has to match bootstrap group pattern \Asystem:bootstrappers:[a-z0-9:-]{0,255}[a-z0-9]\
12 | # See https://github.com/kubernetes/kubernetes/blob/e8662a46dd27db774ec953dae15f93ae2d1a68c8/staging/src/k8s.io/cluster-bootstrap/token/api/types.go#L96
13 | name: system:bootstrappers:storage-ironcore-dev:bucketpools
14 | apiGroup: rbac.authorization.k8s.io
15 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/machinepool_bootstrapper_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: compute.ironcore.dev:system:machinepools-bootstrapper
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: compute.ironcore.dev:system:machinepools-bootstrapper
9 | subjects:
10 | - kind: Group
11 | # Group name has to match bootstrap group pattern \Asystem:bootstrappers:[a-z0-9:-]{0,255}[a-z0-9]\
12 | # See https://github.com/kubernetes/kubernetes/blob/e8662a46dd27db774ec953dae15f93ae2d1a68c8/staging/src/k8s.io/cluster-bootstrap/token/api/types.go#L96
13 | name: system:bootstrappers:compute-ironcore-dev:machinepools
14 | apiGroup: rbac.authorization.k8s.io
15 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/volumepool_bootstrapper_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: storage.ironcore.dev:system:volumepools-bootstrapper
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: storage.ironcore.dev:system:volumepools-bootstrapper
9 | subjects:
10 | - kind: Group
11 | # Group name has to match bootstrap group pattern \Asystem:bootstrappers:[a-z0-9:-]{0,255}[a-z0-9]\
12 | # See https://github.com/kubernetes/kubernetes/blob/e8662a46dd27db774ec953dae15f93ae2d1a68c8/staging/src/k8s.io/cluster-bootstrap/token/api/types.go#L96
13 | name: system:bootstrappers:storage-ironcore-dev:volumepools
14 | apiGroup: rbac.authorization.k8s.io
15 |
--------------------------------------------------------------------------------
/internal/client/networking/natgateway.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package networking
5 |
6 | import (
7 | "context"
8 |
9 | "github.com/ironcore-dev/ironcore/api/networking/v1alpha1"
10 | "sigs.k8s.io/controller-runtime/pkg/client"
11 | )
12 |
13 | const NATGatewayNetworkNameField = "natgateway-network-name"
14 |
15 | func SetupNATGatewayNetworkNameFieldIndexer(ctx context.Context, indexer client.FieldIndexer) error {
16 | return indexer.IndexField(ctx, &v1alpha1.NATGateway{}, NATGatewayNetworkNameField, func(obj client.Object) []string {
17 | natGateway := obj.(*v1alpha1.NATGateway)
18 | return []string{natGateway.Spec.NetworkRef.Name}
19 | })
20 | }
21 |
--------------------------------------------------------------------------------
/poollet/common/utils/topology.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package utils
5 |
6 | import (
7 | "github.com/go-logr/logr"
8 | commonv1alpha1 "github.com/ironcore-dev/ironcore/api/common/v1alpha1"
9 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
10 | )
11 |
12 | func SetTopologyLabels(log logr.Logger, om *v1.ObjectMeta, labels map[commonv1alpha1.TopologyLabel]string) {
13 | if len(labels) == 0 {
14 | return
15 | }
16 |
17 | if om.Labels == nil {
18 | om.Labels = make(map[string]string)
19 | }
20 |
21 | for key, val := range labels {
22 | log.V(1).Info("Setting topology label", "Label", key, "Value", val)
23 | om.Labels[string(key)] = val
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/config/apiserver/rbac/networkplugin_bootstrapper_rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: networking.ironcore.dev:system:networkplugins-bootstrapper
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: networking.ironcore.dev:system:networkplugins-bootstrapper
9 | subjects:
10 | - kind: Group
11 | # Group name has to match bootstrap group pattern \Asystem:bootstrappers:[a-z0-9:-]{0,255}[a-z0-9]\
12 | # See https://github.com/kubernetes/kubernetes/blob/e8662a46dd27db774ec953dae15f93ae2d1a68c8/staging/src/k8s.io/cluster-bootstrap/token/api/types.go#L96
13 | name: system:bootstrappers:networking-ironcore-dev:networkplugins
14 | apiGroup: rbac.authorization.k8s.io
15 |
--------------------------------------------------------------------------------
/irictl-bucket/cmd/irictl-bucket/irictlbucket/create/create.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package create
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl-bucket/cmd/irictl-bucket/irictlbucket/common"
8 | "github.com/ironcore-dev/ironcore/irictl-bucket/cmd/irictl-bucket/irictlbucket/create/bucket"
9 | irictlcmd "github.com/ironcore-dev/ironcore/irictl/cmd"
10 | "github.com/spf13/cobra"
11 | )
12 |
13 | func Command(streams irictlcmd.Streams, clientFactory common.ClientFactory) *cobra.Command {
14 | cmd := &cobra.Command{
15 | Use: "create",
16 | }
17 |
18 | cmd.AddCommand(
19 | bucket.Command(streams, clientFactory),
20 | )
21 |
22 | return cmd
23 | }
24 |
--------------------------------------------------------------------------------
/irictl-bucket/cmd/irictl-bucket/irictlbucket/delete/delete.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package delete
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl-bucket/cmd/irictl-bucket/irictlbucket/common"
8 | "github.com/ironcore-dev/ironcore/irictl-bucket/cmd/irictl-bucket/irictlbucket/delete/bucket"
9 | irictlcmd "github.com/ironcore-dev/ironcore/irictl/cmd"
10 | "github.com/spf13/cobra"
11 | )
12 |
13 | func Command(streams irictlcmd.Streams, clientFactory common.ClientFactory) *cobra.Command {
14 | cmd := &cobra.Command{
15 | Use: "delete",
16 | }
17 |
18 | cmd.AddCommand(
19 | bucket.Command(streams, clientFactory),
20 | )
21 |
22 | return cmd
23 | }
24 |
--------------------------------------------------------------------------------
/poollet/bucketpoollet/bcm/bcm.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package bcm
5 |
6 | import (
7 | "context"
8 | "errors"
9 |
10 | iri "github.com/ironcore-dev/ironcore/iri/apis/bucket/v1alpha1"
11 | "sigs.k8s.io/controller-runtime/pkg/manager"
12 | )
13 |
14 | var (
15 | ErrNoMatchingBucketClass = errors.New("no matching bucket class")
16 | ErrAmbiguousMatchingBucketClass = errors.New("ambiguous matching bucket classes")
17 | )
18 |
19 | type BucketClassMapper interface {
20 | manager.Runnable
21 | GetBucketClassFor(ctx context.Context, name string, capabilities *iri.BucketClassCapabilities) (*iri.BucketClass, error)
22 | WaitForSync(ctx context.Context) error
23 | }
24 |
--------------------------------------------------------------------------------
/.github/workflows/check-codegen.yml:
--------------------------------------------------------------------------------
1 | name: Check Codegen
2 |
3 | on:
4 | pull_request:
5 | paths-ignore:
6 | - 'docs/**'
7 | - '**/*.md'
8 |
9 | jobs:
10 | check-codegen:
11 | runs-on: ubuntu-latest
12 | steps:
13 | - uses: actions/checkout@v6
14 | - uses: actions/setup-go@v6
15 | with:
16 | go-version-file: 'go.mod'
17 | - name: Run make generate
18 | run: make generate
19 | - name: Compare the expected and actual generated/* directories
20 | run: |
21 | if [ "$(git diff --ignore-space-at-eol client-go/ | wc -l)" -gt "0" ]; then
22 | echo "Detected uncommitted changes after build. Consider running 'make generate'."
23 | echo "See status below:"
24 | git diff
25 | exit 1
26 | fi
27 |
--------------------------------------------------------------------------------
/irictl-machine/cmd/irictl-machine/irictlmachine/create/create.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package create
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl-machine/cmd/irictl-machine/irictlmachine/common"
8 | "github.com/ironcore-dev/ironcore/irictl-machine/cmd/irictl-machine/irictlmachine/create/machine"
9 | clicommon "github.com/ironcore-dev/ironcore/irictl/cmd"
10 | "github.com/spf13/cobra"
11 | )
12 |
13 | func Command(streams clicommon.Streams, clientFactory common.Factory) *cobra.Command {
14 | cmd := &cobra.Command{
15 | Use: "create",
16 | }
17 |
18 | cmd.AddCommand(
19 | machine.Command(streams, clientFactory),
20 | )
21 |
22 | return cmd
23 | }
24 |
--------------------------------------------------------------------------------
/irictl-machine/cmd/irictl-machine/irictlmachine/delete/delete.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package delete
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl-machine/cmd/irictl-machine/irictlmachine/common"
8 | "github.com/ironcore-dev/ironcore/irictl-machine/cmd/irictl-machine/irictlmachine/delete/machine"
9 | clicommon "github.com/ironcore-dev/ironcore/irictl/cmd"
10 | "github.com/spf13/cobra"
11 | )
12 |
13 | func Command(streams clicommon.Streams, clientFactory common.Factory) *cobra.Command {
14 | cmd := &cobra.Command{
15 | Use: "delete",
16 | }
17 |
18 | cmd.AddCommand(
19 | machine.Command(streams, clientFactory),
20 | )
21 |
22 | return cmd
23 | }
24 |
--------------------------------------------------------------------------------
/internal/controllers/core/quota/ironcore/ironcore.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package ironcore
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/controllers/core/quota/compute"
8 | "github.com/ironcore-dev/ironcore/internal/controllers/core/quota/generic"
9 | "github.com/ironcore-dev/ironcore/internal/controllers/core/quota/storage"
10 | )
11 |
12 | var (
13 | replenishReconcilersBuilder generic.ReplenishReconcilersBuilder
14 | NewReplenishReconcilers = replenishReconcilersBuilder.NewReplenishReconcilers
15 | )
16 |
17 | func init() {
18 | replenishReconcilersBuilder.Add(
19 | compute.NewReplenishReconcilers,
20 | storage.NewReplenishReconcilers,
21 | )
22 | }
23 |
--------------------------------------------------------------------------------
/config/machinepoollet-broker/manager/irictl-machine-config.yaml:
--------------------------------------------------------------------------------
1 | tableConfig:
2 | prependMachineColumns:
3 | - name: RNamespace
4 | template: >-
5 | {{ with index .metadata.labels "downward-api.machinepoollet.ironcore.dev/root-machine-namespace" }}{{.}}{{ else }}{{ index .metadata.labels "machinepoollet.ironcore.dev/machine-namespace" }}{{ end }}
6 | - name: RName
7 | template: >-
8 | {{ with index .metadata.labels "downward-api.machinepoollet.ironcore.dev/root-machine-name" }}{{.}}{{ else }}{{ index .metadata.labels "machinepoollet.ironcore.dev/machine-name" }}{{ end }}
9 | - name: RUID
10 | template: >-
11 | {{ with index .metadata.labels "downward-api.machinepoollet.ironcore.dev/root-machine-uid" }}{{.}}{{ else }}{{ index .metadata.labels "machinepoollet.ironcore.dev/machine-uid" }}{{ end }}
12 |
--------------------------------------------------------------------------------
/irictl/renderer/yaml.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package renderer
5 |
6 | import (
7 | gojson "encoding/json"
8 | "io"
9 |
10 | sigsyaml "sigs.k8s.io/yaml"
11 | )
12 |
13 | type yaml struct{}
14 |
15 | func (yaml) Render(v any, w io.Writer) error {
16 | jsonData, err := gojson.Marshal(v)
17 | if err != nil {
18 | return err
19 | }
20 |
21 | data, err := sigsyaml.JSONToYAML(jsonData)
22 | if err != nil {
23 | return err
24 | }
25 |
26 | n, err := w.Write(data)
27 | if err != nil {
28 | return err
29 | }
30 | if n != len(data) {
31 | return io.ErrShortWrite
32 | }
33 | return nil
34 | }
35 |
36 | var YAML = yaml{}
37 |
38 | func init() {
39 | LocalRegistryBuilder.Register("yaml", YAML)
40 | }
41 |
--------------------------------------------------------------------------------
/.github/workflows/release-drafter.yml:
--------------------------------------------------------------------------------
1 | name: Release Drafter
2 |
3 | on:
4 | push:
5 | branches:
6 | - main
7 | pull_request_target:
8 | types: [ opened, reopened, synchronize ]
9 | workflow_dispatch:
10 |
11 | jobs:
12 | update_release_draft:
13 | permissions:
14 | # write permission is required to create a github release
15 | contents: write
16 | # write permission is required for autolabeler
17 | # otherwise, read permission is required at least
18 | pull-requests: write
19 | runs-on: ubuntu-latest
20 | steps:
21 | # Drafts your next Release notes as Pull Requests are merged into "main"
22 | - uses: release-drafter/release-drafter@v6
23 | with:
24 | config-name: release-drafter.yml
25 | env:
26 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
27 |
--------------------------------------------------------------------------------
/utils/runtime/runtime.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package runtime
5 |
6 | import "github.com/ironcore-dev/ironcore/utils/slices"
7 |
8 | type DeepCopier[E any] interface {
9 | DeepCopy() E
10 | }
11 |
12 | type RefDeepCopier[E any] interface {
13 | *E
14 | DeepCopier[*E]
15 | }
16 |
17 | func DeepCopySlice[E DeepCopier[E], S ~[]E](slice S) S {
18 | return slices.Map(slice, func(e E) E {
19 | return e.DeepCopy()
20 | })
21 | }
22 |
23 | // DeepCopySliceRefs runs DeepCopy on the references of the elements of the slice and returns the created structs.
24 | func DeepCopySliceRefs[E any, D RefDeepCopier[E], S ~[]E](slice S) []E {
25 | return slices.MapRef(slice, func(e *E) E {
26 | return *(D(e)).DeepCopy()
27 | })
28 | }
29 |
--------------------------------------------------------------------------------
/client-go/listers/compute/v1alpha1/expansion_generated.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | // Code generated by lister-gen. DO NOT EDIT.
5 |
6 | package v1alpha1
7 |
8 | // MachineListerExpansion allows custom methods to be added to
9 | // MachineLister.
10 | type MachineListerExpansion interface{}
11 |
12 | // MachineNamespaceListerExpansion allows custom methods to be added to
13 | // MachineNamespaceLister.
14 | type MachineNamespaceListerExpansion interface{}
15 |
16 | // MachineClassListerExpansion allows custom methods to be added to
17 | // MachineClassLister.
18 | type MachineClassListerExpansion interface{}
19 |
20 | // MachinePoolListerExpansion allows custom methods to be added to
21 | // MachinePoolLister.
22 | type MachinePoolListerExpansion interface{}
23 |
--------------------------------------------------------------------------------
/internal/controllers/core/certificate/ironcore/ironcore.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package ironcore
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/compute"
8 | "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/generic"
9 | "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/networking"
10 | "github.com/ironcore-dev/ironcore/internal/controllers/core/certificate/storage"
11 | )
12 |
13 | var Recognizers []generic.CertificateSigningRequestRecognizer
14 |
15 | func init() {
16 | Recognizers = append(Recognizers, compute.Recognizers...)
17 | Recognizers = append(Recognizers, storage.Recognizers...)
18 | Recognizers = append(Recognizers, networking.Recognizers...)
19 | }
20 |
--------------------------------------------------------------------------------
/poollet/machinepoollet/controllers/rbac.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package controllers
5 |
6 | // Additional required RBAC rules
7 |
8 | // Rules required for kubeconfig-rotation
9 | //+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;patch
10 | //+kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests,verbs=create;get;list;watch
11 | //+kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests/machinepoolclient,verbs=create
12 |
13 | // Rules required for machinepoollet delegated authentication
14 | //+kubebuilder:rbac:groups=authentication.k8s.io,resources=tokenreviews,verbs=create
15 | //+kubebuilder:rbac:groups=authorization.k8s.io,resources=subjectaccessreviews,verbs=create
16 |
--------------------------------------------------------------------------------
/third_party/kubernetes/pkg/util/flock/errors.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2021 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package flock
18 |
19 | import "errors"
20 |
21 | var (
22 | // ErrAlreadyLocked is returned when the file is already locked.
23 | ErrAlreadyLocked = errors.New("the file is already locked")
24 | )
25 |
--------------------------------------------------------------------------------
/third_party/kubernetes/pkg/util/flock/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2021 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package flock is copied from k8s.io/kubernetes/pkg/util/flock to avoid
18 | // importing k8s.io/kubernetes as a dependency.
19 | //
20 | // Provides file locking functionalities on unix systems.
21 | package flock
22 |
--------------------------------------------------------------------------------
/broker/bucketbroker/client/config/getter.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package config
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/utils/client/config"
10 | "k8s.io/apiserver/pkg/server/egressselector"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | var log = ctrl.Log.WithName("client").WithName("config")
15 |
16 | func NewGetter() (*config.BrokerGetter, error) {
17 | return config.NewBrokerGetter(config.GetterOptions{
18 | Name: "bucketbroker",
19 | NetworkContext: egressselector.ControlPlane.AsNetworkContext(),
20 | })
21 | }
22 |
23 | func NewGetterOrDie() *config.BrokerGetter {
24 | getter, err := NewGetter()
25 | if err != nil {
26 | log.Error(err, "Error creating getter")
27 | os.Exit(1)
28 | }
29 | return getter
30 | }
31 |
--------------------------------------------------------------------------------
/broker/machinebroker/client/config/getter.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package config
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/utils/client/config"
10 | "k8s.io/apiserver/pkg/server/egressselector"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | var log = ctrl.Log.WithName("client").WithName("config")
15 |
16 | func NewGetter() (*config.BrokerGetter, error) {
17 | return config.NewBrokerGetter(config.GetterOptions{
18 | Name: "machinebroker",
19 | NetworkContext: egressselector.ControlPlane.AsNetworkContext(),
20 | })
21 | }
22 |
23 | func NewGetterOrDie() *config.BrokerGetter {
24 | getter, err := NewGetter()
25 | if err != nil {
26 | log.Error(err, "Error creating getter")
27 | os.Exit(1)
28 | }
29 | return getter
30 | }
31 |
--------------------------------------------------------------------------------
/broker/volumebroker/client/config/getter.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package config
5 |
6 | import (
7 | "os"
8 |
9 | "github.com/ironcore-dev/ironcore/utils/client/config"
10 | "k8s.io/apiserver/pkg/server/egressselector"
11 | ctrl "sigs.k8s.io/controller-runtime"
12 | )
13 |
14 | var log = ctrl.Log.WithName("client").WithName("config")
15 |
16 | func NewGetter() (*config.BrokerGetter, error) {
17 | return config.NewBrokerGetter(config.GetterOptions{
18 | Name: "volumebroker",
19 | NetworkContext: egressselector.ControlPlane.AsNetworkContext(),
20 | })
21 | }
22 |
23 | func NewGetterOrDie() *config.BrokerGetter {
24 | getter, err := NewGetter()
25 | if err != nil {
26 | log.Error(err, "Error creating getter")
27 | os.Exit(1)
28 | }
29 | return getter
30 | }
31 |
--------------------------------------------------------------------------------
/config/apiserver/default/apiservicecainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the injection annotation to the apiservices and
2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
3 | apiVersion: apiregistration.k8s.io/v1
4 | kind: APIService
5 | metadata:
6 | name: v1alpha1.compute.ironcore.dev
7 | annotations:
8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
9 | ---
10 | apiVersion: apiregistration.k8s.io/v1
11 | kind: APIService
12 | metadata:
13 | name: v1alpha1.storage.ironcore.dev
14 | annotations:
15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
16 | ---
17 | apiVersion: apiregistration.k8s.io/v1
18 | kind: APIService
19 | metadata:
20 | name: v1alpha1.ipam.ironcore.dev
21 | annotations:
22 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
23 |
--------------------------------------------------------------------------------
/config/apiserver/etcdless/apiservicecainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the injection annotation to the apiservices and
2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
3 | apiVersion: apiregistration.k8s.io/v1
4 | kind: APIService
5 | metadata:
6 | name: v1alpha1.compute.ironcore.dev
7 | annotations:
8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
9 | ---
10 | apiVersion: apiregistration.k8s.io/v1
11 | kind: APIService
12 | metadata:
13 | name: v1alpha1.storage.ironcore.dev
14 | annotations:
15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
16 | ---
17 | apiVersion: apiregistration.k8s.io/v1
18 | kind: APIService
19 | metadata:
20 | name: v1alpha1.ipam.ironcore.dev
21 | annotations:
22 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
23 |
--------------------------------------------------------------------------------
/internal/apis/storage/v1alpha1/defaults_test.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package v1alpha1_test
5 |
6 | import (
7 | storagev1alpha1 "github.com/ironcore-dev/ironcore/api/storage/v1alpha1"
8 | . "github.com/ironcore-dev/ironcore/internal/apis/storage/v1alpha1"
9 | . "github.com/onsi/ginkgo/v2"
10 | . "github.com/onsi/gomega"
11 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
12 | )
13 |
14 | var _ = Describe("Defaults", func() {
15 | It("Should default the VolumeClass expansion policy if not set", func() {
16 | class := &storagev1alpha1.VolumeClass{
17 | ObjectMeta: metav1.ObjectMeta{
18 | Name: "foo",
19 | },
20 | ResizePolicy: "",
21 | }
22 | SetDefaults_VolumeClass(class)
23 | Expect(class.ResizePolicy).To(Equal(storagev1alpha1.ResizePolicyStatic))
24 | })
25 | })
26 |
--------------------------------------------------------------------------------
/iri/apis/bucket/bucket.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package bucket
5 |
6 | import (
7 | "context"
8 |
9 | api "github.com/ironcore-dev/ironcore/iri/apis/bucket/v1alpha1"
10 | )
11 |
12 | type RuntimeService interface {
13 | Version(context.Context, *api.VersionRequest) (*api.VersionResponse, error)
14 | ListEvents(context.Context, *api.ListEventsRequest) (*api.ListEventsResponse, error)
15 | ListBuckets(context.Context, *api.ListBucketsRequest) (*api.ListBucketsResponse, error)
16 | CreateBucket(context.Context, *api.CreateBucketRequest) (*api.CreateBucketResponse, error)
17 | ListBucketClasses(ctx context.Context, request *api.ListBucketClassesRequest) (*api.ListBucketClassesResponse, error)
18 | DeleteBucket(context.Context, *api.DeleteBucketRequest) (*api.DeleteBucketResponse, error)
19 | }
20 |
--------------------------------------------------------------------------------
/irictl-bucket/renderers/register.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package renderers
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl-bucket/tableconverters"
8 | "github.com/ironcore-dev/ironcore/irictl/renderer"
9 | "github.com/ironcore-dev/ironcore/irictl/tableconverter"
10 | )
11 |
12 | var (
13 | RegistryBuilder renderer.RegistryBuilder
14 | AddToRegistry = RegistryBuilder.AddToRegistry
15 | )
16 |
17 | func init() {
18 | RegistryBuilder.Add(renderer.AddToRegistry)
19 | RegistryBuilder.Add(func(registry *renderer.Registry) error {
20 | tableConverter := tableconverter.NewRegistry()
21 | if err := tableconverters.AddToRegistry(tableConverter); err != nil {
22 | return err
23 | }
24 | return registry.Register("table", renderer.NewTable(tableConverter))
25 | })
26 | }
27 |
--------------------------------------------------------------------------------
/irictl-volume/renderers/register.go:
--------------------------------------------------------------------------------
1 | // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
2 | // SPDX-License-Identifier: Apache-2.0
3 |
4 | package renderers
5 |
6 | import (
7 | "github.com/ironcore-dev/ironcore/irictl-volume/tableconverters"
8 | "github.com/ironcore-dev/ironcore/irictl/renderer"
9 | "github.com/ironcore-dev/ironcore/irictl/tableconverter"
10 | )
11 |
12 | var (
13 | RegistryBuilder renderer.RegistryBuilder
14 | AddToRegistry = RegistryBuilder.AddToRegistry
15 | )
16 |
17 | func init() {
18 | RegistryBuilder.Add(renderer.AddToRegistry)
19 | RegistryBuilder.Add(func(registry *renderer.Registry) error {
20 | tableConverter := tableconverter.NewRegistry()
21 | if err := tableconverters.AddToRegistry(tableConverter); err != nil {
22 | return err
23 | }
24 | return registry.Register("table", renderer.NewTable(tableConverter))
25 | })
26 | }
27 |
--------------------------------------------------------------------------------