├── .dockerignore ├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ ├── cluster_api_version_update.md │ ├── feature_request.md │ └── release.md ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yml └── workflows │ ├── validate-yaml-lint.yaml │ └── weekly-security-scan.yaml ├── .gitignore ├── .golangci.yml ├── .yamllint ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── Makefile ├── OWNERS ├── PROJECT ├── README.md ├── RELEASE.md ├── SECURITY_CONTACTS ├── api ├── v1beta1 │ ├── conditions_consts.go │ ├── doc.go │ ├── groupversion_info.go │ ├── ibmpowervs_conversion.go │ ├── ibmpowervscluster_types.go │ ├── ibmpowervsclustertemplate_types.go │ ├── ibmpowervsimage_types.go │ ├── ibmpowervsmachine_types.go │ ├── ibmpowervsmachinetemplate_types.go │ ├── ibmvpc_conversion.go │ ├── ibmvpccluster_types.go │ ├── ibmvpcmachine_types.go │ ├── ibmvpcmachinetemplate_types.go │ ├── types.go │ ├── zz_generated.conversion.go │ └── zz_generated.deepcopy.go └── v1beta2 │ ├── conditions_consts.go │ ├── conversion.go │ ├── doc.go │ ├── groupversion_info.go │ ├── ibmpowervscluster_types.go │ ├── ibmpowervsclustertemplate_types.go │ ├── ibmpowervsimage_types.go │ ├── ibmpowervsmachine_types.go │ ├── ibmpowervsmachinetemplate_types.go │ ├── ibmvpccluster_types.go │ ├── ibmvpcclustertemplate_types.go │ ├── ibmvpcmachine_types.go │ ├── ibmvpcmachinetemplate_types.go │ ├── types.go │ └── zz_generated.deepcopy.go ├── cloud └── scope │ ├── cluster.go │ ├── cluster_test.go │ ├── common_test.go │ ├── doc.go │ ├── machine.go │ ├── machine_test.go │ ├── powervs_cluster.go │ ├── powervs_cluster_test.go │ ├── powervs_image.go │ ├── powervs_image_test.go │ ├── powervs_machine.go │ ├── powervs_machine_test.go │ ├── suite_test.go │ ├── types.go │ ├── util.go │ └── vpc_cluster.go ├── cloudbuild.yaml ├── cmd └── capibmadm │ ├── clients │ ├── iam │ │ └── iam.go │ ├── platformservices │ │ └── client.go │ ├── powervs │ │ └── client.go │ └── vpc │ │ └── client.go │ ├── cmd │ ├── doc.go │ ├── powervs │ │ ├── doc.go │ │ ├── image │ │ │ ├── image.go │ │ │ ├── import.go │ │ │ ├── list.go │ │ │ └── type.go │ │ ├── key │ │ │ ├── create.go │ │ │ ├── delete.go │ │ │ ├── key.go │ │ │ ├── list.go │ │ │ └── type.go │ │ ├── network │ │ │ ├── create.go │ │ │ ├── delete.go │ │ │ ├── doc.go │ │ │ ├── list.go │ │ │ ├── network.go │ │ │ └── type.go │ │ ├── port │ │ │ ├── create.go │ │ │ ├── delete.go │ │ │ ├── list.go │ │ │ ├── port.go │ │ │ └── type.go │ │ └── powervs.go │ ├── root.go │ ├── version │ │ ├── doc.go │ │ └── version.go │ └── vpc │ │ ├── image │ │ ├── image.go │ │ ├── list.go │ │ └── type.go │ │ ├── key │ │ ├── create.go │ │ ├── delete.go │ │ ├── key.go │ │ ├── list.go │ │ └── type.go │ │ └── vpc.go │ ├── main.go │ ├── options │ ├── doc.go │ └── options.go │ ├── printer │ └── printer.go │ └── utils │ └── utils.go ├── code-of-conduct.md ├── common.mk ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ ├── infrastructure.cluster.x-k8s.io_ibmpowervsclusters.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmpowervsclustertemplates.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmpowervsimages.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmpowervsmachines.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmpowervsmachinetemplates.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmvpcclusters.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmvpcclustertemplates.yaml │ │ ├── infrastructure.cluster.x-k8s.io_ibmvpcmachines.yaml │ │ └── infrastructure.cluster.x-k8s.io_ibmvpcmachinetemplates.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_ibmpowervsclusters.yaml │ │ ├── cainjection_in_ibmpowervsclustertemplates.yaml │ │ ├── cainjection_in_ibmpowervsimages.yaml │ │ ├── cainjection_in_ibmpowervsmachines.yaml │ │ ├── cainjection_in_ibmpowervsmachinetemplates.yaml │ │ ├── cainjection_in_ibmvpcclusters.yaml │ │ ├── cainjection_in_ibmvpcclustertemplates.yaml │ │ ├── cainjection_in_ibmvpcmachines.yaml │ │ ├── cainjection_in_ibmvpcmachinetemplates.yaml │ │ ├── webhook_in_ibmpowervsclusters.yaml │ │ ├── webhook_in_ibmpowervsclustertemplates.yaml │ │ ├── webhook_in_ibmpowervsimages.yaml │ │ ├── webhook_in_ibmpowervsmachines.yaml │ │ ├── webhook_in_ibmpowervsmachinetemplates.yaml │ │ ├── webhook_in_ibmvpcclusters.yaml │ │ ├── webhook_in_ibmvpcclustertemplates.yaml │ │ ├── webhook_in_ibmvpcmachines.yaml │ │ └── webhook_in_ibmvpcmachinetemplates.yaml ├── default │ ├── credentials.yaml │ ├── kustomization.yaml │ ├── manager_credentials_patch.yaml │ ├── manager_image_patch.yaml │ ├── manager_pull_policy.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── prometheus │ ├── kustomization.yaml │ └── monitor.yaml ├── rbac │ ├── ibmpowervscluster_editor_role.yaml │ ├── ibmpowervscluster_viewer_role.yaml │ ├── ibmpowervsclustertemplate_editor_role.yaml │ ├── ibmpowervsclustertemplate_viewer_role.yaml │ ├── ibmpowervsimage_editor_role.yaml │ ├── ibmpowervsimage_viewer_role.yaml │ ├── ibmpowervsmachine_editor_role.yaml │ ├── ibmpowervsmachine_viewer_role.yaml │ ├── ibmpowervsmachinetemplate_editor_role.yaml │ ├── ibmpowervsmachinetemplate_viewer_role.yaml │ ├── ibmvpccluster_editor_role.yaml │ ├── ibmvpccluster_viewer_role.yaml │ ├── ibmvpcclustertemplate_editor_role.yaml │ ├── ibmvpcclustertemplate_viewer_role.yaml │ ├── ibmvpcmachine_editor_role.yaml │ ├── ibmvpcmachine_viewer_role.yaml │ ├── ibmvpcmachinetemplate_editor_role.yaml │ ├── ibmvpcmachinetemplate_viewer_role.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── role.yaml │ ├── role_binding.yaml │ └── service_account.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ ├── manifests.yaml │ └── service.yaml ├── controllers ├── doc.go ├── ibmpowervscluster_controller.go ├── ibmpowervscluster_controller_test.go ├── ibmpowervsimage_controller.go ├── ibmpowervsimage_controller_test.go ├── ibmpowervsmachine_controller.go ├── ibmpowervsmachine_controller_test.go ├── ibmpowervsmachinetemplate_controller.go ├── ibmpowervsmachinetemplate_controller_test.go ├── ibmvpccluster_controller.go ├── ibmvpccluster_controller_test.go ├── ibmvpcmachine_controller.go ├── ibmvpcmachine_controller_test.go ├── ibmvpcmachinetemplate_controller.go ├── ibmvpcmachinetemplate_controller_test.go └── suite_test.go ├── docs ├── book │ ├── .gitignore │ ├── Makefile │ ├── book.toml │ ├── src │ │ ├── SUMMARY.md │ │ ├── developer │ │ │ ├── build-images.md │ │ │ ├── conversion.md │ │ │ ├── dependencies.md │ │ │ ├── e2e.md │ │ │ ├── index.md │ │ │ ├── release-support-guidelines.md │ │ │ ├── release.md │ │ │ └── tilt.md │ │ ├── getting-started.md │ │ ├── images │ │ │ ├── ibm-cloud-iaas.png │ │ │ ├── ibm-cloud.svg │ │ │ └── k8s-ibm-cloud.png │ │ ├── introduction.md │ │ ├── machine-images │ │ │ ├── index.md │ │ │ ├── powervs.md │ │ │ └── vpc.md │ │ ├── reference │ │ │ ├── api-references.md │ │ │ ├── reference.md │ │ │ └── regions-zones-mapping.md │ │ ├── topics │ │ │ ├── capibmadm │ │ │ │ ├── index.md │ │ │ │ ├── powervs │ │ │ │ │ ├── image.md │ │ │ │ │ ├── index.md │ │ │ │ │ ├── key.md │ │ │ │ │ ├── network.md │ │ │ │ │ └── port.md │ │ │ │ └── vpc │ │ │ │ │ ├── image.md │ │ │ │ │ ├── index.md │ │ │ │ │ └── key.md │ │ │ ├── index.md │ │ │ ├── powervs │ │ │ │ ├── autoscaler-scalling-from-0.md │ │ │ │ ├── creating-a-cluster.md │ │ │ │ ├── index.md │ │ │ │ └── prerequisites.md │ │ │ └── vpc │ │ │ │ ├── creating-a-cluster.md │ │ │ │ ├── index.md │ │ │ │ ├── prerequisites.md │ │ │ │ └── uploading-an-image.md │ │ └── user │ │ │ └── troubleshooting.md │ └── theme │ │ ├── css │ │ └── custom.css │ │ └── favicon.png ├── images │ ├── additional-listener-code-workflow.png │ ├── additional-listener-design-diagram.png │ ├── additional-listener-examples.excalidraw │ ├── additional-listener-examples.png │ ├── additional_listener_code_workflow.excalidraw │ ├── additional_listener_design_diagram.excalidraw │ ├── cluster-api-ibmcloud-definition.png │ ├── cluster-api-ibmcloud-powervs.png │ ├── cluster-api-ibmcloud-vpc.png │ ├── ibm-cloud.svg │ ├── powervs-cluster-components.excalidraw │ ├── powervs-cluster-components.png │ ├── powervs-cluster-create-workflow.excalidraw │ ├── powervs-cluster-create-workflow.png │ ├── powervs-cluster-delete-workflow.excalidraw │ └── powervs-cluster-delete-workflow.png └── proposal │ ├── 20230113-capibm-cli-tool.md │ ├── 20231109-powervs-infra-creation.md │ ├── 20250207-additional-listener.md │ ├── additional-disks.md │ └── architecture_for_diff_iaas.md ├── go.mod ├── go.sum ├── hack ├── boilerplate.go.txt ├── boilerplate │ ├── README.md │ ├── boilerplate.Dockerfile.txt │ ├── boilerplate.Makefile.txt │ ├── boilerplate.bzl.txt │ ├── boilerplate.generatebzl.txt │ ├── boilerplate.generatego.txt │ ├── boilerplate.go.txt │ ├── boilerplate.py │ ├── boilerplate.py.txt │ ├── boilerplate.sh.txt │ ├── boilerplate_test.py │ └── test │ │ ├── fail.go │ │ ├── fail.py │ │ ├── pass.go │ │ └── pass.py ├── boskos.sh ├── ccm │ ├── Dockerfile │ ├── Makefile │ └── cloudbuild.yaml ├── ensure-go.sh ├── ensure-golangci-lint.sh ├── ensure-kind.sh ├── ensure-kubectl.sh ├── ensure-trivy.sh ├── image-patch │ └── kustomization.yaml ├── init-buildx.sh ├── kind-install.sh ├── kind-network-fix.sh ├── tools │ ├── .gitignore │ ├── Makefile │ ├── go.mod │ ├── go.sum │ └── tools.go ├── utils.sh ├── verify-boilerplate.sh ├── verify-container-images.sh ├── verify-shellcheck.sh └── version.sh ├── internal └── webhooks │ ├── common.go │ ├── common_test.go │ ├── doc.go │ ├── ibmpowervscluster.go │ ├── ibmpowervscluster_test.go │ ├── ibmpowervsclustertemplate.go │ ├── ibmpowervsclustertemplate_test.go │ ├── ibmpowervsimage.go │ ├── ibmpowervsmachine.go │ ├── ibmpowervsmachine_test.go │ ├── ibmpowervsmachinetemplate.go │ ├── ibmpowervsmachinetemplate_test.go │ ├── ibmvpccluster.go │ ├── ibmvpcmachine.go │ ├── ibmvpcmachine_test.go │ ├── ibmvpcmachinetemplate.go │ ├── ibmvpcmachinetemplate_test.go │ ├── suite_test.go │ └── util.go ├── main.go ├── metadata.yaml ├── netlify.toml ├── pkg ├── cloud │ └── services │ │ ├── authenticator │ │ ├── authenticator.go │ │ └── doc.go │ │ ├── cos │ │ ├── cos.go │ │ ├── doc.go │ │ ├── mock │ │ │ └── cos_generated.go │ │ └── service.go │ │ ├── globaltagging │ │ ├── doc.go │ │ ├── globaltagging.go │ │ ├── mock │ │ │ └── globaltagging_generated.go │ │ └── service.go │ │ ├── powervs │ │ ├── caching.go │ │ ├── doc.go │ │ ├── mock │ │ │ └── powervs_generated.go │ │ ├── powervs.go │ │ └── service.go │ │ ├── resourcecontroller │ │ ├── doc.go │ │ ├── mock │ │ │ └── resourcecontroller_generated.go │ │ ├── resourcecontroller.go │ │ └── service.go │ │ ├── resourcemanager │ │ ├── doc.go │ │ ├── mock │ │ │ └── resourcemanager_generated.go │ │ ├── resourcemanager.go │ │ └── service.go │ │ ├── transitgateway │ │ ├── doc.go │ │ ├── mock │ │ │ └── transitgateway_generated.go │ │ ├── service.go │ │ └── transitgateway.go │ │ ├── utils │ │ ├── accounts.go │ │ ├── doc.go │ │ └── paging.go │ │ └── vpc │ │ ├── doc.go │ │ ├── mock │ │ └── vpc_generated.go │ │ ├── service.go │ │ └── vpc.go ├── endpoints │ ├── doc.go │ ├── endpoints.go │ └── endpoints_test.go ├── ignition │ ├── doc.go │ └── ignition.go ├── options │ ├── doc.go │ └── options.go └── record │ ├── doc.go │ ├── record.go │ └── record_test.go ├── scripts ├── ci-apidiff.sh ├── ci-build.sh ├── ci-e2e.sh ├── ci-make.sh ├── ci-smoke-test.sh ├── ci-test-coverage.sh ├── ci-test.sh ├── ci-verify.sh └── go_install.sh ├── templates ├── README.md ├── addons │ ├── crs-powervs.yaml │ └── crs.yaml ├── bases │ ├── powervs │ │ ├── cluster.yaml │ │ ├── kcp.yaml │ │ ├── kubeadm-config.yaml │ │ ├── kustomization.yaml │ │ └── md.yaml │ └── vpc │ │ ├── cluster.yaml │ │ ├── kcp.yaml │ │ ├── kubeadm-config.yaml │ │ ├── kustomization.yaml │ │ └── md.yaml ├── cluster-template-powervs-clusterclass.yaml ├── cluster-template-powervs-clusterclass │ ├── cluster-with-kcp.yaml │ ├── kustomization.yaml │ └── md.yaml ├── cluster-template-powervs-create-infra.yaml ├── cluster-template-powervs.yaml ├── cluster-template-powervs │ ├── cluster.yaml │ ├── kcp.yaml │ ├── kubeadm-config.yaml │ └── kustomization.yaml ├── cluster-template-vpc-clusterclass.yaml ├── cluster-template-vpc-clusterclass │ ├── cluster-with-kcp.yaml │ ├── kustomization.yaml │ └── md.yaml ├── cluster-template.yaml └── cluster-template │ ├── cluster.yaml │ ├── kcp.yaml │ ├── kustomization.yaml │ ├── md.yaml │ ├── vpc-cluster.yaml │ └── vpc-cp-machine-template.yaml ├── test ├── e2e │ ├── config │ │ ├── ibmcloud-e2e-powervs.yaml │ │ └── ibmcloud-e2e-vpc.yaml │ ├── data │ │ ├── cni │ │ │ └── calico │ │ │ │ └── calico.yaml │ │ ├── shared │ │ │ └── metadata.yaml │ │ └── templates │ │ │ ├── cluster-template-powervs-md-remediation.yaml │ │ │ ├── cluster-template-powervs-md-remediation │ │ │ ├── kustomization.yaml │ │ │ ├── mhc-kcp-powervs.yaml │ │ │ ├── mhc-md-powervs.yaml │ │ │ └── patches │ │ │ │ └── mhc-label.yaml │ │ │ ├── cluster-template-vpc.yaml │ │ │ └── cluster-template-vpc │ │ │ └── kustomization.yaml │ ├── e2e_test.go │ └── suite_test.go └── helpers │ ├── crd.go │ └── envtest.go ├── tilt-provider.yaml ├── util ├── doc.go └── util.go ├── version └── version.go └── versions.mk /.dockerignore: -------------------------------------------------------------------------------- 1 | .github 2 | *.md 3 | OWNERS 4 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Tell us about a problem you are experiencing 4 | 5 | --- 6 | 7 | /kind bug 8 | /area provider/ibmcloud 9 | 10 | **What steps did you take and what happened:** 11 | [A clear and concise description of what the bug is.] 12 | 13 | 14 | **What did you expect to happen:** 15 | 16 | 17 | **Anything else you would like to add:** 18 | [Miscellaneous information that will assist in solving the issue.] 19 | 20 | 21 | **Environment:** 22 | 23 | - Cluster-api version: 24 | - Minikube/KIND version: 25 | - Kubernetes version: (use `kubectl version`): 26 | - OS (e.g. from `/etc/os-release`): 27 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature enhancement request 3 | about: Propose a new feature or suggest improvements to an existing one. 4 | --- 5 | /kind feature 6 | /area provider/ibmcloud 7 | 8 | ## User Story 9 | **What would you like to be added?** 10 | 11 | > Example: "As a [developer/user/operator], I would like to [high-level description] for [reasons]." 12 | 13 | ## Detailed Feature Description 14 | Provide a clear and concise description of the new feature or the improvement to an existing feature. 15 | 16 | ## Context & Motivation 17 | **What problem does this solve, and why is it important?** 18 | Explain the motivation behind this request. How does this feature improve the project? What specific use cases does it address? 19 | 20 | ## Proposed Solution 21 | **How should this be implemented?** 22 | Describe potential approaches for implementing this feature. If possible, provide links to related documentation or prior discussions. 23 | 24 | ## Alternatives Considered 25 | **Have you considered any alternatives?** 26 | List any alternative solutions or workarounds you've considered and explain why they may or may not be suitable. 27 | 28 | ## Additional Information 29 | **Anything else you would like to add?** 30 | Include screenshots, references, or additional context that can assist in understanding and implementing the request. 31 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/release.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Release tracker 3 | about: Create an issue to track tasks to be done after CAPIBM major version release 4 | title: Release tracker for v<> 5 | 6 | --- 7 | 8 | /area provider/ibmcloud 9 | 10 | **Tasks:** 11 | 12 | After every CAPIBM major version release: 13 | - [ ] Update Infrastructure Provider version in [metadata.yaml](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/metadata.yaml) and [e2e test config files](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/tree/main/test/e2e/config) 14 | - [ ] [Update release branch versions for weekly security scan](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/.github/workflows/weekly-security-scan.yaml#L16) 15 | - [ ] [Update release support data in docs](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/docs/book/src/developer/release-support-guidelines.md) 16 | - [ ] [Update docs with reference to latest release](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/README.md#compatibility-with-cluster-api-and-kubernetes-versions) 17 | - [ ] Update and add documentation link for new release branch in Netlify 18 | - [ ] Add new presubmit job for latest release branch in [kubernetes/test-infra](https://github.com/kubernetes/test-infra/tree/master/config/jobs/kubernetes-sigs/cluster-api-provider-ibmcloud) 19 | - [ ] Update kubekins-e2e image to relevent Kubernetes version 20 | - [ ] Add E2E CI jobs for latest release branch in [ppc64le-cloud/test-infra](https://github.com/ppc64le-cloud/test-infra/blob/master/config/jobs/periodic/cluster-api-provider-ibmcloud/test-e2e-capi-ibmcloud-periodics.yaml) 21 | - [ ] Bump machine images in CI to relevent Kubernetes version 22 | - [ ] Update kubekins-e2e image to relevent Kubernetes version 23 | 24 | > Note: 25 | > 1. An example for infrastructure provider version upgrade, if we cut a release for version 26 | > 0.9.0, update the infratructure provider version to 0.10.0 on the main branch. 27 | > 2. Keep the version upgrades in check for the main branch and the two latest releases. -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 8 | 9 | **What this PR does / why we need it**: 10 | 11 | **Which issue(s) this PR fixes** *(optional, in `fixes #(, fixes #, ...)` format, will close the issue(s) when PR gets merged)*: 12 | Fixes # 13 | 14 | **Special notes for your reviewer**: 15 | 16 | /area provider/ibmcloud 17 | 18 | 1. Please confirm that if this PR changes any image versions, then that's the sole change this PR makes. 19 | 20 | **Release note**: 21 | 25 | ```release-note 26 | 27 | ``` 28 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: "gomod" 4 | directory: "/" 5 | schedule: 6 | interval: "daily" 7 | ignore: 8 | # Ignore controller-runtime as its upgraded manually. 9 | - dependency-name: "sigs.k8s.io/controller-runtime" 10 | # Ignore cluster-api as its upgraded manually. 11 | - dependency-name: "sigs.k8s.io/cluster-api/*" 12 | # Ignore k8s and its transitives modules as they are upgraded manually 13 | # together with controller-runtime. 14 | - dependency-name: "k8s.io/*" 15 | - dependency-name: "github.com/onsi/*" 16 | labels: 17 | - "ok-to-test" 18 | 19 | # Enable version updates for Go tools 20 | - package-ecosystem: "gomod" 21 | directory: "/hack/tools" 22 | schedule: 23 | interval: "weekly" 24 | ignore: 25 | # Ignore controller-runtime as its upgraded manually. 26 | - dependency-name: "sigs.k8s.io/controller-runtime/*" 27 | # Ignore cluster-api as its upgraded manually. 28 | - dependency-name: "sigs.k8s.io/cluster-api/*" 29 | - dependency-name: "sigs.k8s.io/controller-tools" 30 | # Ignore k8s and its transitives modules as they are upgraded manually 31 | # together with controller-runtime. 32 | - dependency-name: "k8s.io/*" 33 | - dependency-name: "github.com/onsi/*" 34 | labels: 35 | - "ok-to-test" 36 | 37 | - package-ecosystem: "docker" 38 | directory: "/" 39 | schedule: 40 | interval: "weekly" 41 | 42 | - package-ecosystem: "docker" 43 | directory: "/hack/ccm" 44 | schedule: 45 | interval: "weekly" 46 | -------------------------------------------------------------------------------- /.github/workflows/validate-yaml-lint.yaml: -------------------------------------------------------------------------------- 1 | name: YamlLint 2 | on: [push, pull_request] 3 | jobs: 4 | yamllint: 5 | runs-on: ubuntu-24.04 6 | steps: 7 | - uses: actions/checkout@v4 8 | - name: Run yamllint make target 9 | run: make yamllint 10 | -------------------------------------------------------------------------------- /.github/workflows/weekly-security-scan.yaml: -------------------------------------------------------------------------------- 1 | name: Weekly security scan 2 | 3 | on: 4 | schedule: 5 | # Cron for every Monday at 2:00 UTC. 6 | - cron: "0 2 * * 1" 7 | 8 | # Remove all permissions from GITHUB_TOKEN except metadata. 9 | permissions: {} 10 | 11 | jobs: 12 | scan: 13 | strategy: 14 | fail-fast: false 15 | matrix: 16 | branch: [ main, release-0.11, release-0.10 ] 17 | name: Trivy 18 | runs-on: ubuntu-24.04 19 | steps: 20 | - name: Check out code 21 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # tag=v4.2.2 22 | with: 23 | ref: ${{ matrix.branch }} 24 | - name: Calculate go version 25 | id: vars 26 | run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT 27 | - name: Set up Go 28 | uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # tag=v5.5.0 29 | with: 30 | go-version: ${{ steps.vars.outputs.go_version }} 31 | - name: Run verify security target 32 | run: make verify-security 33 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # temporay files 2 | *.swp 3 | 4 | # binaries 5 | bin/ 6 | cmd/clusterctl/clusterctl 7 | cmd/manager/manager 8 | IBM_Cloud_CLI* 9 | 10 | # command generated files 11 | kubeconfig 12 | cmd/clusterctl/kubeconfig 13 | 14 | # scripts outputs 15 | cmd/clusterctl/examples/ibmcloud/out/ 16 | cmd/clusterctl/examples/ibmcloud/cluster-api-0.1.4 17 | cmd/clusterctl/examples/ibmcloud/v0.1.4.tar.gz 18 | cmd/clusterctl/examples/ibmcloud/clouds.yaml 19 | cmd/clusterctl/examples/ibmcloud/provider-component/clouds-secrets/configs 20 | cmd/clusterctl/examples/ibmcloud/provider-component/user-data/ubuntu/master-user-data.sh 21 | cmd/clusterctl/examples/ibmcloud/provider-component/user-data/ubuntu/worker-user-data.sh 22 | 23 | # test coverage out 24 | cover.out 25 | cover.html 26 | cover.txt 27 | 28 | # JUnit test output from ginkgo unit tests 29 | junit*.xml 30 | 31 | #e2e test files 32 | test/e2e/config/ibmcloud-e2e-envsubst.yaml 33 | pvsadm.log 34 | 35 | # dep ensured 3rd code 36 | vendor/sigs.k8s.io/cluster-api/docs/book/*.json 37 | 38 | # tilt 39 | .tiltbuild 40 | 41 | # release 42 | _artifacts/ 43 | out/ 44 | 45 | #ide settings 46 | .vscode/ 47 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | extends: default 2 | 3 | ignore: 4 | - config # Skip autogenerated config dir from liniting 5 | 6 | rules: 7 | # Rules to control the number of spaces around operators 8 | braces: 9 | min-spaces-inside: 0 # No spaces required inside braces 10 | max-spaces-inside: 1 # Maximum one space inside braces 11 | brackets: 12 | min-spaces-inside: 0 13 | max-spaces-inside: 1 14 | colons: 15 | max-spaces-before: 0 16 | max-spaces-after: 1 17 | commas: 18 | max-spaces-before: 0 19 | max-spaces-after: 1 20 | hyphens: 21 | max-spaces-after: 1 22 | 23 | # Rules to control indentation 24 | indentation: 25 | spaces: consistent # Spaces should be consistently used for indentation 26 | indent-sequences: whatever # Either indenting or not indenting individual block sequences is OK 27 | comments-indentation: enable # Comments should be indented the same as the content 28 | 29 | # Rules to control lines 30 | line-length: 31 | max: 200 # Maximum 150 characters per line 32 | allow-non-breakable-words: true # Allow long words without breaks 33 | allow-non-breakable-inline-mappings: true # Allow long inline mappings without breaks 34 | empty-lines: 35 | max: 2 # Maximum two consecutive empty lines allowed 36 | trailing-spaces: enable # Ensure no trailing spaces at the end of lines 37 | 38 | # Other rules 39 | comments: 40 | min-spaces-from-content: 1 # At least one space required between content and comment 41 | key-duplicates: enable # Ensure no duplicate keys in mappings 42 | truthy: 43 | allowed-values: ['true', 'false', 'on', 'off'] # Allow only these values for boolean scalars 44 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs: https://git.k8s.io/community/contributors/guide/owners.md 2 | 3 | approvers: 4 | - mkumatag 5 | - Prajyot-Parab 6 | 7 | reviewers: 8 | - mkumatag 9 | - spzala 10 | - Prajyot-Parab 11 | - Amulyam24 12 | - Karthik-K-N 13 | 14 | emeritus_approvers: 15 | - xunpan 16 | - gyliu513 17 | - jichenjc 18 | -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- 1 | domain: cluster.x-k8s.io 2 | repo: sigs.k8s.io/cluster-api-provider-ibmcloud 3 | resources: 4 | - group: infrastructure 5 | kind: IBMVPCCluster 6 | version: v1beta1 7 | - group: infrastructure 8 | kind: IBMVPCMachine 9 | version: v1beta1 10 | - group: infrastructure 11 | kind: IBMVPCMachineTemplate 12 | version: v1beta1 13 | - group: infrastructure 14 | kind: IBMPowerVSCluster 15 | version: v1beta1 16 | - group: infrastructure 17 | kind: IBMPowerVSMachine 18 | version: v1beta1 19 | - group: infrastructure 20 | kind: IBMPowerVSMachineTemplate 21 | version: v1beta1 22 | - group: infrastructure 23 | kind: IBMPowerVSImage 24 | version: v1beta1 25 | - group: infrastructure 26 | kind: IBMPowerVSClusterTemplate 27 | version: v1beta1 28 | - group: infrastructure 29 | kind: IBMVPCCluster 30 | version: v1beta2 31 | - group: infrastructure 32 | kind: IBMVPCMachine 33 | version: v1beta2 34 | - group: infrastructure 35 | kind: IBMVPCMachineTemplate 36 | version: v1beta2 37 | - group: infrastructure 38 | kind: IBMPowerVSCluster 39 | version: v1beta2 40 | - group: infrastructure 41 | kind: IBMPowerVSMachine 42 | version: v1beta2 43 | - group: infrastructure 44 | kind: IBMPowerVSMachineTemplate 45 | version: v1beta2 46 | - group: infrastructure 47 | kind: IBMPowerVSImage 48 | version: v1beta2 49 | - group: infrastructure 50 | kind: IBMPowerVSClusterTemplate 51 | version: v1beta2 52 | - group: infrastructure 53 | kind: IBMVPCClusterTemplate 54 | version: v1beta2 55 | version: "2" 56 | -------------------------------------------------------------------------------- /RELEASE.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Release Process](#release-process) 6 | 7 | 8 | 9 | # Release Process 10 | 11 | The Kubernetes cluster-api-provider-ibmcloud is released on an as-needed basis. The process is as follows: 12 | 13 | 1. An issue is proposing a new release with a changelog since the last release 14 | 2. All [OWNERS](OWNERS) must LGTM this release 15 | 3. An OWNER runs `git tag -s $VERSION` and inserts the changelog and pushes the tag with `git push $VERSION` 16 | 4. The release issue is closed 17 | 5. An announcement email is sent to `kubernetes-dev@googlegroups.com` with the subject `[ANNOUNCE] cluster-api-provider-ibmcloud $VERSION is released` 18 | -------------------------------------------------------------------------------- /SECURITY_CONTACTS: -------------------------------------------------------------------------------- 1 | # Defined below are the security contacts for this repo. 2 | # 3 | # They are the contact point for the Product Security Team to reach out 4 | # to for triaging and handling of incoming issues. 5 | # 6 | # The below names agree to abide by the 7 | # [Embargo Policy](https://github.com/kubernetes/sig-release/blob/master/security-release-process-documentation/security-release-process.md#embargo-policy) 8 | # and will be removed and replaced if they violate that agreement. 9 | # 10 | # DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE 11 | # INSTRUCTIONS AT https://kubernetes.io/security/ 12 | 13 | gyliu513 14 | jichenjc 15 | xunpan 16 | -------------------------------------------------------------------------------- /api/v1beta1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2021 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1beta1 contains the v1beta1 API implementation. 18 | // +k8s:conversion-gen=sigs.k8s.io/cluster-api-provider-ibmcloud/api/v1beta2 19 | package v1beta1 20 | -------------------------------------------------------------------------------- /api/v1beta1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2021 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1beta1 contains API Schema definitions for the infrastructure v1beta1 API group. 18 | // +kubebuilder:object:generate=true 19 | // +groupName=infrastructure.cluster.x-k8s.io 20 | package v1beta1 21 | 22 | import ( 23 | "k8s.io/apimachinery/pkg/runtime/schema" 24 | 25 | "sigs.k8s.io/controller-runtime/pkg/scheme" 26 | ) 27 | 28 | var ( 29 | // GroupVersion is group version used to register these objects. 30 | GroupVersion = schema.GroupVersion{Group: "infrastructure.cluster.x-k8s.io", Version: "v1beta1"} 31 | 32 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme. 33 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 34 | 35 | // AddToScheme adds the types in this group-version to the given scheme. 36 | AddToScheme = SchemeBuilder.AddToScheme 37 | 38 | localSchemeBuilder = SchemeBuilder.SchemeBuilder 39 | ) 40 | -------------------------------------------------------------------------------- /api/v1beta2/conversion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1beta2 18 | 19 | func (*IBMPowerVSCluster) Hub() {} 20 | func (*IBMPowerVSClusterList) Hub() {} 21 | func (*IBMPowerVSClusterTemplate) Hub() {} 22 | func (*IBMPowerVSClusterTemplateList) Hub() {} 23 | func (*IBMPowerVSMachine) Hub() {} 24 | func (*IBMPowerVSMachineList) Hub() {} 25 | func (*IBMPowerVSMachineTemplate) Hub() {} 26 | func (*IBMPowerVSMachineTemplateList) Hub() {} 27 | func (*IBMPowerVSImage) Hub() {} 28 | func (*IBMPowerVSImageList) Hub() {} 29 | func (*IBMVPCCluster) Hub() {} 30 | func (*IBMVPCClusterList) Hub() {} 31 | func (*IBMVPCMachine) Hub() {} 32 | func (*IBMVPCMachineList) Hub() {} 33 | func (*IBMVPCMachineTemplate) Hub() {} 34 | func (*IBMVPCMachineTemplateList) Hub() {} 35 | -------------------------------------------------------------------------------- /api/v1beta2/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1beta2 contains the v1beta2 API implementation. 18 | package v1beta2 19 | -------------------------------------------------------------------------------- /api/v1beta2/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1beta2 contains API Schema definitions for the infrastructure v1beta2 API group. 18 | // +kubebuilder:object:generate=true 19 | // +groupName=infrastructure.cluster.x-k8s.io 20 | package v1beta2 21 | 22 | import ( 23 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 24 | "k8s.io/apimachinery/pkg/runtime" 25 | "k8s.io/apimachinery/pkg/runtime/schema" 26 | ) 27 | 28 | var ( 29 | // GroupVersion is group version used to register these objects. 30 | GroupVersion = schema.GroupVersion{Group: "infrastructure.cluster.x-k8s.io", Version: "v1beta2"} 31 | 32 | // schemeBuilder is used to add go types to the GroupVersionKind scheme. 33 | schemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) 34 | 35 | // AddToScheme adds the types in this group-version to the given scheme. 36 | AddToScheme = schemeBuilder.AddToScheme 37 | 38 | objectTypes = []runtime.Object{} 39 | ) 40 | 41 | func addKnownTypes(scheme *runtime.Scheme) error { 42 | scheme.AddKnownTypes(GroupVersion, objectTypes...) 43 | metav1.AddToGroupVersion(scheme, GroupVersion) 44 | return nil 45 | } 46 | -------------------------------------------------------------------------------- /cloud/scope/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package scope implements cloud code. 18 | package scope 19 | -------------------------------------------------------------------------------- /cloud/scope/types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2024 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package scope 18 | 19 | // ResourceNotFound is the string representing an error when a resource is not found in IBM Cloud. 20 | type ResourceNotFound string 21 | 22 | var ( 23 | // ResourceNotFoundCode indicates the http status code when a resource does not exist. 24 | ResourceNotFoundCode = 404 25 | 26 | // DHCPServerNotFound is the error returned when a DHCP server is not found. 27 | DHCPServerNotFound = ResourceNotFound("dhcp server does not exist") 28 | ) 29 | -------------------------------------------------------------------------------- /cloudbuild.yaml: -------------------------------------------------------------------------------- 1 | # See https://cloud.google.com/cloud-build/docs/build-config 2 | timeout: 3600s 3 | options: 4 | substitution_option: ALLOW_LOOSE 5 | machineType: 'E2_HIGHCPU_8' 6 | steps: 7 | - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20250116-2a05ea7e3d' 8 | entrypoint: bash 9 | env: 10 | - DOCKER_CLI_EXPERIMENTAL=enabled 11 | - TAG=$_GIT_TAG 12 | - PULL_BASE_REF=$_PULL_BASE_REF 13 | - DOCKER_BUILDKIT=1 14 | args: 15 | - -c 16 | - | 17 | gcloud auth configure-docker \ 18 | && make release-staging 19 | substitutions: 20 | # _GIT_TAG will be filled with a git-based tag for the image, of the form vYYYYMMDD-hash, and 21 | # can be used as a substitution 22 | _GIT_TAG: '12345' 23 | _PULL_BASE_REF: 'dev' 24 | -------------------------------------------------------------------------------- /cmd/capibmadm/clients/iam/iam.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package iam contains, client to create iam authenticator. 18 | package iam 19 | 20 | import ( 21 | "github.com/IBM/go-sdk-core/v5/core" 22 | 23 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/options" 24 | ) 25 | 26 | // GetIAMAuth creates core Authenticator from API key provided. 27 | func GetIAMAuth() *core.IamAuthenticator { 28 | return &core.IamAuthenticator{ 29 | ApiKey: options.GlobalOptions.IBMCloudAPIKey, 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /cmd/capibmadm/clients/platformservices/client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package platformservices contains client functions for platform services. 18 | package platformservices 19 | 20 | import ( 21 | "github.com/IBM/platform-services-go-sdk/iamidentityv1" 22 | "github.com/IBM/platform-services-go-sdk/resourcemanagerv2" 23 | 24 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/clients/iam" 25 | ) 26 | 27 | // NewResourceManagerV2Client creates new resource manager client. 28 | func NewResourceManagerV2Client() (*resourcemanagerv2.ResourceManagerV2, error) { 29 | return resourcemanagerv2.NewResourceManagerV2(&resourcemanagerv2.ResourceManagerV2Options{ 30 | Authenticator: iam.GetIAMAuth(), 31 | URL: resourcemanagerv2.DefaultServiceURL, 32 | }) 33 | } 34 | 35 | // NewIAMIdentityClient creates iam identity client. 36 | func NewIAMIdentityClient() (*iamidentityv1.IamIdentityV1, error) { 37 | return iamidentityv1.NewIamIdentityV1(&iamidentityv1.IamIdentityV1Options{ 38 | Authenticator: iam.GetIAMAuth(), 39 | URL: iamidentityv1.DefaultServiceURL, 40 | }) 41 | } 42 | -------------------------------------------------------------------------------- /cmd/capibmadm/clients/powervs/client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package powervs contains powervs client functions. 18 | package powervs 19 | 20 | import ( 21 | "github.com/IBM-Cloud/power-go-client/ibmpisession" 22 | 23 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/clients/iam" 24 | ) 25 | 26 | // NewPISession creates new powervs client. 27 | // To-Do: Need to handle custom endpoint URL if user wants to use staging env. 28 | func NewPISession(accountID string, zone string, debug bool) (*ibmpisession.IBMPISession, error) { 29 | return ibmpisession.NewIBMPISession(&ibmpisession.IBMPIOptions{ 30 | Authenticator: iam.GetIAMAuth(), 31 | Debug: debug, 32 | UserAccount: accountID, 33 | Zone: zone}) 34 | } 35 | -------------------------------------------------------------------------------- /cmd/capibmadm/clients/vpc/client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package vpc contains vpc client functions. 18 | package vpc 19 | 20 | import ( 21 | "github.com/IBM/vpc-go-sdk/vpcv1" 22 | 23 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/clients/iam" 24 | ) 25 | 26 | // NewV1Client creates new vpcv1 client. 27 | // To-Do: Need to handle custom endpoint URL if user wants to use staging env. 28 | func NewV1Client(region string) (*vpcv1.VpcV1, error) { 29 | svcEndpoint := "https://" + region + ".iaas.cloud.ibm.com/v1" 30 | 31 | return vpcv1.NewVpcV1(&vpcv1.VpcV1Options{ 32 | ServiceName: "vpcs", 33 | Authenticator: iam.GetIAMAuth(), 34 | URL: svcEndpoint, 35 | }) 36 | } 37 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package cmd contains the capibm cli commands. 18 | package cmd 19 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package powervs contains the commands to operate on Power VS resources. 18 | package powervs 19 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/image/image.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package image contains the commands to operate on PowerVS image resources. 18 | package image 19 | 20 | import ( 21 | "github.com/spf13/cobra" 22 | 23 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/options" 24 | ) 25 | 26 | // Commands function to add PowerVS image commands. 27 | func Commands() *cobra.Command { 28 | cmd := &cobra.Command{ 29 | Use: "image", 30 | Short: "Perform PowerVS image operations", 31 | } 32 | options.AddCommonFlags(cmd) 33 | 34 | cmd.AddCommand(ListCommand()) 35 | cmd.AddCommand(ImportCommand()) 36 | 37 | return cmd 38 | } 39 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/key/key.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package key contains the commands to operate on PowerVS ssh-key related resources. 18 | package key 19 | 20 | import ( 21 | "github.com/spf13/cobra" 22 | ) 23 | 24 | // Commands - A collection of supported commands for SSH key management in the PowerVS environment. 25 | func Commands() *cobra.Command { 26 | cmd := &cobra.Command{ 27 | Use: "key", 28 | Short: "Parent command for operations related to keys in the PowerVS environment.", 29 | } 30 | cmd.AddCommand(CreateSSHKeyCommand()) 31 | cmd.AddCommand(DeleteSSHKeyCommand()) 32 | cmd.AddCommand(ListSSHKeyCommand()) 33 | return cmd 34 | } 35 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/key/type.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package key 18 | 19 | import ( 20 | "time" 21 | 22 | "github.com/go-openapi/strfmt" 23 | 24 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 25 | ) 26 | 27 | // SSHKeySpec defines an SSH Key. 28 | type SSHKeySpec struct { 29 | Name string `json:"name"` 30 | Key string `json:"key"` 31 | CreationDate strfmt.DateTime `json:"creationDate"` 32 | } 33 | 34 | // IList defines a list of SSH Keys. 35 | type IList struct { 36 | Items []SSHKeySpec `json:"items"` 37 | } 38 | 39 | // ToTable converts List to *metav1.Table. 40 | func (keyList *IList) ToTable() *metav1.Table { 41 | table := &metav1.Table{ 42 | TypeMeta: metav1.TypeMeta{ 43 | APIVersion: metav1.SchemeGroupVersion.String(), 44 | Kind: "Table", 45 | }, 46 | ColumnDefinitions: []metav1.TableColumnDefinition{ 47 | { 48 | Name: "Name", 49 | Type: "string", 50 | }, 51 | { 52 | Name: "Creation Date", 53 | Type: "string", 54 | }, 55 | { 56 | Name: "Key", 57 | Type: "string", 58 | }, 59 | }, 60 | } 61 | 62 | for _, key := range keyList.Items { 63 | row := metav1.TableRow{ 64 | Cells: []interface{}{key.Name, time.Time(key.CreationDate).Format(time.RFC822), key.Key}, 65 | } 66 | table.Rows = append(table.Rows, row) 67 | } 68 | return table 69 | } 70 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/network/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package network contains the commands to operate on Power VS Network resources. 18 | package network 19 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/network/network.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package network 18 | 19 | import ( 20 | "github.com/spf13/cobra" 21 | ) 22 | 23 | // Commands function to add PowerVS network commands. 24 | func Commands() *cobra.Command { 25 | cmd := &cobra.Command{ 26 | Use: "network", 27 | Short: "Perform PowerVS network operations", 28 | } 29 | 30 | cmd.AddCommand(CreateCommand()) 31 | cmd.AddCommand(ListCommand()) 32 | cmd.AddCommand(DeleteCommand()) 33 | 34 | return cmd 35 | } 36 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/network/type.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package network 18 | 19 | import ( 20 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 | ) 22 | 23 | // NetSpec defines a Network. 24 | type NetSpec struct { 25 | NetworkID string `json:"id"` 26 | Name string `json:"name"` 27 | Type string `json:"type"` 28 | VlanID float64 `json:"vlanID"` 29 | Jumbo bool `json:"jumbo"` 30 | DhcpManaged bool `json:"dhcpManaged"` 31 | } 32 | 33 | // IList defines a list of Networks. 34 | type IList struct { 35 | Items []NetSpec `json:"items"` 36 | } 37 | 38 | // ToTable converts List to *metav1.Table. 39 | func (netList *IList) ToTable() *metav1.Table { 40 | table := &metav1.Table{ 41 | TypeMeta: metav1.TypeMeta{ 42 | APIVersion: metav1.SchemeGroupVersion.String(), 43 | Kind: "Table", 44 | }, 45 | ColumnDefinitions: []metav1.TableColumnDefinition{ 46 | { 47 | Name: "NETWORK ID", 48 | Type: "string", 49 | }, 50 | { 51 | Name: "Name", 52 | Type: "string", 53 | }, 54 | { 55 | Name: "Type", 56 | Type: "string", 57 | }, 58 | { 59 | Name: "VLAN ID", 60 | Type: "string", 61 | }, 62 | { 63 | Name: "Jumbo", 64 | Type: "bool", 65 | }, 66 | { 67 | Name: "DHCP Managed", 68 | Type: "bool", 69 | }, 70 | }, 71 | } 72 | 73 | for _, network := range netList.Items { 74 | row := metav1.TableRow{ 75 | Cells: []interface{}{network.NetworkID, network.Name, network.Type, network.VlanID, network.Jumbo, network.DhcpManaged}, 76 | } 77 | table.Rows = append(table.Rows, row) 78 | } 79 | return table 80 | } 81 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/powervs/port/port.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package port contains the commands to operate on PowerVS Port resources. 18 | package port 19 | 20 | import ( 21 | "github.com/spf13/cobra" 22 | 23 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/options" 24 | ) 25 | 26 | // Commands function to add PowerVS port commands. 27 | func Commands() *cobra.Command { 28 | cmd := &cobra.Command{ 29 | Use: "port", 30 | Short: "Perform PowerVS port operations", 31 | } 32 | options.AddCommonFlags(cmd) 33 | 34 | cmd.AddCommand(DeleteCommand()) 35 | cmd.AddCommand(ListCommand()) 36 | cmd.AddCommand(CreateCommand()) 37 | 38 | return cmd 39 | } 40 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/root.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package cmd 18 | 19 | import ( 20 | "context" 21 | "flag" 22 | "fmt" 23 | "os" 24 | "os/signal" 25 | "syscall" 26 | 27 | "github.com/spf13/cobra" 28 | 29 | logf "sigs.k8s.io/cluster-api/cmd/clusterctl/log" 30 | 31 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/cmd/powervs" 32 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/cmd/version" 33 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/cmd/vpc" 34 | ) 35 | 36 | func init() { 37 | verbosity := flag.CommandLine.Int("v", 0, "Set the log level verbosity.") 38 | logf.SetLogger(logf.NewLogger(logf.WithThreshold(verbosity))) 39 | } 40 | 41 | func rootCommand() *cobra.Command { 42 | cmd := &cobra.Command{ 43 | Use: "capibmadm", 44 | Short: "Kubernetes Cluster API Provider IBM Cloud Management Utility", 45 | Long: `capibmadm provides helpers for completing the prerequisite operations for creating IBM Cloud Power VS or VPC clusters.`, 46 | } 47 | 48 | cmd.PersistentFlags().AddGoFlagSet(flag.CommandLine) 49 | cmd.AddCommand(powervs.Commands()) 50 | cmd.AddCommand(vpc.Commands()) 51 | cmd.AddCommand(version.Commands(os.Stdout)) 52 | 53 | return cmd 54 | } 55 | 56 | // Execute executes the root command. 57 | func Execute() { 58 | cmd := rootCommand() 59 | 60 | ctx, cancel := context.WithCancel(context.Background()) 61 | 62 | sigs := make(chan os.Signal, 1) 63 | signal.Notify(sigs, syscall.SIGINT) 64 | go func() { 65 | <-sigs 66 | fmt.Fprintln(os.Stderr, "\nAborted...") 67 | cancel() 68 | }() 69 | 70 | if err := cmd.ExecuteContext(ctx); err != nil { 71 | fmt.Fprintf(os.Stderr, "%v\n", err) 72 | os.Exit(1) 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/version/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package version contains the capibmadm version command. 18 | package version 19 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/vpc/image/image.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package image contains the commands to operate on vpc image resources. 18 | package image 19 | 20 | import ( 21 | "github.com/spf13/cobra" 22 | ) 23 | 24 | // Commands function to add VPC image commands. 25 | func Commands() *cobra.Command { 26 | cmd := &cobra.Command{ 27 | Use: "image", 28 | Short: "Perform VPC image operations", 29 | } 30 | 31 | cmd.AddCommand(ListCommand()) 32 | 33 | return cmd 34 | } 35 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/vpc/key/key.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package key contains the commands to operate on vpc key resources. 18 | package key 19 | 20 | import ( 21 | "github.com/spf13/cobra" 22 | ) 23 | 24 | // Commands function to add VPC key commands. 25 | func Commands() *cobra.Command { 26 | cmd := &cobra.Command{ 27 | Use: "key", 28 | Short: "Perform VPC key operations", 29 | } 30 | 31 | cmd.AddCommand(ListCommand()) 32 | cmd.AddCommand(CreateCommand()) 33 | cmd.AddCommand(DeleteCommand()) 34 | return cmd 35 | } 36 | -------------------------------------------------------------------------------- /cmd/capibmadm/cmd/vpc/vpc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package vpc contains the commands to operate on vpc resources. 18 | package vpc 19 | 20 | import ( 21 | "fmt" 22 | "os" 23 | 24 | "github.com/spf13/cobra" 25 | 26 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/cmd/vpc/image" 27 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/cmd/vpc/key" 28 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/options" 29 | ) 30 | 31 | // Commands initialises and returns VPC command. 32 | func Commands() *cobra.Command { 33 | cmd := &cobra.Command{ 34 | Use: "vpc", 35 | Short: "Commands for operations on VPC resources", 36 | PersistentPreRunE: func(_ *cobra.Command, _ []string) error { 37 | apiKey := os.Getenv(options.IBMCloudAPIKeyEnvName) 38 | if apiKey == "" { 39 | return fmt.Errorf("ibmcloud api key is not provided, set %s environmental variable", options.IBMCloudAPIKeyEnvName) 40 | } 41 | options.GlobalOptions.IBMCloudAPIKey = apiKey 42 | return nil 43 | }, 44 | } 45 | 46 | cmd.PersistentFlags().StringVar(&options.GlobalOptions.VPCRegion, "region", options.GlobalOptions.VPCRegion, "IBM cloud vpc region. (Required)") 47 | cmd.PersistentFlags().StringVar(&options.GlobalOptions.ResourceGroupName, "resource-group-name", options.GlobalOptions.ResourceGroupName, "IBM cloud resource group name") 48 | 49 | _ = cmd.MarkPersistentFlagRequired("region") 50 | 51 | cmd.AddCommand(key.Commands()) 52 | cmd.AddCommand(image.Commands()) 53 | 54 | return cmd 55 | } 56 | -------------------------------------------------------------------------------- /cmd/capibmadm/main.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // main is the main package for the capibm cli tool. 18 | package main 19 | 20 | import ( 21 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/cmd" 22 | ) 23 | 24 | func main() { 25 | cmd.Execute() 26 | } 27 | -------------------------------------------------------------------------------- /cmd/capibmadm/options/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package options implements options code. 18 | package options 19 | -------------------------------------------------------------------------------- /cmd/capibmadm/options/options.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package options contains the reusable and global variables. 18 | package options 19 | 20 | import ( 21 | "github.com/spf13/cobra" 22 | 23 | "sigs.k8s.io/cluster-api-provider-ibmcloud/cmd/capibmadm/printer" 24 | ) 25 | 26 | // IBMCloudAPIKeyEnvName holds the environmental variable name to set PowerVS service instance ID. 27 | const IBMCloudAPIKeyEnvName = "IBMCLOUD_API_KEY" //nolint:gosec 28 | 29 | // GlobalOptions holds the global variable struct. 30 | var GlobalOptions = &options{} 31 | 32 | type options struct { 33 | IBMCloudAPIKey string 34 | ServiceInstanceID string 35 | PowerVSZone string 36 | VPCRegion string 37 | ResourceGroupName string 38 | Debug bool 39 | Output printer.PType 40 | } 41 | 42 | // AddCommonFlags will add common flags to the cli. 43 | func AddCommonFlags(cmd *cobra.Command) { 44 | GlobalOptions.Output = printer.PrinterTypeTable 45 | cmd.Flags().VarP(&GlobalOptions.Output, "output", "o", "The output format of the results. Supported printer types: table, json") 46 | } 47 | -------------------------------------------------------------------------------- /code-of-conduct.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Kubernetes Community Code of Conduct](#kubernetes-community-code-of-conduct) 6 | 7 | 8 | 9 | # Kubernetes Community Code of Conduct 10 | 11 | Please refer to our [Kubernetes Community Code of Conduct](https://git.k8s.io/community/code-of-conduct.md) 12 | -------------------------------------------------------------------------------- /common.mk: -------------------------------------------------------------------------------- 1 | 2 | include $(ROOT_DIR_RELATIVE)/versions.mk 3 | 4 | TOOLS_DIR := $(ROOT_DIR_RELATIVE)/hack/tools 5 | TOOLS_DIR_DEPS := $(TOOLS_DIR)/go.sum $(TOOLS_DIR)/go.mod $(TOOLS_DIR)/Makefile 6 | TOOLS_BIN_DIR := $(TOOLS_DIR)/bin 7 | 8 | $(TOOLS_BIN_DIR)/%: $(TOOLS_DIR_DEPS) 9 | make -C $(TOOLS_DIR) $(subst $(TOOLS_DIR)/,,$@) 10 | -------------------------------------------------------------------------------- /config/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | # WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for 4 | # breaking changes 5 | apiVersion: cert-manager.io/v1 6 | kind: Issuer 7 | metadata: 8 | name: selfsigned-issuer 9 | namespace: system 10 | spec: 11 | selfSigned: {} 12 | --- 13 | apiVersion: cert-manager.io/v1 14 | kind: Certificate 15 | metadata: 16 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 17 | namespace: system 18 | spec: 19 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 20 | dnsNames: 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 22 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 23 | issuerRef: 24 | kind: Issuer 25 | name: selfsigned-issuer 26 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize 27 | -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhook/clientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhook/clientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmpowervsclusters.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmpowervsclusters.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmpowervsclustertemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmpowervsclustertemplates.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmpowervsimages.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmpowervsimages.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmpowervsmachines.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmpowervsmachines.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmpowervsmachinetemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmpowervsmachinetemplates.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmvpcclusters.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmvpcclusters.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmvpcclustertemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmvpcclustertemplates.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmvpcmachines.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmvpcmachines.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_ibmvpcmachinetemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ibmvpcmachinetemplates.infrastructure.cluster.x-k8s.io 9 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmpowervsclusters.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmpowervsclusters.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmpowervsclustertemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmpowervsclustertemplates.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmpowervsimages.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmpowervsimages.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmpowervsmachines.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmpowervsmachines.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmpowervsmachinetemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmpowervsmachinetemplates.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmvpcclusters.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmvpcclusters.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmvpcclustertemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmvpcclustertemplates.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmvpcmachines.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmvpcmachines.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ibmvpcmachinetemplates.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ibmvpcmachinetemplates.infrastructure.cluster.x-k8s.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | conversionReviewVersions: ["v1", "v1beta1"] 12 | clientConfig: 13 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 14 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 15 | caBundle: Cg== 16 | service: 17 | namespace: system 18 | name: webhook-service 19 | path: /convert 20 | -------------------------------------------------------------------------------- /config/default/credentials.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: manager-bootstrap-credentials 5 | namespace: system 6 | type: Opaque 7 | stringData: 8 | ibm-credentials.env: |- 9 | IBMCLOUD_AUTH_TYPE=iam 10 | IBMCLOUD_APIKEY=${IBMCLOUD_API_KEY} 11 | IBMCLOUD_AUTH_URL=${IBMCLOUD_AUTH_URL:=https://iam.cloud.ibm.com} 12 | -------------------------------------------------------------------------------- /config/default/manager_credentials_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | env: 12 | - name: IBM_CREDENTIALS_FILE 13 | value: /home/.ibmcloud/ibm-credentials.env 14 | volumeMounts: 15 | - name: credentials 16 | mountPath: /home/.ibmcloud 17 | volumes: 18 | - name: credentials 19 | secret: 20 | secretName: manager-bootstrap-credentials 21 | -------------------------------------------------------------------------------- /config/default/manager_image_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | # Change the value of image field below to your controller image URL 11 | - image: gcr.io/k8s-staging-capi-ibmcloud/cluster-api-ibmcloud-controller:main 12 | name: manager 13 | -------------------------------------------------------------------------------- /config/default/manager_pull_policy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | imagePullPolicy: Always 12 | -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 9443 13 | name: webhook-server 14 | protocol: TCP 15 | volumeMounts: 16 | - mountPath: /tmp/k8s-webhook-server/serving-certs 17 | name: cert 18 | readOnly: true 19 | volumes: 20 | - name: cert 21 | secret: 22 | defaultMode: 420 23 | secretName: webhook-server-cert 24 | -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | apiVersion: kustomize.config.k8s.io/v1beta1 4 | kind: Kustomization 5 | images: 6 | - name: controller 7 | newName: controller 8 | newTag: latest 9 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: system 7 | --- 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | metadata: 11 | name: controller-manager 12 | namespace: system 13 | labels: 14 | control-plane: controller-manager 15 | spec: 16 | selector: 17 | matchLabels: 18 | control-plane: controller-manager 19 | replicas: 1 20 | template: 21 | metadata: 22 | labels: 23 | control-plane: controller-manager 24 | spec: 25 | containers: 26 | - command: 27 | - /manager 28 | args: 29 | - "--leader-elect" 30 | - "--provider-id-fmt=${PROVIDER_ID_FORMAT:=v2}" 31 | - "--diagnostics-address=${CAPIBM_DIAGNOSTICS_ADDRESS:=:8443}" 32 | - "--insecure-diagnostics=${CAPIBM_INSECURE_DIAGNOSTICS:=false}" 33 | - "--service-endpoint=${SERVICE_ENDPOINT:=none}" 34 | - "--v=${LOGLEVEL:=0}" 35 | image: controller:latest 36 | name: manager 37 | ports: 38 | - containerPort: 9440 39 | name: healthz 40 | protocol: TCP 41 | - containerPort: 8443 42 | name: metrics 43 | protocol: TCP 44 | readinessProbe: 45 | httpGet: 46 | path: /readyz 47 | port: healthz 48 | livenessProbe: 49 | httpGet: 50 | path: /healthz 51 | port: healthz 52 | resources: 53 | limits: 54 | cpu: 300m 55 | memory: 100Mi 56 | requests: 57 | cpu: 100m 58 | memory: 20Mi 59 | terminationMessagePolicy: FallbackToLogsOnError 60 | terminationGracePeriodSeconds: 10 61 | serviceAccountName: manager 62 | -------------------------------------------------------------------------------- /config/prometheus/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - monitor.yaml 3 | -------------------------------------------------------------------------------- /config/prometheus/monitor.yaml: -------------------------------------------------------------------------------- 1 | 2 | # Prometheus Monitor Service (Metrics) 3 | apiVersion: monitoring.coreos.com/v1 4 | kind: ServiceMonitor 5 | metadata: 6 | labels: 7 | control-plane: controller-manager 8 | name: controller-manager-metrics-monitor 9 | namespace: system 10 | spec: 11 | endpoints: 12 | - path: /metrics 13 | port: https 14 | selector: 15 | matchLabels: 16 | control-plane: controller-manager 17 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervscluster_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmpowervsclusters. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervscluster-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsclusters 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmpowervsclusters/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervscluster_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmpowervsclusters. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervscluster-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsclusters 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmpowervsclusters/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsclustertemplate_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmpowervsclustertemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsclustertemplate-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsclustertemplates 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmpowervsclustertemplates/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsclustertemplate_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmpowervsclustertemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsclustertemplate-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsclustertemplates 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmpowervsclustertemplates/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsimage_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmpowervsimages. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsimage-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsimages 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmpowervsimages/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsimage_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmpowervsimages. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsimage-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsimages 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmpowervsimages/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsmachine_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmpowervsmachines. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsmachine-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsmachines 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmpowervsmachines/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsmachine_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmpowervsmachines. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsmachine-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsmachines 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmpowervsmachines/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsmachinetemplate_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmpowervsmachinetemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsmachinetemplate-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsmachinetemplates 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmpowervsmachinetemplates/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmpowervsmachinetemplate_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmpowervsmachinetemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmpowervsmachinetemplate-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmpowervsmachinetemplates 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmpowervsmachinetemplates/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmvpccluster_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmvpcclusters. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpccluster-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcclusters 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmvpcclusters/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmvpccluster_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmvpcclusters. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpccluster-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcclusters 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmvpcclusters/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmvpcclustertemplate_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmvpcclustertemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpcclustertemplate-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcclustertemplates 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmvpcclustertemplates/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmvpcclustertemplate_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmvpcclustertemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpcclustertemplate-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcclustertemplates 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmvpcclustertemplates/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmvpcmachine_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmvpcmachines. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpcmachine-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcmachines 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmvpcmachines/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmvpcmachine_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmvpcmachines. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpcmachine-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcmachines 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmvpcmachines/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ibmvpcmachinetemplate_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ibmvpcmachinetemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpcmachinetemplate-editor-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcmachinetemplates 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - infrastructure.cluster.x-k8s.io 21 | resources: 22 | - ibmvpcmachinetemplates/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ibmvpcmachinetemplate_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ibmvpcmachinetemplates. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ibmvpcmachinetemplate-viewer-role 6 | rules: 7 | - apiGroups: 8 | - infrastructure.cluster.x-k8s.io 9 | resources: 10 | - ibmvpcmachinetemplates 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - infrastructure.cluster.x-k8s.io 17 | resources: 18 | - ibmvpcmachinetemplates/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - leader_election_role.yaml 5 | - leader_election_role_binding.yaml 6 | - service_account.yaml 7 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-elect-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - configmaps/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | - apiGroups: 34 | - "coordination.k8s.io" 35 | resources: 36 | - leases 37 | verbs: 38 | - get 39 | - list 40 | - watch 41 | - create 42 | - update 43 | - patch 44 | - delete 45 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-elect-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-elect-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: manager-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - events 11 | verbs: 12 | - create 13 | - get 14 | - list 15 | - patch 16 | - update 17 | - watch 18 | - apiGroups: 19 | - "" 20 | resources: 21 | - secrets 22 | verbs: 23 | - get 24 | - list 25 | - watch 26 | - apiGroups: 27 | - authentication.k8s.io 28 | resources: 29 | - tokenreviews 30 | verbs: 31 | - create 32 | - apiGroups: 33 | - authorization.k8s.io 34 | resources: 35 | - subjectaccessreviews 36 | verbs: 37 | - create 38 | - apiGroups: 39 | - cluster.x-k8s.io 40 | resources: 41 | - clusters 42 | - clusters/status 43 | - machines 44 | - machines/status 45 | verbs: 46 | - get 47 | - list 48 | - watch 49 | - apiGroups: 50 | - infrastructure.cluster.x-k8s.io 51 | resources: 52 | - ibmpowervsclusters 53 | - ibmpowervsimages 54 | - ibmpowervsmachines 55 | - ibmvpcclusters 56 | - ibmvpcmachines 57 | verbs: 58 | - create 59 | - delete 60 | - get 61 | - list 62 | - patch 63 | - update 64 | - watch 65 | - apiGroups: 66 | - infrastructure.cluster.x-k8s.io 67 | resources: 68 | - ibmpowervsclusters/status 69 | - ibmpowervsimages/status 70 | - ibmpowervsmachines/status 71 | - ibmpowervsmachinetemplates/status 72 | - ibmvpcclusters/status 73 | - ibmvpcmachines/status 74 | - ibmvpcmachinetemplates/status 75 | verbs: 76 | - get 77 | - patch 78 | - update 79 | - apiGroups: 80 | - infrastructure.cluster.x-k8s.io 81 | resources: 82 | - ibmpowervsmachinetemplates 83 | - ibmvpcmachinetemplates 84 | verbs: 85 | - get 86 | - list 87 | - watch 88 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/service_account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: manager 5 | namespace: system 6 | -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /controllers/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package controllers implements controllers code. 18 | package controllers 19 | -------------------------------------------------------------------------------- /docs/book/.gitignore: -------------------------------------------------------------------------------- 1 | book 2 | -------------------------------------------------------------------------------- /docs/book/book.toml: -------------------------------------------------------------------------------- 1 | [book] 2 | authors = ["The Cluster API Provider IBM Cloud Maintainers"] 3 | language = "en" 4 | multilingual = false 5 | src = "src" 6 | title = "Kubernetes Cluster API Provider IBM Cloud" 7 | 8 | [output.html] 9 | curly-quotes = true 10 | git-repository-url = "https://sigs.k8s.io/cluster-api-provider-ibmcloud" 11 | additional-css = ["theme/css/custom.css"] 12 | 13 | [output.html.redirect] 14 | "/agenda.html" = "https://docs.google.com/document/d/1oWnqXy1VFv0E3kovQoZfS6IlVP0L4eaQsN-2HYC_6_A" 15 | 16 | [preprocessor.tabulate] 17 | command = "mdbook-tabulate" 18 | 19 | [preprocessor.embed] 20 | command = "mdbook-embed" 21 | 22 | [preprocessor.releaselink] 23 | command = "mdbook-releaselink" 24 | -------------------------------------------------------------------------------- /docs/book/src/SUMMARY.md: -------------------------------------------------------------------------------- 1 | # Summary 2 | 3 | - [Introduction](./introduction.md) 4 | - [Getting Started](./getting-started.md) 5 | - [Images](./machine-images/index.md) 6 | - [VPC](./machine-images/vpc.md) 7 | - [PowerVS](./machine-images/powervs.md) 8 | - [Topics](./topics/index.md) 9 | - [VPC Cluster](./topics/vpc/index.md) 10 | - [Prerequisites](./topics/vpc/prerequisites.md) 11 | - [Uploading an image](topics/vpc/uploading-an-image.md) 12 | - [Creating a cluster](./topics/vpc/creating-a-cluster.md) 13 | - [PowerVS Cluster](./topics/powervs/index.md) 14 | - [Prerequisites](./topics/powervs/prerequisites.md) 15 | - [Creating a cluster](./topics/powervs/creating-a-cluster.md) 16 | - [Using autoscaler with scaling from 0 machine](./topics/powervs/autoscaler-scalling-from-0.md) 17 | - [capibmadm CLI](./topics/capibmadm/index.md) 18 | - [PowerVS Commands](./topics/capibmadm/powervs/index.md) 19 | - [Image Commands](./topics/capibmadm/powervs/image.md) 20 | - [Network Commands](./topics/capibmadm/powervs/network.md) 21 | - [Port Commands](./topics/capibmadm/powervs/port.md) 22 | - [SSH key Commands](./topics/capibmadm/powervs/key.md) 23 | - [VPC Commands](./topics/capibmadm/vpc/index.md) 24 | - [Image Commands](./topics/capibmadm/vpc/image.md) 25 | - [Key Commands](./topics/capibmadm/vpc/key.md) 26 | - [Developer Guide](./developer/index.md) 27 | - [Rapid iterative development with Tilt](./developer/tilt.md) 28 | - [Guide for API conversions](./developer/conversion.md) 29 | - [Release Process](./developer/release.md) 30 | - [Release Support Guidelines](./developer/release-support-guidelines.md) 31 | - [How to build the machine boot images](./developer/build-images.md) 32 | - [Modules and tools dependencies](./developer/dependencies.md) 33 | - [E2E testing](./developer/e2e.md) 34 | - [Troubleshooting](./user/troubleshooting.md) 35 | - [Reference](./reference/reference.md) 36 | - [API References](./reference/api-references.md) 37 | - [Regions-Zones Mapping](./reference/regions-zones-mapping.md) 38 | -------------------------------------------------------------------------------- /docs/book/src/developer/e2e.md: -------------------------------------------------------------------------------- 1 | # E2E Testing 2 | 3 | ### Introduction 4 | 5 | * The end-to-end tests for `VPC` and `PowerVS` run on an internal prow cluster on IBM Cloud. 6 | * Resource management is handled via [boskos](https://github.com/kubernetes-sigs/boskos) which is an efficient way to lease infra and clean up after every run. 7 | * The E2E tests use the Cluster API test framework. For more information on developing E2E tests, refer [here](https://cluster-api.sigs.k8s.io/developer/core/e2e). 8 | 9 | ### Jobs 10 | 11 | The following periodic jobs are being run on main branch once every day. 12 | 13 | 1. [periodic-capi-provider-ibmcloud-e2e-powervs](https://prow.ppc64le-cloud.cis.ibm.net/job-history/gs/ppc64le-kubernetes/logs/periodic-capi-provider-ibmcloud-e2e-powervs) 14 | 2. [periodic-capi-provider-ibmcloud-e2e-vpc](https://prow.ppc64le-cloud.cis.ibm.net/job-history/gs/ppc64le-kubernetes/logs/periodic-capi-provider-ibmcloud-e2e-vpc) 15 | 16 | We also test the last two releases, once every week. 17 | 18 | ### Running the end-to-end tests locally 19 | 20 | For development and debugging the E2E tests, they can be executed locally. 21 | 22 | 1. Set the flavor you want to test. By default it is set to `powervs-md-remeditaion`. 23 | 24 | ``` 25 | export E2E_FLAVOR= 26 | ``` 27 | 2. Set the infra environment variables accrodingly based on the flavor being tested. Check the required variables for [VPC](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/scripts/ci-e2e.sh#L132-L145) and [PowerVS](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/scripts/ci-e2e.sh#L123-L130) being set in [ci-e2e.sh](https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/blob/main/scripts/ci-e2e.sh). 28 | 3. Run the e2e test 29 | ``` 30 | ./scripts/ci-e2e.sh 31 | ``` -------------------------------------------------------------------------------- /docs/book/src/developer/index.md: -------------------------------------------------------------------------------- 1 | # Developer Guide 2 | 3 | - [Rapid iterative development with Tilt](/developer/tilt.html) 4 | - [Guide for API conversions](/developer/conversion.html) 5 | - [Release Process](/developer/release.html) 6 | - [Release Support Guidelines](/developer/release-support-guidelines.md) 7 | - [How to build the machine boot images](/developer/build-images.html) 8 | - [Modules and tools dependencies](/developer/dependencies.html) 9 | - [E2E testing](/developer/e2e.html) -------------------------------------------------------------------------------- /docs/book/src/images/ibm-cloud-iaas.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/book/src/images/ibm-cloud-iaas.png -------------------------------------------------------------------------------- /docs/book/src/images/k8s-ibm-cloud.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/book/src/images/k8s-ibm-cloud.png -------------------------------------------------------------------------------- /docs/book/src/machine-images/index.md: -------------------------------------------------------------------------------- 1 | ## IBM Cloud Machine Images for CAPIBM Clusters 2 | 3 | CAPIBM requires a “machine image” containing pre-installed, matching versions of kubeadm and kubelet. Machine image is required during the cluster creation in the IBMVPCMachineTemplate and IBMPowerVSMachineTemplate spec. 4 | 5 | Pre-built public Images are published by the maintainers regularly for each new Kubernetes version. 6 | 7 | >Note: These images are only for the test purpose 8 | 9 | - [IBM Cloud VPC Images](/machine-images/vpc.html) 10 | - [IBM Cloud PowerVS Images](/machine-images/powervs.html) -------------------------------------------------------------------------------- /docs/book/src/machine-images/powervs.md: -------------------------------------------------------------------------------- 1 | # PowerVS Images 2 | 3 | 4 | | Region | Bucket | Object | Kubernetes Version | 5 | |----------|------------------|-----------------------------------------------------------------|--------------------| 6 | | us-south | power-oss-bucket | [capibm-powervs-centos-streams9-1-32-3.ova.gz][streams9-1-32-3] | 1.32.3 | 7 | | us-south | power-oss-bucket | [capibm-powervs-centos-streams9-1-31-0.ova.gz][streams9-1-31-0] | 1.31.0 | 8 | | us-south | power-oss-bucket | [capibm-powervs-centos-streams9-1-30-0.ova.gz][streams9-1-30-0] | 1.30.0 | 9 | 10 | ## PowerVS Images with DHCP based network 11 | 12 | | Region | Bucket | Object | Kubernetes Version | 13 | |----------|------------------|------------------------------------------------------------------------|--------------------| 14 | | us-south | power-oss-bucket | [capibm-powervs-centos-streams9-1-32-3.ova.gz][centos-streams9-1-32-3] | 1.32.3 | 15 | | us-south | power-oss-bucket | [capibm-powervs-centos-streams9-1-29-3.ova.gz][centos-streams9-1-29-3] | 1.29.3 | 16 | 17 | > **Note:** These images are built using the [image-builder][image-builder] tool and more information can be found [here](../developer/build-images.md#powervs) 18 | 19 | [streams9-1-32-3]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-powervs-centos-streams9-1-32-3-1747820578.ova.gz 20 | [streams9-1-31-0]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-powervs-centos-streams9-1-31-0-1737533452.ova.gz 21 | [streams9-1-30-0]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-powervs-centos-streams9-1-30-0-1737523124.ova.gz 22 | [centos-streams9-1-32-3]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-powervs-centos-streams9-1-32-3-1746768746.ova.gz 23 | [centos-streams9-1-29-3]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-powervs-centos-streams9-1-29-3-1719470782.ova.gz 24 | 25 | [image-builder]: https://github.com/kubernetes-sigs/image-builder 26 | -------------------------------------------------------------------------------- /docs/book/src/machine-images/vpc.md: -------------------------------------------------------------------------------- 1 | # VPC Images 2 | 3 | 4 | | Region | Bucket | Object | Kubernetes Version | 5 | |----------|------------------|----------------------------------------------------------|--------------------| 6 | | us-south | power-oss-bucket | [capibm-vpc-ubuntu-2204-kube-v1-31-4.qcow2][kube-1-31-4] | 1.31.4 | 7 | | us-south | power-oss-bucket | [capibm-vpc-ubuntu-2204-kube-v1-30-4.qcow2][kube-1-30-4] | 1.30.4 | 8 | 9 | Note: These images are built using the [image-builder][image-builder] tool and more information can be found [here](../developer/build-images.md#vpc) 10 | 11 | [kube-1-31-4]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-vpc-ubuntu-2204-kube-v1-31-4.qcow2 12 | [kube-1-30-4]: https://power-oss-bucket.s3.us-south.cloud-object-storage.appdomain.cloud/capibm-vpc-ubuntu-2204-kube-v1-30-4.qcow2 13 | 14 | [image-builder]: https://github.com/kubernetes-sigs/image-builder 15 | -------------------------------------------------------------------------------- /docs/book/src/reference/api-references.md: -------------------------------------------------------------------------------- 1 | # API References 2 | 3 | Cluster API Provider IBMCloud currently exposes the following APIs: 4 | 5 | * The Cluster API Provider IBMCloud Custom Resource Definitions (CRDs): [documentation](https://doc.crds.dev/github.com/kubernetes-sigs/cluster-api-provider-ibmcloud) 6 | 7 | * Golang APIs: [godoc](https://pkg.go.dev/sigs.k8s.io/cluster-api-provider-ibmcloud) 8 | -------------------------------------------------------------------------------- /docs/book/src/reference/reference.md: -------------------------------------------------------------------------------- 1 | # Reference 2 | 3 | Further references to the Cluster API Provider IBM Cloud - CAPIBM project. 4 | 5 | - [API reference](/reference/api-references.html) 6 | - [Regions-Zones Mapping](/reference/regions-zones-mapping.html) -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/index.md: -------------------------------------------------------------------------------- 1 | # capibmadm CLI 2 | 3 | Kubernetes Cluster API Provider IBM Cloud Management Utility 4 | 5 | ## Install capibmadm 6 | 7 | #### Install capibmadm binary with curl on Linux / MacOS 8 | Run the following command to download the capibmadm binary: 9 | 10 | ```bash 11 | curl -L "https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/releases/download/v0.11.0/capibmadm-$(echo "$(uname -s)" | tr A-Z a-z)-$(uname -m)" -o capibmadm 12 | ``` 13 | Add the execute bit to the binary. 14 | ```bash 15 | chmod +x ./capibmadm 16 | ``` 17 | Move the binary to $PATH. 18 | ```bash 19 | sudo mv ./capibmadm /usr/local/bin/capibmadm 20 | ``` 21 | Test to ensure the version you installed is up-to-date: 22 | ```bash 23 | capibmadm version -o short 24 | ``` 25 | 26 | #### Install capibmadm binary with curl on Windows using PowerShell 27 | Go to the working directory where you want capibmadm downloaded. 28 | 29 | Download the latest release on AMD64; on Windows, type: 30 | ```powershell 31 | curl.exe -L https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/releases/download/v0.11.0/capibmadm-windows-amd64.exe -o capibmadm.exe 32 | ``` 33 | Append or prepend the path of that directory to the `PATH` environment variable. 34 | 35 | Download the latest release on ARM64; on Windows, type: 36 | ```powershell 37 | curl.exe -L https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/releases/download/v0.11.0/capibmadm-windows-arm64.exe -o capibmadm.exe 38 | ``` 39 | Append or prepend the path of that directory to the `PATH` environment variable. 40 | 41 | Test to ensure the version you installed is up-to-date: 42 | ```powershell 43 | capibmadm.exe version -o short 44 | ``` 45 | 46 | ## [1. PowerVS commands](./powervs/index.md) 47 | ## [2. VPC commands](./vpc/index.md) 48 | -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/powervs/index.md: -------------------------------------------------------------------------------- 1 | # capibmadm powervs `` 2 | 3 | 4 | ## 1. PowerVS commands 5 | - [key](./key.md) 6 | - [create](/topics/capibmadm/powervs/key.html#1-capibmadm-powervs-key-create) 7 | - [delete](/topics/capibmadm/powervs/key.html#2-capibmadm-powervs-key-delete) 8 | - [list](/topics/capibmadm/powervs/key.html#3-capibmadm-powervs-key-list) 9 | - [network](./network.md) 10 | - [create](/topics/capibmadm/powervs/network.html#1-capibmadm-powervs-network-create) 11 | - [delete](/topics/capibmadm/powervs/network.html#2-capibmadm-powervs-network-delete) 12 | - [list](/topics/capibmadm/powervs/network.html#3-capibmadm-powervs-network-list) 13 | - [port](./port.md) 14 | - [create](/topics/capibmadm/powervs/port.html#1-capibmadm-powervs-port-create) 15 | - [delete](/topics/capibmadm/powervs/port.html#2-capibmadm-powervs-port-delete) 16 | - [list](/topics/capibmadm/powervs/port.html#3-capibmadm-powervs-port-list) 17 | - [image](./image.md) 18 | - [import](/topics/capibmadm/powervs/image.html#1-capibmadm-powervs-image-import) 19 | - [list](/topics/capibmadm/powervs/image.html#2-capibmadm-powervs-image-list) 20 | -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/powervs/key.md: -------------------------------------------------------------------------------- 1 | ## PowerVS SSH key Commands 2 | 3 | ### 1. capibmadm powervs key create 4 | 5 | #### Usage: 6 | Create an SSH key in the PowerVS environment. 7 | 8 | #### Environmental Variable: 9 | IBMCLOUD_API_KEY: IBM Cloud API key. 10 | 11 | #### Arguments: 12 | --service-instance-id: PowerVS service instance id. 13 | 14 | --zone: PowerVS zone. 15 | 16 | --name: The name of the SSH key. 17 | 18 | Either of the arguments need to be provided: 19 | 20 | --key: SSH RSA key string within a double quotation marks. For example, "ssh-rsa AAA... ". 21 | 22 | --key-path: The absolute path to the SSH key file. 23 | 24 | #### Example: 25 | ```shell 26 | export IBMCLOUD_API_KEY= 27 | 28 | # Using SSH key 29 | capibmadm powervs key create --name --key "" --service-instance-id --zone 30 | 31 | # Using file-path to SSH key 32 | capibmadm powervs key create --name --key-path --service-instance-id --zone 33 | ``` 34 | 35 | ### 2. capibmadm powervs key delete 36 | 37 | #### Usage: 38 | Delete an SSH key in the PowerVS environment. 39 | 40 | #### Environmental Variable: 41 | IBMCLOUD_API_KEY: IBM Cloud API key. 42 | 43 | #### Arguments: 44 | --service-instance-id: PowerVS service instance id. 45 | 46 | --zone: PowerVS zone. 47 | 48 | --name: The name of the SSH key. 49 | 50 | #### Example: 51 | ```shell 52 | export IBMCLOUD_API_KEY= 53 | capibmadm powervs key delete --name --service-instance-id --zone 54 | ``` 55 | 56 | ### 3. capibmadm powervs key list 57 | 58 | #### Usage: 59 | List all SSH Keys in the PowerVS environment. 60 | 61 | #### Environmental Variable: 62 | IBMCLOUD_API_KEY: IBM Cloud API key. 63 | 64 | #### Arguments: 65 | --service-instance-id: PowerVS service instance id. 66 | 67 | --zone: PowerVS zone. 68 | 69 | #### Example: 70 | ```shell 71 | export IBMCLOUD_API_KEY= 72 | capibmadm powervs key list --service-instance-id --zone 73 | ``` 74 | -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/powervs/port.md: -------------------------------------------------------------------------------- 1 | ## PowerVS Network Commands 2 | 3 | ### 1. capibmadm powervs port create 4 | 5 | #### Usage: 6 | Create PowerVS network port. 7 | 8 | #### Environmental Variable: 9 | IBMCLOUD_API_KEY: IBM Cloud API key. 10 | 11 | #### Arguments: 12 | --service-instance-id: PowerVS service instance id. 13 | 14 | --zone: PowerVS service instance zone. 15 | 16 | --network: Network ID/ Network Name. 17 | 18 | --description: Description of the port. 19 | 20 | --ip-address: The requested IP address of this port 21 | 22 | #### Example: 23 | ```shell 24 | export IBMCLOUD_API_KEY= 25 | capibmadm powervs port create --network --description --service-instance-id --zone 26 | ``` 27 | 28 | ### 2. capibmadm powervs port delete 29 | 30 | #### Usage: 31 | Delete PowerVS network port. 32 | 33 | #### Environmental Variable: 34 | IBMCLOUD_API_KEY: IBM Cloud API key. 35 | 36 | #### Arguments: 37 | --service-instance-id: PowerVS service instance id. 38 | 39 | --zone: PowerVS zone. 40 | 41 | --port-id: ID of network port. 42 | 43 | --network: Network ID or Name. 44 | 45 | #### Example: 46 | ```shell 47 | export IBMCLOUD_API_KEY= 48 | capibmadm powervs port delete --port-id --network --service-instance-id --zone 49 | ``` 50 | 51 | ### 3. capibmadm powervs port list 52 | 53 | #### Usage: 54 | List PowerVS ports. 55 | 56 | #### Environmental Variable: 57 | IBMCLOUD_API_KEY: IBM Cloud API key. 58 | 59 | #### Arguments: 60 | --service-instance-id: PowerVS service instance id. 61 | 62 | --zone: PowerVS zone. 63 | 64 | --network: Network ID or Name. 65 | 66 | #### Example: 67 | ```shell 68 | export IBMCLOUD_API_KEY= 69 | capibmadm powervs port list --service-instance-id --zone --network 70 | ``` 71 | 72 | -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/vpc/image.md: -------------------------------------------------------------------------------- 1 | ## VPC image Commands 2 | 3 | ### 1. capibmadm vpc image list 4 | 5 | #### Usage: 6 | List images in given VPC region. 7 | 8 | #### Environmental Variable: 9 | IBMCLOUD_API_KEY: IBM Cloud API key. 10 | 11 | #### Arguments: 12 | --region: VPC region. 13 | 14 | --resource-group-name: IBM Cloud resource group name. 15 | 16 | #### Example: 17 | ```shell 18 | export IBMCLOUD_API_KEY= 19 | capibmadm vpc image list --region --resource-group-name 20 | ``` -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/vpc/index.md: -------------------------------------------------------------------------------- 1 | # capibmadm vpc `` 2 | 3 | 4 | ## 1. VPC commands 5 | 6 | - [key](./key.md) 7 | - [list](/topics/capibmadm/vpc/key.html#1-capibmadm-vpc-key-list) 8 | - [create](/topics/capibmadm/vpc/key.html#2-capibmadm-vpc-key-create) 9 | - [delete](/topics/capibmadm/vpc/key.html#3-capibmadm-vpc-key-delete) 10 | 11 | - [image](./image.md) 12 | - [list](/topics/capibmadm/vpc/image.html#1-capibmadm-vpc-image-list) 13 | -------------------------------------------------------------------------------- /docs/book/src/topics/capibmadm/vpc/key.md: -------------------------------------------------------------------------------- 1 | ## VPC SSH key Commands 2 | 3 | ### 1. capibmadm vpc key list 4 | 5 | #### Usage: 6 | List SSH keys in given VPC region. 7 | 8 | #### Environmental Variable: 9 | IBMCLOUD_API_KEY: IBM Cloud API key. 10 | 11 | #### Arguments: 12 | --region: VPC region. 13 | 14 | --resource-group-name: IBM Cloud resource group name. 15 | 16 | #### Example: 17 | ```shell 18 | export IBMCLOUD_API_KEY= 19 | capibmadm vpc key list --region --resource-group-name 20 | ``` 21 | 22 | ### 2. capibmadm vpc key create 23 | 24 | #### Usage: 25 | Create a key in the VPC environment. 26 | 27 | #### Environmental Variable: 28 | IBMCLOUD_API_KEY: IBM Cloud API key. 29 | 30 | #### Arguments: 31 | 32 | --name: The name of the key. 33 | 34 | --resource-group-name: VPC resource group name. 35 | 36 | --region: VPC region. 37 | 38 | Either of the arguments need to be provided: 39 | 40 | --public-key: Public key string within a double quotation marks. For example, "ssh-rsa AAA... ". 41 | 42 | --key-path: The absolute path to the SSH key file. 43 | 44 | 45 | #### Example: 46 | ```shell 47 | export IBMCLOUD_API_KEY= 48 | 49 | capibmadm vpc key create --name --region --public-key "" 50 | 51 | capibmadm vpc key create --name --region --key-path 52 | ``` 53 | 54 | ### 3. capibmadm vpc key delete 55 | 56 | #### Usage: 57 | Delete a key in the VPC environment. 58 | 59 | #### Environmental Variable: 60 | IBMCLOUD_API_KEY: IBM Cloud API key. 61 | 62 | #### Arguments: 63 | 64 | --name: The name of the key. 65 | 66 | --region: VPC region. 67 | 68 | #### Example: 69 | ```shell 70 | export IBMCLOUD_API_KEY= 71 | capibmadm vpc key delete --name --region 72 | ``` 73 | -------------------------------------------------------------------------------- /docs/book/src/topics/index.md: -------------------------------------------------------------------------------- 1 | # Topics 2 | 3 | This section contains information about using IBM Cloud features with Cluster API Provider IBM Cloud. 4 | 5 | - [IBM Cloud VPC Cluster](/topics/vpc/index.html) 6 | - [IBM Cloud PowerVS Cluster](/topics/powervs/index.html) -------------------------------------------------------------------------------- /docs/book/src/topics/powervs/index.md: -------------------------------------------------------------------------------- 1 | # PowerVS Cluster 2 | 3 | ## Contents 4 | - [Prerequisites](/topics/powervs/prerequisites.html) 5 | - [Creating a cluster](/topics/powervs/creating-a-cluster.html) 6 | - [Using autoscaler with scaling from 0 machine](/topics/powervs/autoscaler-scalling-from-0.html) -------------------------------------------------------------------------------- /docs/book/src/topics/vpc/index.md: -------------------------------------------------------------------------------- 1 | # VPC Cluster 2 | 3 | ## Contents 4 | - [Prerequisites](/topics/vpc/prerequisites.html) 5 | - [Uploading an image](/topics/vpc/uploading-an-image.html) 6 | - [Creating a cluster](/topics/vpc/creating-a-cluster.html) -------------------------------------------------------------------------------- /docs/book/src/topics/vpc/prerequisites.md: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | 3 | 1. Install `kubectl` (see [here](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl-binary-with-curl-on-linux)). Because `kustomize` was included into `kubectl` and it's used by `cluster-api-provider-ibmcloud` in generating yaml files, so version `1.14.0+` of `kubectl` is required, see [integrate kustomize into kubectl](https://github.com/kubernetes/enhancements/issues/633) for more info. 4 | 2. You can use either VM, container or existing Kubernetes cluster act as the bootstrap cluster. 5 | - If you want to use container, install [kind](https://github.com/kubernetes-sigs/kind#installation-and-usage). This is preferred. 6 | - If you want to use VM, install [minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/), version 0.30.0 or greater. 7 | - If you want to use existing Kubernetes cluster, prepare your kubeconfig. 8 | 3. Install a [driver](https://github.com/kubernetes/minikube/blob/master/docs/drivers.md) **if you are using minikube**. For Linux, we recommend kvm2. For MacOS, we recommend VirtualBox. 9 | 4. An appropriately configured [Go development environment](https://golang.org/doc/install) 10 | 5. Install `clusterctl` tool (see [here](https://cluster-api.sigs.k8s.io/user/quick-start.html#install-clusterctl)) 11 | 12 | ### Build workload cluster image: 13 | 14 | 1. Build a qcow2 image suitable for use as a Kubernetes cluster machine as detailed in the image builder [book](https://image-builder.sigs.k8s.io/capi/providers/ibmcloud.html#capibm---vpc). 15 | 16 | **Note:** Rename the output image to add the `.qcow2` extension. This is required by the next step. 17 | 18 | For more information about the images can be found at [machine-images](../../machine-images/vpc.md) section 19 | 20 | 2. Upload the VPC Gen2 custom image to IBM Cloud following [this section](uploading-an-image.md) or the detailed explainations in the VPC [documentation](https://cloud.ibm.com/docs/vpc?topic=vpc-planning-custom-images). 21 | -------------------------------------------------------------------------------- /docs/book/theme/css/custom.css: -------------------------------------------------------------------------------- 1 | /* notes */ 2 | aside.note { 3 | border: 1px solid var(--searchbar-border-color); 4 | border-radius: 3px; 5 | margin-top: 1em; 6 | } 7 | 8 | aside.note > * { 9 | margin-left: 1em; 10 | margin-right: 1em; 11 | } 12 | 13 | /* note title */ 14 | aside.note > h1 { 15 | border-bottom: 1px solid var(--searchbar-border-color); 16 | margin: 0; 17 | padding: 0.5em 1em; 18 | font-size: 100%; 19 | font-weight: normal; 20 | background: var(--quote-bg); 21 | } 22 | 23 | /* warning notes */ 24 | aside.note.warning > h1 { 25 | background: var(--warning-note-background-color, #fcf8f2); 26 | } 27 | aside.note.warning > h1::before { 28 | /* TODO(directxman12): fill in these colors in theme. 29 | * If you're good with colors, feel free to play around with this 30 | * in dark mode. */ 31 | content: "!"; 32 | color: var(--warning-note-color, #f0ad4e); 33 | margin-right: 1em; 34 | font-size: 100%; 35 | vertical-align: middle; 36 | font-weight: bold; 37 | padding-left: 0.6em; 38 | padding-right: 0.6em; 39 | border-radius: 50%; 40 | border: 2px solid var(--warning-note-color, #f0ad4e); 41 | } 42 | -------------------------------------------------------------------------------- /docs/book/theme/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/book/theme/favicon.png -------------------------------------------------------------------------------- /docs/images/additional-listener-code-workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/additional-listener-code-workflow.png -------------------------------------------------------------------------------- /docs/images/additional-listener-design-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/additional-listener-design-diagram.png -------------------------------------------------------------------------------- /docs/images/additional-listener-examples.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/additional-listener-examples.png -------------------------------------------------------------------------------- /docs/images/cluster-api-ibmcloud-definition.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/cluster-api-ibmcloud-definition.png -------------------------------------------------------------------------------- /docs/images/cluster-api-ibmcloud-powervs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/cluster-api-ibmcloud-powervs.png -------------------------------------------------------------------------------- /docs/images/cluster-api-ibmcloud-vpc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/cluster-api-ibmcloud-vpc.png -------------------------------------------------------------------------------- /docs/images/powervs-cluster-components.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/powervs-cluster-components.png -------------------------------------------------------------------------------- /docs/images/powervs-cluster-create-workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/powervs-cluster-create-workflow.png -------------------------------------------------------------------------------- /docs/images/powervs-cluster-delete-workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-sigs/cluster-api-provider-ibmcloud/e6f34de1c6c789045c9a4419a1429c248ea13447/docs/images/powervs-cluster-delete-workflow.png -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | -------------------------------------------------------------------------------- /hack/boilerplate/README.md: -------------------------------------------------------------------------------- 1 | # Boilerplate utilities 2 | 3 | The boilerplate validation utilities have been copied and adapted from upstream cluster-api repository, see https://github.com/kubernetes-sigs/cluster-api/tree/129533306d693457305bd9d9b725fd4bdf504a0d/hack/boilerplate. 4 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.Dockerfile.txt: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1.5 2 | 3 | # Copyright YEAR The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.Makefile.txt: -------------------------------------------------------------------------------- 1 | # Copyright YEAR The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.bzl.txt: -------------------------------------------------------------------------------- 1 | # Copyright YEAR The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.generatebzl.txt: -------------------------------------------------------------------------------- 1 | # Copyright The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.generatego.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright YEAR The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.py.txt: -------------------------------------------------------------------------------- 1 | # Copyright YEAR The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.sh.txt: -------------------------------------------------------------------------------- 1 | # Copyright YEAR The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate_test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | # Copyright 2016 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | import boilerplate 18 | import unittest 19 | import StringIO 20 | import os 21 | import sys 22 | 23 | class TestBoilerplate(unittest.TestCase): 24 | """ 25 | Note: run this test from the hack/boilerplate directory. 26 | 27 | $ python -m unittest boilerplate_test 28 | """ 29 | 30 | def test_boilerplate(self): 31 | os.chdir("test/") 32 | 33 | class Args(object): 34 | def __init__(self): 35 | self.filenames = [] 36 | self.rootdir = "." 37 | self.boilerplate_dir = "../" 38 | self.verbose = True 39 | 40 | # capture stdout 41 | old_stdout = sys.stdout 42 | sys.stdout = StringIO.StringIO() 43 | 44 | boilerplate.args = Args() 45 | ret = boilerplate.main() 46 | 47 | output = sorted(sys.stdout.getvalue().split()) 48 | 49 | sys.stdout = old_stdout 50 | 51 | self.assertEquals( 52 | output, ['././fail.go', '././fail.py']) 53 | -------------------------------------------------------------------------------- /hack/boilerplate/test/fail.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2014 The Kubernetes Authors. 3 | 4 | fail 5 | 6 | Licensed under the Apache License, Version 2.0 (the "License"); 7 | you may not use this file except in compliance with the License. 8 | You may obtain a copy of the License at 9 | 10 | http://www.apache.org/licenses/LICENSE-2.0 11 | 12 | Unless required by applicable law or agreed to in writing, software 13 | distributed under the License is distributed on an "AS IS" BASIS, 14 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | See the License for the specific language governing permissions and 16 | limitations under the License. 17 | */ 18 | 19 | // Package test contains test boilerplate. 20 | package test 21 | -------------------------------------------------------------------------------- /hack/boilerplate/test/fail.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | # Copyright 2015 The Kubernetes Authors. 4 | # 5 | # failed 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | -------------------------------------------------------------------------------- /hack/boilerplate/test/pass.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2014 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package test 18 | -------------------------------------------------------------------------------- /hack/boilerplate/test/pass.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | # Copyright 2015 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | True 18 | -------------------------------------------------------------------------------- /hack/ccm/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1.5 2 | 3 | # Copyright 2022 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | # Build IBM cloud controller manager binary 18 | ARG golang_image 19 | FROM --platform=$BUILDPLATFORM ${golang_image} AS ccm-builder 20 | ARG TARGETARCH 21 | ARG POWERVS_CLOUD_CONTROLLER_COMMIT 22 | WORKDIR /build 23 | RUN git clone https://github.com/openshift/cloud-provider-powervs 24 | RUN cd cloud-provider-powervs && git checkout $POWERVS_CLOUD_CONTROLLER_COMMIT && CGO_ENABLED=0 GOARCH=$TARGETARCH go build \ 25 | -ldflags "-s -w" -o /build/ibm-cloud-controller-manager . 26 | 27 | # Assemble the final image 28 | FROM --platform=$TARGETPLATFORM quay.io/centos/centos:stream8 AS centos-base 29 | LABEL description="IBM PowerVS Cloud Controller Manager" 30 | COPY --from=ccm-builder /build/ibm-cloud-controller-manager /bin/ibm-cloud-controller-manager 31 | ENTRYPOINT [ "/bin/ibm-cloud-controller-manager" ] 32 | -------------------------------------------------------------------------------- /hack/ccm/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright 2022 The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # Go 16 | GO_VERSION ?=1.23.9 17 | GO_CONTAINER_IMAGE ?= golang:$(GO_VERSION) 18 | 19 | REGISTRY=gcr.io/k8s-staging-capi-ibmcloud 20 | IMG=powervs-cloud-controller-manager 21 | 22 | # POWERVS_CLOUD_CONTROLLER_COMMIT can be fetched from here https://github.com/openshift/cloud-provider-powervs/commits/main 23 | POWERVS_CLOUD_CONTROLLER_COMMIT?=ef83f3f 24 | TAG?=$(POWERVS_CLOUD_CONTROLLER_COMMIT) 25 | 26 | build-image: init-buildx gcloud-auth 27 | { \ 28 | set -e ; \ 29 | docker buildx build \ 30 | --platform=linux/amd64,linux/ppc64le --pull \ 31 | --build-arg golang_image=$(GO_CONTAINER_IMAGE) \ 32 | --build-arg POWERVS_CLOUD_CONTROLLER_COMMIT=$(POWERVS_CLOUD_CONTROLLER_COMMIT) \ 33 | -t $(REGISTRY)/$(IMG):$(TAG) . --push --target centos-base; \ 34 | } 35 | 36 | init-buildx: 37 | # Ensure we use a builder that can leverage it (the default on linux will not) 38 | -docker buildx rm multiarch-multiplatform-builder 39 | docker buildx create --use --name=multiarch-multiplatform-builder 40 | docker run --rm --privileged multiarch/qemu-user-static --reset --credential yes --persistent yes 41 | 42 | gcloud-auth: 43 | # Register gcloud as a Docker credential helper. 44 | # Required for "docker buildx build --push". 45 | gcloud auth configure-docker --quiet 46 | 47 | build-local: init-buildx 48 | { \ 49 | set -e ; \ 50 | docker buildx build \ 51 | --platform=linux/$(ARCH) --pull \ 52 | --build-arg golang_image=$(GO_CONTAINER_IMAGE) \ 53 | --build-arg POWERVS_CLOUD_CONTROLLER_COMMIT=$(POWERVS_CLOUD_CONTROLLER_COMMIT) \ 54 | -t $(REGISTRY)/$(IMG)-$(ARCH):$(TAG) . --output=type=docker --target centos-base; \ 55 | } 56 | -------------------------------------------------------------------------------- /hack/ccm/cloudbuild.yaml: -------------------------------------------------------------------------------- 1 | # See https://cloud.google.com/cloud-build/docs/build-config 2 | timeout: 3000s 3 | options: 4 | substitution_option: ALLOW_LOOSE 5 | machineType: 'E2_HIGHCPU_8' 6 | steps: 7 | - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20241111-71c32dbdcc' 8 | dir: 'hack/ccm' 9 | entrypoint: make 10 | env: 11 | - PULL_BASE_REF=${_PULL_BASE_REF} 12 | - HOME=/root 13 | - DOCKER_BUILDKIT=1 14 | args: 15 | - build-image 16 | substitutions: 17 | # _GIT_TAG will be filled with a git-based tag for the image, of the form vYYYYMMDD-hash, and 18 | # can be used as a substitution 19 | _GIT_TAG: '12345' 20 | _PULL_BASE_REF: 'dev' 21 | -------------------------------------------------------------------------------- /hack/ensure-go.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | # Ensure the go tool exists and is a viable version. 22 | verify_go_version() { 23 | if [[ -z "$(command -v go)" ]]; then 24 | cat <&1 >/dev/null; then 26 | echo "buildx not available. Ensure buildx is installed and Docker version >= 19.03 is installed with experimental features enabled." 27 | exit 1 28 | fi 29 | 30 | # We can skip setup if the current builder already has multi-arch 31 | # AND if it isn't the docker driver, which doesn't work 32 | current_builder="$(docker buildx inspect)" 33 | # linux/amd64, linux/arm64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6 34 | if ! grep -q "^Driver:[[:space:]]*docker$" <<<"${current_builder}" && \ 35 | grep -q "linux/amd64" <<<"${current_builder}" && \ 36 | grep -q "linux/arm64" <<<"${current_builder}" && \ 37 | grep -q "linux/ppc64le" <<<"${current_builder}"; then 38 | exit 0 39 | fi 40 | 41 | # Ensure qemu is in binfmt_misc 42 | # Docker desktop already has these in versions recent enough to have buildx 43 | # We only need to do this setup on linux hosts 44 | if [ "$(uname)" == 'Linux' ]; then 45 | # NOTE: this is pinned to a digest for a reason! 46 | docker run --rm --privileged tonistiigi/binfmt:qemu-v7.0.0-28@sha256:66e11bea77a5ea9d6f0fe79b57cd2b189b5d15b93a2bdb925be22949232e4e55 --install all 47 | fi 48 | 49 | # Ensure we use a builder that can leverage it (the default on linux will not) 50 | docker buildx rm capibm >/dev/null 2>&1 || true 51 | docker buildx create --use --name=capibm 52 | -------------------------------------------------------------------------------- /hack/kind-network-fix.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2023 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | docker network create \ 22 | --ipv6 \ 23 | --subnet=fc00:f853:ccd:e793::/64 \ 24 | --opt com.docker.network.driver.mtu=1480 \ 25 | --opt com.docker.network.bridge.enable_ip_masquerade=true \ 26 | kind 27 | -------------------------------------------------------------------------------- /hack/tools/.gitignore: -------------------------------------------------------------------------------- 1 | bin 2 | share 3 | -------------------------------------------------------------------------------- /hack/tools/tools.go: -------------------------------------------------------------------------------- 1 | //go:build capibmtools 2 | // +build capibmtools 3 | 4 | /* 5 | Copyright 2019 The Kubernetes Authors. 6 | 7 | Licensed under the Apache License, Version 2.0 (the "License"); 8 | you may not use this file except in compliance with the License. 9 | You may obtain a copy of the License at 10 | 11 | http://www.apache.org/licenses/LICENSE-2.0 12 | 13 | Unless required by applicable law or agreed to in writing, software 14 | distributed under the License is distributed on an "AS IS" BASIS, 15 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | See the License for the specific language governing permissions and 17 | limitations under the License. 18 | */ 19 | 20 | // This package imports things required by build scripts, to force `go mod` to see them as dependencies 21 | package tools 22 | 23 | import ( 24 | _ "github.com/drone/envsubst/v2/cmd/envsubst" 25 | _ "github.com/golangci/golangci-lint/cmd/golangci-lint" 26 | _ "github.com/itchyny/gojq/cmd/gojq" 27 | _ "github.com/joelanford/go-apidiff" 28 | _ "github.com/onsi/ginkgo/v2/ginkgo" 29 | _ "go.uber.org/mock/mockgen" 30 | _ "golang.org/x/vuln/cmd/govulncheck" 31 | _ "gotest.tools/gotestsum" 32 | _ "k8s.io/code-generator/cmd/conversion-gen" 33 | _ "k8s.io/release/cmd/release-notes" 34 | _ "sigs.k8s.io/cluster-api/hack/tools/conversion-verifier" 35 | _ "sigs.k8s.io/cluster-api/hack/tools/mdbook/embed" 36 | _ "sigs.k8s.io/cluster-api/hack/tools/mdbook/releaselink" 37 | _ "sigs.k8s.io/controller-runtime/tools/setup-envtest" 38 | _ "sigs.k8s.io/controller-tools/cmd/controller-gen" 39 | _ "sigs.k8s.io/kustomize/kustomize/v5" 40 | ) 41 | -------------------------------------------------------------------------------- /hack/utils.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2019 The Kubernetes Authors. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # get_root_path returns the root path of the project source tree 17 | get_root_path() { 18 | git rev-parse --show-toplevel 19 | } 20 | 21 | # cd_root_path cds to the root path of the project source tree 22 | cd_root_path() { 23 | cd "$(get_root_path)" || exit 24 | } 25 | 26 | # get_capd_root_path returns the root path of CAPD source tree 27 | get_capd_root_path() { 28 | echo "$(get_root_path)"/test/infrastructure/docker 29 | } 30 | 31 | # cd_capd_root_path cds to the root path of the CAPD source tree 32 | cd_capd_root_path() { 33 | cd "$(get_capd_root_path)" || exit 34 | } 35 | -------------------------------------------------------------------------------- /hack/verify-boilerplate.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2014 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | 23 | boilerDir="${KUBE_ROOT}/hack/boilerplate" 24 | boiler="${boilerDir}/boilerplate.py" 25 | 26 | files_need_boilerplate=() 27 | while IFS=$'\n' read -r line; do 28 | files_need_boilerplate+=( "$line" ) 29 | done < <("${boiler}" "$@") 30 | 31 | # Run boilerplate check 32 | if [[ ${#files_need_boilerplate[@]} -gt 0 ]]; then 33 | for file in "${files_need_boilerplate[@]}"; do 34 | echo "Boilerplate header is wrong for: ${file}" >&2 35 | done 36 | 37 | exit 1 38 | fi 39 | -------------------------------------------------------------------------------- /hack/verify-container-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2023 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | if [[ "${TRACE-0}" == "1" ]]; then 22 | set -o xtrace 23 | fi 24 | 25 | VERSION=${1} 26 | GO_ARCH="$(go env GOARCH)" 27 | 28 | REPO_ROOT=$(git rev-parse --show-toplevel) 29 | "${REPO_ROOT}/hack/ensure-trivy.sh" "${VERSION}" 30 | 31 | TRIVY="${REPO_ROOT}/hack/tools/bin/trivy/${VERSION}/trivy" 32 | 33 | # Builds all the container images to be scanned and cleans up changes to ./*manager_image_patch.yaml ./*manager_pull_policy.yaml. 34 | make REGISTRY=gcr.io/k8s-staging-capi-ibmcloud PULL_POLICY=IfNotPresent TAG=dev OUTPUT_TYPE=type=docker docker-build 35 | make clean-release-git 36 | 37 | make -C hack/ccm ARCH="${GO_ARCH}" TAG=dev build-local 38 | 39 | # Scan the images 40 | "${TRIVY}" image -q --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL gcr.io/k8s-staging-capi-ibmcloud/cluster-api-ibmcloud-controller-"${GO_ARCH}":dev && R1=$? || R1=$? 41 | "${TRIVY}" image -q --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL gcr.io/k8s-staging-capi-ibmcloud/powervs-cloud-controller-manager-"${GO_ARCH}":dev && R2=$? || R2=$? 42 | 43 | echo "" 44 | BRed='\033[1;31m' 45 | BGreen='\033[1;32m' 46 | NC='\033[0m' # No 47 | 48 | if [ "$R1" -ne "0" ] || [ "$R2" -ne "0" ] 49 | then 50 | echo -e "${BRed}Check container images failed! There are vulnerabilities to be fixed${NC}" 51 | exit 1 52 | fi 53 | 54 | echo -e "${BGreen}Check container images passed! No vulnerability found${NC}" 55 | -------------------------------------------------------------------------------- /internal/webhooks/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2025 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package webhooks contains external webhook implementations for some of our API types. 18 | package webhooks 19 | -------------------------------------------------------------------------------- /internal/webhooks/ibmvpcmachinetemplate_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package webhooks 18 | 19 | import ( 20 | "context" 21 | "testing" 22 | 23 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 24 | 25 | infrav1beta2 "sigs.k8s.io/cluster-api-provider-ibmcloud/api/v1beta2" 26 | 27 | . "github.com/onsi/gomega" 28 | ) 29 | 30 | func TestVPCMachineTemplate_default(t *testing.T) { 31 | g := NewWithT(t) 32 | vpcMachineTemplate := &infrav1beta2.IBMVPCMachineTemplate{ObjectMeta: metav1.ObjectMeta{Name: "capi-machine-template", Namespace: "default"}} 33 | g.Expect((&IBMVPCMachineTemplate{}).Default(context.Background(), vpcMachineTemplate)).ToNot(HaveOccurred()) 34 | g.Expect(vpcMachineTemplate.Spec.Template.Spec.Profile).To(BeEquivalentTo("bx2-2x8")) 35 | } 36 | -------------------------------------------------------------------------------- /internal/webhooks/util.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package webhooks 18 | 19 | import ( 20 | apierrors "k8s.io/apimachinery/pkg/api/errors" 21 | "k8s.io/apimachinery/pkg/runtime/schema" 22 | "k8s.io/apimachinery/pkg/util/validation/field" 23 | ) 24 | 25 | // aggregateObjErrors aggregates a list of field errors into a single Invalid API error. 26 | func aggregateObjErrors(gk schema.GroupKind, name string, allErrs field.ErrorList) error { 27 | if len(allErrs) == 0 { 28 | return nil 29 | } 30 | 31 | return apierrors.NewInvalid( 32 | gk, 33 | name, 34 | allErrs, 35 | ) 36 | } 37 | -------------------------------------------------------------------------------- /metadata.yaml: -------------------------------------------------------------------------------- 1 | # maps release series of major.minor to cluster-api contract version 2 | # the contract version may change between minor or major versions, but *not* 3 | # between patch versions. 4 | # 5 | # update this file only when a new major or minor version is released 6 | apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 7 | releaseSeries: 8 | - major: 0 9 | minor: 2 10 | contract: v1beta1 11 | - major: 0 12 | minor: 3 13 | contract: v1beta1 14 | - major: 0 15 | minor: 4 16 | contract: v1beta1 17 | - major: 0 18 | minor: 5 19 | contract: v1beta1 20 | - major: 0 21 | minor: 6 22 | contract: v1beta1 23 | - major: 0 24 | minor: 7 25 | contract: v1beta1 26 | - major: 0 27 | minor: 8 28 | contract: v1beta1 29 | - major: 0 30 | minor: 9 31 | contract: v1beta1 32 | - major: 0 33 | minor: 10 34 | contract: v1beta1 35 | - major: 0 36 | minor: 11 37 | contract: v1beta1 38 | - major: 0 39 | minor: 12 40 | contract: v1beta1 41 | -------------------------------------------------------------------------------- /netlify.toml: -------------------------------------------------------------------------------- 1 | # Netlify build instructions 2 | [build] 3 | command = "make -C docs/book build" 4 | publish = "docs/book/book" 5 | 6 | [build.environment] 7 | GO_VERSION = "1.23.9" 8 | 9 | # Standard Netlify redirects 10 | [[redirects]] 11 | from = "https://main--kubernetes-sigs-cluster-api-ibmcloud.netlify.com/*" 12 | to = "https://main.cluster-api-ibmcloud.sigs.k8s.io/:splat" 13 | status = 301 14 | force = true 15 | 16 | # HTTP-to-HTTPS rules 17 | [[redirects]] 18 | from = "http://main.cluster-api-ibmcloud.sigs.k8s.io/*" 19 | to = "https://main.cluster-api-ibmcloud.sigs.k8s.io/:splat" 20 | status = 301 21 | force = true 22 | 23 | [[redirects]] 24 | from = "http://main--kubernetes-sigs-cluster-api-ibmcloud.netlify.com/*" 25 | to = "http://main.cluster-api-ibmcloud.sigs.k8s.io/:splat" 26 | status = 301 27 | force = true 28 | -------------------------------------------------------------------------------- /pkg/cloud/services/authenticator/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package authenticator implements authenticator code. 18 | package authenticator 19 | -------------------------------------------------------------------------------- /pkg/cloud/services/cos/cos.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package cos 18 | 19 | import ( 20 | "github.com/IBM/ibm-cos-sdk-go/aws" 21 | "github.com/IBM/ibm-cos-sdk-go/aws/request" 22 | "github.com/IBM/ibm-cos-sdk-go/service/s3" 23 | ) 24 | 25 | //go:generate ../../../../hack/tools/bin/mockgen -source=./cos.go -destination=./mock/cos_generated.go -package=mock 26 | //go:generate /usr/bin/env bash -c "cat ../../../../hack/boilerplate/boilerplate.generatego.txt ./mock/cos_generated.go > ./mock/_cos_generated.go && mv ./mock/_cos_generated.go ./mock/cos_generated.go" 27 | 28 | // Cos interface defines a method that a IBMCLOUD service object should implement in order to 29 | // use the cos package for listing resource instances. 30 | type Cos interface { 31 | GetBucketByName(name string) (*s3.HeadBucketOutput, error) 32 | CreateBucket(input *s3.CreateBucketInput) (*s3.CreateBucketOutput, error) 33 | CreateBucketWithContext(ctx aws.Context, input *s3.CreateBucketInput, opts ...request.Option) (*s3.CreateBucketOutput, error) 34 | PutObject(*s3.PutObjectInput) (*s3.PutObjectOutput, error) 35 | GetObjectRequest(*s3.GetObjectInput) (*request.Request, *s3.GetObjectOutput) 36 | ListObjects(input *s3.ListObjectsInput) (*s3.ListObjectsOutput, error) 37 | DeleteObject(input *s3.DeleteObjectInput) (*s3.DeleteObjectOutput, error) 38 | PutPublicAccessBlock(input *s3.PutPublicAccessBlockInput) (*s3.PutPublicAccessBlockOutput, error) 39 | } 40 | -------------------------------------------------------------------------------- /pkg/cloud/services/cos/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package cos implements cos code. 18 | package cos 19 | -------------------------------------------------------------------------------- /pkg/cloud/services/globaltagging/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2024 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package globaltagging implements globaltagging code. 18 | // Manage tags for cloud resources using Global Tagging APIs. 19 | package globaltagging 20 | -------------------------------------------------------------------------------- /pkg/cloud/services/globaltagging/globaltagging.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2024 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package globaltagging 18 | 19 | import ( 20 | "github.com/IBM/go-sdk-core/v5/core" 21 | "github.com/IBM/platform-services-go-sdk/globaltaggingv1" 22 | ) 23 | 24 | //go:generate ../../../../hack/tools/bin/mockgen -source=./globaltagging.go -destination=./mock/globaltagging_generated.go -package=mock 25 | //go:generate /usr/bin/env bash -c "cat ../../../../hack/boilerplate/boilerplate.generatego.txt ./mock/globaltagging_generated.go > ./mock/_globaltagging_generated.go && mv ./mock/_globaltagging_generated.go ./mock/globaltagging_generated.go" 26 | 27 | // GlobalTagging interface defines a method that a IBMCLOUD service object should implement in order to 28 | // use the manage tags with the Global Tagging APIs. 29 | type GlobalTagging interface { 30 | CreateTag(*globaltaggingv1.CreateTagOptions) (*globaltaggingv1.CreateTagResults, *core.DetailedResponse, error) 31 | AttachTag(*globaltaggingv1.AttachTagOptions) (*globaltaggingv1.TagResults, *core.DetailedResponse, error) 32 | GetTagByName(string) (*globaltaggingv1.Tag, error) 33 | } 34 | -------------------------------------------------------------------------------- /pkg/cloud/services/powervs/caching.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package powervs 18 | 19 | import ( 20 | "time" 21 | 22 | "k8s.io/client-go/tools/cache" 23 | ) 24 | 25 | // CacheTTL is duration of time to store the vm ip in cache 26 | // Currently the default sync period is 10 minutes that means every 10 minutes 27 | // there will be a reconciliation, So setting cache timeout to 20 minutes so the cache updates will happen 28 | // once in 2 reconciliations. 29 | const CacheTTL = time.Duration(20) * time.Minute 30 | 31 | // VMip holds the vm name and corresponding dhcp ip used to cache the dhcp ip. 32 | type VMip struct { 33 | Name string 34 | IP string 35 | } 36 | 37 | // CacheKeyFunc defines the key function required in TTLStore. 38 | func CacheKeyFunc(obj interface{}) (string, error) { 39 | return obj.(VMip).Name, nil 40 | } 41 | 42 | // InitialiseDHCPCacheStore returns a new cache store. 43 | func InitialiseDHCPCacheStore() cache.Store { 44 | return cache.NewTTLStore(CacheKeyFunc, CacheTTL) 45 | } 46 | -------------------------------------------------------------------------------- /pkg/cloud/services/powervs/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package powervs implements powervs code. 18 | package powervs 19 | -------------------------------------------------------------------------------- /pkg/cloud/services/resourcecontroller/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package resourcecontroller implements resourcecontroller code. 18 | package resourcecontroller 19 | -------------------------------------------------------------------------------- /pkg/cloud/services/resourcemanager/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2024 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package resourcemanager implements resourcemanager code. 18 | // Manage lifecycle of cloud resource groups using Resource Manager APIs. 19 | package resourcemanager 20 | -------------------------------------------------------------------------------- /pkg/cloud/services/resourcemanager/resourcemanager.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2024 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package resourcemanager 18 | 19 | import ( 20 | "github.com/IBM/go-sdk-core/v5/core" 21 | "github.com/IBM/platform-services-go-sdk/resourcemanagerv2" 22 | ) 23 | 24 | //go:generate ../../../../hack/tools/bin/mockgen -source=./resourcemanager.go -destination=./mock/resourcemanager_generated.go -package=mock 25 | //go:generate /usr/bin/env bash -c "cat ../../../../hack/boilerplate/boilerplate.generatego.txt ./mock/resourcemanager_generated.go > ./mock/_resourcemanager_generated.go && mv ./mock/_resourcemanager_generated.go ./mock/resourcemanager_generated.go" 26 | 27 | // ResourceManager interface defines a method that a IBMCLOUD service object should implement in order to 28 | // use the manage lifecycle of cloud resource groups using Resource Manager APIs. 29 | type ResourceManager interface { 30 | GetResourceGroup(*resourcemanagerv2.GetResourceGroupOptions) (*resourcemanagerv2.ResourceGroup, *core.DetailedResponse, error) 31 | ListResourceGroups(*resourcemanagerv2.ListResourceGroupsOptions) (*resourcemanagerv2.ResourceGroupList, *core.DetailedResponse, error) 32 | 33 | GetResourceGroupByName(string) (*resourcemanagerv2.ResourceGroup, error) 34 | } 35 | -------------------------------------------------------------------------------- /pkg/cloud/services/transitgateway/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package transitgateway implements transitgateway code. 18 | package transitgateway 19 | -------------------------------------------------------------------------------- /pkg/cloud/services/utils/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package utils implements utils code. 18 | package utils 19 | -------------------------------------------------------------------------------- /pkg/cloud/services/utils/paging.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2023 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package utils 18 | 19 | import ( 20 | "fmt" 21 | "net/url" 22 | ) 23 | 24 | // getStartToken parses the given url string and gets the 'start' query param. 25 | func getStartToken(nextURLS string) (string, error) { 26 | nextURL, err := url.Parse(nextURLS) 27 | if err != nil || nextURL == nil { 28 | return "", fmt.Errorf("could not parse next url for getting next resources: %w", err) 29 | } 30 | 31 | start := nextURL.Query().Get("start") 32 | return start, nil 33 | } 34 | 35 | // PagingHelper while listing resources, can use this to get the start token for getting the next set of resources for processing 36 | // start token will get fetched from nextURL returned by f and passed to the func f. 37 | // f should take start as param and return three values isDone bool, nextURL string, e error. 38 | // isDone - represents no need to iterate for getting next set of resources. 39 | // nextURL - if nextURL is present, will try to get the start token and pass it to f for next set of resource processing. 40 | // e - if e is not nil, will break and return the error. 41 | func PagingHelper(f func(string) (bool, string, error)) error { 42 | start := "" 43 | var err error 44 | for { 45 | isDone, nextURL, e := f(start) 46 | 47 | if e != nil { 48 | err = e 49 | break 50 | } 51 | 52 | if isDone { 53 | break 54 | } 55 | 56 | // for paging over next set of resources getting the start token 57 | if nextURL != "" { 58 | start, err = getStartToken(nextURL) 59 | if err != nil { 60 | break 61 | } 62 | } else { 63 | break 64 | } 65 | } 66 | 67 | return err 68 | } 69 | -------------------------------------------------------------------------------- /pkg/cloud/services/vpc/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package vpc implements VPC code. 18 | package vpc 19 | -------------------------------------------------------------------------------- /pkg/endpoints/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package endpoints implements endpoints code. 18 | package endpoints 19 | -------------------------------------------------------------------------------- /pkg/ignition/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2024 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package ignition implements ignition code. 18 | package ignition 19 | -------------------------------------------------------------------------------- /pkg/options/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package options implements options code. 18 | package options 19 | -------------------------------------------------------------------------------- /pkg/options/options.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package options 18 | 19 | // ProviderIDFormatType enum attribute to identify Power VS or VPC ProviderID format. 20 | type ProviderIDFormatType string 21 | 22 | const ( 23 | // ProviderIDFormatV2 will set provider id to machine as follows 24 | // For VPC machines: ibm:////// 25 | // For Power VS machines: ibmpowervs:///// 26 | ProviderIDFormatV2 ProviderIDFormatType = "v2" 27 | ) 28 | 29 | var ( 30 | // PowerVSProviderIDFormat is used to identify the Provider ID format for Power VS Machine. 31 | // Deprecated: Instead use ProviderIDFormat. 32 | PowerVSProviderIDFormat string 33 | // ProviderIDFormat is used to identify the Provider ID format for Machine. 34 | ProviderIDFormat string 35 | ) 36 | -------------------------------------------------------------------------------- /pkg/record/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package record implements record framework code. 18 | package record 19 | -------------------------------------------------------------------------------- /scripts/ci-apidiff.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2022 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | # shellcheck source=../hack/ensure-go.sh 23 | source "${REPO_ROOT}/hack/ensure-go.sh" 24 | 25 | cd "${REPO_ROOT}" && APIDIFF_OLD_COMMIT="${PULL_BASE_SHA}" make apidiff 26 | -------------------------------------------------------------------------------- /scripts/ci-build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2018 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | # shellcheck source=../hack/ensure-go.sh 23 | source "${REPO_ROOT}/hack/ensure-go.sh" 24 | 25 | cd "${REPO_ROOT}" && make manager -------------------------------------------------------------------------------- /scripts/ci-make.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2018 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | OUTPUT_TYPE=${OUTPUT_TYPE:-"type=docker"} 22 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 23 | # shellcheck source=../hack/ensure-go.sh 24 | source "${REPO_ROOT}/hack/ensure-go.sh" 25 | 26 | cd "${REPO_ROOT}" && make docker-build OUTPUT_TYPE=${OUTPUT_TYPE} 27 | -------------------------------------------------------------------------------- /scripts/ci-smoke-test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2022 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | # shellcheck source=../hack/ensure-go.sh 23 | source "${REPO_ROOT}/hack/ensure-go.sh" 24 | 25 | echo "**** Running basic checks by deploying the required CAPI providers on a kind cluster ***" 26 | cd "${REPO_ROOT}" && make test-sanity 27 | -------------------------------------------------------------------------------- /scripts/ci-test-coverage.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2022 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | # shellcheck source=../hack/ensure-go.sh 23 | source "${REPO_ROOT}/hack/ensure-go.sh" 24 | 25 | cd "${REPO_ROOT}" && \ 26 | make test-cover 27 | -------------------------------------------------------------------------------- /scripts/ci-test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2018 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | # shellcheck source=../hack/ensure-go.sh 23 | source "${REPO_ROOT}/hack/ensure-go.sh" 24 | 25 | make generate lint test 26 | -------------------------------------------------------------------------------- /scripts/ci-verify.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2021 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | set -o errexit 18 | set -o nounset 19 | set -o pipefail 20 | 21 | REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. 22 | cd "${REPO_ROOT}" || exit 1 23 | 24 | echo "*** Verifying Cluster API ***" 25 | make verify 26 | -------------------------------------------------------------------------------- /scripts/go_install.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2020 The Kubernetes Authors. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | set -o errexit 17 | set -o nounset 18 | set -o pipefail 19 | 20 | if [ -z "${1}" ]; then 21 | echo "must provide module as first parameter" 22 | exit 1 23 | fi 24 | 25 | if [ -z "${2}" ]; then 26 | echo "must provide binary name as second parameter" 27 | exit 1 28 | fi 29 | 30 | if [ -z "${3}" ]; then 31 | echo "must provide version as third parameter" 32 | exit 1 33 | fi 34 | 35 | if [ -z "${GOBIN}" ]; then 36 | echo "GOBIN is not set. Must set GOBIN to install the bin in a specified directory." 37 | exit 1 38 | fi 39 | 40 | rm "${GOBIN}/${2}"* 2> /dev/null || true 41 | 42 | # install the golang module specified as the first argument 43 | go install -tags capibmtools "${1}@${3}" 44 | mv "${GOBIN}/${2}" "${GOBIN}/${2}-${3}" 45 | ln -sf "${GOBIN}/${2}-${3}" "${GOBIN}/${2}" 46 | -------------------------------------------------------------------------------- /templates/README.md: -------------------------------------------------------------------------------- 1 | Render the template via clusterctl 2 | ================================== 3 | 4 | > **Note:** 5 | > Set `EXP_CLUSTER_RESOURCE_SET` to `true` as the cluster will be deployed with external cloud provider for both VPC and PowerVS, which will create the resources to run the cloud controller manager. 6 | 7 | ## VPC 8 | 9 | ``` 10 | IBMVPC_REGION=us-south-1 \ 11 | IBMVPC_ZONE=us-south-1 \ 12 | IBMVPC_RESOURCEGROUP=4f15679623607b855b1a27a67f20e1c7 \ 13 | IBMVPC_NAME=ibm-vpc-1 \ 14 | IBMVPC_IMAGE_NAME=capibm-vpc-ubuntu-2004-kube-v1-25-2 \ 15 | IBMVPC_PROFILE=bx2-4x16 \ 16 | IBMVPC_SSHKEY_NAME=capi-vpc-key \ 17 | clusterctl generate cluster ibm-vpc-1 --kubernetes-version v1.14.3 \ 18 | --target-namespace default \ 19 | --control-plane-machine-count=1 \ 20 | --worker-machine-count=2 \ 21 | --from ./cluster-template.yaml 22 | ``` 23 | 24 | ## Power VS 25 | 26 | ``` 27 | IBMPOWERVS_SSHKEY_NAME="my-pub-key" \ 28 | IBMPOWERVS_VIP="192.168.167.6" \ 29 | IBMPOWERVS_VIP_EXTERNAL="163.68.65.6" \ 30 | IBMPOWERVS_VIP_CIDR="29" \ 31 | IBMPOWERVS_IMAGE_NAME="capibm-powervs-centos-streams8-1-26-2" \ 32 | IBMPOWERVS_SERVICE_INSTANCE_ID="3229a94c-af54-4212-bf60-6202b6fd0a07" \ 33 | IBMPOWERVS_NETWORK_NAME="capi-test" \ 34 | IBMACCOUNT_ID="ibm-accountid" \ 35 | IBMPOWERVS_REGION="osa" \ 36 | IBMPOWERVS_ZONE="osa21" \ 37 | BASE64_API_KEY=$(echo -n $IBMCLOUD_API_KEY | base64) \ 38 | clusterctl generate cluster ibm-powervs-1 --kubernetes-version v1.26.2 \ 39 | --target-namespace default \ 40 | --control-plane-machine-count=3 \ 41 | --worker-machine-count=1 \ 42 | --from ./cluster-template-powervs.yaml 43 | ``` 44 | 45 | ### Additional parameters for modifying PowerVS Control-Plane spec 46 | ``` 47 | IBMPOWERVS_CONTROL_PLANE_MEMORY 48 | IBMPOWERVS_CONTROL_PLANE_PROCESSORS 49 | IBMPOWERVS_CONTROL_PLANE_SYSTYPE 50 | IBMPOWERVS_CONTROL_PLANE_PROCTYPE 51 | ``` 52 | 53 | ### Additional parameters for modifying PowerVS Compute node spec 54 | ``` 55 | IBMPOWERVS_COMPUTE_MEMORY 56 | IBMPOWERVS_COMPUTE_PROCESSORS 57 | IBMPOWERVS_COMPUTE_SYSTYPE 58 | IBMPOWERVS_COMPUTE_PROCTYPE 59 | ``` 60 | 61 | ### Additional parameters for modifying PowerVS Cluster API server port 62 | ``` 63 | API_SERVER_PORT 64 | ``` 65 | -------------------------------------------------------------------------------- /templates/bases/powervs/cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: Cluster 3 | metadata: 4 | labels: 5 | cluster.x-k8s.io/cluster-name: "${CLUSTER_NAME}" 6 | name: "${CLUSTER_NAME}" 7 | spec: 8 | clusterNetwork: 9 | pods: 10 | cidrBlocks: 11 | - ${POD_CIDR:="192.168.0.0/16"} 12 | serviceDomain: ${SERVICE_DOMAIN:="cluster.local"} 13 | services: 14 | cidrBlocks: 15 | - ${SERVICE_CIDR:="10.128.0.0/12"} 16 | infrastructureRef: 17 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 18 | kind: IBMPowerVSCluster 19 | name: "${CLUSTER_NAME}" 20 | controlPlaneRef: 21 | apiVersion: controlplane.cluster.x-k8s.io/v1beta1 22 | kind: KubeadmControlPlane 23 | name: "${CLUSTER_NAME}-control-plane" 24 | --- 25 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 26 | kind: IBMPowerVSCluster 27 | metadata: 28 | labels: 29 | cluster.x-k8s.io/cluster-name: "${CLUSTER_NAME}" 30 | name: "${CLUSTER_NAME}" 31 | spec: 32 | serviceInstanceID: "${IBMPOWERVS_SERVICE_INSTANCE_ID}" 33 | network: 34 | name: "${IBMPOWERVS_NETWORK_NAME}" 35 | controlPlaneEndpoint: 36 | host: "${IBMPOWERVS_VIP_EXTERNAL}" 37 | port: ${API_SERVER_PORT:=6443} 38 | -------------------------------------------------------------------------------- /templates/bases/powervs/kubeadm-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 2 | kind: KubeadmConfigTemplate 3 | metadata: 4 | labels: 5 | cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} 6 | name: "${CLUSTER_NAME}-md-0" 7 | spec: 8 | template: 9 | spec: 10 | joinConfiguration: 11 | discovery: 12 | bootstrapToken: 13 | apiServerEndpoint: ${IBMPOWERVS_VIP}:${API_SERVER_PORT:=6443} 14 | token: "" 15 | caCertHashes: [] 16 | unsafeSkipCAVerification: false 17 | nodeRegistration: 18 | criSocket: /var/run/containerd/containerd.sock 19 | kubeletExtraArgs: 20 | cloud-provider: external 21 | eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0% 22 | name: '{{ v1.local_hostname }}' 23 | preKubeadmCommands: 24 | - hostname "{{ v1.local_hostname }}" 25 | - echo "::1 ipv6-localhost ipv6-loopback" >/etc/hosts 26 | - echo "127.0.0.1 localhost" >>/etc/hosts 27 | - echo "127.0.0.1 {{ v1.local_hostname }}" >>/etc/hosts 28 | - echo "{{ v1.local_hostname }}" >/etc/hostname 29 | -------------------------------------------------------------------------------- /templates/bases/powervs/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - cluster.yaml 3 | - kcp.yaml 4 | - md.yaml 5 | - kubeadm-config.yaml 6 | -------------------------------------------------------------------------------- /templates/bases/powervs/md.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: MachineDeployment 3 | metadata: 4 | name: "${CLUSTER_NAME}-md-0" 5 | spec: 6 | clusterName: "${CLUSTER_NAME}" 7 | replicas: ${WORKER_MACHINE_COUNT} 8 | template: 9 | spec: 10 | clusterName: "${CLUSTER_NAME}" 11 | version: "${KUBERNETES_VERSION}" 12 | bootstrap: 13 | configRef: 14 | name: "${CLUSTER_NAME}-md-0" 15 | apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 16 | kind: KubeadmConfigTemplate 17 | infrastructureRef: 18 | name: "${CLUSTER_NAME}-md-0" 19 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 20 | kind: IBMPowerVSMachineTemplate 21 | --- 22 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 23 | kind: IBMPowerVSMachineTemplate 24 | metadata: 25 | name: "${CLUSTER_NAME}-md-0" 26 | spec: 27 | template: 28 | spec: 29 | serviceInstanceID: "${IBMPOWERVS_SERVICE_INSTANCE_ID}" 30 | sshKey: "${IBMPOWERVS_SSHKEY_NAME}" 31 | image: 32 | name: "${IBMPOWERVS_IMAGE_NAME}" 33 | network: 34 | name: "${IBMPOWERVS_NETWORK_NAME}" 35 | memoryGiB: ${IBMPOWERVS_COMPUTE_MEMORY:=4} 36 | processors: ${IBMPOWERVS_COMPUTE_PROCESSORS:="0.25"} 37 | systemType: ${IBMPOWERVS_COMPUTE_SYSTYPE:="s922"} 38 | processorType: ${IBMPOWERVS_COMPUTE_PROCTYPE:="Shared"} 39 | -------------------------------------------------------------------------------- /templates/bases/vpc/cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: Cluster 3 | metadata: 4 | labels: 5 | cluster.x-k8s.io/cluster-name: "${CLUSTER_NAME}" 6 | name: "${CLUSTER_NAME}" 7 | namespace: "${NAMESPACE}" 8 | spec: 9 | clusterNetwork: 10 | pods: 11 | cidrBlocks: 12 | - ${POD_CIDR:="192.168.0.0/16"} 13 | serviceDomain: ${SERVICE_DOMAIN:="cluster.local"} 14 | services: 15 | cidrBlocks: 16 | - ${SERVICE_CIDR:="10.128.0.0/12"} 17 | infrastructureRef: 18 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 19 | kind: IBMVPCCluster 20 | name: "${CLUSTER_NAME}" 21 | namespace: "${NAMESPACE}" 22 | controlPlaneRef: 23 | apiVersion: controlplane.cluster.x-k8s.io/v1beta1 24 | kind: KubeadmControlPlane 25 | name: "${CLUSTER_NAME}-control-plane" 26 | namespace: "${NAMESPACE}" 27 | --- 28 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 29 | kind: IBMVPCCluster 30 | metadata: 31 | labels: 32 | cluster.x-k8s.io/cluster-name: "${CLUSTER_NAME}" 33 | name: "${CLUSTER_NAME}" 34 | spec: 35 | region: "${IBMVPC_REGION}" 36 | zone: "${IBMVPC_ZONE}" 37 | resourceGroup: "${IBMVPC_RESOURCEGROUP}" 38 | vpc: "${IBMVPC_NAME}" 39 | -------------------------------------------------------------------------------- /templates/bases/vpc/kcp.yaml: -------------------------------------------------------------------------------- 1 | kind: KubeadmControlPlane 2 | apiVersion: controlplane.cluster.x-k8s.io/v1beta1 3 | metadata: 4 | name: "${CLUSTER_NAME}-control-plane" 5 | namespace: "${NAMESPACE}" 6 | spec: 7 | version: "${KUBERNETES_VERSION}" 8 | replicas: ${CONTROL_PLANE_MACHINE_COUNT} 9 | machineTemplate: 10 | infrastructureRef: 11 | kind: IBMVPCMachineTemplate 12 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 13 | name: "${CLUSTER_NAME}-control-plane" 14 | namespace: "${NAMESPACE}" 15 | kubeadmConfigSpec: 16 | clusterConfiguration: 17 | kubernetesVersion: ${KUBERNETES_VERSION} 18 | controllerManager: 19 | extraArgs: {enable-hostpath-provisioner: 'true'} 20 | apiServer: 21 | certSANs: [localhost, 127.0.0.1] 22 | dns: {} 23 | etcd: {} 24 | networking: {} 25 | scheduler: {} 26 | initConfiguration: 27 | nodeRegistration: 28 | criSocket: /var/run/containerd/containerd.sock 29 | kubeletExtraArgs: 30 | cloud-provider: external 31 | eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%' 32 | joinConfiguration: 33 | discovery: {} 34 | nodeRegistration: 35 | criSocket: /var/run/containerd/containerd.sock 36 | kubeletExtraArgs: 37 | cloud-provider: external 38 | eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%' 39 | --- 40 | kind: IBMVPCMachineTemplate 41 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 42 | metadata: 43 | name: "${CLUSTER_NAME}-control-plane" 44 | spec: 45 | template: 46 | spec: 47 | image: 48 | name: "${IBMVPC_IMAGE_NAME}" 49 | zone: "${IBMVPC_ZONE}" 50 | profile: "${IBMVPC_PROFILE}" 51 | sshKeys: 52 | - name: "${IBMVPC_SSHKEY_NAME}" 53 | -------------------------------------------------------------------------------- /templates/bases/vpc/kubeadm-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 2 | kind: KubeadmConfigTemplate 3 | metadata: 4 | name: "${CLUSTER_NAME}-md-0" 5 | spec: 6 | template: 7 | spec: 8 | joinConfiguration: 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | cloud-provider: external 12 | eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0% 13 | -------------------------------------------------------------------------------- /templates/bases/vpc/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - cluster.yaml 3 | - kcp.yaml 4 | - md.yaml 5 | - kubeadm-config.yaml 6 | -------------------------------------------------------------------------------- /templates/bases/vpc/md.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: MachineDeployment 3 | metadata: 4 | name: "${CLUSTER_NAME}-md-0" 5 | spec: 6 | clusterName: "${CLUSTER_NAME}" 7 | replicas: ${WORKER_MACHINE_COUNT} 8 | template: 9 | spec: 10 | clusterName: "${CLUSTER_NAME}" 11 | version: "${KUBERNETES_VERSION}" 12 | bootstrap: 13 | configRef: 14 | name: "${CLUSTER_NAME}-md-0" 15 | apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 16 | kind: KubeadmConfigTemplate 17 | infrastructureRef: 18 | name: "${CLUSTER_NAME}-md-0" 19 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 20 | kind: IBMVPCMachineTemplate 21 | --- 22 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 23 | kind: IBMVPCMachineTemplate 24 | metadata: 25 | name: "${CLUSTER_NAME}-md-0" 26 | spec: 27 | template: 28 | spec: 29 | image: 30 | name: "${IBMVPC_IMAGE_NAME}" 31 | zone: "${IBMVPC_ZONE}" 32 | profile: "${IBMVPC_PROFILE}" 33 | sshKeys: 34 | - name: "${IBMVPC_SSHKEY_NAME}" 35 | -------------------------------------------------------------------------------- /templates/cluster-template-powervs-clusterclass/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - cluster-with-kcp.yaml 3 | - md.yaml 4 | - ../addons/crs-powervs.yaml 5 | 6 | sortOptions: 7 | order: fifo 8 | -------------------------------------------------------------------------------- /templates/cluster-template-powervs/cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: Cluster 3 | metadata: 4 | name: "${CLUSTER_NAME}" 5 | labels: 6 | ccm: external 7 | -------------------------------------------------------------------------------- /templates/cluster-template-powervs/kcp.yaml: -------------------------------------------------------------------------------- 1 | kind: KubeadmControlPlane 2 | apiVersion: controlplane.cluster.x-k8s.io/v1beta1 3 | metadata: 4 | name: "${CLUSTER_NAME}-control-plane" 5 | spec: 6 | kubeadmConfigSpec: 7 | clusterConfiguration: 8 | apiServer: 9 | extraArgs: 10 | cloud-provider: external 11 | controllerManager: 12 | extraArgs: 13 | cloud-provider: external 14 | -------------------------------------------------------------------------------- /templates/cluster-template-powervs/kubeadm-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 2 | kind: KubeadmConfigTemplate 3 | metadata: 4 | labels: 5 | cluster.x-k8s.io/control-plane: "" 6 | name: "${CLUSTER_NAME}-md-0" 7 | -------------------------------------------------------------------------------- /templates/cluster-template-powervs/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../bases/powervs 3 | - ../addons/crs-powervs.yaml 4 | 5 | patches: 6 | - path: cluster.yaml 7 | - path: kcp.yaml 8 | - path: kubeadm-config.yaml 9 | 10 | sortOptions: 11 | order: fifo 12 | -------------------------------------------------------------------------------- /templates/cluster-template-vpc-clusterclass/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - cluster-with-kcp.yaml 3 | - md.yaml 4 | - ../addons/crs.yaml 5 | 6 | sortOptions: 7 | order: fifo 8 | -------------------------------------------------------------------------------- /templates/cluster-template-vpc-clusterclass/md.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 2 | kind: KubeadmConfigTemplate 3 | metadata: 4 | name: "${IBMVPC_CLUSTER_CLASS_NAME}-md-0" 5 | spec: 6 | template: 7 | spec: 8 | joinConfiguration: 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | cloud-provider: external 12 | eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0% 13 | --- 14 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 15 | kind: IBMVPCMachineTemplate 16 | metadata: 17 | name: ${IBMVPC_CLUSTER_CLASS_NAME}-control-plane-machinetemplate 18 | spec: 19 | template: 20 | spec: 21 | bootVolume: 22 | sizeGiB: ${IBMVPC_CONTROLPLANE_BOOT_VOLUME_SIZEGIB:=20} 23 | image: 24 | name: ${IBMVPC_IMAGE_NAME} 25 | profile: ${IBMVPC_PROFILE} 26 | sshKeys: 27 | - name: ${IBMVPC_SSHKEY_NAME} 28 | zone: ${IBMVPC_ZONE} 29 | --- 30 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 31 | kind: IBMVPCMachineTemplate 32 | metadata: 33 | name: "${IBMVPC_CLUSTER_CLASS_NAME}-worker-machinetemplate" 34 | spec: 35 | template: 36 | spec: 37 | image: 38 | name: "${IBMVPC_IMAGE_NAME}" 39 | zone: "${IBMVPC_ZONE}" 40 | profile: "${IBMVPC_PROFILE}" 41 | sshKeys: 42 | - name: "${IBMVPC_SSHKEY_NAME}" 43 | bootVolume: 44 | sizeGiB: ${IBMVPC_WORKER_BOOT_VOLUME_SIZEGIB:=20} 45 | -------------------------------------------------------------------------------- /templates/cluster-template/cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: Cluster 3 | metadata: 4 | name: "${CLUSTER_NAME}" 5 | namespace: "${NAMESPACE}" 6 | labels: 7 | ccm: external 8 | -------------------------------------------------------------------------------- /templates/cluster-template/kcp.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: controlplane.cluster.x-k8s.io/v1beta1 2 | kind: KubeadmControlPlane 3 | metadata: 4 | name: "${CLUSTER_NAME}-control-plane" 5 | namespace: "${NAMESPACE}" 6 | spec: 7 | kubeadmConfigSpec: 8 | clusterConfiguration: 9 | controllerManager: 10 | extraArgs: 11 | cloud-provider: external 12 | apiServer: 13 | extraArgs: 14 | cloud-provider: external 15 | -------------------------------------------------------------------------------- /templates/cluster-template/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../bases/vpc 3 | - ../addons/crs.yaml 4 | 5 | patches: 6 | - path: cluster.yaml 7 | - path: vpc-cluster.yaml 8 | - path: kcp.yaml 9 | - path: vpc-cp-machine-template.yaml 10 | - path: md.yaml 11 | 12 | sortOptions: 13 | order: fifo 14 | -------------------------------------------------------------------------------- /templates/cluster-template/md.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 2 | kind: IBMVPCMachineTemplate 3 | metadata: 4 | name: "${CLUSTER_NAME}-md-0" 5 | spec: 6 | template: 7 | spec: 8 | bootVolume: 9 | sizeGiB: ${IBMVPC_WORKER_BOOT_VOLUME_SIZEGIB:=20} 10 | -------------------------------------------------------------------------------- /templates/cluster-template/vpc-cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 2 | kind: IBMVPCCluster 3 | metadata: 4 | name: "${CLUSTER_NAME}" 5 | spec: 6 | controlPlaneLoadBalancer: 7 | name: "${CLUSTER_NAME}-load-balancer" 8 | -------------------------------------------------------------------------------- /templates/cluster-template/vpc-cp-machine-template.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 2 | kind: IBMVPCMachineTemplate 3 | metadata: 4 | name: "${CLUSTER_NAME}-control-plane" 5 | spec: 6 | template: 7 | spec: 8 | bootVolume: 9 | sizeGiB: ${IBMVPC_CONTROLPLANE_BOOT_VOLUME_SIZEGIB:=20} 10 | -------------------------------------------------------------------------------- /test/e2e/data/shared/metadata.yaml: -------------------------------------------------------------------------------- 1 | # maps release series of major.minor to cluster-api contract version 2 | # the contract version may change between minor or major versions, but *not* 3 | # between patch versions. 4 | # 5 | # update this file only when a new major or minor version is released 6 | apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 7 | releaseSeries: 8 | - major: 1 9 | minor: 10 10 | contract: v1beta1 11 | - major: 1 12 | minor: 9 13 | contract: v1beta1 14 | - major: 1 15 | minor: 8 16 | contract: v1beta1 17 | - major: 1 18 | minor: 7 19 | contract: v1beta1 20 | - major: 1 21 | minor: 6 22 | contract: v1beta1 23 | - major: 1 24 | minor: 5 25 | contract: v1beta1 26 | - major: 1 27 | minor: 4 28 | contract: v1beta1 29 | - major: 1 30 | minor: 3 31 | contract: v1beta1 32 | - major: 1 33 | minor: 2 34 | contract: v1beta1 35 | - major: 1 36 | minor: 1 37 | contract: v1beta1 38 | - major: 1 39 | minor: 0 40 | contract: v1beta1 41 | - major: 0 42 | minor: 4 43 | contract: v1alpha4 44 | - major: 0 45 | minor: 3 46 | contract: v1alpha3 47 | - major: 0 48 | minor: 2 49 | contract: v1alpha2 50 | -------------------------------------------------------------------------------- /test/e2e/data/templates/cluster-template-powervs-md-remediation/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../../../../templates/cluster-template-powervs.yaml 5 | patches: 6 | - path: patches/mhc-label.yaml 7 | -------------------------------------------------------------------------------- /test/e2e/data/templates/cluster-template-powervs-md-remediation/mhc-kcp-powervs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: MachineHealthCheck 3 | metadata: 4 | name: "${CLUSTER_NAME}-mhc-kcp" 5 | spec: 6 | clusterName: "${CLUSTER_NAME}" 7 | maxUnhealthy: 100% 8 | nodeStartupTimeout: 0m 9 | selector: 10 | matchLabels: 11 | cluster.x-k8s.io/control-plane: "" 12 | unhealthyConditions: 13 | - type: Ready 14 | status: "False" 15 | timeout: 60s 16 | - type: Ready 17 | status: Unknown 18 | timeout: 60s 19 | -------------------------------------------------------------------------------- /test/e2e/data/templates/cluster-template-powervs-md-remediation/mhc-md-powervs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cluster.x-k8s.io/v1beta1 2 | kind: MachineHealthCheck 3 | metadata: 4 | name: "${CLUSTER_NAME}-mhc-md" 5 | spec: 6 | clusterName: "${CLUSTER_NAME}" 7 | maxUnhealthy: 100% 8 | nodeStartupTimeout: 20m 9 | selector: 10 | matchLabels: 11 | e2e.remediation.label: "" 12 | unhealthyConditions: 13 | - type: Ready 14 | status: "False" 15 | timeout: 60s 16 | - type: Ready 17 | status: Unknown 18 | timeout: 60s 19 | -------------------------------------------------------------------------------- /test/e2e/data/templates/cluster-template-powervs-md-remediation/patches/mhc-label.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cluster.x-k8s.io/v1beta1 3 | kind: MachineDeployment 4 | metadata: 5 | name: "${CLUSTER_NAME}-md-0" 6 | spec: 7 | selector: 8 | matchLabels: 9 | template: 10 | metadata: 11 | labels: 12 | "e2e.remediation.label": "" 13 | -------------------------------------------------------------------------------- /test/e2e/data/templates/cluster-template-vpc/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../../../../templates/cluster-template.yaml 5 | -------------------------------------------------------------------------------- /tilt-provider.yaml: -------------------------------------------------------------------------------- 1 | name: ibmcloud 2 | config: 3 | image: "gcr.io/k8s-staging-capi-ibmcloud/cluster-api-ibmcloud-controller" 4 | live_reload_deps: ["main.go", "go.mod", "go.sum", "api", "cloud", "cmd", "controllers", "pkg"] 5 | label: CAPIBM 6 | -------------------------------------------------------------------------------- /util/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package util implements util code. 18 | package util 19 | -------------------------------------------------------------------------------- /util/util.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2022 The Kubernetes Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package util 18 | 19 | import ( 20 | "fmt" 21 | 22 | regionUtil "github.com/ppc64le-cloud/powervs-utils" 23 | 24 | "k8s.io/utils/ptr" 25 | 26 | "sigs.k8s.io/cluster-api-provider-ibmcloud/pkg/endpoints" 27 | ) 28 | 29 | // GetTransitGatewayLocationAndRouting returns appropriate location and routing suitable for transit gateway. 30 | // routing indicates whether to enable global routing on transit gateway or not. 31 | // returns true when PowerVS and VPC region are not same otherwise false. 32 | func GetTransitGatewayLocationAndRouting(powerVSZone *string, vpcRegion *string) (*string, *bool, error) { 33 | if powerVSZone == nil { 34 | return nil, nil, fmt.Errorf("powervs zone is not set") 35 | } 36 | powerVSRegion := endpoints.ConstructRegionFromZone(*powerVSZone) 37 | 38 | if vpcRegion != nil { 39 | routing := regionUtil.IsGlobalRoutingRequiredForTG(powerVSRegion, *vpcRegion) 40 | return vpcRegion, &routing, nil 41 | } 42 | location, err := regionUtil.VPCRegionForPowerVSRegion(powerVSRegion) 43 | if err != nil { 44 | return nil, nil, fmt.Errorf("failed to fetch vpc region associated with powervs region '%s': %w", powerVSRegion, err) 45 | } 46 | 47 | // since VPC region is not set and used PowerVS region to calculate the transit gateway location, hence returning local routing as default. 48 | return &location, ptr.To(false), nil 49 | } 50 | -------------------------------------------------------------------------------- /versions.mk: -------------------------------------------------------------------------------- 1 | # Copyright 2021 The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | MDBOOK_VERSION := v0.4.40 16 | --------------------------------------------------------------------------------