├── VERSION ├── apiv2 ├── VERSION ├── .trivyignore ├── trivy.yaml ├── .markdownlintignore ├── internal │ ├── pbapi │ │ └── resources │ │ │ ├── status │ │ │ └── v1 │ │ │ │ └── status_constants.pb.go │ │ │ ├── common │ │ │ └── v1 │ │ │ │ └── common_constants.pb.go │ │ │ ├── customconfig │ │ │ └── v1 │ │ │ │ └── customconfig_constants.pb.go │ │ │ ├── localaccount │ │ │ └── v1 │ │ │ │ └── localaccount_constants.pb.go │ │ │ ├── network │ │ │ └── v1 │ │ │ │ └── network_constants.pb.go │ │ │ ├── provider │ │ │ └── v1 │ │ │ │ └── provider_constants.pb.go │ │ │ └── location │ │ │ └── v1 │ │ │ └── location_constants.pb.go │ ├── server │ │ ├── inv_client_test.go │ │ └── server_test.go │ ├── common │ │ └── config_test.go │ └── proxy │ │ └── error.go ├── api │ ├── openapi │ │ ├── client.cfg.yaml │ │ ├── server.cfg.yaml │ │ └── types.cfg.yaml │ └── proto │ │ ├── buf.yaml │ │ ├── resources │ │ ├── status │ │ │ └── v1 │ │ │ │ └── status.proto │ │ ├── common │ │ │ └── v1 │ │ │ │ └── common.proto │ │ └── customconfig │ │ │ └── v1 │ │ │ └── customconfig.proto │ │ └── buf.lock ├── requirements.txt ├── .dockerignore ├── buf.work.yaml ├── .mockery.yaml ├── .gitignore ├── REUSE.toml ├── docs │ └── oapi.md ├── rego │ └── authz.rego ├── buf.gen.yaml └── cmd │ └── protoc-gen-go-const │ └── main.go ├── inventory ├── VERSION ├── python │ └── infra_inventory │ │ ├── __init__.py │ │ ├── buf │ │ └── __init__.py │ │ ├── os │ │ └── __init__.py │ │ ├── ou │ │ ├── __init__.py │ │ └── v1.py │ │ ├── compute │ │ └── __init__.py │ │ ├── errors │ │ ├── __init__.py │ │ ├── buf │ │ │ └── __init__.py │ │ ├── customconfig │ │ │ ├── __init__.py │ │ │ └── v1.py │ │ ├── infrainv.py │ │ ├── ent.py │ │ └── errors.py │ │ ├── location │ │ └── __init__.py │ │ ├── network │ │ └── __init__.py │ │ ├── provider │ │ ├── __init__.py │ │ └── v1.py │ │ ├── schedule │ │ └── __init__.py │ │ ├── status │ │ ├── __init__.py │ │ └── v1.py │ │ ├── tenant │ │ ├── __init__.py │ │ └── v1.py │ │ ├── customconfig │ │ ├── __init__.py │ │ └── v1.py │ │ ├── inventory │ │ └── __init__.py │ │ ├── localaccount │ │ ├── __init__.py │ │ └── v1.py │ │ ├── remoteaccess │ │ └── __init__.py │ │ ├── telemetry │ │ └── __init__.py │ │ ├── infrainv.py │ │ └── ent.py ├── internal │ ├── ent │ │ ├── migrate │ │ │ └── migrations │ │ │ │ ├── 20230600000000_empty.sql │ │ │ │ ├── 20250926132933_add_lvm_size.sql │ │ │ │ ├── 20250605145118_add_osmetadata.sql │ │ │ │ ├── 20250520125803_add_osprof_desc.sql │ │ │ │ ├── 20251103070349_add_tls_ca_cert.sql │ │ │ │ ├── 20250611095255_modify_OS_installed_pkgs_url.sql │ │ │ │ ├── 20251002164125_modify_OSUpdatePolicy.sql │ │ │ │ ├── 20250801172500_modify_OSUpdateRun.sql │ │ │ │ ├── 20250604095136_add_cvefields.sql │ │ │ │ ├── 20250606153212_instance_update.sql │ │ │ │ ├── migrations.go │ │ │ │ ├── 20251127155123_modify_OSUpdateRun_applied_policy_field.sql │ │ │ │ ├── 20251002165719_datamigration_OSUpdatePolicy.sql │ │ │ │ ├── 20250527203300_amt.sql │ │ │ │ ├── 20250611162552_modify_OSResource_name_tenantId_uniqueness.sql │ │ │ │ ├── 20250612071200_add_OSUpdateRun.sql │ │ │ │ └── 20250610144827_add_customconfig.sql │ │ ├── generate.go │ │ ├── runtime.go │ │ ├── runtime │ │ │ └── runtime.go │ │ └── schema │ │ │ ├── network_segment.go │ │ │ ├── workload_member.go │ │ │ ├── endpoint_resource.go │ │ │ ├── local_account_resource.go │ │ │ ├── o_s_update_policy.go │ │ │ ├── ou_resource.go │ │ │ ├── tenant.go │ │ │ ├── region_resource.go │ │ │ ├── custom_config_resource.go │ │ │ ├── hostgpu_resource.go │ │ │ ├── o_s_update_policy_resource.go │ │ │ ├── hoststorage_resource.go │ │ │ ├── hostusb_resource.go │ │ │ ├── provider_resource.go │ │ │ ├── telemetry_group_resource.go │ │ │ ├── o_s_update_run_resource.go │ │ │ ├── netlink_resource.go │ │ │ ├── site_resource.go │ │ │ ├── telemetry_profile.go │ │ │ ├── single_schedule_resource.go │ │ │ ├── workload_resource.go │ │ │ └── repeated_schedule_resource.go │ ├── utils │ │ └── booleans │ │ │ └── booleans.go │ ├── tools │ │ └── tools.go │ ├── store │ │ ├── tenant_transpiler.go │ │ ├── connect_db_test.go │ │ ├── provider_transpiler.go │ │ ├── os_transpiler.go │ │ ├── localaccount_transpiler.go │ │ ├── hostgpu_transpiler.go │ │ ├── hostnic_transpiler.go │ │ ├── hostusb_transpiler.go │ │ ├── endpoint_transpiler.go │ │ ├── networksegment_transpiler.go │ │ ├── ipaddress_transpiler.go │ │ ├── workload_transpiler.go │ │ ├── hoststorage_transpiler.go │ │ ├── customconfig_transpiler.go │ │ ├── osupdatepolicy_transpiler.go │ │ ├── telemetrygroup_transpiler.go │ │ ├── rmtaccessconf_transpiler.go │ │ ├── ou_transpiler.go │ │ ├── netlink_transpiler.go │ │ ├── migration.go │ │ ├── region_transpiler.go │ │ ├── workloadmember_transpiler.go │ │ ├── osupdaterun_transpiler.go │ │ ├── site_transpiler.go │ │ └── validation.go │ └── inventory │ │ └── inventory_test.go ├── trivy.yaml ├── .markdownlintignore ├── pkg │ ├── api │ │ ├── status │ │ │ └── v1 │ │ │ │ └── status_constants.pb.go │ │ ├── tenant │ │ │ └── v1 │ │ │ │ └── tenant_constants.pb.go │ │ ├── localaccount │ │ │ └── v1 │ │ │ │ └── localaccount_constants.pb.go │ │ ├── ou │ │ │ └── v1 │ │ │ │ └── ou_constants.pb.go │ │ ├── customconfig │ │ │ └── v1 │ │ │ │ └── customconfig_constants.pb.go │ │ ├── provider │ │ │ └── v1 │ │ │ │ └── provider_constants.pb.go │ │ ├── remoteaccess │ │ │ └── v1 │ │ │ │ └── remoteaccess_constants.pb.go │ │ ├── telemetry │ │ │ └── v1 │ │ │ │ └── telemetry_constants.pb.go │ │ └── location │ │ │ └── v1 │ │ │ └── location_constants.pb.go │ ├── oam │ │ └── oamserver_test.go │ ├── tracing │ │ └── tracing_test.go │ ├── flags │ │ └── flags.go │ ├── providerconfiguration │ │ └── providerconfiguration.go │ ├── util │ │ ├── function │ │ │ └── function.go │ │ └── paginator │ │ │ └── paginator.go │ ├── cert │ │ └── cert_test.go │ ├── secrets │ │ └── secrets.go │ ├── perf │ │ ├── perf.go │ │ └── perf.md │ ├── status │ │ └── status.go │ ├── testing │ │ └── generators.go │ └── auth │ │ └── auth_test.go ├── rego │ ├── rego.go │ └── authz.rego ├── requirements.txt ├── .trivyignore ├── .gitignore ├── buf.work.yaml ├── api │ ├── buf.lock │ ├── status │ │ └── v1 │ │ │ └── status.proto │ ├── infrainv │ │ └── infrainv.proto │ ├── buf.yaml │ ├── ent │ │ └── opts.proto │ └── errors │ │ └── errors.proto ├── .dockerignore ├── cmd │ ├── protoc-gen-ent-schema-extensions │ │ └── buf.gen.yaml │ ├── protoc-gen-go-filters │ │ └── template.gotmpl │ ├── sqlSchemaWriter │ │ └── main.go │ └── protoc-gen-go-const │ │ └── main.go ├── docs │ ├── protovalidate.md │ ├── mocks.md │ ├── ent.md │ └── protobuf.md ├── REUSE.toml ├── buf.gen.errors.yaml ├── atlas.hcl └── buf.gen.yaml ├── os-profiles ├── VERSION ├── requirements.txt ├── .markdownlintignore ├── REUSE.toml ├── ubuntu-lenovo.yaml ├── ubuntu-24.04-lts.yaml ├── ubuntu-22.04-lts-generic.yaml ├── microvisor-standalone.yaml ├── microvisor-idv.yaml ├── microvisor-nonrt.yaml ├── microvisor-rt.yaml ├── ubuntu-22.04-lts-generic-ext.yaml ├── ubuntu-24.04-lts-generic-ext.yaml └── template │ └── profile-template.yaml ├── exporters-inventory ├── VERSION ├── .markdownlintignore ├── trivy.yaml ├── requirements.txt ├── .dockerignore ├── internal │ ├── common │ │ ├── defs.go │ │ └── cfg_test.go │ ├── env │ │ └── env.go │ ├── exporter │ │ └── exporter_utls_test.go │ ├── collect │ │ └── collect_utls_test.go │ └── manager │ │ └── manager_test.go ├── REUSE.toml ├── .gitignore ├── .trivyignore ├── test │ └── README.md └── Dockerfile ├── tenant-controller ├── VERSION ├── configuration │ └── broken │ │ └── lenovo │ │ ├── no.json │ │ └── missing-endpoint.json ├── trivy.yaml ├── .markdownlintignore ├── requirements.txt ├── .trivyignore ├── .dockerignore ├── internal │ ├── controller │ │ ├── main_test.go │ │ └── eventing.go │ ├── datamodel │ │ └── main_test.go │ ├── invclient │ │ └── main_test.go │ └── util │ │ ├── await.go │ │ ├── retry.go │ │ └── await_test.go └── REUSE.toml ├── .gitattributes ├── .markdownlintignore ├── requirements.txt ├── .gitignore ├── SECURITY.md ├── .github ├── CODEOWNERS ├── workflows │ ├── post-merge-scorecard.yml │ ├── auto-add-labels.yml │ ├── auto-close.yml │ ├── auto-update.yml │ ├── post-merge-os-profiles.yml │ ├── post-merge-apiv2.yml │ ├── post-merge-inventory.yml │ ├── post-merge-tenant-controller.yml │ └── post-merge-exporters-inventory.yml ├── labeler.yml ├── dependabot.yml └── PULL_REQUEST_TEMPLATE.md ├── REUSE.toml ├── .gitleaksignore ├── .markdownlint.yml └── CONTRIBUTORS.md /VERSION: -------------------------------------------------------------------------------- 1 | 0.1.0-dev 2 | -------------------------------------------------------------------------------- /apiv2/VERSION: -------------------------------------------------------------------------------- 1 | 2.9.0-dev 2 | -------------------------------------------------------------------------------- /inventory/VERSION: -------------------------------------------------------------------------------- 1 | 2.34.0-dev 2 | -------------------------------------------------------------------------------- /os-profiles/VERSION: -------------------------------------------------------------------------------- 1 | 0.10.0-dev 2 | -------------------------------------------------------------------------------- /exporters-inventory/VERSION: -------------------------------------------------------------------------------- 1 | 1.26.0-dev 2 | -------------------------------------------------------------------------------- /tenant-controller/VERSION: -------------------------------------------------------------------------------- 1 | 0.25.0-dev 2 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/buf/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/os/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/ou/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/compute/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/location/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/network/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/provider/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/schedule/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/status/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/tenant/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/customconfig/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/buf/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/inventory/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/localaccount/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/remoteaccess/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/telemetry/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tenant-controller/configuration/broken/lenovo/no.json: -------------------------------------------------------------------------------- 1 | !@#$$%% -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/customconfig/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20230600000000_empty.sql: -------------------------------------------------------------------------------- 1 | -- intentionally empty 2 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | * text=auto 5 | -------------------------------------------------------------------------------- /apiv2/.trivyignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | CVE-2025-61729 -------------------------------------------------------------------------------- /apiv2/trivy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | ignorefile: apiv2/.trivyignore 6 | -------------------------------------------------------------------------------- /inventory/trivy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | ignorefile: inventory/.trivyignore 6 | -------------------------------------------------------------------------------- /.markdownlintignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | SECURITY.md 5 | CODE_OF_CONDUCT.md 6 | CONTRIBUTING.md 7 | -------------------------------------------------------------------------------- /apiv2/.markdownlintignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | out/ 5 | vendor/ 6 | venv_api/ 7 | docs/proto.md 8 | -------------------------------------------------------------------------------- /exporters-inventory/.markdownlintignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | out/ 5 | vendor/ 6 | venv_exporter/ 7 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250926132933_add_lvm_size.sql: -------------------------------------------------------------------------------- 1 | -- Modify "host_resources" table 2 | ALTER TABLE "host_resources" ADD COLUMN "user_lvm_size" bigint NULL; 3 | -------------------------------------------------------------------------------- /inventory/.markdownlintignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | docs/api/ 5 | out/ 6 | vendor/ 7 | venv_inventory/ 8 | -------------------------------------------------------------------------------- /tenant-controller/trivy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | ignorefile: tenant-controller/.trivyignore 6 | -------------------------------------------------------------------------------- /exporters-inventory/trivy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | ignorefile: exporters-inventory/.trivyignore 6 | -------------------------------------------------------------------------------- /tenant-controller/.markdownlintignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | out/ 5 | vendor/ 6 | venv_tenant-controller/ 7 | -------------------------------------------------------------------------------- /inventory/pkg/api/status/v1/status_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: status/v1/status.proto 4 | 5 | package statusv1 6 | 7 | const () 8 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # lint yaml 5 | yamllint~=1.35.1 6 | 7 | # license check 8 | reuse~=5.0.2 9 | -------------------------------------------------------------------------------- /inventory/internal/ent/generate.go: -------------------------------------------------------------------------------- 1 | package ent 2 | 3 | //go:generate go run -mod=mod entgo.io/ent/cmd/ent generate --feature sql/versioned-migration,sql/execquery,intercept --template intercept.tmpl ./schema 4 | -------------------------------------------------------------------------------- /os-profiles/requirements.txt: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # lint yaml 5 | yamllint~=1.35.1 6 | 7 | # license check 8 | reuse~=5.0.2 9 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250605145118_add_osmetadata.sql: -------------------------------------------------------------------------------- 1 | -- Modify "operating_system_resources" table 2 | ALTER TABLE "operating_system_resources" ADD COLUMN "metadata" character varying NULL; 3 | -------------------------------------------------------------------------------- /os-profiles/.markdownlintignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | SECURITY.md 5 | CODE_OF_CONDUCT.md 6 | CONTRIBUTING.md 7 | venv_os-profiles/ 8 | -------------------------------------------------------------------------------- /tenant-controller/requirements.txt: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # lint yaml 5 | yamllint~=1.35.1 6 | 7 | # license check 8 | reuse~=5.0.2 9 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/status/v1/status_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/status/v1/status.proto 4 | 5 | package statusv1 6 | 7 | const () 8 | -------------------------------------------------------------------------------- /exporters-inventory/requirements.txt: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # lint yaml 5 | yamllint~=1.35.1 6 | 7 | # license check 8 | reuse~=5.0.2 9 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250520125803_add_osprof_desc.sql: -------------------------------------------------------------------------------- 1 | -- Modify "operating_system_resources" table 2 | ALTER TABLE "operating_system_resources" ADD COLUMN "description" character varying NULL; 3 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20251103070349_add_tls_ca_cert.sql: -------------------------------------------------------------------------------- 1 | -- Modify "operating_system_resources" table 2 | ALTER TABLE "operating_system_resources" ADD COLUMN "tls_ca_cert" character varying NULL; 3 | -------------------------------------------------------------------------------- /inventory/internal/utils/booleans/booleans.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package booleans 5 | 6 | func Pointer(b bool) *bool { 7 | return &b 8 | } 9 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250611095255_modify_OS_installed_pkgs_url.sql: -------------------------------------------------------------------------------- 1 | -- Modify "operating_system_resources" table 2 | ALTER TABLE "operating_system_resources" ADD COLUMN "installed_packages_url" character varying NULL; 3 | -------------------------------------------------------------------------------- /apiv2/api/openapi/client.cfg.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | package: api 6 | generate: 7 | client: true 8 | output: edge-infrastructure-manager-openapi-client.gen.go 9 | -------------------------------------------------------------------------------- /inventory/rego/rego.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package rego 5 | 6 | import ( 7 | embed "embed" 8 | ) 9 | 10 | //go:embed *.rego 11 | var RegoFolder embed.FS 12 | -------------------------------------------------------------------------------- /apiv2/requirements.txt: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # OpenAPI validator 5 | openapi-spec-validator~=0.7.1 6 | 7 | # lint yaml 8 | yamllint~=1.35.1 9 | 10 | # license check 11 | reuse~=5.0.2 12 | -------------------------------------------------------------------------------- /inventory/requirements.txt: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # protobuf 5 | betterproto[compiler]~=1.2.5 6 | 7 | # lint yaml 8 | yamllint~=1.35.1 9 | 10 | # license check 11 | reuse~=5.0.2 12 | 13 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20251002164125_modify_OSUpdatePolicy.sql: -------------------------------------------------------------------------------- 1 | -- Modify "os_update_policy_resources" table 2 | ALTER TABLE "os_update_policy_resources" ADD COLUMN "update_packages" character varying NULL, ADD COLUMN "update_kernel_command" character varying NULL; 3 | -------------------------------------------------------------------------------- /tenant-controller/.trivyignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # PostgreSQL CVEs 5 | CVE-2023-45853 6 | CVE-2023-7104 7 | CVE-2023-6780 8 | 9 | # Needs upgrade of golang to 1.24.11 10 | CVE-2025-61729 11 | -------------------------------------------------------------------------------- /apiv2/api/openapi/server.cfg.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | package: api 6 | generate: 7 | echo-server: true 8 | embedded-spec: true 9 | output: edge-infrastructure-manager-openapi-server.gen.go 10 | -------------------------------------------------------------------------------- /apiv2/api/openapi/types.cfg.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | package: api 6 | generate: 7 | models: true 8 | output: edge-infrastructure-manager-openapi-types.gen.go 9 | output-options: 10 | skip-prune: true 11 | -------------------------------------------------------------------------------- /inventory/internal/ent/runtime.go: -------------------------------------------------------------------------------- 1 | // Code generated by ent, DO NOT EDIT. 2 | 3 | package ent 4 | 5 | // The init function reads all schema descriptors with runtime code 6 | // (default values, validators, hooks and policies) and stitches it 7 | // to their package variables. 8 | func init() { 9 | } 10 | -------------------------------------------------------------------------------- /exporters-inventory/.dockerignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | out/* 5 | venv_* 6 | .git 7 | .github 8 | .reuse 9 | .gitignore 10 | .golangci.yml 11 | Dockerfile* 12 | Jenkinsfile 13 | README* 14 | requirements.txt 15 | VERSION 16 | LICENSES 17 | -------------------------------------------------------------------------------- /inventory/.trivyignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # Atlas release pending after golang update to 1.24.9 5 | CVE-2025-47912 6 | CVE-2025-58183 7 | CVE-2025-58186 8 | CVE-2025-58187 9 | CVE-2025-58188 10 | CVE-2025-61724 11 | CVE-2025-61729 12 | -------------------------------------------------------------------------------- /tenant-controller/.dockerignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | *.license 5 | *.md 6 | *.yaml 7 | *.yml 8 | .git 9 | .github 10 | .idea 11 | .reuse 12 | .gitignore 13 | .golangci.yml 14 | Jenkinsfile 15 | LICENSES 16 | api 17 | test 18 | venv_* 19 | -------------------------------------------------------------------------------- /inventory/.gitignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | # databases (created during testing) 5 | *.db 6 | 7 | # dummy certificates generated by make cert 8 | cert/certificates 9 | 10 | # er diagram generation 11 | *.dbml 12 | 13 | # logs file 14 | *.log 15 | -------------------------------------------------------------------------------- /apiv2/.dockerignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | out/* 5 | venv_* 6 | .git 7 | .github 8 | .reuse 9 | .gitignore 10 | .golangci.yml 11 | Dockerfile* 12 | Jenkinsfile 13 | README* 14 | requirements.txt 15 | VERSION 16 | examples 17 | LICENSES 18 | test 19 | tools 20 | -------------------------------------------------------------------------------- /inventory/buf.work.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | # buf.work.yaml 6 | # docs: https://docs.buf.build/configuration/v1/buf-work-yaml 7 | # Only defines one directory, but required so that buf.yaml deps list will work 8 | 9 | version: v1 10 | directories: 11 | - api 12 | -------------------------------------------------------------------------------- /os-profiles/REUSE.toml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | version = 1 5 | 6 | [[annotations]] 7 | path = [ 8 | "**.md", 9 | "VERSION" 10 | ] 11 | 12 | precedence = "aggregate" 13 | SPDX-FileCopyrightText = "(C) 2025 Intel Corporation" 14 | SPDX-License-Identifier = "Apache-2.0" 15 | -------------------------------------------------------------------------------- /apiv2/buf.work.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | # buf.work.yaml 6 | # docs: https://docs.buf.build/configuration/v1/buf-work-yaml 7 | # Only defines one directory, but required so that buf.yaml deps list will work 8 | 9 | version: v1 10 | directories: 11 | - api/proto 12 | -------------------------------------------------------------------------------- /inventory/api/buf.lock: -------------------------------------------------------------------------------- 1 | # Generated by buf. DO NOT EDIT. 2 | version: v1 3 | deps: 4 | - remote: buf.build 5 | owner: bufbuild 6 | repository: protovalidate 7 | commit: a3320276596649bcad929ac829d451f4 8 | digest: shake256:a6e5f64fd3fd47e3e8568e9753f59a1566f56c11ec055baf65463d3bca3499f6f16c2d6f5628fa41cfd0f4fa7e72abe65be4efd77d269749492472ed4cc4070d 9 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | *.swp 5 | *.test 6 | .DS_Store 7 | .idea 8 | .vscode 9 | .cache 10 | artifacts 11 | out/ 12 | vendor 13 | venv* 14 | *.iml 15 | ci/ 16 | clamav* 17 | trivy* 18 | !trivy.yaml 19 | 20 | # Go workspace file 21 | go.work 22 | 23 | # Useful when developing with coder vms 24 | .tool-versions 25 | -------------------------------------------------------------------------------- /apiv2/internal/server/inv_client_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package server_test 5 | 6 | import ( 7 | m_client "github.com/open-edge-platform/infra-core/apiv2/v2/mocks/m_client" 8 | ) 9 | 10 | func newMockedInventoryTestClient() *m_client.MockInventoryClient { 11 | return &m_client.MockInventoryClient{} 12 | } 13 | -------------------------------------------------------------------------------- /tenant-controller/internal/controller/main_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package controller 5 | 6 | import ( 7 | "testing" 8 | 9 | testutils "github.com/open-edge-platform/infra-core/tenant-controller/internal/testing" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | testutils.InitTestEnvironment()(m) 14 | } 15 | -------------------------------------------------------------------------------- /tenant-controller/internal/datamodel/main_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package datamodel 5 | 6 | import ( 7 | "testing" 8 | 9 | testutils "github.com/open-edge-platform/infra-core/tenant-controller/internal/testing" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | testutils.InitTestEnvironment()(m) 14 | } 15 | -------------------------------------------------------------------------------- /tenant-controller/internal/invclient/main_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package invclient_test 5 | 6 | import ( 7 | "testing" 8 | 9 | testutils "github.com/open-edge-platform/infra-core/tenant-controller/internal/testing" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | testutils.InitTestEnvironment()(m) 14 | } 15 | -------------------------------------------------------------------------------- /tenant-controller/REUSE.toml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | version = 1 5 | 6 | [[annotations]] 7 | path = [ 8 | "*.md", 9 | "go.sum", 10 | "VERSION", 11 | "configuration/**.json", 12 | ] 13 | precedence = "aggregate" 14 | SPDX-FileCopyrightText = "(C) 2025 Intel Corporation" 15 | SPDX-License-Identifier = "Apache-2.0" 16 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation. 3 | 4 | ## Reporting a Vulnerability 5 | Please report any security vulnerabilities in this project utilizing the guidelines [here](https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html). 6 | -------------------------------------------------------------------------------- /exporters-inventory/internal/common/defs.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package common 5 | 6 | type CollectorName string 7 | 8 | // Consts define the names of the available collector names. 9 | // It defines those names based on the collectors available 10 | // at the collect package. 11 | var ( 12 | InventoryCollector CollectorName = "INVENTORY" 13 | ) 14 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: 2025 Intel Corporation 2 | # 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | * @niket-intc @Ram-srini @ipsita-npg @SushilLakra @rranjan3 @cjnolan @damiankopyto @soniabha-intc @sunil-parida @krishnajs 6 | 7 | # CI files 8 | .github/ @adimoft @daveroge @shanedonohue @manilk1x @niket-intc @Ram-srini @ipsita-npg @SushilLakra @rranjan3 @cjnolan @damiankopyto @soniabha-intc @sunil-parida @krishnajs 9 | -------------------------------------------------------------------------------- /exporters-inventory/REUSE.toml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | version = 1 5 | 6 | [[annotations]] 7 | path = [ 8 | "go.sum", 9 | "VERSION", 10 | "README.md", 11 | "test/README.md", 12 | "internal/README.md", 13 | ] 14 | precedence = "aggregate" 15 | SPDX-FileCopyrightText = "(C) 2025 Intel Corporation" 16 | SPDX-License-Identifier = "Apache-2.0" 17 | -------------------------------------------------------------------------------- /inventory/internal/ent/runtime/runtime.go: -------------------------------------------------------------------------------- 1 | // Code generated by ent, DO NOT EDIT. 2 | 3 | package runtime 4 | 5 | // The schema-stitching logic is generated in github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/runtime.go 6 | 7 | const ( 8 | Version = "v0.14.6-0.20251106044941-a777c08cdda4" // Version of ent codegen. 9 | Sum = "h1:H7esUcrshCE1CC9dQn0MY7J029LrFt5xU2muJD4OVh0=" // Sum of ent codegen. 10 | ) 11 | -------------------------------------------------------------------------------- /inventory/internal/tools/tools.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | //go:build tools 5 | 6 | package tools 7 | 8 | // Blank imports to just include them in the mod file, these are required by ent gen 9 | import ( 10 | _ "github.com/mattn/go-runewidth" 11 | _ "github.com/olekukonko/tablewriter" 12 | _ "github.com/spf13/cobra" 13 | _ "golang.org/x/tools/cmd/goimports" 14 | ) 15 | -------------------------------------------------------------------------------- /apiv2/.mockery.yaml: -------------------------------------------------------------------------------- 1 | ## SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | ## SPDX-License-Identifier: Apache-2.0 3 | --- 4 | dir: "mocks/m_{{.PackageName | lower}}" 5 | outpkg: "m_{{.PackageName | lower}}" 6 | filename: "mock_{{.InterfaceName | lower}}.go" 7 | mockname: "Mock{{.InterfaceName}}" 8 | with-expecter: true 9 | packages: 10 | github.com/open-edge-platform/infra-core/inventory/v2/pkg/client: 11 | interfaces: 12 | InventoryClient: 13 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/status/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: status/v1/status.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | 6 | import betterproto 7 | 8 | 9 | class StatusIndication(betterproto.Enum): 10 | STATUS_INDICATION_UNSPECIFIED = 0 11 | STATUS_INDICATION_ERROR = 1 12 | STATUS_INDICATION_IN_PROGRESS = 2 13 | STATUS_INDICATION_IDLE = 3 14 | -------------------------------------------------------------------------------- /inventory/.dockerignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | out/* 5 | venv_* 6 | .git 7 | .github 8 | .reuse 9 | .gitignore 10 | .golangci.yml 11 | Dockerfile* 12 | Jenkinsfile 13 | README* 14 | requirements.txt 15 | VERSION 16 | cert 17 | docs 18 | fdo 19 | host 20 | inventory 21 | LICENSES 22 | location 23 | network 24 | os 25 | ou 26 | provider 27 | python 28 | schedule 29 | tenant 30 | vm 31 | buf* 32 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250801172500_modify_OSUpdateRun.sql: -------------------------------------------------------------------------------- 1 | -- Modify columns from timestamp → bigint (epoch in ms) 2 | ALTER TABLE os_update_run_resources 3 | ALTER COLUMN status_timestamp TYPE bigint USING (extract(epoch FROM status_timestamp) * 1000)::bigint, 4 | ALTER COLUMN start_time TYPE bigint USING (extract(epoch FROM start_time) * 1000)::bigint, 5 | ALTER COLUMN end_time TYPE bigint USING (extract(epoch FROM end_time) * 1000)::bigint; 6 | -------------------------------------------------------------------------------- /apiv2/internal/common/config_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package common_test 5 | 6 | import ( 7 | "testing" 8 | 9 | "github.com/stretchr/testify/assert" 10 | 11 | "github.com/open-edge-platform/infra-core/apiv2/v2/internal/common" 12 | ) 13 | 14 | func TestConfig(t *testing.T) { 15 | cfg, err := common.Config() 16 | assert.NoError(t, err) 17 | assert.NotEqual(t, cfg, nil) 18 | } 19 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250604095136_add_cvefields.sql: -------------------------------------------------------------------------------- 1 | -- Modify "instance_resources" table 2 | ALTER TABLE "instance_resources" ADD COLUMN "existing_cves" character varying NULL; 3 | -- Modify "operating_system_resources" table 4 | ALTER TABLE "operating_system_resources" ADD COLUMN "existing_cves_url" character varying NULL, ADD COLUMN "existing_cves" character varying NULL, ADD COLUMN "fixed_cves_url" character varying NULL, ADD COLUMN "fixed_cves" character varying NULL; 5 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250606153212_instance_update.sql: -------------------------------------------------------------------------------- 1 | -- Modify "instance_resources" table 2 | ALTER TABLE "instance_resources" ADD COLUMN "runtime_packages" character varying NULL, ADD COLUMN "os_update_available" character varying NULL, ADD COLUMN "instance_resource_os" bigint NULL, ADD CONSTRAINT "instance_resources_operating_system_resources_os" FOREIGN KEY ("instance_resource_os") REFERENCES "operating_system_resources" ("id") ON UPDATE NO ACTION ON DELETE SET NULL; 3 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/migrations.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package migrations 5 | 6 | import ( 7 | embed "embed" 8 | ) 9 | 10 | const ( 11 | MigrationsDir = "migrationsDir" 12 | MigrationsDirDescription = "Path to the DB migrations directory. Cannot be empty." 13 | ) 14 | 15 | var ( 16 | //go:embed *.sql 17 | //go:embed atlas.sum 18 | MigrationsFolder embed.FS 19 | ) 20 | -------------------------------------------------------------------------------- /apiv2/.gitignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | VERSIONS 5 | 6 | ## From https://github.com/github/gitignore/blob/main/Go.gitignore 7 | 8 | # Binaries for programs and plugins 9 | *.exe 10 | *.exe~ 11 | *.dll 12 | *.so 13 | *.dylib 14 | 15 | # Output of the go coverage tool, specifically when used with LiteIDE 16 | *.out 17 | 18 | # Do not track the auto-generated openapi doc 19 | api/openapi/openapi-static-doc.html 20 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/common/v1/common_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/common/v1/common.proto 4 | 5 | package commonv1 6 | 7 | const ( 8 | // Fields and Edges constants for "MetadataItem" 9 | MetadataItemFieldKey = "key" 10 | MetadataItemFieldValue = "value" 11 | 12 | // Fields and Edges constants for "Timestamps" 13 | TimestampsEdgeCreatedAt = "created_at" 14 | TimestampsEdgeUpdatedAt = "updated_at" 15 | ) 16 | -------------------------------------------------------------------------------- /exporters-inventory/internal/common/cfg_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package common_test 5 | 6 | import ( 7 | "testing" 8 | 9 | "github.com/stretchr/testify/assert" 10 | 11 | "github.com/open-edge-platform/infra-core/exporters-inventory/internal/common" 12 | ) 13 | 14 | func TestConfig(t *testing.T) { 15 | cfg, err := common.Config() 16 | assert.Equal(t, err, nil) 17 | assert.NotEqual(t, cfg, nil) 18 | } 19 | -------------------------------------------------------------------------------- /inventory/cmd/protoc-gen-ent-schema-extensions/buf.gen.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 4 | # SPDX-License-Identifier: Apache-2.0 5 | 6 | # buf.gen.yaml 7 | # docs: https://docs.buf.build/configuration/v1/buf-gen-yaml 8 | 9 | # This configuration is used by custom schema-extender plugin 10 | 11 | version: v1 12 | 13 | plugins: 14 | - plugin: schema-extender 15 | strategy: all 16 | out: . 17 | path: ["go", "run", "./cmd/protoc-gen-ent-schema-extensions"] 18 | -------------------------------------------------------------------------------- /inventory/pkg/oam/oamserver_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package oam_test 5 | 6 | import ( 7 | "flag" 8 | "os" 9 | "testing" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | // Only needed to suppress the error 14 | flag.String( 15 | "policyBundle", 16 | "/rego/policy_bundle.tar.gz", 17 | "Path of policy rego file", 18 | ) 19 | flag.Parse() 20 | 21 | run := m.Run() // run all tests 22 | os.Exit(run) 23 | } 24 | -------------------------------------------------------------------------------- /apiv2/api/proto/buf.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | version: v1 6 | deps: 7 | - buf.build/bufbuild/protovalidate 8 | - buf.build/googleapis/googleapis 9 | - buf.build/gnostic/gnostic 10 | breaking: 11 | use: 12 | - FILE 13 | lint: 14 | use: 15 | - STANDARD 16 | - ENUM_FIRST_VALUE_ZERO 17 | - COMMENT_MESSAGE 18 | - COMMENT_RPC 19 | - COMMENT_SERVICE 20 | rpc_allow_google_protobuf_empty_responses: true 21 | -------------------------------------------------------------------------------- /inventory/pkg/tracing/tracing_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package tracing_test 5 | 6 | import ( 7 | "flag" 8 | "os" 9 | "testing" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | // Only needed to suppress the error 14 | flag.String( 15 | "policyBundle", 16 | "/rego/policy_bundle.tar.gz", 17 | "Path of policy rego file", 18 | ) 19 | flag.Parse() 20 | 21 | run := m.Run() // run all tests 22 | os.Exit(run) 23 | } 24 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20251127155123_modify_OSUpdateRun_applied_policy_field.sql: -------------------------------------------------------------------------------- 1 | -- Modify "os_update_run_resources" table 2 | ALTER TABLE "os_update_run_resources" DROP CONSTRAINT "os_update_run_resources_os_upd_59e63391a29dbb5d975b005406c27afc", ALTER COLUMN "os_update_run_resource_applied_policy" DROP NOT NULL, ADD CONSTRAINT "os_update_run_resources_os_upd_59e63391a29dbb5d975b005406c27afc" FOREIGN KEY ("os_update_run_resource_applied_policy") REFERENCES "os_update_policy_resources" ("id") ON UPDATE NO ACTION ON DELETE SET NULL; 3 | -------------------------------------------------------------------------------- /apiv2/REUSE.toml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | version = 1 5 | 6 | [[annotations]] 7 | path = [ 8 | "VERSION", 9 | "go.sum", 10 | "**.md", 11 | "api/proto/buf.lock", 12 | "internal/pbapi/services/v1/**.pb*.go", 13 | "internal/pbapi/resources/**.pb*.go", 14 | "pkg/api/v2/*.gen.go", 15 | "mocks/**", 16 | "docs/*", 17 | ] 18 | 19 | precedence = "aggregate" 20 | SPDX-FileCopyrightText = "(C) 2025 Intel Corporation" 21 | SPDX-License-Identifier = "Apache-2.0" 22 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/customconfig/v1/customconfig_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/customconfig/v1/customconfig.proto 4 | 5 | package customconfigv1 6 | 7 | const ( 8 | // Fields and Edges constants for "CustomConfigResource" 9 | CustomConfigResourceFieldResourceId = "resource_id" 10 | CustomConfigResourceFieldName = "name" 11 | CustomConfigResourceFieldDescription = "description" 12 | CustomConfigResourceFieldConfig = "config" 13 | CustomConfigResourceEdgeTimestamps = "timestamps" 14 | ) 15 | -------------------------------------------------------------------------------- /inventory/docs/protovalidate.md: -------------------------------------------------------------------------------- 1 | 5 | 6 | # Working with protovalidate 7 | 8 | [protovalidate](https://github.com/bufbuild/protovalidate/) 9 | validates data content on specific gRPC fields. 10 | 11 | See the webpage for this tool for the specific validation methods 12 | available. The re2 syntax used in regular expressions is at [here](https://github.com/google/re2/wiki/Syntax). 13 | 14 | To learn how to leverage such library, see the [validator](../pkg/validator/) pkg. 15 | -------------------------------------------------------------------------------- /inventory/pkg/api/tenant/v1/tenant_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: tenant/v1/tenant.proto 4 | 5 | package tenantv1 6 | 7 | const ( 8 | // Fields and Edges constants for "Tenant" 9 | TenantFieldResourceId = "resource_id" 10 | TenantFieldCurrentState = "current_state" 11 | TenantFieldDesiredState = "desired_state" 12 | TenantFieldWatcherOsmanager = "watcher_osmanager" 13 | TenantFieldTenantId = "tenant_id" 14 | TenantFieldCreatedAt = "created_at" 15 | TenantFieldUpdatedAt = "updated_at" 16 | ) 17 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/localaccount/v1/localaccount_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/localaccount/v1/localaccount.proto 4 | 5 | package localaccountv1 6 | 7 | const ( 8 | // Fields and Edges constants for "LocalAccountResource" 9 | LocalAccountResourceFieldResourceId = "resource_id" 10 | LocalAccountResourceFieldUsername = "username" 11 | LocalAccountResourceFieldSshKey = "ssh_key" 12 | LocalAccountResourceFieldLocalAccountID = "local_accountID" 13 | LocalAccountResourceEdgeTimestamps = "timestamps" 14 | ) 15 | -------------------------------------------------------------------------------- /REUSE.toml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | version = 1 5 | 6 | [[annotations]] 7 | path = [ 8 | "VERSION", 9 | "**.md", 10 | "api/**", 11 | "apiv2/**", 12 | "bulk-import-tools/**", 13 | "exporters-inventory/**", 14 | "inventory/**", 15 | "tenant-controller/**", 16 | "inventory/docs/inventory-er-diagram.svg", 17 | "inventory/docs/output.dbml", 18 | ".gitleaksignore", 19 | ] 20 | 21 | precedence = "aggregate" 22 | SPDX-FileCopyrightText = "(C) 2025 Intel Corporation" 23 | SPDX-License-Identifier = "Apache-2.0" 24 | 25 | 26 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/network/v1/network_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/network/v1/network.proto 4 | 5 | package networkv1 6 | 7 | const ( 8 | // Fields and Edges constants for "IPAddressResource" 9 | IPAddressResourceFieldResourceId = "resource_id" 10 | IPAddressResourceFieldAddress = "address" 11 | IPAddressResourceFieldStatus = "status" 12 | IPAddressResourceFieldStatusDetail = "status_detail" 13 | IPAddressResourceFieldConfigMethod = "config_method" 14 | IPAddressResourceEdgeTimestamps = "timestamps" 15 | ) 16 | -------------------------------------------------------------------------------- /inventory/api/status/v1/status.proto: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | syntax = "proto3"; 5 | 6 | package status.v1; 7 | 8 | // This file contains the proto definitions of status-related fields that can be used across different proto objects. 9 | option go_package = "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/status/v1;statusv1"; 10 | 11 | enum StatusIndication { 12 | STATUS_INDICATION_UNSPECIFIED = 0; 13 | STATUS_INDICATION_ERROR = 1; 14 | STATUS_INDICATION_IN_PROGRESS = 2; 15 | STATUS_INDICATION_IDLE = 3; 16 | } 17 | -------------------------------------------------------------------------------- /inventory/pkg/api/localaccount/v1/localaccount_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: localaccount/v1/localaccount.proto 4 | 5 | package localaccountv1 6 | 7 | const ( 8 | // Fields and Edges constants for "LocalAccountResource" 9 | LocalAccountResourceFieldResourceId = "resource_id" 10 | LocalAccountResourceFieldUsername = "username" 11 | LocalAccountResourceFieldSshKey = "ssh_key" 12 | LocalAccountResourceFieldTenantId = "tenant_id" 13 | LocalAccountResourceFieldCreatedAt = "created_at" 14 | LocalAccountResourceFieldUpdatedAt = "updated_at" 15 | ) 16 | -------------------------------------------------------------------------------- /inventory/pkg/api/ou/v1/ou_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: ou/v1/ou.proto 4 | 5 | package ouv1 6 | 7 | const ( 8 | // Fields and Edges constants for "OuResource" 9 | OuResourceFieldResourceId = "resource_id" 10 | OuResourceFieldName = "name" 11 | OuResourceFieldOuKind = "ou_kind" 12 | OuResourceEdgeParentOu = "parent_ou" 13 | OuResourceEdgeChildren = "children" 14 | OuResourceFieldMetadata = "metadata" 15 | OuResourceFieldTenantId = "tenant_id" 16 | OuResourceFieldCreatedAt = "created_at" 17 | OuResourceFieldUpdatedAt = "updated_at" 18 | ) 19 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20251002165719_datamigration_OSUpdatePolicy.sql: -------------------------------------------------------------------------------- 1 | -- Backfill new fields from legacy ones if new are NULL/empty. 2 | UPDATE os_update_policy_resources 3 | SET 4 | update_packages = CASE 5 | WHEN (update_packages IS NULL OR update_packages = '') 6 | THEN install_packages ELSE update_packages END, 7 | update_kernel_command = CASE 8 | WHEN (update_kernel_command IS NULL OR update_kernel_command = '') 9 | THEN kernel_command ELSE update_kernel_command END 10 | WHERE 11 | (install_packages IS NOT NULL AND install_packages <> '') 12 | OR (kernel_command IS NOT NULL AND kernel_command <> ''); 13 | -------------------------------------------------------------------------------- /.github/workflows/post-merge-scorecard.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Post-Merge Scorecard CI 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | workflow_dispatch: 12 | 13 | permissions: 14 | contents: read 15 | security-events: write 16 | id-token: write 17 | 18 | jobs: 19 | call-scorecard: 20 | uses: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 21 | with: 22 | project_folder: "." 23 | secrets: 24 | SYS_EMF_GH_TOKEN: ${{ secrets.SYS_EMF_GH_TOKEN }} 25 | -------------------------------------------------------------------------------- /apiv2/api/proto/resources/status/v1/status.proto: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | syntax = "proto3"; 5 | 6 | package resources.status.v1; 7 | 8 | // This file contains the proto definitions of status-related fields that can be used across different proto objects. 9 | option go_package = "github.com/open-edge-platform/infra-core/apiv2/v2/internal/pbapi/resources/status/v1;statusv1"; 10 | 11 | // The status indicator. 12 | enum StatusIndication { 13 | STATUS_INDICATION_UNSPECIFIED = 0; 14 | STATUS_INDICATION_ERROR = 1; 15 | STATUS_INDICATION_IN_PROGRESS = 2; 16 | STATUS_INDICATION_IDLE = 3; 17 | } 18 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250527203300_amt.sql: -------------------------------------------------------------------------------- 1 | -- Modify "host_resources" table 2 | ALTER TABLE "host_resources" ADD COLUMN "power_status" character varying NULL, ADD COLUMN "power_status_indicator" character varying NULL, ADD COLUMN "power_status_timestamp" bigint NULL, ADD COLUMN "power_command_policy" character varying NULL, ADD COLUMN "power_on_time" bigint NULL, ADD COLUMN "amt_sku" character varying NULL, ADD COLUMN "desired_amt_state" character varying NULL, ADD COLUMN "current_amt_state" character varying NULL, ADD COLUMN "amt_status" character varying NULL, ADD COLUMN "amt_status_indicator" character varying NULL, ADD COLUMN "amt_status_timestamp" bigint NULL; 3 | -------------------------------------------------------------------------------- /.gitleaksignore: -------------------------------------------------------------------------------- 1 | api/internal/server/manager_test.go:generic-api-key:767 2 | inventory/internal/store/host_test.go:generic-api-key:996 3 | inventory/internal/store/host_test.go:generic-api-key:1010 4 | inventory/internal/store/host_test.go:generic-api-key:1050 5 | inventory/internal/store/host_test.go:generic-api-key:1051 6 | apiv2/pkg/api/v2/edge-infrastructure-manager-openapi-server.gen.go:generic-api-key:2555 7 | apiv2/pkg/api/v2/edge-infrastructure-manager-openapi-server.gen.go:generic-api-key:2739 8 | apiv2/pkg/api/v2/edge-infrastructure-manager-openapi-server.gen.go:generic-api-key:2707 9 | apiv2/pkg/api/v2/edge-infrastructure-manager-openapi-server.gen.go:generic-api-key:2585 10 | -------------------------------------------------------------------------------- /inventory/internal/store/tenant_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/tenant" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterTenant() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_TENANT, 17 | tenant.ValidColumn, 18 | map[string]edgeHandler{}, 19 | map[string]sqlPredicate{}, 20 | )) 21 | 22 | } 23 | -------------------------------------------------------------------------------- /inventory/pkg/api/customconfig/v1/customconfig_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: customconfig/v1/customconfig.proto 4 | 5 | package customconfigv1 6 | 7 | const ( 8 | // Fields and Edges constants for "CustomConfigResource" 9 | CustomConfigResourceFieldResourceId = "resource_id" 10 | CustomConfigResourceFieldName = "name" 11 | CustomConfigResourceFieldDescription = "description" 12 | CustomConfigResourceFieldConfigData = "config_data" 13 | CustomConfigResourceFieldTenantId = "tenant_id" 14 | CustomConfigResourceFieldCreatedAt = "created_at" 15 | CustomConfigResourceFieldUpdatedAt = "updated_at" 16 | ) 17 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/infrainv.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: infrainv/infrainv.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import List 6 | 7 | import betterproto 8 | 9 | 10 | @dataclass 11 | class SchemaExtension(betterproto.Message): 12 | indexes: List["Index"] = betterproto.message_field(1) 13 | 14 | 15 | @dataclass 16 | class Index(betterproto.Message): 17 | name: str = betterproto.string_field(1) 18 | fields: List[str] = betterproto.string_field(2) 19 | unique: bool = betterproto.bool_field(3) 20 | partial_index_condition: str = betterproto.string_field(4) 21 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/infrainv.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: infrainv/infrainv.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import List 6 | 7 | import betterproto 8 | 9 | 10 | @dataclass 11 | class SchemaExtension(betterproto.Message): 12 | indexes: List["Index"] = betterproto.message_field(1) 13 | 14 | 15 | @dataclass 16 | class Index(betterproto.Message): 17 | name: str = betterproto.string_field(1) 18 | fields: List[str] = betterproto.string_field(2) 19 | unique: bool = betterproto.bool_field(3) 20 | partial_index_condition: str = betterproto.string_field(4) 21 | -------------------------------------------------------------------------------- /apiv2/docs/oapi.md: -------------------------------------------------------------------------------- 1 | 5 | 6 | # Open API Edge Infrastructure Manager definitions 7 | 8 | You can build and generate API files by: 9 | 10 | ```bash 11 | make generate 12 | ``` 13 | 14 | To visualize the API in a browser, run: 15 | 16 | ```bash 17 | make oapi-docs 18 | ``` 19 | 20 | Then open the file `api/openapi/openapi-static-doc.html` in a browser. 21 | 22 | And finally, to compile the API into golang source code 23 | (into folder ./pkg/api/$VERSION/), 24 | 25 | ```bash 26 | make go-dependency 27 | make build # or: $ make pkg/api/*/edge-infra-manager-openapi-*.gen.go 28 | ``` 29 | -------------------------------------------------------------------------------- /inventory/internal/store/connect_db_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package store_test 5 | 6 | import ( 7 | "testing" 8 | 9 | "github.com/stretchr/testify/require" 10 | 11 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/store" 12 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/util" 13 | ) 14 | 15 | func TestConnectDb(t *testing.T) { 16 | dbURL := util.GetDBURL(util.LookupDBTestEnv()) 17 | // Assumption is that migration are already run, so this function will pass correctly, otherwise it will fatal 18 | client := store.ConnectEntDB(dbURL, dbURL) 19 | require.NotNil(t, client) 20 | } 21 | -------------------------------------------------------------------------------- /inventory/pkg/flags/flags.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package flags 5 | 6 | import "flag" 7 | 8 | const ( 9 | ServerAddress = "serverAddress" 10 | ServerAddressDescription = "The endpoint address of this component to serve on. " + 11 | "It should have the following format :." 12 | EnableAuditing = "enableAuditing" 13 | EnableAuditingDescription = "Flag to enable audit logs for API calls." 14 | ) 15 | 16 | var FlagDisableCredentialsManagement = flag.Bool("disableCredentialsManagement", false, 17 | "Disables credentials management for edge nodes. Should only be used for testing") 18 | -------------------------------------------------------------------------------- /inventory/internal/store/provider_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/providerresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterProviderResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_PROVIDER, 17 | providerresource.ValidColumn, 18 | map[string]edgeHandler{}, 19 | map[string]sqlPredicate{}, 20 | )) 21 | 22 | } 23 | -------------------------------------------------------------------------------- /inventory/pkg/providerconfiguration/providerconfiguration.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package providerconfiguration 5 | 6 | //nolint:tagliatelle // Renaming the json keys may effect while unmarshalling/marshaling. 7 | type ProviderConfig struct { 8 | DefaultOs string `json:"defaultOs"` 9 | AutoProvision bool `json:"autoProvision"` 10 | DefaultLocalAccount string `json:"defaultLocalAccount"` 11 | OSSecurityFeatureEnable bool `json:"osSecurityFeatureEnable"` 12 | } 13 | 14 | type LOCAProviderConfig struct { 15 | InstanceTpl string `json:"instance_tpl"` 16 | DNSDomain string `json:"dns_domain"` 17 | } 18 | -------------------------------------------------------------------------------- /inventory/internal/store/os_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/operatingsystemresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterOperatingSystemResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_OS, 17 | operatingsystemresource.ValidColumn, 18 | map[string]edgeHandler{}, 19 | map[string]sqlPredicate{}, 20 | )) 21 | 22 | } 23 | -------------------------------------------------------------------------------- /inventory/pkg/util/function/function.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package function 5 | 6 | import "reflect" 7 | 8 | const emptyNullCase = "null" 9 | 10 | type Predicate[T any] func(v T) bool 11 | 12 | func Not[T any](p Predicate[T]) Predicate[T] { 13 | return func(v T) bool { 14 | return !p(v) 15 | } 16 | } 17 | 18 | func IsNil(e any) bool { 19 | return e == nil || (reflect.ValueOf(e).Kind() == reflect.Ptr && reflect.ValueOf(e).IsNil()) 20 | } 21 | 22 | func IsNotEmptyNullCase(v *string) bool { 23 | return v != nil && *v != emptyNullCase 24 | } 25 | 26 | func IsEmptyNullCase(v *string) bool { 27 | return v != nil && *v == emptyNullCase 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/store/localaccount_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/localaccountresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterLocalAccountResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_LOCALACCOUNT, 17 | localaccountresource.ValidColumn, 18 | map[string]edgeHandler{}, 19 | map[string]sqlPredicate{}, 20 | )) 21 | 22 | } 23 | -------------------------------------------------------------------------------- /exporters-inventory/.gitignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | *.iml 5 | *.swp 6 | venv* 7 | out/* 8 | .idea 9 | .vscode 10 | .DS_Store 11 | VERSIONS 12 | 13 | ## From https://github.com/github/gitignore/blob/main/Go.gitignore 14 | 15 | # Binaries for programs and plugins 16 | *.exe 17 | *.exe~ 18 | *.dll 19 | *.so 20 | *.dylib 21 | 22 | # Test binary, built with `go test -c` 23 | *.test 24 | 25 | # Output of the go coverage tool, specifically when used with LiteIDE 26 | *.out 27 | 28 | # Dependency directories (remove the comment below to include it) 29 | vendor/ 30 | 31 | # Go workspace file 32 | go.work 33 | 34 | # Useful when developing with coder vms 35 | .tool-versions 36 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250611162552_modify_OSResource_name_tenantId_uniqueness.sql: -------------------------------------------------------------------------------- 1 | -- First ensure that we won't have any duplicate names for the same tenant. 2 | UPDATE "operating_system_resources" 3 | SET "name" = "name" || '-' || substr(md5(random()::text), 1, 5) 4 | WHERE ("name", "tenant_id") IN ( 5 | SELECT "name", "tenant_id" 6 | FROM "operating_system_resources" 7 | GROUP BY "name", "tenant_id" 8 | HAVING COUNT(*) > 1 9 | ); 10 | -- atlas:nolint MF101 the above data migration ensure that there won't be any duplicated. 11 | -- Create index "operatingsystemresource_name_tenant_id" to table: "operating_system_resources" 12 | CREATE UNIQUE INDEX "operatingsystemresource_name_tenant_id" ON "operating_system_resources" ("name", "tenant_id"); 13 | -------------------------------------------------------------------------------- /os-profiles/ubuntu-lenovo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2024 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | version: 0.2.0 9 | spec: 10 | name: Ubuntu 22.04.3 11 | type: OS_TYPE_MUTABLE 12 | provider: OS_PROVIDER_KIND_LENOVO 13 | architecture: x86_64 14 | profileName: ubuntu-lenovo 15 | osImageUrl: https://old-releases.ubuntu.com/releases/22.04/ubuntu-22.04.3-live-server-amd64.iso 16 | osImageVersion: 22.04.3 17 | osImageSha256: a4acfda10b18da50e2ec50ccaf860d7f20b389df8765611142305c0e911d16fd 18 | osPackageManifestURL: "" 19 | securityFeature: SECURITY_FEATURE_SECURE_BOOT_AND_FULL_DISK_ENCRYPTION 20 | description: Ubuntu for x86_64 architecture 21 | platformBundle: 22 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/provider/v1/provider_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/provider/v1/provider.proto 4 | 5 | package providerv1 6 | 7 | const ( 8 | // Fields and Edges constants for "ProviderResource" 9 | ProviderResourceFieldResourceId = "resource_id" 10 | ProviderResourceFieldProviderKind = "provider_kind" 11 | ProviderResourceFieldProviderVendor = "provider_vendor" 12 | ProviderResourceFieldName = "name" 13 | ProviderResourceFieldApiEndpoint = "api_endpoint" 14 | ProviderResourceFieldApiCredentials = "api_credentials" 15 | ProviderResourceFieldConfig = "config" 16 | ProviderResourceFieldProviderID = "providerID" 17 | ProviderResourceEdgeTimestamps = "timestamps" 18 | ) 19 | -------------------------------------------------------------------------------- /tenant-controller/configuration/broken/lenovo/missing-endpoint.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "auto_provision": true, 4 | "loca_ca_cert": "-----BEGIN CERTIFICATE-----\nMIIBYDCCAQegAwIBAgIRANkLzIEDboebuYRdSG13nhMwCgYIKoZIzj0EAwIwDzEN\nMAsGA1UEAxMETE9DQTAgFw0yMjExMDIxNjEyMjRaGA8yMTIyMTAwOTE2MTIyNFow\nDzENMAsGA1UEAxMETE9DQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDm7Snax\nmbPGKi8yoEpbNs3CyY0GAZp6+W9br+KhHwxdy8JmQOcDZp7FFnTnyu/WFBdFrpvY\nIK5g9whLC/WZ4jijQjBAMA4GA1UdDwEB/wQEAwICpDAPBgNVHRMBAf8EBTADAQH/\nMB0GA1UdDgQWBBS9klFV6Z6NVN7uRHbF04lh8P2ryDAKBggqhkjOPQQDAgNHADBE\nAiAWJRigjzQ4tTOjMN1xm28zrHDoMtGiAERNw2OPfp+gSgIgHait0IBXitCpzJYS\nKE8gtR6W+Z9dHBpfbSAqnosLcgQ=\n-----END CERTIFICATE-----\n", 5 | "name": "LOCA1", 6 | "password": "somethingelse", 7 | "username": "something" 8 | } 9 | ] 10 | -------------------------------------------------------------------------------- /exporters-inventory/internal/env/env.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package env 5 | 6 | import ( 7 | "os" 8 | 9 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/logging" 10 | ) 11 | 12 | const ( 13 | envENLokiURL = "EN_LOKI_URL" 14 | ) 15 | 16 | var ENLokiURL = os.Getenv(envENLokiURL) 17 | 18 | var zlog = logging.GetLogger("Env") 19 | 20 | func MustGetEnv(key string) string { 21 | v, found := os.LookupEnv(key) 22 | if found && v != "" { 23 | zlog.Debug().Msgf("Found env var %s = %s", key, v) 24 | return v 25 | } 26 | 27 | zlog.Fatal().Msgf("Mandatory env var %s is not set or empty!", key) 28 | return "" 29 | } 30 | 31 | func MustEnsureRequired() { 32 | ENLokiURL = MustGetEnv(envENLokiURL) 33 | } 34 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/localaccount/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: localaccount/v1/localaccount.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | 6 | import betterproto 7 | 8 | 9 | @dataclass 10 | class LocalAccountResource(betterproto.Message): 11 | # resource identifier 12 | resource_id: str = betterproto.string_field(1) 13 | # Username provided by admin 14 | username: str = betterproto.string_field(2) 15 | # SSH Public Key of EN 16 | ssh_key: str = betterproto.string_field(3) 17 | # Tenant Identifier. 18 | tenant_id: str = betterproto.string_field(100) 19 | # Creation timestamp 20 | created_at: str = betterproto.string_field(200) 21 | updated_at: str = betterproto.string_field(201) 22 | -------------------------------------------------------------------------------- /inventory/REUSE.toml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | version = 1 5 | 6 | [[annotations]] 7 | path = [ 8 | "**.md", 9 | "go.sum", 10 | "VERSION", 11 | "api/buf.lock", 12 | "python/infra_inventory/**.py", 13 | "pkg/api/**.pb.go", 14 | "pkg/errors/**.pb.go", 15 | "internal/ent/**", 16 | "**/**_mock.go", 17 | "sql/inventory.sql", 18 | "docs/inventory-er-diagram.svg", 19 | "docs/output.dbml" 20 | ] 21 | precedence = "aggregate" 22 | SPDX-FileCopyrightText = "(C) 2025 Intel Corporation" 23 | SPDX-License-Identifier = "Apache-2.0" 24 | 25 | [[annotations]] 26 | path = "api/ent/opts.proto" 27 | precedence = "aggregate" 28 | SPDX-FileCopyrightText = "(C) 2019-present Facebook" 29 | SPDX-License-Identifier = "Apache-2.0" 30 | -------------------------------------------------------------------------------- /inventory/pkg/api/provider/v1/provider_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: provider/v1/provider.proto 4 | 5 | package providerv1 6 | 7 | const ( 8 | // Fields and Edges constants for "ProviderResource" 9 | ProviderResourceFieldResourceId = "resource_id" 10 | ProviderResourceFieldProviderKind = "provider_kind" 11 | ProviderResourceFieldProviderVendor = "provider_vendor" 12 | ProviderResourceFieldName = "name" 13 | ProviderResourceFieldApiEndpoint = "api_endpoint" 14 | ProviderResourceFieldApiCredentials = "api_credentials" 15 | ProviderResourceFieldConfig = "config" 16 | ProviderResourceFieldTenantId = "tenant_id" 17 | ProviderResourceFieldCreatedAt = "created_at" 18 | ProviderResourceFieldUpdatedAt = "updated_at" 19 | ) 20 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/ou/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: ou/v1/ou.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import List 6 | 7 | import betterproto 8 | 9 | 10 | @dataclass 11 | class OuResource(betterproto.Message): 12 | resource_id: str = betterproto.string_field(1) 13 | name: str = betterproto.string_field(2) 14 | ou_kind: str = betterproto.string_field(3) 15 | parent_ou: "OuResource" = betterproto.message_field(4) 16 | children: List["OuResource"] = betterproto.message_field(5) 17 | metadata: str = betterproto.string_field(50) 18 | tenant_id: str = betterproto.string_field(100) 19 | created_at: str = betterproto.string_field(200) 20 | updated_at: str = betterproto.string_field(201) 21 | -------------------------------------------------------------------------------- /.markdownlint.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | default: true 6 | MD004: 7 | style: dash 8 | MD010: 9 | # Code blocks may have hard tabs. 10 | code_blocks: false 11 | MD013: 12 | line_length: 120 # Max line length checking. 13 | code_blocks: false 14 | MD025: 15 | # Ignore the front matter title. Pages still need a top level header (#). 16 | front_matter_title: "" 17 | MD029: 18 | style: ordered 19 | MD033: 20 | allowed_elements: 21 | - ref # allow hugo relative reference links 22 | - br # allow mermaid
to create new line 23 | - a # allow anchors created by protoc-gen-doc and similar tools 24 | - img # allow images - needed if you need to define a size 25 | - span # allow span tags - needed if you need to highlight text in color 26 | -------------------------------------------------------------------------------- /inventory/docs/mocks.md: -------------------------------------------------------------------------------- 1 | 5 | 6 | # Inventory Mocks 7 | 8 | The Inventory uses [mock](https://github.com/golang/mock) for mocking. 9 | Do not use other mocking frameworks unless you have a good reason. 10 | Do not write mocks manually; generate them instead. 11 | 12 | Mock-generating annotation for the interface `AnyInterface` defined in the file `myinterfaces.go` would be: 13 | 14 | ```golang 15 | //go:generate mockgen -package mocks -destination=../mocks/myinterfaces_mock.go . AnyInterface 16 | type AnyInterface interface { 17 | 18 | } 19 | ``` 20 | 21 | The above mock generator can be triggered by the `mock-gen` Makefile target. The target directory for all generated 22 | mocks is `pkg/mocks`; and the target package is `mocks`. 23 | -------------------------------------------------------------------------------- /inventory/pkg/cert/cert_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package cert_test 5 | 6 | import ( 7 | "flag" 8 | "os" 9 | "testing" 10 | 11 | "github.com/stretchr/testify/assert" 12 | 13 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/cert" 14 | ) 15 | 16 | func TestMain(m *testing.M) { 17 | // Only needed to suppress the error 18 | flag.String( 19 | "policyBundle", 20 | "/rego/policy_bundle.tar.gz", 21 | "Path of policy rego file", 22 | ) 23 | flag.Parse() 24 | 25 | run := m.Run() // run all tests 26 | os.Exit(run) 27 | } 28 | 29 | func Test_InvalidHandleCertPathsAndPools(t *testing.T) { 30 | _, err := cert.HandleCertPaths("", "", "", false) 31 | assert.Error(t, err) 32 | 33 | _, err = cert.GetCertPool("") 34 | assert.Error(t, err) 35 | } 36 | -------------------------------------------------------------------------------- /inventory/api/infrainv/infrainv.proto: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | syntax = "proto2"; 5 | 6 | package infrainv; 7 | 8 | import "google/protobuf/descriptor.proto"; 9 | 10 | option go_package = "github.com/open-edge-platform/infra-core/inventory/v2/pkg/infrainv;infrainv"; 11 | 12 | message SchemaExtension { 13 | repeated Index indexes = 1; 14 | } 15 | 16 | extend google.protobuf.MessageOptions { 17 | optional SchemaExtension schemaExtension = 8086; 18 | } 19 | 20 | message Index { 21 | optional string name = 1; // Name of index, autogenerated if not provided. 22 | repeated string fields = 2; // Name of fields being part of defined index. 23 | required bool unique = 3; // Uniqueness flag causes created index unique. 24 | optional string partialIndexCondition = 4; 25 | } 26 | -------------------------------------------------------------------------------- /exporters-inventory/internal/exporter/exporter_utls_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package exporter_test 5 | 6 | import ( 7 | "os" 8 | "path/filepath" 9 | "testing" 10 | 11 | inv_testing "github.com/open-edge-platform/infra-core/inventory/v2/pkg/testing" 12 | ) 13 | 14 | // Starts all Inventory and Host Manager requirements to test exporter API. 15 | func TestMain(m *testing.M) { 16 | wd, err := os.Getwd() 17 | if err != nil { 18 | panic(err) 19 | } 20 | projectRoot := filepath.Dir(filepath.Dir(wd)) 21 | 22 | policyPath := projectRoot + "/out" 23 | migrationsDir := projectRoot + "/out" 24 | 25 | inv_testing.StartTestingEnvironment(policyPath, "", migrationsDir) 26 | run := m.Run() // run all tests 27 | inv_testing.StopTestingEnvironment() 28 | os.Exit(run) 29 | } 30 | -------------------------------------------------------------------------------- /.github/workflows/auto-add-labels.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Labeler 6 | 7 | on: 8 | pull_request: 9 | 10 | concurrency: 11 | group: ${{ github.workflow }}-${{ github.ref }} 12 | cancel-in-progress: true 13 | 14 | permissions: 15 | contents: read # default, required to read repo content 16 | pull-requests: write # needed so the action can apply labels to PRs 17 | issues: write # needed so the action can apply labels to Issues 18 | 19 | jobs: 20 | label: 21 | permissions: 22 | contents: read 23 | pull-requests: write 24 | runs-on: ubuntu-latest 25 | steps: 26 | - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1 27 | with: 28 | repo-token: ${{ secrets.SYS_EMF_GH_TOKEN }} 29 | -------------------------------------------------------------------------------- /exporters-inventory/internal/collect/collect_utls_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package collect_test 5 | 6 | import ( 7 | "os" 8 | "path/filepath" 9 | "testing" 10 | 11 | inv_testing "github.com/open-edge-platform/infra-core/inventory/v2/pkg/testing" 12 | ) 13 | 14 | // Starts all Inventory and Host Manager requirements to test host manager southbound client. 15 | func TestMain(m *testing.M) { 16 | wd, err := os.Getwd() 17 | if err != nil { 18 | panic(err) 19 | } 20 | projectRoot := filepath.Dir(filepath.Dir(wd)) 21 | 22 | policyPath := projectRoot + "/out" 23 | migrationsDir := projectRoot + "/out" 24 | 25 | inv_testing.StartTestingEnvironment(policyPath, "", migrationsDir) 26 | run := m.Run() // run all tests 27 | inv_testing.StopTestingEnvironment() 28 | os.Exit(run) 29 | } 30 | -------------------------------------------------------------------------------- /inventory/buf.gen.errors.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 4 | # SPDX-License-Identifier: Apache-2.0 5 | 6 | # buf.gen.yaml 7 | # docs: https://docs.buf.build/configuration/v1/buf-gen-yaml 8 | 9 | version: v1 10 | 11 | plugins: 12 | 13 | # go - https://pkg.go.dev/google.golang.org/protobuf 14 | - plugin: go 15 | out: pkg 16 | opt: 17 | - paths=source_relative 18 | 19 | # python - https://github.com/danielgtaylor/python-betterproto 20 | # NOTE: This module creates empty directories in the repo root when run. 21 | # Ignore these like git does. Not sure if this is a buf or compiler issue 22 | - plugin: python_betterproto 23 | out: python/infra_inventory/errors 24 | strategy: all 25 | 26 | # docs - https://github.com/pseudomuto/protoc-gen-doc 27 | - plugin: doc 28 | out: docs/api 29 | opt: markdown,errors.md 30 | strategy: all 31 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/customconfig/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: customconfig/v1/customconfig.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | 6 | import betterproto 7 | 8 | 9 | @dataclass 10 | class CustomConfigResource(betterproto.Message): 11 | # resource identifier 12 | resource_id: str = betterproto.string_field(1) 13 | # Unique name of config provided by admin 14 | name: str = betterproto.string_field(2) 15 | # Config Description 16 | description: str = betterproto.string_field(3) 17 | # Configuration file. 18 | config_data: str = betterproto.string_field(4) 19 | # Tenant Identifier. 20 | tenant_id: str = betterproto.string_field(100) 21 | # Creation timestamp 22 | created_at: str = betterproto.string_field(200) 23 | updated_at: str = betterproto.string_field(201) 24 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/customconfig/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: customconfig/v1/customconfig.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | 6 | import betterproto 7 | 8 | 9 | @dataclass 10 | class CustomConfigResource(betterproto.Message): 11 | # resource identifier 12 | resource_id: str = betterproto.string_field(1) 13 | # Unique name of config provided by admin 14 | name: str = betterproto.string_field(2) 15 | # Config Description 16 | description: str = betterproto.string_field(3) 17 | # Configuration file. 18 | config_data: str = betterproto.string_field(4) 19 | # Tenant Identifier. 20 | tenant_id: str = betterproto.string_field(100) 21 | # Creation timestamp 22 | created_at: str = betterproto.string_field(200) 23 | updated_at: str = betterproto.string_field(201) 24 | -------------------------------------------------------------------------------- /apiv2/internal/server/server_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package server_test 5 | 6 | import ( 7 | "os" 8 | "path/filepath" 9 | "testing" 10 | 11 | inv_testing "github.com/open-edge-platform/infra-core/inventory/v2/pkg/testing" 12 | ) 13 | 14 | // Starts all Inventory testing environment to test API inv handlers. 15 | func TestMain(m *testing.M) { 16 | wd, err := os.Getwd() 17 | if err != nil { 18 | panic(err) 19 | } 20 | 21 | // Needed for filepath of current dir related to root where /out dir is placed 22 | projectRoot := filepath.Dir(filepath.Dir(wd)) 23 | 24 | policyPath := projectRoot + "/out" 25 | migrationsDir := projectRoot + "/out" 26 | 27 | inv_testing.StartTestingEnvironment(policyPath, "", migrationsDir) 28 | 29 | run := m.Run() // run all tests 30 | inv_testing.StopTestingEnvironment() 31 | os.Exit(run) 32 | } 33 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/network_segment.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | ) 11 | 12 | type NetworkSegment struct { 13 | ent.Schema 14 | } 15 | 16 | func (NetworkSegment) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.String("name").Optional(), field.Int32("vlan_id").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (NetworkSegment) Edges() []ent.Edge { 20 | return []ent.Edge{edge.To("site", SiteResource.Type).Required().Unique()} 21 | } 22 | func (NetworkSegment) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /apiv2/api/proto/buf.lock: -------------------------------------------------------------------------------- 1 | # Generated by buf. DO NOT EDIT. 2 | version: v1 3 | deps: 4 | - remote: buf.build 5 | owner: bufbuild 6 | repository: protovalidate 7 | commit: 8976f5be98c146529b1cc15cd2012b60 8 | digest: shake256:91ecc82cdf4a6c8b0def8eecf6b622a60b569a3a8d2891a7bc8cdf78116aed69c3f73c01a3deb0ca8862301bb797e890ab821cbc44d7f7283668923aebb9b47e 9 | - remote: buf.build 10 | owner: gnostic 11 | repository: gnostic 12 | commit: 087bc8072ce44e339f213209e4d57bf0 13 | digest: shake256:4689c26f0460fea84c4c277c1b9c7e7d657388c5b4116d1065f907a92100ffbea87de05bbd138a0166411361e1f6ce063b4c0c6002358d39710f3c4a8de788d5 14 | - remote: buf.build 15 | owner: googleapis 16 | repository: googleapis 17 | commit: 61b203b9a9164be9a834f58c37be6f62 18 | digest: shake256:e619113001d6e284ee8a92b1561e5d4ea89a47b28bf0410815cb2fa23914df8be9f1a6a98dcf069f5bc2d829a2cfb1ac614863be45cd4f8a5ad8606c5f200224 19 | -------------------------------------------------------------------------------- /inventory/api/buf.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # # SPDX-License-Identifier: Apache-2.0 4 | 5 | version: v1 6 | deps: 7 | - buf.build/bufbuild/protovalidate 8 | breaking: 9 | use: 10 | - FILE 11 | lint: 12 | use: 13 | - STANDARD 14 | - ENUM_FIRST_VALUE_ZERO 15 | ignore_only: 16 | PACKAGE_VERSION_SUFFIX: 17 | - ent/opts.proto 18 | - errors/errors.proto 19 | - infrainv/infrainv.proto 20 | FIELD_LOWER_SNAKE_CASE: 21 | - infrainv/infrainv.proto # schemaExtension field should be schema_extension 22 | ENUM_VALUE_PREFIX: 23 | - errors/errors.proto 24 | ENUM_ZERO_VALUE_SUFFIX: 25 | - errors/errors.proto 26 | # In accordance with AIP-131 we return un-wrapped resource messages on CRUD RPCs. 27 | RPC_RESPONSE_STANDARD_NAME: 28 | - inventory/v1/inventory.proto 29 | RPC_REQUEST_RESPONSE_UNIQUE: 30 | - inventory/v1/inventory.proto 31 | -------------------------------------------------------------------------------- /.github/labeler.yml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | CI 🤖: 5 | - changed-files: 6 | - any-glob-to-any-file: ".github/**" 7 | 8 | root: 9 | - changed-files: 10 | - any-glob-to-any-file: "*" 11 | 12 | api: 13 | - changed-files: 14 | - any-glob-to-any-file: "api/**" 15 | 16 | apiv2: 17 | - changed-files: 18 | - any-glob-to-any-file: "apiv2/**" 19 | 20 | bulk-import-tools: 21 | - changed-files: 22 | - any-glob-to-any-file: "bulk-import-tools/**" 23 | 24 | exporters-inventory: 25 | - changed-files: 26 | - any-glob-to-any-file: "exporters-inventory/**" 27 | 28 | inventory: 29 | - changed-files: 30 | - any-glob-to-any-file: "inventory/**" 31 | 32 | tenant-controller: 33 | - changed-files: 34 | - any-glob-to-any-file: "tenant-controller/**" 35 | 36 | os-profiles: 37 | - changed-files: 38 | - any-glob-to-any-file: "os-profiles/**" 39 | -------------------------------------------------------------------------------- /inventory/internal/store/hostgpu_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/hostgpuresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterHostgpuResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_HOSTGPU, 17 | hostgpuresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | hostgpuresource.EdgeHost: { 20 | func(p sqlPredicate) sqlPredicate { return hostgpuresource.HasHostWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_HOST, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | hostgpuresource.EdgeHost: hostgpuresource.HasHost(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/hostnic_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/hostnicresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterHostnicResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_HOSTNIC, 17 | hostnicresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | hostnicresource.EdgeHost: { 20 | func(p sqlPredicate) sqlPredicate { return hostnicresource.HasHostWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_HOST, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | hostnicresource.EdgeHost: hostnicresource.HasHost(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/hostusb_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/hostusbresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterHostusbResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_HOSTUSB, 17 | hostusbresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | hostusbresource.EdgeHost: { 20 | func(p sqlPredicate) sqlPredicate { return hostusbresource.HasHostWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_HOST, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | hostusbresource.EdgeHost: hostusbresource.HasHost(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/endpoint_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/endpointresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterEndpointResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_ENDPOINT, 17 | endpointresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | endpointresource.EdgeHost: { 20 | func(p sqlPredicate) sqlPredicate { return endpointresource.HasHostWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_HOST, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | endpointresource.EdgeHost: endpointresource.HasHost(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/networksegment_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/networksegment" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterNetworkSegment() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_NETWORKSEGMENT, 17 | networksegment.ValidColumn, 18 | map[string]edgeHandler{ 19 | networksegment.EdgeSite: { 20 | func(p sqlPredicate) sqlPredicate { return networksegment.HasSiteWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_SITE, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | networksegment.EdgeSite: networksegment.HasSite(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/ipaddress_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/ipaddressresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterIpaddressResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_IPADDRESS, 17 | ipaddressresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | ipaddressresource.EdgeNic: { 20 | func(p sqlPredicate) sqlPredicate { return ipaddressresource.HasNicWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_HOSTNIC, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | ipaddressresource.EdgeNic: ipaddressresource.HasNic(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/workload_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/workloadresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterWorkloadResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_WORKLOAD, 17 | workloadresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | workloadresource.EdgeMembers: { 20 | func(p sqlPredicate) sqlPredicate { return workloadresource.HasMembersWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_WORKLOAD_MEMBER, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | workloadresource.EdgeMembers: workloadresource.HasMembers(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/inventory/inventory_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package inventory_test 5 | 6 | import ( 7 | "flag" 8 | "os" 9 | "path/filepath" 10 | "testing" 11 | 12 | inv_testing "github.com/open-edge-platform/infra-core/inventory/v2/pkg/testing" 13 | ) 14 | 15 | func TestMain(m *testing.M) { 16 | // Currently unused 17 | flag.String( 18 | "policyBundle", 19 | "/rego/policy_bundle.tar.gz", 20 | "Path of policy rego file", 21 | ) 22 | flag.Parse() 23 | wd, err := os.Getwd() 24 | if err != nil { 25 | panic(err) 26 | } 27 | projectRoot := filepath.Dir(filepath.Dir(wd)) 28 | 29 | policyPath := projectRoot + "/out" 30 | certPath := projectRoot + "/cert/certificates" 31 | migrationsDir := projectRoot + "/out" 32 | 33 | inv_testing.StartTestingEnvironment(policyPath, certPath, migrationsDir) 34 | run := m.Run() // run all tests 35 | inv_testing.StopTestingEnvironment() 36 | 37 | os.Exit(run) 38 | } 39 | -------------------------------------------------------------------------------- /inventory/internal/store/hoststorage_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/hoststorageresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterHoststorageResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_HOSTSTORAGE, 17 | hoststorageresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | hoststorageresource.EdgeHost: { 20 | func(p sqlPredicate) sqlPredicate { return hoststorageresource.HasHostWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_HOST, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | hoststorageresource.EdgeHost: hoststorageresource.HasHost(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/workload_member.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | ) 11 | 12 | type WorkloadMember struct { 13 | ent.Schema 14 | } 15 | 16 | func (WorkloadMember) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("kind").Values("WORKLOAD_MEMBER_KIND_UNSPECIFIED", "WORKLOAD_MEMBER_KIND_CLUSTER_NODE"), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (WorkloadMember) Edges() []ent.Edge { 20 | return []ent.Edge{edge.To("workload", WorkloadResource.Type).Required().Unique(), edge.To("instance", InstanceResource.Type).Required().Unique()} 21 | } 22 | func (WorkloadMember) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /inventory/internal/store/customconfig_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/customconfigresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterCustomConfigResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_CUSTOMCONFIG, 17 | customconfigresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | customconfigresource.EdgeInstances: { 20 | func(p sqlPredicate) sqlPredicate { return customconfigresource.HasInstancesWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_INSTANCE, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | customconfigresource.EdgeInstances: customconfigresource.HasInstances(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /os-profiles/ubuntu-24.04-lts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | version: 0.1.0 9 | spec: 10 | name: Ubuntu 24.04.2 LTS 11 | type: OS_TYPE_MUTABLE 12 | provider: OS_PROVIDER_KIND_INFRA 13 | architecture: x86_64 14 | profileName: ubuntu-24.04-lts 15 | osImageUrl: >- 16 | https://cloud-images.ubuntu.com/releases/noble/release-20250430/ubuntu-24.04-server-cloudimg-amd64.img 17 | osImageVersion: 24.04.2 18 | osImageSha256: bc471ca49de03b5129c65b70f9862b7f4b5e721622fd34ade78132f6f7999e2d 19 | osPackageManifestURL: "" 20 | osExistingCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.noble.cve.oval.xml.bz2 21 | osFixedCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.noble.usn.oval.xml.bz2 22 | securityFeature: SECURITY_FEATURE_SECURE_BOOT_AND_FULL_DISK_ENCRYPTION 23 | description: Ubuntu 24.04.2 LTS for x86_64 architecture 24 | platformBundle: 25 | -------------------------------------------------------------------------------- /inventory/internal/store/osupdatepolicy_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/osupdatepolicyresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterOsupdatePolicyResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_OSUPDATEPOLICY, 17 | osupdatepolicyresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | osupdatepolicyresource.EdgeTargetOs: { 20 | func(p sqlPredicate) sqlPredicate { return osupdatepolicyresource.HasTargetOsWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_OS, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | osupdatepolicyresource.EdgeTargetOs: osupdatepolicyresource.HasTargetOs(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /os-profiles/ubuntu-22.04-lts-generic.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2024 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | version: 0.2.0 9 | spec: 10 | name: Ubuntu 22.04.5 LTS 11 | type: OS_TYPE_MUTABLE 12 | provider: OS_PROVIDER_KIND_INFRA 13 | architecture: x86_64 14 | profileName: ubuntu-22.04-lts-generic 15 | osImageUrl: >- 16 | https://cloud-images.ubuntu.com/releases/22.04/release-20250228/ubuntu-22.04-server-cloudimg-amd64.img 17 | osImageVersion: 22.04.5 18 | osImageSha256: b9b65a7e045ca262ad614cbedeaa1bf34b9325d76f856e85e17b68984e7a4314 19 | osPackageManifestURL: "" 20 | osExistingCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.jammy.cve.oval.xml.bz2 21 | osFixedCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.jammy.usn.oval.xml.bz2 22 | securityFeature: SECURITY_FEATURE_SECURE_BOOT_AND_FULL_DISK_ENCRYPTION 23 | description: Ubuntu 22.04.5 LTS for x86_64 architecture 24 | platformBundle: 25 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/endpoint_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type EndpointResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (EndpointResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("kind").Optional(), field.String("name").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (EndpointResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("host", HostResource.Type).Unique()} 22 | } 23 | func (EndpointResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (EndpointResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/local_account_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/field" 9 | "entgo.io/ent/schema/index" 10 | ) 11 | 12 | type LocalAccountResource struct { 13 | ent.Schema 14 | } 15 | 16 | func (LocalAccountResource) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.String("username").Immutable(), field.String("ssh_key").Immutable(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (LocalAccountResource) Edges() []ent.Edge { 20 | return nil 21 | } 22 | func (LocalAccountResource) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | func (LocalAccountResource) Indexes() []ent.Index { 26 | return []ent.Index{index.Fields("username", "tenant_id").Unique(), index.Fields("tenant_id")} 27 | } 28 | -------------------------------------------------------------------------------- /inventory/internal/store/telemetrygroup_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/telemetrygroupresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterTelemetryGroupResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_TELEMETRY_GROUP, 17 | telemetrygroupresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | telemetrygroupresource.EdgeProfiles: { 20 | func(p sqlPredicate) sqlPredicate { return telemetrygroupresource.HasProfilesWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_TELEMETRY_PROFILE, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | telemetrygroupresource.EdgeProfiles: telemetrygroupresource.HasProfiles(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /inventory/internal/store/rmtaccessconf_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/remoteaccessconfiguration" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterRemoteAccessConfiguration() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_RMT_ACCESS_CONF, 17 | remoteaccessconfiguration.ValidColumn, 18 | map[string]edgeHandler{ 19 | remoteaccessconfiguration.EdgeInstance: { 20 | func(p sqlPredicate) sqlPredicate { return remoteaccessconfiguration.HasInstanceWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_INSTANCE, 22 | }, 23 | }, 24 | map[string]sqlPredicate{ 25 | remoteaccessconfiguration.EdgeInstance: remoteaccessconfiguration.HasInstance(), 26 | }, 27 | )) 28 | 29 | } 30 | -------------------------------------------------------------------------------- /CONTRIBUTORS.md: -------------------------------------------------------------------------------- 1 | # Contributors 2 | 3 | ## Special thanks for all the people who had helped this project so far 4 | 5 | - [Andrea-Campanella](https://github.com/Andrea-Campanella) 6 | - [amr-mokhtar](https://github.com/amr-mokhtar) 7 | - [cjnolan](https://github.com/cjnolan) 8 | - [damiankopyto](https://github.com/damiankopyto) 9 | - [daniele-moro](https://github.com/daniele-moro) 10 | - [ikyrycho](https://github.com/ikyrycho) 11 | - [jkossak](https://github.com/jkossak) 12 | - [krishnajs](https://github.com/krishnajs) 13 | - [ktaube26](https://github.com/ktaube26) 14 | - [niket-intc](https://github.com/niket-intc) 15 | - [osinstom](https://github.com/osinstom) 16 | - [Paiadhithi](https://github.com/Paiadhithi) 17 | - [PalashGoelIntel](https://github.com/PalashGoelIntel) 18 | - [pierventre](https://github.com/pierventre) 19 | - [pudelkom](https://github.com/pudelkom) 20 | - [raphaelvrosa](https://github.com/raphaelvrosa) 21 | - [rranjan3](https://github.com/rranjan3) 22 | - [soniabha-intc](https://github.com/soniabha-intc) 23 | - [tmatenko](https://github.com/tmatenko) 24 | - [zdw](https://github.com/zdw) 25 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | --- 5 | version: 2 6 | updates: 7 | - package-ecosystem: "gomod" 8 | directories: 9 | - "/api" 10 | - "/bulk-import-tools" 11 | - "/tenant-controller" 12 | - "/exporters-inventory" 13 | - "/inventory" 14 | schedule: 15 | interval: daily 16 | open-pull-requests-limit: 3 17 | commit-message: 18 | prefix: "[gomod] " 19 | groups: 20 | dependencies: 21 | patterns: 22 | - "*" 23 | exclude-patterns: # Internal dependencies are update into separate PRs. 24 | - "*open-edge-platform*" 25 | internal-dependencies: 26 | patterns: 27 | - "*open-edge-platform*" 28 | - package-ecosystem: "github-actions" 29 | directories: 30 | - "/" # this enables searching only in /.github/workflows directory 31 | schedule: 32 | interval: daily 33 | open-pull-requests-limit: 10 34 | commit-message: 35 | prefix: "[gha] " 36 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/o_s_update_policy.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | ) 11 | 12 | type OSUpdatePolicy struct { 13 | ent.Schema 14 | } 15 | 16 | func (OSUpdatePolicy) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.String("installed_packages").Optional(), field.String("update_sources").Optional(), field.String("kernel_command").Optional(), field.Enum("update_policy").Optional().Values("UPDATE_POLICY_UNSPECIFIED", "UPDATE_POLICY_LATEST", "UPDATE_POLICY_TARGET"), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (OSUpdatePolicy) Edges() []ent.Edge { 20 | return []ent.Edge{edge.To("target_os", OperatingSystemResource.Type).Unique()} 21 | } 22 | func (OSUpdatePolicy) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /apiv2/rego/authz.rego: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | package authz 5 | 6 | import rego.v1 7 | 8 | # Parses the input tenantid as a prefix in the write role. 9 | # Iterates over the input roles, and for every expected write role, 10 | # makes sure there is some role matching it. 11 | # It supports only roles with tenantID prefix. 12 | hasWriteAccess if { 13 | read_write_role := sprintf("%s_im-rw", [input.tenantid[0]]) 14 | some role in input["realm_access/roles"] # iteration 15 | [read_write_role][_] == role 16 | } 17 | 18 | # Parses the input tenantid as a prefix in the read and read-write roles. 19 | # Iterates over the input roles, and for every expected roles, 20 | # makes sure there is some role matching it. 21 | # It supports only roles with tenantID prefix. 22 | hasReadAccess if { 23 | read_role := sprintf("%s_im-r", [input.tenantid[0]]) 24 | read_write_role := sprintf("%s_im-rw", [input.tenantid[0]]) 25 | some role in input["realm_access/roles"] # iteration 26 | [read_role, read_write_role][_] == role 27 | } 28 | 29 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/ou_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type OuResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (OuResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("name").Optional(), field.String("ou_kind").Optional(), field.String("metadata").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (OuResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("parent_ou", OuResource.Type).Unique(), edge.From("children", OuResource.Type).Ref("parent_ou")} 22 | } 23 | func (OuResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (OuResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /exporters-inventory/internal/manager/manager_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package manager_test 5 | 6 | import ( 7 | "testing" 8 | 9 | "github.com/stretchr/testify/assert" 10 | 11 | "github.com/open-edge-platform/infra-core/exporters-inventory/internal/common" 12 | "github.com/open-edge-platform/infra-core/exporters-inventory/internal/manager" 13 | ) 14 | 15 | func TestManager_New(t *testing.T) { 16 | cfg := common.GlobalConfig{ 17 | LogLevel: common.LogLevel{ 18 | Tracing: false, 19 | TraceURL: "", 20 | }, 21 | ExporterConfig: common.ExporterConfig{ 22 | Path: "/metrics", 23 | Address: ":19101", 24 | Collectors: []common.CollectorsConfig{ 25 | { 26 | Name: common.InventoryCollector, 27 | Address: "bufconn", 28 | }, 29 | }, 30 | }, 31 | OAMServer: common.OAM{ 32 | Address: "", 33 | }, 34 | } 35 | 36 | termChan := make(chan bool) 37 | readyChan := make(chan bool) 38 | mngr, err := manager.NewManager(&cfg, readyChan, termChan) 39 | assert.Error(t, err) 40 | assert.Nil(t, mngr) 41 | } 42 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/tenant/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: tenant/v1/tenant.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | 6 | import betterproto 7 | 8 | 9 | class TenantState(betterproto.Enum): 10 | """An Enum with the states defined by the Multi-tenant framework""" 11 | 12 | TENANT_STATE_UNSPECIFIED = 0 13 | TENANT_STATE_CREATED = 1 14 | TENANT_STATE_DELETED = 2 15 | 16 | 17 | @dataclass 18 | class Tenant(betterproto.Message): 19 | # resource identifier 20 | resource_id: str = betterproto.string_field(1) 21 | # Expresses current state of tenant. 22 | current_state: "TenantState" = betterproto.enum_field(2) 23 | # Expresses desired state of tenant. 24 | desired_state: "TenantState" = betterproto.enum_field(3) 25 | # state of tenant initialization on osmanager side 26 | watcher_osmanager: bool = betterproto.bool_field(4) 27 | tenant_id: str = betterproto.string_field(100) 28 | created_at: str = betterproto.string_field(200) 29 | updated_at: str = betterproto.string_field(201) 30 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/tenant.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/field" 9 | "entgo.io/ent/schema/index" 10 | ) 11 | 12 | type Tenant struct { 13 | ent.Schema 14 | } 15 | 16 | func (Tenant) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("current_state").Optional().Values("TENANT_STATE_UNSPECIFIED", "TENANT_STATE_CREATED", "TENANT_STATE_DELETED"), field.Enum("desired_state").Values("TENANT_STATE_UNSPECIFIED", "TENANT_STATE_CREATED", "TENANT_STATE_DELETED"), field.Bool("watcher_osmanager").Optional(), field.String("tenant_id").Unique().Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (Tenant) Edges() []ent.Edge { 20 | return nil 21 | } 22 | func (Tenant) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | func (Tenant) Indexes() []ent.Index { 26 | return []ent.Index{index.Fields("tenant_id")} 27 | } 28 | -------------------------------------------------------------------------------- /inventory/pkg/secrets/secrets.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package secrets 5 | 6 | import "context" 7 | 8 | //go:generate mockgen -package mocks -destination=../mocks/secrets_mock.go . SecretsService 9 | //nolint:revive // keep SecretsService name 10 | type SecretsService interface { 11 | // ReadSecret reads a persistent secret under the given path and returns a stored object. 12 | // A consumer is responsible for parsing the returned object and converting it to an expected format. 13 | ReadSecret(ctx context.Context, path string) (map[string]interface{}, error) 14 | // WriteSecret write a persistent secret under the given path and returns the stored object. 15 | // A consumer is responsible for parsing the returned object and converting it to an expected format. 16 | WriteSecret(ctx context.Context, path string, secret map[string]interface{}) (map[string]interface{}, error) 17 | // Logout terminates a user session. Should be always invoked after all operations are done. 18 | Logout(ctx context.Context) 19 | } 20 | 21 | var SecretServiceFactory = newVaultService 22 | -------------------------------------------------------------------------------- /os-profiles/microvisor-standalone.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | standalone-node: true 8 | spec: 9 | name: Edge Microvisor Toolkit Standalone 3.0.20251204 10 | type: OS_TYPE_IMMUTABLE 11 | provider: OS_PROVIDER_KIND_INFRA 12 | architecture: x86_64 13 | profileName: microvisor-standalone # Name has to be identical to this file name 14 | osImageUrl: files-edge-orch/repository/microvisor/non_rt/edge-readonly-3.0.20251204.0140-prod-signed.raw.gz 15 | osImageVersion: 3.0.20251204.0140 16 | osImageSha256: b21f6084202e8f8ec6d704158abe5a1cb08bdbfa17608dff07ee720555c5eea0 17 | osPackageManifestURL: files-edge-orch/repository/microvisor/non_rt/edge-readonly-3.0.20251204.0140_pkg_manifest.json 18 | osExistingCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_cve.json 19 | osFixedCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_fixed_cves.json 20 | securityFeature: SECURITY_FEATURE_NONE 21 | description: Edge Microvisor Toolkit Standalone for x86_64 architecture 22 | platformBundle: 23 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/region_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type RegionResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (RegionResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("name").Optional(), field.String("region_kind").Optional(), field.String("metadata").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (RegionResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("parent_region", RegionResource.Type).Unique(), edge.From("children", RegionResource.Type).Ref("parent_region")} 22 | } 23 | func (RegionResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (RegionResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/store/ou_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/ouresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterOuResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_OU, 17 | ouresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | ouresource.EdgeChildren: { 20 | func(p sqlPredicate) sqlPredicate { return ouresource.HasChildrenWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_OU, 22 | }, 23 | 24 | ouresource.EdgeParentOu: { 25 | func(p sqlPredicate) sqlPredicate { return ouresource.HasParentOuWith(p) }, 26 | inv_v1.ResourceKind_RESOURCE_KIND_OU, 27 | }, 28 | }, 29 | map[string]sqlPredicate{ 30 | ouresource.EdgeChildren: ouresource.HasChildren(), 31 | ouresource.EdgeParentOu: ouresource.HasParentOu(), 32 | }, 33 | )) 34 | 35 | } 36 | -------------------------------------------------------------------------------- /os-profiles/microvisor-idv.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | appVersion: apps/v1 5 | metadata: 6 | standalone-node: true 7 | version: 0.1.0 8 | spec: 9 | name: Edge Microvisor Toolkit IDV 3.0.20251204 10 | type: OS_TYPE_IMMUTABLE 11 | provider: OS_PROVIDER_KIND_INFRA 12 | architecture: x86_64 13 | profileName: microvisor-idv # Name has to be identical to this file name 14 | osImageUrl: files-edge-orch/repository/microvisor/dv/edge-readonly-dv-3.0.20251204.0340-prod-signed.raw.gz 15 | osImageVersion: 3.0.20251204.0340 16 | osImageSha256: a46d0554f7166b30bf227bbafdb31bbf98f89592e48b6a0667f9b3e56c31f32d 17 | osPackageManifestURL: files-edge-orch/repository/microvisor/dv/edge-image-desktop-virtualization-image-3.0.20251204.0340_pkg_manifest.json 18 | osExistingCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_cve.json 19 | osFixedCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_fixed_cves.json 20 | securityFeature: SECURITY_FEATURE_NONE 21 | description: Edge Microvisor Toolkit with Desktop Virtualization for x86_64 architecture 22 | platformBundle: 23 | -------------------------------------------------------------------------------- /os-profiles/microvisor-nonrt.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2024 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | kubernetes-version: v1.32.4+k3s1 9 | spec: 10 | name: Edge Microvisor Toolkit 3.0.20251204 11 | type: OS_TYPE_IMMUTABLE 12 | provider: OS_PROVIDER_KIND_INFRA 13 | architecture: x86_64 14 | profileName: microvisor-nonrt # Name has to be identical to this file name 15 | osImageUrl: files-edge-orch/repository/microvisor/non_rt/edge-readonly-3.0.20251204.0140-prod-signed.raw.gz 16 | osImageVersion: 3.0.20251204.0140 17 | osImageSha256: b21f6084202e8f8ec6d704158abe5a1cb08bdbfa17608dff07ee720555c5eea0 18 | osPackageManifestURL: files-edge-orch/repository/microvisor/non_rt/edge-readonly-3.0.20251204.0140_pkg_manifest.json 19 | osExistingCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_cve.json 20 | osFixedCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_fixed_cves.json 21 | securityFeature: SECURITY_FEATURE_SECURE_BOOT_AND_FULL_DISK_ENCRYPTION 22 | description: Edge Microvisor Toolkit for x86_64 architecture 23 | platformBundle: 24 | -------------------------------------------------------------------------------- /inventory/docs/ent.md: -------------------------------------------------------------------------------- 1 | 5 | 6 | # Object-Relation Mapping (ORM) with Ent 7 | 8 | The database schema and the ORM code supporting the schema is autogenerated with [ent](https://entgo.io/). You must 9 | install the `protoc-gen-ent` tool for the generation to work. `ent` works based on protobuf options set on fields, 10 | which is described in these [document][document-url]. 11 | 12 | Generating database schema is done in two phases - `buf` uses `protoc-gen-ent` to 13 | generate schema files in `internal/ent/schema`, then `ent` transforms those schemas 14 | into database code with `go generate`. 15 | 16 | After making changes to the [proto files](../api/), run: 17 | 18 | - `make generate` 19 | 20 | This will create updated protobuf code and ent database code together with the Python\* bindings. Check the code in the 21 | following folders: 22 | 23 | - [internal/ent/schema](../internal/ent/schema/) 24 | - [pkg/api](../pkg/api) 25 | - [python/infra_inventory](../python/infra_inventory/) 26 | 27 | [document-url]: https://github.com/ent/contrib/blob/master/entproto/cmd/protoc-gen-ent/README.md 28 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/custom_config_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type CustomConfigResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (CustomConfigResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("name").Immutable(), field.String("config").Immutable(), field.String("description").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (CustomConfigResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.From("instances", InstanceResource.Type).Ref("custom_config")} 22 | } 23 | func (CustomConfigResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (CustomConfigResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("name", "tenant_id").Unique(), index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /os-profiles/microvisor-rt.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2024 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | kubernetes-version: v1.32.4+k3s1 9 | spec: 10 | name: Edge Microvisor Toolkit Real Time 3.0.20251204 11 | type: OS_TYPE_IMMUTABLE 12 | provider: OS_PROVIDER_KIND_INFRA 13 | architecture: x86_64 14 | profileName: microvisor-rt # Name has to be identical to this file name 15 | osImageUrl: files-edge-orch/repository/microvisor/rt/edge-readonly-rt-3.0.20251204.0217-prod-signed.raw.gz 16 | osImageVersion: 3.0.20251204.0217 17 | osImageSha256: bccffb5210270251ef0cbea50639a84b423f6823a35a1dabc029ef5f5febbeab 18 | osPackageManifestURL: files-edge-orch/repository/microvisor/rt/edge-readonly-rt-3.0.20251204.0217_pkg_manifest.json 19 | osExistingCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_cve.json 20 | osFixedCvesURL: files-edge-orch/microvisor/iso/EdgeMicrovisorToolkit-3.2_fixed_cves.json 21 | securityFeature: SECURITY_FEATURE_SECURE_BOOT_AND_FULL_DISK_ENCRYPTION 22 | description: Edge Microvisor Toolkit Real Time for x86_64 architecture 23 | platformBundle: 24 | -------------------------------------------------------------------------------- /tenant-controller/internal/util/await.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package util 5 | 6 | import "context" 7 | 8 | type Task[T any] func(context.Context) (T, error) 9 | 10 | type response[T any] struct { 11 | value T 12 | err error 13 | } 14 | 15 | type Promise[T any] struct { 16 | responses chan response[T] 17 | ctx context.Context 18 | cancel context.CancelFunc 19 | } 20 | 21 | func (t *Promise[T]) Await() (T, error) { 22 | for { 23 | select { 24 | case <-t.ctx.Done(): 25 | return *new(T), t.ctx.Err() 26 | case rsp := <-t.responses: 27 | return rsp.value, rsp.err 28 | } 29 | } 30 | } 31 | 32 | func (t *Promise[T]) Cancel() { 33 | t.cancel() 34 | } 35 | 36 | func Run[T any](ctx context.Context, f Task[T]) *Promise[T] { 37 | ctx, cancel := context.WithCancel(ctx) 38 | responses := make(chan response[T], 16) //nolint:mnd // default size of buffer 39 | go func() { 40 | v, e := f(ctx) 41 | responses <- response[T]{ 42 | value: v, 43 | err: e, 44 | } 45 | }() 46 | return &Promise[T]{ 47 | responses: responses, 48 | ctx: ctx, 49 | cancel: cancel, 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /inventory/pkg/perf/perf.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package perf 5 | 6 | import ( 7 | "flag" 8 | "net/http" 9 | _ "net/http/pprof" // Only imported for testing purposes. 10 | 11 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/logging" 12 | ) 13 | 14 | var zlog = logging.GetLogger("InfraPprof") 15 | 16 | const ( 17 | defaultPprofServerAddress = "0.0.0.0:6060" 18 | ServerAddress = "pprofServerAddress" 19 | ServerAddressDescription = "The endpoint address pprof to serve on. " + 20 | "It should have the following format :." 21 | ) 22 | 23 | //nolint:gochecknoinits // Using init for defining flags is a valid exception. 24 | func init() { 25 | flag.Func( 26 | ServerAddress, 27 | ServerAddressDescription, 28 | startPprofHTTPServer, 29 | ) 30 | } 31 | 32 | func startPprofHTTPServer(address string) error { 33 | if address == "" { 34 | address = defaultPprofServerAddress 35 | } 36 | go func() { 37 | err := http.ListenAndServe(address, nil) 38 | zlog.InfraSec().Err(err).Msgf("failed to initialize pprof http server at %s", address) 39 | }() 40 | return nil 41 | } 42 | -------------------------------------------------------------------------------- /inventory/internal/store/netlink_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/netlinkresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterNetlinkResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_NETLINK, 17 | netlinkresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | netlinkresource.EdgeDst: { 20 | func(p sqlPredicate) sqlPredicate { return netlinkresource.HasDstWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_ENDPOINT, 22 | }, 23 | 24 | netlinkresource.EdgeSrc: { 25 | func(p sqlPredicate) sqlPredicate { return netlinkresource.HasSrcWith(p) }, 26 | inv_v1.ResourceKind_RESOURCE_KIND_ENDPOINT, 27 | }, 28 | }, 29 | map[string]sqlPredicate{ 30 | netlinkresource.EdgeDst: netlinkresource.HasDst(), 31 | netlinkresource.EdgeSrc: netlinkresource.HasSrc(), 32 | }, 33 | )) 34 | 35 | } 36 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/hostgpu_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type HostgpuResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (HostgpuResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("pci_id").Optional(), field.String("product").Optional(), field.String("vendor").Optional(), field.String("description").Optional(), field.String("device_name").Optional(), field.String("features").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (HostgpuResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("host", HostResource.Type).Required().Unique()} 22 | } 23 | func (HostgpuResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (HostgpuResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/pkg/util/paginator/paginator.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package paginator 5 | 6 | import "github.com/open-edge-platform/infra-core/inventory/v2/pkg/logging" 7 | 8 | var log = logging.GetLogger("Paginator") 9 | 10 | func NewPaginator[T comparable](offset, limit int) Paginator[T] { 11 | return Paginator[T]{ 12 | offset: offset, 13 | limit: limit, 14 | } 15 | } 16 | 17 | type Paginator[T comparable] struct { 18 | offset, limit int 19 | } 20 | 21 | // utility function to apply the pagination on a slice of resources. 22 | func (p Paginator[T]) Apply(resources []T) (res []T, hasNext bool, totLen int) { 23 | if len(resources) == 0 { 24 | log.Debug().Msgf("No resources found") 25 | return resources[:0], false, 0 26 | } 27 | // Apply offset and limit 28 | totalLen := len(resources) 29 | switch { 30 | case p.limit != 0 && p.offset+p.limit < len(resources): 31 | return resources[p.offset : p.offset+p.limit], true, totalLen 32 | case p.offset < len(resources): 33 | return resources[p.offset:], false, totalLen 34 | default: 35 | log.Debug().Msgf("No resources found") 36 | return resources[:0], false, totalLen 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /inventory/api/ent/opts.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto2"; 2 | 3 | package ent; 4 | 5 | import "google/protobuf/descriptor.proto"; 6 | 7 | option go_package = "entgo.io/contrib/entproto/cmd/protoc-gen-ent/options/ent"; 8 | 9 | message Schema { 10 | optional bool gen = 1; 11 | optional string name = 2; 12 | } 13 | 14 | extend google.protobuf.MessageOptions { 15 | optional Schema schema = 150119; 16 | } 17 | 18 | message Field { 19 | optional bool optional = 1; 20 | optional bool nillable = 2; 21 | optional bool unique = 3; 22 | optional bool sensitive = 4; 23 | optional bool immutable = 5; 24 | optional string comment = 6; 25 | optional string struct_tag = 7; 26 | optional string storage_key = 8; 27 | map schema_type = 9; 28 | } 29 | 30 | message Edge { 31 | optional bool unique = 1; 32 | optional string ref = 2; 33 | optional bool required = 3; 34 | optional string field = 4; 35 | optional StorageKey storage_key = 5; 36 | optional string struct_tag = 6; 37 | 38 | message StorageKey { 39 | optional string table = 1; 40 | repeated string columns = 2; 41 | } 42 | } 43 | 44 | extend google.protobuf.FieldOptions { 45 | optional Field field = 150119; 46 | optional Edge edge = 150120; 47 | } 48 | -------------------------------------------------------------------------------- /tenant-controller/internal/util/retry.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package util 5 | 6 | import ( 7 | "fmt" 8 | "time" 9 | 10 | "github.com/cenkalti/backoff/v4" 11 | 12 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/logging" 13 | ) 14 | 15 | var log = logging.GetLogger("tc-utils") 16 | 17 | func Retry(bo backoff.BackOff, fn func() error, msg string, args ...any) error { 18 | err := backoff.RetryNotify( 19 | fn, 20 | bo, 21 | func(err error, duration time.Duration) { 22 | log.Debug().Msgf("%s: %s, retrying after %s", fmt.Sprintf(msg, args...), err, duration) 23 | }) 24 | if err != nil { 25 | log.Err(err).Msgf(msg, args...) 26 | return err 27 | } 28 | return nil 29 | } 30 | 31 | func RetryAndHandleError(bo backoff.BackOff, fn func() error, onErrorFn func(err error) error, msg string, args ...any) error { 32 | err := backoff.RetryNotify( 33 | fn, 34 | bo, 35 | func(err error, duration time.Duration) { 36 | log.Debug().Msgf("%s: %s, retrying after %s", fmt.Sprintf(msg, args...), err, duration) 37 | }) 38 | if err != nil { 39 | log.Err(err).Msgf(msg, args...) 40 | return onErrorFn(err) 41 | } 42 | return nil 43 | } 44 | -------------------------------------------------------------------------------- /inventory/internal/store/migration.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package store 5 | 6 | import ( 7 | "context" 8 | "fmt" 9 | 10 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent" 11 | ) 12 | 13 | // UpdateDefaultTenantIDInTables updates the tenant_id in the specified tables where tenant_id equals '0'. 14 | // It executes the update within a transaction to ensure atomicity, preventing partial updates in case of an error. 15 | func (is *InvStore) UpdateDefaultTenantIDInTables(ctx context.Context, tables []string, tenantID string) error { 16 | zlog.Debug().Msgf("Populate tenant values in tables: %v", tables) 17 | err := ExecuteInTx(is)(ctx, func(ctx context.Context, tx *ent.Tx) error { 18 | for _, table := range tables { 19 | query := fmt.Sprintf("UPDATE %s SET tenant_id = $1 WHERE tenant_id = '0'", table) 20 | if _, err := tx.ExecContext(ctx, query, tenantID); err != nil { 21 | zlog.InfraSec().InfraErr(err).Msgf("Error updating tenant_id in table %s", table) 22 | return err 23 | } 24 | } 25 | return nil 26 | }) 27 | if err != nil { 28 | zlog.InfraSec().InfraErr(err).Msg("") 29 | return err 30 | } 31 | return nil 32 | } 33 | -------------------------------------------------------------------------------- /inventory/internal/store/region_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/regionresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterRegionResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_REGION, 17 | regionresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | regionresource.EdgeChildren: { 20 | func(p sqlPredicate) sqlPredicate { return regionresource.HasChildrenWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_REGION, 22 | }, 23 | 24 | regionresource.EdgeParentRegion: { 25 | func(p sqlPredicate) sqlPredicate { return regionresource.HasParentRegionWith(p) }, 26 | inv_v1.ResourceKind_RESOURCE_KIND_REGION, 27 | }, 28 | }, 29 | map[string]sqlPredicate{ 30 | regionresource.EdgeChildren: regionresource.HasChildren(), 31 | regionresource.EdgeParentRegion: regionresource.HasParentRegion(), 32 | }, 33 | )) 34 | 35 | } 36 | -------------------------------------------------------------------------------- /inventory/internal/store/workloadmember_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/workloadmember" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterWorkloadMember() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_WORKLOAD_MEMBER, 17 | workloadmember.ValidColumn, 18 | map[string]edgeHandler{ 19 | workloadmember.EdgeInstance: { 20 | func(p sqlPredicate) sqlPredicate { return workloadmember.HasInstanceWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_INSTANCE, 22 | }, 23 | 24 | workloadmember.EdgeWorkload: { 25 | func(p sqlPredicate) sqlPredicate { return workloadmember.HasWorkloadWith(p) }, 26 | inv_v1.ResourceKind_RESOURCE_KIND_WORKLOAD, 27 | }, 28 | }, 29 | map[string]sqlPredicate{ 30 | workloadmember.EdgeInstance: workloadmember.HasInstance(), 31 | workloadmember.EdgeWorkload: workloadmember.HasWorkload(), 32 | }, 33 | )) 34 | 35 | } 36 | -------------------------------------------------------------------------------- /os-profiles/ubuntu-22.04-lts-generic-ext.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2024 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | version: 0.2.0 9 | spec: 10 | name: Ubuntu 22.04.5 LTS with Intel out-of-tree GPU drivers 11 | type: OS_TYPE_MUTABLE 12 | provider: OS_PROVIDER_KIND_INFRA 13 | architecture: x86_64 14 | profileName: ubuntu-22.04-lts-generic-ext 15 | osImageUrl: >- 16 | https://cloud-images.ubuntu.com/releases/22.04/release-20250228/ubuntu-22.04-server-cloudimg-amd64.img 17 | osImageVersion: 22.04.5 18 | osImageSha256: b9b65a7e045ca262ad614cbedeaa1bf34b9325d76f856e85e17b68984e7a4314 19 | osPackageManifestURL: "" 20 | osExistingCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.jammy.cve.oval.xml.bz2 21 | osFixedCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.jammy.usn.oval.xml.bz2 22 | securityFeature: SECURITY_FEATURE_NONE 23 | description: Ubuntu 22.04.5 LTS with Intel out-of-tree GPU drivers for x86_64 architecture 24 | platformBundle: 25 | installerScript: edge-orch/en/files/platformbundle/ubuntu-22.04-lts-generic-ext:1.1.5 26 | cloudInitScript: edge-orch/en/files/platformbundle/cloudinit:1.1.5 27 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/o_s_update_policy_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | ) 11 | 12 | type OSUpdatePolicyResource struct { 13 | ent.Schema 14 | } 15 | 16 | func (OSUpdatePolicyResource) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.String("name"), field.String("description").Optional(), field.String("update_sources").Optional().Immutable(), field.String("update_packages").Optional().Immutable(), field.String("update_kernel_command").Optional().Immutable(), field.Enum("update_policy").Optional().Immutable().Values("UPDATE_POLICY_UNSPECIFIED", "UPDATE_POLICY_LATEST", "UPDATE_POLICY_TARGET"), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (OSUpdatePolicyResource) Edges() []ent.Edge { 20 | return []ent.Edge{edge.To("target_os", OperatingSystemResource.Type).Unique()} 21 | } 22 | func (OSUpdatePolicyResource) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /inventory/pkg/status/status.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package status 5 | 6 | import ( 7 | "fmt" 8 | 9 | statusv1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/status/v1" 10 | ) 11 | 12 | const ( 13 | DefaultHostStatus = "Not Connected" 14 | DefaultOnboardingStatus = "Not Connected" 15 | DefaultRegistrationStatus = "Unknown" 16 | DefaultInstanceStatus = "Not Installed" 17 | DefaultProvisioningStatus = "Not Provisioned" 18 | DefaultUpdateStatus = "No Current Update" 19 | DefaultTrustedAttestationStatus = "Unknown" 20 | DefaultPowerStatus = "Unknown" 21 | DefaultAmtStatus = "Unknown" 22 | ) 23 | 24 | type ResourceStatus struct { 25 | Status string 26 | StatusIndicator statusv1.StatusIndication 27 | } 28 | 29 | func (rs ResourceStatus) String() string { 30 | return fmt.Sprintf("ResourceStatus(status=%q, indication=%v)", rs.Status, rs.StatusIndicator) 31 | } 32 | 33 | func New(statusMessage string, indication statusv1.StatusIndication) ResourceStatus { 34 | return ResourceStatus{ 35 | Status: statusMessage, 36 | StatusIndicator: indication, 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /os-profiles/ubuntu-24.04-lts-generic-ext.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | appVersion: apps/v1 6 | metadata: 7 | release: 0.0.0-dev 8 | version: 0.1.0 9 | spec: 10 | name: Ubuntu 24.04.2 LTS with Intel out-of-tree GPU drivers 11 | type: OS_TYPE_MUTABLE 12 | provider: OS_PROVIDER_KIND_INFRA 13 | architecture: x86_64 14 | profileName: ubuntu-24.04-lts-generic-ext 15 | osImageUrl: >- 16 | https://cloud-images.ubuntu.com/releases/noble/release-20250430/ubuntu-24.04-server-cloudimg-amd64.img 17 | osImageVersion: 24.04.2 18 | osImageSha256: bc471ca49de03b5129c65b70f9862b7f4b5e721622fd34ade78132f6f7999e2d 19 | osPackageManifestURL: "" 20 | osExistingCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.noble.cve.oval.xml.bz2 21 | osFixedCvesURL: https://security-metadata.canonical.com/oval/com.ubuntu.noble.usn.oval.xml.bz2 22 | securityFeature: SECURITY_FEATURE_NONE 23 | description: Ubuntu 24.04.2 LTS with Intel out-of-tree GPU drivers for x86_64 architecture 24 | platformBundle: 25 | installerScript: edge-orch/en/files/platformbundle/ubuntu-24.04-lts-generic-ext:1.1.5.1 26 | cloudInitScript: edge-orch/en/files/platformbundle/cloudinit:1.1.5.1 27 | -------------------------------------------------------------------------------- /inventory/rego/authz.rego: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | package authz 5 | 6 | import rego.v1 7 | 8 | hasWriteAccess if { 9 | some role in input["realm_access/roles"] # iteration 10 | # We expect: 11 | # - with MT: [PROJECT_UUID]_en-agent-rw, [PROJECT_UUID]_en-ob or [PROJECT_UUID]_im-rw 12 | regex.match("^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_)en-agent-rw$|^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_en-ob$|^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_)im-rw$", role) 13 | } 14 | 15 | hasReadAccess if { 16 | some role in input["realm_access/roles"] # iteration 17 | # We expect: 18 | # - with MT: [PROJECT_UUID]_en-agent-rw, [PROJECT_UUID]_en-ob, [PROJECT_UUID]_im-r or [PROJECT_UUID]_im-rw 19 | regex.match("^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_)en-agent-rw$|^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_)en-ob$|^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_)im-r$|^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_)im-rw$", role) 20 | } 21 | -------------------------------------------------------------------------------- /.github/workflows/auto-close.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Stale Pull Requests 6 | 7 | # After 30 days of no activity on a PR, the PR should be marked as stale, 8 | # a comment made on the PR informing the author of the new status, 9 | # and closed after 15 days if there is no further activity from the change to stale state. 10 | on: 11 | schedule: 12 | - cron: '30 1 * * *' # run every day 13 | workflow_dispatch: {} 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | stale-auto-close: 20 | permissions: 21 | contents: read 22 | pull-requests: write 23 | runs-on: ubuntu-latest 24 | steps: 25 | - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 26 | with: 27 | repo-token: ${{ secrets.GITHUB_TOKEN }} 28 | stale-pr-message: 'This pull request is stale because it has been open 30 days with no activity. Make a comment or update the PR to avoid closing PR after 15 days.' 29 | days-before-pr-stale: 30 30 | days-before-pr-close: 15 31 | remove-pr-stale-when-updated: 'true' 32 | close-pr-message: 'This pull request was automatically closed due to inactivity' 33 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/provider/v1.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: provider/v1/provider.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import List 6 | 7 | import betterproto 8 | 9 | 10 | class ProviderKind(betterproto.Enum): 11 | PROVIDER_KIND_UNSPECIFIED = 0 12 | PROVIDER_KIND_BAREMETAL = 1 13 | 14 | 15 | class ProviderVendor(betterproto.Enum): 16 | PROVIDER_VENDOR_UNSPECIFIED = 0 17 | PROVIDER_VENDOR_LENOVO_LXCA = 1 18 | PROVIDER_VENDOR_LENOVO_LOCA = 2 19 | 20 | 21 | @dataclass 22 | class ProviderResource(betterproto.Message): 23 | resource_id: str = betterproto.string_field(1) 24 | # kind and vendor are used to diversify the provider 25 | provider_kind: "ProviderKind" = betterproto.enum_field(2) 26 | provider_vendor: "ProviderVendor" = betterproto.enum_field(3) 27 | name: str = betterproto.string_field(4) 28 | api_endpoint: str = betterproto.string_field(16) 29 | api_credentials: List[str] = betterproto.string_field(17) 30 | config: str = betterproto.string_field(18) 31 | tenant_id: str = betterproto.string_field(100) 32 | created_at: str = betterproto.string_field(200) 33 | updated_at: str = betterproto.string_field(201) 34 | -------------------------------------------------------------------------------- /.github/workflows/auto-update.yml: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | --- 5 | 6 | name: Auto Update PR 7 | 8 | # On push to the main branch and support branches, update any branches that are out of date 9 | # and have auto-merge enabled. If the branch is currently out of date with the base branch, 10 | # it must be first manually updated and then will be kept up to date on future runs. 11 | on: 12 | push: 13 | branches: 14 | - main 15 | - release-* 16 | 17 | permissions: 18 | contents: read 19 | 20 | concurrency: 21 | group: ${{ github.workflow }}-${{ github.ref }} 22 | cancel-in-progress: true 23 | 24 | jobs: 25 | update-pull-requests: 26 | permissions: 27 | contents: read 28 | pull-requests: write 29 | runs-on: ubuntu-latest 30 | 31 | steps: 32 | - name: Checkout repository 33 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 34 | with: 35 | persist-credentials: false 36 | 37 | - name: Update pull requests 38 | uses: open-edge-platform/orch-ci/.github/actions/pr_updater@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 39 | with: 40 | github_token: ${{ secrets.SYS_EMF_GH_TOKEN }} 41 | -------------------------------------------------------------------------------- /os-profiles/template/profile-template.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2024 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | appVersion: apps/v1 5 | metadata: 6 | release: 0.0.0-dev # OS Profile version, placeholder, override in post-merge CI 7 | version: 0.1.0 # TODO: remove unused 8 | spec: 9 | # human-readable name of OS profile 10 | name: 11 | # OS_TYPE_IMMUTABLE or OS_TYPE_MUTABLE, 12 | # should match values in 13 | # https://github.com/open-edge-platform/infra-core/blob/main/inventory/api/os/v1/os.proto#L25-L29 14 | type: 15 | # must be unique across all files under manifest/en-profile 16 | profileName: 17 | # string, path in Release Service or any other URL to download OS from. 18 | osImageUrl: 19 | # OS image version, should be retrievable from the running OS. 20 | osImageVersion: 21 | # SHA256 checksum for integrity check 22 | osImageSha256: 23 | # security settings for OS profile, 24 | # should match values in 25 | # https://github.com/open-edge-platform/infra-core/blob/main/inventory/api/os/v1/os.proto#L18-L22 26 | securityFeature: 27 | platformBundle: 28 | installerScript: # URL of the installer script part of the platform bundle 29 | cloudInitScript: # URL of the cloud-init script part of the platform bundle 30 | -------------------------------------------------------------------------------- /tenant-controller/internal/util/await_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package util_test 5 | 6 | import ( 7 | "context" 8 | "sync/atomic" 9 | "testing" 10 | "time" 11 | 12 | "github.com/stretchr/testify/require" 13 | 14 | "github.com/open-edge-platform/infra-core/tenant-controller/internal/util" 15 | ) 16 | 17 | func TestCancel(t *testing.T) { 18 | ctx, cancel := context.WithCancel(context.TODO()) 19 | defer cancel() 20 | 21 | canceled := new(atomic.Bool) 22 | promise := util.Run(ctx, func(c context.Context) (any, error) { 23 | <-c.Done() 24 | canceled.Store(true) 25 | return new(interface{}), nil 26 | }) 27 | 28 | promise.Cancel() 29 | require.Eventually(t, func() bool { return canceled.Load() }, 30 | time.Second, 100*time.Millisecond, "running task shall be canceled") 31 | } 32 | 33 | func TestCancelWithContext(t *testing.T) { 34 | ctx, cancel := context.WithCancel(context.TODO()) 35 | defer cancel() 36 | 37 | promise := util.Run(ctx, func(c context.Context) (any, error) { 38 | <-c.Done() 39 | return new(interface{}), nil 40 | }) 41 | 42 | go time.AfterFunc(time.Second, func() { 43 | cancel() 44 | }) 45 | _, err := promise.Await() 46 | require.ErrorIs(t, err, context.Canceled) 47 | } 48 | -------------------------------------------------------------------------------- /exporters-inventory/.trivyignore: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | CVE-2023-45853 5 | # Disable CVE-2023-7104 for now as we use postgres for testing only. 6 | # TODO: upgrade postgres version once the security issue is fixed in upstream 7 | CVE-2023-7104 8 | CVE-2023-6780 9 | 10 | # New ones - lowered security targets 11 | # Postgres HIGH 12 | CVE-2023-27561 13 | CVE-2024-21626 14 | CVE-2024-28085 15 | CVE-2023-47038 16 | CVE-2023-31484 17 | CVE-2024-2961 18 | CVE-2023-6779 19 | CVE-2023-6246 20 | CVE-2024-25062 21 | CVE-2023-50868 22 | CVE-2023-50387 23 | CVE-2023-2953 24 | CVE-2024-26462 25 | CVE-2024-0567 26 | CVE-2024-0553 27 | CVE-2024-33599 28 | CVE-2023-7104 29 | CVE-2024-3154 30 | 31 | # Postgres MEDIUM 32 | CVE-2022-29162 33 | CVE-2023-28642 34 | CVE-2023-4641 35 | CVE-2024-0727 36 | CVE-2023-6237 37 | CVE-2023-6129 38 | CVE-2023-5678 39 | CVE-2023-50495 40 | CVE-2023-45322 41 | CVE-2023-39615 42 | CVE-2023-7008 43 | CVE-2023-4039 44 | CVE-2024-0232 45 | CVE-2024-22365 46 | CVE-2024-31852 47 | CVE-2024-26461 48 | CVE-2024-26458 49 | CVE-2024-28835 50 | CVE-2024-28834 51 | CVE-2023-5981 52 | CVE-2024-2236 53 | CVE-2024-33600 54 | CVE-2024-33601 55 | CVE-2024-33602 56 | 57 | # Needs upgrade of golang to 1.24.11 58 | CVE-2025-61729 59 | -------------------------------------------------------------------------------- /.github/workflows/post-merge-os-profiles.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Post-Merge OS Profiles 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | - release-* 12 | paths: 13 | - 'os-profiles/**' 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | post-merge-pipeline: 20 | permissions: 21 | contents: read 22 | security-events: write 23 | id-token: write 24 | uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 25 | with: 26 | bootstrap_tools: "go,yq,aws,oras" 27 | run_version_check: true 28 | run_dep_version_check: false 29 | run_build: false 30 | run_docker_build: false 31 | run_docker_push: false 32 | run_artifact_push: true 33 | run_version_tag: true 34 | run_version_dev: true 35 | prefix_tag_separator: "/" 36 | project_folder: "os-profiles" 37 | secrets: 38 | SYS_EMF_GH_TOKEN: ${{ secrets.SYS_EMF_GH_TOKEN }} 39 | NO_AUTH_ECR_PUSH_USERNAME: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }} 40 | NO_AUTH_ECR_PUSH_PASSWD: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }} 41 | MSTEAMS_WEBHOOK: ${{ secrets.TEAMS_WEBHOOK }} 42 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/hoststorage_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type HoststorageResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (HoststorageResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("kind").Optional(), field.String("provider_status").Optional(), field.String("wwid").Optional(), field.String("serial").Optional(), field.String("vendor").Optional(), field.String("model").Optional(), field.Uint64("capacity_bytes").Optional(), field.String("device_name").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (HoststorageResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("host", HostResource.Type).Required().Unique()} 22 | } 23 | func (HoststorageResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (HoststorageResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/hostusb_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type HostusbResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (HostusbResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("kind").Optional(), field.String("owner_id").Optional(), field.String("idvendor").Optional(), field.String("idproduct").Optional(), field.Uint32("bus").Optional(), field.Uint32("addr").Optional(), field.String("class").Optional(), field.String("serial").Optional(), field.String("device_name").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (HostusbResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("host", HostResource.Type).Required().Unique()} 22 | } 23 | func (HostusbResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (HostusbResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/provider_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/field" 9 | "entgo.io/ent/schema/index" 10 | ) 11 | 12 | type ProviderResource struct { 13 | ent.Schema 14 | } 15 | 16 | func (ProviderResource) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("provider_kind").Values("PROVIDER_KIND_UNSPECIFIED", "PROVIDER_KIND_BAREMETAL"), field.Enum("provider_vendor").Optional().Values("PROVIDER_VENDOR_UNSPECIFIED", "PROVIDER_VENDOR_LENOVO_LXCA", "PROVIDER_VENDOR_LENOVO_LOCA"), field.String("name"), field.String("api_endpoint"), field.String("api_credentials").Optional(), field.String("config").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (ProviderResource) Edges() []ent.Edge { 20 | return nil 21 | } 22 | func (ProviderResource) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | func (ProviderResource) Indexes() []ent.Index { 26 | return []ent.Index{index.Fields("name", "tenant_id").Unique(), index.Fields("tenant_id")} 27 | } 28 | -------------------------------------------------------------------------------- /.github/workflows/post-merge-apiv2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Post-Merge API 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | - release-* 12 | paths: 13 | - 'apiv2/**' 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | post-merge-pipeline: 20 | permissions: 21 | contents: read 22 | security-events: write 23 | id-token: write 24 | uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 25 | with: 26 | orch_ci_repo_ref: da08a06e8aec70621e50ed4aec2fac5599839f45 # v0.1.62 Pin bootstrap action and scripts 27 | run_version_check: true 28 | run_dep_version_check: true 29 | run_build: true 30 | run_docker_build: true 31 | run_docker_push: true 32 | run_version_tag: true 33 | run_version_dev: true 34 | prefix_tag_separator: "/" 35 | project_folder: "apiv2" 36 | secrets: 37 | SYS_EMF_GH_TOKEN: ${{ secrets.SYS_EMF_GH_TOKEN }} 38 | NO_AUTH_ECR_PUSH_USERNAME: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }} 39 | NO_AUTH_ECR_PUSH_PASSWD: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }} 40 | MSTEAMS_WEBHOOK: ${{ secrets.TEAMS_WEBHOOK }} 41 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/telemetry_group_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type TelemetryGroupResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (TelemetryGroupResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("name"), field.Enum("kind").Values("TELEMETRY_RESOURCE_KIND_UNSPECIFIED", "TELEMETRY_RESOURCE_KIND_METRICS", "TELEMETRY_RESOURCE_KIND_LOGS"), field.Enum("collector_kind").Values("COLLECTOR_KIND_UNSPECIFIED", "COLLECTOR_KIND_HOST", "COLLECTOR_KIND_CLUSTER"), field.String("groups"), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (TelemetryGroupResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.From("profiles", TelemetryProfile.Type).Ref("group")} 22 | } 23 | func (TelemetryGroupResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (TelemetryGroupResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /.github/workflows/post-merge-inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Post-Merge Inventory 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | - release-* 12 | paths: 13 | - 'inventory/**' 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | post-merge-pipeline: 20 | permissions: 21 | contents: read 22 | security-events: write 23 | id-token: write 24 | uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 25 | with: 26 | orch_ci_repo_ref: da08a06e8aec70621e50ed4aec2fac5599839f45 # v0.1.62 Pin bootstrap action and scripts 27 | run_version_check: true 28 | run_dep_version_check: true 29 | run_build: true 30 | run_docker_build: true 31 | run_docker_push: true 32 | run_version_tag: true 33 | run_version_dev: true 34 | prefix_tag_separator: "/" 35 | project_folder: "inventory" 36 | secrets: 37 | SYS_EMF_GH_TOKEN: ${{ secrets.SYS_EMF_GH_TOKEN }} 38 | NO_AUTH_ECR_PUSH_USERNAME: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }} 39 | NO_AUTH_ECR_PUSH_PASSWD: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }} 40 | MSTEAMS_WEBHOOK: ${{ secrets.TEAMS_WEBHOOK }} 41 | -------------------------------------------------------------------------------- /inventory/internal/store/osupdaterun_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/osupdaterunresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterOsupdateRunResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_OSUPDATERUN, 17 | osupdaterunresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | osupdaterunresource.EdgeAppliedPolicy: { 20 | func(p sqlPredicate) sqlPredicate { return osupdaterunresource.HasAppliedPolicyWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_OSUPDATEPOLICY, 22 | }, 23 | 24 | osupdaterunresource.EdgeInstance: { 25 | func(p sqlPredicate) sqlPredicate { return osupdaterunresource.HasInstanceWith(p) }, 26 | inv_v1.ResourceKind_RESOURCE_KIND_INSTANCE, 27 | }, 28 | }, 29 | map[string]sqlPredicate{ 30 | osupdaterunresource.EdgeAppliedPolicy: osupdaterunresource.HasAppliedPolicy(), 31 | osupdaterunresource.EdgeInstance: osupdaterunresource.HasInstance(), 32 | }, 33 | )) 34 | 35 | } 36 | -------------------------------------------------------------------------------- /inventory/pkg/api/remoteaccess/v1/remoteaccess_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: remoteaccess/v1/remoteaccess.proto 4 | 5 | package v1 6 | 7 | const ( 8 | // Fields and Edges constants for "RemoteAccessConfiguration" 9 | RemoteAccessConfigurationFieldResourceId = "resource_id" 10 | RemoteAccessConfigurationEdgeInstance = "instance" 11 | RemoteAccessConfigurationFieldExpirationTimestamp = "expiration_timestamp" 12 | RemoteAccessConfigurationFieldLocalPort = "local_port" 13 | RemoteAccessConfigurationFieldUser = "user" 14 | RemoteAccessConfigurationFieldCurrentState = "current_state" 15 | RemoteAccessConfigurationFieldDesiredState = "desired_state" 16 | RemoteAccessConfigurationFieldConfigurationStatus = "configuration_status" 17 | RemoteAccessConfigurationFieldConfigurationStatusIndicator = "configuration_status_indicator" 18 | RemoteAccessConfigurationFieldConfigurationStatusTimestamp = "configuration_status_timestamp" 19 | RemoteAccessConfigurationFieldTenantId = "tenant_id" 20 | RemoteAccessConfigurationFieldCreatedAt = "created_at" 21 | RemoteAccessConfigurationFieldUpdatedAt = "updated_at" 22 | ) 23 | -------------------------------------------------------------------------------- /.github/workflows/post-merge-tenant-controller.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Post-Merge Tenant Controller 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | - release-* 12 | paths: 13 | - 'tenant-controller/**' 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | post-merge-pipeline: 20 | permissions: 21 | contents: read 22 | security-events: write 23 | id-token: write 24 | uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 25 | with: 26 | orch_ci_repo_ref: da08a06e8aec70621e50ed4aec2fac5599839f45 # v0.1.62 Pin bootstrap action and scripts 27 | run_version_check: true 28 | run_dep_version_check: true 29 | run_build: true 30 | run_docker_build: true 31 | run_docker_push: true 32 | run_version_tag: true 33 | run_version_dev: true 34 | prefix_tag_separator: "/" 35 | project_folder: "tenant-controller" 36 | secrets: 37 | SYS_EMF_GH_TOKEN: ${{ secrets.SYS_EMF_GH_TOKEN }} 38 | NO_AUTH_ECR_PUSH_USERNAME: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }} 39 | NO_AUTH_ECR_PUSH_PASSWD: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }} 40 | MSTEAMS_WEBHOOK: ${{ secrets.TEAMS_WEBHOOK }} 41 | -------------------------------------------------------------------------------- /exporters-inventory/test/README.md: -------------------------------------------------------------------------------- 1 | # Integration Tests 2 | 3 | This file describes how to execute the integration tests placed in this folder. 4 | 5 | ## Requirements 6 | 7 | It requires helm and kubectl installed, besides an operational Kubernetes cluster. 8 | 9 | ## Run 10 | 11 | Then enable a port-forward to have interface with the API component via port 8080. 12 | 13 | ```bash 14 | kubectl -n orch-infra port-forward svc/api 8080 15 | ``` 16 | 17 | Then enable a port-forward to have interface with the Exporter component via port 9101. 18 | 19 | ```bash 20 | kubectl -n orch-infra orch-port-forward svc/exporter 9101 21 | ``` 22 | 23 | Now, you are almost good to go. In another terminal run the following command to obtain a valid JWT: 24 | 25 | ```bash 26 | export FQDN= 27 | export USERNAME= 28 | export PASSWORD= 29 | 30 | JWT_TOKEN=$(curl -k --location --request POST "https://keycloak.${FQDN}/realms/master/protocol/openid-connect/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'grant_type=password' --data-urlencode 'client_id=system-client' --data-urlencode "username=${USERNAME}" --data-urlencode "password=${PASSWORD}" --data-urlencode 'scope=openid profile email groups' | jq -r '.access_token') 31 | ``` 32 | 33 | In the same terminal run the tests: 34 | 35 | ```bash 36 | go test -v ./test/export 37 | ``` 38 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250612071200_add_OSUpdateRun.sql: -------------------------------------------------------------------------------- 1 | -- Create "os_update_run_resources" table 2 | CREATE TABLE "os_update_run_resources" ("id" bigint NOT NULL GENERATED BY DEFAULT AS IDENTITY, "resource_id" character varying NOT NULL, "name" character varying NULL, "description" character varying NULL, "status_indicator" character varying NOT NULL, "status" character varying NULL, "status_details" character varying NULL, "status_timestamp" timestamp NOT NULL, "start_time" timestamp NOT NULL, "end_time" timestamp NULL, "tenant_id" character varying NOT NULL, "created_at" timestamp NOT NULL, "updated_at" timestamp NOT NULL, "os_update_run_resource_applied_policy" bigint NOT NULL, "os_update_run_resource_instance" bigint NOT NULL, PRIMARY KEY ("id"), CONSTRAINT "os_update_run_resources_instance_resources_instance" FOREIGN KEY ("os_update_run_resource_instance") REFERENCES "instance_resources" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION, CONSTRAINT "os_update_run_resources_os_upd_59e63391a29dbb5d975b005406c27afc" FOREIGN KEY ("os_update_run_resource_applied_policy") REFERENCES "os_update_policy_resources" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION); 3 | -- Create index "os_update_run_resources_resource_id_key" to table: "os_update_run_resources" 4 | CREATE UNIQUE INDEX "os_update_run_resources_resource_id_key" ON "os_update_run_resources" ("resource_id"); 5 | -------------------------------------------------------------------------------- /.github/workflows/post-merge-exporters-inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | name: Post-Merge Exporters Inventory 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | - release-* 12 | paths: 13 | - 'exporters-inventory/**' 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | post-merge-pipeline: 20 | permissions: 21 | contents: read 22 | security-events: write 23 | id-token: write 24 | uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@20b640842e63420b06b3ff4247e608228e14c74a # 2026.0.1 25 | with: 26 | orch_ci_repo_ref: da08a06e8aec70621e50ed4aec2fac5599839f45 # v0.1.62 Pin bootstrap action and scripts 27 | run_version_check: true 28 | run_dep_version_check: true 29 | run_build: true 30 | run_docker_build: true 31 | run_docker_push: true 32 | run_version_tag: true 33 | run_version_dev: true 34 | prefix_tag_separator: "/" 35 | project_folder: "exporters-inventory" 36 | secrets: 37 | SYS_EMF_GH_TOKEN: ${{ secrets.SYS_EMF_GH_TOKEN }} 38 | NO_AUTH_ECR_PUSH_USERNAME: ${{ secrets.NO_AUTH_ECR_PUSH_USERNAME }} 39 | NO_AUTH_ECR_PUSH_PASSWD: ${{ secrets.NO_AUTH_ECR_PUSH_PASSWD }} 40 | MSTEAMS_WEBHOOK: ${{ secrets.TEAMS_WEBHOOK }} 41 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/o_s_update_run_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | ) 11 | 12 | type OSUpdateRunResource struct { 13 | ent.Schema 14 | } 15 | 16 | func (OSUpdateRunResource) Fields() []ent.Field { 17 | return []ent.Field{field.String("resource_id").Unique(), field.String("name").Optional().Immutable(), field.String("description").Optional().Immutable(), field.Enum("status_indicator").Values("STATUS_INDICATION_UNSPECIFIED", "STATUS_INDICATION_ERROR", "STATUS_INDICATION_IN_PROGRESS", "STATUS_INDICATION_IDLE"), field.String("status").Optional(), field.String("status_details").Optional(), field.Uint64("status_timestamp"), field.Uint64("start_time").Immutable(), field.Uint64("end_time").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 18 | } 19 | func (OSUpdateRunResource) Edges() []ent.Edge { 20 | return []ent.Edge{edge.To("applied_policy", OSUpdatePolicyResource.Type).Unique(), edge.To("instance", InstanceResource.Type).Required().Unique()} 21 | } 22 | func (OSUpdateRunResource) Annotations() []schema.Annotation { 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /inventory/cmd/protoc-gen-go-filters/template.gotmpl: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | {{- define "registrar" -}} 5 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 6 | // SPDX-License-Identifier: Apache-2.0 7 | 8 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 9 | 10 | package store 11 | {{ $rt := .}} 12 | import ( 13 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/{{$rt.EntPkg}}" 14 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 15 | ) 16 | 17 | func (r *registry) Register{{ toCamel $rt.ResourceName }}() { 18 | r.Register( 19 | newResourceTranspiler( 20 | inv_v1.{{$rt.ResourceKind}}, 21 | {{$rt.EntPkg}}.ValidColumn, 22 | map[string]edgeHandler{ 23 | {{- $len := len $rt.EdgeHandlers -}} 24 | {{- range $eh := $rt.EdgeHandlers }} 25 | {{$rt.EntPkg}}.{{$eh.Name}}: { 26 | func (p sqlPredicate) sqlPredicate{return {{$rt.EntPkg}}.Has{{ trimPrefix $eh.Name "Edge" }}With(p)}, 27 | inv_v1.{{$eh.TargetResourceKind}}, 28 | }{{if ne $len 0}},{{end}} 29 | {{end}}}, 30 | map[string]sqlPredicate{ 31 | {{- range $eh := $rt.EdgeHandlers }} 32 | {{$rt.EntPkg}}.{{$eh.Name}}: {{$rt.EntPkg}}.Has{{ trimPrefix $eh.Name "Edge" }}(){{if ne $len 0}},{{end}} 33 | {{- end}} 34 | }, 35 | )) 36 | 37 | } 38 | {{ end }} 39 | -------------------------------------------------------------------------------- /apiv2/internal/pbapi/resources/location/v1/location_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: resources/location/v1/location.proto 4 | 5 | package locationv1 6 | 7 | const ( 8 | // Fields and Edges constants for "RegionResource" 9 | RegionResourceFieldResourceId = "resource_id" 10 | RegionResourceFieldName = "name" 11 | RegionResourceEdgeParentRegion = "parent_region" 12 | RegionResourceFieldRegionID = "regionID" 13 | RegionResourceEdgeMetadata = "metadata" 14 | RegionResourceEdgeInheritedMetadata = "inherited_metadata" 15 | RegionResourceFieldTotalSites = "total_sites" 16 | RegionResourceFieldParentId = "parent_id" 17 | RegionResourceEdgeTimestamps = "timestamps" 18 | 19 | // Fields and Edges constants for "SiteResource" 20 | SiteResourceFieldResourceId = "resource_id" 21 | SiteResourceFieldName = "name" 22 | SiteResourceEdgeRegion = "region" 23 | SiteResourceFieldSiteLat = "site_lat" 24 | SiteResourceFieldSiteLng = "site_lng" 25 | SiteResourceEdgeProvider = "provider" 26 | SiteResourceFieldSiteID = "siteID" 27 | SiteResourceEdgeMetadata = "metadata" 28 | SiteResourceEdgeInheritedMetadata = "inherited_metadata" 29 | SiteResourceFieldRegionId = "region_id" 30 | SiteResourceEdgeTimestamps = "timestamps" 31 | ) 32 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 13 | 14 | ### Description 15 | 16 | Please include a summary of the changes and the related issue. List any dependencies that are required for this change. 17 | 18 | Fixes # (issue) 19 | 20 | ### Any Newly Introduced Dependencies 21 | 22 | Please describe any newly introduced 3rd party dependencies in this change. List their name, license information and how they are used in the project. 23 | 24 | ### How Has This Been Tested? 25 | 26 | Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration 27 | 28 | ### Checklist: 29 | 30 | - [ ] I agree to use the APACHE-2.0 license for my code changes 31 | - [ ] I have not introduced any 3rd party dependency changes 32 | - [ ] I have performed a self-review of my code 33 | -------------------------------------------------------------------------------- /inventory/internal/store/site_transpiler.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // Code generated by protoc-gen-go-filters, DO NOT EDIT. 5 | 6 | package store 7 | 8 | import ( 9 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent/siteresource" 10 | inv_v1 "github.com/open-edge-platform/infra-core/inventory/v2/pkg/api/inventory/v1" 11 | ) 12 | 13 | func (r *registry) RegisterSiteResource() { 14 | r.Register( 15 | newResourceTranspiler( 16 | inv_v1.ResourceKind_RESOURCE_KIND_SITE, 17 | siteresource.ValidColumn, 18 | map[string]edgeHandler{ 19 | siteresource.EdgeOu: { 20 | func(p sqlPredicate) sqlPredicate { return siteresource.HasOuWith(p) }, 21 | inv_v1.ResourceKind_RESOURCE_KIND_OU, 22 | }, 23 | 24 | siteresource.EdgeProvider: { 25 | func(p sqlPredicate) sqlPredicate { return siteresource.HasProviderWith(p) }, 26 | inv_v1.ResourceKind_RESOURCE_KIND_PROVIDER, 27 | }, 28 | 29 | siteresource.EdgeRegion: { 30 | func(p sqlPredicate) sqlPredicate { return siteresource.HasRegionWith(p) }, 31 | inv_v1.ResourceKind_RESOURCE_KIND_REGION, 32 | }, 33 | }, 34 | map[string]sqlPredicate{ 35 | siteresource.EdgeOu: siteresource.HasOu(), 36 | siteresource.EdgeProvider: siteresource.HasProvider(), 37 | siteresource.EdgeRegion: siteresource.HasRegion(), 38 | }, 39 | )) 40 | 41 | } 42 | -------------------------------------------------------------------------------- /apiv2/buf.gen.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | # buf.gen.yaml 6 | # docs: https://docs.buf.build/configuration/v1/buf-gen-yaml 7 | 8 | version: v1 9 | 10 | plugins: 11 | # go - https://pkg.go.dev/google.golang.org/protobuf 12 | - name: go 13 | out: internal/pbapi 14 | opt: 15 | - paths=source_relative 16 | 17 | # go grpc - https://pkg.go.dev/google.golang.org/grpc 18 | - name: go-grpc 19 | out: internal/pbapi 20 | opt: 21 | - paths=source_relative 22 | - require_unimplemented_servers=false 23 | 24 | # go install github.com/sudorandom/protoc-gen-connect-openapi@v0.17.0 25 | - name: connect-openapi 26 | path: protoc-gen-connect-openapi 27 | out: api/openapi 28 | strategy: all 29 | opt: 30 | - format=yaml 31 | - short-service-tags 32 | - short-operation-ids 33 | - path=openapi.yaml 34 | 35 | # grpc-gateway - https://grpc-ecosystem.github.io/grpc-gateway/ 36 | - name: grpc-gateway 37 | out: internal/pbapi 38 | opt: 39 | - paths=source_relative 40 | 41 | # docs - https://github.com/pseudomuto/protoc-gen-doc 42 | - plugin: doc 43 | out: docs 44 | opt: markdown,proto.md 45 | strategy: all 46 | 47 | - plugin: go-const 48 | out: internal/pbapi 49 | path: ["go", "run", "./cmd/protoc-gen-go-const"] 50 | opt: 51 | - paths=source_relative 52 | -------------------------------------------------------------------------------- /inventory/docs/protobuf.md: -------------------------------------------------------------------------------- 1 | 5 | 6 | # Working with Protobuf 7 | 8 | All resources in the Inventory are modeled using the [Protocol Buffer (protobuf)](https://protobuf.dev/) serialization 9 | format that is language independent, and then presented to other services using gRPC. 10 | 11 | See Inventory API definitions in the [api](../api/) folder. 12 | 13 | The protobuf format is the canonical format for data in Edge Infrastructure Manager - other representations (such as in 14 | the REST API) are secondary adaptations to the gRPC API provided by the Inventory. 15 | 16 | Protobuf file structure and naming follows the 17 | [buf style guide](https://docs.buf.build/best-practices/style-guide), and is enforced by `buf format` and `buf lint`. 18 | 19 | Code and docs are generated from protobuf files using the buf tool. See the `buf-*` 20 | targets in the Makefile. 21 | 22 | Validation of the contents of messages beyond the basic types is provided using 23 | [protovalidate](protovalidate.md). 24 | 25 | Buf can also lint and reformat proto files - if the `buf-lint` target fails, 26 | fix any errors and reformat with `buf format -w`. 27 | 28 | Buf also generates documentation on the proto files, in docs/api. 29 | 30 | `buf-update` can be used to update the buf modules. But this will apply for the modules that are fetched using the 31 | Buf Schema Registry. 32 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/netlink_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type NetlinkResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (NetlinkResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("kind").Optional(), field.String("name").Optional(), field.Enum("desired_state").Values("NETLINK_STATE_UNSPECIFIED", "NETLINK_STATE_DELETED", "NETLINK_STATE_ONLINE", "NETLINK_STATE_OFFLINE", "NETLINK_STATE_ERROR"), field.Enum("current_state").Optional().Values("NETLINK_STATE_UNSPECIFIED", "NETLINK_STATE_DELETED", "NETLINK_STATE_ONLINE", "NETLINK_STATE_OFFLINE", "NETLINK_STATE_ERROR"), field.String("provider_status").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (NetlinkResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("src", EndpointResource.Type).Unique(), edge.To("dst", EndpointResource.Type).Unique()} 22 | } 23 | func (NetlinkResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (NetlinkResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/pkg/api/telemetry/v1/telemetry_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: telemetry/v1/telemetry.proto 4 | 5 | package telemetryv1 6 | 7 | const ( 8 | // Fields and Edges constants for "TelemetryGroupResource" 9 | TelemetryGroupResourceFieldResourceId = "resource_id" 10 | TelemetryGroupResourceFieldName = "name" 11 | TelemetryGroupResourceFieldKind = "kind" 12 | TelemetryGroupResourceFieldCollectorKind = "collector_kind" 13 | TelemetryGroupResourceFieldGroups = "groups" 14 | TelemetryGroupResourceEdgeProfiles = "profiles" 15 | TelemetryGroupResourceFieldTenantId = "tenant_id" 16 | TelemetryGroupResourceFieldCreatedAt = "created_at" 17 | TelemetryGroupResourceFieldUpdatedAt = "updated_at" 18 | 19 | // Fields and Edges constants for "TelemetryProfile" 20 | TelemetryProfileFieldResourceId = "resource_id" 21 | TelemetryProfileEdgeRegion = "region" 22 | TelemetryProfileEdgeSite = "site" 23 | TelemetryProfileEdgeInstance = "instance" 24 | TelemetryProfileFieldKind = "kind" 25 | TelemetryProfileFieldMetricsInterval = "metrics_interval" 26 | TelemetryProfileFieldLogLevel = "log_level" 27 | TelemetryProfileEdgeGroup = "group" 28 | TelemetryProfileFieldTenantId = "tenant_id" 29 | TelemetryProfileFieldCreatedAt = "created_at" 30 | TelemetryProfileFieldUpdatedAt = "updated_at" 31 | ) 32 | -------------------------------------------------------------------------------- /inventory/atlas.hcl: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | lint { 5 | destructive { 6 | error = true 7 | } 8 | data_depend { 9 | error = true 10 | } 11 | incompatible { 12 | error = true 13 | } 14 | concurrent_index { 15 | error = true 16 | } 17 | } 18 | 19 | variable "PGUSER" { 20 | type = string 21 | default = getenv("PGUSER") 22 | } 23 | 24 | variable "PGHOST" { 25 | type = string 26 | default = getenv("PGHOST") 27 | } 28 | 29 | variable "PGDATABASE" { 30 | type = string 31 | default = getenv("PGDATABASE") 32 | } 33 | 34 | variable "PGPORT" { 35 | type = string 36 | default = getenv("PGPORT") 37 | } 38 | 39 | variable "PGPASSWORD" { 40 | type = string 41 | default = getenv("PGPASSWORD") 42 | } 43 | 44 | variable "PGSSLMODE" { 45 | type = string 46 | default = getenv("PGSSLMODE") 47 | } 48 | 49 | variable "MIGR_PATH" { 50 | type = string 51 | default = getenv("MIGR_PATH") 52 | } 53 | 54 | env "local" { 55 | migration { 56 | dir = "file://${var.MIGR_PATH}" 57 | } 58 | dev = "postgres://${var.PGUSER}:${var.PGPASSWORD}@${var.PGHOST}:${var.PGPORT}/${var.PGDATABASE}?search_path=public&sslmode=${var.PGSSLMODE}" 59 | url = "postgres://${var.PGUSER}:${var.PGPASSWORD}@${var.PGHOST}:${var.PGPORT}/${var.PGDATABASE}?search_path=public&sslmode=${var.PGSSLMODE}" 60 | } 61 | -------------------------------------------------------------------------------- /inventory/internal/store/validation.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package store 5 | 6 | import ( 7 | "google.golang.org/grpc/codes" 8 | "google.golang.org/protobuf/proto" 9 | 10 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/errors" 11 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/validator" 12 | ) 13 | 14 | type resourceValidator[T invResource] func(in T) error 15 | 16 | type resourceIDGetter interface { 17 | GetResourceId() string 18 | } 19 | 20 | type invResource interface { 21 | proto.Message 22 | resourceIDGetter 23 | } 24 | 25 | func validate[T invResource](in T, validators ...resourceValidator[T]) error { 26 | for _, validate := range validators { 27 | if err := validate(in); err != nil { 28 | return err 29 | } 30 | } 31 | return nil 32 | } 33 | 34 | func validateProto[T proto.Message](in T) error { 35 | return protoValidator(in) 36 | } 37 | 38 | func protoValidator[T proto.Message](in T) error { 39 | if err := validator.ValidateMessage(in); err != nil { 40 | zlog.InfraSec().InfraErr(err).Msg("") 41 | return err 42 | } 43 | return nil 44 | } 45 | 46 | func doNotAcceptResourceID[T invResource](in T) error { 47 | if in.GetResourceId() != "" { 48 | zlog.InfraSec().InfraError("resource ID can't be set in create requests").Msg("") 49 | return errors.Errorfc(codes.InvalidArgument, "resource ID can't be set in create requests") 50 | } 51 | return nil 52 | } 53 | -------------------------------------------------------------------------------- /inventory/pkg/perf/perf.md: -------------------------------------------------------------------------------- 1 | # PPROF HTTP Server 2 | 3 | The inventory perf package enables pprof instrumentation in a component. 4 | The perf package can be imported with the statement below. 5 | It needs to be imported in the main file of the component, as it adds an input flag to the code. 6 | The flag `pprofServerAddress` must be specified in the execution of the compiled code. 7 | When enabled, it starts a web server in the specified address, such as `0.0.0.0:6060`. 8 | 9 | ```golang 10 | _ "github.com/open-edge-platform/infra-core/inventory/v2/pkg/perf" 11 | ``` 12 | 13 | After the code above is specified in a component, and its docker image is build, 14 | the parameters below enable the pprof instrumentation in the component. 15 | 16 | Example to set pprof server address in Inventory: 17 | 18 | ```yaml 19 | miinv: 20 | pprofServerAddress: "0.0.0.0:6060" 21 | ``` 22 | 23 | Example to set pprof server address in API: 24 | 25 | ```yaml 26 | serviceArgs: 27 | pprofServerAddress: "0.0.0.0:6060" 28 | ``` 29 | 30 | There are different ways to read the pprof instrumentation. 31 | For instance, a user can perform a port-forward in the component, 32 | and use the pprof tool to read the pprof outputs. 33 | The commands above provide examples. 34 | Notice the port-forward is associated with the pod (not the service). 35 | 36 | ```bash 37 | kubectl -n orch-infra port-forward deploy/inventory 6060 38 | ``` 39 | 40 | ```bash 41 | go tool pprof http://localhost:6060/debug/pprof/profile 42 | ``` 43 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/site_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type SiteResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (SiteResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.String("name").Optional(), field.String("address").Optional(), field.Int32("site_lat").Optional(), field.Int32("site_lng").Optional(), field.String("dns_servers").Optional(), field.String("docker_registries").Optional(), field.String("metrics_endpoint").Optional(), field.String("http_proxy").Optional(), field.String("https_proxy").Optional(), field.String("ftp_proxy").Optional(), field.String("no_proxy").Optional(), field.String("metadata").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (SiteResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("region", RegionResource.Type).Unique(), edge.To("ou", OuResource.Type).Unique(), edge.To("provider", ProviderResource.Type).Unique()} 22 | } 23 | func (SiteResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (SiteResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/telemetry_profile.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type TelemetryProfile struct { 14 | ent.Schema 15 | } 16 | 17 | func (TelemetryProfile) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("kind").Values("TELEMETRY_RESOURCE_KIND_UNSPECIFIED", "TELEMETRY_RESOURCE_KIND_METRICS", "TELEMETRY_RESOURCE_KIND_LOGS"), field.Uint32("metrics_interval").Optional(), field.Enum("log_level").Optional().Values("SEVERITY_LEVEL_UNSPECIFIED", "SEVERITY_LEVEL_CRITICAL", "SEVERITY_LEVEL_ERROR", "SEVERITY_LEVEL_WARN", "SEVERITY_LEVEL_INFO", "SEVERITY_LEVEL_DEBUG"), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (TelemetryProfile) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("region", RegionResource.Type).Unique(), edge.To("site", SiteResource.Type).Unique(), edge.To("instance", InstanceResource.Type).Unique(), edge.To("group", TelemetryGroupResource.Type).Required().Unique()} 22 | } 23 | func (TelemetryProfile) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (TelemetryProfile) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /apiv2/api/proto/resources/common/v1/common.proto: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | syntax = "proto3"; 5 | 6 | package resources.common.v1; 7 | 8 | import "google/api/field_behavior.proto"; 9 | import "google/protobuf/timestamp.proto"; 10 | import "buf/validate/validate.proto"; 11 | 12 | option go_package = "github.com/open-edge-platform/infra-core/apiv2/v2/internal/pbapi/resources/common/v1;commonv1"; 13 | 14 | // A metadata item, represented by a key:value pair. 15 | message MetadataItem { 16 | // The metadata key. 17 | string key = 1 [ 18 | (google.api.field_behavior) = REQUIRED, 19 | (buf.validate.field).string = { 20 | pattern: "^$|^[a-z.]+/$|^[a-z.]+/[a-z0-9][a-z0-9-_.]*[a-z0-9]$|^[a-z.]+/[a-z0-9]$|^[a-z]$|^[a-z0-9][a-z0-9-_.]*[a-z0-9]$" 21 | min_len: 0 22 | max_len: 316 23 | } 24 | ]; 25 | // The metadata value. 26 | string value = 2 [ 27 | (google.api.field_behavior) = REQUIRED, 28 | (buf.validate.field).string = { 29 | pattern: "^$|^[a-z0-9]$|^[a-z0-9][a-z0-9._-]*[a-z0-9]$" 30 | min_len: 0 31 | max_len: 63 32 | } 33 | ]; 34 | } 35 | 36 | message Timestamps { 37 | // The time when the resource was created. 38 | google.protobuf.Timestamp created_at = 1 [ 39 | (google.api.field_behavior) = OUTPUT_ONLY 40 | ]; 41 | // The time when the resource was last updated. 42 | google.protobuf.Timestamp updated_at = 2 [ 43 | (google.api.field_behavior) = OUTPUT_ONLY 44 | ]; 45 | } 46 | -------------------------------------------------------------------------------- /apiv2/internal/proxy/error.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package proxy 5 | 6 | import ( 7 | "context" 8 | "encoding/json" 9 | "net/http" 10 | 11 | "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" 12 | "google.golang.org/grpc/status" 13 | ) 14 | 15 | // Custom error structure that includes code as string. 16 | type errorResponse struct { 17 | Code string `json:"code"` 18 | Message string `json:"message"` 19 | Details []any `json:"details,omitempty"` 20 | } 21 | 22 | // Custom error handler that converts gRPC status code to string. 23 | func customErrorHandler(_ context.Context, _ *runtime.ServeMux, 24 | _ runtime.Marshaler, w http.ResponseWriter, _ *http.Request, 25 | err error, 26 | ) { 27 | // Extract gRPC status. 28 | st := status.Convert(err) 29 | 30 | // Create error response with code as string. 31 | errResp := &errorResponse{ 32 | Code: st.Code().String(), // Convert gRPC code to string. 33 | Message: st.Message(), 34 | Details: nil, 35 | } 36 | 37 | // Set HTTP status based on gRPC code 38 | httpStatus := runtime.HTTPStatusFromCode(st.Code()) 39 | w.Header().Set("Content-Type", "application/json") 40 | w.WriteHeader(httpStatus) 41 | 42 | // Marshal and write error response 43 | err = json.NewEncoder(w).Encode(errResp) 44 | if err != nil { 45 | // If encoding fails, log the error but do not write to response 46 | http.Error(w, "Internal Server Error", http.StatusInternalServerError) 47 | return 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/single_schedule_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type SingleScheduleResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (SingleScheduleResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("schedule_status").Optional().Values("SCHEDULE_STATUS_UNSPECIFIED", "SCHEDULE_STATUS_MAINTENANCE", "SCHEDULE_STATUS_SHIPPING", "SCHEDULE_STATUS_OS_UPDATE", "SCHEDULE_STATUS_FIRMWARE_UPDATE", "SCHEDULE_STATUS_CLUSTER_UPDATE"), field.String("name").Optional(), field.Uint64("start_seconds"), field.Uint64("end_seconds").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (SingleScheduleResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("target_site", SiteResource.Type).Unique(), edge.To("target_host", HostResource.Type).Unique(), edge.To("target_workload", WorkloadResource.Type).Unique(), edge.To("target_region", RegionResource.Type).Unique()} 22 | } 23 | func (SingleScheduleResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (SingleScheduleResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/cmd/sqlSchemaWriter/main.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package main 5 | 6 | import ( 7 | "context" 8 | "flag" 9 | "os" 10 | 11 | "entgo.io/ent/dialect" 12 | _ "github.com/lib/pq" 13 | 14 | "github.com/open-edge-platform/infra-core/inventory/v2/internal/ent" 15 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/logging" 16 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/util" 17 | ) 18 | 19 | var zlog = logging.GetLogger("SqlSchemaWriter") 20 | 21 | var sqlFileName = flag.String("sqlSchemaFilePath", "sql/inventory.sql", "Path to the SQL schema file") 22 | 23 | // This program takes the ent schema and generates equivalent SQL schema. 24 | func main() { 25 | envPrimary, _, err := util.LookupDBEnv() 26 | if err != nil { 27 | zlog.Fatal().Msgf("failed to get DB environment: %v", err) 28 | } 29 | atlasDBURLWriter := util.GetDBURL(envPrimary) 30 | client, err := ent.Open(dialect.Postgres, atlasDBURLWriter) 31 | if err != nil { 32 | zlog.Fatal().Msgf("failed connecting to postgresql: %v", err) 33 | } 34 | defer client.Close() 35 | 36 | file, err := os.Create(*sqlFileName) 37 | if err != nil { 38 | zlog.Fatal().Msgf("Failed to open file %s: %s\n", *sqlFileName, err) 39 | } 40 | defer file.Close() 41 | 42 | // Dump migration changes to SQL schema file. 43 | ctx := context.Background() 44 | if err := client.Schema.WriteTo(ctx, file); err != nil { 45 | zlog.Fatal().Msgf("failed printing schema changes: %v", err) 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /inventory/buf.gen.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 4 | # SPDX-License-Identifier: Apache-2.0 5 | 6 | # buf.gen.yaml 7 | # docs: https://docs.buf.build/configuration/v1/buf-gen-yaml 8 | 9 | version: v1 10 | 11 | plugins: 12 | 13 | # go - https://pkg.go.dev/google.golang.org/protobuf 14 | - plugin: go 15 | out: pkg/api 16 | opt: 17 | - paths=source_relative 18 | 19 | # go grpc - https://pkg.go.dev/google.golang.org/grpc 20 | - plugin: go-grpc 21 | out: pkg/api 22 | opt: 23 | - paths=source_relative 24 | - require_unimplemented_servers=false 25 | 26 | # ent - https://github.com/ent/contrib/tree/master/entproto/cmd/protoc-gen-ent 27 | - plugin: ent 28 | out: internal/ent 29 | opt: 30 | - schemadir=internal/ent/schema 31 | 32 | - plugin: go-filters 33 | out: internal/store 34 | path: ["go", "run", "./cmd/protoc-gen-go-filters"] 35 | 36 | # python - https://github.com/danielgtaylor/python-betterproto 37 | # NOTE: This module creates empty directories in the repo root when run. 38 | # Ignore these like git does. Not sure if this is a buf or compiler issue 39 | - plugin: python_betterproto 40 | out: python/infra_inventory 41 | strategy: all 42 | 43 | # docs - https://github.com/pseudomuto/protoc-gen-doc 44 | - plugin: doc 45 | out: docs/api 46 | opt: markdown,inventory.md 47 | strategy: all 48 | 49 | - plugin: go-const 50 | out: pkg/api 51 | path: ["go", "run", "./cmd/protoc-gen-go-const"] 52 | opt: 53 | - paths=source_relative 54 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/ent.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: ent/opts.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import Dict, List 6 | 7 | import betterproto 8 | 9 | 10 | @dataclass 11 | class Schema(betterproto.Message): 12 | gen: bool = betterproto.bool_field(1) 13 | name: str = betterproto.string_field(2) 14 | 15 | 16 | @dataclass 17 | class Field(betterproto.Message): 18 | optional: bool = betterproto.bool_field(1) 19 | nillable: bool = betterproto.bool_field(2) 20 | unique: bool = betterproto.bool_field(3) 21 | sensitive: bool = betterproto.bool_field(4) 22 | immutable: bool = betterproto.bool_field(5) 23 | comment: str = betterproto.string_field(6) 24 | struct_tag: str = betterproto.string_field(7) 25 | storage_key: str = betterproto.string_field(8) 26 | schema_type: Dict[str, str] = betterproto.map_field( 27 | 9, betterproto.TYPE_STRING, betterproto.TYPE_STRING 28 | ) 29 | 30 | 31 | @dataclass 32 | class Edge(betterproto.Message): 33 | unique: bool = betterproto.bool_field(1) 34 | ref: str = betterproto.string_field(2) 35 | required: bool = betterproto.bool_field(3) 36 | field: str = betterproto.string_field(4) 37 | storage_key: "EdgeStorageKey" = betterproto.message_field(5) 38 | struct_tag: str = betterproto.string_field(6) 39 | 40 | 41 | @dataclass 42 | class EdgeStorageKey(betterproto.Message): 43 | table: str = betterproto.string_field(1) 44 | columns: List[str] = betterproto.string_field(2) 45 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/ent.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: ent/opts.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import Dict, List 6 | 7 | import betterproto 8 | 9 | 10 | @dataclass 11 | class Schema(betterproto.Message): 12 | gen: bool = betterproto.bool_field(1) 13 | name: str = betterproto.string_field(2) 14 | 15 | 16 | @dataclass 17 | class Field(betterproto.Message): 18 | optional: bool = betterproto.bool_field(1) 19 | nillable: bool = betterproto.bool_field(2) 20 | unique: bool = betterproto.bool_field(3) 21 | sensitive: bool = betterproto.bool_field(4) 22 | immutable: bool = betterproto.bool_field(5) 23 | comment: str = betterproto.string_field(6) 24 | struct_tag: str = betterproto.string_field(7) 25 | storage_key: str = betterproto.string_field(8) 26 | schema_type: Dict[str, str] = betterproto.map_field( 27 | 9, betterproto.TYPE_STRING, betterproto.TYPE_STRING 28 | ) 29 | 30 | 31 | @dataclass 32 | class Edge(betterproto.Message): 33 | unique: bool = betterproto.bool_field(1) 34 | ref: str = betterproto.string_field(2) 35 | required: bool = betterproto.bool_field(3) 36 | field: str = betterproto.string_field(4) 37 | storage_key: "EdgeStorageKey" = betterproto.message_field(5) 38 | struct_tag: str = betterproto.string_field(6) 39 | 40 | 41 | @dataclass 42 | class EdgeStorageKey(betterproto.Message): 43 | table: str = betterproto.string_field(1) 44 | columns: List[str] = betterproto.string_field(2) 45 | -------------------------------------------------------------------------------- /exporters-inventory/Dockerfile: -------------------------------------------------------------------------------- 1 | # SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | FROM golang:1.24.9-bookworm as build 5 | 6 | ENV GO111MODULE=on 7 | ARG MAKE_TARGET=go-build 8 | # Arguments used to stamp the binary 9 | ARG REPO_URL 10 | ARG VERSION 11 | ARG REVISION 12 | ARG BUILD_DATE 13 | 14 | COPY common.mk version.mk /go/src/github.com/open-edge-platform/infra-core/ 15 | COPY Makefile go.mod go.sum /go/src/github.com/open-edge-platform/infra-core/exporters-inventory/ 16 | COPY cmd/ /go/src/github.com/open-edge-platform/infra-core/exporters-inventory/cmd/ 17 | COPY internal/ /go/src/github.com/open-edge-platform/infra-core/exporters-inventory/internal/ 18 | COPY vendor/ /go/src/github.com/open-edge-platform/infra-core/exporters-inventory/vendor/ 19 | 20 | WORKDIR /go/src/github.com/open-edge-platform/infra-core/exporters-inventory 21 | RUN CGO_ENABLED=0 LABEL_REPO_URL=${REPO_URL} LABEL_VERSION=${VERSION} LABEL_REVISION=${REVISION} LABEL_BUILD_DATE=${BUILD_DATE} make ${MAKE_TARGET} 22 | 23 | FROM gcr.io/distroless/static-debian12:nonroot 24 | # Run as non-privileged user 25 | USER nobody 26 | 27 | ARG REPO_URL 28 | ARG VERSION 29 | ARG REVISION 30 | ARG BUILD_DATE 31 | 32 | LABEL org.opencontainers.image.version=${VERSION} \ 33 | org.opencontainers.image.source=${REPO_URL} \ 34 | org.opencontainers.image.revision=${REVISION} \ 35 | org.opencontainers.image.created=${BUILD_DATE} 36 | 37 | COPY --from=build --chown=nobody:nobody /go/src/github.com/open-edge-platform/infra-core/exporters-inventory/out/exporter /usr/local/bin/exporter 38 | 39 | ENTRYPOINT ["exporter"] 40 | -------------------------------------------------------------------------------- /apiv2/api/proto/resources/customconfig/v1/customconfig.proto: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | syntax = "proto3"; 5 | 6 | package resources.customconfig.v1; 7 | 8 | import "google/api/field_behavior.proto"; 9 | import "resources/common/v1/common.proto"; 10 | import "buf/validate/validate.proto"; 11 | 12 | option go_package = "github.com/open-edge-platform/infra-core/apiv2/v2/internal/pbapi/resources/customconfig/v1;customconfigv1"; 13 | 14 | message CustomConfigResource { 15 | // resource identifier 16 | string resource_id = 1 [ 17 | (google.api.field_behavior) = OUTPUT_ONLY, 18 | (buf.validate.field).string = { 19 | pattern: "^customconfig-[0-9a-f]{8}$" 20 | max_len: 21 21 | } 22 | ]; 23 | 24 | // Config provided by admin 25 | string name = 2 [ 26 | (buf.validate.field).string = { 27 | pattern: "^[a-z][a-z0-9-]{0,31}$" 28 | max_len: 40 29 | }, 30 | (google.api.field_behavior) = REQUIRED 31 | ]; 32 | 33 | // Config description 34 | string description = 3 [ 35 | (buf.validate.field).string = { 36 | pattern: "^$|^[a-zA-Z-_0-9./:;=@?!#,<>*()\" ]+$" 37 | min_len: 1 38 | max_len: 256 39 | }, 40 | (google.api.field_behavior) = OPTIONAL 41 | ]; 42 | // Config content 43 | string config = 4 [ 44 | (buf.validate.field).string = { 45 | max_len: 16384 46 | }, 47 | (google.api.field_behavior) = REQUIRED 48 | ]; 49 | 50 | // Timestamps associated to the resource. 51 | resources.common.v1.Timestamps timestamps = 50100 [(google.api.field_behavior) = OUTPUT_ONLY]; 52 | } 53 | -------------------------------------------------------------------------------- /apiv2/cmd/protoc-gen-go-const/main.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // protoc-plugin to generate constants file with the field names. 5 | 6 | package main 7 | 8 | import ( 9 | "fmt" 10 | 11 | "google.golang.org/protobuf/compiler/protogen" 12 | ) 13 | 14 | func main() { 15 | protogen.Options{}.Run(func(gen *protogen.Plugin) error { 16 | for _, f := range gen.Files { 17 | if !f.Generate { 18 | continue 19 | } 20 | generateConstants(gen, f) 21 | } 22 | return nil 23 | }) 24 | } 25 | 26 | // generateConstants generates a _constants.pb.go file containing protobuf constants with field and edges proto names. 27 | func generateConstants(gen *protogen.Plugin, file *protogen.File) *protogen.GeneratedFile { 28 | filename := file.GeneratedFilenamePrefix + "_constants.pb.go" 29 | g := gen.NewGeneratedFile(filename, file.GoImportPath) 30 | g.P("// Code generated by protoc-gen-go-const. DO NOT EDIT.") 31 | g.P() 32 | g.P("// source: ", file.Desc.Path()) 33 | g.P() 34 | g.P("package ", file.GoPackageName) 35 | g.P("const(") 36 | for _, msg := range file.Messages { 37 | msgName := msg.Desc.Name() 38 | g.P(fmt.Sprintf("// Fields and Edges constants for %q", msgName)) 39 | msg.Desc.Name() 40 | for _, field := range msg.Fields { 41 | entFieldType := "Field" 42 | if field.Message != nil { // Messages are edges, either direct or back-references 43 | entFieldType = "Edge" 44 | } 45 | g.P(fmt.Sprintf(`%s%s%s = %q`, msgName, entFieldType, field.GoName, field.Desc.Name())) 46 | } 47 | g.P() 48 | } 49 | g.P(")") 50 | 51 | return g 52 | } 53 | -------------------------------------------------------------------------------- /inventory/cmd/protoc-gen-go-const/main.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | // protoc-plugin to generate constants file with the field names. 5 | 6 | package main 7 | 8 | import ( 9 | "fmt" 10 | 11 | "google.golang.org/protobuf/compiler/protogen" 12 | ) 13 | 14 | func main() { 15 | protogen.Options{}.Run(func(gen *protogen.Plugin) error { 16 | for _, f := range gen.Files { 17 | if !f.Generate { 18 | continue 19 | } 20 | generateConstants(gen, f) 21 | } 22 | return nil 23 | }) 24 | } 25 | 26 | // generateConstants generates a _constants.pb.go file containing protobuf constants with field and edges proto names. 27 | func generateConstants(gen *protogen.Plugin, file *protogen.File) *protogen.GeneratedFile { 28 | filename := file.GeneratedFilenamePrefix + "_constants.pb.go" 29 | g := gen.NewGeneratedFile(filename, file.GoImportPath) 30 | g.P("// Code generated by protoc-gen-go-const. DO NOT EDIT.") 31 | g.P() 32 | g.P("// source: ", file.Desc.Path()) 33 | g.P() 34 | g.P("package ", file.GoPackageName) 35 | g.P("const(") 36 | for _, msg := range file.Messages { 37 | msgName := msg.Desc.Name() 38 | g.P(fmt.Sprintf("// Fields and Edges constants for %q", msgName)) 39 | msg.Desc.Name() 40 | for _, field := range msg.Fields { 41 | entFieldType := "Field" 42 | if field.Message != nil { // Messages are edges, either direct or back-references 43 | entFieldType = "Edge" 44 | } 45 | g.P(fmt.Sprintf(`%s%s%s = %q`, msgName, entFieldType, field.GoName, field.Desc.Name())) 46 | } 47 | g.P() 48 | } 49 | g.P(")") 50 | 51 | return g 52 | } 53 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/workload_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type WorkloadResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (WorkloadResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("kind").Values("WORKLOAD_KIND_UNSPECIFIED", "WORKLOAD_KIND_CLUSTER", "WORKLOAD_KIND_DHCP"), field.String("name").Optional(), field.String("external_id").Optional(), field.Enum("desired_state").Values("WORKLOAD_STATE_UNSPECIFIED", "WORKLOAD_STATE_ERROR", "WORKLOAD_STATE_DELETING", "WORKLOAD_STATE_DELETED", "WORKLOAD_STATE_PROVISIONED"), field.Enum("current_state").Optional().Values("WORKLOAD_STATE_UNSPECIFIED", "WORKLOAD_STATE_ERROR", "WORKLOAD_STATE_DELETING", "WORKLOAD_STATE_DELETED", "WORKLOAD_STATE_PROVISIONED"), field.String("status").Optional(), field.String("metadata").Optional(), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (WorkloadResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.From("members", WorkloadMember.Type).Ref("workload")} 22 | } 23 | func (WorkloadResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (WorkloadResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("external_id", "tenant_id").Unique(), index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/internal/ent/schema/repeated_schedule_resource.go: -------------------------------------------------------------------------------- 1 | // File updated by protoc-gen-ent. 2 | 3 | package schema 4 | 5 | import ( 6 | "entgo.io/ent" 7 | "entgo.io/ent/schema" 8 | "entgo.io/ent/schema/edge" 9 | "entgo.io/ent/schema/field" 10 | "entgo.io/ent/schema/index" 11 | ) 12 | 13 | type RepeatedScheduleResource struct { 14 | ent.Schema 15 | } 16 | 17 | func (RepeatedScheduleResource) Fields() []ent.Field { 18 | return []ent.Field{field.String("resource_id").Unique(), field.Enum("schedule_status").Optional().Values("SCHEDULE_STATUS_UNSPECIFIED", "SCHEDULE_STATUS_MAINTENANCE", "SCHEDULE_STATUS_SHIPPING", "SCHEDULE_STATUS_OS_UPDATE", "SCHEDULE_STATUS_FIRMWARE_UPDATE", "SCHEDULE_STATUS_CLUSTER_UPDATE"), field.String("name").Optional(), field.Uint32("duration_seconds").Optional(), field.String("cron_minutes"), field.String("cron_hours"), field.String("cron_day_month"), field.String("cron_month"), field.String("cron_day_week"), field.String("tenant_id").Immutable(), field.String("created_at").Immutable().SchemaType(map[string]string{"postgres": "TIMESTAMP"}), field.String("updated_at").SchemaType(map[string]string{"postgres": "TIMESTAMP"})} 19 | } 20 | func (RepeatedScheduleResource) Edges() []ent.Edge { 21 | return []ent.Edge{edge.To("target_site", SiteResource.Type).Unique(), edge.To("target_host", HostResource.Type).Unique(), edge.To("target_workload", WorkloadResource.Type).Unique(), edge.To("target_region", RegionResource.Type).Unique()} 22 | } 23 | func (RepeatedScheduleResource) Annotations() []schema.Annotation { 24 | return nil 25 | } 26 | func (RepeatedScheduleResource) Indexes() []ent.Index { 27 | return []ent.Index{index.Fields("tenant_id")} 28 | } 29 | -------------------------------------------------------------------------------- /inventory/api/errors/errors.proto: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | syntax = "proto3"; 5 | 6 | package errors; 7 | 8 | import "google/protobuf/any.proto"; 9 | 10 | option go_package = "github.com/open-edge-platform/infra-core/inventory/v2/pkg/errors"; 11 | 12 | // These are our error codes, meant to be processed by 13 | // machines or programs. Not really useful for humans. 14 | enum Reason { 15 | // First value must be 0 and specified 16 | OK = 0; 17 | // 0-17 are the values borrowed by gRPC. 18 | reserved 1 to 17; 19 | // UNKNOWN_CLIENT means client is unknown to the server 20 | // and a new registration must be re-issued 21 | UNKNOWN_CLIENT = 40; 22 | // OPERATION_IN_PROGRESS means that some action cannot be performed because 23 | // there is other operation on a given resource in progress. 24 | OPERATION_IN_PROGRESS = 41; 25 | } 26 | 27 | message ErrorInfo { 28 | // The reason of the error. This is a constant value that identifies the 29 | // proximate cause of the error. Error reasons are unique within a particular 30 | // domain of errors. 31 | Reason reason = 1; 32 | 33 | // The full error stack. Including the linenumber from which the error 34 | // originated. This might require a wrap before generating this error info 35 | // if the error is coming from a package outside our code. This information 36 | // is only for internal debugging and not meant to be shared outside. 37 | string stacktrace = 2; 38 | 39 | // A list of messages that carry additional error details to be standardized 40 | // within this file. 41 | repeated google.protobuf.Any details = 3; 42 | } 43 | -------------------------------------------------------------------------------- /tenant-controller/internal/controller/eventing.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package controller 5 | 6 | import ( 7 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/client" 8 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/logging" 9 | "github.com/open-edge-platform/infra-core/tenant-controller/internal/invclient" 10 | ) 11 | 12 | var ehlog = logging.GetLogger("event-handler") 13 | 14 | func NewEventDispatcher(ic *invclient.TCInventoryClient, handlers ...IEventHandler) *Dispatcher { 15 | return &Dispatcher{ 16 | ic: ic, 17 | handlers: handlers, 18 | } 19 | } 20 | 21 | // Dispatcher dispatches events incoming from INV to all list of registered event handlers. 22 | type Dispatcher struct { 23 | ic *invclient.TCInventoryClient 24 | handlers []IEventHandler 25 | } 26 | 27 | func (e *Dispatcher) dispatch(we *client.WatchEvents) { 28 | for _, handler := range e.handlers { 29 | handler.HandleEvent(we) 30 | } 31 | } 32 | 33 | func (e *Dispatcher) Start(termChan chan bool) { 34 | // TODO: inventory controller should use the Reconciler. 35 | go func() { 36 | for { 37 | select { 38 | case we, ok := <-e.ic.Watcher: 39 | if !ok { 40 | ehlog.Fatal().Msgf("inventory notification channel has been closed, terminating event handler: %v", we) 41 | } 42 | ehlog.Debug().Msgf("inventory event received: %v", we) 43 | e.dispatch(we) 44 | case <-termChan: 45 | ehlog.Debug().Msg("Event dispatcher has been terminated") 46 | return 47 | } 48 | } 49 | }() 50 | } 51 | 52 | type IEventHandler interface { 53 | HandleEvent(we *client.WatchEvents) 54 | } 55 | -------------------------------------------------------------------------------- /inventory/internal/ent/migrate/migrations/20250610144827_add_customconfig.sql: -------------------------------------------------------------------------------- 1 | -- Create "custom_config_resources" table 2 | CREATE TABLE "custom_config_resources" ("id" bigint NOT NULL GENERATED BY DEFAULT AS IDENTITY, "resource_id" character varying NOT NULL, "name" character varying NOT NULL, "config" character varying NOT NULL, "description" character varying NULL, "tenant_id" character varying NOT NULL, "created_at" timestamp NOT NULL, "updated_at" timestamp NOT NULL, PRIMARY KEY ("id")); 3 | -- Create index "custom_config_resources_resource_id_key" to table: "custom_config_resources" 4 | CREATE UNIQUE INDEX "custom_config_resources_resource_id_key" ON "custom_config_resources" ("resource_id"); 5 | -- Create index "customconfigresource_name_tenant_id" to table: "custom_config_resources" 6 | CREATE UNIQUE INDEX "customconfigresource_name_tenant_id" ON "custom_config_resources" ("name", "tenant_id"); 7 | -- Create index "customconfigresource_tenant_id" to table: "custom_config_resources" 8 | CREATE INDEX "customconfigresource_tenant_id" ON "custom_config_resources" ("tenant_id"); 9 | -- Create "instance_resource_custom_config" table 10 | CREATE TABLE "instance_resource_custom_config" ("instance_resource_id" bigint NOT NULL, "custom_config_resource_id" bigint NOT NULL, PRIMARY KEY ("instance_resource_id", "custom_config_resource_id"), CONSTRAINT "instance_resource_custom_config_custom_config_resource_id" FOREIGN KEY ("custom_config_resource_id") REFERENCES "custom_config_resources" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, CONSTRAINT "instance_resource_custom_config_instance_resource_id" FOREIGN KEY ("instance_resource_id") REFERENCES "instance_resources" ("id") ON UPDATE NO ACTION ON DELETE CASCADE); 11 | -------------------------------------------------------------------------------- /inventory/pkg/testing/generators.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | package testing 5 | 6 | import ( 7 | "crypto/rand" 8 | "crypto/sha256" 9 | "fmt" 10 | "math/big" 11 | mathrand "math/rand" 12 | ) 13 | 14 | func RandomString(length int) string { 15 | letters := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") 16 | 17 | b := make([]rune, length) 18 | for i := range b { 19 | //nolint:gosec // math/rand is used for testing only 20 | b[i] = letters[mathrand.Intn(len(letters))] 21 | } 22 | return string(b) 23 | } 24 | 25 | func GenerateRandomSha256() string { 26 | return fmt.Sprintf("%x", sha256.Sum256([]byte(GenerateRandomProfileName()))) 27 | } 28 | 29 | func GenerateRandomProfileName() string { 30 | return fmt.Sprintf("Test OS profile name #%d", generateRandomInteger(1023)) //nolint:mnd // Teting only 31 | } 32 | 33 | func GenerateRandomOsResourceName() string { 34 | return fmt.Sprintf("Test OS name #%d", generateRandomInteger(1023)) //nolint:mnd // Testing only 35 | } 36 | 37 | func GenerateRandomOsUpdatePolicyName() string { 38 | return fmt.Sprintf("Test OS Update Policy name #%d", generateRandomInteger(1023)) //nolint:mnd // Testing only 39 | } 40 | 41 | func GenerateRandInt(minValue, maxValue int) int64 { 42 | nBig, err := rand.Int(rand.Reader, new(big.Int).SetUint64(uint64(maxValue-minValue+1))) //nolint:gosec // Teting only 43 | if err != nil { 44 | panic(err) 45 | } 46 | 47 | return nBig.Int64() + int64(minValue) 48 | } 49 | 50 | func generateRandomInteger(intMax int64) int64 { 51 | nBig, err := rand.Int(rand.Reader, big.NewInt(intMax)) 52 | if err != nil { 53 | panic(err) 54 | } 55 | n := nBig.Int64() 56 | return n 57 | } 58 | -------------------------------------------------------------------------------- /inventory/python/infra_inventory/errors/errors.py: -------------------------------------------------------------------------------- 1 | # Generated by the protocol buffer compiler. DO NOT EDIT! 2 | # sources: errors/errors.proto 3 | # plugin: python-betterproto 4 | from dataclasses import dataclass 5 | from typing import List 6 | 7 | import betterproto 8 | 9 | from .google import protobuf 10 | 11 | 12 | class Reason(betterproto.Enum): 13 | """ 14 | These are our error codes, meant to be processed by machines or programs. 15 | Not really useful for humans. 16 | """ 17 | 18 | # First value must be 0 and specified 19 | OK = 0 20 | # UNKNOWN_CLIENT means client is unknown to the server and a new registration 21 | # must be re-issued 22 | UNKNOWN_CLIENT = 40 23 | # OPERATION_IN_PROGRESS means that some action cannot be performed because 24 | # there is other operation on a given resource in progress. 25 | OPERATION_IN_PROGRESS = 41 26 | 27 | 28 | @dataclass 29 | class ErrorInfo(betterproto.Message): 30 | # The reason of the error. This is a constant value that identifies the 31 | # proximate cause of the error. Error reasons are unique within a particular 32 | # domain of errors. 33 | reason: "Reason" = betterproto.enum_field(1) 34 | # The full error stack. Including the linenumber from which the error 35 | # originated. This might require a wrap before generating this error info if 36 | # the error is coming from a package outside our code. This information is 37 | # only for internal debugging and not meant to be shared outside. 38 | stacktrace: str = betterproto.string_field(2) 39 | # A list of messages that carry additional error details to be standardized 40 | # within this file. 41 | details: List[protobuf.Any] = betterproto.message_field(3) 42 | -------------------------------------------------------------------------------- /inventory/pkg/auth/auth_test.go: -------------------------------------------------------------------------------- 1 | // SPDX-FileCopyrightText: (C) 2025 Intel Corporation 2 | // SPDX-License-Identifier: Apache-2.0 3 | 4 | //nolint:testpackage // testing internal functions 5 | package auth 6 | 7 | import ( 8 | "context" 9 | "flag" 10 | "os" 11 | "testing" 12 | 13 | "github.com/open-edge-platform/infra-core/inventory/v2/pkg/flags" 14 | ) 15 | 16 | func TestMain(m *testing.M) { 17 | // Only needed to suppress the error 18 | flag.String( 19 | "policyBundle", 20 | "/rego/policy_bundle.tar.gz", 21 | "Path of policy rego file", 22 | ) 23 | flag.Parse() 24 | 25 | run := m.Run() // run all tests 26 | os.Exit(run) 27 | } 28 | 29 | func Test_auth_init(t *testing.T) { 30 | type args struct { 31 | ctx context.Context 32 | disableCredMgmt bool 33 | } 34 | tests := []struct { 35 | name string 36 | args args 37 | wantErr bool 38 | }{ 39 | { 40 | name: "Credentials Management enabled", 41 | args: args{ 42 | ctx: context.Background(), 43 | disableCredMgmt: false, 44 | }, 45 | wantErr: true, 46 | }, 47 | { 48 | name: "Credentials Management disabled", 49 | args: args{ 50 | ctx: context.Background(), 51 | disableCredMgmt: true, 52 | }, 53 | wantErr: false, 54 | }, 55 | } 56 | for _, tt := range tests { 57 | t.Run(tt.name, func(t *testing.T) { 58 | flags.FlagDisableCredentialsManagement = flag.Bool(tt.name, tt.args.disableCredMgmt, "") 59 | if err := Init(); (err != nil) != tt.wantErr { 60 | t.Errorf("auth.Init() error = %v, wantErr %v", err, tt.wantErr) 61 | } 62 | }) 63 | } 64 | // ensure the default value for the other tests 65 | flags.FlagDisableCredentialsManagement = flag.Bool("disable-credentials", false, "") 66 | } 67 | -------------------------------------------------------------------------------- /inventory/pkg/api/location/v1/location_constants.pb.go: -------------------------------------------------------------------------------- 1 | // Code generated by protoc-gen-go-const. DO NOT EDIT. 2 | 3 | // source: location/v1/location.proto 4 | 5 | package locationv1 6 | 7 | const ( 8 | // Fields and Edges constants for "RegionResource" 9 | RegionResourceFieldResourceId = "resource_id" 10 | RegionResourceFieldName = "name" 11 | RegionResourceFieldRegionKind = "region_kind" 12 | RegionResourceEdgeParentRegion = "parent_region" 13 | RegionResourceEdgeChildren = "children" 14 | RegionResourceFieldMetadata = "metadata" 15 | RegionResourceFieldTenantId = "tenant_id" 16 | RegionResourceFieldCreatedAt = "created_at" 17 | RegionResourceFieldUpdatedAt = "updated_at" 18 | 19 | // Fields and Edges constants for "SiteResource" 20 | SiteResourceFieldResourceId = "resource_id" 21 | SiteResourceFieldName = "name" 22 | SiteResourceEdgeRegion = "region" 23 | SiteResourceEdgeOu = "ou" 24 | SiteResourceFieldAddress = "address" 25 | SiteResourceFieldSiteLat = "site_lat" 26 | SiteResourceFieldSiteLng = "site_lng" 27 | SiteResourceFieldDnsServers = "dns_servers" 28 | SiteResourceFieldDockerRegistries = "docker_registries" 29 | SiteResourceFieldMetricsEndpoint = "metrics_endpoint" 30 | SiteResourceFieldHttpProxy = "http_proxy" 31 | SiteResourceFieldHttpsProxy = "https_proxy" 32 | SiteResourceFieldFtpProxy = "ftp_proxy" 33 | SiteResourceFieldNoProxy = "no_proxy" 34 | SiteResourceEdgeProvider = "provider" 35 | SiteResourceFieldMetadata = "metadata" 36 | SiteResourceFieldTenantId = "tenant_id" 37 | SiteResourceFieldCreatedAt = "created_at" 38 | SiteResourceFieldUpdatedAt = "updated_at" 39 | ) 40 | --------------------------------------------------------------------------------