WIP: Poc/ipv6 ironcore

.github/workflows/publish-docker.yml

@@ -73,7 +73,6 @@ jobs:
           version: latest
           endpoint: builders # self-hosted
       - name: Login to GHCR
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
@@ -85,7 +84,7 @@ jobs:
         with:
           context: .
           platforms: linux/amd64,linux/arm64
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           target: ${{ matrix.image.target }}

Makefile

@@ -7,6 +7,7 @@ ADMISSION_NAME              := admission-ironcore
 IMAGE_PREFIX                := $(REGISTRY)/extensions
 REPO_ROOT                   := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
 HACK_DIR                    := $(REPO_ROOT)/hack
+VERSION                     := $(shell cat "$(REPO_ROOT)/VERSION")
 EFFECTIVE_VERSION           := $(VERSION)-$(shell git rev-parse HEAD)
 LD_FLAGS                    := "-w $(shell bash $(GARDENER_HACK_DIR)/get-build-ld-flags.sh k8s.io/component-base $(REPO_ROOT)/VERSION $(EXTENSION_PREFIX))"
 LEADER_ELECTION             := false
@@ -136,7 +137,7 @@ check: $(GOIMPORTS) $(GOLANGCI_LINT) $(MOCKGEN)
 	@REPO_ROOT=$(REPO_ROOT) bash $(GARDENER_HACK_DIR)/check-charts.sh ./charts
 
 .PHONY: generate
-generate: deepcopy-gen defaulter-gen conversion-gen $(CONTROLLER_GEN) $(HELM) $(MOCKGEN) $(YQ) $(VGOPATH)
+generate: $(CONTROLLER_GEN) $(HELM) $(MOCKGEN) $(YQ) $(VGOPATH)
 	@GOPATH=$(GOPATH) VGOPATH=$(VGOPATH) \
 	MOCKGEN=$(MOCKGEN) \
 	DEEPCOPY_GEN=$(DEEPCOPY_GEN) \
@@ -184,9 +185,6 @@ $(LOCALBIN):
 	mkdir -p $(LOCALBIN)
 
 ## Tool Binaries
-DEEPCOPY_GEN ?= $(LOCALBIN)/deepcopy-gen
-CONVERSION_GEN ?= $(LOCALBIN)/conversion-gen
-DEFAULTER_GEN ?= $(LOCALBIN)/defaulter-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
@@ -201,33 +199,3 @@ envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
 $(ENVTEST): $(LOCALBIN)
 	$(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,$(ENVTEST_VERSION))
 
-.PHONY: deepcopy-gen
-deepcopy-gen: $(DEEPCOPY_GEN) ## Download deepcopy-gen locally if necessary.
-$(DEEPCOPY_GEN): $(LOCALBIN)
-	$(call go-install-tool,$(DEEPCOPY_GEN),k8s.io/code-generator/cmd/deepcopy-gen,$(CODE_GENERATOR_VERSION))
-
-.PHONY: defaulter-gen
-defaulter-gen: $(DEFAULTER_GEN) ## Download defaulter-gen locally if necessary.
-$(DEFAULTER_GEN): $(LOCALBIN)
-	$(call go-install-tool,$(DEFAULTER_GEN),k8s.io/code-generator/cmd/defaulter-gen,$(CODE_GENERATOR_VERSION))
-
-.PHONY: conversion-gen
-conversion-gen: $(CONVERSION_GEN) ## Download conversion-gen locally if necessary.
-$(CONVERSION_GEN): $(LOCALBIN)
-	$(call go-install-tool,$(CONVERSION_GEN),k8s.io/code-generator/cmd/conversion-gen,${CODE_GENERATOR_VERSION})
-
-# go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist
-# $1 - target path with name of binary
-# $2 - package url which can be installed
-# $3 - specific version of package
-define go-install-tool
-@[ -f "$(1)-$(3)" ] && [ "$$(readlink -- "$(1)" 2>/dev/null)" = "$(1)-$(3)" ] || { \
-set -e; \
-package=$(2)@$(3) ;\
-echo "Downloading $${package}" ;\
-rm -f $(1) ;\
-GOBIN=$(LOCALBIN) go install $${package} ;\
-mv $(1) $(1)-$(3) ;\
-} ;\
-ln -sf $$(realpath $(1)-$(3)) $(1)
-endef

hack/update-codegen.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/bash
 
 set -o errexit
 set -o nounset

pkg/apis/ironcore/types_infrastructure.go

@@ -35,8 +35,8 @@ type InfrastructureStatus struct {
 	NetworkRef commonv1alpha1.LocalUIDReference
 	// NATGatewayRef is the reference to the NAT gateway used
 	NATGatewayRef commonv1alpha1.LocalUIDReference
-	// PrefixRef is the reference to the Prefix used
-	PrefixRef commonv1alpha1.LocalUIDReference
+	// PrefixRefs are the reference to the Prefixes used
+	PrefixRefs []commonv1alpha1.LocalUIDReference
 	//NetworkPolicy is reference to the NetworkPolicy defined
 	NetworkPolicyRef commonv1alpha1.LocalUIDReference
 }

pkg/apis/ironcore/v1alpha1/types_infrastructure.go

@@ -34,9 +34,8 @@ type InfrastructureStatus struct {
 	// NetworkRef is the reference to the networked used
 	NetworkRef commonv1alpha1.LocalUIDReference `json:"networkRef,omitempty"`
 	// NATGatewayRef is the reference to the NAT gateway used
-	NATGatewayRef commonv1alpha1.LocalUIDReference `json:"natGatewayRef,omitempty"`
-	// PrefixRef is the reference to the Prefix used
-	PrefixRef commonv1alpha1.LocalUIDReference `json:"prefixRef,omitempty"`
+	NATGatewayRef commonv1alpha1.LocalUIDReference   `json:"natGatewayRef,omitempty"`
+	PrefixRefs    []commonv1alpha1.LocalUIDReference `json:"prefixRefs,omitempty"`
 	//NetworkPolicy is reference to the NetworkPolicy defined
 	NetworkPolicyRef commonv1alpha1.LocalUIDReference `json:"networkPolicyRef,omitempty"`
 }

pkg/controller/bastion/actuator_reconcile.go

@@ -252,8 +252,9 @@ func generateMachine(namespace string, bastionConfig *controllerconfig.BastionCo
 													Spec: ipamv1alpha1.PrefixSpec{
 														// request single IP
 														PrefixLength: 32,
+														// TODO do we need to generate IPv6 bastion hosts?
 														ParentRef: &corev1.LocalObjectReference{
-															Name: infraStatus.PrefixRef.Name,
+															Name: infraStatus.PrefixRefs[0].Name,
 														},
 													},
 												},

pkg/controller/bastion/configvalidator.go

@@ -122,8 +122,10 @@ func validateInfrastructureStatus(infrastructureStatus *api.InfrastructureStatus
 		return fmt.Errorf("network ref must be not empty for infrastructure provider status")
 	}
 
-	if infrastructureStatus.PrefixRef == emptyref {
-		return fmt.Errorf("prefix ref must be not empty for infrastructure provider status")
+	for _, prefixRef := range infrastructureStatus.PrefixRefs {
+		if prefixRef == emptyref {
+			return fmt.Errorf("prefix ref must be not empty for infrastructure provider status")
+		}
 	}
 
 	return nil

pkg/controller/bastion/suite_test.go

@@ -256,9 +256,9 @@ func SetupTest() *corev1.Namespace {
 						},
 						Minimum: 0,
 						Name:    "pool",
+						//UserData: []byte("some-data"),
 						UserDataSecretRef: corev1.SecretKeySelector{
 							LocalObjectReference: corev1.LocalObjectReference{Name: userDataSecretName},
-							Key:                  userDataSecretDataKey,
 						},
 						Volume: &extensionsv1alpha1.Volume{
 							Name: &volumeName,
@@ -285,9 +285,11 @@ func SetupTest() *corev1.Namespace {
 				Name: "my-network",
 				UID:  "1234",
 			},
-			PrefixRef: commonv1alpha1.LocalUIDReference{
-				Name: "my-prefix",
-				UID:  "4321",
+			PrefixRefs: []commonv1alpha1.LocalUIDReference{
+				{
+					Name: "my-prefix",
+					UID:  "4321",
+				},
 			},
 		}
 		worker.Spec.InfrastructureProviderStatus = &apiruntime.RawExtension{Object: infraStatus}

pkg/controller/controlplane/valuesprovider.go

@@ -215,10 +215,14 @@ func (vp *valuesProvider) GetConfigChartValues(
 		return nil, fmt.Errorf("failed to decode infrastructure status: %w", err)
 	}
 	// Collect config chart values
+	var prefixNames []string
+	for _, prefix := range infrastructureStatus.PrefixRefs {
+		prefixNames = append(prefixNames, prefix.Name)
+	}
 	return map[string]interface{}{
-		ironcore.NetworkFieldName: infrastructureStatus.NetworkRef.Name,
-		ironcore.PrefixFieldName:  infrastructureStatus.PrefixRef.Name,
-		ironcore.ClusterFieldName: cluster.ObjectMeta.Name,
+		ironcore.NetworkFieldName:  infrastructureStatus.NetworkRef.Name,
+		ironcore.PrefixesFieldName: prefixNames,
+		ironcore.ClusterFieldName:  cluster.ObjectMeta.Name,
 	}, nil
 }
 

pkg/controller/controlplane/valuesprovider_test.go

@@ -84,9 +84,11 @@ var _ = Describe("Valueprovider Reconcile", func() {
 								Name: "my-network",
 								UID:  "1234",
 							},
-							PrefixRef: v1alpha1.LocalUIDReference{
-								Name: "my-prefix",
-								UID:  "6789",
+							PrefixRefs: []v1alpha1.LocalUIDReference{
+								{
+									Name: "my-prefix",
+									UID:  "6789",
+								},
 							},
 						}),
 					},