Add BMCUser type and controller (#368)

* My actual changes only

* Add BMC user account management methods and update mock data

* Add YAML test data files to REUSE.toml annotations

* adds missing rbac for bmcsecrets; minor refactoring

* removes unused ctx param in redfish funcs

Author: stefanhipfel

PROJECT

@@ -29,6 +29,9 @@ resources:
   kind: BMCSecret
   path: github.com/ironcore-dev/metal-operator/api/v1alpha1
   version: v1alpha1
+  webhooks:
+    validation: true
+    webhookVersion: v1
 - api:
     crdVersion: v1
   controller: true
@@ -142,6 +145,14 @@ resources:
   kind: BMCVersionSet
   path: github.com/ironcore-dev/metal-operator/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+  controller: true
+  domain: ironcore.dev
+  group: metal
+  kind: BMCUser
+  path: github.com/ironcore-dev/metal-operator/api/v1alpha1
+  version: v1alpha1
 - api:
     crdVersion: v1
   controller: true

api/v1alpha1/bmcuser_types.go

@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package v1alpha1
+
+import (
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// BMCUserSpec defines the desired state of BMCUser.
+type BMCUserSpec struct {
+	// Username of the BMC user.
+	UserName string `json:"userName"`
+	// RoleID is the ID of the role to assign to the user.
+	// The available roles depend on the BMC implementation.
+	// For Redfish, common role IDs are "Administrator", "Operator", "ReadOnly".
+	RoleID string `json:"roleID"`
+	// Description is an optional description for the BMC user.
+	Description string `json:"description,omitempty"`
+	// RotationPeriod defines how often the password should be rotated.
+	// if not set, the password will not be rotated.
+	RotationPeriod *metav1.Duration `json:"rotationPeriod,omitempty"`
+	// BMCSecretRef references the BMCSecret containing the credentials for this user.
+	// If not set, the operator will generate a secure password based on BMC manufacturer requirements.
+	BMCSecretRef *v1.LocalObjectReference `json:"bmcSecretRef,omitempty"`
+	// BMCRef references the BMC this user should be created on.
+	BMCRef *v1.LocalObjectReference `json:"bmcRef,omitempty"`
+}
+
+// BMCUserStatus defines the observed state of BMCUser.
+type BMCUserStatus struct {
+	// EffectiveBMCSecretRef references the BMCSecret currently used for this user.
+	// This may differ from Spec.BMCSecretRef if the operator generated a password.
+	EffectiveBMCSecretRef *v1.LocalObjectReference `json:"effectiveBMCSecretRef,omitempty"`
+	// LastRotation is the timestamp of the last password rotation.
+	LastRotation *metav1.Time `json:"lastRotation,omitempty"`
+	// PasswordExpiration is the timestamp when the password will expire.
+	PasswordExpiration *metav1.Time `json:"passwordExpiration,omitempty"`
+	// ID of the user in the BMC system
+	ID string `json:"id,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:scope=Cluster
+
+// BMCUser is the Schema for the bmcusers API.
+type BMCUser struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   BMCUserSpec   `json:"spec,omitempty"`
+	Status BMCUserStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// BMCUserList contains a list of BMCUser.
+type BMCUserList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []BMCUser `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&BMCUser{}, &BMCUserList{})
+}

api/v1alpha1/constants.go

@@ -48,6 +48,9 @@ const (
 
 	// OperationAnnotationRetryFailedPropagated restarts the reconciliation of a resource's child from failed state -> initial state.
 	OperationAnnotationRetryFailedPropagated = "retry-failed-state-resource-propagated"
+
+	// OperationAnnotationRotateCredentials is used to indicate that credentials should be rotated.
+	OperationAnnotationRotateCredentials = "rotate-credentials"
 )
 
 const (

api/v1alpha1/zz_generated.deepcopy.go

@@ -113,6 +113,18 @@ type BMC interface {
 
 	// GetBMCUpgradeTask retrieves the task for the BMC upgrade.
 	GetBMCUpgradeTask(ctx context.Context, manufacturer string, taskURI string) (*redfish.Task, error)
+
+	// CreateOrUpdateAccount creates or updates a BMC user account.
+	CreateOrUpdateAccount(ctx context.Context, userName, role, password string, enabled bool) error
+
+	// DeleteAccount deletes a BMC user account.
+	DeleteAccount(ctx context.Context, userName, id string) error
+
+	// GetAccounts retrieves all BMC user accounts.
+	GetAccounts() ([]*redfish.ManagerAccount, error)
+
+	// GetAccountService retrieves the account service.
+	GetAccountService() (*redfish.AccountService, error)
 }
 
 type Entity struct {

bmc/bmc.go

@@ -6,6 +6,7 @@
     "Enabled": true,
     "Password": null,
     "PasswordChangeRequired": false,
+    "PasswordExpiration": "2026-12-31T23:59:59Z",
     "AccountTypes": [
         "Redfish"
     ],
@@ -30,4 +31,4 @@
     },
     "@odata.id": "/redfish/v1/AccountService/Accounts/1",
     "@Redfish.Copyright": "Copyright 2014-2023 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright."
-}
+}

bmc/mock/server/data/AccountService/Accounts/1/index.json

@@ -9,6 +9,7 @@
     },
     "ServiceEnabled": true,
     "AuthFailureLoggingThreshold": 3,
+    "MaxPasswordLength": 30,
     "MinPasswordLength": 8,
     "AccountLockoutThreshold": 5,
     "AccountLockoutDuration": 30,
@@ -123,4 +124,4 @@
     "RequireChangePasswordAction": false,
     "@odata.id": "/redfish/v1/AccountService",
     "@Redfish.Copyright": "Copyright 2014-2023 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright."
-}
+}

bmc/mock/server/data/AccountService/index.json

@@ -3,7 +3,10 @@
 
 package bmc
 
-import "github.com/stmcginnis/gofish/redfish"
+import (
+	"github.com/stmcginnis/gofish/common"
+	"github.com/stmcginnis/gofish/redfish"
+)
 
 // RedfishMockUps is an implementation of the BMC interface for Redfish.
 type RedfishMockUps struct {
@@ -22,6 +25,7 @@ type RedfishMockUps struct {
 	BMCUpgradeTaskIndex  int
 	BMCUpgradeTaskStatus []redfish.Task
 
+	Accounts              map[string]*redfish.ManagerAccount
 	SimulateUnvailableBMC bool
 }
 
@@ -107,6 +111,39 @@ func (r *RedfishMockUps) InitializeDefaults() {
 		},
 	}
 
+	r.Accounts = map[string]*redfish.ManagerAccount{
+		"foo": {
+			Entity: common.Entity{
+				ID: "0",
+			},
+			UserName: "foo",
+			Enabled:  true,
+			RoleID:   "ReadOnly",
+			Locked:   false,
+			Password: "bar",
+		},
+		"admin": {
+			Entity: common.Entity{
+				ID: "1",
+			},
+
+			UserName: "admin",
+			Enabled:  true,
+			RoleID:   "Administrator",
+			Locked:   false,
+			Password: "adminpass",
+		},
+		"user": {
+			Entity: common.Entity{
+				ID: "2",
+			},
+			UserName: "user",
+			Enabled:  true,
+			RoleID:   "ReadOnly",
+			Locked:   false,
+			Password: "userpass",
+		},
+	}
 	r.SimulateUnvailableBMC = false
 }