Implement UpdateMachine driver interface

Author: afritzler

go.mod

@@ -24,6 +24,8 @@ require (
 	sigs.k8s.io/yaml v1.6.0
 )
 
+replace github.com/gardener/machine-controller-manager => github.com/afritzler/machine-controller-manager v0.0.0-20250514112441-bbd98c0e8666
+
 require (
 	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver v1.5.0 // indirect

go.sum

@@ -6,6 +6,8 @@ github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1
 github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM=
 github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60=
 github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o=
+github.com/afritzler/machine-controller-manager v0.0.0-20250514112441-bbd98c0e8666 h1:S/O5LahLcH28kJuAz/lkkGkWvHF0cZLxbCoDtSda1To=
+github.com/afritzler/machine-controller-manager v0.0.0-20250514112441-bbd98c0e8666/go.mod h1:TCU/KoudCMt2eV0Jnrq2D1TwgsrBCuhIVgV3j1el6Og=
 github.com/aws/aws-sdk-go-v2 v1.38.2 h1:QUkLO1aTW0yqW95pVzZS0LGFanL71hJ0a49w4TJLMyM=
 github.com/aws/aws-sdk-go-v2 v1.38.2/go.mod h1:sDioUELIUO9Znk23YVmIk86/9DOpkbyyVb1i/gUNFXY=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -43,8 +45,6 @@ github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S
 github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
 github.com/fxamacker/cbor/v2 v2.8.0 h1:fFtUGXUzXPHTIUdne5+zzMPTfffl3RD5qYnkY40vtxU=
 github.com/fxamacker/cbor/v2 v2.8.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ=
-github.com/gardener/machine-controller-manager v0.60.0 h1:aaSE85Yu0hcHYsP5/x1rxWa5o2zhmsmXlKQ+xefHY/Q=
-github.com/gardener/machine-controller-manager v0.60.0/go.mod h1:8eE1qLztrWIbOM71mHSQGaC6Q+pl5lvOyN08qP39D7o=
 github.com/gkampitakis/ciinfo v0.3.2 h1:JcuOPk8ZU7nZQjdUhctuhQofk7BGHuIy0c9Ez8BNhXs=
 github.com/gkampitakis/ciinfo v0.3.2/go.mod h1:1NIwaOcFChN4fa/B0hEBdAb6npDlFL8Bwx4dfRLRqAo=
 github.com/gkampitakis/go-diff v1.3.2 h1:Qyn0J9XJSDTgnsgHRdz9Zp24RaJeKMUHg2+PDZZdC4M=

pkg/metal/create_machine.go

@@ -16,9 +16,14 @@ import (
 	"github.com/gardener/machine-controller-manager/pkg/util/provider/driver"
 	"github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/codes"
 	"github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/status"
-
+	apiv1alpha1 "github.com/ironcore-dev/machine-controller-manager-provider-ironcore-metal/pkg/api/v1alpha1"
+	"github.com/ironcore-dev/machine-controller-manager-provider-ironcore-metal/pkg/api/validation"
+	"github.com/ironcore-dev/machine-controller-manager-provider-ironcore-metal/pkg/ignition"
+	metalv1alpha1 "github.com/ironcore-dev/metal-operator/api/v1alpha1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	utilvalidation "k8s.io/apimachinery/pkg/util/validation"
+	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/klog/v2"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )

pkg/metal/helper.go

@@ -0,0 +1,210 @@
+// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package metal
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1"
+	"github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/codes"
+	"github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/status"
+	"github.com/imdario/mergo"
+	apiv1alpha1 "github.com/ironcore-dev/machine-controller-manager-provider-ironcore-metal/pkg/api/v1alpha1"
+	"github.com/ironcore-dev/machine-controller-manager-provider-ironcore-metal/pkg/ignition"
+	metalv1alpha1 "github.com/ironcore-dev/metal-operator/api/v1alpha1"
+	corev1 "k8s.io/api/core/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	utilvalidation "k8s.io/apimachinery/pkg/util/validation"
+	"k8s.io/apimachinery/pkg/util/wait"
+	"k8s.io/klog/v2"
+	capiv1beta1 "sigs.k8s.io/cluster-api/exp/ipam/api/v1beta1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+// applyServerClaim reserves a Server by creating a corresponding ServerClaim object with proper ignition data
+func (d *metalDriver) applyServerClaim(ctx context.Context, machine *v1alpha1.Machine, providerSpec *apiv1alpha1.ProviderSpec, ignitionSecret *corev1.Secret) (*metalv1alpha1.ServerClaim, error) {
+	serverClaim := &metalv1alpha1.ServerClaim{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: metalv1alpha1.GroupVersion.String(),
+			Kind:       "ServerClaim",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      machine.Name,
+			Namespace: d.metalNamespace,
+			Labels:    providerSpec.Labels,
+		},
+		Spec: metalv1alpha1.ServerClaimSpec{
+			Power: "On",
+			ServerSelector: &metav1.LabelSelector{
+				MatchLabels:      providerSpec.ServerLabels,
+				MatchExpressions: nil,
+			},
+			IgnitionSecretRef: &corev1.LocalObjectReference{Name: ignitionSecret.Name},
+			Image:             providerSpec.Image,
+		},
+	}
+
+	d.clientProvider.Lock()
+	defer d.clientProvider.Unlock()
+	metalClient := d.clientProvider.Client
+
+	if err := metalClient.Patch(ctx, serverClaim, client.Apply, fieldOwner, client.ForceOwnership); err != nil {
+		return nil, status.Error(codes.Internal, fmt.Sprintf("error applying metal machine: %s", err.Error()))
+	}
+
+	if err := metalClient.Patch(ctx, ignitionSecret, client.Apply, fieldOwner, client.ForceOwnership); err != nil {
+		return nil, status.Error(codes.Internal, fmt.Sprintf("error applying ignition secret: %s", err.Error()))
+	}
+
+	return serverClaim, nil
+}
+
+// generateIgnitionSecret creates an ignition file for the machine and stores it in a secret
+func (d *metalDriver) generateIgnitionSecret(ctx context.Context, machine *v1alpha1.Machine, machineClassSecret *corev1.Secret, providerSpec *apiv1alpha1.ProviderSpec, addressesMetaData map[string]any) (*corev1.Secret, error) {
+	// Get userData from machine secret
+	userData, ok := machineClassSecret.Data["userData"]
+	if !ok {
+		return nil, status.Error(codes.Internal, fmt.Sprintf("failed to find user-data in machine secret %s", client.ObjectKeyFromObject(machineClassSecret)))
+	}
+
+	// Ensure providerSpec.MetaData is a map[string]any
+	if providerSpec.Metadata == nil {
+		providerSpec.Metadata = make(map[string]any)
+	}
+
+	// Merge addressesMetaData into providerSpec.MetaData
+	if err := mergo.Merge(&providerSpec.Metadata, addressesMetaData, mergo.WithOverride); err != nil {
+		return nil, fmt.Errorf("failed to merge addressesMetaData into providerSpec.MetaData: %w", err)
+	}
+
+	// Construct ignition file config
+	config := &ignition.Config{
+		Hostname:         machine.Name,
+		UserData:         string(userData),
+		MetaData:         providerSpec.Metadata,
+		Ignition:         providerSpec.Ignition,
+		DnsServers:       providerSpec.DnsServers,
+		IgnitionOverride: providerSpec.IgnitionOverride,
+	}
+	ignitionContent, err := ignition.File(config)
+	if err != nil {
+		return nil, status.Error(codes.Internal, fmt.Sprintf("failed to create ignition file for machine %s: %v", machine.Name, err))
+	}
+
+	ignitionData := map[string][]byte{}
+	ignitionData["ignition"] = []byte(ignitionContent)
+	ignitionSecret := &corev1.Secret{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: corev1.SchemeGroupVersion.String(),
+			Kind:       "Secret",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      d.getIgnitionNameForMachine(ctx, machine.Name),
+			Namespace: d.metalNamespace,
+		},
+		Data: ignitionData,
+	}
+
+	return ignitionSecret, nil
+}
+
+// getOrCreateIPAddressClaims gets or creates IPAddressClaims for the ipam config
+func (d *metalDriver) getOrCreateIPAddressClaims(ctx context.Context, machine *v1alpha1.Machine, providerSpec *apiv1alpha1.ProviderSpec) ([]*capiv1beta1.IPAddressClaim, map[string]any, error) {
+	var ipAddressClaims []*capiv1beta1.IPAddressClaim
+	addressesMetaData := make(map[string]any)
+
+	d.clientProvider.Lock()
+	defer d.clientProvider.Unlock()
+	metalClient := d.clientProvider.Client
+
+	for _, networkRef := range providerSpec.IPAMConfig {
+		ipAddrClaimName := fmt.Sprintf("%s-%s", machine.Name, networkRef.MetadataKey)
+		if len(ipAddrClaimName) > utilvalidation.DNS1123SubdomainMaxLength {
+			klog.Info("IP address claim name is too long, it will be shortened which can cause name collisions", "name", ipAddrClaimName)
+			ipAddrClaimName = ipAddrClaimName[:utilvalidation.DNS1123SubdomainMaxLength]
+		}
+
+		ipAddrClaimKey := client.ObjectKey{Namespace: d.metalNamespace, Name: ipAddrClaimName}
+		ipClaim := &capiv1beta1.IPAddressClaim{}
+		if err := metalClient.Get(ctx, ipAddrClaimKey, ipClaim); err != nil && !apierrors.IsNotFound(err) {
+			return nil, nil, err
+		} else if err == nil {
+			klog.V(3).Infof("IP address claim found %s", ipAddrClaimKey.String())
+			if ipClaim.Status.AddressRef.Name == "" {
+				return nil, nil, fmt.Errorf("IP address claim %q has no IP address reference", ipAddrClaimKey.String())
+			}
+			if ipClaim.Labels == nil {
+				return nil, nil, fmt.Errorf("IP address claim %q has no server claim labels", ipAddrClaimKey.String())
+			}
+			name, nameExists := ipClaim.Labels[LabelKeyServerClaimName]
+			namespace, namespaceExists := ipClaim.Labels[LabelKeyServerClaimNamespace]
+			if !nameExists || !namespaceExists {
+				return nil, nil, fmt.Errorf("IP address claim %q has no server claim labels", ipAddrClaimKey.String())
+			}
+			if name != machine.Name || namespace != d.metalNamespace {
+				return nil, nil, fmt.Errorf("IP address claim %q's server claim labels don't match. Expected: name: %q, namespace: %q. Actual: name: %q, namespace: %q", ipAddrClaimKey.String(), machine.Name, d.metalNamespace, name, namespace)
+			}
+		} else if apierrors.IsNotFound(err) {
+			if networkRef.IPAMRef == nil {
+				return nil, nil, errors.New("ipamRef of an ipamConfig is not set")
+			}
+			klog.V(3).Info("creating IP address claim", "name", ipAddrClaimKey.String())
+			apiGroup := networkRef.IPAMRef.APIGroup
+			ipClaim = &capiv1beta1.IPAddressClaim{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      ipAddrClaimKey.Name,
+					Namespace: ipAddrClaimKey.Namespace,
+					Labels: map[string]string{
+						LabelKeyServerClaimName:      machine.Name,
+						LabelKeyServerClaimNamespace: d.metalNamespace,
+					},
+				},
+				Spec: capiv1beta1.IPAddressClaimSpec{
+					PoolRef: corev1.TypedLocalObjectReference{
+						APIGroup: &apiGroup,
+						Kind:     networkRef.IPAMRef.Kind,
+						Name:     networkRef.IPAMRef.Name,
+					},
+				},
+			}
+			if err = metalClient.Create(ctx, ipClaim); err != nil {
+				return nil, nil, fmt.Errorf("error creating IP: %w", err)
+			}
+
+			// Wait for the IP address claim to reach the ready state
+			err = wait.PollUntilContextTimeout(
+				ctx,
+				time.Millisecond*50,
+				time.Millisecond*340,
+				true,
+				func(ctx context.Context) (bool, error) {
+					if err = metalClient.Get(ctx, ipAddrClaimKey, ipClaim); err != nil && !apierrors.IsNotFound(err) {
+						return false, err
+					}
+					return ipClaim.Status.AddressRef.Name != "", nil
+				})
+			if err != nil {
+				return nil, nil, err
+			}
+		}
+
+		ipAddrKey := client.ObjectKey{Namespace: ipClaim.Namespace, Name: ipClaim.Status.AddressRef.Name}
+		ipAddr := &capiv1beta1.IPAddress{}
+		if err := metalClient.Get(ctx, ipAddrKey, ipAddr); err != nil {
+			return nil, nil, err
+		}
+
+		ipAddressClaims = append(ipAddressClaims, ipClaim)
+		addressesMetaData[networkRef.MetadataKey] = map[string]any{
+			"ip":      ipAddr.Spec.Address,
+			"prefix":  ipAddr.Spec.Prefix,
+			"gateway": ipAddr.Spec.Gateway,
+		}
+	}
+	return ipAddressClaims, addressesMetaData, nil
+}

pkg/metal/update_machine.go

@@ -0,0 +1,58 @@
+// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package metal
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/gardener/machine-controller-manager/pkg/util/provider/driver"
+	"github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/codes"
+	"github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/status"
+	apiv1alpha1 "github.com/ironcore-dev/machine-controller-manager-provider-ironcore-metal/pkg/api/v1alpha1"
+	"k8s.io/klog/v2"
+)
+
+func (d *metalDriver) UpdateMachine(ctx context.Context, req *driver.UpdateMachineRequest) (*driver.UpdateMachineResponse, error) {
+	if isEmptyUpdateRequest(req) {
+		return nil, status.Error(codes.InvalidArgument, "received empty request")
+	}
+
+	if req.MachineClass.Provider != apiv1alpha1.ProviderName {
+		return nil, status.Error(codes.InvalidArgument, fmt.Sprintf("requested provider '%s' is not supported by the driver '%s'", req.MachineClass.Provider, apiv1alpha1.ProviderName))
+	}
+
+	klog.V(3).Infof("Machine update request has been received for %q", req.Machine.Name)
+	defer klog.V(3).Infof("Machine update request has been processed for %q", req.Machine.Name)
+
+	providerSpec, err := validateProviderSpecAndSecret(req.MachineClass, req.Secret)
+	if err != nil {
+		return nil, err
+	}
+
+	addressClaims, addressesMetaData, err := d.getOrCreateIPAddressClaims(ctx, req.Machine, providerSpec)
+	if err != nil {
+		return nil, err
+	}
+
+	ignitionSecret, err := d.generateIgnitionSecret(ctx, req.Machine, req.Secret, providerSpec, addressesMetaData)
+	if err != nil {
+		return nil, err
+	}
+
+	serverClaim, err := d.applyServerClaim(ctx, req.Machine, providerSpec, ignitionSecret)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := d.setServerClaimOwnership(ctx, serverClaim, addressClaims); err != nil {
+		return nil, err
+	}
+
+	return &driver.UpdateMachineResponse{}, nil
+}
+
+func isEmptyUpdateRequest(req *driver.UpdateMachineRequest) bool {
+	return req == nil || req.MachineClass == nil || req.Machine == nil || req.Secret == nil
+}