Skip to content

Enh/fallback allowable values simpleupdate #846

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
davidgrun wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Enh/fallback allowable values simpleupdate #846

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
26847e3
feat: Add protocol fallback support for firmware updates
davidgrun Apr 27, 2026
2a655c4
feat: Add fallback transfer protocol and URI fields to BIOSSettings API
davidgrun Apr 27, 2026
add18cd
fix: address code review comments
xkonni May 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions api/v1alpha1/biosversion_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,8 @@ type BIOSVersionSpec struct {
ServerRef *corev1.LocalObjectReference `json:"serverRef,omitempty"`
}

// +kubebuilder:validation:XValidation:rule="!has(self.fallbackTransferProtocol) || (has(self.transferProtocol) && size(self.transferProtocol) > 0)",message="fallbackTransferProtocol requires a non-empty transferProtocol"
// +kubebuilder:validation:XValidation:rule="(has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol) > 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0) || (!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))",message="fallbackTransferProtocol and fallbackURI must both be set to non-empty values or both be unset"
type ImageSpec struct {
// SecretRef is a reference to the Secret containing the credentials to access the image URI.
// +optional
Expand All @@ -77,6 +79,16 @@ type ImageSpec struct {
// URI is the URI of the software image to install.
// +required
URI string `json:"URI"`

// FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
// is not supported by the BMC's UpdateService.
// +optional
FallbackTransferProtocol string `json:"fallbackTransferProtocol,omitempty"`

// FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
// is not supported by the BMC's UpdateService.
// +optional
FallbackURI string `json:"fallbackURI,omitempty"`
}

// BIOSVersionStatus defines the observed state of BIOSVersion.
Expand Down
4 changes: 4 additions & 0 deletions bmc/bmc.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,10 @@ type BMC interface {
// CheckBMCPendingComponentUpgrade checks if there are pending/staged firmware upgrades
// for the given component type.
CheckBMCPendingComponentUpgrade(ctx context.Context, componentType ComponentType) (bool, error)

// GetSupportedTransferProtocols retrieves the list of transfer protocols supported
// by the BMC's UpdateService for SimpleUpdate.
GetSupportedTransferProtocols(ctx context.Context) ([]string, error)
}

type Entity struct {
Expand Down
3 changes: 2 additions & 1 deletion bmc/mock/server/data/UpdateService/index.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@
"Actions": {
"#UpdateService.SimpleUpdate": {
"target": "/redfish/v1/UpdateService/Actions/SimpleUpdate",
"@Redfish.ActionInfo": "/redfish/v1/UpdateService/SimpleUpdateActionInfo"
"@Redfish.ActionInfo": "/redfish/v1/UpdateService/SimpleUpdateActionInfo",
"TransferProtocol@Redfish.AllowableValues": ["HTTPS", "NFS", "CIFS", "TFTP"]
}
},
"@odata.id": "/redfish/v1/UpdateService",
Expand Down
36 changes: 36 additions & 0 deletions bmc/oem_helpers.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,42 @@ func upgradeVersion(ctx context.Context, base *RedfishBaseBMC, params *schemas.U
return "", false, err
}

// Validate TransferProtocol if specified
if params.TransferProtocol != "" {
allowedProtocols := tUS.Actions.SimpleUpdate.AllowableValues

// If BMC reports no restrictions, allow any protocol
if len(allowedProtocols) > 0 {
protocolSupported := false
protocolUpper := strings.ToUpper(string(params.TransferProtocol))

for _, allowed := range allowedProtocols {
if strings.ToUpper(allowed) == protocolUpper {
protocolSupported = true
break
}
}

if !protocolSupported {
log.Info("Transfer protocol not supported by BMC",
"requested", params.TransferProtocol,
"supported", allowedProtocols)

return "", true, // isFatal=true (don't retry - user config error)
fmt.Errorf(
"transfer protocol %q not supported by BMC. Supported protocols: %v. "+
"Please update the spec to use a supported protocol or configure a fallback",
params.TransferProtocol,
allowedProtocols,
)
}

log.V(1).Info("Transfer protocol validated",
"protocol", params.TransferProtocol,
"supported", allowedProtocols)
}
}

requestBody := requestBodyFn(params)

resp, err := updateService.PostWithResponse(tUS.Actions.SimpleUpdate.Target, &requestBody)
Expand Down
34 changes: 34 additions & 0 deletions bmc/redfish.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -859,6 +859,40 @@ func (r *RedfishBaseBMC) WaitForServerPowerState(ctx context.Context, systemURI
return nil
}

// GetSupportedTransferProtocols returns the list of transfer protocols supported
// by the BMC for firmware updates via SimpleUpdate action.
// Returns protocols like ["HTTP", "HTTPS", "TFTP", "SFTP"] based on BMC capabilities.
// An empty list indicates the BMC has no protocol restrictions.
func (r *RedfishBaseBMC) GetSupportedTransferProtocols(ctx context.Context) ([]string, error) {
service := r.client.GetService()
updateService, err := service.UpdateService()
if err != nil {
return nil, fmt.Errorf("failed to get UpdateService: %w", err)
}

// Reuse existing struct from oem_helpers.go (lines 47-53)
type tActions struct {
SimpleUpdate struct {
AllowableValues []string `json:"TransferProtocol@Redfish.AllowableValues"`
} `json:"#UpdateService.SimpleUpdate"`
}

var tUS struct {
Actions tActions
}

if err = json.Unmarshal(updateService.RawData, &tUS); err != nil {
return nil, fmt.Errorf("failed to parse UpdateService actions: %w", err)
}

protocols := tUS.Actions.SimpleUpdate.AllowableValues
if len(protocols) == 0 {
return []string{}, nil // No restrictions = all protocols allowed
}

return protocols, nil
}

// UpgradeBiosVersion is a fallback for unknown vendors. Vendor-specific structs override this.
func (r *RedfishBaseBMC) UpgradeBiosVersion(_ context.Context, _ string, _ *schemas.UpdateServiceSimpleUpdateParameters) (string, bool, error) {
return "", false, fmt.Errorf("firmware upgrade not supported for manufacturer %q", r.manufacturer)
Expand Down
19 changes: 19 additions & 0 deletions config/crd/bases/metal.ironcore.dev_biosversions.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -97,6 +107,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both be set
to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0) ||
(!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
19 changes: 19 additions & 0 deletions config/crd/bases/metal.ironcore.dev_biosversionsets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -98,6 +108,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both
be set to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0)
|| (!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
19 changes: 19 additions & 0 deletions config/crd/bases/metal.ironcore.dev_bmcversions.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -112,6 +122,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both be set
to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0) ||
(!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
19 changes: 19 additions & 0 deletions config/crd/bases/metal.ironcore.dev_bmcversionsets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -145,6 +155,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both
be set to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0)
|| (!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
19 changes: 19 additions & 0 deletions dist/chart/templates/crd/metal.ironcore.dev_biosversions.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -103,6 +113,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both be set
to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0) ||
(!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
19 changes: 19 additions & 0 deletions dist/chart/templates/crd/metal.ironcore.dev_biosversionsets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -104,6 +114,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both
be set to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0)
|| (!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
19 changes: 19 additions & 0 deletions dist/chart/templates/crd/metal.ironcore.dev_bmcversions.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,16 @@ spec:
URI:
description: URI is the URI of the software image to install.
type: string
fallbackTransferProtocol:
description: |-
FallbackTransferProtocol is the fallback network protocol used if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
fallbackURI:
description: |-
FallbackURI is the fallback URI of the software image to install if the primary TransferProtocol
is not supported by the BMC's UpdateService.
type: string
secretRef:
description: SecretRef is a reference to the Secret containing
the credentials to access the image URI.
Expand All @@ -118,6 +128,15 @@ spec:
required:
- URI
type: object
x-kubernetes-validations:
- message: fallbackTransferProtocol requires a non-empty transferProtocol
rule: '!has(self.fallbackTransferProtocol) || (has(self.transferProtocol)
&& size(self.transferProtocol) > 0)'
- message: fallbackTransferProtocol and fallbackURI must both be set
to non-empty values or both be unset
rule: (has(self.fallbackTransferProtocol) && size(self.fallbackTransferProtocol)
> 0 && has(self.fallbackURI) && size(self.fallbackURI) > 0) ||
(!has(self.fallbackTransferProtocol) && !has(self.fallbackURI))
retryPolicy:
description: RetryPolicy defines the retry behavior for automatic
retries on transient failures.
Expand Down
Loading
Loading