Skip to content

Cli/edgelet platform#1

Merged
emirhandurmus merged 63 commits into
developfrom
cli/edgelet-platform
Jun 27, 2026
Merged

Cli/edgelet platform#1
emirhandurmus merged 63 commits into
developfrom
cli/edgelet-platform

Conversation

@emirhandurmus

Copy link
Copy Markdown

No description provided.

Add flavor ldflags, versions.mk RC pins, go:embed assets, root NOTICE,
and strip per-file copyright headers so one tree builds both binaries.
Remove azure-pipelines.yaml, the pipeline/ test templates, and the old GitHub Actions ci.yaml.
PR CI builds both flavors on Datasance and iofogctl only on Eclipse via repository conditionals; add CodeQL and govulncheck.
Introduce grep-gates and vulncheck scripts plus test-unit, smoke, security-code, and golangci-lint v2.12.2 install.
Align with edgelet linter set and add depguard import allowlist for iofogctl module dependencies.
Initialize LatestAPIVersion from ldflags and use util.GetCliApiVersion() for manifest apiVersion fields.
Correct error handling, formatting, and ignored return values; add CI badges and contribution notes for GitHub Actions.
Pin iofog-operator v3.8.0-rc.1 and iofog-go-sdk v3.8.0-rc.3; inject
flavor-specific ControlPlane CR name via Makefile and pkg/util.
Add embedded/external auth, controller URLs, NATS spec, and cpv3 types;
retire Keycloak and ecnViewer fields from K8s paths; add golden fixtures.
…NAME.

Install ControlPlane CR only (no Application CRD); wait on IsReady();
resolve controller endpoint via LB and ingress name controller.
Strip CLI-only fields and apply flavor CR name with golden tests for
iofog.org and datasance.com groups.
Persist spec.ca under ~/.iofog/v3/trust; probe system trust before API
wait; add PrintWarning for untrusted or hostname-mismatch certificates.
…loy.

EnsureIofogUserEmbedded after controller API is ready; trust-aware bootstrap
client; remove legacy Keycloak ecnViewer client updater.
…moval.

Add connect --ca PEM override; clear trust store on CP delete; gate K8s
namespace delete behind --delete-namespace (never default).
…lds.

Update get, describe, delete, deploy, and catalog callers for SDK v3.8;
replace FogType with arch and fix NATS HTTP port field naming.
Drop retired portManager/proxy images; assert publicUrl and consoleUrl
in describe output.
Add edgelet release ldflags, bump controller to 3.8.0-rc.2, migrate to go.podman.io/image and moby client, and drop Azure pipeline bumps from bump.sh.
Remove agent, airgap-agent, and container-agent script bundles and embed the edgelet script tree instead.
Introduce pkg/containerengine for local container operations and pkg/util helpers for GitHub release downloads and network checks.
…tallers.

Add local and remote edgelet config, script orchestration, and container engine wiring while deleting local_agent and remote_agent install paths.
…ing.

Add runtime status fields, package registry YAML, edgelet golden tests, and align control plane fixture images with controller 3.8.0-rc.2.
Add edgelet deploy executors, airgap binary transfer, control plane airgap propagation, and offline image updates for the new installation model.
…gelet.

Retarget delete, detach, prune, and logs to edgelet paths, extend describe status fields, and replace iofog-agent legacy invocations with edgelet.
EnsureIofogUserEmbedded:
- Create new users with a random temporary password instead of the final password.
- Finalize the account via admin reset-token and change-password with the intended password.
- Skip only when the user already exists and mustChangePassword is false.
- Re-run finalization for existing users still marked mustChangePassword.

Controller auth client:
- Return the created auth user from POST /users.
- Add reset-token and change-password helpers for embedded provisioning.

Tests:
- Add temp password complexity coverage.
- Extend embedded user tests for create, skip-ready, and finalize-stuck-user paths.
Replace per-controller router cert install with DeployGlobalCertificates and fix TLS secret key names for the controller API.
Orchestrate parallel per-host edgelet install, manifest translation, deploy, auth, global certificates, and serial system agent provisioning.
…ing.

Reuse remote edgelet orchestration for controller add-ons, validate same-file name and host collisions, and accept RemoteController as a kind alias.
…ote func tests.

Tear down system agents, deprovision edgelet, and remove control plane workloads on delete, with bats coverage for remote deploy flows.
Drop the retired command surface, related config helpers, and generated docs now that v3.8 uses SDK and edgelet workflows exclusively.
Retire the EdgeResource kind and Controller API integration now that application orchestration is handled through the SDK.
Remove embedded controller install scripts and container deploy helpers, stub LocalController add-on deploy, and read controller logs from edgelet instead of iofog-controller.
Drop the Datasance SDK replace directive and align golden fixtures and unit tests with controller 3.8.0-rc.4, NATS 2.14.2-rc.2, and edgelet v1.0.0-rc.4.
Remove coverage for rename, legacy, and EdgeResource flows and simplify detach conflict checks to match the slimmer v3.8 command set.
Refresh remote control plane sample YAML for Lima-based integration runs and add VM and agent fixture files.
Add WaitForAgentPlatformReady and WaitForServiceProvisioningReady with
400s timeout and one automatic reconcile retry on failure. Expose
iofogctl reconcile agent|service for manual retries. Surface
platformStatus on describe agent status and fix service SDK type handling.
Introduce shared permission constants, root-scoped path reads, and host key
pinning. Replace InsecureIgnoreHostKey and tighten trust store file modes.
Add --ca-b64 support, NormalizeTrustCA, and SetTrustCA so trust material from
flags or YAML is stored in the namespace config instead of connect-only overrides.
Format Cobra help with the active flavor name and emit markdown into separate
iofogctl_md and potctl_md directories.
Restrict edgelet fetches to the configured release base and adopt safe path
helpers across airgap, offline image, and remote deploy flows.
…orkflow.

Drop packagecloud publish scripts, add GitHub Actions release job, and align
govulncheck and gosec with dual-flavor build tags.
Refresh README and CHANGELOG for the greenfield v3.8 line and remove the
retired logo asset.
@emirhandurmus emirhandurmus merged commit 2ea025b into develop Jun 27, 2026
3 of 6 checks passed
Comment thread internal/trust/tls.go
case ModeInsecure:
return TransportConfig{
SkipVerify: true,
TLSConfig: &tls.Config{InsecureSkipVerify: true, MinVersion: tls.VersionTLS12}, // #nosec G402
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants