[sonic-redfish] Sonic Redfish support with OpenBMC D-Bus

[chinmoy-nexthop]

Guideline for Reviewer :

bmcweb - Upstream code (mostly untouched )

• No need to review

Build

• integration patches/*
• Makefile - Docker orchestration, build automation
• build/Dockerfile.build - Debian Trixie build environment
• README.md - SONiC-specific documentation

sonic-dbus-bridge - Bridge SONiC Redis to D-Bus for bmcweb integration

• Bridge between SONiC's Redis database and OpenBMC's D-Bus
• Export SONiC platform data as D-Bus objects
• Sync SONiC state (users, inventory, FRU) to D-Bus
• Enable bmcweb to access SONiC data via D-Bus
• Pub/Sub for real-time updates,. etc.

sonic-dbus-bridge/
├── config/
 │   └── config.yaml                   - Redis/D-Bus configuration
├── dbus/                                 - D-Bus security policies
├── debian/                              - Debian packaging
├── include/                             - All header files
├── src/                                    - All implementation files
├── subprojects/                     - Meson dependencies

About the Changes

OpenBMC Standard Compliance:

bmcweb (industry-standard Redfish server) is hardcoded to expect xyz.openbmc_project.* D-Bus interfaces. sonic-dbus-bridge implements these exact interfaces, while existing SONiC services use incompatible org.SONiC.* interfaces.

• xyz/openbmc_project/...

Mimicking OpenBMC:

sonic-dbus-bridge mimics OpenBMC D-Bus interfaces (xyz.openbmc_project.*) to expose SONiC platform data as standard Redfish APIs, creating the illusion that all phosphor-* services exist in SONiC without actually porting them.

Data Model Mismatch:

Existing SONiC host-service is action-oriented (RPC methods for internal container-to-host control), but Redfish requires a property-based, inventory data model. sonic-dbus-bridge provides the data-oriented interface that external management tools expect.

Keep bmcweb Pristine:

Establishes D-Bus as the singular standardized integration layer, ensuring bmcweb remains nearly unmodified and upstream-compatible no forking of the Redfish project.

Hardware Data Aggregation:

Translates SONiC's distributed hardware data (Redis CONFIG_DB/STATE_DB, FRU EEPROMs, platform.json) into unified OpenBMC compatible D-Bus objects that bmcweb can discover and consume.

Bidirectional Communication:

Enables both read (inventory queries) and write (host power control, reboot) operations via Redfish GET/PATCH/POST, bridging external management tools to SONiC's internal state.

Graceful Degradation:

Designed to tolerate missing data sources (Redis down, FRU unreadable) with safe fallbacks, ensuring Redfish endpoints remain available even in degraded mode critical for production BMC reliability.

sonic-dbus-bridge component:

• Implements D-Bus to Redis state synchronization for SONiC integration
• Provides D-Bus interfaces for Redfish API consumption by bmcweb
• Supports inventory management via FRU and platform JSON adapters
• Implements user management with PAM integration
• Implements software update management for BMC firmware
• Uses Redis pub/sub for state change notifications
• Built with C++23, Meson build system, and sdbusplus library

Build system features:

• Docker-only compilation for build consistency across environments
• Meson-based builds for both bmcweb and sonic-dbus-bridge
• C++23 support with proper dependency resolution via wrap files
• Parallel build support via SONIC_CONFIG_MAKE_JOBS variable
• Clean separation of build artifacts and source code
• Makefile.build as central build orchestration with Docker-only builds
• Docker build environment (debian:trixie) with all required dependencies
• patch management system with series file for bmcweb integration
• submodule setup scripts for bmcweb and sdbusplus dependencies
• Docker container configuration for runtime deployment
• README.md with build instructions and system architecture

[mssonicbld]

/azp run

[azure-pipelines]

Commenter does not have sufficient privileges for PR 1 in repo sonic-net/sonic-redfish

[nate-nexthop]

Thanks!

[mssonicbld]

/azp run

[azure-pipelines]

Commenter does not have sufficient privileges for PR 1 in repo sonic-net/sonic-redfish

[mssonicbld]

/azp run

[azure-pipelines]

Commenter does not have sufficient privileges for PR 1 in repo sonic-net/sonic-redfish

[mssonicbld]

/azp run

[azure-pipelines]

Commenter does not have sufficient privileges for PR 1 in repo sonic-net/sonic-redfish

[mssonicbld]

/azp run

[mssonicbld]

/azp run

[azure-pipelines]

Commenter does not have sufficient privileges for PR 1 in repo sonic-net/sonic-redfish

[azure-pipelines]

Commenter does not have sufficient privileges for PR 1 in repo sonic-net/sonic-redfish

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[judyjoseph]

LGTM.. Can you add details in description as to which files/components are added newly and which are part of original openbmc/bmcweb - Will concentrate on that part to review, it is quite a big code to review :-)

Additional question do we have the code to handle the Oem URIs here .. ? especially templatizing the alert/tememetry data that can come in any formats or that is coming as subsequent PR

[chinmoy-nexthop]

LGTM.. Can you add details in description as to which files/components are added newly and which are part of original openbmc/bmcweb - Will concentrate on that part to review, it is quite a big code to review :-)

Additional question do we have the code to handle the Oem URIs here .. ? especially templatizing the alert/tememetry data that can come in any formats or that is coming as subsequent PR

thank you @judyjoseph for looking into this.

bmcweb - Upstream code (mostly untouched )

• No need to review

Build

• integration patches/*
• Makefile - Docker orchestration, build automation
• build/Dockerfile.build - Debian Trixie build environment
• README.md - SONiC-specific documentation

sonic-dbus-bridge - Bridge SONiC Redis to D-Bus for bmcweb integration

• Bridge between SONiC's Redis database and OpenBMC's D-Bus
• Export SONiC platform data as D-Bus objects
• Sync SONiC state (users, inventory, FRU) to D-Bus
• Enable bmcweb to access SONiC data via D-Bus
• Pub/Sub for real-time updates,. etc.

sonic-dbus-bridge/
├── config/
 │   └── config.yaml                   - Redis/D-Bus configuration
├── dbus/                                 - D-Bus security policies
├── debian/                              - Debian packaging
├── include/                             - All header files
├── src/                                    - All implementation files
├── subprojects/                     - Meson dependencies

Oem URIs here:

• We have a different PR for this
• URI can only be added once we enable the framework to add SONiC OEM extension to bmcweb and schema mapping for the fields
• This PR Implements OEM extention on top of Current PR

[judyjoseph]

@chinmoy-nexthop if we do a squash commit all the changes will be merged into a single commit Is that ok ?

Or do you want to segregate your 24 commits into something same 5 meaningful commits based on functionality -- in that case we will just commit as such instead of doing a squash single commit.

[mssonicbld]

/azp run

[azure-pipelines]

No pipelines are associated with this pull request.

[chinmoy-nexthop]

@chinmoy-nexthop if we do a squash commit all the changes will be merged into a single commit Is that ok ?

Or do you want to segregate your 24 commits into something same 5 meaningful commits based on functionality -- in that case we will just commit as such instead of doing a squash single commit.

Done @judyjoseph . thanks

[judyjoseph]

LGTM to start as base

[yxieca]

Review notes (non-blocking, OK to proceed as initial drop):

• Config file is ignored: ConfigManager::load() does not parse YAML and always uses defaults, so config.yaml is unused. Consider implementing YAML parsing (yaml-cpp) or mark config as placeholder in README.
• config.yaml indentation is invalid: platform/dbus/update/logging/features/persistence blocks are indented under redis, and fru_eeprom_paths list items are mis-indented. A YAML parser will fail or parse incorrectly. Please fix structure.
• D-Bus policy too permissive for sensitive services: User.Manager and State.Host allow all users to send methods. Consider restricting to root/bmcweb or tighter policy group.

Happy to proceed with merge now and track these as follow-ups.

[chinmoy-nexthop]

• Config file is ignored: ConfigManager::load() does not parse YAML and always uses defaults, so config.yaml is unused. Consider implementing YAML parsing (yaml-cpp) or mark config as placeholder in README.
• config.yaml indentation is invalid: platform/dbus/update/logging/features/persistence blocks are indented under redis, and fru_eeprom_paths list items are mis-indented. A YAML parser will fail or parse incorrectly. Please fix structure.
• D-Bus policy too permissive for sensitive services: User.Manager and State.Host allow all users to send methods. Consider restricting to root/bmcweb or tighter policy group.

Thank you @yxieca for review . I will take care your feedback in a follow up PR with proper Config manager enhancements for sonic-redfish.