{"results":[{"id":"api-architecture-tripartite-incompatible-auth","text":"Hetzner's API architecture spans three distinct endpoints (Cloud API, Robot API, Storage Box) with two different authentication mechanisms (Bearer tokens for Cloud/Robot, separate credentials for Storage Box), requiring separate credential management for each product line.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"automation-must-bridge-api-paradigm-gap","text":"Full Hetzner automation requires tools that bridge fundamentally different API paradigms — modern JSON/Bearer token (Cloud) vs legacy URL-encoded/Basic Auth (Robot) — across three toolchain layers (CLI, SDK, IaC), making unified abstraction a prerequisite for multi-product management.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"ccm-integrates-cloud-and-robot-api","text":"The Hetzner Cloud Controller Manager integrates Kubernetes with both the Hetzner Cloud API and the Robot API (dedicated servers).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"ccm-kubernetes-integration-production-ready","text":"The Hetzner Cloud Controller Manager provides production-ready Kubernetes integration with both Cloud and Robot APIs, including annotation-driven load balancer configuration.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"ccm-robot-env-vars","text":"Robot API integration requires `ROBOT_ENABLED=true`, `ROBOT_USER`, and `ROBOT_PASSWORD` environment variables.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"ftl2-enables-hybrid-convergence-when-native-modules-land","text":"FTL2 could provide unified hybrid Hetzner orchestration — combining 250x-faster native module execution with Ansible collection modules to bridge the Cloud/Robot API paradigm gap in a single async Python tool, eliminating the need for multi-protocol automation wrappers.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"governance-must-bridge-api-paradigms","text":"External governance tooling for Hetzner must itself bridge the API paradigm gap — resource protection gaps (predominantly delete-only, no RBAC) and billing transparency issues span both the Cloud API (modern Bearer/JSON) and Robot API (legacy Basic/URL-encoded), meaning governance cannot be implemented against a single API surface and no unified governance integration point exists within the platform.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcloud-three-apis-different-auth","text":"Hetzner has three distinct APIs with different auth: Cloud API (Bearer token), Hetzner API (Bearer token for storage boxes), Robot API (Basic auth for dedicated servers).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hybrid-automation-compound-complexity","text":"Hetzner hybrid cloud-dedicated automation faces compound complexity across three axes: fundamentally different API paradigms requiring multi-protocol bridging (Cloud REST/Bearer vs Robot Basic/URL-encoded), asynchronous operations propagating wait/poll patterns through every automation layer (CLI 500ms polling, Go SDK WaitFor, Terraform), and network convergence spanning Layer 2 (vSwitch) and Layer 7 (LB) — requiring automation tooling that handles protocol translation, convergence timing, and multi-layer networking simultaneously.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hybrid-automation-triple-compound-complexity","text":"Full Hetzner hybrid automation faces triple compound complexity that no single existing tool addresses — different API paradigms (REST/Bearer vs URL-encoded/Basic Auth), different security postures (shallow Cloud protections vs aggressive Robot lockout), AND async propagation through all layers must be bridged simultaneously by any orchestration solution.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"multi-project-automation-credential-explosion","text":"Multi-project Hetzner deployments require per-project Cloud API tokens plus account-level Robot API and Storage Box credentials, creating a credential management surface that grows with the number of projects.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-aggressive-security-posture","text":"The Robot API enforces an aggressive security posture with IP blocking after 3 failed authentication attempts (10-minute lockout), variable rate limits calibrated to endpoint destructiveness (10/hr for destructive operations up to 5000/hr for queries), and HTTP Basic Auth requiring credential management per request.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-base-url","text":"The Hetzner Robot API base URL is `https://robot-ws.your-server.de`, distinct from the Cloud API at `api.hetzner.cloud`.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-error-response-format","text":"Robot API error responses use a structured `{ \"error\": { \"status\", \"code\", \"message\" } }` JSON format.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-http-basic-auth","text":"The Robot API uses HTTP Basic Auth with Robot panel credentials, not Bearer tokens or API tokens like the Cloud API.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-legacy-but-aggressive","text":"The Robot API combines legacy design conventions with aggressive security enforcement — HTTP Basic Auth over URL-encoded POST bodies, but with IP blocking after 3 failures and variable rate limits — creating an API that is simultaneously harder to integrate with and less forgiving of integration mistakes.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-legacy-design-patterns","text":"The Robot API uses legacy web conventions (HTTP Basic Auth, URL-encoded POST bodies, YAML via URL suffix) that contrast with the Cloud API's modern Bearer-token JSON design, reflecting its older dedicated-server heritage.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-manages-dedicated-servers-only","text":"The Robot API manages dedicated/bare-metal servers only; cloud VMs are managed through the separate Cloud API.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-post-urlencoded-not-json","text":"Robot API POST parameters use `application/x-www-form-urlencoded` encoding, not JSON request bodies.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"robot-api-rate-limits-range-10-to-5000","text":"Robot API rate limits vary per endpoint from 10/hr (destructive ops like MAC generation, WOL) to 5000/hr (IP/subnet queries).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null}],"count":29,"limit":20,"offset":0}