Remove succeeded field from firewall status. (#247)

* Remove `succeeded` field from firewall status.

The field is not set by metal-api anyway (see metal-stack/metal-api#209) and introduces a regression for migrated shoots.

* Update controller-registration.

example/controller-registration.yaml

@@ -5,10 +5,10 @@ metadata:
   name: provider-metal
 type: helm
 providerConfig:
-  chart: H4sIAAAAAAAAA+0ca2/bRjKf+SsWyhVoDyfqYVnOCcjhXMdt3UtswfalOBwOwYpcSYwoLrskbatp/vvNvsglRYqindhNyoEBk8uZ2dndmdmZfWiBmUsCwrrkLiZB5NGgGzJ647lQtCYx9nvPHgx9gKPDQ/EfoPhfPA8ORoPh4XA85uWD8UF/9AwdPrzqekiiGDOEnjFK4114dd+/UFjUjv/JErPY3uC1f986+ACPR6PK8R+OCuM/7A+Hh89Q/1M2tAr+5OOPQ+8tYXzcJ+hmYOEwzF779uCF/XfLJZHDvDAWhcfoJ+KvkcOVAs0pQ/GSoB+VEqE3XGPQVCkQSnXKCvCaTFCtslk3xcqfun++dqi3f5c69oI+pI46+z8cFv3/0cFRa/+PAr3egk4WXANwTJBt9+DvhgQuZb2FFy+Tme3QdU9rSfawxM6qp+m6Dg1iRn0flIaRhRfFUAqqZEdLlNcmZKs63p5eXp1dnKs3cofXoU96VXz47INO5MepjwMykdzOgjnDgJU4ccJ04S+UrQiTL5bV66EpyIoXRDktEuCZTyJktjtKwpAqh6YKvWAhfJtDGSNOjDLRUE40KzS5f3H+qt7+YwJDA50U3TsSbBz/DfsH/WEb/z0GNBn/d0vihzBB23HYKBas8f+D4XBcGP/huI3/Hgc+fOgil8y9gKAOD9I6qPvxo1UfqHE6mCYEtmUy8fGM+JENgaS9IhvJTrwkM8ICAnpke7THq8rxqGBxg/1EyfThA/ICx0/cVFIbKcIdgmzTFgXkXCaoAkPVL2raboUXgPIEDhHk9iXxCY6IfQ7ClUqWiuatYcKQkiHEv3hztMTRlMH3O9SJlnh4OJ5AtW959VAVx7djvEApRci8IJ6jzjfRP7+JipiMhDTyYso2u1hAG0kZw8m9GUJjjXYXB8QloU83axLEKspPlSPqQephdtdTW8WfB5r4fwiB5t5ijcOuGPwbCIso61IYzVvmxaRyjaAu/h+NDwr+/4gXtf7/EUB5n5xVvxUDe6HHVfq+3DLBygvcCQ/IQR/e4NDimuLiGE/AE8hUv9xblyuOIoogki5xpaJYOhnpmCcl7pyz/x0KQZdjNOLYWhxRY/Qur6UT9DtnsrPVeXaGU3vqIfukcC/7b7gaWGP/44PDov0fDEb91v4fAz6VYae68VmNWdaSmjAC6Ha74r/ZEKG4ttZjO1XtyFYMtNbbjk8TF6IP7IdLPBCM0i5Q6b7sjESm+1bBXyp+ju+BrIAZgBMBNNlCkLdQPhGlIKzjkJCXg2Dx9SYkkegqRn5NPEZc1Knhb28zQF6U0nfq5CujVyKLTtalDaUyKJuJYxKmcvwaNu0VoGhWLydI65slLIob1ihomtUpSfJTSrlWrbGzhMj5TMxgWs5cobCemP6HL4/tJK6czDhLEjuu1swI5kCg0K9chXEUnWvTL1TCKW1FYqeYWZcCOQaL9+JNPbVCNMYDO6skzCSJnCVxE79aEElgazxTDJf4Mb4KcBgtaTwlzKNuHZsSksysYdYg7DhxvVjLJ5cVS7ma6LbC06wwL7ymV6GfBKs9eOXwTWblKlSJLitaEuearkhQX5PGzGi5Qt3VEwq0XI0/UWVmdRVyxBzllLL9KDliRhn70em+PZrh5mo+Of7B45qXCxurapfImc292DY5nMTLvUY7Xu4zyHksyVZPf9fwJajoNqDLo5V4B5gqaBLw9fDTO75ITtg+gm8R7dGMnTSyyoDEt5Strhmezz0n8w3NRMlz2a6FKzfgBdg/l5i7HG09/yKzTDMGfWPa1RMFMM0atgQbCCq8b0nNJhNb05oNC6tMqIZXmLMo7tcrjKGGj4PLWw8cCZfsXjyBchfXf5HN/RmvyKbIu2AghSnTTRiN9tJMPfUJinr7qERPxxaz2OMxhlaiSp3NsyrQGc0d7hWniPR5mvj+FXEY4VOcQ13ivqLOSofPP19dnGtRC+iZNymlKuu4BhV+rXn7p4Im+X+2gNtsAaAu/x+NR8X8/2Dc5v+PAmbarFfiZQb8Kh3tvVcBPkvuH4VETPSM3Hhczp887r02r701BN+oL76EvufgKOcqVOEJd/Cy0ghk4Ut8E5VHxc7y9X5yjCUDbQmKgdEpIk4KAhqLRQLD+++5vJrOVhA9rqJkbSy1CyMsXzfNDcO3YgMH/cW+VlLa30PHT3G8RJ29Vu4734kmy80nkMGUqzDjVYi6c2noHsLWiLWnEr1I52mlSEJ6GsQY0mOWjlW3TrNVYMj7b4I6xdVjc4vs48fJ1me5UdbJ8+FT2JSCmubTY0kRph9z3U7Xaxy4mYZ1Ua/Eh0utWW5CwgzMvGc3T+0AT6jTxO2qcevOIZd52YPMuFfeNWq8esbaXJENryXkx3agnjte4CSMwdh0GeEvUEH0Mj/LK7nSZ0FtZ5RXm8CJzH7hNXm500DN68rT19a2CCjUQkMilwa7mQOorECQXGiK45SgyPtWHGFq3gJJVyf5LZktKV3pAU5d9ssdHruSOiIM3EiXh8+mVApLBdISaVrIITg314t4HGvoYq5x6nO2GsuTp/fUC1Dnb50qXqruMka/qE8VXEhwY1qW9AivT49fnV6+O319enJ9dnH+7vz4zenV9PjkNMVESJwT+IHR9cQoRGjuEd+9JPN8qSrn7m6STiN2Ogz3nTy0vGdvjn88fQvCXly+u3h7evnL5dn1lqwT1BMH1oydsV7pVtmuOYAPerTdYVpD5KgbNaded2shZx91EUsaMXWoP0HXJ9NiMsJIRBPmkJy6p4VlyVBG8TsKdmV4oteon6zJGx5OlDRZGoMh6pojyhGu950PHfGqXdUyYbZG3cBjBLsXgQ+zEThBUj3yfHw8hxzL9Pm8ft58jvhKSMDXgdMSrj7uMWTfxyWfULqg/iqBUGFxJdd04elM+FBVfHpHnMTcWHmu+kXEAVe5gE9/FB3Cgz/I+UEDIjNgyzC6aEU2lceC0oNDW3QIyQkBakVnQclnYX0lFfIq9ziElCeLaUh9utiIFY5O/nCSXv3RMYdU4K14p6CBjt76M13W3jt/Glwyx4kfv4GsfIJGw7761Ei991Pu5vLWGcsO2b/ChYQm+T/YK0yjLBFXQWaJuyD7LQTUnv8fHRXy/8Ph0bDN/x8DlEkuYvQtz8jKsufv0KB4BCgUeUnvZjADFdELBlPqvkrV43uhHn+MlQMIo/8d4Bvs+TwEFOyjZFbb4AevGHwJLqOJ/bMZdu5zEbDG/kf9rfM/w/7RUWv/jwH8+Ixp2WKM+cYgZd5v8obL6oWIJ7LTQXI7+5L6pIl9N7Fclvg8UunyUz0/MpqEImzpIuMkT/4Ij5UL9Tmq2nSP5IuxilBS0gMdiBP5Ib8IUFpmosuMO/ecfYboYqbE4c5QBKZeJB9uuTcRT2H6lITQl2S72WnTalst13HctDQvROevnW3mDqXM9QJzrLf5Cl9c4OZAulAmbTOGulz4efmtsEwFqPxF+GJ+BKu0X29rO7HTEf/4Ird4mKUUlTovCdy1J7KE3LUvEyH0DL00PqhtYMhTKrshnfSiwmsPciLse79p3YKIFRJP8RiJTa9UjWXwrbACN6SeRsz2azShSNtyL2oLNDJtBuyCbBXMwD6hJbI8w9j69J7O5ANEi9lDD7IUqaBJLO7WqYTfMQ/XqTqhSrrW/SQuD3jZV9WnIgDx9tJvdRDKjnAojKZ0HDhlPSvQERo52N81osAjhkDCh1ZrdDmGBebP5SnFLg9SvLnnoCqfp9Bi7KxKK5xDlnyLfT83YrcedxNNu0pvC9dVKbaN9+Dn7uGnAQcUlHlKn7LXJm70YbPY91J/P9tkBlWoNUDdPzsktNITqMY0WyMPRLPvwTkK7ZHEV7kVmk8TfD91qNLCZ4Am8b+aMhqnALX5f3+4ff+zvf/zKFB6/l95jz9G9h6Lc+jKG55Nc2n5fvv26TZFVx1/G40OREaf308QC6qYwRTTaHviqUfwYXAP+1ch4/5uoM7+h6NBwf5Hw357/udRYJf96+jhSd3AU3fQVw719i83rB7yA2A19n8wHBbP//VHR639PwrI80wiLdPnlyZosXQYT5aMPLDskFHhJyH47LmYIDFX8JQjNE43Hfu3eBNZlrnMPkEDK0sG0YePlmWcAlHX/dJFOrkGXzjZMkGHFiosz+1AlAt0uzhVHdCZoDn2I2JZ2wdSJui//7MKx0tEGaT4ZTuc/Cg637/11A2u58ZeZ4iTSJ6FEcckLLnPK7vo0hyg7KeZsk1f83Hm01lvjXnI1Jslnu/2BOuePCLNj3RZepvd4CpHfUHpwifvsiNykraL1+54pMjESHcO7H5HFaQ/3DawBwP77stu1WCrVZ1/vOQtG8oPtm1bVi4mnFjyVIQ+2sIjTMtJP5XfAy27BYpDYSAcqfc+ooHW1exGZimGuCs56MvNanWRcXDAX/P3Bblemhf+CncXsst+ukBf35OMczfy0vt4lt44375jZ1XfH0ovRkjLEvv2pbd7ShBLLujIlpVfo0kv0ah3kQWkLUyfiFEqb37IsSte9tsSqOQSX4nQ6WU7SzaAX5/TH8SdOP0yTcUzbq7pj+ommmXeISuprHj7K/XVsSiwCkOfu7RS2uHFyyXcX1fc5ai6yWGlvyskzUW3SsumLm63IV8LLbTQQgsttNBCCy200EILLbTQQgsttNBCCy200EILLbTQQgsttNBCA/g/cvhkmQB4AAA=
+  chart: H4sIAAAAAAAAA+0ca2/bOLKf9SsI9xbYPZzlRxynMNDDZdNsN3dtYiS5Lg6HQ0FLtK1aFrWUlMTb7X+/4UuiZMmykjbZdjUIEImaGQ7JmeEMH15g5pKAsC65i0kQeTTohozeeC4UrUmM/d6zB0Mf4OjwUPwHKP4Xz4OD0WB4OByPeflgfNAfPUOHD6+6HpIoxgyhZ4zSeBde3fevFBa143+yxCy2N3jt37cOPsDj0ahy/IejYX78h/3h8OgZ6n/OhlbBn3z8cei9I4yP+wTdDCwchtlr3x68sAd9yyWRw7wwFqXH6Gfir5HDtQLNKUPxkqDXSovQW64yaKo0CKVKZQV4TSaoVtusm63an7qHvm2ot3+XOvaCPqSOOvs/HBb9/9HB0WFr/48Bvd6CThZcA3BMkG334O+GBC5lvYUXL5OZ7dB1T2tJ9rDEzqqn6boODWJGfR+UhpGFF8VQCqpkR0uU1yZkqzrenV5enV2cqzdyh9ehT3pVfPjsg07kx6mPAzKR3M6COcOAlThxwnThL5StCJMvltXroSnIihdE+SwS4JlPImS2O0rCkCp/pgq9YCFcm0MZI06MMtFQTjQrNLl/dd6q3v5jAkMDnRTdOxJsHP8N+wf9YRv/PQY0Gf/3S+KHMD/bcdgoFqzx/4PhcFwY/+F42Pr/R4GPH7vIJXMvIKjDY7QO6n76ZNXHaZwOpgmBbZlMfDwjfmRDIGmvyEayEy/JjLCAgB7ZHu3xqnI8KljcYD9RMn38iLzA8RM3ldRGinCHINu0RQE5lwmqwFD1i5q2W+EFoDyBQwS5fUl8giNin4NwpZKlonlrmDCkZAjxL94cLXE0ZfD9DnWiJR4ejidQ7TtePVTF8e0YL1BKETIviOeo8130j++iIiYjIY28mLLNLhbQRlLGcHJvhtBYo93FAXFJ6NPNmgSxCvJT5Yh6kHqY3fXUVvHngSb+H0KgubdY47ArBv8GwiLKuhRG85Z5MalcI6iL/0fjg4L/P+JFrf9/BFDeJ2fV78TAXuhxlb4vt0yw8gJ3wgNy0Ie3OLS4prg4xhPwBDLTL/fW5YqjiCKIpEtcqSiWTkY65kmJO+fsf4dC0OUYjTi2FkfUGL3Pa+kE/c6Z7Gx1np3h1J56yD4r3Mv+G64G1tj/+OCwaP8Hg1G/tf/HgM9l2KlufFFjlrWkJowAut2u+G82RCiurfXYTlU7shUDrfW249PEhegD++ESDwSjtAtUui87I5HpvlXwl4qf43sgK2AG4EQATbYQ5C2UT0QpCOs4JOTlIFh8vQlJJLqKkV8TjxEXdWr429sMkBel9J06+crolciik3VpQ6kMymbimISpHL+GTXsFKJrVywnS+mYJi+KGNQqaZnVKkvyUUq5Va+wsIXI+EzOYljNXKKwnpv/hy2M7iSsnM86SxI6rNTOCORAo9CtXYRxF59r0C5VwSluR2Clm1qVAjsHivXhTT60QjfHAzioJM0kiZ0ncxK8WRBLYGs8UwyV+jK8CHEZLGk8J86hbx6aEJDNrmDUIO05cL9byyWXFUq4muq3wNCvMC6/pVegnwWoPXjl8k1m5ClWiy4qWxLmmKxLU16QxM1quUHf1hAItV+PPVJlZXYUcMUc5pWw/So6YUcZ+dLpvj2a4uZpPjn/yuOblwsaq2iVyZnMvtk0OJ/Fyr9GOl/sMch5LstXT3zV8CSq6DejyaCXeAaYKmgR8Pfz0ji+SE7aP4FtEezRjJ42sMiDxLWWra4bnc8/JfEMzUfJctmvhyg14AfbPJeYuR1vPv8gs04xB35h29UQBTLOGLcEGggrvW1KzycTWtGbDwioTquEV5iyK+/UKY6jh4+Dy1gNHwiW7F0+g3MX1X2Rzf8YrsinyLhhIYcp0E0ajvTRTT32Cot4+KtHTscUs9niMoZWoUmfzrAp0RnOHe8UpIn2eJr5/RRxG+BTnUJe4r6iz0uHzP68uzrWoBfTMm5RSlXVcgwq/1bz9c0GT/D9bwG22AFCX/4/Go2L+fzBu8/9HATNt1ivxMgN+lY723qsAXyT3j0IiJnpGbjwu588e916bN94agm/UF19C33NwlHMVqvCEO3hZaQSy8CW+icqjYmf5Zj85xpKBtgTFwOgUEScFAY3FIoHh/fdcXk1nK4geV1GyNpbahRGWr5vmhuF7sYGD/mJfKyntH6Hjpzheos5eK/edH0ST5eYTyGDKVZjxKkTduTR0D2FrxNpTiV6k87RSJCE9DWIM6TFLx6pbp9kqMOT9N0Gd4uqxuUX26dNk67PcKOvk+fApbEpBTfPpsaQI04+5bqfrNQ7cTMO6qFfiw6XWLDchYQZm3rObp3aAJ9Rp4nbVuHXnkMu87EFm3CvvGjVePWNtrsiG1xLyYztQzx0vcBLGYGy6jPAXqCB6mZ/llVzps6C2M8qrTeBEZr/wmrzcaaDmdeXpa2tbBBRqoSGRS4PdzAFUViBILjTFcUpQ5H0rjjA1b4Gkq5P8lsyWlK70AKcu++UOj11JHREGbqTLw2dTKoWlAmmJNC3kEJyb60U8jjV0Mdc49TlbjeXJ0wfqBajzt04VL1V3GaNf1KcKLiS4MS1LeoQ3p8evTi/fn745Pbk+uzh/f3789vRqenxymmIiJM4J/MToemIUIjT3iO9eknm+VJVzdzdJpxE7HYb7Th5a3rO3x69P34GwF5fvL96dXv5yeXa9JesE9cSBNWNnrFe6VbZrDuCDHm13mNYQOepGzanX3VrI2UddxJJGTB3qT9D1ybSYjDAS0YQ5JKfuaWFZMpRR/I6CXRme6DXqJ2vylocTJU2WxmCIuuaIcoTrfedDR7xqV7VMmK1RN/AYwe5F4MNsBE6QVI88Hx/PIccyfT6vnzefI74SEvB14LSEq497DNn3ccknlC6ov0ogVFhcyTVdeDoTPlQVn94RJzE3Vp6rfhFxwFUu4NMfRYfw4A9yftCAyAzYMowuWpFN5bGg9ODQFh1CckKAWtFZUPJZWF9JhbzKPQ4h5cliGlKfLjZihaOTP5ykV390zCEVeCveKWigo7f+TJe1986fBpfMceLHbyErn6DRsK8+NVLv/ZS7ubx1xrJD9m9wIaFJ/g/2CtMoS8RNkFniLsh+CwG15/9HR4X8/3B4NGzz/8cAZZKLGH3PM7Ky7PkHNCgeAQpFXtK7GcxARfSCwZS6r1L1+FGoxx9j5QDC6H8H+AZ7Pg8BBfsomdU2+MErBl+Dy2hi/2yGnftcBKyx/1F/6/zPsH/U3v97FODHZ0zLFmPMNwYp836TN1xWL0Q8kZ0OktvZl9QnTey7ieWyxOeRSpef6nnNaBKKsKWLjJM8+SM8Vi7U56hq0z2SL8YqQklJD3QgTuSH/CJAaZmJLjPu3HP2GaKLmRKHO0MRmHqRfLjl3kQ8helTEkJfku1mp02rbbVcx3HT0rwQnb92tpk7lDLXC8yx3uYrfHGBmwPpQpm0zRjqcuHn5bfCMhWg8hfhi/kRrNJ+va3txE5H/OOL3OJhllJU6rwkcNeeyBJy175MhNAz9NL4oLaBIU+p7IZ00osKrz3IibDv/aZ1CyJWSDzFYyQ2vVI1lsG3wgrckHoaMduv0YQibcu9qC3QyLQZsAuyVTAD+4SWyPIMY+vTBzqTDxAtZg89yFKkgiaxuFunEn7HPFyn6oQq6Vr3k7g84GVfVZ+KAMTbS7/VQSg7wqEwmtJx4JT1rEBHaORgf9eIAo8YAgkfWq3R5RgWmD+XpxS7PEjx5p6DqnyeQouxsyqtcA5Z8i32/dyI3XrcTTTtKr0tXFel2Dbeg5+7h58GHFBQ5il9yl6buNGHzWI/Sv39YpMZVKHWAHX/7JDQSk+gGtNsjTwQzX4A5yi0RxJf5VZoPk/w/dShSgtfAJrE/2rKaJwC1Ob//eLvfwzHw/b+z6NA6fl/5T3+GNl7LM6hK294Ns2l5fvt26fbFF11/G00OhAZfX4/QSyoYgZTTKPtiacewYfBPexfhYz7u4E6+x+OBgX7Hw377fmfR4Fd9q+jhyd1A0/dQd841Nu/3LB6yA+A1dj/wXBYPP/XHx219v8oIM8zibRMn1+aoMXSYTxZMvLAskNGhZ+E4LPnYoLEXMFTjtA43XTs3+JNZFnmMvsEDawsGUQfP1mWcQpEXfdLF+nkGnzhZMsEHVqosDy3A1Eu0O3iVHVAZ4Lm2I+IZW0fSJmg//7PKhwvEWWQ4pftcPKj6Hz/1lM3uJ4be50hTiJ5FkYck7DkPq/soktzgLKfZso2fc3HmU9nvTXmIVNvlni+2xOse/KIND/SZeltdoOrHPUFpQufvM+OyEnaLl6745EiEyPdObD7HVWQ/m7bwB4M7Luvu1WDrVZ1/v6St2woP9i2bVm5mHBiyVMR+mgLjzAtJ/1Ufg+07BYoDoWBcKTeh4gGWlezG5mlGOKu5KAvN6vVRcbBAX/N3xfkemle+CvcXcgu++kCfX1PMs7dyEvv41l643z7jp1VfX8ovRghLUvs25fe7ilBLLmgI1tWfo0mvUSj3kUWkLYwfSJGqbz5IceueNlvS6CSS3wlQqeX7SzZAH59Tn8Qd+L0yzQVz7i5pj+qm2iWeYespLLi7a/UV8eiwCoMfe7SSmmHFy+XcH9dcZej6iaHlf6ukDQX3Sotm7q43YZ8LbTQQgsttNBCCy200EILLbTQQgsttNBCCy200EILLbTQQgsttNBCCw3g/zA18G8AeAAA
   values:
     image:
-      tag: v0.18.9
+      tag: v0.18.10
 ---
 apiVersion: core.gardener.cloud/v1beta1
 kind: ControllerRegistration

pkg/apis/metal/types_infrastructure.go

@@ -42,6 +42,5 @@ type InfrastructureStatus struct {
 }
 
 type FirewallStatus struct {
-	Succeeded bool
 	MachineID string
 }

pkg/apis/metal/v1alpha1/types_infrastructure.go

@@ -42,6 +42,5 @@ type InfrastructureStatus struct {
 }
 
 type FirewallStatus struct {
-	Succeeded bool   `json:"succeeded"`
 	MachineID string `json:"machineID"`
 }

pkg/controller/infrastructure/actuator.go

@@ -96,7 +96,6 @@ func updateProviderStatus(ctx context.Context, c client.Client, infrastructure *
 				Kind:       "InfrastructureStatus",
 			},
 			Firewall: metalv1alpha1.FirewallStatus{
-				Succeeded: providerStatus.Firewall.Succeeded,
 				MachineID: providerStatus.Firewall.MachineID,
 			},
 		}}

pkg/controller/infrastructure/actuator_reconcile.go

@@ -19,7 +19,6 @@ import (
 	metalapi "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal"
 	"github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/helper"
 	metalgo "github.com/metal-stack/metal-go"
-	metalfirewall "github.com/metal-stack/metal-go/api/client/firewall"
 	mn "github.com/metal-stack/metal-lib/pkg/net"
 
 	extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller"
@@ -73,8 +72,6 @@ var (
 	firewallActionDeleteAndRecreate firewallReconcileAction = "delete"
 	// firewallActionDoNothing nothing needs to be done for this firewall
 	firewallActionDoNothing firewallReconcileAction = "nothing"
-	// firewallActionUpdateCreationProgress firewall creation has not yet succeeded
-	firewallActionUpdateCreationProgress firewallReconcileAction = "update-creation-progress"
 	// firewallActionCreate create a new firewall and write infrastructure status
 	firewallActionCreate firewallReconcileAction = "create"
 	// firewallActionStatusUpdateOnMigrate infrastructure status is not present, but a metal firewall machine is present.
@@ -154,7 +151,7 @@ func (a *actuator) Reconcile(ctx context.Context, infrastructure *extensionsv1al
 // TODO migrate to a state-machine or to a dedicated controller
 func reconcileFirewall(ctx context.Context, r *firewallReconciler) error {
 	// detect which next action is required
-	action, status, err := firewallNextAction(ctx, r)
+	action, status, err := firewallNextAction(r)
 	if err != nil {
 		return err
 	}
@@ -171,18 +168,7 @@ func reconcileFirewall(ctx context.Context, r *firewallReconciler) error {
 		r.logger.Info("firewall created", "cluster-id", r.clusterID, "cluster", r.cluster.Shoot.Name, "machine-id", r.providerStatus.Firewall.MachineID)
 
 		r.providerStatus.Firewall.MachineID = machineID
-		// TODO this is a BUG, see https://github.com/metal-stack/metal-api/issues/209
-		r.providerStatus.Firewall.Succeeded = true
 		return updateProviderStatus(ctx, r.c, r.infrastructure, r.providerStatus, &nodeCIDR)
-	case firewallActionUpdateCreationProgress:
-		succeeded, err := hasFirewallSucceeded(r.machineIDInStatus, r.mclient)
-		if err != nil {
-			return err
-		}
-
-		r.logger.Info("firewall creation in progress", "cluster-id", r.clusterID, "cluster", r.cluster.Shoot.Name, "succeeded", succeeded)
-		r.providerStatus.Firewall.Succeeded = succeeded
-		return updateProviderStatus(ctx, r.c, r.infrastructure, r.providerStatus, r.infrastructure.Status.NodesCIDR)
 	case firewallActionRecreate:
 		err := deleteFirewallFromStatus(ctx, r)
 		if err != nil {
@@ -196,8 +182,7 @@ func reconcileFirewall(ctx context.Context, r *firewallReconciler) error {
 		r.logger.Info("firewall created", "cluster-id", r.clusterID, "cluster", r.cluster.Shoot.Name, "machine-id", r.providerStatus.Firewall.MachineID)
 
 		r.providerStatus.Firewall.MachineID = machineID
-		// TODO this is a BUG, see https://github.com/metal-stack/metal-api/issues/209
-		r.providerStatus.Firewall.Succeeded = true
+
 		return updateProviderStatus(ctx, r.c, r.infrastructure, r.providerStatus, &nodeCIDR)
 	case firewallActionDeleteAndRecreate:
 		err := deleteFirewall(r.logger, r.machineIDInStatus, r.infrastructureConfig.ProjectID, r.clusterTag, r.mclient)
@@ -216,8 +201,6 @@ func reconcileFirewall(ctx context.Context, r *firewallReconciler) error {
 		}
 		r.logger.Info("firewall created", "cluster-id", r.clusterID, "cluster", r.cluster.Shoot.Name, "machine-id", r.providerStatus.Firewall.MachineID)
 		r.providerStatus.Firewall.MachineID = machineID
-		// TODO this is a BUG, see https://github.com/metal-stack/metal-api/issues/209
-		r.providerStatus.Firewall.Succeeded = true
 		return updateProviderStatus(ctx, r.c, r.infrastructure, r.providerStatus, &nodeCIDR)
 	case firewallActionStatusUpdateOnMigrate:
 		r.providerStatus.Firewall = *status
@@ -227,14 +210,10 @@ func reconcileFirewall(ctx context.Context, r *firewallReconciler) error {
 	}
 }
 
-func firewallNextAction(ctx context.Context, r *firewallReconciler) (firewallReconcileAction, *metalapi.FirewallStatus, error) {
-	if !r.providerStatus.Firewall.Succeeded && r.machineIDInStatus != "" {
-		return firewallActionUpdateCreationProgress, nil, nil
-	}
-
+func firewallNextAction(r *firewallReconciler) (firewallReconcileAction, *metalapi.FirewallStatus, error) {
 	firewalls, err := metalclient.FindClusterFirewalls(r.mclient, r.clusterTag, r.infrastructureConfig.ProjectID)
 	if err != nil {
-		r.logger.Error(err, "firewalls not found", "clustertag", r.clusterTag, "projectid", r.infrastructureConfig.ProjectID)
+		r.logger.Error(err, "unable to fetch cluster firewalls", "clustertag", r.clusterTag, "projectid", r.infrastructureConfig.ProjectID)
 		return firewallActionDoNothing, nil, &controllererrors.RequeueAfterError{
 			Cause:        err,
 			RequeueAfter: 30 * time.Second,
@@ -256,13 +235,12 @@ func firewallNextAction(ctx context.Context, r *firewallReconciler) (firewallRec
 			r.logger.Info("firewall exists but status is empty, assuming migration", "clusterid", r.clusterID, "machineid", r.machineIDInStatus)
 			return firewallActionStatusUpdateOnMigrate, &metalapi.FirewallStatus{
 				MachineID: encodeMachineID(*fw.Partition.ID, *fw.ID),
-				Succeeded: *fw.Allocation.Succeeded,
 			}, nil
 		}
 
 		if *fw.ID != r.machineIDInStatus {
 			r.logger.Error(
-				fmt.Errorf("machine id of this cluster's firewall differs from infrastructure status"),
+				fmt.Errorf("machine id of this cluster's firewall differs from infrastructure status, not reconciling firewall anymore"),
 				"leaving as it is, but something unexpected must have happened in the past. if you want to get to a clean state, remove the firewall by hand (causes downtime!) and reconcile infrastructure again",
 				"clusterID", r.clusterID,
 				"expectedMachineID", r.machineIDInStatus,
@@ -324,31 +302,8 @@ func firewallNextAction(ctx context.Context, r *firewallReconciler) (firewallRec
 	}
 }
 
-func hasFirewallSucceeded(machineID string, mclient *metalgo.Driver) (bool, error) {
-	resp, err := mclient.FirewallGet(machineID)
-	if err != nil {
-		switch e := err.(type) {
-		case *metalfirewall.FindFirewallDefault:
-			if e.Code() >= 500 {
-				return false, &controllererrors.RequeueAfterError{
-					Cause:        e,
-					RequeueAfter: 5 * time.Second,
-				}
-			}
-		default:
-			return false, e
-		}
-	}
-
-	if resp.Firewall == nil || resp.Firewall.Allocation == nil || resp.Firewall.Allocation.Succeeded == nil {
-		return false, fmt.Errorf("firewall %q was created but has no allocation", machineID)
-	}
-
-	return *resp.Firewall.Allocation.Succeeded, nil
-}
-
 func createFirewall(ctx context.Context, r *firewallReconciler) (machineID string, nodeCIDR string, err error) {
-	nodeCIDR, err = ensureNodeNetwork(ctx, r)
+	nodeCIDR, err = ensureNodeNetwork(r)
 	if err != nil {
 		r.logger.Error(err, "firewalls node network", "nodecidr", nodeCIDR)
 		return "", "", &controllererrors.RequeueAfterError{
@@ -550,7 +505,7 @@ func clearIPTags(mclient *metalgo.Driver, ip string) error {
 	return err
 }
 
-func ensureNodeNetwork(ctx context.Context, r *firewallReconciler) (string, error) {
+func ensureNodeNetwork(r *firewallReconciler) (string, error) {
 	if r.cluster.Shoot.Spec.Networking.Nodes != nil {
 		return *r.cluster.Shoot.Spec.Networking.Nodes, nil
 	}
@@ -684,7 +639,6 @@ func renderFirewallUserData(kubeconfig string) (string, error) {
 
 func deleteFirewallFromStatus(ctx context.Context, r *firewallReconciler) error {
 	r.providerStatus.Firewall.MachineID = ""
-	r.providerStatus.Firewall.Succeeded = false
 	err := updateProviderStatus(ctx, r.c, r.infrastructure, r.providerStatus, r.infrastructure.Status.NodesCIDR)
 	if err != nil {
 		return err