Back to index
4.14.0-0.nightly-2025-04-13-082712 Download the installer for your operating system or run
oc adm release extract --tools registry.ci.openshift.org/ocp/release:4.14.0-0.nightly-2025-04-13-082712 Team Approvals:
Tests:
Blocking jobs Informing jobs Upgrades from:
Upgrades to:
Loading changelog, this may take a while ...
Created: 2025-04-13 08:31:35 +0000 UTC
Image Digest: sha256:79324a308018e8cdbb738cc3edcd37c9ade339fce57ac63f545526ec87d5dedd
Components
New images
Removed images
openstack-machine-controllers
rhel-coreos-8
rhel-coreos-8-extensions
Rebuilt images without code change
apiserver-network-proxy git f56c606a sha256:69ab42f4ba6eabc22f9a4f66e87650962b8f5d712dfcf28ca66175c646ab1d2cmachine-os-content sha256:091181a7c871c029d8805d425c23d99de1d35b34e7d0dba4b6f84e7284a47e61
OCPBUGS-53691 : Bump jwt to 4.5.2 in release-4.14 (#7499) #7499 OCPBUGS-46941 : OCPBUGS-46184: Bump golang.org/x/net to 0.33.0 (#7200) #7200 OCPBUGS-15346 , OCPBUGS-15347 : Update version go-http-metrics and gin-gonic/gin (#6899) #6899 OCPBUGS-34641 : Invalid Pull-Secret when using password which contains a colon character (#6416) #6416 OCPBUGS-31631 : Deploy dual stack with IPv6 on top of bond/vlan fails (#6322) #6322 MGMT-17594 : Bump x/net to v0.24.0 to mitigate CVE-2023-45288 (#6216) #6216 MGMT-17549 : Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#6203) #6203 MGMT-17541 : Replace broken golangci reference (#6197) #6197 NO-ISSUE: replace postgres images as current one disappeared from quay (#6134) #6134
MGMT-16950 : changing dnsmasq configuration for sno in order to meet single ip installation flow for ibu (#5973) #5973 MGMT-16494 : Move ip hint file creation to ignition in order to change it in IBI process (#5974) #5974 MGMT-16517 : Add Env Var Deployment Type & Set ABI (#5987) #5987 MGMT-15796 : set CloudControllerManager to External for OCI (#5877) #5877 OCPBUGS-23069 : Ignore hostPrefix validation for plugins other than OVN/SDN (#5676) #5676 MGMT-15704 : One typo and one missing piece of config, discovered after MGMT-15704 merged (#5465) #5465 Bump OCP versions: 4.12 (#5467) #5467
MGMT-15653 : Validate domain in one place (#5451) #5451 MGMT-15704 : Assisted service should create Day2 import CR for hub cluster. (#5459) #5459 MGMT-15340 : Ensure vlan interface names will be <= 15 characters (#5389) #5389 NO-ISSUE: Add subsystem tests to platform support level (#5460) #5460
Bump OCP versions: 4.10 (#5463) #5463
Bump OCP versions: 4.13 (#5457) #5457
Bump OCP versions: 4.13, 4.11, 4.12 (#5454) #5454
MGMT-11456 : Bugfix - remove redundant code (#5372) #5372 Bump OCP versions: 4.11, 4.12, 4.13 (#5452) #5452
AGENT-694 : Support external platform type for agent installer (#5438) #5438 MGMT-15100 : Remove unused feature-support-levels API endpoint (#5450) #5450 Update RHTAP references (#5410) #5410
Fix setup_env.sh failure handling (#5442) #5442
Add BMH annotation keys to docs (#5444) #5444
OCPBUGS-17992 day2 skip install config overrides (#5439) #5439
Bump OCP versions: 4.12, 4.10 (#5441) #5441
MGMT-14881 : return a valid error when no disks has been found (#5430) #5430 MGMT-15595 : Make client a separate go module (#5434) #5434 MGMT-15177 : Align feature support level to support platform as filterable feature (#5424) #5424 Bump OCP versions: 4.12 (#5432) #5432
Bump OCP versions: 4.11, 4.13 (#5431) #5431
Use go 1.18 when setting up environment (#5422) #5422
NO-ISSUE: Bump k8s.io/klog/v2 from 2.70.1 to 2.100.1 (#5428) #5428
MGMT-15356 : Ensure filenames are distinct between openshift and manifest (#5382) #5382 MGMT-15491 : Validate vSphere disk.EnableUUID ignoring cluster platform (#5416) #5416 NO-ISSUE: Extend waiting time to test DB container to be ready (#5425) #5425
Bump OCP versions: 4.10 (#5423) #5423
Bump OCP versions: 4.13, 4.12 (#5421) #5421
OCPBUGS-17415 : Bump golang.org/x/net (#5417) #5417 MGMT-14933 : Validate hosts running in OCI (#5413) #5413 Ensure inspection is disabled on day-2 spoke node BMHs (#5406) #5406
MGMT-15423 : Change the user message from: ‘Host is not compatible with cluster platform %s; either disable this host or choose a compatible cluster platform (%v)’ to ‘Host is not compatible with cluster platform %s; either disable this host or discover a new, compatible host.’ (#5412) #5412 Don’t set detached for BMHs without infraenv label (#5414) #5414
RHTAPBUGS-318 : Fetch tag in RHTAP build (#5333) #5333 MGMT-15424 : parametrize envoy configmap name (#5411) #5411 Bump OCP versions: 4.12 (#5409) #5409
Bump OCP versions: 4.11 (#5407) #5407
MGMT-15335 : Fix missing state when trying to update to not supported platform (#5399) #5399 Bump OCP versions: 4.14 (#5403) #5403
Update RHTAP references (#5387) #5387
MGMT-15389 : add feature flag to enable/disable OKD support (#5400) #5400 MGMT-11949 : MGMT-12278: Update libksba and libxml2 (#5398) #5398 MGMT-15388 : Remove unsupported platforms from the supported-platforms endpoint (#5394) #5394 AGENT-557 : Split register into registerCluster and registerInfraEnv (#5376) #5376 MGMT-15339 : Run network config before NetworkManager (#5375) #5375 MGMT-15128 : Remove control plane machine set so that control-plane-machine-set operator would not go degraded due to placeholder credentials on installation. (#5378) #5378 MGMT-15047 : use installer to deploy on external platform (#5381) #5381 MGMT-15343 : dependabot remove docker (#5392) #5392 Bump OCP versions: 4.13, 4.10 (#5391) #5391
Don’t attempt to contact spoke while unbinding a day2 host (#5383) #5383
Update RHTAP references (#5374) #5374
MGMT-15128 : Remove control plane machine set so that control-plane-machine-set operator would not go degraded due to placeholder credentials on installation. (#5364) #5364 Bump OCP versions: 4.12 (#5384) #5384
MGMT-14793 : Assisted discovery core and root user shell should have (#5373) #5373 MGMT-15215 : Allow setting of UI specific data for a cluster (#5358) #5358 MGMT-15343 : dependabot group updates (#5379) #5379 MGMT-14923 : add OSImageVersion to InfraEnvSpec (#5365) #5365 Bump OCP versions: 4.13 (#5377) #5377
Update RHTAP references (#5370) #5370
OCPBUGS-16077 : Fix DNS validation (#5371) #5371 MGMT-11456 : kube-api should allow user to specify infraenv additional trust bundle (#5357) #5357 Bump OCP versions: 4.11, 4.12 (#5369) #5369
MGMT-15295 : Fixc bug in list manifests (#5366) #5366 MGMT-14015 : Custom manifest feature usage is never turning off (#5363) #5363 MGMT-14491 : Invalid node label returns error 500 instead of 400 (#5362) #5362 Update RHTAP references (#5328) #5328
Bump OCP versions: 4.14 (#5360) #5360
MGMT-15243 : Skip any zero size manifests when applying (#5355) #5355 Bump OCP versions: 4.12 (#5356) #5356
MGMT-14656 : Sort disks by HCTL after the other options (#5354) #5354 No-ISSUE: Revert “MGMT-14634: Ensure that empty manifest may not be added. (#5348)” (#5353) #5348
MGMT-15213 : temporary disable release-domain-name-resolved-correctly validation (#5351) #5351 MGMT-15073 : Cluster reset - only system generated manifests to be deleted (#5338) #5338 MGMT-15070 : Unable to change machine-network with dual stack (#5349) #5349 MGMT-14634 : Ensure that empty manifest may not be added. (#5348) #5348 MGMT-15150 : Use same installer binary for all platform types (#5334) #5334 MGMT-14851 : Update docs for allowing automatedCleaningMode (#5343) #5343 Bump OCP versions: 4.14, 4.12 (#5345) #5345
MGMT-14726 : Ensure that manifest filename does not contain spaces. (#5342) #5342 MGMT-15064 : Update is_external API description (#5336) #5336 Bump OCP versions: 4.10, 4.11 (#5339) #5339
MGMT-14852 : Allow AutomatedCleaningMode to be set by user (#5319) #5319 MGMT-14374 : update day2 master docs (#5335) #5335 MGMT-14620 Only emit succesful host creation message for pre install hosts (#5296) #5296
MGMT-14704 : Provide info on custom/vs non custom manifest in manifest endpoint. (#5278) #5278 MGMT-15114 : remove event for cluster registration failed (#5330) #5330 MGMT-15126 : Add missing incompatible features in some of the feature-support feature (#5327) #5327 MGMT-15107 : Bump version for hacking LSO catalog (#5323) #5323 Create an override annotation for the ironic agent image (#5310) #5310
OCPBUGS-13621 : Fix singular Ingress and API cluster VIPs removal (#5216) #5216 Don’t require key encipherment usage for approving CSRs (#5322) #5322
MGMT-13284 : Check for BMH CRD before creating controller (#5284) #5284 MGMT-14937 : Deprecate user_managed_networking attribute (#5317) #5317 Bump OCP versions: 4.14 (#5320) #5320
Bump OCP versions: 4.13, 4.10, 4.12 (#5316) #5316
NO-ISSUE: parametrize template to enable switching secrets (#5313) #5313
MGMT-14240 : Specify connect-timeout on curl (#5314) #5314 MGMT-15034 : Fix patch of infrastructure CR with external platform (#5312) #5312 MGMT-14979 : add sasl/scraml auth method for kafka notifications (#5299) #5299 MGMT-15025 : Forbid register Z architecture cluster with OCI platform (#5309) #5309 MGMT-15015 Provider IsHostSupported panic if platform is not found (#5306) #5306
OCPBUGS-13738 enforce additional ntp sources added into chrony (#5295) #5295
MGMT-14992 : Fix Minimal ISO set as default in s390x (#5302) #5302 MGMT-14631 : Removing leftover of support for openshift 4.8 (#5301) #5301 Bump OCP versions: 4.14, 4.11 (#5300) #5300
MGMT-14973 : Fix misleading logs showing wrong platform and user_managed_networking combination (#5298) #5298 MGMT-14975 : Update MCE operator installation to use stable-2.3 channel (#5297) #5297 MGMT-14769 : Enable upgrade agent by default (#5276) #5276 MGMT-14165 : AgentClusterInstall Webhooks improvements and fixes (#5275) #5275 Bump OCP versions: 4.13, 4.12 (#5293) #5293
MGMT-14730 : Validate that manifest file size does not exceed 1MB (#5281) #5281 MGMT-14883 : Fix feature-support validation fail to validate openshift version (#5290) #5290 MGMT-14904 : fix error code for ignition size validation (#5291) #5291 MGMT-14631 : Remove support for openshift 4.8 (#5221) #5221 Add tls config for the service monitor (#5282) #5282
Bump OCP versions: 4.12, 4.10 (#5288) #5288
Red Hat Trusted App Pipeline update assisted-service-q2vh (#5270) #5270
Bump OCP versions: 4.13 (#5280) #5280
OCPBUGS-7076 : Copy Day2 BMH if Agent is installing (#5250) #5250 OCPBUGS-14405 : Avoid panic if pull secret contains non-string (#5267) #5267 MGMT-13746 : validate discovery ignition size (#5273) #5273 MGMT-14830 : Enable TechPreviewNoUpgrade when platform is external (#5279) #5279 MGMT-13431 : patching bug - ODF storage class not recognizing all device sets (#5268) #5268 MGMT-14803 : Fix cluster update won’t fail on incompatible OLM operator dependency (#5264) #5264 MGMT-14600 : Prevent installing dual-stack vSphere on OCP version smaller than 4.13 (#5271) #5271 MGMT-14750 : Allow FC, ECKD, FBA drive types on s390x (#5269) #5269 MGMT-12186 : Add MCE operator plugin (#5203) #5203 Bump OCP versions: 4.11, 4.12 (#5265) #5265
MGMT-14781 : Make LSO operator to support all CPU architectures (#5262) #5262 Bump OCP versions: 4.13 (#5261) #5261
MGMT-14582 : Set OCI platform behind a capability (#5249) #5249 MGMT-13997 : Issues when using multiple bonds with CIM Assisted Installer (#5233) #5233 MGMT-13685 : Make sure ingress and api vip are not broadcast address. (#5256) #5256 MGMT-14723 : Fix randomly failing subsystem test (#5259) #5259 MGMT-14649 : Add feature support for OCI platform (#5244) #5244 NO-ISSUE: fixed misleading error message, the order of the host status was reverse (#5257) #5257
MGMT-14306 : Update host role validation to accept AutoAssign in Day2 (#5247) #5247 Delete the spoke BMH before removing the finalizer (#5239) #5239
MGMT-14723 : Remove duplicate operator cpu architecture validation (#5254) #5254 MGMT-14734 : Fix failed to update Nutanix provider cluster when on multi architecture (#5253) #5253 MGMT-14728 : Escape the escape char () (#5252) #5252 Bump OCP versions: 4.14 (#5251) #5251
MGMT-14721 : Get icsp-file from registries.conf for oc extract command (#5245) #5245 Bump OCP versions: 4.10 (#5248) #5248
Docs fix: ensure kubeconfig secret is created with a kubeconfig key. (#5246) #5246
MGMT-13938 : support external platform (#5143) #5143 Bump OCP versions: 4.11, 4.12 (#5243) #5243
MGMT-8097 : masters schedulable kube-api (#5240) #5240 Remove the detached annotation when BMH is being deleted (#5228) #5228
MGMT-13643 : added MaxLength to additional_trust_bundle (#5226) #5226 Bump OCP versions: 4.11, 4.12 (#5232) #5232
MGMT-14356 : Set 4.13 to default (#5230) #5230 Fix cpu partitioning struct tag/field (#5227) #5227
Force a BMH reboot when the infraenv image changes (#5212) #5212
MGMT-14416 : VipDhcpAllocation from update params should take precedence (#5209) #5209 Bump OCP versions: 4.13 (#5225) #5225
MGMT-14526 : Possible issue with validateNoWildcardDNS resolution validation (#5198) #5198 MGMT-14648 : Make “sufficient-masters-count - failed” subsystem test tolerate extra event. (#5223) #5223 Don’t panic on BMH delete when agents are unbound (#5219) #5219
NO-ISSUE: Wait for hostedcontrolplane to be created (#5218) #5218
NO-ISSUE: Fix install customization doc (#5217) #5217
MGMT-14610 : Wait for the hostedcontrolplane CR ready status instead of watching the ready status of all pods in the namespace (#5215) #5215 OCPBUGS-13081 : Support by-path root device hints (#5185) #5185 MGMT-14526 : Allow trailing dot (.) to be appended to domain name (#5208) #5208 OCPBUGS-13310 support setting CPUPartitioningMode with install config overrides (#5207) #5207
Bump OCP versions: 4.12, 4.13 (#5205) #5205
Deprovision when using converged and unbinding (#5199) #5199
OCPBUGS-13356 : Fix ‘vendor’ root device hint evaluation (#5197) #5197 MGMT-13977 : Disallow single character base domain (#5196) #5196 Updating ose-agent-installer-api-server images to be consistent with ART (#5026) #5026
MGMT-14530 : Changing event message filtering to escape wildcards %,_ and not be case sensetive (#5194) #5194 OCPBUGS-13250 : Fix disk name in generated HardwareDetails (#5193) #5193 MGMT-14370 : add OCP 4.14.0-ec.0 images (#5190) #5190 Podman README-disconnected requires 4.2 and not 3.3 (#5191) #5191
Bump OCP versions: 4.13 (#5189) #5189
MGMT-14425 : Changing event counts behavior (#5186) #5186 MGMT-14226 : Upgrade moby to 20.10.24 (#5153) #5153 Remove all spoke resources when deleting the node (#5161) #5161
Bump OCP versions: 4.12, 4.10 (#5182) #5182
MGMT-14507 : Exposing event headers for scripts (#5179) #5179 MGMT-14509 return 404 if cluster not found when host try to register (#5180) #5180
NO-ISSUE: Check whether is defined (#5178) #5178
NO-ISSUE: Override the control plane operator image only if explicitly asked to (#5176) #5176
MGMT-11424 : added validations for ignition cert (#5145) #5145 Bump OCP versions: 4.11 (#5173) #5173
Bump OCP versions: 4.13 (#5170) #5170
NO-ISSUE: Fixes the UI deployment (#5169) #5169
Update state machine graphs (#5168) #5168
MGMT-14462 : Allow to deploy assisted-service with all available images (#5167) #5167 NO-ISSUE Remove Approvers that are not longer in the group (#5166) #5166
Handle ironic URLs in dual stack hub and IPv6 spoke (#5163) #5163
MGMT-14449 : change creation time for hosts to one minute ago instead of now, to avoid race conditions in tests (#5160) #5160 MGMT-13890 : Drain before deprovisioning spoke nodes (#5110) #5110 Bump OCP versions: 4.10, 4.11 (#5157) #5157
MGMT-13955 : Add known issue regarding ignoring disk size validations (#5158) #5158 MGMT-14315 : Allow to install P and Z architectures with Single Node Openshift on 4.13 (#5147) #5147 NO ISSUE: use literal for cpu limits, to enable nulliable value (#5155) #5155
Bump OCP versions: 4.12 (#5151) #5151
MGMT-14389 : Update operator bundle channel (#5148) #5148 MGMT-14108 : add readiness probe initialDelaySeconds for assisted-service and assisted-image-service (#5150) #5150 MGMT-14137 : Create test flow for ZTP for node labeling and avoiding reboot for custom role (#5086) #5086 Bump OCP versions: 4.13 (#5149) #5149
MGMT-14396 : Get correct path for binary from mirror (#5141) #5141 NO-ISSUE: Fix grammar mistakes (#5146) #5146
MGMT-14395 : Day-2 domain name resolution step shouldn’t include release image domain (#5139) #5139 Cache must-gather images by architecture (#5140) #5140
MGMT-14298 : Set full ISO as default for Z architecture (#5136) #5136 Improve inaccurate ODF validation message (#5137) #5137
MGMT-14338 : add missing stream notifications (#5132) #5132 Bump OCP versions: 4.11 (#5135) #5135
Bump OCP versions: 4.10, 4.12 (#5131) #5131
Use contexts in spoke client (#5130) #5130
MGMT-13083 : limit the size of release binaries (#5120) #5120 NO-ISSUE: Currently, while trying to fetch events using cluster_id, host_ids and severities we don’t get severity filtered correctly because of the precedence of AND, OR in SQL. (#5123) #5123
MGMT-14239 : Enable UMN as default for Power arch (ppc64le) (#5127) #5127 MGMT-14266 : Fix unclear message when creating a P/Z cluster with OCP ver 4.10 (#5122) #5122 MGMT-10977 : Validate DNS server connection (#5102) #5102 MGMT-14242 : MGMT-14017: MGMT-14239: MGMT-14300: Fix multiple bugs (feature support and feature usage) (#5119) #5119 Add private SELinux label for volume mount content (#5109) #5109
Bump OCP versions: 4.11, 4.12, 4.13 (#5118) #5118
MGMT-14283 : Ignored validations - validation id “all” does not work (#5117) #5117 MGMT-14125 : Use systemd unit instead of dracut hook to configure network (#5107) #5107 MGMT-12301 : refator the progress bar to use state machine (#5103) #5103 Bump OCP versions: 4.13, 4.9, 4.12, 4.11, 4.10 (#5115) #5115
MGMT-13178 : As part of events pagination epic, this commit is about adding ‘order’ parameter so the client can request the events in the desired order, and changing the counting of events by severity to apply after the filtering (#5106) #5106 Bump OCP versions: 4.12, 4.13 (#5105) #5105
MGMT-14195 : Use clusterIdMatcher instead of gomock.Any() in inventory_test (#5104) #5104 MGMT-14161 : removing multi cpu architecture for infra envs (#5098) #5098 MGMT-13846 : Reject UserManagedNetworking true when cluster VIPs are set (#5071) #5071 MGMT-13888 : Remove spoke node on BMH delete (#5028) #5028 MGMT-14190 : Allow installing Power architecture with CMN and MinimalISO (#5101) #5101 MGMT-14026 : Add validation to ensure ignored validation ID exists (#5074) #5074 MGMT-13918 : Modify ignored validation should not be possible post-install (#5077) #5077 NO-ISSUE: Make DB transaction terminate function only when error (#4946) #4946
NO-ISSUE: Wrap VIP update in the DB around transaction (#4943) #4943
MGMT-13916 : Update enhancement doc for ignoring validations feature (#5095) #5095 Bump OCP versions: 4.10, 4.11, 4.13 (#5100) #5100
Add a function for setting annotations (#5099) #5099
Presently, in the PreNetworkConfig script, we are removing the default network manager configuration for a host in every case. This should be altered so that the default configuration is deleted only if custom nmstate configuration has been provided for the host. (#5044) #5044
MGMT-14078 : Add “unavailable” option to the support-level enum (#5062) #5062 MGMT-14150 : Update install-config to support multi vSphere data-centers (#5090) #5090 MGMT-14133 : Fix P/Z support level allows cluster with OLM operators. (#5088) #5088 MGMT-14017 : report accurate P/Z feature usage if multi (#5079) #5079 MGMT-14074 : Don’t run nmcli if not available (#5087) #5087 Bump OCP versions: 4.12, 4.9 (#5080) #5080
MGMT-13925 : Get the ironic URLs in reconcile rather than at startup (#5041) #5041 MGMT-14074 : Reload NM config after creation (#5066) #5066 Update cluster-baremetal-operator to 4.13 branch (#5078) #5078
NO-ISSUE: add release tag to notified events versions (#5068) #5068
MGMT-14109 : Set P and Z architectures support label as tech-preview on 4.12 (#5072) #5072 MGMT-13308 : Adding events pagination - Currently events are retrieved by the service as a list of events which match the query. This commit is implementing events pagination. (#4987) #4987 MGMT-14073 : Fix logging for event uploader (#5070) #5070 Remove README section about the assisted-service live iso (#5069) #5069
MGMT-14040 : Add log that shows event upload is running (#5054) #5054 Bump OCP versions: 4.11 (#5060) #5060
actually use the ENABLE_DATA_COLLECTION parameter (#5063) #5063
MGMT-14075 : Fix register cluster won’t fail when creating cluster with P or Z architectures on 4.12 (#5061) #5061 MGMT-14000 : Document support-level new API (#5053) #5053 Cleanup BMAC logging (#5055) #5055
Bump OCP versions: 4.12 (#5057) #5057
MGMT-13550 : Create day2 support for node labeling (#5042) #5042 OKD: bump to latest stable release (#5020) #5020
MGMT-14042 : Disable data collection for SaaS by default (#5056) #5056 Bump OCP versions: 4.13 (#5051) #5051
manifests: Add a shebang to NM dispatcher script (#5050) #5050
MGMT-12486 : Add ENABLE_DATA_COLLECTION environment variable to template.yaml (#5048) #5048 MGMT-13520 : filter out unnecessary validations for unbound host (#5023) #5023 MGMT-13862 : Return bed request on wrong feature-feature or feature-architecture combination. (#5039) #5039 MGMT-13947 : Revert assisted boot reporter service (#5035) #5035 Sparing the redirect for official k8s registry (#5033) #5033
MGMT-13596 : Add PATCH to the Manifests API (#5015) #5015 Bump OCP versions: 4.12, 4.13, 4.9, 4.8, 4.11, 4.10 (#5043) #5043
NO-ISSUE: remove the full ignition from log (#5032) #5032
OCPBUGS-8335 : Don’t wait for console if disabled (#5022) #5022 Update multi image names (#5016) #5016
ACM-4127 : Cache release images even if there is no matching OS image (#5027) #5027 MGMT-13957 : deny requests with query parameters matching node-boot. Directed at upload files (#5037) #5037 In case the converged flow is enabled and the assisted-service fails to get a valid ironic inspection URL it’s using the Ironic URL as default. (#5031) #5031
MGMT-13903 : Select inside machine CIDR for BMH (#5024) #5024 MGMT-13904 Add missing feature IDs. (#5030) #5030
MGMT-13913 : Fix empty features list when calling GET v2/support-levels/features (#5029) #5029 MGMT-13859 : notify when creating cluster and resources (#5013) #5013 Allow removing the agent when BMH is deleted (#4948) #4948
MGMT-13659 : Design a feature support mechanism that supports different feature-support criteria (#4989) #4989 MGMT-12486 : Implement data sending for on-prem deployments (#4880) #4880 Fix invalid character in feature-support enhancement (#5021) #5021
MGMT-13780 : Write a feature-support-level enhancement doc (#5000) #5000 MGMT-13398 omit BMH secret from day2 spoke worker (#5009) #5009
NO-ISSUE: display code coverage locally without mocks (#5011) #5011
bminventory: throw Bad Request error on arm64 Nutanix clusters (#4906) #4906
Revert “MGMT-13471: SNO installation with OCP 4.13 lacks proper dnsmasq configuration (#4939)” (#5012) #4939
NO-ISSUE: customize the image path for disk creation (#5010) #5010
MGMT-13445 : Update Assisted Installer with the new LVMS requirements (#4986) #4986 MGMT-12956 : Add feature IDs for ppc64le and s390x (#5008) #5008 add 4.13 multi ec.3 dev preview images (#5005) #5005
NO-ISSUE: Bump gorm.io/gorm from 1.23.8 to 1.24.5 (#5006) #5006
MGMT-13580 : GC orphan hosts (#4997) #4997 Make get_image_without_tag work when registry has a port (#5007) #5007
MGMT-13374 : support Nutanix in kube-api (#4996) #4996 Updating ose-agent-installer-api-server images to be consistent with ART (#4752) #4752
Revert “Increase timeout waiting for image-service (#4871)” (#5001) #4871
Use the correct env var for the hub release image mirror (#4998) #4998
MGMT-12547 : Enhancement doc “api-for-skipping-validations” (#4870) #4870 Add registry config for ironic agent image (#4995) #4995
MGMT-13274 : Update time-synced-between-host-and-service message to remove bad advice (#4994) #4994 MGMT-13521 : Clearer messaging when non-overlapping-subnets validation is pending. (#4993) #4993 MGMT-13204 : Implement skipping of host and cluster validations (#4907) #4907 MGMT-13708 : allow overriding image service image in subscription (#4985) #4985 MGMT-13454 : Group Host and boot logs to a single tarball (#4975) #4975 MGMT-13711 : it takes the assisted-service few minutes to notice that the cluster installation is completed (#4988) #4988 MGMT-13620 : Make worker to use custom MCP if it was set as part of the host DB record (#4976) #4976 MGMT-13549 : Day1 implementation for K8S node labels (#4972) #4972 NO-ISSUE: Add logs to supported-platforms (#4982) #4982
MGMT-13045 : Enhancement document for node labeling (#4826) #4826 MGMT-13682 : Gather host logs on failure in day2 flow (#4983) #4983 MGMT-13292 : Add the installed version of the OLM operators in the monitor operators response (#4961) #4961 MGMT-13471 : SNO installation with OCP 4.13 lacks proper dnsmasq configuration (#4939) #4939 MGMT-13487 : handle day2 cluster authz (#4973) #4973 NO-ISSUE: added ENABLE_ORG_TENANCY to deploy-test target (#4974) #4974
MGMT-11805 : docs/change-iso-password.sh lint (#4971) #4971 NO-ISSUE: Add scenarios to consider to enhancement template (#4964) #4964
MGMT-11805 : Dedicated .sh file for the docs/change-iso-password.sh script (#4970) #4970 MGMT-13526 : Fix wrong subscription name on pre-release versions (#4957) #4957 MGMT-13203 : Create REST points for validation ignore feature. (#4927) #4927 Allow Agent installer to use aarch64 (#4441) #4441
MGMT-13505 : allow to edit ignition url in kube-api (#4967) #4967 MGMT-13447 : Fix LVM subscription name is empty on SNO CNV (#4963) #4963 MGMT-13548 : add feature-support-level list for 4.13 (#4962) #4962 NO-ISSUE: Add destroy to deploy_capi_cluster.sh (#4960) #4960
MGMT-13302 : Return a bad request if the user wants to install not supported operator for arm64 cluster (#4930) #4930 MGMT-12535 : Service implementation for verify-vips (#4925) #4925 Remove references to edge-infrastrcuture/psql image (#4950) #4950
NO-ISSUE: Add logs to getOLMOperators LVm flow (#4959) #4959
MGMT-13462 : Fix disk encryption validation pending (#4958) #4958 Add automatic ShellCheck linting for assisted-boot-reporter.sh (#4945) #4945
MGMT-12329 : Implements assisted boot reporter and add to ignition (#4543) #4543 OKD: update to OKD 4.12 (#4922) #4922
Verify detached annotation (#4941) #4941
NO-ISSUE: skipper error when podman is missing (#4953) #4953
MGMT-13493 : stream model data instead of DB data (#4947) #4947 Enable converged flow by default (#4935) #4935
MGMT-13305 : Fix invalid lvms version installed on 4.11 (#4942) #4942 NO-ISSUE: add method to access log (#4944) #4944
MGMT-12714 : Define RAID drive type (#4937) #4937 Fix support_level value for 4.12 to fully supported (#4938) #4938
MGMT-13008 : ignition size validation on register infraenv (#4934) #4934 MGMT-13317 : missing transition on refresh when media is disconnected (#4931) #4931 MGMT-12996 : enhancement for dynamic OCP fetching (#4893) #4893 NO-ISSUE: Update 4.13 release images to ec.2 (#4933) #4933
MGMT-12193 : Add enhancement doc for collecting on-prem data (#4457) #4457 NO-ISSUE: rename event that was erroneusly named as InfraEnv (#4928) #4928
NO-ISSUE: explicitly declare timeout (#4926) #4926
MGMT-13432 : fire and forget kafka messages for event notification (#4924) #4924 remove testing log message (#4920) #4920
MGMT-13327 : MGMT-13300: Add support with 4.13 dev preview images (#4898) #4898 update lvm subscription and the min version for lvm (#4899) #4899
Disable installation on FC disks (#4918) #4918
MGMT-13229 : Allow setting Joined to sno installation stages (#4903) #4903 Revert “bm_inventory: use HTTPS if possible for day2 workers (#4150)” (#4781) #4150
MGMT-12697 : Add ENABLE_REJECT_UNKNOWN_FIELDS to SaaS template (#4916) #4916 MGMT-12292 : stream events to kafka stream (#4823) #4823 MGMT-12975 : Update 4.12 release image to use GA version (#4912) #4912 MGMT-13342 : Git fails to trust git repository because of mismatch with files (#4908) #4908 MGMT-12970 : don’t reset auto-assign for irrelevant hosts (#4891) #4891 bump version for hacking LSO catalog (#4753) #4753
Fix iPXE ZTP host connectivity during initramfs (#4902) #4902
MGMT-13138 : Improve messaging over host connectivity. (#4895) #4895 MGMT-12405 : Enclose API endpoint with brackets if IPv6 address (#4900) #4900 MGMT-13008 : validation for ignition image size (#4894) #4894 Setting minikube registry addon to use images from quay.io (#4897) #4897
MGMT-10785 : report failing cluster operators (#4864) #4864 BMH: add another fallback location for spoke’s root CA (#4883) #4883
MGMT-13240 : Create ip hint file in sno installation even if there is (#4892) #4892 MGMT-13271 : Update 4.12 release images to use the latest rc version (#4890) #4890 MGMT-12312 : Adds node-boot log type (#4529) #4529 NO-ISSUE: When comparing VIPs, compare only IPs (#4882) #4882
MGMT-12423 : Watch for Agent changes in ClusterDeployment (#4793) #4793 MGMT-7878 : storage config doc using MachineConfig manifest (#4873) #4873 inventory: limit allowed Nutanix versions in API (#4878) #4878
MGMT-12655 : Add installation disk ID to Agent’s status (#4865) #4865 MGMT-12655 : Set Agent’s installation disk ID only if hints exist (#4856) #4856 MGMT-10869 : Forbid multiple machine networks in single-stack clusters (#4867) #4867 MGMT-11979 : verify install-config for none platform (#4844) #4844 Increase timeout waiting for image-service (#4871) #4871
MGMT-11090 : Enhancement Doc: Assisted boot-reporter service (#4444) #4444 MGMT-12294 : Run subsystem with deterministic openshift version (#4567) #4567 MGMT-13192 : dualstack SNO cluster fails to complete - getting error (#4869) #4869 Add ppc64le & s390x RHCOS ISOs to configmap - rebase (#4796) #4796
MGMT-13081 : Re-enable and fix a negative NNState subsystem test (#4866) #4866 MGMT-12273 : Updated logging in PreNetworkConfig script. (#4859) #4859 MGMT-13081 : CI to use CentOS8 (#4845) #4845 MGMT-12894 : Use the hub release image when determining the ironic agent image (#4798) #4798 MGMT-12951 : change log message from lvmo to lvms (#4857) #4857 MGMT-13170 : Fix nil pointer dereference in validation if host inventory is nil (#4861) #4861 MGMT-13132 : Respond with 409 when rejecting registration (#4858) #4858 MGMT-12978 : Handle multiple images with the same OCP version (#4817) #4817 MGMT-13080 : [Nutanix] - UMN and machine_network = [] - bootstrap is in insufficient (#4847) #4847 NO-ISSUE: Small numbering issue in doc, amendment (#4852) #4852
MGMT-12154 : Updating documentation to make Day 2 import process clearer. (#4848) #4848 NO-ISSUE: Bump golang.org/x/sys from 0.1.0 to 0.3.0 (#4850) #4850
NO-ISSUE: Bump github.com/go-openapi/spec from 0.20.6 to 0.20.7 (#4851) #4851
MGMT-13040 : Check cluster state before delete (#4849) #4849 MGMT-13098 : fix missing networks on V2GetClusterInstallConfig (#4842) #4842 NO-ISSUE: improve UpdateMachineCidr (#4846) #4846
MGMT-12794 : allow to edit ProvisionRequirement post install (#4843) #4843 MGMT-12875 : fail gracefully when konnectivity is missing (#4830) #4830 MGMT-6536 : select default cidr in SNO based on default route metrics (#4770) #4770 MGMT-12535 : Swagger changes for vip verification (#4841) #4841 Revert “MGMT-12794: allow to edit ACI post install (#4831)” (#4839) #4831
MGMT-13080 : UMN if machine cidr not set no need to validate bootstrap (#4835) #4835 NO-ISSUE: Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.4.3 (#4834) #4834
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.2 to 0.21.3 (#4833) #4833
MGMT-12794 : allow to edit ACI post install (#4831) #4831 MGMT-11979 : verify install-config manifest in subsystem (#4816) #4816 NO-ISSUE: disable invalid nmstate test (#4832) #4832
NO-ISSUE: Pass HA mode of the cluster to network validations (#4774) #4774
MGMT-12743 : adds enhancement proposal for shorter image URLs (#4703) #4703 MGMT-13038 : Git fails to trust git repository because of mismatch with files (#4822) #4822 MGMT-13036 : add emptyDir mount for filesystem cache and ephemeral-storage policy (#4821) #4821 MGMT-12755 : Disallow periods in cluster name (#4778) #4778 NO-ISSUE: Bump github.com/aws/aws-sdk-go from 1.44.51 to 1.44.163 (#4818) #4818
Provide the inspector URL to the ironic ignition builder (#4779) #4779
NO-ISSUE: Move SaaS networking documentation to Telco Docs (#4429) #4429
NO-ISSUE: Bump github.com/go-openapi/swag from 0.21.1 to 0.22.3 (#4813) #4813
MGMT-12978 : Append -multi suffix to multi-arch images in SupportedVersions (#4811) #4811 MGMT-12880 : Update the wording of statusRebootTimeout (#4805) #4805 MGMT-12911 : Update assisted service operator docs with new icsp behavior (#4804) #4804 MGMT-12950 : Disable compatible agent validation while installing (#4791) #4791 MGMT-12971 : remove 4.12.0.0-0 as openshift hardcoded version in host monitor loop (#4806) #4806 Bump OCP versions: 4.8, 4.11 (#4807) #4807
NO-ISSUE: Bump github.com/stretchr/testify from 1.7.2 to 1.8.1 (#4535) #4535
NO-ISSUE: Changing the way we handle an error from ‘updateNetworkParams’ from returning ‘nil, err’ to ‘cluster, err’ (#4714) #4714
NO-ISSUE: Add multiarch OCP 4.12 release images (#4795) #4795
NO-ISSUE: Add danmanor to approvers (#4801) #4801
MGMT-12445 : Update host install progress response (#4787) #4787 MGMT-12697 : Reject unknown json fields (#4794) #4794 MGMT-12366 : Automatically calculate 2nd Machine Network from 2nd VIP (#4761) #4761 MGMT-12591 : setting lvmo on non-SNO cluster should return bad request (#4742) #4742 MGMT-12237 : Limit upgrade agent events (#4786) #4786 Bump OCP versions: 4.10 (#4789) #4789
MGMT-12886 : fetch CRDs by group in HASC ctrl (#4768) #4768 OCPBUGS-2953 : Fix regex to filter images by tag and by sha (#4767) #4767 Refactor the versions handler into a proper cache (#4645) #4645
MGMT-12870 : Add missing dual-stack VIP CRUD for KubeAPI (#4755) #4755 NO-ISSUE: reduce build image size (#4775) #4775
MGMT-12433 : remove text minimum Size 0GB in lvm (#4772) #4772 Document the ironic agent image behavior for converged flow (#4771) #4771
NO-ISSUE: Added ZTP workflows to hive integration README.md (#4762) #4762
MGMT-12471 : Don’t wait for console if it is disabled (#4594) #4594 Set infra-env kernel params on preprovisioning image (#4757) #4757
NO-ISSUE: use two logger instance for generic and ocm logging (#4734) #4734
NO-ISSUE: extract client from reconcile context (#4720) #4720
Update cluster-baremetal-operator and use GetIronicIP from there (#4491) #4491
Bump OCP versions: 4.12, 4.9 (#4764) #4764
NO-ISSUE: Set the correct RAM size in BMH HardwareDetails (#4453) #4453
TELCODOCS-831 : Document capabilities exclusion (#4213) #4213 OCPBUGS-1683 : Assisted-install failing with None platform when multiple IP interfaces configured (#4750) #4750 oMGMT-12169: Changing the cluster’s validation message when disks size is not sufficient (#4729) #4729
NO-ISSUE: edit HASC enhancement doc (#4756) #4756
MGMT-9915 : Fix sample CRs for dual-stack VIPs (#4758) #4758 MGMT-12759 : Reinstate assisted NMState Go binding (#4698) #4698 MGMT-9915 : Prepare sample CRs for dual-stack VIPs (#4754) #4754 NO-ISSUE: Fix wrong unit test for CIDR autoallocation (#4736) (#4459) #4736
MGMT-12366 : Allow to use UpdateMachineCidr for multiple networks (#4747) #4747 MGMT-12863 : Assisted Spoke install-config does not generate icsp with multiple mirror to entries (#4745) #4745 Use policy/v1 for pod disruption budget (#4746) #4746
Split the os versions handling from the release image handling (#4737) #4737
Bump OCP versions: 4.12 (#4741) #4741
OKD-90 : execute should throw a warning (#4739) #4739 OCPBUGS-4493 : do not mutate ACI post installation start (#4723) #4723 NO-ISSUE: Fix wrong unit test for CIDR autoallocation (#4736) #4736
Use the cluster version when extracting the ironic agent image from a release (#4727) #4727
NO-ISSUE: Explicitly finish mock controllers in cluster transition tests (#4617) #4617
MGMT-12648 : Update operator bundle channel (#4732) #4732 MGMT-12634 : Create new allow-add-hosts endpoint (#4661) #4661 Move API handlers to a separate struct (#4728) #4728
MGMT-11506 : Present a more useful validation message for packet loss (#4717) #4717 NO-ISSUE: Verify that GORM embedded structure is always part of containing structure (#4730) #4730
MGMT-12662 : Add API documentation for Live ISO kernel arguments customization (#4669) #4669 MGMT-9915 : Enhancement for dual-stack VIPs (#4245) #4245 MGMT-12423 : Use pointers when collecting Agents from ACI (#4570) #4570 Bump OCP versions: 4.11 (#4722) #4722
NO-ISSUE: Bump github.com/moby/moby (#4721) #4721
MGMT-12400 : enable pprof when debug mode for memory profiling (#4712) #4712 MGMT-12797 : Missing dual-stack VIP values in SNO cluster (#4710) #4710 MGMT-12749 : BMH: add fallback location for spoke’s root CA (#4696) #4696 OKD: extract manifests if available (#4715) #4715
MGMT-11455 : Add formal API to allow users to set an additional trust bundle (#4447) #4447 MGMT-12806 : Allow registration when pending for input (#4718) #4718 MGMT-10376 : Adding a feature usage flag for setting UserManagedNetworking flag in a non-SNO configuration (#4579) #4579 MGMT-11386 : approve day2 CSRs for an agent without BMH (#4691) #4691 Bump OCP versions: 4.8 (#4702) #4702
MGMT-12423 : Additional debug logs when collecting Agents from ACI (#4704) #4704 MGMT-11536 : refresh cluster after host deletion (#4666) #4666 MGMT-12388 : Forbid dual-stack VIPs for OpenShift pre-4.12 (#4694) #4694 docs: add platform integration enhancement (#4192) #4192
NO-ISSUE: move grafana dashboards to other repository (#4701) #4701
Bump OCP versions: 4.10, 4.12 (#4693) #4693
NO-ISSUE: Enable state machine documentation (#4680) #4680
Remove ValidateAccessToMultiarch function (#4630) #4630
Revert “MGMT-11506: Present a more useful validation message for packet loss (#4358)” (#4695) #4358
MGMT-12666 : Document Unauthenticated Registries (#4692) #4692 MGMT-12616 : Reject register after install (#4665) #4665 MGMT-12723 : Fix log formatting in inventory.go (#4679) #4679 MGMT-12635 : Add icsp-file support for all oc commands (#4684) #4684 MGMT-12627 : Add Multiple VIPs support for state machine validators (#4643) #4643 MGMT-12389 : Add feature usage for dual-stack VIPs (#4596) #4596 MGMT-12360 : Pass multiple VIPs down to install-config on OCP >=4.12 (#4573) #4573 MGMT-12684 add envoy as sidecar to produce access log (#4670) #4670
Small doc addition for OLM operator plugins (#4689) #4689
Bump OCP versions: 4.11 (#4688) #4688
MGMT-12355 : API and Ingress VIPs CRUD implementation (#4568) #4568 bm_inventory: use HTTPS if possible for day2 workers (#4150) #4150
NO-ISSUE: Bump github.com/go-openapi/errors from 0.20.2 to 0.20.3 (#4681) #4681
MGMT-12678 : Deprecate API and Ingress VIP (Singular) (#4668) #4668 NO-ISSUE: add unauthenticatedRegistries to HASC on deploy (#4676) #4676
MGMT-11813 : how to install HASC doc (#4663) #4663 Bump OCP versions: 4.11 (#4674) #4674
MGMT-12686 : Allow installing on FC disks (#4671) #4671 Bump OCP versions: 4.9 (#4667) #4667
MGMT-8789 : Improve UX setting PUBLIC_CONTAINER_REGISTRIES (#4552) #4552 MGMT-12466 : Add feature usage for discovery kernel arguments (#4659) #4659 MGMT-12379 : PlatformType is not validated when installing SNO cluster. (#4656) #4656 Bump OCP versions: 4.12, 4.10 (#4662) #4662
NO-ISSUE: log build version (#4658) #4658
OKD-90 : Support automated extraction of OKD RPMs (#4650) #4650 MGMT-12332 : Kube API subsystem tests for kernel arguments (#4647) #4647 MGMT-12552 : Add UT for day-2 agent status updates (#4657) (#4660) #4657 MGMT-12552 : Add UT for day-2 agent status updates (#4657) #4657 MGMT-11506 : Present a more useful validation message for packet loss (#4358) #4358 MGMT-12592 : added webhooks tests to hypershift e2e (#4648) #4648 MGMT-12552 : Day-2 agent stuck with status_info rebooting although the node is already part of the cluster (#4652) #4652 MGMT-11740 : WebHook configuration in HASC (#4582) #4582 MGMT-12605 : Remove duplicated tests: Dual-stack UpdateCluster (#4644) #4644 NO-ISSUE: Explicitly finish mock controller in host tests (#4632) #4632
Bump OCP versions: 4.10, 4.8 (#4646) #4646
MGMT-11810 : added deploy_hypershift_cluster script (#4577) #4577 MGMT-8357 : change ‘local’ deployment method to ‘minikube’ (#4642) #4642 NO-ISSUE: Explicitly finish mock controller in host command tests (#4633) #4633
NO-ISSUE: Explicitly finish mock controller in host transition tests (#4631) #4631
MGMT-12500 : DPU cpu arch can be aarch64 and not arm64, adding aarch64 to (#4628) #4628 NO-ISSUE: Explicitly finish mock controller in cluster tests (#4618) #4618
MGMT-12318 : improve condition message of missing secret (#4641) #4641 Versions tech debt cleanup (#4640) #4640
MGMT-11087 : Replaced HPP with ODF LVMO on CNV for a single-node … (#4434) #4434 MGMT-12555 : Try avoid deadlocks when updating cluster or host (#4624) #4624 NO-ISSUE: add stage logs to grafana (#4638) #4638
MGMT-12332 : Subsystem tests for discovery kernel arguments (#4616) #4616 NO-ISSUE: Explicitly finish mock controller in ignition tests (#4634) #4634
NO-ISSUE: fix attach-disk failure (#4629) #4629
MGMT-12318 : added conditions for spoke kubeconfig secret (#4623) #4623 nutanix: remove worker MachineSet too (#4621) #4621
MGMT-8357 : Support kind hub-cluster (#4613) #4613 MGMT-12435 : Add a way to apply patches to core manifests (#4583) #4583 Disable converged flow by default (#4626) #4626
Describe openshift_version in os_image better (#4620) #4620
MGMT-12068 : kube api support for discovery kernel arguments (#4566) #4566 MGMT-12572 : Remove duplicated tests: V2UpdateCluster (#4625) #4625 MGMT-12552 : Day-2 agent stuck with status_info rebooting although the node is already part of the cluster (#4610) #4610 MGMT-12489 : We should validate that inventory is not nil while returning (#4611) #4611 NO-ISSUE: Bump github.com/google/go-cmp from 0.5.8 to 0.5.9 (#4615) #4615
MGMT-12557 : remove duplicated unit tests: monitored operators (#4612) #4612 MGMT-12545 : Rename “discovery kernel arguments” to “kernel argument” in infra-env context (#4605) #4605 MGMT-12492 : update statusRebootTimeout info message to ask the user to (#4586) #4586 Bump OCP versions: 4.12 (#4608) #4608
MGMT-12299 : Changing the message user sees when the cluster doesn’t contain the correct composition of control plane nodes and workers (#4537) #4537 OCPBUGSM-46219 : OCPBUGSM-46220: Update golang version to 1.18.1. (#4598) #4598 MGMT-12478 : AgentClusterInstall remains in installed state when using ignitionEndpoint (#4604) #4604 MGMT-12500 : Add AI support for a DPU worker (#4588) #4588 Bump OCP versions: 4.10, 4.11 (#4602) #4602
MGMT-12528 : Disable network scanning for very large IPv4 subnets (#4601) #4601 NO-ISSUE: add warning and info panel to log dashboard (#4572) #4572
MGMT-12507 : Remove duplicated unit tests: RegisterHost and GetNextSteps (#4595) #4595 MGMT-9915 : Create utility functions to get cluster’s VIPs (#4575) #4575 MGMT-12098 Remove legacy auto reset host (#4599) #4599
MGMT-12053 : Add support for aditional kernel arguments when serving iPXE (#4541) #4541 MGMT-12522 Fix unit test DB connection failure (#4597) #4597
Remove useless getReleaseImage function (#4593) #4593
Allow nightly 4.12 builds to use the converged flow (#4592) #4592
MGMT-12389 : Create flag for per-version support of dual-stack VIPs (#4565) #4565 MGMT-12354 : Migrate single VIP values to the new data structure (#4562) #4562 MGMT-12423 : Add debug logs for counting unsynced agents (#4571) #4571 MGMT-12398 : Regression fix: Move host stage to “Done” only when not in KubeAPI mode. (#4587) #4587 MGMT-12462 : Fix assisted-service swagger file (#4580) #4580 Remove redundant boto3 dependency (#4585) #4585
NO-ISSUE: Rename misleading network utility function (#4574) #4574
Bump OCP versions: 4.9 (#4576) #4576
MGMT-12305 : Fix a vulnerability which could cause a denial of service on version v0.3.7 of golang.org/x/text/language. (#4525) #4525 MGMT-12422 : Fix bm platform update failure when cluster platform different from bm/none (#4564) #4564 MGMT-12363 : Changing the message which the service sends when the right amount of dedicated control plane nodes is achieved (#4546) #4546 MGMT-12425 : Removal of problematic validation. (#4563) #4563 NO-ISSUE: add logs dashboard (#4569) #4569
MGMT-12083 : Create enhancement document for discovery kernel parameters (#4420) #4420 Bump OCP versions: 4.10, 4.11 (#4561) #4561
MGMT-12318 : handle conditions in HASC (#4555) #4555 MGMT-12353 : Add dual-stack VIP fields to the Rest API (#4548) #4548 Ensure the preprovisioningimage arch matches the infraenv (#4520) #4520
MGMT-11752 : enhancement doc: ai on zero worker hypershift (#4325) #4325 MGMT-9023 : Add hyperthreading feature usage (#4514) #4514 MGMT-11805 : Don’t go through the API for setting a discovery password (#4560) #4560 Add url auth for getting a single infra-env (#4559) #4559
NO-ISSUE: add initialDelaySeconds for readiness probe (#4557) #4557
MGMT-12380 : Improve message of vip validation failure (#4553) #4553 MGMT-12368 : Verify that Kernel Arguments API does not change in the future (#4547) #4547 MGMT-12056 : changing the default behavior of the network type for the CD/ACI controller - following OCP move to default OVNKubernetes network type from version 4.12 or higher, AI should install clusters accordingly (#4485) #4485 MGMT-12353 : Add dual-stack VIP fields to the KubeAPI (#4549) #4549 NO-ISSUE: Document how to add OCM capabilities (#4528) #4528
Bump to 4.12.0-ec.5 (#4554) #4554
MGMT-12214 : extract reconciler logic for using HASC (#4540) #4540 MGMT-11750 : ensure namespace exists on spoke cluster (HASC) (#4534) #4534 Bump OCP versions: 4.8 (#4550) #4550
Full changelog
Bump golang.org/x/net to v0.33.0 (#1012) #1012
OCPBUGS-15347 : Update version go-http-metrics/gin (#933) #933 MGMT-17594 : Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#834) #834 MGMT-17591 : Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#830) #830 MGMT-16843 : Ensure valid hostname during install (#794) #794 OCPBUGS-20049 : Remove uninitialized taint for agent-based installs (#753) #753 NO-ISSUE: dependabot exclude k8s (#706) #706
OCPBUGS-16482 : bump golangci-lint to 1.53.1 (#702) #702 OCPBUGS-4240 : allow controller to complete for agent-based installs (#700) #700 MGMT-15235 : Compile with CGO_ENABLED=1 for amd64 (#699) #699 Revert “MGMT-15235: Compile with CGO_ENABLED=1 for FIPS (#683)” (#693) #683
OCPBUGS-17252 : Bump golang.org/x/net/html (#695) #695 Updating ose-agent-installer-orchestrator images to be consistent with ART (#652) #652
MGMT-15343 : dependabot group updates (#692) #692 MGMT-15344 : Assisted-controller should not timeout on waiting cvo by itself (#688) #688 MGMT-15235 : Compile with CGO_ENABLED=1 for FIPS (#683) #683 MGMT-13586 : Wait for ETCD Bootstrap to complete (#670) #670 NO-ISSUE: Remove slaviered from project OWNERS (#669) #669
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.7 (#663) #663
Updating ose-agent-installer-csr-approver images to be consistent with ART (#651) #651
MGMT-14299 : Limit untaint nodes to vsphere/nutanix (#660) #660 NO-ISSUE: Add javipolo to approvers (#659) #659
MGMT-12967 : Create network policy in assisted-installer namespace (#658) #658 NO-ISSUE: Bump github.com/onsi/gomega from 1.24.2 to 1.27.5 (#656) #656
MGMT-14114 : Nutanix - uninitialized set on nodes (#653) #653 NO-ISSUE: controller logs optimizations (#646) #646
NO-ISSUE: Bump golang.org/x/sync (#644) #644
MULTIARCH-3387 : Set boot device to target disk for powervm (#626) #626 MGMT-13710 : assisted-installer-controller hangs for 2 minutes before uploading the ingress CA (#638) #638 NO-ISSUE: Bump golang.org/x/net from 0.5.0 to 0.7.0 (#640) #640
NO-ISSUE: Replace iotil by os and io in order to fix lint issues (#642) #642
NO-ISSUE: Bump openshift/release from golang-1.18 to golang-1.19 (#612) #612
MGMT-13568 : Add pause mcp while setting new role labels (#623) #623 MGMT-13292 : Add the installed version of the OLM operators in the monitor operators response (#622) #622 Remove uninitialized taint from vSphere nodes (#629) #629
OCPBUGS-7149 : IPv6 multinode spoke no moving from rebooting/configuring stage (#627) #627 MGMT-13507 : Apply node labels only when node is Ready (#620) #620 MGMT-13463 : Assisted-controller can fail to send summary logs and we will not have any logs (#619) #619 MGMT-10785 : report failing cluster operators controller -> service (#617) #617 MGMT-13229 : SNO: Start controller when node is not ready, right after joined (#613) #613 MGMT-13385 : Installation fail due to race condition in etcd bootstrap strategy (#618) #618 MGMT-13131 : shorten SNO installation duration (#615) #615 NO-ISSUE: Bump golang.org/x/net from 0.4.0 to 0.5.0 (#611) #611
MGMT-13141 : assisted-installer-controller shouldn’t try to update BMH if (#610) #610 Updating ose-agent-installer-orchestrator images to be consistent with ART (#588) #588
NO-ISSUE: Bump github.com/operator-framework/api from 0.17.1 to 0.17.3 (#609) #609
MGMT-12908 : Labeling nodes as quick as possible and fixing hostname possible issue (#601) #601 NO-ISSUE: Bump github.com/thoas/go-funk from 0.9.2 to 0.9.3 (#608) #608
Bump assisted-service to v1.0.10-0.20221222230528-2b0f66c4cdcd (#604) #604
NO-ISSUE: Bump github.com/operator-framework/api from 0.17.2 to 0.17.3 (#603) #603
MGMT-12339 : Update host install progress on cleanup error (#597) #597 MGMT-12984 : Add more logs to LVM cleanup (#600) #600 NO-ISSUE: Bump github.com/onsi/gomega from 1.24.1 to 1.24.2 (#599) #599
MGMT-12339 : Add extra step to force clean disks with LVM volumes (#583) #583 Remove jira tickets prefix requirements (#594) #594
NO-ISSUE: Bump golang.org/x/net from 0.2.0 to 0.4.0 (#593) #593
MGMT-12471 : Don’t crash if operator isn’t monitored by service (#589) #589 NO-ISSUE: Bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#585) #585
NO-ISSUE: Bump github.com/operator-framework/api from 0.17.1 to 0.17.2 (#584) #584
NO-ISSUE: Bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.1 (#569) #569
NO-ISSUE: Bump github.com/onsi/gomega from 1.22.1 to 1.24.1 (#577) #577
NO-ISSUE: Bump k8s.io/client-go from 0.24.4 to 0.25.4 (#576) #576
OCPBUGSM-46219 : OCPBUGSM-46220: Update golang version to 1.18.1. (#581) #581 MGMT-12471 : Don’t wait for console if it is disabled (#574) #574 NO-ISSUE: change all ‘go get’ commands to ‘go install’ (#580) #580
NO-ISSUE: Log informative error in case subscription doesn’t have CSV (#573) #573
MGMT-12467 : Remove special handling for installing OCP < 4.7 (#571) #571 MGMT-12469 : Add resolv.conf content to controller logs in order to improve dns issue visibility (#572) #572 OCPBUGS-3166 : assisted-installer: pod creation fails due to violations of security policies in 4.12 (#568) #568 NO-ISSUE: improvement on gathering controller logs, validating that buffer is not empty (#567) #567
Full changelog
OCPBUGS-46955 : Bump golang.org/x/net to 0.33.0 (#885) #885 OCPBUGS-16483 : Update apimachinery dependency to remove goproxy dep (#709) #709 OCPBUGS-33404 : Make removable disks eligible (#725) #725 MGMT-17594 : Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#705) #705 MGMT-17591 : Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#703) #703 MGMT-17541 : Replace broken golangci reference (#698) #698 NO-ISSUE: Bump the go-dependencies group with 1 update (#597) #597
NO-ISSUE: Bump the go-dependencies group with 5 updates (#595) #595
MGMT-15661 : Update to latest ghw version (#594) #594 MGMT-15235 : Allow setting CGO_ENABLED flag (#589) #589 MGMT-15235 : Compile with CGO_ENABLED=1 for amd64 (#588) #588 Revert “MGMT-15235: Compile with CGO_ENABLED=1 for FIPS (#569)” (#582) #569
OCPBUGS-17251 : Bumping golang.org/x/net (#586) #586 MGMT-14933 : Detect if the host in running in OCI (#585) #585 MGMT-15359 : support appliance multipath virtual device (#584) #584 MGMT-13111 : Freeze on 404 Not Found (#583) #583 MGMT-15343 : dependabot remove docker (#581) #581 MGMT-15343 : dependabot group updates (#579) #579 Updating ose-agent-installer-node-agent images to be consistent with ART (#575) #575
OCPBUGS-16373 : Ignore arping errors on RHEL 9 (#576) #576 NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.16.0 to 2.16.2 (#574) #574
NO-ISSUE: Bump github.com/PuerkitoBio/rehttp from 1.1.0 to 1.2.0 (#568) #568
MGMT-15235 : Compile with CGO_ENABLED=1 for FIPS (#569) #569 NO-ISSUE: Bump golang.org/x/sys from 0.9.0 to 0.10.0 (#566) #566
NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.15.0 to 2.16.0 (#564) #564
AGENT-594 : remove agent based installer code (#563) #563 NO-ISSUE: Bump golang.org/x/sync from 0.2.0 to 0.3.0 (#561) #561
MGMT-14540 : Mark Appliance disk(s) with a partition name prefix ‘agent’ as eligible (#554) #554 OCPBUGS-14848 : Filter out hidden devices (#558) #558 NO-ISSUE: Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#555) #555
NO-ISSUE: Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#556) #556
MGMT-13009 : Auto rename host with VLAN (#553) #553 NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.12 to 0.12.13 (#552) #552
NO-ISSUE: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#550) #550
MGMT-14751 : Detect DASD disks (s390x) (#549) #549 NO-ISSUE: Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#545) #545
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#543) #543
NO-ISSUE: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#544) #544
MGMT-14526 : Refernce latest assisted service to reflect domain name pattern change (#542) #542 Updating ose-agent-installer-node-agent images to be consistent with ART (#516) #516
NO-ISSUE: Bump golang.org/x/sync (#541) #541
NO-ISSUE: Remove slaviered from project OWNERS (#539) #539
MGMT-14481 : journal logs are empty during installation on rhel9.2 (#538) #538 NO-ISSUE: Bump github.com/go-openapi/runtime from 0.25.0 to 0.26.0 (#537) #537
MGMT-14319 chronyc segfaulting (#534) #534
NO-ISSUE: Bump golang.org/x/sys from 0.6.0 to 0.7.0 (#533) #533
NO-ISSUE: Bump github.com/cenkalti/backoff/v4 from 4.1.3 to 4.2.1 (#532) #532
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.5 to 1.27.6 (#530) #530
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.5 to 0.21.7 (#529) #529
Force update to pick up latest libs (#531) #531
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.5 (#525) #525
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.3 to 1.27.5 (#528) #528
MGMT-13946 : Ignore Proliant Gen 11 serial (#522) #522 NO-ISSUE: Bump github.com/onsi/gomega from 1.27.1 to 1.27.3 (#520) #520
NO-ISSUE: Bump golang.org/x/sys from 0.5.0 to 0.6.0 (#519) #519
OCPBUGS-8695 : vendor agent-installer-utils to v0.0.0-20230310220517-8506fbb6a346 (#517) #517 OCPBUGS-8677 : vendor agent-installer-utils to v0.0.0-20230308101916-306b7995977e (#514) #514 OCPBUGS-8390 : vendor agent-installer-utils to v0.0.0-20230307094740-57807526b660 (#512) #512 NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.11 to 0.12.12 (#511) #511
NO-ISSUE: Bump github.com/spf13/afero from 1.9.3 to 1.9.5 (#510) #510
AGENT-565 : revendor agent-utils (#508) #508 vendor agent-installer-utils to v0.0.0-20230228190135-5b30a39dadf6 (#506) #506
vendor agent-installer-utils (#505) #505
NO-ISSUE: Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#504) #504
NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.14.0 to 2.15.0 (#502) #502
MGMT-13758 : In connectivity check, ARPING checks should not run on nics without valid IPv4 address (#501) #501 Updating ose-agent-installer-node-agent images to be consistent with ART (#469) #469
AGENT-502 : Add agent based installer agent-tui (#482) #482 Make the agent team be the OWNERS of the Dockerfile.ocp file (#498) #498
Add sg3_utils package (#497) #497
NO-ISSUE: Bump github.com/onsi/gomega from 1.26.0 to 1.27.1 (#495) #495
MGMT-13665 : Bring full journal by default in log gather (#492) #492 NO-ISSUE: Bump golang.org/x/sys from 0.4.0 to 0.5.0 (#491) #491
Remove S.M.A.R.T. collection (#489) #489
Update Dockerfile.assisted_installer_agent (#487) #487
NO-ISSUE: Bump github.com/onsi/gomega from 1.25.0 to 1.26.0 (#488) #488
MULTIARCH-3239 : - Add multipath FC disk check for Power (#483) #483 NO-ISSUE: Bump github.com/onsi/gomega from 1.24.2 to 1.25.0 (#486) #486
MGMT-13420 : Adding cleanup of next-step-runner before starting it. (#484) #484 MGMT-12535 : Add step verify vips (#476) #476 MGMT-12906 : Refactor connectivity check (#471) #471 NO-ISSUE: Bump github.com/thoas/go-funk from 0.9.2 to 0.9.3 (#474) #474
NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.9 to 0.12.11 (#473) #473
NO-ISSUE: Bump github.com/onsi/gomega from 1.22.1 to 1.24.2 (#472) #472
MGMT-11885 : disk_speed_check: escape colons when calling fio (#427) (#464) #427 MGMT-12827 : Don’t try to rename when there is no usable NIC (#466) #466 NO-ISSUE: Bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#465) #465
MGMT-12537 : detect virtualized environment (#451) #451 NO-ISSUE: Stop retry when backoff expires or context is cancelled (#462) #462
MGMT-12793 : Tang unit tests should not query external URLs (#463) #463 OCPBUGS-3157 : The connectivity check fails if an interface has a link-local address (#461) #461 Remove validation on commit messages (#460) #460
MGMT-12760 : Don’t panic when retrying after no response (#459) #459 OCPBUGSM-46219 : OCPBUGSM-46220: Update golang version to 1.18.1. (#452) #452 MGMT-12711 : Verify that L2 connectivity checks are received grouped by ip+mac instead of just mac (#456) #456 MGMT-11551 : Retry when service fails (#438) #438 MGMT-11970 : Detect and handle IP conflicts (#433) #433 NO-ISSUE: Bump github.com/spf13/afero from 1.9.0 to 1.9.3 (#454) #454
MGMT-11551 : Retry when service fails (#442) #442 MGMT-8460 : Automatically rename discovered hosts (#449) #449 Full changelog
OCPBUGS-21255 : Bump golang.org/x/net to v0.18.0 #38 OCPBUGS-10120 : Updating ose-alibaba-cloud-controller-manager images to be consistent with ART #30 Update OWNERS #29
Update OWNERS #27
Updating ose-alibaba-cloud-controller-manager images to be consistent with ART #26
Full changelog
OCPBUGS-21350 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #36 OCPBUGS-16783 : Chore: Update OWNERS #32 OCPBUGS-12544 : 4.14: UPSTREAM: 763: Bump (golang.org/x/net): to address CVE-2022-41723 #30 STOR-1159 : Rebase to v1.1.7 #29 Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #28
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #27
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #26
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #25
OCPBUGS-6349 : UPSTREAM: 730: Fix CVE 2022 41717 #24 Bug 1877261 : UPSTREAM: 673: Feature/support disk waiting during mount #23 Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #20
OCPBUGS-6222 : UPSTREAM: 682: fix gofmt #21 Bug 2067785 : Bump prometheus/client_golang to v1.11.1 #18 Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #81 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #71 OCPBUGS-21443 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #64 STOR-1439 : Restart controller Pods if metrics-serving-cert changed #56 OCPBUGS-16783 : Chore: Update OWNERS #54 OCPBUGS-14824 : Bump alibaba-disk-csi-driver-operator library-go #53 STOR-1168 : Bump common libraries #51 OCPBUGS-12545 : Bump golang.org/x/net@v0.9.0 #50 Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #49
Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #48
Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #47
OCPBUGS-8683 : Add management workloads annotations #46 Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #45
STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #44 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #41 Bug 2106736 : Add multiplePVsSameID capability #43 STOR-1078 : Add hostPaths necessary for SELinux mounts #42 Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #40
OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #39 Full changelog
Updating ose-alibaba-machine-controllers images to be consistent with ART #42
OCPBUGS-10134 : Updating ose-alibaba-machine-controllers images to be consistent with ART #41 Update OWNERS #40
Updating ose-alibaba-machine-controllers images to be consistent with ART #39
Update OWNERS #38
Full changelog
OCPBUGS-33078 : Explicitly reserve 1 attachment for the root disk #306 OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #302 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #296 OCPBUGS-21057 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #280 STOR-1432 : hypershift: deploy controller with control plane release images #252 OCPBUGS-16783 : Chore: Update OWNERS #251 Bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.4 #250
Bump k8s.io/component-base from 0.26.3 to 0.27.3 #240
OCPBUGS-15823 : Change CSI RPC call timeouts #248 STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #244 OCPBUGS-14824 : Bump efs-ebs-driver-operator library-go #247 STOR-1168 : Bump common libraries #222 Bump Kubernetes libs to v0.27.1 #243
STOR-1167 : Enable extra-create-metadata to tag snapshots #223 STOR-1300 : Restart controller Pods if metrics-serving-cert changed #216 OCPBUGS-11882 : Added safe-to-evict-local-volume annotation from bound-sa-token to ebs-controller #232 OCPBUGS-11882 : Added safe-to-evict annotation to aws-ebs-csi-driver-controller pods #231 OCPBUGS-13017 : assets/hypershift/controller_sa: Set controller ServiceAccount imagePullSecrets #219 Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #217
Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #215
Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #214
Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 #207
OCPBUGS-8691 : Hypershift: set control plane operand properties #205 Bump k8s.io/apiextensions-apiserver from 0.26.2 to 0.26.3 #203
OCPBUGS-8752 : fix: typo #198 OCPBUGS-8752 : feat: add workload annotation to deployment and daemonset #194 Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #195
Bump k8s.io/apiextensions-apiserver from 0.26.1 to 0.26.2 #189
Bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 #190
STOR-875 : Implement custom keys in AWS EBS CSI driver operator #185 OCPBUGS-7837 : do not inject-proxy when deploying in hypershift control plane #186 Bump github.com/spf13/cobra from 1.6.0 to 1.6.1 #182
Add ok-to-test label to dependabot PRs #184
Bump k8s.io/klog/v2 from 2.80.1 to 2.90.0 #183
add dependabot config for gomod updates #181
STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #179 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #173 [#177] fix 404 in readme #178
Bug 2106736 : Add multiplePVsSameID capability #175 STOR-1078 : Add hostPaths necessary for SELinux mounts #174 Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #172
OCPBUGS-4491 : hypershift: use correct kubeconfig secret #169 OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #168 OCPBUGS-3990 : Add HyperShift specific priorityClass #167 OCPBUGS-3978 : Don’t deploy VolumeSnapshotClass in static controller #165 Full changelog
OCPBUGS-32884 : Upgrade go-jose module to 2.6.3 #189 OCPBUGS-21761 : Backport the recent rebase to 4.14 #168 NO-ISSUE: Sync OWNERS with team members #176
snyk: exclude vendor/ #171
Bump to go 1.20 in go.mod #163
Updating ose-aws-pod-identity-webhook images to be consistent with ART #162
Updating ose-aws-pod-identity-webhook images to be consistent with ART #159
Updating ose-aws-pod-identity-webhook images to be consistent with ART #158
Full changelog
OCPBUGS-35126 : CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 #82 OCPBUGS-20701 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #54 OCPBUGS-17284 : UPSTREAM: 1927: chore(deps): bump golang.org/x/net from 0.10.0 to 0.14.0 #48 OCPBUGS-15658 : Update to v1.28.1 #45 OCPBUGS-16783 : Chore: Update OWNERS #46 STOR-1164 : Rebase to v1.28.0 for OCP 4.14 #43 Updating ose-azure-disk-csi-driver images to be consistent with ART #41
Updating ose-azure-disk-csi-driver images to be consistent with ART #39
Bug OCPBUGS-7408: UPSTREAM: 1725: Pin k8s.io/dynamic-resource-allocation version #38
STOR-1016 : Rebase to v1.26.1 for OCP 4.13 #37 Updating ose-azure-disk-csi-driver images to be consistent with ART #35
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #120 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #109 OCPBUGS-20784 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #101 OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #88 OCPBUGS-16496 : Bump library-go to remove dependency on goproxy #90 OCPBUGS-16783 : Chore: Update OWNERS #89 Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #87
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #84 OCPBUGS-14824 : Bump azure-disk-csi-driver-operator library-go #85 CCO-324 : Unrevert “CCO-324: add support for workload identity” #83 Revert “CCO-324: add support for workload identity” #82
CCO-324 : add support for workload identity #78 STOR-1168 : Bump common libraries #81 OCPBUGS-12559 : Bump golang.org/x/net@v0.9.0 #80 Updating ose-azure-disk-csi-driver-operator images to be consistent with ART #79
OCPBUGS-8683 : Add management workloads annotations #74 OCPBUGS-10842 : Reorder static resources to create RBAC first #75 Updating ose-azure-disk-csi-driver-operator images to be consistent with ART #73
STOR-873 : Implement custom keys in Azure Disk CSI driver operator #68 OCPBUGS-7617 : Adjust client-side QPS, burst and worker threads in provisioner and attacher sidecars #69 OCPBUGS-6658 : Disable managed identity authentication #67 STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #66 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #63 STOR-1078 : Add hostPaths necessary for SELinux mounts #64 Bug 2106736 : Add multiplePVsSameID capability #65 Updating ose-azure-disk-csi-driver-operator images to be consistent with ART #62
OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #61 OCPBUGS-3659 : Don’t expose metrics port to whole network #60 OCPBUGS-1904 : Only deploy VolumeSnapshotClass when CRD exists #56 Full changelog
OCPBUGS-41164 : bump mount-utils to treat ENODEV error as corrupted mount #79 OCPBUGS-33039 : Rebase v1.29.5 for OCP 4.14 #66 OCPBUGS-20884 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #37 OCPBUGS-17285 : UPSTREAM: 1355: build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 #33 OCPBUGS-16783 : Chore: Update OWNERS #32 OCPBUGS-15657 : Update to 1.28.1 #31 STOR-1160 : Rebase to v1.28.0 for OCP 4.14 #29 Updating azure-file-csi-driver images to be consistent with ART #28
Updating azure-file-csi-driver images to be consistent with ART #27
Updating azure-file-csi-driver images to be consistent with ART #26
Updating azure-file-csi-driver images to be consistent with ART #25
OCPBUGS-7943 : Pin k8s.io/dynamic-resource-allocation to v0.26.0 #24 STOR-1010 : Rebase to v1.25.1 for OCP 4.13 #23 Updating azure-file-csi-driver images to be consistent with ART #21
Full changelog
OCPBUGS-33039 : add token audience for Azure File #104 OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #94 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #83 OCPBUGS-20983 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #76 STOR-1434 : Restart controller Pods if metrics-serving-cert changed #68 OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #64 OCPBUGS-16783 : Chore: Update OWNERS #65 OCPBUGS-16498 : Bump library-go to remove dependency on goproxy #66 Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #63
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #60 CCO-325 : Unrevert “CCO-325: add support for workload identity” #62 STOR-989 : Remove SC and manifest file for NFS backend #58 OCPBUGS-14824 : Bump azure-file-csi-driver-operator library-go #61 Revert “CCO-325: add support for workload identity” #59
CCO-325 : add support for workload identity #54 CCO-325 : Mount serviceaccount token into csi-driver container #53 STOR-1168 : Bump common libraries #57 OCPBUGS-12561 : Bump golang.org/x/net@v0.9.0 #56 Updating azure-file-csi-driver-operator images to be consistent with ART #55
Updating azure-file-csi-driver-operator images to be consistent with ART #52
Updating azure-file-csi-driver-operator images to be consistent with ART #51
OCPBUGS-10842 : Reorder static resources to create RBAC first #50 OCPBUGS-8683 : Add management workloads annotations #49 Updating azure-file-csi-driver-operator images to be consistent with ART #48
OCPBUGS-6658 : Disable managed identity authentication #47 STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #46 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #42 STOR-1078 : Add hostPaths necessary for SELinux mounts #43 Bug 2106736 : Add multiplePVsSameID capability #44 Updating azure-file-csi-driver-operator images to be consistent with ART #41
OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #40 Full changelog
OCPBUGS-54264 : IBMCloud: Move to IBM TF openshift fork #9605 OCPBUGS-54260 : vsphere-fix convert if only provided name #9602 OCPBUGS-52996 : Bump terraform-provider-google version to v5.37.0 to fix consistent issues during cluster creation #9587 OCPBUGS-53210 : PowerVS: remove system pools #9572 OCPBUGS-46606 : Power VS: Create region-zone-sysType hierarchy #9331 OCPBUGS-48196 : IBMCloud: Ignore failed VPC regions #9350 OCPBUGS-45464 : add chrony.conf file when additional NTP sources are configured #9269 OCPBUGS-43505 : Stop rendering networks.config CRD #9105 OCPBUGS-42285 : Add AWS r8g to arm tested instance types #9050 OCPBUGS-42848 : add tested instance type for IBMCloud #9082 OCPBUGS-25508 : Update Golang SSH package version update to 0.17.0 #8992 OCPBUGS-39411 : Added yq to ci image #8943 OCPBUGS-36180 : baremetal IPI without provisioning network failing on provisioning-interface.service #8712 OCPBUGS-36089 : [release-4.14] bump go-retryablehttp for CVE fix #8658 OCPBUGS-37183 : ic: fix typo in warning message #8771 OCPBUGS-37068 : update RHCOS 4.14 bootimage metadata to 414.92.202407091253-0 #8748 OCPBUGS-36748 : Add yq-v4 to the upi-installer image for CI #8684 OCPBUGS-35827 : If host is offline or disconnected don’t check ver #8634 OCPBUGS-35826 : [release-4.14] bump github.com/containers/image for CVE fix #8633 OCPBUGS-35485 : [release-4.14] aws: terraform: add spot instance support for masters #8605 OCPBUGS-34024 : go.mod: bump aws-sdk-go for ca-west-1 support #8440 OCPBUGS-33401 : PowerVS: Add composite_instance to listServiceInstances #8479 CORS-2951 : Add deprecation notice for OpenShiftSDN for 4.14 users #8518 OCPBUGS-28611 : remove retired serial NCv2 from azure tested instance type list on x86 #7960 OCPBUGS-27394 : preserve category name when trying to find tag category #7926 OCPBUGS-33010 : escape ‘%’ in proxy settings #8318 OCPBUGS-31756 : openstack: Honour worker server group policy #8231 NO-ISSUE: test fix to support slightly different nmstate error messages #8286
OCPBUGS-32358 : Updated libvirt installer to include multi-arch yq and symlink for backwards compatibility #8281 OCPBUGS-31885 : Validate control plane replicas #8241 OCPBUGS-31677 : coreos-installer iso kargs show broken on Agent ISO #8228 OCPBUGS-31338 : upi: aws: fix typo in worker templates #8203 Bug OCPBUGS-30187: OpenStack: fix controlPlanePort validation #8095
OCPBUGS-30027 : gcp: better error msg when service accnt missing #8078 OCPBUGS-30259 : PowerVS remove ibm cloud/bluemix go 4.14 #8103 OCPBUGS-29123 : IBMCloud: Handle disk delete errors #7988 OCPBUGS-29626 : update RHCOS 4.14 bootimage metadata to 414.92.202402130420-0 #8037 OCPBUGS-28929 : [release-4.14] Bump containerd for vulnerability fix #7981 OCPBUGS-27419 : Fix depreciated typo #7929 OCPBUGS-24521 : set vmType in azure cloud config [release-4.14] #7804 OCPBUGS-23738 : vSphere - when using RP network path is incorrect #7759 OCPBUGS-27241 : baremetal: correct external_http_url for v6-only BMCs #7914 OCPBUGS-22315 : bootstrap: Enable gatewayd units only on RHCOS #7628 OCPBUGS-23498 : update RHCOS 4.14 bootimage metadata to 414.92.202401110948-0 #7919 OCPBUGS-20860 : Bump versions for golang modules to accommodate fixes for CVE-2023-39325 & CVE-2023-44487 #7887 OCPBUGS-22895 : Do not generate azure-cloud-provider in manual mode for aro builds #7670 OCPBUGS-22771 : aws: use security groups from defaultMachinePlatform #7658 OCPBUGS-24489 : baremetal: populate customDeploy in advance #7802 OCPBUGS-22770 : destroy: gcp: fix destroying regional disks #7657 Bug OCPBUGS-22776: OpenStack: Fix IPv6 address configuration for bootstrap #7660
OCPBUGS-22978 : IBMCloud: Add eu-es region #7684 OCPBUGS-23399 : Check if PER is enabled in the target PowerVS workspace #7736 OCPBUGS-22688 : Bump Fedora CoreOS to latest stable #7647 OCPBUGS-22774 : Add KMS encryption keys if provided #7659 OCPBUGS-21868 : vSphere,segfault on version check #7605 OCPBUGS-22945 : Update gcloud version to 447.0.0 #7681 OCPBUGS-22187 : azure: validation: validate defaultMachinePlatform #7615 OCPBUGS-22758 : update RHCOS 4.14 bootimage metadata to 414.92.202310210434-0 #7655 OCPBUGS-19922 : Release 4.14 skip agent tui on external oci platform #7599 OCPBUGS-21653 : Rectify GCP label key validation check #7606 OCPBUGS-20357 : update RHCOS 4.14 bootimage metadata to 414.92.202310170514-0 #7618 OCPBUGS-20396 : Unable to disable external CCM for platform external #7594 OCPBUGS-20522 : Use changes to AgentClusterInstall during loading #7588 Enforcing the serial execution of the integration tests #7598
OCPBUGS-20581 : enable cloud controller manager type to be defined #7581 OCPBUGS-20441 : Warn about host and target compatibility #7583 OCPBUGS-20345 : Enable serial console for external OCI platform #7569 OCPBUGS-20401 : always write AWS cloud.conf #7578 OCPBUGS-19922 : Do not start agent-tui if no graphical console available #7539 OCPBUGS-20103 : GCP default value for service account #7553 OCPBUGS-19953 : AWS terraform bootstrap destroy will not refresh state #7543 OCPBUGS-20066 : Use updated ansible-core for Openstack image #7551 OCPBUGS-19835 : Enable FIPS in agent ISO #7541 OCPBUGS-19846 : Graceful fail for AWS getUser on destroy #7532 OCPBUGS-19033 : Add Net capabilities to dnsmasq container #7489 OCPBUGS-19319 : Handle agent tui failure gracefully #7497 OCPBUGS-19738 : Remove warning about CPUPartitioning #7529 OCPBUGS-19300 : Implement workaround to allow SNO installations for OKD/FCOS #7479 OCPBUGS-19702 : Increase bootstrap timeout for vSphere platform by 30 mins #7528 OCPBUGS-19636 : Pass CPUPartitioning via install-config overrides if set #7521 OCPBUGS-18181 : update RHCOS 4.14 bootimage metadata to 414.92.202309201615-0 #7517 OCPBUGS-18719 : for vsphere ipi add cluster domain to the uploaded vm configs so that… #7477 OCPBUGS-18883 : Do not set FailureDomains on CPMS when in a single zone Azure region #7483 AGENT-702 : Generate minimal ISO for external platform #7478 OCPBUGS-18428 : Add ip=dhcp,dhcp6 kernel param for vSphere dual-stack #7467 OSDOCS-6999 : tested machine series ‘C3’, ‘C2D’ #7381 OCPBUGS-18450 : AWS permission missing for security group viewing. #7460 OCPBUGS-18365 : Fix defaulting of userManagedNetworking value #7458 integration tests: Swap order of diff arguments #7462
AGENT-693 : Support external platform #7442 OCPBUGS-18457 : Make extracting ISO kargs more robust #7463 OCPBUGS-18457 : Fix PXE integration tests #7461 OCPBUGS-17806 : gomod: bump openshift/api version #7421 OCPBUGS-17770 : azure: use marketplace image plan’s publisher #7426 OCPBUGS-7690 : azure: destroy: dns records leak if permissions missing #7433 OCPBUGS-17869 : azure: fix setting outboundType #7455 OSDOCS-6880 : Adding 64-bit ARM GCP instance types to documentation #7320 OCPBUGS-16204 : aws: attach additional security groups to controlPlane #7352 OCPBUGS-18046 : update govc version to v0.30.7 #7425 OCPBUGS-15659 : IPI pre-check for MachineAPI capability #7414 OCPBUGS-17860 : OpenStack: Remove NodePorts range 0.0.0.0/0 rules #7405 OCPBUGS-17073 : Revert “Merge pull request #7205 from rna-afk/azure_managed_by_tag” #7412 OCPBUGS-17940 : Add COS endpoint to proxy server (Power VS) #7430 AGENT-692 , OCPBUGS-3860 : Update assisted-service dependencies #7439 OCPBUGS-17227 : gcp: fix validation of custom instance types #7388 OCPBUGS-17869 : azure: put NAT gateway behind TechPreviewNoUpgrade #7434 Destroy startironic.sh forever #7250
CORS-2660 : GCP: deprecate the licenses field #7397 CFE-858 : Update google terraform provider to latest version #7201 MULTIARCH-3676 : PowerVS TG terraform changes #7389 CFE-686 : Generate Infrastructure CR with the GCP user defined tags & labels #7138 CFE-687 : Apply user defined labels on created gcp resources #7153 OCPBUGS-11999 : upkeep: updated description to remove techpreview #7313 CORS-2700 : Make bootstrap S3 bucket optional during bootstrap destroy #7288 CFE-688 : Update install-config CRD to support gcp labels and tags #7126 OCPBUGS-16776 : update RHCOS 4.14 bootimage metadata to 414.92.202308032115-0 #7409 Add baremetal capability validation #7394
azure: validation: machinepool: sort slice before comparing #7407
OCPBUGS-13408 : Log message and add integration test #7408 PowerVS: Update listCOSInstances to continue querying #7404
maintenance: update openshift/api #7401
MGMT-13628 : add support for confidential VMs on Azure #7312 openstack: Test zero replicas in worker machine-pool #7400
OpenStack: Fix user docs for additional network with IPv6 #7395
gather: Use journalctl -o with-unit #7371
SPLAT-1123 : Revert Alibaba deprecation warning #7396 OCPBUGS-15994 : Update core password after loading config-image #7338 OpenStack: Remove SGS created by CPO on destroy #7378
data/data/coreos: bump FCOS to F38 stable #7311
OCPBUGS-16912 : Ensure DHCPv6 client sends Solicit with mac address #7384 Bug OCPBUGS-16249: Add ip=dhcp,dhcp6 option to Kernel args #7367
PowerVS: Check whether Machine pool CIDR is /24 #6903
OCPBUGS-16292 : GCP XPN: clarify service account support #7347 OCPBUGS-6759 : Fix discrepancy with disk size master #7100 OCPBUGS-16959 : openstack/upi: add missing modules namespaces + doc #7373 CORS-2719 : Remove service account user permission #7291 OCPBUGS-17064 : always create a MachineSet #7380 OpenStack: Fix default for openstack_worker_server_group_names #7359
OCPBUGS-16692 : OpenStack: fix crash with empty platform in machinepool #7363 CORS-2445 : GCP add bootimage override in install-config #7215 CORS-2503 : azure: use marketplace images for all nodes #6890 MULTIARCH-3676 : PowerVS add transit gateway destroy #7294 CORS-1770 : Support pd-balanced disk types for GCP deployments #7337 OCPBUGS-15989 : vSphere - bump terraform provider #7354 OWNERS_ALIASES: Add new user to owners_aliases #7348
OCPBUGS-16515 : gcp: use zones available for both instance and project #7317 OCPBUGS-15852 : Single node cannot be installed if etcd appears in the hostname #7304 OCPBUGS-14877 : Validate that number hosts does not exceed replicas #7268 CORS-2628 : Allow users to set ManagedBy tag to resource group #7205 OCPBUGS-16380 : Add /etc/containers volume on create-cluster-and-infraenv #7332 OCPBUGS-16207 : ic: aws: validate max security groups #7345 OpenStack: Add steps to enable dual-stack clusters #7269
Revert “Merge pull request #7096 from r4f4/gcp-instance-zones” #7360
SPLAT-657 : AWS Local Zones subnets automation for edge compute pool #7137 OSASINFRA-3193 : Update openstack/Dockerfile.ci for ansible-core #7346 Include start-cluster.env in agent-gather #7350
Fix the deployment on OpenStack for worker pools with no replicas. #7356
OCPBUGS-16219 : Fix timing issue between network services #7355 OCPBUGS-16415 : Sync nmstateconfig script with assisted-service changes #7353 Agent: Allow additional kernel args to be passed to ISO #7306
Remove mentions of use-octavia #7335
OCPCLOUD-2036 : introduce External platform type #7217 OCPBUGS-16395 : openstack/upi: update doc for CCPMSO #7351 OCPBUGS-16245 : Make nmstateconfig.yaml optional in config-drive #7333 OSASINFRA-3181 : Volume Types for OpenStack CPMS #7300 CORS-2445 : GCP: Add default values for arm64 #7258 PowerVS: Replace deprecated key_id attribute with name for ibm_pi_key resource #7256
PowerVS: Handle empty serviceInstanceID in metadata.json #7328
OpenStack: Dual stack support with BYON #6797
MULTIARCH-3667 : Add support for CPMSO for Power VS #7226 OCPBUGS-15421 : Allow different service account for xpn installs in gcp #7308 OCPBUGS-15997 : openstack: add root volume AZ validation #7309 aws: drop hostedZoneRole Feature Gate #7327
Agent: clear service status once all services started #7316
AGENT-660 Display insert config image message to console #7299
PowerVS: Create new newAuthenticator function #7321
OCPBUGS-9404 : azure: skip LB creation when not needed #7063 Revert “Merge pull request #7289 from r4f4/padillon-settle-ops” #7318
Agent: Log kernel params when generating pxe assets #7314
OCPBUGS-15238 : GCP: ic: client: use a higher context timeout #7290 AGENT-648 : Remove validation check limiting None platform to SNO #7236 Allow destroy for C2S isolated (us-iso and us-isob) partitions. #7086
OCPBUGS-15999 : update RHCOS 4.14 bootimage metadata to 414.92.202307070025-0 #7310 OCPBUGS-14900 : Use correct SELinux label. Make rename atomic. #7307 create: add check for cluster operator stability #7289
SPLAT-827 : support static IP assignments with vSphere IPI #7179 AGENT-562 : Load config from config image #7200 OCPBUGS-15825 : Fix agent gather tui logs #7293 OSASINFRA-3155 : OpenStack: Create ControlPlaneMachineSet CRDs #7280 ic: gcp: validate instances against user-configured zones #7096
AGENT-678 : Fix concurrency issue in agent integration tests #7303 OCPBUGS-14762 : Use the same names for public LB in IPI and UPI Azure #7292 OCPBUGS-2324 : terraform: aws: bump version to 5.4.0 #7274 tls/root: Document this more and change friendly name #7232
CORS-2572 : azure: implement egress via NAT gateway #6933 docs: Add note about not configuring allowed address pairs for day 2 manila configuration #7287
OCPBUGS-14932 : specify azure cli version #7297 OCPBUGS-14932 : Update azure cli to 2.40.0+ #7216 PowerVS Add support for Capped processors #7286
CORS-2645 : AWS Cross-Account Private Hosted Zone: Add Further Validations #7253 AGENT-624 : Allow override of networkType #7223 Update hack/go-test.sh to golang 1.20 #7270
AGENT-627 : Decompress kernel on ARM #7276 OWNERS_ALIASES: offboard ashcrow and bgilbert from CoreOS #7275
AGENT-558 Generate unconfigured agent ignition #7186
OWNERS: merge agent/installer #7278
OSASINFRA-3182 : openstack: remove portTargets #7239 AGENT-498 : Get iPXE script template kernel parameters from ISO #7150 OCPBUGS-15238 : GCP: ic: improve project validation #7267 Default dataStore is returned the name instead the inventoryPath #7261
Use the correct image name for agent-tui extraction #7266
OCPBUGS-13636 : new Aws secret regions support #6184 CORS-2372 : Azure: auth Installer with Managed Identity from VM #7108 OCPBUGS-11796 : azure: skip NSG creation when BYO vnet #7094 OCPBUGS-9435 : terraform: aws: secret regions now support ALIAS record #7184 SPLAT-1094 : warn users about deprecation of Alibaba Cloud #7257 OCPBUGS-14869 : Add timezone info in installer logs #7243 CORS-2656 : Remove context from cluster uninstaller struct #7169 openstack: document external LB #6920
bootkube: Drop cruft in MCO bootstrap #7244
Update OWNERS_ALIASES #7203
Agent: run shellcheck on start-cluster-installation.sh #7062
OSASINFRA-2168 : Docs: update OpenStack requirements #7015 OCPBUGS-15095 : Add kubevirt digest-ref in RHCOS boot images #7254 AGENT-563 : Create configuration image #7157 AGENT-510 : Support interactive network console when pxe booting #7185 Allow CustomNoUpgrade features via install-config #7246
MULTIARCH-3664 : enable multipath for powervs #7222 OCPBUGS-13960 : update RHCOS 4.14 bootimage metadata to 414.92.202306141028-0 #7247 CFE-829 : Remove Azure Tags TechPreview only indicators and checks #7187 CORS-2631 : Add additional security group ids in AWS #7151 AGENT-596 : use agent-installer-utils for agent-tui extraction #7212 AGENT-491 : Support pxe base url #6723 OCPBUGS-14917 : PowerVS: Cleanup service instances for destroy cluster #7173 OpenStack: add support to multiple subnets in the bootstrap #7111
Add ControlPlaneMachineSet for Nutanix #7119
OPNET-298 : Allow primary-v6 dual-stack on vSphere #7124 CORS-2613 : AWS: Cross-account Shared VPC Support #7225 OpenStack: support user provided dual-stack api and ingress Port #7133
OpenStack: configure IPv6 address in the bootstrap node #7128
SPLAT-995 : vSphere Add new template field #6995 OCPBUGS-14757 : images: installer: add xz to the container #7238 OCPBUGS-14818 : disable oVirt provider #7213 AGENT-556 : Wait for rendezvous host configuration #7068 OCPBUGS-13955 : support OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE #7211 OCPBUGS-14121 : Convert Rendezvous IPv6 address to canonical format #7234 OCPBUGS-14416 : Shorten SNO installation duration by releasing CPC lease #7219 OCPBUGS-14565 : Replace with govc docker image and fix ibmcli folder permission issue #7231 OCPBUGS-13108 : Log additional host info at warning level #7209 OCPBUGS-13662 : Ignore CPUPartitioning for ABI #7218 OCPBUGS-11736 : gcp use preconfigured private zone for installation #7155 Bump & vendor k8s 1.27 dependencies #7220
OCPBUGS-10342 : Check that number of replicas matches hosts #7059 OSASINFRA-3153 : move loadBalancer API to GA for OpenStack #7127 OCPBUGS-10306 : [vSphere] Upi installation failed due to VMs for master and worker node creation failed #6999 AGENT-567 : Re-enable ‘create pxe-files’ command #7102 AGENT-555 : Move Rendezvous Host config to separate file #7061 OCPBUGS-13764 : Support /dev/disk/by-path root device hints #7192 OCPBUGS-1769 : Ignore IAM Roles that the Installer is not authorized to access #7180 OCPBUGS-14077 : MULTIARCH-3492: Avoid conflicting subnets #7145 OCPBUGS-14076 : PowerVS: Remove ClusterOSImage #6996 OCPBUGS-13094 : Use oc command in bootkube.service in a disconnected env #7178 OCPBUGS-7410 : Reject active VPC connections before service destroy #7101 OCPBUGS-7699 : CVE: go-getter vulnerable to denial of service via malicious compressed archive #6893 OCPBUGS-13552 : vSphere Add ova sha query; additional debugging #7171 OCPBUGS-13718 : ic: azure: validate diskTypes in AzureStack #7194 OCPBUGS-9378 : vSphere set bootstrap/master efi #7154 OCPBUGS-13535 : Set AdditionalTrustBundle in override when mirroring not enabled #7182 OCPBUGS-13547 : Ensure –payload-version is set for MCO on bootstrap #7160 OCPBUGS-13547 : remove special cases for featureset in rendering #7189 OCPBUGS-7978 : FCOS: bump to latest stable version #6902 OCPBUGS-13628 : Revert “remove special cases for featureset in rendering” #7183 OCPBUGS-13300 : masters on a single compute server group #7172 OCPBUGS-3542 : Add bootstrapExternalStaticDNS #6585 remove special cases for featureset in rendering #7158
OCPBUGS-13253 : update RHCOS 4.14 bootimage metadata to 414.92.202305090606-0 #7176 pass payload version and manifests to kas and kcm #7152
OCPBUGS-9081 : openstack destroy: account for BULK DELETE limits on object-storage #7168 OCPBUGS-7699 : terraform: google: bump provider for go-getter CVE fix #7051 OCPBUGS-13107 : openstack destroy: Limit Swift workers to 3 #7165 Updating ose-installer-artifacts images to be consistent with ART #7122
OCPBUGS-11921 : GCP XPN: Pass instance service acct in manual mode #7117 OCPBUGS-12964 : Bootstrap on aws should have same metadata service type as on other nodes #7149 OCPBUGS-11792 : update RHCOS 4.14 bootimage metadata to 414.92.202304252144-0 #7135 pass featuregate args to config-operator to get rendered featuregates #6990
OCPBUGS-12904 : openstack: Add netcat to the Installer image #7142 OCPBUGS-12776 : GCP XPN Private Cluster Fails with no Public Zone #7134 OCPBUGS-12869 : fix nmstate related unit tests #7089 Updating ose-baremetal-installer images to be consistent with ART #7121
Updating ose-installer images to be consistent with ART #7120
OCPBUGS-12748 : use python3 for cloud sdk #7118 OCPBUGS-12196 : bump CVO to stable-4.14 #7114 OCPBUGS-11999 : fix: remove feature flag for cpu partitioning no longer needed #7110 OCPBUGS-11801 : Fix agent-tui libnmstate dependency name #7095 OpenStack: enable ingress traffic for dual-stack installations #7099
OCPBUGS-10767 : Fix and improve locking session and AWS Metadata access #7070 OWNERS_ALIASES: offboard Sohan from CoreOS #7103
OCPBUGS-9081 : openstack: Bump Gophercloud #7098 OCPBUGS-11100 , OCPBUGS-11102 , OCPBUGS-11418 : CVE: bump hashicorp/vault version #7091 OCPBUGS-11788 : update RHCOS 4.14 bootimage metadata to 414.92.202304131328-0 #7092 OCPBUGS-8449 : Azure: don’t set default subscriptionID for disk encryption sets #7076 pkg: rhcos: use Errorf instead of Error #7074
OCPBUGS-4998 : Log additional info when status is pending-user-action #7060 OCPBUGS-10673 : [Alibaba] update the bandwidth value of EIP #7011 OCPBUGS-11636 : AWS - Remove ACLs from s3 ign #7081 OCPBUGS-11479 : Upgrade libnmstate version used #7075 OCPBUGS-10478 : gather: azure: fix collecting VM serial logs #6992 Add imageDigestSources, deprecate imageContentSources #6235
PowerVS: fix human readable group-id #7073
docs: gcp: upi: update obtaining RHCOS source image #7072
gcp: add confidential compute support for boostrap TF #7002
AGENT-275 : Add new agent graph command to output agent internal dependency graph #7066 OCPBUGS-7954 : openstack: Only check HTTPS certs on public endpoints #7057 MULTIARCH-2517 : PowerVS: create install-config improvements #6885 OCPBUGS-10845 : Use 100 GB as minimum disk size in validations #7025 openstack: Bump CI base image to v4.14 #7052
terraform: don’t run zip if building provider binary failed #7047
OCPBUGS-8449 : pkg/asset/installconfig: set subscriptionID #6975 OCPBUGS-11039 : remove container-runtime flag from kubelet config #7036 rhcos: Bump to 414.92.202303281555-0 #7038
update tested instance type on 4.13 #7042
OCPBUGS-11038 : GCP: add europe-west12 region to the survey as supported region #7033 OCPBUGS-7966 : Do not remove host default configuration unless network configuration is provided for it #6991 OCPBUGS-2130 : vSphere - finding networks use full path cluster #6973 OCPBUGS-7699 : bump terraform for go-getter CVE fix #6892 OCPBUGS-8349 : Kubelet Client Cert should include system:serviceaccounts group #7032 OCPBUGS-10728 add project filter to gcp usage api requests #7018
OCPBUGS-10638 : Properly handle invalid agent command #7005 OCPGUS-2363 : IBMCloud: Use direct COS endpoint #6952 OCPBUGS-9081 : openstack/destroy: BulkDelete more objects at once #7017 OCPBUGS-8035 : IBMCloud: Fix SSH Private bootstrap #6944 OCPBUGS-7973 : IBMCloud set dnsrecords offset #6924 OCPBUGS-8509 : baremetal: do not use port 80 for httpd #6945 OCPBUGS-9982 : bootstrap-pivot: skip pivot in SCOS Live ISO #6965 PowerVS: Add capacity checks before installation #6850
OCPBUGS-8237 : update terraform-provider-ironic to 0.4.0 #6956 OCPBUGS-6727 : Nutanix Hostname of the VM is not set when using DHCP network config #6981 AGENT-502 : add agent-tui it test #6978 openstack: Remove version info, update lb FIP -> API FIP #7001
OCPBUGS-10570 : openstack: No master primarySubnet control-plane if portTarget is set #6994 OSDOCS-5240 : doc/fix-aws-localzones: replace jq to aws –query #6993 OCPBUGS-10207 : Do not always output warning msg when releaseImage is digest #6971 OCPBUGS-7015 : vsphere, nutanix survey: relax vip in machine cidr #6967 OCPBUGS-9949 : Verify output file exists when oc image extract is run #6960 OCPBUGS-7954 : openstack: Provide manual instructions for invalid certificates #6998 OCPBUGS-10313 : fix agent tui showing up multiple times #6977 Bump mongo-driver from 1.10 to 1.11.2 #6987
OCPBUGS-8540 : CVE: bump mongo-go-driver for fix #6950 OCPBUGS-10394 : Sort userTags in Machine and Machineset manifests #6976 Shorten SNO installation duration by releasing CVO lease #6757
OCPBUGS-2968 : bootstrap: Do not needlessly podman pull #6536 terraform: google: bump stringset dependency #6951
openstack-manifests: Export JUnit results #6966
Updating ose-installer-artifacts images to be consistent with ART #6968
quota: gcp: replace deprecated monitoring package and fix linting issues #6896
OCPBUGS-8119 : CVE-2023-25173: bump containerd #6949 OCPBUGS-8468 : aws: bump aws-sdk-go version #6943 data: libvirt: increase volume size to 32GB #6963
Updating ose-baremetal-installer images to be consistent with ART #6954
Updating ose-installer images to be consistent with ART #6953
refactor: replace github.com/ghodss/yaml with sigs.k8s.io/yaml #6935
OpenStack: support multiple API and ingress VIPs #6940
update RHCOS 4.13 bootimage metadata #6886
OCPBUGS-8094 : In agent ‘wait-for bootstrap’ command, test ssh to Node0 #6919 openstack-manifest: Show assets dir if persisted #6929
OCPBUGS-7262 : Disable systemd status while TUI showing #6925 OpenStack Failure domains #6917
OCPBUGS-8203 : Don’t log password values #6922 OCPBUGS-5129 : Pass Capabilites from install-config to cluster #6923 OCPBUGS-8305 : Power VS: Add resourceGroup to infrastructure manifest #6928 AGENT-356 : Disable ‘create pxe-files’ command #6927 OCPBUGS-8258 : Specify filename for default registries.conf #6926 openstack: consistent TechPreview-only feature validation #6916
RFE-2782 : Create edge compute pool to support AWS Local Zones #6371 OPNET-199 : Allow v6-primary dual stack on baremetal #6881 Generate CSI driver manifests #6856
Azure: use managed storage account for boot logs #6848
OCPBUGS-7015 : Relax MachineCIDR check for vSphere, Nutanix #6915 ARMOCP-417 : enable arm64 for agent installer #6401 AGENT-502 : Enable agent tui #6898 GCP: conditionally create bootstrap service account #6853
vsphere: Remove bostrt from approver/reviewer group #6918
OCPBUGS-7860 : azure: session: fix unclear auth error messages #6901 OCPBUGS-7991 : vSphere - only create RP when cluster is not empty #6905 Support the new fields in NutanixMachineProviderConfig #6841
openstack-manifests: Option to run selected test cases #6908
AGENT-526 : Refactor Agent InstallConfig embedding #6796 OCPBUGS-7993 : hack/build-coreos-manifest: support OKD #6906 bump version of ovirt terraform provider #6883
OCPBUGS-7622 : Ignore CPMS file if not exist #6887 linter: enable reporting about exported names lacking comments #6880
CFE-757 : Fix issues reported by QE #6870 OCPBUGS-7579 : azure: fix certificate-based auth with passpharse #6871 Update alias for Metal Platform #6884
CORS-2496 : Default 2xlarge instead of xlarge in AWS when the control-plane is single-node #6814 OSASINFRA-3090 : External LB support for on-prem platforms #6812 Bug 1904573 : baremetal container modify /etc/passwd group writable #6872 SPLAT-823 : Zonal GA, single terraform, deprecate legacy platform spec #6770 openstack: Fix missing docs link #6852
OCPBUGS-7180 : update RHCOS 4.13 bootimage metadata #6861 Removes m1kola from azure-reviewers #6865
OCPBUGS-7495 : Convert platform type for AgentClusterInstall #6855 CFE-582 : Generate Infrastructure CR with the azure user defined tags #6310 AGENT-456 : Remove connectivity checks from bash script #6846 integration: Don’t pass host data in the install-config #6795
linter: bump version to sync with CI #6859
OCPBUGS-4954 : IBMCloud: Handle COS reclamations #6845 CFE-757 : Fix issues reported by QE #6820 CORS-2386 : IBMCloud: Add networkResourceGroupName #6613 IBMCloud: Add tests for installconfig metadata #6348
OCPBUGS-1048 : if tag categories don’t exist, the installation will fail to bootstrap #6327 CFE-586 : Apply user defined tags on created azure resources #6354 OCPBUGS-7356 : data/manifests/bootkube/cvo-overrides: Default to stable-4.13 #6689 OCPBUGS-6777 : Fix file check for loading openshift manifests #6821 AGENT-505 : Embed agent files in initrd #6842 installer dev build settings to enable delve #6835
OCPBUGS-7261 : Update AgentConfig template #6840 OCPBUGS-4549 : azure: fix MS Graph calls on Gov cloud #6844 openstack-manifests: Add a debug option #6839
OpenStack: Fix distribution of zones on 32-bit systems #6834
OCPBUGS-6422 : CVE-2022-41717: bump net/http for fix #6801 CNF-6357 : feat: add CPU Partitioning flag into the install config #6430 SPLAT-820 : multi-zone is no longer tech preview #6782 destroy: vsphere: move API calls to client abstraction and add unit tests #6604
Add support for confidential compute #6799
Add Adam #6824
OCPBUGS-5234 : azurestack: upi: fix compute scale up #6735 CNF-6362 : feat: add support for nto rendering during bootstrap #6691 OCPBUGS-4997 : Set the configured proxy settings for agent installer #6827 azure: Add error message when authorizer fails. #6551
OCPBUGS-6486 : fixing ovirt installation on iSCSI #6816 OCPBUGS-6270 : Don’t require vSphere details for agent installer #6793 OCPBUGS-6722 : bootimage: move secure execution artifact to separate artifact #6811 PowerVS: Check for potential network conflict in existing CCs #6798
OCPBUGS-6663 : Check platform baremetal settings against default values #6809 AGENT-455 : Check registry and rendezvous host access at startup #6767 OCPBUGS-4549 : destroy: azure: handle nil responses from msgraph sdk #6717 AGENT-505 : Embed agent-tui binary in the agent ISO #6786 PowerVS: Remove region requirement #6772
Bug 2072202 : Check for reachability of API and API-Int URLs later in bootkube #6611 Bug 2067847 : prometheus/client_golang: Denial of service using InstrumentHandlerCounter #6391 CORS-2479 : bootstrap: set 0644 mode for registries.conf #6789 GCP: Remove the BYOH code #6771
AGENT-453 : Create interactive console service for agent installer #6756 OCPBUGS-5959 : bump RHCOS 4.13 bootimage metadata #6790 CORS-2469 : upi: Document removal of CPMS for UPI installation #6727 Bug 2070744 : Fix infinite loop error #6515 CORS-1558 : Add uninstall complete after destroy code #6572 AGENT-504 : Agent extract binary #6777 OCPBUGS-5182 : validate additional confidential VM types #6733 OCPBUGS-5461 : Allow NO_PROXY to contain IPs #6776 OCPBUGS-3253 : Warn if agent assets detected when using non-agent waitfor #6740 OCPBUGS-4654 : azure: upi: use Image Gallery in ARM templates #6684 OCPBUGS-5184 : azure: validate Windows-only VM types #6734 CORS-2449 : gcp: Set pre-created CPMS to Active state #6752 OCPBUGS-1612 : vsphere: set default resource pool when missing failure domain topology #6409 Generate the cloudproviderconfig manifests for integration of nutanix-ccm to OCP #6269
CORS-2405 : Create ControlPlaneMachineSet CRDs #6632 OCPBUGS-5734 : make VIP 168.63.129.16 noProxy in all clouds except Public #6761 OCPBUGS-1695 : Update FCOS to latest 37.20221127.3.0 stable #6487 OCPBUGS-5770 : CVE-2021-4238: goutils: update for randomness fix #6763 BUG 2110982: GCP skip public loadbalancer ip addresses #6755
AGENT-501 : Make it easier to change node zero IP and SERVICE_BASE_URL #6747 MGMT-12839 : Add Shielded VMs options to gcp mpool and TF #6698 OCPBUGS-5324 : CVE-2021-4235 go-yaml: Denial of Service in go-yaml #6741 OCPBUGS-881 : fail to create install-config.yaml as apiVIP and ingress VIP are not in machine networks #6469 SPLAT-901 : set default for variables that are deprecated by failure_domains #6750 OCPBUGS-1769 : Check for AWS STS installation before trying to get all IAM Roles #6666 GCP XPN: remove tech preview feature gate #6754
Expose Azure useImageGallery parameter in the MachineSets() call #6737
OCPBUGS-2088 : Validate that the rendevousIP is assigned to a master #6716 ARO-1796 : Update Azure SDK for go to v63.1.0+incompatible #6746 openstack: Revert Gophercloud workaround #6663
SPLAT-900 : provision VMs in to failure domains #6738 OCPBUGS-4874 : Remove order dependency for agent CLI string #6739 CORS-2449 : Create CPMS manifest #6695 OCPBUGS-2881 : Destroy the service and host project dns records #6534 Bug OCPBUGS-3921: OpenStack: fix bootstrap destroy cmd #6617
OCPBUGS-3706 : Improve error reporting from agent wait-for install-complete #6730 Better logic to derive vpcRegion/Zone from vpcName/Subnets #6665
update tested instance types on 4.12 #6731
Updating ose-baremetal-installer images to be consistent with ART #6678
OCPBUGS-5151 : baremetal: Extra time for provisioning interface #6729 OCPBUGS-3032 : Report status on the console immediately #6697 Updating ose-installer images to be consistent with ART #6675
OSASINFRA-3057 : openstack: Document Image Registry migration to Swift #6710 openstack: Rely on Go’s stdlib for errors #6656
Updating ose-installer-artifacts images to be consistent with ART #6693
cmd: update import of deprecated terminal package #6594
GCP: Tfvars will determine the user has create firewall permissions #6679
OCPBUGS-4941 : OpenStack: Force JSON content-type in Swift object listing #6707 PowerVS: Defer cancel when calling contextWithTimeout #6700
linter: fix issues since revision 75173a17cf #6712
OCPBUGS-2996 : bump RHCOS 4.13 bootimage metadata #6703 CORS-2340 : hack: replace deprecated go-lint #6601 OCPBUGS-3706 : Wait longer for baremetal #6688 Fix import order using the gci tool #6643
Switch back to gp2 ebs volume type for bootstrap instance #6692
OCPBUGS-2891 : aws: destroy: delete ELB listeners #6528 Consolidate loadsdk debug statements #6686
OWNERS_ALIASES: Remove lucab #6696
OCPBUGS-4549 : azure: replace deprecated AD Graph API #6614 Save rendezvous IP in a file ‘rendezvousIP’ alongside the ISO #6683
OCPBUGS-3987 : Check nmstateconfig content in agent-config.yaml #6674 CORS-2147 : Add documentation for the client certs authentication #6505 OCPBUGS-4367 : Fix missing debug messages when getting baseISO #6662 Use backoff functions in PowerVS destroy logic #6591
OCPBUGS-3032 : Report agent installation problems on the console #6544 OCPBUGS-3668 : fully qualified username must be provided #6596 OCPBUGS-1560 : vsphere zonal, terraform depends on ova import #6498 Agent integration tests proposal #6598
CORS-2291 : terraform: save logs to a file #6532 OCPBUGS-3196 : Set ip=dhcp,dhcp6 for master nodes on dualstack #6626 OCPBUGS-2130 : import ova resource cluster path fix #6519 OCPBUGS-2498 : ose-installer-container: vault: insufficient certificate revocation list checking #6493 Wait longer for VM to obtain IP from DHCP in PowerVS #6651
platformprovisioncheck: fix shadowing of err variable #6595
Alibaba: add the tags of the machine nodes #6535
Azure: use azidentity with adapter #6003
OCPBUGS-4125 : Enable CVO unmanage overrides in bootstrap-in-place installations #6649 openstack: Refactor TFVars generation #6465
Update OpenStack spec dependencies #6382
OCPBUGS-3164 : hold bootkube service until bootstrap has pivoted #6488 OCPBUGS-4355 : Fix return value from execute() #6646 OCPBUGS-4328 : images: updating images to be consistent with ART #6641 vSphere Zonal: validate dns and external load balancer #6612
GCP: remove private zone manipulation #6610
Replace deprecated io/ioutil package #6602
ibmcloud plugin “permission denied” #6627
Bug 2105570 : out-of-bounds read in golang.org/x/text/language leads to DoS #6389 OCPBUGS-3524 : data: azurerm: restore RHCOS SA access configuration #6583 OCPBUGS-3405 : Redact pull secret from agent-gather #6574 Adding aarch64 instance types for azure #6531
OCPBUGS-2931 : Azure Stack: use managed images for compute nodes #6540 OCPBUGS-3985 : Pass featureset to kas #6579 mv ibmcloud to /bin folder #6624
OCPBUGS-3278 : (Agent) Do not require host data in platform baremetal section in installconfig #6573 OCPBUGS-3277 : Restart create-cluster-and-infraenv.service if it fails #6577 OCPBUGS-3933 : OpenStack: Force JSON content-type in Swift #6615 add ibmcloud cli to image #6600
Update vSphere Owner files #6607
OCPBUGS-2384 : [Alibaba] fix the creation of public record #5671 docs: fix broken link to default kubelet.service taint #6593
OCPBUGS-3186 : IBMCloud: Confirm Zones and BYON Subnets #6553 OCPBUGS-3123 : Pass FeatureSet to cluster config render #6576 OCPBUGS-2738 : Uplift terraform-provider-ironic to 0.3.0 #6511 OCPBUGS-3382 : Fix cluster wide proxy #6571 OCPBUGS-3280 : Automatically retry install #6567 OCPBUGS-3304 : Always use first matching mirror in assisted-service #6563 OCPBUGS-2841 : (AGENT) only support amd64 archs #6546 OCPBUGS-3214 : Always add router CAs to kubeconfig, even if console is not available #6557 Update apiVersion for lso operator group #6558
OCPBUGS-2513 : Set PublicContainerRegistries for entries in mirror #6545 OCPBUGS-1627 : [vsphere-zones] Fix user folders #6412 OCPBUGS-1704 : gcp: fail during validation if service usage is not enabled #6516 OCPBUGS-3287 : agent ased installation fix for dual stack vips #6530 OCPBUGS-3096 : Static linking the terraform and providers binaries #6548 OCPBUGS-2911 : Use project after creation #6552 OCPBUGS-3110 : azure: Fix client certs authentication #6527 OCPBUGS-2847 : GCP XPN Featuregates #6522 OCPBUGS-2758 : Provide datastore as full path #6547 Bug 2074299 : update golang.org/x/crypto to address security vulnerabilities #6388 OCPBUGS-2966 : Add GCP CreateFirewallRules to tech preview #6533 OCPBUGS-1791 : add bootstrap configmap during the SNO reboot #6521 OCPBUGS-2290 : Power VS Check for existing DNS permitted network and public gateway #6481 Add linux/arm64 binary to installer-artifacts #6514
OCPBUGS-1033 : support multiple documents in the same extra manifest file #6492 OCPBUGS-3018 : Use result from List function after checking error #6541 OCPBUGS-2144 : Azure: Set appropriate architecture for gen v1 image #6517 go-fmt: apply formatting with golang 1.19 #6497
OCPBUGS-2895 : Azure: Fix DiskEncryptionSet regex validation #6513 Full changelog
OCPBUGS-35475 : Remove some of newapp unit tests relying on external deprecated images #1802 OCPBUGS-35447 : bump go-git to 5.11.0 #1799 OCPBUGS-30287 : oc adm catalog mirror: use ToSlash and FromSlash to unify the path separators #1699 OCPBUGS-25983 : Remove deprecated password defaulting in default config flag #1646 OCPBUGS-24197 : Add client version in must-gather summary #1607 OCPBUGS-24460 : Overwrite template’s namespace with the explicit one #1616 OCPBUGS-22702 : Reflect container’s exit code for long running tasks not attached to terminal #1592 OCPBUGS-20508 : regeneratemco: explicitly check for PlatformStatus field #1573 OCPBUGS-20527 : Set ImportPolicy to PreserveOriginal to honor –keep-manifest-list when mirroring a payload to an image stream #1574 OCPBUGS-21611 : Bump golang.org/x/net to v0.17.0 #1579 OCPBUGS-20258 : Updating excluded list of unsupported oc adm commands in MicroShift #1561 OCPBUGS-20269 : Use quay redis image instead docker mysql #1562 OCPBUGS-17925 : pkg/cli/admin/prune/images: omit not found error for deployment configs #1530 OCPBUGS-17253 : Bump go x/net library to 0.13.0 #1529 OTA-559 : Revert “Revert “pkg/cli/admin/release/extract: Add –included and –install-config”” #1528 OCPBUGS-17711 : Revert “pkg/cli/admin/release/extract: Add –included and –install-config” #1527 Update openshift/api #1525
OTA-559 : pkg/cli/admin/release/extract: Add –included and –install-config #1521 Stop using deprecated github.com/docker/docker go APIs #1514
OCPBUGS-16735 : Truncate existing files when writing from inspect #1520 introduce plugin and plugin shadowing tests for oc #1424
pkg/cli/admin/upgrade: Newlines after –allow-upgrade-with-warnings errors #1519
Add profiling functionality and flags in oc #1516
Fix typo in /var/log folder #1517
login: improve usage message for –web option #1513
Bump k8s packages to 1.27.4 #1515
OTA-994 : pkg/cli/admin/release/extract: Centralize manifest extraction #1404 OCPBUGS-16009 : reboot: set ignition version to 3.1 #1499 Add tls-server-name when property exists in kubeconfig #1456
OCPBUGS-15776 : mcs cert: account for environments that use IP directly #1497 OCPNODE-1656 : oc release info: Introduce –idms-file and deprecate –icsp-file #1465 AUTH-355 : Add OAuth2 Authorization Code Grant Flow for login #1402 upgrade distribution No 2 #1495
WRKLDS-700 : bump(k8s) to v1.27.2 #1420 OCPBUGS-15012 : oc image extract: idms-file flag map to IDMSFile field #1464 Correct incorrect command in observe command #1419
Clarify the use of the filter without keep-manifest-list #1414
OCPBUGS-10612 : make registry auth prefence default to podman config locations #1376 handle the error case of node retrieval while waiting for reboot #1482
Fix the output of error prompt #1433
pkg/cli/admin/upgrade: Surface Recommended=Unknown more prominently #1442
pkg/cli/admin/upgrade: Add post-period to space to some error messages #1330
Wait for reboot #1473
tweak output format #1471
OCPNODE-1580 : Add –print-mirror-instructions to oc adm release mirror to allow idms instructions #1341 add reboot-nodes #1468
Trust check #1469
fix directories for consistency #1467
ocpcertificates: add ability to rotate MCS CA/cert #1450
OCPNODE-1656 : oc image extract: Introduce IDMS as alternative source #1426 pernodepod: percent works like this #1463
ocpcertificates: don’t make assumptions on resources not to bring pip… #1462
allow running a command while the kubelet is off #1459
add command to create new bootstrap kubeconfig for kubelet #1458
ocpcertificates: fix handling resources by names explicitly + other cosmetic fixes #1460
tweaks needed for wait #1455
Add a command to remove older trust #1447
create command to create new adminkubeconfig #1452
add a command to copy content to every node #1454
Minor updates to CLI help text #1453
add command for regenerating OCP leaf certs #1443
add a new command to wait for all clusteroperators to go stable #1444
add command to produce an updated CA bundle for trusting the kube-apiserver #1446
add printing for new revisions #1445
add oc adm ocp-certificates regenerate-top-level #1439
OCPBUGS-11652 : Extend adm node-logs to new API #1403 OCPBUGS-12793 : adds a mapping for exposed ports to DockerConfig when manifest listed #1415 OCPBUGS-14340 : Name containers w/‘multi’ when mirroring a multi release image #1423 OCPBUGS-11123 : oc adm groups sync: all groups: print warning before caching #1436 OCPBUGS-11632 : Skip invalid events yamls and continue #1429 OCPBUGS-14082 : Remove closed centos7 registry from newapp unit tests #1430 OCPBUGS-12901 : preserve explicit release image in ClusterVersion #1416 OCPBUGS-11123 : oc adm groups sync: fix the annotation key #1427 OCPBUGS-11123 : oc adm groups sync: print a warning when two or more groups are mapped to the same ldap uid #1425 OCPBUGS-13355 : Use RequestToken functions from library-go #991 OCPBUGS-11632 : Improve error log messages in event filtering #1417 OCPBUGS-12143 : oc login: unwrap tls.CertificateVerificationError to use x509 errors #1406 pkg/cli/admin/upgrade: Clarify client-side vs. server-side docs #1181
replace trimLeft with trimPrefix #1400
Support OCI manifest lists in image mirror #1362
OCPBUGS-8004 : Fix bug when recreating an index with fewer images #1335 adm catalog mirror update example to idms #1401
OCPBUGS-10843 : oc debug unique pod name #1393 adm catalog mirror generates idms manifest #1389
OCPBUGS-1115 : Use linux/arch when user’s OS isn’t in manifests #1311 Remove already deprecated adm create-kubeconfig command #1367
append: expose keep-manifest-list option and preserve manifestlist when appending to specific arch images #1361
Updating ose-tools images to be consistent with ART #1369
OCPBUGS-8048 : pkg/cli/admin/upgrade: Client-side checks for –to-multi-arch #1359 IR-300 , IR-301 : generates ImageStreamTags with import-mode when using oc new-build and oc-new-app #1353 OCPBUGS-10879 : Fix deprecated oc command suggestion #1390 Exclude irrelevant commands from MicroShift documentation #1375
Test Fix: Allow submodule using file transport with newer git #1378
Updating openshift-enterprise-deployer images to be consistent with ART #1368
Updating openshift-enterprise-cli images to be consistent with ART #1364
OCPBUGS-3393 : Always copy the blobs if the target isn’t a registry #1355 Updating ose-cli-artifacts images to be consistent with ART #1370
OCPBUGS-1117 : The architecture of oc in the cli-artifacts’ /usr/bin folder should to the one of the built image #1374 OCPBUGS-10622 : bump repo sclorg/s2i-ruby-container location for newapp test #1377 Add microshift into generate-docs #1365
OCPBUGS-5949 : Add subrepository support for ICSP #1350 Microshift command docs #1357
Do not set master node selector if there’s no masters #1347
OCPBUGS-7190 : Reuse LDAP connection when performing group sync #1336 Adding CommitDate to the Changelog json output #1348
OCPBUGS-7780 : pkg/cli/admin/upgrade/channel: Use PATCH instead of POST for spec updates #1346 Use registry.k8s.io and update image version #1343
Add icsp file convert command #1238
OWNERS_ALIASES: Update approvers: add David, remove Jack #1340
oc debug: Use own fields instead directly depending on Attach’s #1337
Updating ose-tools images to be consistent with ART #1308
WRKLDS-594 : Bump to v1.26.1 #1329 OCPBUGS-3473 : oc adm release new: allow specifying crio and kernel versions #1287 OCPBUGS-6011 : Fix kube version from 1.24.1 to 1.25.2 #1325 Removing unwanted character from changelog output #1326
WRKLDS-629 : release run-namspace functionality #1322 OCPBUGS-5010 : Remove must-gather pod after it completes when explicit namespace is used #1320 Enable Changelog to output in JSON #1321
IR-261 : Add –import-mode to ‘tag’ #1312 IR-260 : Add CLI flag to set ImportMode when importing a tag #1289 OCPBUGS-4906 : oc process: Set original namespace if it differs #1318 Updating ose-cli-artifacts images to be consistent with ART #1309
Update errors when debug pod fails #1314
Expose events command to land k8s 1.26 #1315
handle admission webhook lists and CRD conversion webhooks #1301
OTA-818 : pkg/cli/admin/upgrade: Support –to-multi-arch per OTA-818 #1285 WRKLDS-629 : oc adm must-gather: unhidden –run-namespace flag #1313 FDN-112 : Parse any jira reference from commit text, not just OCPBUGS #1306 IR-266 : Add image manifests to ‘describe image’ #1310 Updating openshift-enterprise-deployer images to be consistent with ART #1307
Handle non-amd64 command pulls from amd64 payload #1259
OCPBUGS-4517 : oc adm release: Support extracting commands in specified architectures #1305 Rename registry.svc.ci.openshift.org to registry.ci.openshift.org #1304
OCPBUGS-3526 : Proceed archive if Lsetxattr gets unsupported error #1296 Updating openshift-enterprise-cli images to be consistent with ART #1302
OCPBUGS-4280 : oc import-image: reflect import image error #1300 pkg/cli/admin/release/info: Render multi-arch release information #1292
pkg/cli/admin/upgrade: Drop “force” from “No updates available” #1291
OCPBUGS-3714 : pkg/cli/admin/upgrade: Report on Failing!=False conditions #900 switch the deployer pod to use apply client to avoid conflicts #1288
release: extract linux/arm64 binaries from all payloads #1276
go.mod: update github.com/containers/image #1278
Promote ardaguclu to oc approver #1280
Full changelog
OCPBUGS-53418 : github.com/golang/glog v1.2.4 #845 OCPBUGS-53819 : update github.com/golang-jwt/jwt #841 OCPBUGS-51542 : Ignore SNYK-GOLANG-GOLANGORGXOAUTH2JWS-8749594 due to not being affected #830 OCPBUGS-47069 : golang.org/x/net v0.33.0 #810 OCPBUGS-46487 : Add AWS region to aws-pod-identity-webhook #801 OCPBUGS-45009 : Add retry to ccoctl gcp create functions #791 OCPBUGS-45004 : github.com/golang-jwt/jwt/v4 v4.5.1 #785 OCPBUGS-43647 : Only attempt timed token credentials on supported platforms. #775 OCPBUGS-43339 : Update github.com/sirupsen/logrus v1.9.3 #769 OCPBUGS-41236 : List secrets in batches to avoid api timeout #755 OCPBUGS-38378 : Update google.golang.org/grpc v1.65.0 #750 OCPBUGS-37823 : GCP passthrough permissions check to ignore problematic permissions. #741 OCPBUGS-37062 : Update cloud.google.com/go/storage v1.43.0 #742 OCPBUGS-37420 : SNYK ignore go-client misreporting #739 OCPBUGS-37276 : Update to azidentity v1.7.0 #732 OCPBUGS-36029 : IBM/go-sdk-core update to v5.17.4 #721 OCPBUGS-36716 : AWS STS should not error when a credentailsRequest does not have awsSTSIAMRoleARN #713 OCPBUGS-32899 : Upgrade go-jose module to 2.6.3 #697 OCPBUGS-29156 : Fix the ClusterOperator watch of the status controller #676 OCPBUGS-28231 : Guard upgrading GCP from 4.14 to 4.15 without RoleAdmin permissions #670 OCPBUGS-29199 : ccoctl - use proxy when validating CloudFront URL #678 OCPBUGS-27911 : Resolve all outstanding snyk vulnerabilities #650 OCPBUGS-28382 : Use cached clients to avoid client side throttling #666 OCPBUGS-27515 : Write manifests when AWS IAM roles already exist. #659 OCPBUGS-26512 : Use live client for metrics #647 OCPBUGS-25275 : Azure Workload Identity info in CredsRequests creates a Secret #643 OCPBUGS-24346 : Discover AWS dns suffix from partition and region. #635 OCPBUGS-23986 : Use per-project custom roles instead of per-cluster custom roles #631 OCPBUGS-23426 : Explicitly set the vsphere secret credential data on sync. #629 OCPBUGS-21388 : Upgrade golang/x/net for CVE-2023-39325 #622 NO-ISSUE: Removing andrew from OWNERS #617
snyk: exclude vendor/ #615
OCPBUGS-22651 : explicitly set azure oidc bucket to allow public blob access #612 OCPBUGS-21926 : azure create-managed-identites to add cloud controller manager to network resource group #608 OCPBUGS-19865 : Add networkResourceGroupName parameter for Azure #602 OCPBUGS-17719 : Double timeout delays for managed identity creation and role assignment from 2 to 4 minutes. #591 pkg/aws/actuator: Drop comment which suggested passthrough permission verification #590
CCO-363 : Adding azure identity webhook #559 OCPBUGS-16684 : Set cr.status.provisioned=false on syncErr path #583 OCPBUGS-17049 : update lastSyncGeneration in STS flow sync success #585 Revert “CCO-401: Add azure-workload-identity-webhook to image references.” #588
CCO-401 : Add azure-workload-identity-webhook to image references. #586 CCO-413 : Add dataPermissions to Azure credentials request. #584 CCO-402 : Create Azure AD pod identity webhook config secret manifest in create-all,create-oidc-issuer #573 OCPCLOUD-2012 : ccoctl: Plumb credreq.spec.cloudTokenPath override into Azure secret creation #580 OCPBUGS-16807 : ccoctl azure exit with error when OIDC and installation resource group names are the same #582 OCPCLOUD-2012 : ccoctl: Add –enable-tech-preview arg to azure create-all subcommand. #581 OCPBUGS-16614 : *: stop checking for the STS feature gate #579 Add DOCKER_CMD Makefile var to use podman when found. #577
OCPBUGS-16614 : go.mod: re-vendor openshift/api #578 CCO-233 : Add Azure AD Workload Identity doc. #566 *: use a global codec #576
OCPBUGS-16313 : pkg/operator: correctly fetch CA for AWS minter #575 OCPBUGS-16334 : Clarify updateActuatorConditions & update lastSync #568 OCPBUGS-16313 : manifests: allow list/watch globally on our config configmap #572 CCO-388 : manifests: add cloudcredentials.operator.openshift.io to HCP #571 Revert “manifests: manually amend resources that get laid down by CVO in HCP” #570
OCPBUGS-15365 : manifests: fix rbac #567 OCPBUGS-15906 : ccoctl azure delete to also delete role assignments #564 OCPBUGS-16088 : Adds [default] section header to STS Secrets #565 OCPBUGS-16036 : Set status on CR properly when STS provisioned #562 Revert “Merge pull request #398 from csrwng/exclude_config_ibmcloud” #561
OCPBUGS-15365 : *: use correct clients in the secretannotator #563 OCPBUGS-15365 : *: use a filtered LIST + WATCH on Secrets for AWS STS #545 reconcile status when the clusteroperator changes #560
CCO-353 : ccoctl to create azure custom roles #556 CCO-394 : Do not Add PodIdentityWebhook controller when InfraStatus.ControlPlaneToplogy is External. #547 CCO-366 Add ability to detect AWS STS and behave accordingly #542
Implement ccoctl command to create infrastructure required for Azure workload identity #523
PORTENABLE-526 : operator: use a partial metadata watch for Namespaces #546 manager: filter the cache of configmaps #544
Bump to go 1.20 in go.mod #536
OCPBUGS-13549 : Determine AWS partition based on region for readOnlyAnonUserPolicyTemplate bucket ARN. #537 Add a make target and stub for actuator e2e tests #535
Updating ose-cloud-credential-operator images to be consistent with ART #534
Updating ose-cloud-credential-operator images to be consistent with ART #533
Updating ose-cloud-credential-operator images to be consistent with ART #532
OCPBUGS-11671 : ccoctl: Enable public anon read access to default OIDC S3 bucket #526 Updating ose-cloud-credential-operator images to be consistent with ART #521
OCPBUGS-8666 : Correct pod-identity-webhook annotations for PreferredDuringScheduling. #522 SPLAT-950 : doc/aws-sts : steps to migrate from public bucket to private issuer URL #515 OCPBUGS-8666 : feat: add workload annotation to pod identity webhook deployment #520 Upgrade build-machinery-go: make vulncheck #519
Bump golang.org/x/net from v0.5.0 to v0.7.0 #517
OCPBUGS-6370 : Bump k8s dependencies from v0.25.3 to v0.26.1 #511 Add lleshchi to OWNERS file #513
OCPBUGS-6977 : Set pod identity webhook replicas=1 when infrastructure topology is SingleReplica #512 Make pod-identity-webhook deployment HA by default #492
OWNERS: add jstuever #510
azure: move away from ADAL and AD Graph #502
Updating ose-cloud-credential-operator images to be consistent with ART #509
Full changelog
OCPBUGS-34197 : Avoid panic when looking up attachedOutboundRule.ID in azure #147 OCPBUGS-32112 : Avoid nil pointer panic while assigning private IP on Azure #138 OCPBUGS-21785 : Azure: skip backend pool if attached to an outbound rule #125 OCPBUGS-17151 : AWS: Skipping Unusable Network Interfaces #120 OCPBUGS-15805 : Azure: Handle already existing IP configurations #115 CCO-356 : Add support for Azure workload identity tokens #102 SDN-3902 : Maintenance #111 OCPBUGS-13140 : increase GCP egress ip capacity to 100 from 10 #110 OCPBUGS-12566 : CVE-2022-41723 golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding #107 Updating ose-cloud-network-config-controller images to be consistent with ART #104
OCPBUGS-11187 : sync CloudPrivateIpConfig when node is missing #103 Updating ose-cloud-network-config-controller images to be consistent with ART #98
OCPBUGS-10526 : pull project name from subnet uri #100 Bump CI image #99
Add MovePrivateIP and its OpenStack implementation #95
Kube 1.26 rebase for cloud-network-config-controller #97
OpenStack: Fix race condition in TestGetNodeEgressIPConfiguration #96
azure: use azidentity with an adapter #70
Add ApplicationSecurityGroups to InterfaceIPConfiguration #91
Fix typos in README.md #90
OCPBUGS-4724 : OpenStack: Support multi AZ environments #87 Updating ose-cloud-network-config-controller images to be consistent with ART #86
OCPBUGS-3993 : OpenStack: Only return egressIPConfiguration for first InternalIP #77 Fix azure log message for assigning and releasing an IP #76
OCPBUGS-1430 : Add assigned egress ips into capacity #69 Full changelog
OCPBUGS-31976 : Update x/net to v0.25.0 #322 OCPBUGS-25749 : Add Snyk file to exclude vendor directory on scan #308 OCPBUGS-20789 : Bump x/net package to v0.17.0 #298 OCPBUGS-20038 : Ensure status reporter caches exit if they don’t sync #292 OCPBUGS-19496 : cluster-autoscaler-operator: clusterrole add clusteroperators watch #288 OCPBUGS-19697 : Provide the architecture of the control plane as argument to –scale-up-from-zero-default-arch #290 OCPBUGS-18278 : Address long acquire times during upgrade #281 OCPBUGS-18338 : Fix CI by running tests natively by default #282 Reconcile when external process change the clusteroperator status #279
OCPBUGS-14356 : add nutanix labels that should be ignored #275 CNF-5642 make operator optional #269
OCPCLOUD-2061 : Rebase dependencies to k8s 1.27 #274 Updating ose-cluster-autoscaler-operator images to be consistent with ART #273
OCPBUGS-10105 : Updating ose-cluster-autoscaler-operator images to be consistent with ART #271 Bug 1943194 : update GPU resource limits type to have validation #268 Update OWNERS #270
revert GPU label changes from pr 223 #267
: Update tooling in Cluster Autoscaler Operator #266
Add infrastructures resource to config.openshift.io #265
Allow infrastructures.config.openshift.io to be listed #264
Register configv1 types to schemes #262
Updating ose-cluster-autoscaler-operator images to be consistent with ART #259
: Update CAO to ignore platform related zone labels #260
Update OWNERS #261
: Set default container for operator #258
Add client certificate and key to service monitor #249
Full changelog
OCPBUGS-34556 : update azure and ash tolerations on node manager #347 OCPBUGS-26548 : Adds CloudConfigTransformer for Azure #321 OCPBUGS-21189 : Bump golang.org/x/net to v0.18.0 #295 OCPBUGS-20552 : apply necessary RBAC for the alibaba cloud controller manager #289 OCPBUGS-19790 : Additional permissions for internal load balancer on STS #288 OCPBUGS-19849 : Set dual-stack IPFamilyPriority for vSphere #283 OCPBUGS-19790 : Ensure subnets read permission for granular roles #282 OCPCLOUD-2013 : Move Azure Credentials Request to custom role #274 OCPCLOUD-2149 : Azure: CCM and node manager to use provided credentials instead of MSI. #268 OCPBUGS-15154 : Prune provider permissions post move to use-service-account-credentials #259 OpenStack: Enable manage-security-groups by default #264
OpenStack: Extend owners #266
OpenStack: Set max-shared-lb to disable the feature #263
OCPBUGS-16690 : Allow all NoSchedule taints for Azure CNM DaemonSet #267 OpenStack: Remove use-octavia from config #262
OPNET-319 : Pass feature gates to vSphere and OpenStack providers #256 OCPBUGS-14425 : Alibaba platforms should not be upgreadable #257 CCO-324 , CCO-325 : add support for workload identity #245 OCPCLOUD-2010 : Re-vendor api and library-go for external platform support #253 OCPCLOUD-2052 : Rebase to 1.27 #252 OCPBUGS-13547 : [OCPCLOUD-2034] Update feature gate observation to use featuregateaccess #249 OCPBUGS-12635 : fix: add workload annotation to deployments #248 OCPBUGS-11284 : Add beta topology labels flag to Azure cloud node manager #240 Updating ose-cluster-cloud-controller-manager-operator images to be consistent with ART #244
Update golangci-lint package to 1.52.2 #246
Revert azure out of tree provider change #242
OCPBUGS-8694 , OCPCLOUD-1779 : Set missed operator status in case of the ‘External’ platform type encountered #233 Reset library-go to openshift fork #234
OCPBUGS-10138 : Updating ose-cluster-cloud-controller-manager-operator images to be consistent with ART #235 OCPBUGS-8530 : add rbac permission for Nutanix CCM manager #236 Update library-go dependency to move Azure to out of tree #231
Update library-go dependency to move AWS to out of tree #232
OCPCLOUD-1779 : Prevent operator to provision operands if platform is set to ‘External’ #230 OCPBUGS-5036 : Restart pods if related configuration was changed #227 : Update k8s packages to 1.26 #225
Update OWNERS #226
vSphere: If only one failuredomain do not config labels #224
: Modernize tooling #221
OCPBUGS-6658 : Clear useManagedIdentityExtension if it’s set #223 Replace YAML parse failure warning with info message #222
Integrate ccm-nutanix to OCP via CCCMO #201
OCPCLOUD-1817 : vSphere cloud-config yaml converter #218 Fixup go modules after library-go update #219
Update library-go dependency to move vSphere to out of tree #214
Change verbosity level for some logs #215
OCPCLOUD-1807 : Port to ginkgo v2 #210 Update OWNERS #211
OCPBUGS-4074 : Try to limit groups for the REST mapper discovery #207 Updating ose-cluster-cloud-controller-manager-operator images to be consistent with ART #209
: Set default container for operator #208
Full changelog
OCPBUGS-44095 : Backport SDN live migration #425 OCPBUGS-28649 : Add required PSa labels #403 NO-JIRA: add inert featuregate files to allow diff against later releases #398
OCPBUGS-21653 : Update openshift/api package to latest version #371 : OCPBUGS-21286: bump library-go to include switch to HTTP/1.1 #369
OCPBUGS-20439 : Remove Build CRD #363 OCPBUGS-16726 : psa - move into tech preview for 4.14 #354 Revert “Bump to enable ValidatingAdmissionPolicy in tech preview.” #346
Bump to enable ValidatingAdmissionPolicy in tech preview. #343
Bump openshift/api to add ValidatingAdmissionPolicy feature gate. #340
OCPVE-626 : bump(openshift/api@master) #341 CFE-689 : Update openshift/api package to latest version #335 OCPBUGS-16614 : go.mod: bump openshift/api #338 OCPBUGS-16614 : go.mod: update openshift/api #334 OCPBUGS-16507 : bump sigs.k8s.io/kube-storage-version-migrator #333 OCPCLOUD-2010 : Remove feature gate for external platform #331 SDN-4024 : Vendor openshift/api to get ANP feature-gate changes #330 Promote privateHostedZoneAWS from Tech Preview to Default #328
Update openshift/api #327
OCPBUGS-13547 : Promote Azure CCM from TPNU to default #307 OCPBUGS-15877 : go upgradeable=false when latencysensitive is used and not corrected #325 Enable feature gate for externalCertificate on Route API #326
stomp the latencysensitive featureset for equivalent default #324
WRKLDS-757 : Sync with openshift/api to drop MatchLabelKeysInPodTopologySpread from TechPreviewNoUpgrade #322 SPLAT-1099 : bump openshift/api for vSphere static IP feature gate and platform spec #323 remove dead flag for file #309
Changes to move to api@2d36f53 #321
OCPBUGS-12767 : Add CustomNoUpgrade CRD versions to payload #320 OCPCLOUD-2010 : Re-vendor api to support external platform #306 Update openshift/api to disable EventedPLEG featuregate in techpreview #317
update openshift/api for types and gates #316
Update github.com/openshift/api to pull in evented pleg and sigstore feature flags #312
Update github.com/openshift/api to pull in feature gates #311
OCPBUGS-6266 : Rename config-operator_00_namespace run level to 00 #303 Update library-go dependency #305
Add JoelSpeed to owners #302
Update API and library-go #301
Require consistency in rendered artifacts #299
specify all known featureGates in disabled #297
update render to handle directories of manifests #295
adjust to refined openshift/api types #296
update ordering and featuregates #294
add featuregate status #288
Updating ose-cluster-config-operator images to be consistent with ART #287
OCPBUGS-10037 : update openshift/api to get new apiserver schema #289 update openshift/api to get new techprevew apiserver schema #286
CFE-601 : Update openshift/api package version #279 OSASINFRA-3097 : update openshift/api to get External LB fields #278 OCPBUGS-6185 : Update go version and ART images #280 OCPBUGS-4207 : Revert “Increase verbosity level to track probe timeouts” #274 Update go.mod api,client-go to register crd #270
OCPBUGS-3123 : add –feature-set option to render options #271 Full changelog
OCPBUGS-48211 : Add unreadyNodeGracePeriod for allowing brief node hiccups #340 CFE-1087 : API Bump for capacity Reservation #319 OCPBUGS-35520 : Wait for ControlPlaneMachineSet to be created when waiting for it to be updated #309 OCPBUGS-35338 : Improved debugging of API listing errors #303 OCPBUGS-30014 : Never delete a Machine when there’s a single Machine in an index #283 OCPBUGS-20566 : webhooks: set min version TLS 1.2 + exclude weak ciphersuites #254 OCPBUGS-21384 : Bump golang.org/x/net to v0.17.0 #256 OCPBUGS-20408 : fix: e2e: add gcp custom type to test framework #247 OCPBUGS-18056 : Address long acquire times during upgrade #237 OCPBUGS-18013 : Enhance wehbooks to dry run machine creation to validate provider spec #230 Revert “OCPCLOUD-2130: Add subnet to Azure FD, fix for optional fields in FD” #233
OCPCLOUD-2130 : Add subnet to Azure FD, fix for optional fields in FD #229 test/e2e: override RootVolume.VolumeType to “” #232
openstack: volumeType is now required #231
manifests: Shift from run level 31 to 30 #227
vendoring: update openshift/api #226
e2e: OpenStack CPMS created automatically #224
OSASINFRA-3180 : openstack: volume type in failure domain #217 Bump openshift/api package #223
OSASINFRA-3133 : OpenStack support #195 OCPBUGS-15338 : Fix flaking machine mapping testing #220 add capability annotation #205
OCPBUGS-15308 : Fix lint issue #221 docs: Off-by-one error #201
OCPCLOUD-2016 : Surface cpms vs machine diff #180 OCPBUGS-13205 : Check for unknown fields in the provider spec #214 Add Nutanix support for CPMSO #200
OCPCLOUD-2042 : Update dependencies to K8s v1.27, go v1.20 #213 OCPBUGS-7516 : fix double machine creation on stale cache #207 OCPBUGS-12110 : Updating ose-cluster-control-plane-machine-set-operator images to be consistent with ART #202 OCPBUGS-12769 : Update golangci-lint package to 1.52.2 #203 OCPBUGS-12240 : Run make crds-sync #199 OCPBUGS-7921 : Prioritise machine mapping over alphabetical mapping #196 Inject a failure domain into a dry-run created machine #191
OCPBUGS-11369 : E2E periodics test timeout failures improvement #179 OCPBUGS-11389 : Use PlatformStatus instead of PlatformSpec to determine platform #185 OCPBUGS-2960 : Check ProviderSpec before generating MachineInfo #175 OCPBUGS-11142 : controlplanemachineset: start watching control plane nodes #182 Updating ose-cluster-control-plane-machine-set-operator images to be consistent with ART #176
OCPBUGS-10032 : updates: manually requeue when waiting for replicas being ready #177 OCPBUGS-7989 : machine’s node must be ready for CPMS machine to be ready #171 OCPCLOUD-1990 : Update supported platforms in docs #172 e2e: periodics: remove test with cluster-wide-proxy #170
Update ginkgo to 2.8.1 #169
Update OWNERS #168
Migrate test utils to actuator-pkg repository #159
OCPCLOUD-1869 : Bump k8s 1.26, go 1.19 #164 OCPBUGS-6760 : webhooks: disable mandatory TargetPools validation on GCP #165 golangci-lint: fix header year linting #162
OCPCLOUD-1740 : e2e periodic test: machine replacement with cluster wide proxy #156 OCPBUGS-996 : Reverts “Reverts “Add logic to handle extra updated machines in a single index + minor fixes”” #112 Add testing strategy documentation #155
Updating ose-cluster-control-plane-machine-set-operator images to be consistent with ART #150
Update OWNERS #154
OCPCLOUD-1753 : integration: rollingUpdate: test rebalances machines across failure domains #153 OCPCLOUD-1752 : integration: rollingUpdate: test replaces a not needing update, deleted Machine #152 OCPBUGS-4297 : Fix stale cache issue on createMachine #149 OCPCLOUD-1798 : e2e test: remove common test, unnecessary presubmit aftereach #148 OCPCLOUD-1744 : e2e presubmit: update to newest machine triggers inactive ControlPlaneMachineSet regeneration #147 Check OnDelete strategy rebalances machines #146
OCPCLOUD-1750 : e2e presubmit test: activating ControlPlaneMachineSet adds owner references #145 Add integration test for fulling rolling update replacement #140
OCPCLOUD-1746 : e2e presubmit test: activating ControlPlaneMachineSet doesn’t cause rollout #143 Increase unit test timeout to 10m #144
Check on delete strategy correctly replaces machines #139
Ensure stable output from RunCheckUntil #142
OCPCLOUD-1742 : e2e presubmit tests: generated ControlPlaneMachineSet replicas updated #141 OCPCLOUD-1741 : e2e presubmit tests: ControlPlaneMachineSet uninstall #138 Check OnDelete strategy updates status #137
: Ensure CPMS tests work on GCP #135
: Generate CPMS for GCP #133
: Enable CPMS for GCP #132
Add support for Azure e2e tests #131
Add RollingUpdate presubmit to test replacement of outdated machine #129
OCPBUGS-3320 : Deduplicate Failure Domains for the CPMS #130 Add full veritcal scaling rolling update periodic test #127
Azure: Generate ControlPlaneMachineSet for clusters t… #128
Set up basic E2E test framework #126
Full changelog
OCPBUGS-51312 : ensure that storage names don’t end in dashes #1185 OCPBUGS-44048 : fix proxy config and leader election test flakes #1153 OCPBUGS-44002 : Continuous pull-secret updates / slow initialization on build01 (test platform infrastructure) #1152 OCPBUGS-42935 : azureclient: stop validating credentials when creating the client #1137 OCPBUGS-39100 : Avoid Shared Access Key usage for Azure Storage Account when using Managed Identity based auth #1114 OCPBUGS-36035 : go.*,vendor: bump go-retryablehttp #1069 OCPBUGS-33147 : azure-path-fix: get client secret from k8s secret #1058 OCPBUGS-34668 : pkg/storage/s3: use force path style in favour of virtual hosted style config #1051 OCPBUGS-33409 : azurepathfix: check if platform status is nil before accessing it #1033 OCPBUGS-32450 : azure-path-fix: support auth via account key (without clientID) #1023 OCPBUGS-31857 : bump aws-sdk-go from v1.44 to v1.50 #1018 OCPBUGS-28989 : pkg/storage/s3: enable bucket key on encryption settings #995 OCPBUGS-29755 : azurepathfix: fix stack hub, government and workload identity setup #1005 OCPBUGS-29604 : move azure storage blobs from docker back into /docker #1001 OCPBUGS-22127 : increase storage account key cache expiration #941 OCPBUGS-20710 : mitigate effects of rapid reset #942 OCPBUGS-18794 : check if response is nil before using it #917 OCPVE-632 : add capability annotations to manifests #856 OCPBUGS-17882 : Add rbac permission IDMS, ITMS #891 TRT-1193 : Revert “IR-373: remove node-ca daemon” #899 CFE-846 : Add user defined tags to the GCP buckets created #873 IR-373 : remove node-ca daemon #867 build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.4 #877
build(deps): bump the k8s-dependencies group with 1 update #895
IR-363 : Update Azure Credentials Request manifest of the Cluster Image Registry Operator to use new API field for requesting permissions #890 build(deps): bump github.com/prometheus/common from 0.37.0 to 0.44.0 #878
CFE-682 : Add user defined labels to the GCP buckets created #872 CFE-682 : Update openshift/api package to latest version #887 IR-390 : Make a configmap for MCO to consume CAs #880 build(deps): bump github.com/aws/aws-sdk-go from 1.44.291 to 1.44.298 #879
build(deps): bump golang.org/x/net from 0.8.0 to 0.11.0 #871
build(deps): bump github.com/aliyun/aliyun-oss-go-sdk from 2.1.10+incompatible to 2.2.7+incompatible #869
.github/dependabot.yml: group certain dependencies #865
IR-389 : bump aws-sdk-go #860 .github: configure dependabot #861
IR-369 , IR-370 : support Azure workload identity #857 OCPBUGS-12132 : Updating ose-cluster-image-registry-operator images to be consistent with ART #854 Updating ose-cluster-image-registry-operator images to be consistent with ART #849
OCPBUGS-8224 : fix storage selection on IBM cloud #847 OCPBUGS-6797 : Add nil validation for IBM Cloud and Power VS infrastructure status in ibmcos #845 MULTIARCH-3212 : Use IBM COS as storage backend for PowerVS #843 OCPBUGS-6621 : bump aws-sdk-go #844 Add UserTags while creating Azure Storage Account #829
IR-341 : bump openshift/api #828 IR-270 : allow registry to create image objects #823 OCPBUGS-6175 : OpenStack: Add support for Proxy #833 IR-308 : Add support for External platform #825 OCPBUGS-4090 : swift: Retry connecting to OpenStack #819 IR-311 : storage: azure: use azidentity with an adapter #807 Bug 2065166 : Remove roles/iam.serviceAccountUser role #824 Updating ose-cluster-image-registry-operator images to be consistent with ART #821
IR-314 : Bump dependencies #816 Add config for golangci-lint and fix errors #820
hack/test-go.sh: generate coverage reports #818
OCPBUGS-3974 : check for nil pointer before dereferencing #814 Bug 2066388 : Add example for s3.regionEndpoint #815 OCPBUGS-2941 : Bump gophercloud #808 add myself to OWNERS #809
Full changelog
OCPBUGS-50662 : Increase waitForFallbackDegradedConditionTimeout #1807 OCPBUGS-31354 : add SNO control plane high cpu usage alert #1707 OCPBUGS-33930 : add a controller that reconciles SCCs’ volumes #1681 OCPBUGS-31506 : Add sno section to alert description #1658 OCPBUGS-31316 : add provider name to cluster_infrastructure_provider when external platform #1657 OCPBUGS-29722 : webhookcontroller: report when a webhook resource is missing a caBundle provided by the service-ca-operator #1650 OCPBUGS-29722 : webhookcontroller: report when a webhook resource is missing a caBundle provided by the service-ca-operator #1646 OCPBUGS-25384 : psa cluster fleet evaluation #1600 : OCPBUGS-24022: Add workload partitioning annotation #1590
: OCPBUGS-20898: bump library-go to include switch to HTTP/1.1 #1569
OCPBUGS-22718 : [release-4.14] OCPBUGS-20331: manifests: rename API performance dashboard #1570 OCPBUGS-19553 : Update static pod manifests perms #1556 OCPBUGS-19353 : manifests: don’t include recording rules when Console capability is not enabled #1551 OCPBUGS-10362 : revert dev cert rotation on 4.14 #1545 OCPBUGS-17436 : Unrevert 1536 and 1538. #1541 Reverts DynamicResourceAllocation enablement on techpreview #1540
OCPBUGS-17436 : Enable DynamicResourceAllocation API in kube-apiserver #1538 Set runtime-config in lockstep with feature-gates, if needed. #1536
bump(api) #1535
OCPBUGS-16511 : bump(*): vendor update #1529 OCPBUGS-16511 : remove dependency on typed prometheus client #1527 OCPBUGS-13635 : make webhook connection failure a warning in log #1526 OCPBUGS-15489 : manifests: add new PrometheusRule for recording rules #1521 certrotation: rotate kube-apiserver-to-kubelet-signer when 80% of validity is over #1523
OCPBUGS-13946 : do not use one second timeout when asserting a webhook connection #1510 OCPBUGS-14008 : Enable “send-retry-after-while-not-ready-once” on SNO #1500 update probes for best practices and consistency #1516
api_performance_dashboard: show apiserver_longrunning_requests metric #1518
allow greater timeout for etcd health check #1517
api_performance_dashboard: show apiserver_request_total instead of apiserver_dropped_requests #1520
OCPBUGS-8404 : pkg/operator/configobserver: check that the serving certificate refer… #1482 OCPBUGS-3986 : dashboard: use recording rules for most metrics #1484 OCPBUGS-14940 : api_performance_dashboard: show apiserver_longrunning_requests metric #1511 OCPBUGS-13946 : degraded_webhook.go x509: certificate signed by unknown authority #1503 OCPBUGS-14323 : Change manifest directory permissions #1505 OCPBUGS-13547 : Remove featureset flag and use only the manifest #1491 OCPBUGS-13303 : pkg/operator/startupmonitor: skip openshift-apiserver readiness check… #1492 OCPBUGS-14038 : Update APIRemovedInNextRelease alerts #1497 STOR-1263 : Bump k8s 1.27 #1469 read featureset from the manifests #1490
Read feature manifest #1488
Cover featuregate access errors in PSA configobserver unit tests. #1486
switch to featuregates via the API #1485
OCPBUGS-10831 : pod security: use v1 api #1481 OCPBUGS-11361 : Revert “Merge pull request #1474 from benluddy/oapi-bump” #1477 Bump dependency on openshift/api. #1474
Updating ose-cluster-kube-apiserver-operator images to be consistent with ART #1460
OCPBUGS-10713 : PSA Violation alert: add ocp_namespace label #1435 OCPBUGS-10039 : update openshift/api to include aesgcm provider in the default apiserver schema #1462 OCPBUGS-10577 : update apf configuration to use v1beta3 #1413 OCPBUGS-8711 : API-1509: Enable AES-GCM encryption #1449 OCPBUGS-8478 : Disable TestBoundTokenSignerController #1455 STOR-1051 : Allow CSI inline volumes in all SCCs #1434 WRKLDS-705 : Bump openshift/api to enable DynamicResourceAllocation through TechPreviewNoUpgrade #1447 bump(api) #1444
bump(*) #1442
Update OWNERS to remove/replace adambkaplan #1438
OCPBUGS-5873 : dashboard: use apiserver_storage_objects metric #1432 API-1520 : Update SLO alerts based on upstream improvements #1431 WRKLDS-649 : Guard pod set readiness probe endpoint explicitly #1437 update APIRemovedInNextRelease alerts #1436
OCPBUGS-6202 : Updating ose-cluster-kube-apiserver-operator images to be consistent with ART #1415 OCPBUGS-6258 : bump(k8s): 1.26.1 #1433 increase audit log size to contain an entire upgrade+e2e run #1430
OCPBUGS-3985 : enable pod security admission for techpreview #1403 OCPBUGS-272 : Remove duplicate find word in error msg for degraded webhook #1428 Fix typo in PodSecurityViolation alert’s description #1391
make the bootstrap kube-apiserver honor cluster-wide featuregates #1419
remove use of deprecated klog flags #1427
Revert “drop log-file flag removed in 1.26” #1425
make api team approver #1377
drop log-file flag removed in 1.26 #1420
bump(api) #1418
Drop flags removed in k8s 1.26 #1417
OCPBUGS-3041 : guard controller: set an explicit hostname to avoid name collisions #1410 STOR-829 : Enable CSIInlineVolumeSecurity admission plugin #1385 OCPBUGS-3985 : update for featureset rendering #1409 OCPBUGS-3929 : update apf configuration to use v1beta2 #1408 bootstrap-kube-apiserver: specify resources.requests #1398
OCPBUGS-1601 : CVE-2022-3259: enable HSTS for kube-apiserver #1392 Bug 2100429 : Allow ephemeral volumes in all SCCs #1380 Full changelog
OCPBUGS-28247 : Remove “include.release.openshift.io/ibm-cloud-managed:” annotation #791 OCPBUGS-27063 : bump(library-go)=release-4.14 #787 OCPBUGS-21088 : Bump deps to address CVE-2023-44487 [4.14] #764 OCPBUGS-21088 : Bump deps to address CVE-2023-44487 #756 OCPBUGS-19553 : Update static pod manifests perms #749 add roles for the new privileged namespaces PSa syncer controller #743
OCPBUGS-15256 : Sync openshift/api to reduce installerpod configmap based file permissions to 0600 #740 OCPCLOUD-2010 : Re-vendor api and library-go for external platform support #736 OCPBUGS-14323 : Change manifest directory permissions #739 OCPBUGS-13579 : remove RBAC for cluster-policy-controller CM leader election #738 OCPBUGS-13579 : Drop flags removed in k8s 1.26 #737 Remove featureset flag and use only the manifest #735
Update cloud provider tests with feature gate changes #731
STOR-1263 : Bump k8s 1.27 #713 Read feature manifest #733
Restricted featuregate reader #732
use new featuregate API #730
OCPBUGS-12709 : Reset library-go branch after Azure revert #729 OCPBUGS-12133 : Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART #727 Revert azure out of tree provider change #724
OCPBUGS-11352 : AWS should not use external-cloud-volume-plugin post CSI migration #721 OCPBUGS-7440 : do not degrade KCM when when monitoring stack rollout is in progress #706 OCPBUGS-10568 : migrate to using lease objects for leader election #715 Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART #709
OWNERS: remove ravi from the owners #714
Reset library-go to openshift fork #708
Update library-go dependency to move Azure to out of tree #705
Update library-go dependency to move AWS to out of tree #707
WRKLDS-705 : Bump openshift/api to enable DynamicResourceAllocation through TechPreviewNoUpgrade #701 WRKLDS-649 : Guard pod set readiness probe endpoint explicitly #693 OCPBUGS-6259 : bump(k8s): 1.26.1 #691 OCPBUGS-3985 : Enforce PSA when techpreview is enabled #663 Fixup vendor after library-go update #689
Update library-go dependency to move vSphere to out of tree #687
honor feature gates during bootstrapping #686
remove use of deprecated klog flags #685
OCPBUGS-5269 : remove unnecessary leader election RBAC #681 OCPBUGS-5006 : add leader-elect-renew-deadline into defaultconfit.yaml #678 Revert “Drop log flags removed in k8s 1.26” #684
bump (openshift/api) for CSIMigration* feature gates #682
Drop log flags removed in k8s 1.26 #680
Drop flags removed in k8s 1.26 #679
Bump library-go #677
Fix typo in podsecurity-admission-label-syncer-controller cluster role #671
Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART #673
OCPBUGS-3283 : remove unnecessary RBAC #661 OCPBUGS-4401 : limit cluster-policy-controller RBAC permissions #670 OCPBUGS-3041 : guard controller: set an explicit hostname to avoid name collisions #664 remove not needed RemoveStaleConditionsController #662
bootstrap-kube-controller-manager: specify resources.requests #660
Full changelog
OCPBUGS-27022 : bump(library-go)=release-4.14 #527 OCPBUGS-21737 : bump(k8s,openshift) to address CVE-2023-44487 #504 OCPBUGS-21737 : Bump deps to address CVE-2023-44487 #501 OCPBUGS-19553 : Update static pod manifests perms #495 OCPBUGS-14052 : KubeSchedulerDown: set runbook_url annotation #489 OCPBUGS-15256 : Sync openshift/api to reduce installerpod configmap based file permissions to 0600 #488 remove loglevel in deploy #487
OCPBUGS-14323 : Change manifest directory permissions #485 Remove featureset flag and use only the manifest #484
STOR-1263 : Bump k8s 1.27 #472 use standard featuregate library from API #483
OCPBUGS-12074 : Updating ose-cluster-kube-scheduler-operator images to be consistent with ART #479 Updating ose-cluster-kube-scheduler-operator images to be consistent with ART #466
OCPBUGS-10568 : migrate to using lease objects for leader election #476 disable debug pporf with unauthenticated port #468
WRKLDS-705 : Bump openshift/api to enable DynamicResourceAllocation through TechPreviewNoUpgrade #463 WRKLDS-649 : Guard pod set readiness probe endpoint explicitly #459 OCPBUGS-6261 : bump(k8s): 1.26.1 #460 Add client certificate and key to service monitor #434
remove use of deprecated klog flags #457
Revert “Drop log flags removed in k8s 1.26” #456
bump (openshift/api) for CSIMigration* feature gates #455
Drop log flags removed in k8s 1.26 #454
Drop flags removed in k8s 1.26 #453
OCPBUGS-3041 : guard controller: set an explicit hostname to avoid name collisions #446 bootstrap-kube-scheduler: specify resources.requests #445
Full changelog
: OCPBUGS-21371: bump library-go to include switch to HTTP/1.1 #96
Revert “specify master node selector on migrator pod” #93
OCPBUGS-17170 : specify master node selector on migrator pod #92 OCPBUGS-16513 : bump(*): update to 1.27.1 #91 Fix operator doc in README #90
Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART #89
OCPBUGS-6240 : Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART #87 Full changelog
OCPBUGS-48323 : Pass transit_switch_subnet options in ovnkube-node pod for single-zone #2617 OCPBUGS-42754 : Set mount propagation to HostToContainer for /var/lib/kubelet #2521 OCPBUGS-47320 : Pass transit_switch_subnet options in ovnkube-node pod #2607 OCPBUGS-43821 : manifests/02-cncc-credentials: Set skipServiceCheck for GCP #2546 OCPBUGS-39086 : Fix wait logic for IPsec certificate signing request #2481 OCPBUGS-41508 : Tighten the permissions on whereabouts.conf #2493 OCPBUGS-42021 : Add proxy env vars to onvkube-node #2505 OCPBUGS-38440 : [release-4.14] 4.14 subnet config #2473 OCPBUGS-37221 : Ensure that the node-identity webhook address contains colons for IPv6 #2440 OCPBUGS-38073 : Fix IC distributed control plane alerts #2463 OCPBUGS-37468 : Backport ipsec state metric #2444 OCPBUGS-32706 : Add conditions for ignored-namespaces #2380 OCPBUGS-36722 : update whereabouts crd #2434 OCPBUGS-34885 : [release-4.14] Fix 4.13->4.14 upgrade with ipsec enabled #2390 OCPBUGS-27925 , OCPBUGS-30579 : [release-4.14] tighten conditions for the state transitions in IC upgrade #2207 OCPBUGS-30021 : Fully disable network-node-identity on ROKS #2315 OCPBUGS-31669 : [release-4.14] ensure local networking deployments within hypershift use the client side load balancer to be resilient to control plane node failures #2311 OCPBUGS-31360 : Remove egressip write permissions from ovn-kubernetes-node #2320 OCPBUGS-30021 : [release-4.14] Disable network-node-identity on ROKS #2286 OCPBUGS-30100 : ipsec: fix openssl typo #2287 OCPBUGS-29168 : add env var in whereabouts-reconciler daemonset #2257 OCPBUGS-26573 : Improve troubleshooting IC upgrades #2076 OCPBUGS-29033 : network node identity: tolarate all taints #2248 OCPBUGS-18281 : only 2 master nodes are required for ovn-kubernetes #2154 OCPBUGS-29300 : Update ingressconfig_controller to use field Manager #2266 OCPBUGS-28608 : fix whereabouts conformance test failures #2235 NO-JIRA: add kyrtapz as reviewer and approver for release 4.14 #2228
OCPBUGS-27858 : [release-4.14] Add ConfigMap mount to the whereabouts-reconciler DaemonSet #2219 OCPBUGS-27013 : HyperShift, network-node-identity: Check the deployment in the management cluster #2195 OCPBUGS-24326 : adminpolicybasedexternalroutes CR accepts an invalid IP address #2196 OCPBUGS-24037 : remove all managed fields used by old manager #2112 OCPBUGS-24320 : Add apbroute/status patch rights for ovnkube-node to update status #2143 OCPBUGS-22787 , OCPBUGS-22788 , OCPBUGS-22789 : ovnkube: container scripts cleanup #2090 OCPBUGS-23371 : hypershift, hosted clusters: enable multi-homing and multi-net features #2117 OCPBUGS-21717 : Bump golang.org/x/net and github.com/openshift/library-go #2122 OCPBUGS-24633 : ipsec add pluto restart #2152 OCPBUGS-22363 : Added HCP label to CNO pods #2081 OCPBUGS-22286 : hypershift: adjust backoff on infrastructure name retry #2078 OCPBUGS-23011 : Block upgrades to 4.15 with Kuryr #2096 OCPBUGS-23315 : set automountServiceAccountToken to false for hypershift managed network-node-identity deploy #2107 OCPBUGS-19897 : HyperShift: Use the local konnectivity proxy when checking proxy readiness #2043 OCPBUGS-20472 : hosted cluster upgrade failure from 4.13 stable to 4.14 #2063 OCPBUGS-20254 : [release-4.14] Revert Kuryr MTU fixes #2046 OCPBUGS-20184 : [release-4.14]: Don’t run network node identity as root #2054 OCPBUGS-20064 : Multus should determine kubeconfig path [backport 4.14] #2050 OCPBUGS-19955 : get ipsecStatus from host daemonset #2045 OCPBUGS-19862 : Multus per-node certificates should have 24h duration [backport 4.14] #2040 OCPBUGS-19523 : use $CPE_NAME to find the OS major version #2017 OCPBUGS-19808 : remove prestop hooks for northd, sbdbd and nbdb #2036 OCPBUGS-19747 : [release-4.14] Use port 9108 for ovnkube-control-plane metrics #2033 OCPBUGS-19771 : Relax conditions to get IC upgrade started #2035 OCPBUGS-19748 : Fix config status MTU migration not being updated #2034 OCPBUGS-19725 : Do not enable node admission webhook if the CNI is not OVN-Kubernetes #2032 OCPBUGS-19686 : ipsec: remove preStop from host #2029 OCPBUGS-19627 : Multus per-node certificate request [backport 4.14] #2023 OCPBUGS-19461 : make ipsec.service required #2014 OCPBUGS-19649 : Network node identity: node-specific certificate in ovnkube-node, admission webhook #2011 OCPBUGS-19623 : multus: set MULTUS_NODE_NAME to filter pods to local node #2022 OCPBUGS-19481 : separate libovsdblogs from main ovnkube-master #2008 OCPBUGS-18728 : Kuryr: Set MTU on Bootstrap, not Render phase #1995 OCPBUGS-18871 : ipsec: fix oopsy from 2e3fc8e7a0 #1997 OCPBUGS-18874 : ovnkube: set northd backoff-interval and use a single thread to save CPU #1998 OCPBUGS-18135 : IBMCloud specific: patch out management workload for dataplane component thats needed for bootstrapping #1955 move IPsec to host #1849
OCPBUGS-17916 : Fix IC configmap lookup in pod_status.go #1954 OCPBUGS-17677 : [Azure]CNCC failed to assign egressIP to NIC for Azure Workload Identity Cluster #1980 OCPBUGS-18363 : Add ‘/etc/cni/multus/net.d’ into volumemount in multus pod #1979 OCPBUGS-18175 : Fix bond-cni’s default directory in multus manifest #1953 OCPBUGS-17782 , SDN-3664 : Join ovnkube-controller and ovnkube-node container for multizone setup #1971 OCPBUGS-16051 , OCPBUGS-3176 : Enables IP Forwarding config in CNO #1952 OCPBUGS-17257 : CVE-2023-3978: golang.org/x/net/html: Cross site scripting #1935 OCPBUGS-17677 : [Azure] Add granular permission for assigning egressIP to NIC to Azure CredentialsRequest for workload identity. #1949 OCPBUGS-17964 : ovn-k, managed: Align join subnet configuration #1962 SDN-4024 : Add ANP Feature Gate #1859 SDN-4057 : hypershift: Allow ovnkube-master and ovnkube-node to have different images #1942 Remove certificatesigningrequests/update permission from ovnkubenode #1934
Add rolling update for managed ovnkube-control-plane #1944
IC & openshift + hypershift #1874
OCPBUGS-16019 : prevent creation of multiple cni-sysctl-allowlist-ds pods #1904 OCPBUGS-10765 : make MAXLOGFILES a real variable and work for self-hosted #1931 Multus thick plugin support #1915
OVN-Kubernetes ipsec: create the CSR with a random name #1928
CCO-294 : Switch azure credentials request to use explicit permissions #1922 OVN-Kubernetes: Add status subresource permissions for setting labels and annotations #1896
SDN-3223 : Use encapsulation=true for IBM Cloud #1800 Bug 16136 : change whereabouts ip reconciler exec #1890 Add OpenStack platform to list of allowed dual-stack clusters #1697
OCPBUGS-15945 : Stop using utilruntime.PanicHandlers to handle reconciliation panics #1893 HOSTEDCP-1063 : allow webhooks in hosted clusters to reach multus-admission-controller service #1879 OCPBUGS-15961 : FIPS related CNO changes #1901 OCPBUGS-10765 : Revert “Revert “OCPBUGS-10765: Remove oldest ovn acl log files when f… #1876 ovn-k: Configure dns service namespace and name #1912
OCPBUGS-15544 : Enable multi-external-gateway feature by default for managed and hosted clusters #1887 OCPBUGS-15918 : Skip rendering 0.0.0.0/0 for cluster proxy status #1903 Change rhel7/8 to rhel8/9 #1870
Enable EgressService controller #1848
Edited multus-admission-controller deployment config to not add autom… #1767
OCPBUGS-15794 : fix: add missing annotation for workload partitioning #1866 OCPBUGS-15544 : Add adminpolicybasedexternalroutes rights for ovnkube-node. #1867 Revert “Remove oldest ovn acl log files when file limit exceeded” #1873 #1873
OCPBUGS-10765 : Remove oldest ovn acl log files when file limit exceeded #1868 kube-proxy config overriding updates #1831
OCPBUGS-15282 : Add release version annotation to whereabouts-reconciler #1851 CCO-356 : Add Infrastructures permission to CNCC cluster role #1843 Add multi-networkpolicies support for OVN #1796
Add support for AdminPolicyBasedExternalRoute CRD and controller’s RBAC #1765
OCPBUGS-15138 : Add kubernetes.io/os nodeSelector to wherebouts reconciler DS #1841 OCPBUGS-14988 , SDN-3901 : Rebase to kube 1.27 #1826 CCO-358 : Manifest changes necessary to support Azure Workload Identity #1755 OCPBUGS-14714 : Do not rely on ControlPlaneTopology do determine if running in HyperShift #1835 OCPBUGS-11882 : Added another volume to safe-to-evict-local-volume annotation #1830 OCPBUGS-14833 : Fixes lint issues #1834 OCPBUGS-14384 : Remove nodeSelector for architecture in whereabouts daemonset #1828 OCPBUGS-11882 : Added safe-to-evict annotation to ovnkube-master and multus admission controller components #1822 OCPBUGS-13922 : Revert “Do not set the operator as available before updating the network config” #1818 OCPBUGS-11448 : add Hypershift release-image annotation to multus #1770 OCPBUGS-10937 : multus-admission-controller mounts secret with mode 0640 #1752 OCPBUGS-13219 : Use IfNotPresent instead of Always in OVNK upgrades pre-puller #1803 OCPBUGS-5027 : Make the operator degraded on panic #1786 OCPBUGS-12856 : Support Device Plugin Resources For Smart NIC and DPU Hosts #1721 Updating cluster-network-operator images to be consistent with ART #1790
OCPBUGS-11565 : High API requests due to allowlist and operconfig reconcilers running too often #1788 OCPBUGS-8070 : Depreciate legacy field manager #1763 OCPBUGS-11550 : AUTH: update cluster-reader to include k8s.ovn.org #1791 OCPBUGS-10009 : HyperShift: Support HostedControlPlane node selector #1736 OCPBUGS-11046 : fix reconciliation process of the allowlist controller #1792 OCPBUGS-1341 : Enhance check controller to remove old check objects #1649 OCPBUGS-11046 : Fix allowlist ds template #1773 OCPBUGS-10647 : multus-admission-controller should not run as root under Hypershift #1745 OCPBUGS-9174 : The cluster-readers group should be able to get net-attach-defs #1343 Updating cluster-network-operator images to be consistent with ART #1768
OCPBUGS-9964 : Split out konnectivity certs #1734 SDN-3444 : Add runbook url for SBDB connectivity alert #1553 OCPBUGS-7777 : use –template instead of -a for ‘oc observe’ #1760 Fix tier label, privileged, HOSTNAME/NODENAME in whereabouts reconciler #1735
OCPBUGS-10433 : Hypershift: Add RollingUpdate parameters to multus-admission-controller #1740 ovn-kube: move back to unsuffixed RHEL9 images #1747
Updating cluster-network-operator images to be consistent with ART #1732
OCPBUGS-10649 : HyperShift: Add POD_NAME env to ovnkube-node #1748 OCPBUGS-10031 : operConfig reconcile can return nil error on failure #1744 Set OVN-K north/south bound stale alerts severity to critical #1668
OCPBUGS-8707 : Point libreswan to proper nss location #1727 Whereabouts should implement the reconciliation controller #1693
add/update some UTs around clusternetwork change #1725
OCPBUGS-9931 : Enable configuration of node healthz server on ovnkube #1715 OCPBUGS-8692 : HyperShift: Set affinity, tolerations and co-location for all hcp resources created by CNO #1728 Cno 4.13 kubernetes 1.26 #1708
use annotation on the daemonset to update hybrid overlay #1709
Remove the ovn-kind-cno.sh script #1710
SDN-3597 : OVN-K alerts: add OVS overflow alerts #1630 SDN-3730 : OVN IC: migrate master alerts to cluster manager #1716 Allow cidr expansion #1707
Enables nodeSelector to be used in egress firewall rule #1720
Add ovnk alert for resource retry failure #1674
OCPBUGS-6730 , SDN-3221 : ovn-kubernetes: use RHEL9-based images #1712 OCPBUGS-4343 : update apf configuration to use v1beta3 #1633 Jira OCPBUGS-7774: Print RawCNIConfig in its string representation #1718
OCPBUGS-6235 : Updating cluster-network-operator images to be consistent with ART #1656 Allow updates to pods #1717
OCPBUGS-5559 : add default noProxy config for Azure #1672 always create env.sh when run_vs_existing_cluster #1711
OCPBUGS-7354 : Revert “Revert “OCPBUGS-5842: Use pods oc vs host”” #1714 ovn-k, multi-homing: enable the feature #1699
Revert “OCPBUGS-5842: Use pods oc vs host” #1713
OCPBUGS-5842 : Use pods oc vs host #1681 OCPBUGS-4417 : Added missing API field podref to OverlappingRangeIPReservation CRD #1677 OCPBUGS-6651 : HyperShift: Add .hypershift.local to no proxy list #1692 OCPBUGS-6651 : HyperShift: Do not use proxy for internal routes #1694 remove TLS_RSA_WITH_AES_128_CBC_SHA256 cipher #1680
ovn-kubernetes: Allow node_mgmt_port_netdev_flags for non-DPU modes #1676
OCPBUGS-3272 : Unhealthy Readiness Probe failing ci #1665 OCPBUGS-5306 : ovn-kubernetes: ignore NB/SB readiness checks and dbchecker when not RAFT member #1673 OCPBUGS-5802 : Update github.com/Masterminds/sprig to v3 #1679 OCPBUGS-5306 : OVN-Kubernetes: Stop sorting master node addresses #1675 Allow SDN migration from Kuryr to OVNKubernetes #1639
update ‘make install.tools’ for golangci-lint #1670
Fix CNO crashing when Kuryr without MTU is set #1669
OCPBUGS-2947 : Disable the drop-icmp container ‘oc’ pprof webserver on Azure #1607 OCPBUGS-4350 : Fix handling of deployment and statefulset updates #1648 OCPBUGS-2532 : Fix default disable-udp-aggregation value on s390x #1655 Fix info log formatting #1650
Support RHOBS monitoring for HyperShift #1644
OCPBUGS-3916 : SDN alerts: Add $labels.node to SDNPodNotRady metric #1637 The allowlist daemonset should set a priority class. #1647
Bug OCPBUGS-736: Kuryr: If set use MTU from Config for svc net #1586
OCPBUGS-3883 : HyperShift: Co-locate OVN-Kubernetes master with other hcp pods #1627 OCPBUGS-2532 : Disable UDP aggregation on s390x #1629 Jira OCPBUGS-3777: IPsec: Fix broken counter++ expression #1623
OCPBUGS-3114 : HyperShift: Do not accept empty infrastructure name #1611 HyperShift: Fix typo in control-plane-component label value #1626
Remove references to the hosts kubeconfig #1612
OCPBUGS-3744 : SDN: /var/run mount cleanup #1625 OCPBUGS-3460 : CNI binary copy should account for the possibility of symlinks #1614 OCPBUGS-2598 : ipsec: Run ovs-monitor-ipsec in the foreground and change probes #1606 SDN-3508 : HyperShift: Render cncc with proxy settings of the management cluster #1577 NP-607 : update microshift ovnk manifests #1589 Bug 1896533 : moved SetDegraded call out of object loop to process all items first #1600 Full changelog
e2e:performance: decode to valid kubeletconfig object (#1276) #1276
Fix context deadlines in ExecCommandOnPod() (#1272) #1272
OCPBUGS-44506 : Drop sched_migration_cost_ns setting (#1215) #1215 OCPBUGS-44283 : right-hand-side profile_dirs take precedence (#1210) #1210 OCPBUGS-42567 : Add cluster-wide proxy env file (#1176) #1176 TuneD prior to kubelet in one-shot mode (#1137) #1137
OCPBUGS-37754 : Remove tuned/rendered object (#1133) #1133 OCPBUGS-37734 : Backport fix for OCPBUGS-36355 (#1126) #1126 OCPBUGS-33929 : Negative net interface name does not reduce queues (#1074) #1074 Add a ‘.snyk’ to silence static code analysis warnings (#1002) #1002
OCPBUGS-30153 : fix rendering extra ctrcfgs (#978) #978 fix extra-reboot on upgrade with paused mcp worker (#1053) #1053
OCPBUGS-31694 : E2E: Workload hints test cases fixes (#1012) (#1052) #1012 Systemd processes not being moved to cpuset/systemd.slice fix (#1040) #1040
Reduce number of reboots in offline tests (#1035) #1035
OCPBUGS-30507 : Add performance real time tuned template (#984) (#1025) #984 Report duplicate priority only for multiple matching profiles (#1018) #1018
Scheduler plugin: ignore IRQs (#1023) #1023
irqbalance: set banned cpus list to 0 (#994) #994
OCPBUGS-18640 : [release-4.14][manual] backport performance profile owner reference ehnancements (#989) #989 rps: fail silently when rps application failed (#901) #901
OCPBUGS-25982 : E2E: Add tests for Dynamic ovs pinning (#904) (#913) #904 OCPBUGS-26003 : E2E: PPC Test cases (#905) #905 Make MC names deterministic (#903) #903
OCPBUGS-25671 : rps: fix mask update for SR-IOV devices (#891) #891 OCPBUGS-18640 : Fix Racing Machine Configs and add Day 0 Support (#854) (#871) #854 OCPBUGS-24638 : Do not set default RPS sysctl twice (#880) #880 OCPBUGS-21845 : rps: trigger udev event per queue #832 (#832) #832 OCPBUGS-21845 : e2e:rps: improve logging (#831) #831 render: change dir path (#826) #826
Disable HTTP/2 for webhook and metrics servers (#841) #841
Remove obsolete protocols and weak ciphers (#835) #835
OCPBUGS-19459 : check for object being nil (#805) #805 OCPBUGS-19821 : e2e: perfprof: enhance the scheduling domain tests (#813) #813 nto: avoid timeout when there are too many CSV (#817) #817
Add kubeconfig path for IBM Managed OpenShift (#812) #812
OCPBUGS-18868 : [release-4.14] e2e: add expected max latancy to hwlatdetec test & rename constant (#788) #788 Sync DaemonSet if operand image changes (#785) #785
OCPBUGS-18392 : Change the OVN trigger file name to adapt to OVN IC (#777) #777 OCPBUGS-15044 : e2e:irqloadbalance: wait for profile revert (#768) #768 Add SetLogger() prior to controller-runtime start (#779) #779
OCPBUGS-18052 : feat: added logic to handle legacy sno install (#778) #778 OCPBUGS-17943 : Add rtentsk plugin to pp tuned profile (#767) #767 Tighten the rules for modifying Tuned Profiles (#775) #775
Revert “Tighten the rules for modifying Tuned Profiles (#765)” (#771) #765
Tighten the rules for modifying Tuned Profiles (#765) #765
OCPBUGS-14026 : cgroup: Match the name of the cgroup to what is expected by kubelet (#758) #758 e2e: irqbalance: improve test troubleshooting (#753) #753
OCPBUGS-16348 : OSLAT latency spikes due to tsc karg setting (#756) #756 Makefile: hack: add helpers to compile testsuites (#751) #751
OCPBUGS-17219 : Render mode should not segfault w/ no matching MCP (#754) #754 Release leader election on manager exit (#745) #745
generate missing files (#752) #752
vendor: bump OCP dependencies 08082023 (#750) #750
OCPBUGS-7980 : e2e:ht-aware: exec on the correct worker node (#729) #729 bump k8s to 1.27.4 (#748) #748
e2e: wait for objects deletion (#749) #749
e2e:wait: return updated pod object explicitly (#744) #744
OCPBUGS-17258 : CVE-2023-3978: golang.org/x/net/html (#747) #747 e2e: remove image parameter from must gather (#743) #743
Update the config.openshift.io/node object’s cgroupMode to “v1” (#737) #737
Fix a race in e2e test rollback.go code (#739) #739
e2e:irqbalance: applied condition exists (#727) #727
Improve render error handling (#724) #724
e2e:irqbalance: wait for tuned profile to be ready (#721) #721
pao:status: do not take address of loop var (#720) #720
nto:tuned: remove sched_min_granularity_ns settings (#722) #722
Align TuneD with the latest shipped FDP version (#716) #716
E2E: update cpu load balancing test for latest cgroup related changes (#712) #712
Build gather-sysinfo (#714) #714
e2e: overhaul Performance-Addon-Operator tests (#590) #590
e2e: latency testing: increase the expected threshold (#706) #706
e2e: perf-prof: disable truncating gomega output (#702) #702
Configure OVS for dynamic cpu pinning (#559) #559
OCPVE-382 : fix: add default state for crio config (#700) #700 e2e: devmgr: fine tune kubelet restart test (#701) #701
e2e: RPS: fix expected cpu set (#703) #703
Switch to rslave/HostToContainer volume mount propagation (#692) #692
Do not rollback settings on TuneD exit (#699) #699
e2e: reboot: add kubelet restart test (#697) #697
remove conditional skip (#690) #690
e2e: memorymanager fix: check the hugepage size condition (#693) #693
Use RHEL9 as a base (#665) #665
Expose TuneD socket to host. (#651) #651
E2E: Use appropriate device path for rpsmask test (#691) #691
chore: replace github.com/ghodss/yaml with sigs.k8s.io/yaml (#628) #628
test: perfprof: devices: fix default test image (#672) #672
e2e: verify latency tests run with LATENCY_TEST_DELAY>120 (#662) #662
E2E: Add memory manager sanity test case (#573) #573
modify owners (#634) #634
Add minLength restriction to Tuned CR (#689) #689
OCPBUGS-14934 : consistent use of ginkgo flags in Makefile (#682) #682 OCPBUGS-14622 : Do not fail creating cgroups if they exist already (#683) #683 OCPBUGS-14193 : pao e2e: Split e2e PAO update lane to more lanes (#631) #631 OCPBUGS-4194 : rps: use default rps mask kernel API (#650) #650 OCPBUGS-14756 : [test] [e2e] Check ci lanes are executing the right test suites (#679) #679 check ocp version and export CNF_TEST_IMAGE variable with appropriate cluster version (#584) #584
OCPBUGS-5529 : Fix updating numa core siblings map in GetCpuSiblings function (#564) #564 Remove cpu-quota.crio.io: disable annotation (#663) #663
OCPBUGS-14137 : e2e: perfprof: add SNO device recovery test (#653) #653 Add PerformanceProfiles to ‘oc adm must-gather’ (#655) #655
Revert “Add PerformanceProfiles to ‘oc adm must-gather’ (#582)” (#654) #582
Add PerformanceProfiles to ‘oc adm must-gather’ (#582) #582
OCPBUGS-13148 : Configure cpu balancing cpu sets for all clusters (#646) #646 OCPBUGS-12978 use WatchNamespace() when deleting Profiles (#644) #644
Updating cluster-node-tuning-operator images to be consistent with ART (#579) #579
OCPBUGS-11083 : pao e2e: fix update test suit timeouts (#626) #626 e2e: Fix RPS test for multi-worker cluster (#641) #641
Revert PR558 and PR585 partially (#639) #639
e2e: add missing test id (#622) #622
OCPNODE-1539 : perf profile: add script for preparing cgroups for CPU load balance disabling (#601) #601 Remove subPaths, they are broken (#623) #623
OCPBUGS-10293 : performance-profile: enable crun for high-performance runtime (#588) #588 Revert #567 and cleanup PPC-generated TuneD config (#611) #611
Backup and revert profile when hugepages test completes (#597) #597
tuned: Handle UserLevelNetworking nil pointer gracefully (#608) #608
A new env var NO_BZ_CHECKS disables Bz and Jira status checks (#607) #607
OCPBUGS-9959 : check scheduler settings under /sys/kernel/debug/sched/ (#581) #581 workload-hints: disable stalld when rt disabled (#592) #592
render: remove uid from render-sync target (#594) #594
OCPBUGS-11083 : e2e: profile updates tests revised (#600) #600 Update to the latest k8s and OpenShift deps (#580) #580
Make the enable-leader-election option work (#586) #586
Update NTO-generated MC on MachineCount <= 1 (#585) #585
remove BZ 2181546 from skip list (#602) #602
Fix updating nodeSelector test (#595) #595
Remove the preStop hook for openshift-tuned (#587) #587
Skip tests depending on Jira or Bz issue status (#591) #591
kubectl explain to explicitly state workloadHint default values (#576) #576
Fix failing HyperShift presubmits (#578) #578
Add a script to validate upstream TuneD (#577) #577
CNF-5900 : feat: added support for generating workload partitioning files (#431) #431 Re enable node selector tests in update tests (#574) #574
Handle different # of CPUs are in the same MCP (#558) #558
composable OCP: make NTO components optional (#524) #524
Update to TuneD v2.20.0 (#565) #565
Remove trailing spaces from test names (#570) #570
Remove optimization to allow full resync (#567) #567
Report host-level sysctls in conflict with TuneD ones (#566) #566
E2E: Per Core Runtime Tuning Test automation (#509) #509
Add test case to check single rx queue on veth interface (#562) #562
Add update-manifests Makefile target (#560) #560
render: initialize klog flag (#538) #538
Refactor IRQ load balancing enable/disable test (#561) #561
update to ginkgo 2 (#517) #517
Skip watch on CA ConfigMap in HyperShift (#550) #550
update owners 20230109 (#542) #542
Add authentication to the /metrics endpoint (#541) #541
Run node selector tests only if we 2 non Performanceworker nodes (#532) #532
Updating profile new lane (#536) #536
Remove trailing space from test name (#540) #540
skip multiple ranges test if cores < 20 and use core as key to delete cpu siblings (#537) #537
Generate must-gather data (#442) #442
e2e:latency: count LATENCY_TEST_DELAY in timeout (#535) #535
E2E: Network stack Pinning tests (#501) #501
refactor: move command func to seperate file (#522) #522
performance-profile: render: make target for render sync (#528) #528
Switch to golang 1.19 (#521) #521
Add Containerfile for RHEL-9 (#519) #519
Fix two irqbalance tests - smp affinity vs online (#518) #518
Fix default hard eviction threshold when PCC is applied (#505) #505
e2e: performance profile: add logs and minor fixes (#485) #485
PPCreator: If rt-kernel enabled, power consumption mode default cannot be selected (#512) #512
Configuration hotfixes documentation fixes (#513) #513
E2E: Automation offline CPUs test (#380) #380
pao: latency-tests: read test log directly from pod (#499) #499
Configure ktimers scheduler prio same as ksoftirqs (#507) #507
Run rps mask tests when Reserved cpu are not nil (#483) #483
Set RPS for all rx queues (#495) #495
Full changelog
OCPBUGS-28247 : Remove “include.release.openshift.io/ibm-cloud-managed:” annotation #570 : OCPBUGS-20724: bump library-go to include switch to HTTP/1.1 #554
WRKLDS-728 : Capabilities: drop build/apps APIService when capabilities are not enabled #532 switch image-registry cert CM #545
OCPBUGS-16554 : update dependencies to get rid of goproxy #546 AUTH-408 : bindata: set required-scc #544 Plumb featuregates to the openshift-apiserver #542
allow etcd healthcheck timeout closer to probe timeouts to avoid failing on slower etcd #540
Add AES-GCM encryption tests #539
OCPBUGS-14010 : increase timeout for probes #536 OCPBUGS-2765 : Library go bump #538 OCPBUGS-12813 : Updating ose-cluster-openshift-apiserver-operator images to be consistent with ART #534 Updating ose-cluster-openshift-apiserver-operator images to be consistent with ART #525
OCPBUGS-10040 : update openshift/api to include aesgcm provider in the default apiserver schema #526 API-1509 : Enable AESGCM encryption #521 OCPBUGS-4343 : update apf configuration to use v1beta3 #509 OCPBUGS-6233 : Bump dependencies and images #517 OCPBUGS-5300 : routes/status resources can leak sensitive data, exclude it from audit #511 make api team approver #506
OCPBUGS-3929 : update apf configuration to use v1beta2 #508 Full changelog
OCPBUGS-48841 : Add new team members to the OWNERS file #380 OCPBUGS-33295 : Update opentelemetry to mitigate CVE-2023-47108 #344 OCPBUGS-28951 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #328 OCPBUGS-23490 : Remove blockage of ConfigObserver by build informer has synced flag #318 OCPBUGS-20818 : bump(k8s,openshift) to address CVE-2023-44487 [4.14] #309 OCPBUGS-20439 : Include Build CRD in manifests #307 OCPBUGS-18992 : Always sort disabled controller list #303 OCPBUGS-18980 : Disable BuildConfigChange controller when Build cap is disabled #301 route-controller-manager deployment updates #295
OCPBUGS-16072 : Updating Kubernetes and other associated dependencies #296 OCPBUGS-13926 : change the operator log level to default normal in the deployment #289 BUILD-582 , OCPBUGS-14638 : bump(k8s): 1.27.1 #294 OCPBUGS-13926 : add loglevel controller for OCM-o #292 Revert “13895: [WRKLDS-730] route-controller-manager deployment updates” #293
OCPBUGS-13895 : [WRKLDS-730] route-controller-manager deployment updates #288 Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #287
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #286
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #285
Bump golang.org/x/net from 0.5.0 to 0.7.0 #284
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #279
OCPBUGS-10568 : migrate to using lease objects for leader election #282 Add Divyanshu Agrawal as a reviewer #283
OCPBUGS-4343 : update apf configuration to use v1beta3 #273 Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #274
WRKLDS-594 : bump(k8s): 1.26.1 #277 OCPBUGS-5275 : remove unnecessary RBAC for leader-locking-ingress-to-route-controller #276 OCPBUGS-3929 : update apf configuration to use v1beta2 #272 let deployer pods patch/apply replication controllers #270
Bug 2111979 : Set openshift.io/run-level to nil in openshift-controller-manager nam… #269 Full changelog
OCPBUGS-21759 : switch to bingo for dependency management (and bump golangci-lint@v1.51.0) #98 OCPBUGS-21019 : Bump golang.org/x/net to v0.17.0 #96 Merge rukpak updates into main + Required Fixes #88
Add ncdc to OWNERS #89
Temporarily remove from payload #90
Revert “Merge rukpak updates into main” #87
Merge rukpak updates into main #86
Updating ose-cluster-platform-operators-manager images to be consistent with ART #83
OCPBUGS-10333 : feat: add workload pinning annotations #82 OCPBUGS-6395 : Upgrade golang/x/net to v0.4.0 to fix CVE-2022-41717 #79 Update owners file #80
Updating ose-cluster-platform-operators-manager images to be consistent with ART #78
Full changelog
OCPBUGS-21122 : bump(k8s,openshift) to address CVE-2023-44487 [4.14] #139 OCPBUGS-21122 : Bump deps to address CVE-2023-44487 #134 OCPBUGS-17989 : pkg/psalabelsyncer: enforce syncing in case label is set #129 AUTH-413 : ps syncer: only sync labels if noone else is managing them #127 ps syncer: add a controller for run-level 0 namespaces #128
Adjust logs per generic troubleshooting #126
OCPBUGS-15568 : Add timeout into cache sync wait to prevent hanging forever #124 OCPBUGS-15568 : Remove debugs logs in workqueuebucket #125 Add more logs for queue operations #122
OCPBUGS-15568 : Handle error if caches are not synced instead silently exit #121 Add ingvagabund to owners #120
Add logs for quota namespace syncing with verbosity level 2 #119
OCPBUGS-13649 : fix ClusterResourceQuotas to work for all api resources including custom resources #115 OCPBUGS-13579 : bump(k8s) to v0.27.1 #113 OCPBUGS-8271 : external template and route Informer #100 Updating cluster-policy-controller images to be consistent with ART #110
complete controller description #104
OCPBUGS-160 : psalabelsyncer: handle empty namespace of a rolebinding subject #107 Updating cluster-policy-controller images to be consistent with ART #105
update psa dependency version #103
update controller-manager dependency to point to v0.25.0 #101
OCPBUGS-723 : clusterquotareconciliation: do not sync quota monitor cache with no monitors registered #94 OCPBUGS-3985 : enforce pod security admission when techpreview is enabled #89 Updating cluster-policy-controller images to be consistent with ART #91
Full changelog
OCPBUGS-54537 : add rhdmalone to owners #624 OCPBUGS-49421 : add shannon and aroyoredhat as owners #598 OCPBUGS-21217 : CVE-2023-39325 ose-cluster-samples-operator-container:golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) #539 OCPBUGS-22257 : Sync library to remove invalid dockerhub references for OKD #520 manifests: Drop explicit runlevel from CRD manifest #515
OCPBUGS-16435 : Bump k8 to v0.27.2 for ocp 4.14 #514 OCPBUGS-16403 : Update Cluster Sample Operator dependencies and libraries for OCP 4.14 #511 reconcile status when clusteroperator changes #510
OCPBUGS-15754 : Update Jenkins and Jenkins Agent Base image versions #504 OCPBUGS-14491 : Updating to use Jenkins 4.13 images #502 OCPBUGS-12775 : Update Cluster Sample Operator dependencies and libraaies for OCP 4.14 #500 Updating ose-cluster-samples-operator images to be consistent with ART #499
OCPBUGS-10910 : Add network tools imagestreams #495 Updating ose-cluster-samples-operator images to be consistent with ART #493
Fix jira component #494
update Jenkins to use v4.12 imagestreams #491
OCPBUGS-855 : When setting allowedRegistries urls the openshift-samples operator is degraded #487 OCPBUGS-6811 : Update Cluster Sample Operator dependencies and libraries for OCP 4.13 #485 Change importMode to preserveOriginal for Openshift imagestreams #482
OCPBUGS-6579 : update sample imagestreams with latest 4.11 image using specific image tag reference #483 OCPBUGS-4357 : Bump k8s master #476 OCPBUGS-4166 : Update Cluster Sample Operator dependencies and libraries for OCP 4.13 #474 OCPBUGS-3426 : Update Cluster Sample Operator dependencies and libraries for OCP 4.12 #471 Updating ose-cluster-samples-operator images to be consistent with ART #470
Full changelog
OCPBUGS-45331 : deps: bump golang.org/x/net to 0.31.0 #1120 OCPBUGS-44704 : Fix desired before sync_worker’s work is initialized #1109 OCPBUGS-30878 : install/0000_90_cluster-version-operator_02_servicemonitor: Drop $ from ${{ #1040 OCPBUGS-27822 : Revert “[release-4.14] OCPBUGS-27175: clusterOperatorBuilder: Reconcile metadata on COs” #1028 OCPBUGS-27175 : clusterOperatorBuilder: Reconcile metadata on COs #1021 OCPBUGS-27048 : pkg/payload/precondition/clusterversion/rollback: Allow previous version within z-stream #1018 OCPBUGS-26207 : pkg/cvo/availableupdates: Only bump LastAttempt on Cincinnati pulls #1016 OCPBUGS-20762 : [4.14] Bump http-related deps #986 OCPBUGS-19921 : pkg/clusterconditions/cache: Avoid panic on all-fresh-cache evaluation #976 OCPBUGS-19737 : pkg/clusterconditions/promql: Warm cache with 1s delay #973 OCPBUGS-19465 : Properly reconcile SCC resources #972 OCPBUGS-13308 : Simplify user-facing messages on risk evaluation throttling #955 OCPBUGS-17418 : Really handle DeletedFinalStateUnknown correctly #954 CNF-9385 : add ImageRegistry capability #950 OCPBUGS-17418 : Handle cache.DeletedFinalStateUnknown #952 docs/user/tasks-*by-number-and-component.svg: Update to 4.13 #949
Dockerfile: bump to 1.19 and use public UBI pullspec #944
pkg/payload: De-noise ‘excluding …’ logs #945
bump api version to add new capability #941
pkg/cvo/metrics: Doc from_version semantics for cluster_version{type=“completed”} #929
Code cleanups for golangci-lint failures #942
OTA-559 : Migrate to (*Manifest).Include(…, overrides) #934 OCPBUGS-9070 : Fix hotlooping on Cronjob resources #910 Updating cluster-version-operator images to be consistent with ART #932
Updating cluster-version-operator images to be consistent with ART #930
Updating cluster-version-operator images to be consistent with ART #928
syncStatus: Reduce verbosity when syncing nothing of interest #922
Update dnsPolicy to allow consistent resolution of the internal LB #920
OTA-941 : pkg/payload/precondition/clusterversion/rollback: New precondition #918 Updating cluster-version-operator images to be consistent with ART #911
OCPBUGS-5469 : pkg/cvo/availableupdates: Prioritize conditional risks for largest target version #909 pkg/cvo: code cleanups #902
OCPBUGS-7419 : Trigger new sync round on ClusterOperator Available changes #904 install/0000_90_cluster-version-operator_02_servicemonitor: Add ClusterReleaseNotAccepted #906
OCPBUGS-6097 : CVO hotloops on ImageStream and logs the information incorrectly #894 OCPBUGS-6292 : Update golang.org/x/net/http2 for CVE-2022-41717 #901 Bug 2090680 : RetrievePayload: Improve timeouts and cover behavior with tests #896 pkg/cvo: Set ‘controller’ in our ownerReferences #900
pkg/cvo/sync_worker: Fix “The sync worker already has a pending notification” formatting #898
vendor: update openshift/api for NodeTuning capability #883
Bug 2089138 : CVO hotloops on ValidatingWebhookConfiguration #893 logging: consistently use RFC3339 in log messages #889
OCPBUGS-702 : Fix removing caBundle field of CRDs when ...inject-cabundle=true #870 lib/validation: Drop “a previous version” from desiredUpdate validation #888
Adding David to approvers list and removing Jack #891
upgradeable: improve logging and refactor #886
start.go: simplify code for computing sync period #887
OCPBUGS-5505 : Set upgradeability check throttling period to 2m #882 Revert “pkg/cvo/updatepayload.go: timeout payload retrieval” #881
pkg/cincinnati: Set User-Agent for Cincinnati requests #839
Bug 2090680 : pkg/cvo/updatepayload.go: timeout payload retrieval #846 tests: fix rare nil dereference in TestCache #875
pkg/payload: code cleanups #877
OTA-817 : Support ClusterVersion spec DesiredUpdate Architecture field #860 OCPBUGS-4986 : pkg/payload/precondition: Do not claim warnings would have blocked #876 OTA-844 : pkg/cvo/metrics: Add ‘reason’ to cluster_operator_up #868 OTA-560 : Improve developer-oriented docs #871 Updating cluster-version-operator images to be consistent with ART #873
OCPBUGS-1443 : Avoid using a lister before client caches sync #874 OTA-560 : Modernize README.md to be user-centered #869 Build CVO from UBI8 instead of obsolete origin-v4.0:base #872
Bug 2089093 : CVO hotloops on OperatorGroup due to the diff of “upgradeStrategy” #862 update library-go to pick up feature-set annotation change #853
Add myself as approver and David Hurta as a reviewer #864
OCPBUGS-1458 : Allow CVO to update KUBERNETES_SERVICE_HOST with LB address #851 pkg/cvo/cvo_scenarios_test.go: Remove status check from TestCVO_UpgradeFailedPayloadLoadWithCapsChanges #857
resourcemerge: cleanup deprecated function calls #858
OCPBUGS-2727 : Do not fail precondition check for UnknownUpdate #856 Full changelog
Updating configmap-reload images to be consistent with ART #52
OCPBUGS-10106 : Updating openshift-state-metrics images to be consistent with ART #51 Updating configmap-reload images to be consistent with ART #48
Full changelog
OCPBUGS-53437 : Show Observe section without PROMETHEUS and MONITORING flags #14892 OCPBUGS-54404 : Update the monitoring topic used by the console team #14910 OCPBUGS-54167 : fix run time error when no completed version exists #14899 OCPBUGS-51118 : redirect to correct alert #14823 OCPBUGS-49753 : ImagePullSecret getting duplicated when editing DeploymentConfig in Form View #14711 OCPBUGS-46603 : Unable to remove finally tasks in pipeline builder mode #14642 OCPBUGS-33145 : Fix “Auto deploy when new image is available” becomes unchecked when editing a deployment from web console #14370 OCPBUGS-45323 : Use vCenterCluster value from CM as primary resource #14574 OCPBUGS-39368 : Remove deprecated resources from spec of the Pipeline #14230 OCPBUGS-45283 : Add IBM Block Storage CSI driver support for RWX #14569 OCPBUGS-44791 : A value submitted in From view is wrapped with single quotation after switching to Yaml view. #14518 OCPBUGS-42962 : Need to allow blank for Project/namespace when setting SA Subject in ‘Project access tab’ #14386 OCPBUGS-43000 : List of default Camel K event sources disappears when adding a custom event source #14388 OCPBUGS-36558 : Increase login flow state paramater length/entropy #14439 OCPBUGS-10337 : Updating openshift-enterprise-console images to be consistent with ART #12760 OCPBUGS-42518 : The filepath including leading slash makes error during parsing devfile using Gitlab #14342 OCPBUGS-42517 : Values entered into the Instantiate Template form are automatically cleared #14341 OCPBUGS-42757 : Switch to use annotations as labels from PipelineRuns created through Pipelines as Code is deprecated #14369 OCPBUGS-38883 : Fix password set to Secret created through Start Pipeline form #14184 OCPBUGS-37353 : Import from Git allow users to import an app with Build option Pipeline also when no Pipeline is available #14108 OCPBUGS-41836 : DeploymentConfigs deprecation info alert should not present on the Edit deployment page #14281 OCPBUGS-39389 : Edit the secret and add the Chinese in the web-console, garbled characters will be displayed #14231 OCPBUGS-41581 : Increased max nodes limit to 200 in topology page #14262 OCPBUGS-38972 : Redirects to new PipelineRun logs URL from old PipelineRun logs URL #14234 OCPBUGS-38053 : fix BMH restart annotation #14109 OCPBUGS-33748 : Fix Pipeline details page with when expression using CEL expression #13856 OCPBUGS-32499 : Fixed some problems in topology Chinese translation text #13779 OCPBUGS-33942 : make sure folder is encapsulated with quotas #13869 OCPBUGS-35723 : Upgrade Pipeline trigger resources to v1beta1 #13985 OCPBUGS-33558 : Display “With Data upload form” in Create PVC drop down once #13840 OCPBUGS-33064 : Fix PipelineRun Logs tab navigation #13673 OCPBUGS-33321 : Helm Plugin’s Catalog incorrectly renders a single index entry into multiple tiles #13824 OCPBUGS-33635 : restrict Masthead logo to max-height to 60px #13847 OCPBUGS-33640 : Add visual connector between VMs and non VMs workloads #13848 OCPBUGS-33462 : fix issues with Edit Route form #13831 OCPBUGS-33110 : change OperatorHub filter FIPS Mode to Designed for FIPS #13804 OCPBUGS-32697 : Routes created by devfiles do not always use HTTPS #13787 OCPBUGS-21799 : Fix empty editor error #13256 OCPBUGS-32168 : fix bug where paused MCPs were incorrectly unpausing w… #13753 OCPBUGS-20173 : Console should not panic when no response is retrieved for plugin assets #13217 OCPBUGS-31388 : Application creation fail when manually entering input scaling value in local setup #13697 OCPBUGS-31394 : PipelineRuns in Console show wrong status or load indefinitely #13698 OCPBUGS-31864 : Fix config ini format #13738 OCPBUGS-25145 : fix vCenter cluster being empty #13436 OCPBUGS-28746 : fix bug where Expand PVC modal assumes pvc.spec.resou… #13558 OCPBUGS-29783 : Fix operands list endpoint #13625 OCPBUGS-29813 : Release 4.14 backports #13646 OCPBUGS-29813 : Addition of optional chaining to prevent yaml crash #13541 OCPBUGS-25274 : Add support for Azure Workload Identity / Federated Identity based in… #13642 OCPBUGS-28972 : Add flags checks to hide Pipeline static plugin List and details pages #13572 OCPBUGS-27898 : Add support for custom segment domains (to load JS and make API calls) #13540 OCPBUGS-29349 : Error in displaying BuildRun logs in Console #13601 OCPBUGS-29100 : Pipeline Name gets changed to “new-pipeline” on the Edit Pipeline YAML/Builder #13585 OCPBUGS-29239 : Add a new allowInsecure option to the internet proxy #13592 OCPBUGS-28990 : update check for the ‘provider’ label on the PackageMa… #13573 OCPBUGS-27157 : add additional check to determine if file is binary #13507 OCPBUGS-28635 : Bump graphql-go to v1.3.0 #13553 OCPBUGS-27305 : Copy response code from proxied plugin requests #13517 OCPBUGS-27851 : fix bug where Clone PVC modal assumes pvc.spec.resourc… #13537 OCPBUGS-27350 : Add Pipeline metrics tab using plugin #13520 OCPBUGS-26171 : Set unlimited line width in YAML editor #13482 OCPBUGS-24640 : Strip ‘Server’ header from proxy response #13423 OCPBUGS-25997 : change Alertmanager form to create using matchers inst… #13478 OCPBUGS-24349 : Fix crash when ArtifactHub Task has no version #13399 OCPBUGS-25397 : fix runtime error on Node details Overview when Machin… #13446 OCPBUGS-23771 : Fix for yaml editor that crashes with MCE and ACM plugins enabled #13360 OCPBUGS-24667 : Fix plugin proxy handler #13425 OCPBUGS-24474 : S2I Build Wizard should check for Containerfile in addition to Dockerfile #13415 OCPBUGS-24432 : fix filtering issues on Events #13413 OCPBUGS-24352 : add access review for impersonate #13400 OCPBUGS-22240 : Save also the location.search and .hash values in localStorage to restore them after login #13270 OCPBUGS-24293 : ConsolePlugin metrics must no longer be grouped by the vendor #13391 OCPBUGS-24423 : Searching for items in quick search is confusing #13412 OCPBUGS-22375 : Delete results.tekton.dev annotations before rerun the pipelineRun #13278 OCPBUGS-22478 : Extra space is in the translation text(Chinese) of ‘Create rolebinding’ and ‘replicate rolebinding’ #13290 OCPBUGS-24196 : ApiVersion displayed on console is v1alpha1 whereas we support v1beta1 #13402 OCPBUGS-23423 : Cannot Edit Shipwright Build #13343 OCPBUGS-22980 : remove expandable toggle for conditional update risk d… #13308 OCPBUGS-22374 : Telemetry- Current page was sometimes not tracked when reloading the current page #13277 OCPBUGS-22177 : Channel page shows “Required” message for the default name when navigate to create channel page #13262 OCPBUGS-19371 : Upgrade DomainMapping apiVersion to v1beta1 #13165 OCPBUGS-19416 : Correct logout process #13173 OCPBUGS-22285 : updating doc links for 4.14 GA #13273 OCPBUGS-19845 : mock apis for git repo in test serverless function tests #13199 OCPBUGS-22460 : Fix the forms when BC is not installed in the cluster #13288 OCPBUGS-21877 : add support for new features annotations while preserv… #13258 OCPBUGS-22377 : Fixed Edit Application form for Knative Services #13279 OCPBUGS-21784 : hide page-specific doc links for ROSA and OSD #13254 OCPBUGS-19898 : fix ResourceLog permissions when impersonating #13203 OCPBUGS-19899 : change resource icon for FenceAgentRemediationTemplate… #13204 OCPBUGS-19878 : show all the legends for Pipeline metrics in PipelineRun TaskRun Duration chart #13202 OCPBUGS-19776 : 404 - not found will show on Knative-serving Details page #13193 OCPBUGS-19526 : fetch TaskRuns without selector and reduces the get TaskRuns requests #13178 OCPBUGS-18997 : fix issues with refactored “Create StorageClass” form #13170 OCPBUGS-19664 : Check if filtered object contains name property #13187 OCPBUGS-19380 : Hide the Builds NavItem if BuildConfig is not installed in the cluster #13167 OCPBUGS-19337 : Unhide the Import From Git Tab on the Add page if Pipelines Operator is installed and BuildConfig is not installed in the cluster #13160 OCPBUGS-19336 : Added React Icon #13159 OCPBUGS-18881 : use active namespace in Create cta href of create action for operator backed #13150 OCPBUGS-19362 : Hide the DeploymentConfig option in the User Preferences if that resource type isn’t available #13164 OCPBUGS-19338 : Hide DeploymentConfig option from forms when it’s not installed in the cluster #13161 OCPBUGS-18987 : Monitoring: Fix display of silenced alerts in dev console #13152 OCPBUGS-18727 : bump @patternfly/react-core to v4.276.11 to pick up Sele… #13146 OCPBUGS-18686 : Fix incorrect export of useLabelsModal in dynamic plug… #13142 OCPBUGS-18604 : [knative] Don’t rely on openshift/hello-openshift as a sample image #13134 OCPBUGS-18094 : Remove cluster filter and menu group title #13137 OCPBUGS-18348 : Add deprecation alert for DeploymentConfig #12968 OCPBUGS-13359 : Fix crash when filtering the quick start catalog #13126 OCPBUGS-18306 : fix useDeleteModal Example formatting #13117 OCPBUGS-18406 : Builds navigation item is missing in Developer perspective #13124 OCPBUGS-17341 : OCP console mandate secret for repository creation #13084 OCPBUGS-16108 : Fix DeploymentConfig list performance issues by lazy loading their ReplicationControllers #13118 CONSOLE-3126 : Update cluster paused alert message #13106 OCPBUGS-17864 : Web console slowness on Project>Project access page #13099 OCPBUGS-17981 : Remove DeploymentConfig, Build and BuildConfig sections from navigation and use flags so they can be enabled by cluster admins #13089 OCPBUGS-9182 : Enable default-container annotation to specify the default container for logs and terminal. #13098 OCPBUGS-17913 : Typo in the OCP console menu #13096 OCPBUGS-17948 : Fix that Devconsole plugin show essential features like add page and topology also when Builds and DeploymentConfigs capabilities are disabled #13097 OCPBUGS-13892 : Remove spaces from prometheus queries #13043 OCPBUGS-15927 : Error page when fresh normal user visiting BuildConfigs page of ‘default’ project #13091 OCPBUGS-16374 : Fix topology crash when a console.topology/data/factory extension tries to resolve a resource with version from the CRDs which doesn’t exists #13093 CONSOLE-3327 : Expose useActiveNamespace within dynamic-core-api #13033 OCPBUGS-17595 : Updating YAML from console shows error #13090 OU-206 : Merge monitoring alerts with alerts from other sources in the dev console #12940 CONSOLE-3681 : Convert storage-class-form.tsx from class component to … #13036 OCPBUGS-17496 : Bridge NAD should set “preserveDefaultVlan”: false #13076 CONSOLE-3126 : Remove paused state since its no longer relevant due to 4.14 changes … #13072 OCPBUGS-17515 : Console UI is broken due to patternfly/react-core version change #13086 OCPBUGS-17504 : Dev console: Remove checkboxes on Alert Details page Silenced By list #13085 OCPBUGS-16717 : Fix name validation regex #13075 OCPBUGS-17410 : Fix that “Delete application” doesn’t work in topology when Pipelines operator is not installed #13074 OCPBUGS-14138 : Console fix #13078 OCPBUGS-15458 : Links for console-dynamic-plugin-sdk markdown docs are not working #13062 OCPBUGS-129 : bump @patternfly/react-core to v4.276.11 to pick up Sel… #13052 OCPBUGS-17234 : change Command Line Tools text #13068 OCPBUGS-17347 : Fix “View alerting rule” action URL #13058 OCPBUGS-15419 : Title on Overview page has changed to “Cluster · Red Hat OpenShift” #12951 OCPBUGS-13387 , OCPBUGS-16693 : Import page create button is disabled due to PAC validation #13046 CONSOLE-3683 : Convert FireMan component in list-page.tsx from class c… #13024 OU-231 : Add jgbernalp and zhuje to OWNERS for monitoring #13069 OCPBUGS-17196 : Fix nad ovn type - annotation and netAttachName #13053 OCPBUGS-16844 : external link icon in resource added toast notification not linked #13057 OCPBUGS-15310 : Helm Chart installation modal “Documentation” field is always N/A #13032 CONSOLE-3686 : Convert SecretFormWrapper component in create-secret.ts… #13017 OCPBUGS-15008 : update the KnativeServing API version to v1beta1 for global-config extension #13059 CONSOLE-3679 : Convert instantiate-template.tsx from class component t… #12947 CONSOLE-3568 : expose DeleteModal via useDeleteModal hook in @console/shared #12974 CONSOLE-3677 : Convert edit-yaml.jsx from class component to functiona… #12973 CONSOLE-3678 : Convert EventStream component in events.jsx from class … #12989 OCPBUGS-16093 , OCPBUGS-16270 , OCPBUGS-9409 : Creation of GH webhook and attaching it to repo while importing from git using PAC #13021 CONSOLE-3682 : Convert components in cluster-settings folder from clas… #13011 CONSOLE-3676 : Convert app.jsx from class component to functional comp… #12952 OU-175 : Monitoring: Add “Silences” tab to Developer console #12900 OCPBUGS-10884 : propagate mpath device type to request data #13022 OCPBUGS-16656 : Devfile import fails on master branch #13050 OCPBUGS-9355 : Fix translation bug #13049 OCPBUGS-3495 : Add cacheBuster query string when requesting plugin entry scripts #13035 OCPBUGS-16599 : allow creation of v1beta1 APIversion Pipeline in Pipeline builder YAML view #13034 OCPBUGS-9285 : Add note to the console.page/route extension regarding its usage #13044 OCPBUGS-14341 : Check operands deletionTimestamp to disable kebab action menu #13042 ODC-7336 : automation for customization-of-catalog-add-page-form feature file #12934 OCPBUGS-11285 : Dynamic plugin translation support for plurals broken #13028 chore(i18n): update translations: Completed Master Branch - Sprint 238 #12999
OCPBUGS-16433 : Fixes location update issues #13023 CONSOLE-3591 : Remove directory listing for /static/* #13001 CONSOLE-3694 : Convert tile-view-page.jsx from class component to func… #12942 ODC-7334 : Show ConsoleSamples resources in the samples catalog #12970 CONSOLE-3666 : Validate shared modules of dynamic plugins #12881 OCPBUGS-11971 : When removing the project owner from the project in GUI, instead of that user, the group (the default group added as project admin through the project template) will be removed. #13016 OCPBUGS-13808 : Console SDK components should be using GroupVersionKin… #13029 OCPBUGS-14837 , OCPBUGS-16025 : Hide the Duplicate Pipelines Card in the DevConsole Add Page #13007 OCPBUGS-8274 : Fix copy login command regression #13003 CONSOLE-3687 : Convert components in utils folder from class component… #12925 OCPBUGS-11219 : Fix incorrectly nested css rule for print styles #12991 OCPBUGS-11620 : Fix stop PLR option #13020 CONSOLE-3706 : Remove custom history.pushPath alias function #12873 CONSOLE-3431 : Allow building dynamic plugins without any exposed modules #12530 HELM-502 : Bump Helm to 3.12.1 #13014 OCPBUGS-15359 : Enable namespace dropdown selection when all namespace installation mode selected by default and… #12975 OCPBUGS-16174 : Update the VSCode extension link and descriptions on Create Serverless function form #13015 OCPBUGS-13142 : InstallPlan info cannot shown on Subscription tab for … #13012 OCPBUGS-14907 : Fix operator backed catalog page when copied CSVs disabled #12932 CONSOLE-3684 : Convert components in modals folder from class componen… #12941 OCPBUGS-16148 : disable Save if Use existing claim is active and no … #13010 OCPBUGS-16150 : Fix Start last run action in Topology sidepanel #13009 OCPBUGS-15458 : Links for console-dynamic-plugin-sdk markdown docs are not working #12993 OU-218 : Monitoring: Use useResolvedExtensions instead of useExtensions #12987 CONSOLE-3680 : Convert row-filter.jsx from class component to function… #12957 OCPBUGS-13808 : Console SDK components should be using GroupVersionKin… #12946 CONSOLE-3685 : Convert components in RBAC folder from class component … #12933 CONSOLE-3611 : User can configure the install of Operators that authenticate using STS #12779 OCPBUGS-9991 : Most of contents are lack of i18n on “Command Line Tools” page #12995 OCPBUGS-15021 : Use FLAGS.CAN_GET_NS to decide whether to show Route details > Metrics tab #12944 ODC-7341 : Show Build output in Shipwright Build list and details page #12972 OCPBUGS-8005 : Fix broken upstream doc link for cluster channel upgrades #12998 OCPBUGS-10884 : add multipath device type to LocalVolumeSet #12723 OCPBUGS-14434 : Running yarn dev results in the build running on a loop #12990 OCPBUGS-10844 : fix bug where binary secret values are corrupted on edit and add test coverage #12986 OCPBUGS-15011 : Upload JAR file does not work if the Cluster Samples Operator is disabled #12917 OCPBUGS-12891 : check for valid OLM selector in K8sResourceWidget to p… #12887 OCPBUGS-15896 : STS label not valid according to kube #12980 RHSTOR-4533 : added a mutator property for the storage class extension #12886 OCPBUGS-7416 : get Kamelets from the camel-k-operator namespace as well #12710 OCPBUGS-14548 : only show pipelines doc link for downstream #12979 CONSOLE-3565 : Expose annotations modal in dynamic plugins sdk #12843 CONSOLE-3610 : User can filter on STS enabled clusters for Operators that claim support for STS #12778 OCPBUGS-15773 : The upgrade Helm Release tab in OpenShift GUI Developer console is not refreshing with updated values. #12966 ODC-7319 : correcting - missing package tag across gherkin files #12847 ODC-7313 : Run CI tests with non-admin user #12814 OCPBUGS-15427 : Remove access review check for PipelineResource from Pipeline section #12964 ODC-7325 : Improve BuildConfig and Shipwright Build list pages #12910 ODC-7340 : Remove Shipwright Tech Preview badges #12960 OCPBUGS-14548 : update pipelines doc links #12890 OCPBUGS-15572 : Fix bug where the install operator update approval radio button does … #12959 OCPBUGS-14959 : Error for DuplicateClusterRoleBinding and Edit ClusterRoleBinding subject in RHOCP4 Web Console #12939 OCPBUGS-14665 , OCPBUGS-14874 , OCPBUGS-14875 : Helm Chart installation form hangs on create if JSON-schema is using 2019-09 or 2020-20 standard revisions #12929 OU-198 : Revert “Disable broken monitoring-tests” #12943 ODC-7337 : Skip wait for authentication operator to start progressing when the secret already exists #12884 OCPBUGS-497 : frontend: fix kube-apiserver availability query #12928 OCPBUGS-15060 : “Duplicate RoleBinding” leads to “Unsupported value” error #12921 OCPBUGS-7794 : Image pull secret creation form doesn’t re-enable Create button once it is disabled #12609 CONSOLE-3616 : Revert multicluster server flags #12782 OCPBUGS-15299 : Create Serverless Function Form is Broken #12926 OCPBUGS-13120 : Serverless functions UI warning is misleading #12923 ODC-7329 : Subsequent PipelineRuns take initial PipelineRun name into account #12913 CONSOLE-3612 : User is warned when cluster is in STS mode #12777 ODC-7322 : Implement a proxy to hit the Artifacthub.io API end point #12905 MGMT-15023 : Add help text to vCenter cluster field #12912 OCPBUGS-11464 : Availability requirement update is initially disabled … #12918 OCPBUGS-15135 : Make knative routes copyable similar to openshift routes #12908 OCPBUGS-14909 : Disabling web-terminal tests in CI #12892 OCPBUGS-14015 : Create helm release page doesn’t show a YAML editor when schema isn’t available (httpd-imagestreams chart) #12914 CONSOLE-3372 , OCPBUGS-13648 , OCPBUGS-13833 : Console supports installing non-latest Operator versions #12743 OCPBUGS-7036 : Add Git Repository (PAC) doesn’t setup GitLab and Bitbucket configuration correct #12593 chore(i18n): update translations: Completed-7034-OCP 4.13/Master Branch UI Localization- Sprint 231 #12695
OCPBUGS-14354 : e2e: Enable Pipeline tests #12911 OCPBUGS-14915 : Remove entries from the menu that are now added by monitoring-plugin #12893 ODC-7316 : Add discoverability of the IDE extensions from Create Serverless form #12846 OCPBUGS-14419 : Remove tech preview badge from Pipeline repository pages #12888 ODC-7326 : Align Build, BuildRun and PipelineRun details page #12898 OCPBUGS-14836 : Updated BuildConfig and Shipwright Build lists shows runs from another namespace #12896 OCPBUGS-14890 : Missing ‘View details’ link for several servicemonitors.spec.endpoints fields in YAML sidebar #12895 OCPBUGS-14002 : Correct the alignment of yaml toolbar links #12894 OCPBUGS-14660 : Helm Repository “Edit” button results in 404 #12891 OCPBUGS-14716 : add ROSA branding option #12889 OCPBUGS-13208 : Fix PVC metrics query #12867 OCPBUGS-12897 : Knative Route Details Page should show the URL of the route as it is shown in the Openshift Routes Details page #12853 OCPBUGS-8682 : Fix empty create dropdown on provided APIs page #12819 OCPBUGS-9214 : Create button is disabled in Git Import form when git repo url has hyphens in owner part of the url #12652 OCPBUGS-4496 : Fix Samples/Snippets tab #12642 OCPBUGS-7361 : support JSON schema 06 in the helm install/upgrade form #12644 OU-138 : Move QueryBrowser component to dynamic SDK #12841 OCPBUGS-9063 : Remove frontend validation from legacy operand form gen… #12788 ODC-7275 : Implement invoke serverless functions #12755 OCPBUGS-14964 : Disable broken monitoring-tests #12902 OCPBUGS-11219 : Include print styles to allow printout of full screen and … #12849 ODC-7306 : Show the latest Build status in the Build list view #12809 ODC-7277 : added v1 support for Pipeline #12729 CONSOLE-3660 : Introduce react-router v6 compatibility #12861 OCPBUGS-8274 : Do not request token URL if auth is disabled #12818 OCPBUGS-14668 : visiting Configurations page returns error Cannot read… #12882 OCPBUGS-14602 : selected project was not taking effect when searching … #12880 OCPBUGS-14550 : Use proxy with web socket connection and monitoring d… #12877 CONSOLE-3392 : Implement exact search for more precise result sets and add user prefs setting #12838 ODC-7288 : Add proxy to invoke knative services with a public route #12789 ODC-7320 : Gherkin for customisation of add page and developer catalog through customisation form view #12855 OCPBUGS-14424 : OVN Kubernetes multi-homing #12869 OCPBUGS-14262 : Fix Pipeline metrics page #12863 OCPBUGS-10411 : Edit deployment don’t enable save button if image stream is added #12673 OCPBUGS-14149 : account for single object in status.conditions instead… #12866 OCPBUGS-14352 : E2e tests fails because OpenShift Pipelines operator could not be found #12872 OCPBUGS-9909 : Could not import multiple resources via JSON (while YAML supports this) #12721 ODC-7317 : Update Terminal step of the Guided Tour to indicate that odo CLI is accessible #12848 ODC-7308 : Update test cases of web terminal configuration page #12825 ODC-7283 : Add Web Terminal tab in cluster configuration page #12718 OCPBUGS-6767 : Regression: OpenShift Console no-longer filters SecretList when displaying ServiceAccount #12679 OCPBUGS-13782 : Surface the message from Operator developer #12840 OCPBUGS-12896 : Corrected Labels for resolving the bug related to the Create Route Checkbox #12834 ODC-7315 : Change help texts in initialize Terminal page #12824 OCPBUGS-11668 : Fix kebab actions on Installed Operators page #12822 OCPBUGS-13693 : Fix RTE in bridge. #12817 OCPBUGS-11256 : Topology UI doesn’t recognize Serverless Rust function for proper UI icon #12816 OCPBUGS-11996 : Fixed Make Serverless Form Error #12815 OCPBUGS-13257 : propagate labels to pipeline resources #12808 MGMT-14527 : Add vSphere cluster field. #12806 OCPBUGS-12783 : Remove “Action” type from OLM descriptor readme #12800 CONSOLE-3623 : Add X-CSRF token to console request headers #12719 OCPBUGS-5453 : Add Pipeline metrics unsupported empty page #12435 OCPBUGS-1829 : use service port name instead targetPort in the Pipeline Event listener route #12148 CONSOLE-2501 : Upgrade TypeScript version to 4.5 #12821 ODC-7318 : Update ODC owners, May 2023 edition #12839 CONSOLE-2501 : Update builder image #12828 OCPBUGS-13361 : Update plural string dynamic demo plugin locales #12799 ODC-7309 : Remove dev console integration-tests reviewers #12802 OCPBUGS-12244 : only copy workload annotations to debug pod #12794 ODC-7279 : Correcting CI failures of ODC Packages #12700 HELM-484 : Basic authentication documentation update #12768 CONSOLE-3615 : Mark multicluster code for removal #12754 ODC-7300 : Change method name for labelKeyForNodeKind to getTitleForNodeKind #12733 ODC-7296 : Rename all instances of YAMLEditor to CodeEditor #12708 Bug 2176216 : VMs are listed twice in cluster inventory #12795 OCPBUGS-12267 : Fix OLM k8sResourcePrefix descriptor dropdown behavior #12758 OCPBUGS-11099 : add support for minimal status of tekton #12724 OCPBUGS-12732 : fix buildconfig form ns #12771 OCPBUGS-12637 : update helm release empty state text #12767 OCPBUGS-12286 : Fix missing console plugin control on CSV details page. #12766 OCPBUGS-7692 : Fix that helm details page shows an inf. loading indicator when api call fails #12578 OCPBUGS-11057 : Importing a kn Service shows a non-working Open URL decorator also when the Add Route checkbox was unselected #12726 OCPBUGS-6581 : Serverless - Eventing - Channels: Conditions column i18n misses #12641 OCPBUGS-7485 : When Creating Sample Devfile from the Samples Page, Topology Icon is not set #12725 OCPBUGS-11596 : Do not fetch catalog sources on CSV or Subscription details pages. #12717 OCPBUGS-10224 : Multiple instances of tabs under ODF dashboard #12635 OCPBUGS-6770 : Pipeline doesn’t render correctly when displayed but looks fine in edit mode #12722 OCPBUGS-11869 : Pod Status Overlapping in Sidebar #12732 CONSOLE-3600 : Filter operators based on nodes OS type #12707 OCPBUGS-9329 : update dynamic plugin info for development mode #12666 OCPBUGS-10562 : disable operator-uninstall.ts as the uninstall test is… #12731 OCPBUGS-3036 : Do not list subscriptions in all namespaces on CSV details page. #12716 OCPBUGS-5548 : delete associated pipeline, triggertemplate and eventlistener when deleting app #12587 Add the possibility login with different IDP and user credentials #12709
ODC-7270 , ODC-7272 : Improve telemetry: Add resource and tab name to the page title #12669 Improve useModal docs example #12115
Improvements on Web Terminal Operator Installation functionality #12713
OCPBUGS-10956 : Reduce metrics cardinality by grouping well-known and other perspectives and plugins #12684 OCPBUGS-9305 : add missing readOnly conditions #12685 ODC-7280 : Add PipelineRun tab to Dev perspective Pipeline page #12672 OCPBUGS-10562 : re-enable and fix operator-uninstall.spec.ts #12678 ODC-7282 : Add webhook informations on Repository details and summary page #12690 OCPBUGS-11382 : Update Dockerfile to use latest builder images #12655 ODC-7274 : Prepare a page and modal to invoke a Serverless function #12686 OCPBUGS-103 : Move operator install status to it’s own route/page #12704 OCPBUGS-11020 : fix runtime error on OperatorHub details pages #12702 ODC-7281 : Provide Column management option for the TaskRuns list page #12689 Remove andybraren as dashboard reviewer #11807
OCPBUGS-11197 : Rephrase vCenter connection tooltips #12694 OCPBUGS-10961 : Fix description for BuildAdapter SDK extension #12683 CONSOLE-3577 : Remove deprecated metering endpoint from backend #12692 OCPBUGS-5940 : Wait with CRD/model translation until i18n bundles are loaded #12697 OCPBUGS-10916 : fix translation string for Image pull secret created alert #12681 OCPBUGS-10836 : fix All projects selection on Pipelines page in dev perspective #12676 OCPBUGS-10950 : use PipelineRun template from ‘pipelines-as-code-pipelinerun-go’ configMap for Go runtime #12682 ODC-7271 : add duration for PipelineRun and TaskRun on details page #12659 ODC-7276 : Add cancelled status color in Pipeline metrics page #12662 automation of edit build config feature file #12622
OCPBUGS-10619 : Enable modal scroll for uninstall operator instances #12680 OCPBUGS-10562 : disable operator-uninstall.spec.ts as the previous fix… #12677 PF Update 2023-2 #12664
OCPBUGS-10562 : re-enable and fix operator-uninstall.spec.ts #12661 OCPBUGS-10655 : Do not show builder ImageStreams without sampleRepo as samples #12667 OCPBUGS-10509 : Sync Debug in Terminal feature availability with 3.x pods in web console #12657 OCPBUGS-9956 : update the default pipelineRun template name #12660 OCPBUGS-7620 : Edit Deployment (and DC) form doesn’t enable Save button when changing strategy type #12608 OCPBUGS-8086 : Visual fixes for list items #12619 OCPBUGS-9907 : Fix alerts source display values #12632 OU-110 : Observe > Dashboards : Code Consolidation Fixes #12588 OCPBUGS-7484 : When there are 2 pipelines displayed in the dropdown menu, selecting one, unchecks the Add Pipeline checkbox #12650 OCPBUGS-8268 : OpenShift pipeline TaskRun(s) column Duration is not present as column in UI #12633 OCPBUGS-7632 : comment out suspected problematic test #12647 OCPBUGS-10345 : Fix backend runtime error #12654 OCPBUGS-10269 : Fix grammatical error in feedback modal #12634 OCPBUGS-8299 : CronJobs table/details UI doesn’t have Suspend indication #12638 OCPBUGS-7801 : taskrun ui fails when using object type results #12626 OCPBUGS-10230 : Fixes card sizes not even issue when commit info is not available on Environments page #12550 OCPBUGS-5360 : re-enable operator-install-single-namespace.spec.ts test #12424 OCPBUGS-10232 : Fixes argocd link for non-KAM added application envs #12558 OCPBUGS-7232 : Fixes resource status alignment issue #12429 CONSOLE-3393 : Proxy managed cluster monitoring requests through MCE c… #12360 CONSOLE-3425 : Expose ‘nameFilter’ prop to ‘ListPageFilter’ component #12438 OU-117 : No response for duplicate query with default disabled status when click ‘Hide all queries’ #12621 Update dockerignore. #12538
CONSOLE-3452 : Add patternfly customer feedback extension mechanism to console #12611 OCPBUGS-7446 : Show type of sample on the samples view #12548 OCPBUGS-7395 : Users don’t know what type of resource is being created by Import from Git or Deploy Image flows #12615 OCPBUGS-7178 : Add page title to Devconsole pages #12591 OCPBUGS-7632 : fix issue where project deletion fails #12618 ODC-7232 , ODC-7233 : Add new auth, serverconfig and usage metrics #12527 OCPBUGS-6994 : when ACM is installed and no previous perspective is set, default perspective to All Clusters #12542 OCPBUGS-6762 : Increase filter input width to accomodate placeholder text #12610 OCPBUGS-8066 : add checks for Pipeline in AddServerlessFunction form #12617 Correcting Knative Package Failures #12012
IR-267 : add details for submanifest to the ImageStreamTag #12549 OCPBUGS-5773 : Delete secret on async run error #12557 OCPBUGS-7970 : always close filter dropdown #12590 OCPBUGS-7971 : Monitoring: Fix “Label” filter on “Alerting rules” list page #12592 OCPBUGS-7031 : Pipelines repository list and creation form doesn’t show Tech Preview status #12541 ODC-6669 : rename edit-deployment routes and components #12400 OCPBUGS-7308 : remove ‘Download kubeconfig file’ from ServiceAccounts #12589 Bug 2076619 : Modified git import flow module to handle create button enable-disable issue #11493 OCPBUGS-7879 : fix devfile error #12594 OCPBUGS-7806 : Add NFS-export details for PersistentVolume details #12571 chore(i18n): update translations: Completed-7034-OCP 4.13/Master Branch UI Localization- Sprint 230 #12584
OCPBUGS-3450 : Missing containerd and wicd service logs in Windows nodes #12572 OU-110 : Observe > Dashboards page: Use datasource defined in dashboard definition #12422 OCPBUGS-7668 : Bump helm pkg #12582 Add additional alerts datasource extension #12436
OCPBUGS-4646 : delete application should delete all part-of resources #12567 OCPBUGS-7144 : fix alignment issue of info alert on Pipeline metrics page #12563 Serverless function creation with Pipelines #12552
OCPBUGS-7421 : fix missing i18n error and validateDOMNesting warning #12561 OCPBUGS-1706 : Switch to use labelPlural for heading #12585 OCPBUGS-7195 : E2E correct sample page clicking #12574 OCPBUGS-3372 : Fix create silence error message adding response from the backend #12577 OCPBUGS-7117 : Expose endpoint to obtain copy login command URL for each cluster #12553 OCPBUGS-7399 : fix pipeline selection in Edit flow in devconsole #12564 OCPBUGS-266 : add subject kind dropdown in the project access form #12418 chore(i18n): update translations: Completed-7034-OCP 4.13/Master Branch UI Localization- Sprint 229 #12568
OCPBUGS-7427 : Associate wait time with method to decrease run time #12559 OCPBUGS-7089 , OCPBUGS-7113 : move cluster menu to masthead to fix usability issues #12480 OCPBUGS-7418 : set default value for Scaling fields in Create Serverless Function form #12562 OCPBUGS-6610 : Developer - Topology : ‘Filter by resource’ drop-down i18n misses #12522 Bug 2115265 : Search page: LazyActionMenus are shown below Add/Remove from navigation button #12187 OCPBUGS-2479 : Right border radius is 0 for the pipeline visualization wrapper in dark mode #12501 OCPBUGS-1748 : PipelineRun templates must be fetched from OpenShift namespace #12537 OCPBUGS-7090 : Fix that Add to navigation does nothing when pinnedResource is {} #12536 OCPBUGS-5547 : Webhook Secret (1 of 2) is not removed when Knative Service is deleted #12517 OCPBUGS-5428 : Add missing SDK extensions descriptions #12431 OCPBUGS-6893 , OCPBUGS-7199 : Fix different CI issues #12554 OCPBUGS-4008 : Make sure console refresh toast notification pops up wh… #12470 OCPBUGS-6757 : Get the Event type value from the latest PLR of the Repository #12495 CONSOLE-3334 : Update copiedCSVsDisabled to contain managed clusters #12374 OCPBUGS-6967 : fix typeError while creating Serverless function #12520 OCPBUGS-6647 : Added translation to Last used in resource type dropdown #12504 OCPBUGS-5733 : Remove description field from the PLR parameters page #12434 ODC-7226 : update helm install and upgrade flow #12502 OCPBUGS-5948 : Better fix for runtime error in schema tab of api explorer when no schema exists #12499 OCPBUGS-186 : PipelineRun task status overlaps status text #12498 ODC-7234 : Provide option to configure PAC on importing app via import from git flow #12439 HELM-479 : Uninstall the Helm Charts Asynchronously #12465 OCPBUGS-6799 : Repositories list does not show the running pipelinerun as last pipelinerun #12497 chore(i18n): update translations: : Completed-7034-OCP 4.12/Master Branch UI Localization- Sprint 225 & 228 #12285
OCPBUGS-6098 : Show Git icon and repo link as per the Git provider #12456 OCPBUGS-4883 : Default Git type to other info alert should get remove after changing the git type #12384 OCPBUGS-5997 : Add Git Repository (PAC) showed empty permission content and non-working help link until a git url is entered #12445 OCPBUGS-6660 : make Uninstall Operator checkbox instructions optional #12471 add preferred tab per user for dev perspective Pipelines page and make PipelineRuns tab default for Repository details page #12426
Query browser: Remove unused wrapperClassName prop #12464
OCPBUGS-2666 : Add RBAC check on Create a Project link in all-namespaces pages #12279 add create serverless function form and add action on add page #12396
Update ODC owner files #12430
ODC-7225 : Update Helm Releases list page and the details page #12432 Bug 2084452 : PodDisruptionBudgets help message should be semantic #12084 OCPBUGS-5948 : Fix runtime error in schema editor when theres no match for g/v/k in swagger definitions #12469 OCPBUGS-6049 : Do not show UpdateInProgress when status is Failing #12449 OCPBUGS-6634 : Enable building tectonic-console-builder on arm64 and fix the Dockerfile.product to work with no cached artifacts #12444 OCPBUGS-3228 : fix broken pipeline secret #12460 OCPBUGS-5851 : refactor descriptors test to remove interdependencies #12453 OCPBUGS-6053 : fix run-time error on Cluster Settings when availableUp… #12450 OCPBUGS-6272 : Start the pipeline with workspace #12442 OCPBUGS-4684 : In DeploymentConfig both the Form view and Yaml view are not in sync #12416 CONSOLE-3237 : Add opt out when Console deletes operands #12234 OCPBUGS-5851 : delete existing operand via CLI to workaround failing t… #12451 OCPBUGS-1598 : updates toast wording to Workload #12155 ODC-7210 : Create Serverless function using the Import from the Git with Builder Images #12411 OCPBUGS-5016 : Editing Pipeline in the ocp console should show correct information #12446 OCPBUGS-5851 : Using OLM descriptor components deletes operand #12433 CONSOLE-3389 : Use Cypress mock responses for multicluster cluster switcher and pod test #12421 Correcting Pipelines Package Failures #12073
Bug 2110565 : PDB Remove add/edit/remove actions in Pod resource action menu #12420 OCPBUGS-5542 : Project dropdown order is not as smart as project list page order #12428 OCPBUGS-1852 : Subscription tab for operator doesn’t land on correct URL #12336 OCPBUGS-4377 : Service name search ability while creating the Route from console #12383 OCPBUGS-5540 : fixes typo for milliseconds #12423 OCPBUGS-4894 : Disabled Serverless add actions should not be displayed for Knative Service #12379 OCPBUGS-4571 : Operator recommended namespace during installation incorrect. #12387 OU-121 : Monitoring: Convert Alerting list pages to use plugin SDK list filters #12399 OCPBUGS-5346 : Change vSphere connection health status icon #12410 OCPBUGS-3334 : Fix type inconsistencies and Readme for DynamicPlugins #12263 OCPBUGS-4047 : Fix secret CRUD test #12407 Bug 2083087 : Fix to provide an option to delete all app resources on delete-resource modal for D/DC/KSVC #12390 OCPBUGS-2145 : maxUnavailable and minAvailable on PDB creation page - i18n misses #12373 OCPBUGS-5287 : disable operator-install-single-namespace.spec.ts until… #12406 HELM-471 : Modify list releases response #12401 OCPBUGS-4047 : disable key/value secrets test as they fail at a high rate #12405 OCPBUGS-1606 : Do not filter spoke cluster operators by arch/os #12363 OCPBUGS-4701 : display ‘Control plane is hosted’ alert only when isCl… #12361 ODC-7188 : On importing application via import from git flow pac should be configured for the application #12335 OCPBUGS-4279 : Upgrade pf 2022 13 #12333 OCPBUGS-3033 : Make all feature flags available in perspective extensi… #12386 OCPBUGS-4700 : only show upgrade details if cluster not externally man… #12362 Health checks topology sidebar feature automation #12394
ODC-7184 : Show pre-pinned resources based on customization #12354 OCPBUGS-4781 : use /api/helm/release endpoint on helm release details page #12397 ODC-7185 : Allow admins to define pre-pinned resources using a form driven experience #12353 ODC-7183 : Provide a code snippet for adding pinned resources #12349 OCPBUGS-5164 : add support for version v1beta1 for knativeServing and knativeEventing #12391 OCPBUGS-5165 : Add DevSandbox specific telemetry config (to allow these cluster to enforce cluster type and opt-out) #12392 Monitoring: Convert Targets list page to use plugin SDK list filters #12342
ODC-7182 : add pinnedResources to server flags #12314 OCPBUGS-3373 : Observe > Metrics > Monitors, Error Message to indicate limited view due to user privileges #12319 OCPBUGS-3314 : Fix to use and set correct secretReference for build-config triggers #12375 OCPBUGS-2824 : The dropdown list component will be covered by deployment details page on Topology page #12369 adds support for timeout and custom image in cloudshell #12329
OU-122 : Monitoring: Convert modals to use PatternFly directly #12371 Bug 1948666 : Fix to show correct help texts for each git repo status error code #12237 Bug 2005232 : Pods list page should only show Create Pod button to user has sufficient permission #11999 OCPBUGS-4975 : Add missing translation in ceph stoage plugin #12380 OCPBUGS-3767 : fixed node maintenance plugin route configuration for BareMetalNodesPage #12359 OCPBUGS-2525 : improve newly migrated ConsoleLink test #12348 MGMT-12787 : Move MarkdownView to plugins-shared #12328 Bug 2100762 : Adding data-checked-state to radio inputs #12256 ODC-7177 : Add SBO label selector support for Topology page #12283 Sidebar-of-knative-revision-and-service| Knative Serverless #12351
ODC-7179 : Allow users to see which pods are receiving traffic #12272 OCPBUGS-3761 : close the guided tour modal before any action #12358 Domain-Mapping feature | Knative Serverless #12343
ODC-7172 : Update helm terms from install/uninstall to create/delete #12337 OCPBUGS-3033 : Update admin landing page if monitoring is disabled #12292 OCPBUGS-4691 : Fix that topology sidebar actions shows outdated data (Edit labels, Edit annotations, etc.) #12365 OCPBUGS-3951 : Do not disable dynamic plugin if extension coderef fail… #12347 CONSOLE-3371 : Add missing children prop to ResourceLink #12312 HELM-450 : Return secret for async install/upgrade #12289 Updating openshift-enterprise-console images to be consistent with ART #12350
Bug 2110570 : Topology sidebar: Edit pod count shows not the latest replicas value when edit the count again #12332 OCPBUGS-3863 : Set proper return code for plugin handlers #12346 Update helm and dev-console tests file #12301
Monitoring: Convert remaining kebab menus to use PatternFly directly #12326
OCPBUGS-4540 : Fix NavSection bug #12344 OU-75 New Query Added to the Beginning of List #12275
OCPBUGS-2525 : migrate CRD extensions tests to Cypress to mitigate flakes #12331 OCPBUGS-4518 : Monitoring: Fix alert descriptions with duplicate resources #12341 OCPBUGS-4047 : delete each created secret in case first test attempt r… #12316 Bug 2077138 : update pf-quickstart version #12298 OCPBUGS-4252 : fix issue where node debug terminal doesn’t load #12322 OCPBUGS-4110 : fixes misaligned form footer btn controls for WTO #12306 OCPBUGS-4415 : Disable shipwright tests again #12334 Monitoring: Extract Alertmanager config related code #12324
OCPBUGS-3896 : Make aria-expanded state label reflect correct expanded state in the masthead navigation button #12321 OCPBUGS-3771 : Add managed cluster proxy endpoint env var to multicluster-environment.sh script #12280 OCPBUGS-4206 : fix getContainerStateValue i18n #12318 CONSOLE-3282 : add Dynamic plugins to about modal #12294 OCPBUGS-4203 : remove padding from debug pod alert #12317 Monitoring: Use PatternFly components instead of ActionButtons #12302
OCPBUGS-3761 : follow on fix to ensure Administrator perspective is se… #12313 OCPBUGS-3027 : Do not disable metrics when auth is disabled #12287 Monitoring: Use PatternFly components instead of Breadcrumbs component #12303
OCPBUGS-1305 : Re-enable Shipwright e2e tests #12049 Monitoring: Don’t import EmptyBox #12227
OCPBUGS-2281 : Re-enable serverless e2e tests #12243 OCPBUGS-3476 : Show Tag label and tag name if tag is detected in repository PipelineRun list and details page #12274 OCPBUGS-3432 : Re-enable pipelines e2e tests #12242 OCPBUGS-2500 : Pan nodes into view if all nodes are not visible on load #12260 OCPBUGS-4026 : Fix rerender loop/crash when bindable-kinds is found but has no status #12296 OCPBUGS-4022 : Fix react warning when open console, add missing keys in navigation #12295 OCPBUGS-3024 : Add support for other Service types in Service list #12232 OCPBUGS-4012 : disabled Serverless add actions is not displayed in topology menu #12297 OCPBUGS-3776 : Update the tooltip to trigger only on mouseenter to remove focus trigger #12290 OCPBUGS-2480 : Task delete icon is not align properly on the Pipeline builder page #12266 CONSOLE-3350 : Add a PR template for the console #12257 OCPBUGS-3648 : Fix more runtime error edge cases in ImageManifestVuln … #12293 Monitoring: Refactor silence dropdowns to use PatternFly directly #12196
OCPBUGS-3395 : show event source, event sink card on add and associated action only if eventing is enabled #12268 OCPBUGS-3235 : Fix for initial showing of topology contents #12264 OCPBUGS-3761 : migrate Events integration test to Cypress to mitigate … #12286 topology-headless-failures-correction #12057
OCPBUGS-2904 : If all the actions are disabled in add page, Details on/off toggle switch to be disabled #12236 Monitoring: Import from the dynamic plugin SDK where possible and minor imports clean up #12231
OCPBUGS-2579 : Helm Charts and Samples are not disabled in topology actions if actions are disabled in customization #12197 OCPBUGS-1604 : Add cluster to query params of websocket requests #12250 OCPBUGS-2551 : show 403 error when normal user check operands on All … #12267 Bug 2092289 : Don’t proxy CORS response headers #12269 OCPBUGS-3069 : add Release not accepted to Update status on Cluster Se… #12251 Monitoring: Add popover help text for silence form’s negative matchers #12218
OCPBUGS-3709 : URI encode subjectName in CreateRoleBinding #12223 OCPBUGS-3458 : improve display of RetrievedUpdate condition in Update status #12261 OCPBUGS-2306 : fix number spinner input #12219 Bug 2080260 : Fix runtime erros in ImageManifestVuln related pages #12229 Create-knative-service-from-deployment-or-deployment-config feature #12125
OCPBUGS-1671 : frontend: use UBI httpd for StatefulSet template #12195 OCPBUGS-2735 : Switch spacing for inline radio & checkbox elements #12253 Bump helm version to 3.10.1 #12246
CONSOLE-3120 : Allow operator to specify where to run with CSV suggested namespace template annotation #12217 OCPBUGS-3316 : Remove refs-heads from the branch name for Repository pipelineRun row #12247 Monitoring: Move codicon font into monitoring/ dir #12230
OCPBUGS-2922 : Fix Console Plugin table sorting #12238 Monitoring: Don’t import CloseButton #12226
Bug 1993916 : Show tooltips for contextual information #11860 OCPBUGS-3172 : check that user can patch console operator config in s… #12222 add capacity action for SS CSV list page [OCP 4.12 & ODF 4.11] #12214
Monitoring: Fix type of bodyContent prop passed to PopoverField #12211
OCPBUGS-2961 : Change installed operator text when custom resource required. #12228 CONSOLE-3185 : Improve information available for Pending or Failed plugins so user can better troubleshoot plugins #12208 CONSOLE-3246 : Update i18next to version 21.x.x #12124 CONSOLE-3077 : Promote ConsolePlugins API version to v1 in console repository #12103 OCPBUGS-1061 : Monitoring: Fix permission check for Prometheus & Alertmanager pollers #12206 Full changelog
OCPBUGS-46121 : [4.14] cherry-pick containernetworking/plugins#997 #168 OCPBUGS-33066 : macvlan enable ipv6 ndisc_notify #160 OCPBUGS-20374 : build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.14] #129 OCPBUGS-17681 : Default CNI binaries to RHEL 8 #116 Updating ose-containernetworking-plugins images to be consistent with ART #108
Updating ose-containernetworking-plugins images to be consistent with ART #107
Add rhel9 binary #106
OCPBUGS-14095 : Sync with upstream version v1.3.0 #98 Updating ose-containernetworking-plugins images to be consistent with ART #94
Updating ose-containernetworking-plugins images to be consistent with ART #93
Updating ose-containernetworking-plugins images to be consistent with ART #92
Updating ose-containernetworking-plugins images to be consistent with ART #80
Upstream sync Feb 2023 #73
OCPBUGS-5292 : Fixes tuning regression with vlan path fix #72 OCPBUGS-5292 : Revert “Fix path substitution to enable setting sysctls on vlan interfaces” (ocp 4.13) #70 Updating ose-containernetworking-plugins images to be consistent with ART #69
Upstream sync, Nov 2022 #67
Full changelog
OCPBUGS-28952 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #167 OCPBUGS-25069 , OCPBUGS-26309 , OCPBUGS-26323 : add snyk config file for SAST scan #163 OCPBUGS-23111 : Should reference configmaps instead of secrets #152 OCPBUGS-20734 : bump golang.org/x/net to v0.17.0 #146 OCPBUGS-16074 : Updating Kubernetes and other associated dependencies #141 OCPBUGS-14489 : Kubernetes 0.27 #139 OCPBUGS-12597 : bump(*): golang.org/x/net #138 Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #136
Updating ose-csi-driver-shared-resource images to be consistent with ART #137
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #135
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #133
Add go-imports-organizer/goio to organize imports #132
OCPBUGS-10022 : add ‘system:serviceaccounts’ to SAR to allow group based RBAC #130 Updating ose-csi-driver-shared-resource-mustgather images to be consistent with ART #131
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #128
Updating ose-csi-driver-shared-resource images to be consistent with ART #129
Adding test scenariuos for Reserved Name Prefix for SharedSecret/SharedConfigMaps #127
OCPBUGS-7272 : add version file to must-gather output #125 OCPBUGS-7417 : Fix k8s.io/dynamic-resource-allocation error #126 BUILD-550 : bump(*) kubernetes 1.26 #123 BUILD-407 : reserve share names starting with openshift part one (code, unit test) #122 Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #119
Updating ose-csi-driver-shared-resource-mustgather images to be consistent with ART #121
Updating ose-csi-driver-shared-resource images to be consistent with ART #120
Update to go1.19 #118
BUILD-531 : Rebase to Kubernetes 1.25 #114 Full changelog
OCPBUGS-28957 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #103 OCPBUGS-26312 : add snyk config file for SAST scank #97 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #91 OCPBUGS-20825 : bump golang.org/x/net to v0.17.0 #86 STOR-1442 : Restart webhook Pods if webhook-serving-cert changed #83 STOR-1441 : Restart node Pods if metrics-serving-cert changed #82 OCPBUGS-16073 : Updating Kubernetes and other associated dependencies #81 OCPBUGS-14824 : Bump csi-driver-shared-resource-operator library-go #80 OCPBUGS-14488 : bumping kubernetes to 0.27.1 #79 Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #77
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #76
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #75
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #73
OCPBUGS-7906 : add openshift workload annotation to driver daemonset #72 BUILD-570 : hooks to allow operator to deploy on hypershift #71 BUILD-407 : remove pod wrapper types from validating webhook config #69 BUILD-407 : switch reserver share config from configmap to envvar; update webhook config to monitor share creates #68 STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #66 Add a .ci-operator.yaml file #67
bump library-go to get ApplyCSIDriver changes #65
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #64
update to go1.19 #63
STOR-829 : set security.openshift.io/csi-ephemeral-volume-profile label #59 OCPBUGS-3358 : Revert “[build-407] Mount shared secret and configmap list config path into shared driver node” #61 Full changelog
OCPBUGS-21177 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #60 STOR-1169 : Rebase external-attacher to v4.3.0 for OCP 4.14 #54 OCPBUGS-14815 : Chore: Update OWNERS and OWNERS_ALIASES #55 Updating csi-attacher images to be consistent with ART #53
Updating csi-attacher images to be consistent with ART #52
Updating csi-attacher images to be consistent with ART #51
Updating csi-attacher images to be consistent with ART #50
STOR-1020 : Rebase external-attacher to v4.1.0 for OCP 4.13 #49 Updating csi-attacher images to be consistent with ART #48
Update to go v1.19 #45
Full changelog
OCPBUGS-35112 : CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 #99 OCPBUGS-20775 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #72 OCPBUGS-17264 : USPTREAM: 969: build(deps): bump golang.org/x/tools from 0.9.3 to 0.12.0 #68 OCPBUGS-14811 : Chore: Update OWNERS and OWNERS_ALIASES #66 STOR-1169 : Rebase external-provisioner to v3.5.0 for OCP 4.14 #65 Updating csi-provisioner images to be consistent with ART #64
Updating csi-provisioner images to be consistent with ART #63
Updating csi-provisioner images to be consistent with ART #62
Updating csi-provisioner images to be consistent with ART #61
STOR-1020 : Rebase external-provisioner to v3.4.0 for OCP 4.13 #60 Updating csi-provisioner images to be consistent with ART #59
Full changelog
OCPBUGS-20929 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #147 STOR-1169 : Rebase external-resizer to v1.8.0 for OCP 4.14 #141 OCPBUGS-14812 : Chore: Update OWNERS and OWNERS_ALIASES #142 Updating ose-csi-external-resizer images to be consistent with ART #140
Updating ose-csi-external-resizer images to be consistent with ART #139
Updating ose-csi-external-resizer images to be consistent with ART #138
Updating ose-csi-external-resizer images to be consistent with ART #137
STOR-1020 : Rebase external-resizer to v1.7.0 for OCP 4.13 #136 Updating ose-csi-external-resizer images to be consistent with ART #135
Full changelog
OCPBUGS-29433 : cherry-pick:release-4.14: OCPBUGS-29244 Update VolumeSnapshot and VolumeSnapshotContent using JSON patch #142 OCPBUGS-21032 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #109 STOR-1169 : Rebase external-snapshotter to v6.2.2 for OCP 4.14 #101 OCPBUGS-14813 : Chore: Update OWNERS and OWNERS_ALIASES #102 Updating csi-snapshot-validation-webhook images to be consistent with ART #100
Updating ose-csi-external-snapshotter images to be consistent with ART #99
Updating ose-csi-snapshot-controller images to be consistent with ART #98
Updating csi-snapshot-validation-webhook images to be consistent with ART #97
Updating ose-csi-external-snapshotter images to be consistent with ART #96
Updating ose-csi-snapshot-controller images to be consistent with ART #95
Updating csi-snapshot-validation-webhook images to be consistent with ART #94
Updating ose-csi-external-snapshotter images to be consistent with ART #93
Updating ose-csi-snapshot-controller images to be consistent with ART #92
Updating csi-snapshot-validation-webhook images to be consistent with ART #91
Updating ose-csi-snapshot-controller images to be consistent with ART #89
Updating ose-csi-external-snapshotter images to be consistent with ART #90
STOR-1020 : Rebase external-snapshotter to v6.2.1 for OCP 4.13 #88 Updating csi-snapshot-validation-webhook images to be consistent with ART #87
Updating ose-csi-external-snapshotter images to be consistent with ART #86
Updating ose-csi-snapshot-controller images to be consistent with ART #85
Full changelog
OCPBUGS-20640 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #50 STOR-1169 : Rebase livenessprobe to v2.10.0 for OCP 4.14 #44 OCPBUGS-14810 : Chore: Update OWNERS and OWNERS_ALIASES #45 Updating csi-livenessprobe images to be consistent with ART #40
Updating csi-livenessprobe images to be consistent with ART #38
STOR-1020 : Rebase csi-livenessprobe to v2.9.0 for OCP 4.13 #37 Updating csi-livenessprobe images to be consistent with ART #36
Full changelog
OCPBUGS-20697 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #52 STOR-1169 : Rebase node-driver-registrar to v2.8.0 for OCP 4.14 #46 OCPBUGS-14814 : Chore: Update OWNERS and OWNERS_ALIASES #47 Updating csi-node-driver-registrar images to be consistent with ART #45
Updating csi-node-driver-registrar images to be consistent with ART #44
Updating csi-node-driver-registrar images to be consistent with ART #43
Updating csi-node-driver-registrar images to be consistent with ART #42
STOR-1020 : Rebase csi-node-driver-registrar to v2.7.0 for OCP 4.13 #41 Updating csi-node-driver-registrar images to be consistent with ART #40
Full changelog
Removing kernel[-rt]-core packages from the image. (#132) #132
Upgrade glibc, use dnf (#131) #131
Fixing the regexp used to get the correct GCC version. (#127) #127
Updating the docs to use ubi9 instead of ubi8. (#126) #126
Updating driver-toolkit images to be consistent with ART (#120) #120
Remove abi since it was not in 9.2 rpms (#121) #121
Fixing check-commits-count to work on other branches than master. (#118) #118
Adding rpm-build to the Dockerfile (#116) #116
Adding a missing space to README.md. (#115) #115
Updating README.md. (#114) #114
Updating the README.md. (#112) #112
Updating driver-toolkit images to be consistent with ART (#111) #111
Adding documentation regarding the driver-toolkit imagestream. (#110) #110
Adding kernel-rpm-macros to the Dockerfile. (#106) #106
Full changelog
OCPBUGS-35143 : update to go 1.19 and k8s.io mods to v0.27.4 #87 OCPBUGS-19850 : Ensure that IP forwarding is enabled #78 rework PR #74 to switch Dockerfile to use rhel9 #75
Updating egress-router-cni images to be consistent with ART #70
OCPBUGS-6553 : update go-yaml to v2.4.0 #67 Updating egress-router-cni images to be consistent with ART #66
Updating egress-router-cni images to be consistent with ART #65
Full changelog
OCPBUGS-20752 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #45 OCPBUGS-17367 : UPSTREAM: <carry>: Remove the static library linking flag #41 OCPBUGS-16783 : Chore: Update OWNERS #39 UPSTREAM: <carry>: Fix OWNERS_ALIASES #40
STOR-1163 : Rebase to upstream v1.10.1 #37 Updating ose-gcp-pd-csi-driver images to be consistent with ART #36
Updating ose-gcp-pd-csi-driver images to be consistent with ART #33
Bug 1877261 : UPSTREAM: 973: filesystem is not resized when restoring #32 OCPBUGS-6411 : Rebase to v1.8.2 for OCP 4.13 #31 Updating ose-gcp-pd-csi-driver images to be consistent with ART #30
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #107 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #96 OCPBUGS-20847 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #87 CFE-878 : Add userLabels in Infrastructure to driver args list #74 OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #76 OCPBUGS-16569 : Bump library-go to remove dependency on goproxy #78 OCPBUGS-16783 : Chore: Update OWNERS #77 Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #75
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #71 OCPBUGS-15823 : Change timeout of CSI sidecar #73 OCPBUGS-14824 : Bump gcp-pd-csi-driver-operator library-go #72 STOR-1301 : Restart controller Pods if metrics-serving-cert changed #68 STOR-1168 : Bump common libraries #70 OCPBUGS-12609 : Bump golang.org/x/net@v0.9.0 #69 Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #67
Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #66
Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #65
OCPBUGS-8683 : Add management workloads annotations #64 Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #63
STOR-874 : Implement custom keys in GCP PD CSI driver operator #62 STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #61 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #58 Bug 2106736 : Add multiplePVsSameID capability #60 STOR-1078 : Add hostPaths necessary for SELinux mounts #59 Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #57
OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #56 Full changelog
OCPBUGS-39413 : Return from EnsureHostInPool on all NIC errors #2073 : OCPBUGS-38959: Upstream: 115702 kubelet: output log even file is rotated #2060
NO-JIRA: update downstream owners #2051
OCPBUGS-37623 : Bump to Kubernetes v1.27.16 #2043 OCPBUGS-35553 : Disable vulncheck #2010 OCPBUGS-35553 : Bump k8s 1.27.15 #1992 OCPBUGS-33964 : UPSTREAM: 123055: Fix race condition between resizer and kubelet #1973 UPSTREAM: <carry>: OCPBUGS-32473: fix cpu manager cpuset check #1951
OCPBUGS-33712 : Bump to Kubernetes v1.27.14 #1970 OCPBUGS-33417 : Provide SCC access via RBAC #1965 OCPBUGS-14373 : Fix flaky HPA e2e tests by not failing on context cancelled (#117669) #1958 OCPBUGS-32580 : allow override of NewVolumeManagerReconstruction #1956 OCPBUGS-32309 : Bump K8s api to 1.27.13 #1950 OCPBUGS-29924 : UPSTREAM: <carry>: openshift-kube-apiserver: add kube-apiserver patches #1898 OCPBUGS-31504 : Bump to 1.27.12 #1927 OCPBUGS-31741 : 4.14: UPSTREAM: 124048: Use the right feature gate when updating uncertain volumes #1936 Address CVE #12
OCPBUGS-30964 : Set up CEL IP/CIDR library from 4.14 onwards #1913 OCPBUGS-29662 : Update to kubernetes 1.27.11 #1890 OCPBUGS-27347 : UPSTREAM: <carry>: Update management webhook pod admission logic #1855 OCPBUGS-27369 : Update to kubernetes 1.27.10 #1860 OCPBUGS-25813 : Fix uncertain device in 4.14 #1830 UPSTREAM: 117349: OCPBUGS-19431: Bump lumberjack.v2 v2.0.0 -> v2.2.1 #1552
OCPBUGS-26006 : Update to Kubernetes 1.27.9 #1838 OCPBUGS-23566 : followup to #1808 #1813 OCPBUGS-23566 : Update to kubernetes 1.27.8 #1808 OCPBUGS-23286 : UPSTREAM: 121881: Use golang library instead of mklink #1801 OCPBUGS-22861 : UPSTREAM: <carry>: support for both icsp and idms objects #1780 openshift-hack: Fix sporadic 141 errors in build-rpms #1772
OCPBUGS-20380 : [release-4.14] UPSTREAM: 121127: [1.27][CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 #1758 OCPBUGS-18249 : <carry>: Export cpu stats of ovs.slice via prometheus #1699 OCPBUGS-20115 : Do not allow nodes to set forbidden openshift labels #1736 Update builder & base hyperkube image to RHEL 9 #1727
OCPBUGS-19401 : UPSTREAM: <carry>: vendor: bump cadvisor and runc to 1.1.9 #1713 OCPBUGS-19952 : UPSTREAM: <carry>: kubelet/cm: use MkdirAll when creating cpuset to ignore file exists error #1728 OCPBUGS-15531 : UPSTREAM: 120786: change rolling update logic to exclude sunsetting nodes #1717 OCPBUGS-18285 , OCPBUGS-19479 : Update to Kubernetes 1.27.6 #1709 OCPBUGS-18724 : cm: reorder setting of sched_load_balance for sandbox slice #1693 OCPBUGS-18608 : UPSTREAM: <carry>: Force using host go always and use host libriaries #1688 OCPBUGS-18149 : UPSTREAM: <carry>: retry etcd Unavailable errors #1681 OCPBUGS-18149 : UPSTREAM: <carry>: retry etcd Unavailable errors #1676 OCPBUGS-14301 : UPSTREAM: 117245: Fix TopologyAwareHint not working when zone label is added after Node creation #1673 OCPBUGS-14301 : UPSTREAM: 117249,118189: fix TopologyCache crashes #1668 OCPBUGS-7415 : grant user:full scope to self-SARs #1493 UPSTREAM: 118280: Set all PSa labels in tests #1663
OCPBUGS-17119 : UPSTREAM: <drop>: bump apiserver-library-go for updated required-scc errors #1661 OCPBUGS-15726 : UPSTREAM: <carry>: merge v3 openapi discovery and specs for special groups #1654 OCPBUGS-16166 : Update to Kubernetes 1.27.4 #1660 Update to Kubernetes 1.27.4 #1653
OCPBUGS-15726 : UPSTREAM: 118879: make apiservices.apiregistration.k8s.io discoverabl… #1630 OCPBUGS-16166 : Update to Kubernetes 1.27.4 #1645 OCPBUGS-15726 : UPSTREAM: 118881: fix openapi/v3 non local apiservices aggregation #1629 UPSTREAM: <drop>: hack/update-vendor.sh #1634
UPSTREAM: 119107: Stop using deprecated API #1624
OCPBUGS-13392 : UPSTREAM: 118915: remove legacy NetworkPolicy tests #1623 UPSTREAM: <drop>: update openshift/api,openshift/apiserver-library-go #1621
UPSTREAM: <carry>: when only this kube-apiserver can fulfill the kube… #1616
Update to Kubernetes 1.27.3 #1609
UPSTREAM: <carry>: STOR-1270: Admission plugin to deny deletion of storages.operator.openshift.io #1550
OCPBUGS-7181 : UPSTREAM: <drop>: bump apiserver-library-go #1605 STOR-1263 : Add csimock tests #1595 OCPBUGS-4053 : UPSTREAM: 118383: bump cadvisor for upstream patch 3301 #1594 Update test wrapper to match new k8s #1584
STOR-1263 : Bump to k8s 1.27.2 #1583 cherry-pick: #117785 from k/k - disable external IPs on e2e net tests #1581 UPSTREAM: 117893: When expecting pods count only active ones #1577
OCPBUGS-13854 : UPSTREAM: 117371: kubelet: Don’t reference the pod manager interface directly from components #1578 OCPBUGS-11652 : UPSTREAM: <carry>: Extend NodeLogQuery feature #1579 OCPBUGS-13148 : kubelet/cm: disable cpu load balancing on slices when using static cpu manager policy #1573 UPSTREAM: <carry>: move test rules from origin #1574
OCPBUGS-11143 : Azure: move to kube-proxy LB probes, don’t detach masters when unready #1569 OCPBUGS-10048 : UPSTREAM: <carry>: add conditional shutdown response header #1555 OCPBUGS-2474 : UPSTREAM: 116995: kubelet: Ensure pods that have not started track pendingUpdate #1561 STOR-1263 : Update to Kubernetes 1.27.1 #1558 OCPBUGS-10829 : UPSTREAM: 117310: kube-aggregator: correctly use client-go TLS cache with custom dialer #1548 UPSTREAM: <carry>: add shutdown annotation to response header #1537
UPSTREAM: <carry>: OCPNODE-1548,OCPNODE-1584: disable load balancing on created cgroups when managed is enabled #1518
Add wrapper which will allow running o/k tests as external binary in origin #1485
OCPBUGS-7267 : More fixes to SCC PSa extractor #1482 OCPBUGS-10048 : UPSTREAM: 115328: apiserver: annotate early (server not ready) and late (during shutdown) requests #1456 OCPBUGS-8220 : CSI Inline Volume admission plugin does not log object name correctly #1499 OCPBUGS-8092 : Fix mounted volume expansion tests #1498 UPSTREAM: <carry>: update rebase doc #1464
Bump to k8s 1.26.2 #1494
AUTH-336 : UPSTREAM: <carry>: PSa metrics: unset ocp_namespace on non-platform n… #1489 Bump to k8s 1.26.1 #1479
OCPBUGS-7267 : add SeccompProfile to Pod and Container accessors/mutators #1490 UPSTREAM: <drop>: OCPBUGS-5991: Kube APIServer panics in admission controller #1488
CNF-5901 : admission hook change for workload partition on all clusters #1312 UPSTREAM: 113799: tests: network: Prefer internal IPs first #1446
UPSTREAM: 115863: Remove global framework variable #1480
UPSTREAM: <carry>: add new approvers #1458
OCPBUGS-7555 : UPSTREAM: <carry>: add default kubelet sysctls within rpm #1475 AUTH-336 : UPSTREAM: <carry>: PSa metrics: log platform namespaces in audit denies #1454 add icsp validation: reject one of icsp idms.itms resources #1310
UPSTREAM: 114027: make GetSubnetPrefix IP family agnostic #1469
disable tests dependent on StackDriver #1466
UPSTREAM: 115484: Don’t explicitly set image version in tests #1465
UPSTREAM: 114994: kubelet: fix readiness probes with pod termination #1450
OCPBUGS-6030 : Rebase onto kube v1.26 #1432 Fix the mutated PodSpec extractor for warns if no SCC matches #1453
OCPBUGS-4900 : remove in-tree volume limits test now that CSIMigration is GA #1448 OCPBUGS-4658 : Apply shared defaulters to CRD-based routes. #1440 OCPBUGS-4657 : Bump library-go. #1431 UPSTREAM: <carry>: make the PSA workload admission warnings honor the… #1393
UPSTREAM: <carry>: Ensure balanced brackets in annotated test names #1410
STOR-829 : Add CSIInlineVolumeSecurity admission plugin #1384 OCPBUGS-3501 : UPSTREAM: <carry>: Add host assignment plugin for CRD-based routes. #1419 UPSTREAM: <drop>: Bump openshift/api. #1424
OCPBUGS-3499 : UPSTREAM: <carry>: Add validation plugin for CRD-based route parity. #1416 Bug 2117374 : UPSTREAM: <drop>: update apiserver-library-go to add message about wo… #1395 Bug OCPBUGS-2991: Disable expansion in SC, if driver does not support it #1402
OCPBUGS-3093 : Tag AWS security groups at creation #1411 UPSTREAM: <drop>: Bump library-go. #1406
OCPBUGS-2946 : Revert: 1340: tag AWS security group at creation #1401 OCPBUGS-3084 : UPSTREAM: 113481: kubelet: fix pod log line corruption when using timestamps and long lines #1404 Full changelog
OCPBUGS-53899 : bump golang-jwt v4 #5909 OCPBUGS-53433 : Prevent IgnitionServer from flooding the API server with patch requests #5878 OCPBUGS-51731 , OCPBUGS-51802 : Bump dependencies to OCP fork in backports #5899 Red Hat Konflux update control-plane-operator-4-14 #5953
ART-11792 : update go mod dependency for konflux #5921 OCPBUGS-53314 : Fix IsIPv4 function identifying also addresses instead of CIDRs #5867 OCPBUGS-45559 : Add Network Policies for Konnectivity server and Ignition server proxy #5816 NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.6 #5730
NO-JIRA: chore(deps): update dependency mkdocs-material to v9.6.6 #5725
chore(deps): update dependency mkdocs-mermaid2-plugin to v0.6.0 #5687
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.5 #5681
NO-JIRA: chore(deps): update dependency mkdocs-material to v9 #5688
OCPBUGS-50700 : add region to AWS creds passed to operators managed by CPO #5668 NO-JIRA: Red Hat Konflux update control-plane-operator-4-14 #5339
OCPBUGS-47630 : Separate CPO containerfiles #5619 NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.4 #5538
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.1 #5537
OCPBUGS-49405 : add ValidIDPConfiguration condition to report IDP config issues #5520 NO-JIRA: chore: update konflux references & bump up go version to 1.20 #5517
NO-JIRA: Update squidfunk/mkdocs-material Docker tag to v9.5.50 (release-4.14) #5444
NO-JIRA: Update dependency mkdocs-material to v8.5.11 (release-4.14) #5430
NO-JIRA: [release-4.14] Bump golang.org/x/crypto and golang.org/x/net #5372
NO-JIRA: Update dependency mkdocs-glightbox to v0.4.0 (release-4.14) #5331
NO-JIRA: Update dependency mkdocs to v1.6.1 (release-4.14) #5330
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.49 (release-4.14) - abandoned #5308
OCPBUGS-44279 : Configure OAuth https proxy to dial cloud endpoints directly #5067 NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.45 (release-4.14) #5162
NO-JIRA: chore(deps): update konflux references (release-4.14) #5145
NO-JIRA: chore(deps): update konflux references (release-4.14) #5121
NO-JIRA: chore(deps): update registry.access.redhat.com/ubi9-minimal docker tag to v9.5-1731518200 (release-4.14) #5105
NO-JIRA: Update Konflux references (release-4.14) #5100
chore(deps): update konflux references (release-4.14) #5076
NO-JIRA: chore(deps): update konflux references (release-4.14) #5055
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.44 (release-4.14) #5056
NO-JIRA: Update Konflux references to fedcfe0 (release-4.14) #5043
chore(deps): update konflux references (release-4.14) #5026
chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.43 (release-4.14) #5021
chore(deps): update konflux references to f53fe54 (release-4.14) #5020
NO-JIRA: Update Konflux references (release-4.14) #5011
OCPBUGS-41701 : cmd: report server version, supported OCP #4718 NO-JIRA: chore(deps): update konflux references (release-4.14) #4975
OCPBUGS-43688 : Use guest DNS resolution in Konnectivity HTTPS proxy by default #4964 chore(deps): update konflux references (release-4.14) #4953
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.42 (release-4.14) #4948
OCPBUGS-43368 : Let payload generation pick the release for the NodePool #4913 NO-JIRA: chore(deps): update konflux references (release-4.14) #4934
NO-JIRA: chore(deps): update konflux references to 66f551f (release-4.14) #4924
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.41 (release-4.14) #4917
NO-JIRA: chore(deps): update konflux references to 674e70f (release-4.14) #4910
NO-JIRA: chore(deps): update konflux references (release-4.14) #4898
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.40 (release-4.14) #4879
NO-JIRA: chore(deps): update konflux references to 37b9187 (release-4.14 #4851
OCPBUGS-42533 : enable audit log for oauth-openshift #4822 chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker tag to v1.21.13 (release-4.14) #4794
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.39 (release-4.14) #4828
NO-JIRA: chore(deps): update konflux references (release-4.14) #4813
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.38 (release-4.14) #4805
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9 (release-4.14) #4788
chore(deps): update registry.access.redhat.com/ubi9-minimal docker tag to v9.4-1227.1726694542 (release-4.14) #4758
chore(deps): update squidfunk/mkdocs-material docker tag to v8.5.11 (release-4.14) #4784
OCPBUGS-41374 : CPO oauth idp converter: resolve names before dialing #4763 NO-JIRA: chore(deps): update konflux references to 5ac9b24 (release-4.14) #4783
chore(deps): update konflux references to 2c3426a (release-4.14) #4773
NO-JIRA: chore(deps): update konflux references (release-4.14) #4757
OCPBUGS-42221 : Make guest cluster components use the correct KAS port #4753 OCPBUGS-38060 : Add HTTP konnectivity proxy to OAuth server #4498 OCPBUGS-38066 : [release-4.14] Use HTTP proxy for ingress controller #4724 NO-JIRA: Security fixes for openshift-ci-security job #4752
OCPBUGS-42184 : copy image-registry AdditionalTrustedCA configmap into HC openshift-config #4747 OCPBUGS-41506 : fix: bump google.golang.org/protobuf #4687 HOSTEDCP-1957 : bump go-jose version #4698 OCPBUGS-39378 : Set KCM node monitor grace period #4659 chore(deps): update konflux references (release-4.14) #4683
OCPBUGS-39183 : fix: bump github.com/IBM/go-sdk-core/v5 #4626 NO-JIRA: Add PodDisruptionBudget for router deployment #4692
NO-JIRA: Revert “Merge pull request #4661 from jparrill/bp-4.14/OCPBUGS-24308” #4667
NO-JIRA: PDB backports #4661
NO-JIRA: Konflux migration 4.14 #4648
OCPBUGS-39230 : set proxy envvars on aws CCM #4638 OCPBUGS-38791 : Let the CPO oidc check resolve through data plane #4617 NO-JIRA: Flaky cert validation test #4633
HOSTEDCP-1897 : [release-4.14] Allow setting Kube APIServer maximum requests in flight #4553 OCPBUGS-37076 : Fixed audit-logs sigterm failing to terminate gracefully #4369 OCPBUGS-38624 : remove weak ciphers from security profile #4575 OCPBUGS-37173 : Add newline after TLS certs referenced by image.config #4471 OCPBUGS-37172 : OCPBUGS-35899: Doubled machineHealthCheck timeout on Agent and None #4490 OCPBUGS-36944 : [release-4.14] Add HTTP(s) konnectivity proxy and use it with OpenShift APIServer #4360 HOSTEDCP-1795 , HOSTEDCP-1796 : Customize the self-generated cert validity and rotation #4473 OCPBUGS-37175 : Delete IDMS in dataplane once HCP ICS field is removed #4472 NO-JIRA: Konflux mce-2.4 pipeline fixes #4464
NO-JIRA: [release-4.14] OCPBUGS-36297: kubevirt-csi-driver: Pass infra kubeconfig in case of external infra #4288
NO-JIRA: [release-4.14] test/e2e: remove api budget checks #4438
NO-JIRA: chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker tag to v1.21.11-2 (release-4.14) - abandoned #4363
NO-JIRA: Update registry.access.redhat.com/ubi9/go-toolset Docker tag to v1.21.10-1.1719562237 (release-4.14) - abandoned #4326
NO-JIRA: Update registry.access.redhat.com/ubi9-minimal Docker tag to v9.4-1134 (release-4.14) - abandoned #4325
OCPBUGS-36518 : Run haproxy to connect to kas from data plane if noproxy settings contain kas #4315 OCPBUGS-36159 : Generate default worker security group rules based on machineCIDR #4270 OCPBUGS-35549 : Restrict image registry overrides to control plane component #4223 OCPBUGS-35365 : fix router on 4.14 y-stream upgrade #4205 NO-JIRA: chore(deps): update konflux references (release-4.14) #4257
OCPBUGS-35401 : Fix disconnected metadata inspection for nodepool #4208 OCPBUGS-35482 : Add TrustedBundles to OAS container #4216 OCPBUGS-35290 : [release-4.14] Backport etcd defrag #4189 NO-JIRA: chore(deps): update konflux references (release-4.14) #4248
OCPBUGS-35183 : add AWS STS URL to OIDC provider audiences #4179 NO-JIRA: hack: make the e2e script generic #4201
chore(deps): update konflux references to 2be7c9c (release-4.14) #4225
NO-JIRA: Update Konflux references to 1025001 (release-4.14) #4181
NO-JIRA: chore(deps): update konflux references (release-4.14) #4168
OCPBUGS-34856 : [release-4.14] OCPBUGS-34855: Add new permission required in CAPA #4149 NO-JIRA: test/e2e: fix prometheus serviceaccount handling against 4.16+ #4159
NO-JIRA: chore(deps): update rhtap references (release-4.14) #4112
NO-JIRA: chore(deps): update rhtap references to 9aec3ae (release-4.14) #4073
NO-JIRA: Remove CLI inspection of release image #4061
OCPBUGS-33713 : Reconcile over ICSP/IDMS #4059 NO-JIRA: chore(deps): update rhtap references to 7cd8020 (release-4.14) #4065
OCPBUGS-33844 : Fix disconnected metadata inspection #4049 OCPBUGS-33843 : Recycler-pod image now points to the OCP Payload reference #4048 NO-JIRA: chore(deps): update rhtap references (release-4.14) #4040
HOSTEDCP-1480 : Update TLS cert hash creation with sha512 #4025 NO-JIRA: Update RHTAP references (release-4.14) #3995
HOSTEDCP-1552 : Update RHTAP tekton files for 0.3 -> 0.4 migration #3958 OCPBUGS-33105 : [release-4.14] remove PrivateIngressController cleanup #3960 OCPBUGS-32471 : Fix ICSP and IDMS inclusion as registriesOverrides #3912 NO-JIRA: chore(deps): update rhtap references (release-4.14) #3920
OCPBUGS-32221 : Added support for OLM Disable default sources on HC creation #3882 NO-JIRA: chore(deps): update rhtap references (release-4.14) #3903
NO-JIRA: [4.14] [e2e test framework] Add a flag to add an annotation to Hosted Cluster #3905
HOSTEDCP-1526 : [release-4.14] Support additional node selectors for request serving nodes #3898 chore(deps): update rhtap references (release-4.14) #3888
NO-JIRA: Update RHTAP references (release-4.14) #3874
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3869
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3858
NO-JIRA: Update RHTAP references (release-4.14) #3836
OCPBUGS-31657 : disable http2 for ignition server and proxy #3831 OCPBUGS-31605 : inject built-in MCP selector for KubeletConfigs and ContainerRuntimeConfigs #3826 HOSTEDCP-1322 : NodeUpgradeType defaulted by provider #3822 NO-JIRA: Update RHTAP references (release-4.14) #3813
OCPBUGS-31417 : honor HC image configuration #3806 OCPBUGS-23914 : Added OLMCatalogPlacement option to the CLI #3229 OCPBUGS-30211 : set Konnectivity cipher suites #3679 chore(deps): update rhtap references (release-4.14) #3792
OCPBUGS-31048 : [4.15] HCP deletion can get stuck if CPO is unable to delete the default worker security group #3771 HOSTEDCP-1488 : Use regionalized STS endpoints in AWS #3756 NO-JIRA: Update RHTAP references (release-4.14) #3755
chore(deps): update rhtap references (release-4.14) #3739
OCPBUGS-30596 : Bump golang.org/x/net to version v0.17.0 #3711 NO-JIRA: chore(deps): update rhtap references (release-4.14) #3706
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3676
NO-JIRA: Update RHTAP references (release-4.14) #3672
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3651
OCPBUGS-29782 : use 2040 for apiserver svc in IBM provider #3594 ”[release-4.14] OCPBUGS-29259: Fix default release image lookup” #3550
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3620
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3625
OCPBUGS-29094 : Make ControllerAvailabilityPolicy immutable #3534 NO-JIRA: chore(deps): update rhtap references (release-4.14) #3604
NO-JIRA: Update RHTAP references (release-4.14) #3591
NO-JIRA: Update RHTAP references (release-4.14) #3519
NO-JIRA: Approvers update #3580
MULTIARCH-4084 : Reduce the policy access scope to specific instance #3530 OCPBUGS-29206 : Add GC knobs for KAS #3543 OCPBUGS-29187 : node spread anti-affinity for HA HCP #3541 OCPBUGS-19956 , OCPBUGS-28984 , OCPBUGS-28985 , OCPBUGS-28986 , OCPBUGS-29000 : Support Disconnected HCP #3520 OCPBUGS-29030 : Add ValidatingAdmissionPolicy to KAS config #3524 HOSTEDCP-1272 : Added CLI support to create DualStack clusters using default values #3514 OCPBUGS-28238 : consider HCP upgradeable if CVO has no upgradable condition #3468 OCPBUGS-26526 : Documented to disable UWM telemetry writer in disconnected envs #3389 OCPBUGS-26526 : Disable UWM Telemetry writer when telemeter-client cm not exists #3388 OCPBUGS-27072 : Apply Scheduling Configuration for kCCM #3418 NO-JIRA: Update RHTAP references (release-4.14) #3509
OCPBUGS-20180 , OCPBUGS-20547 : Added network validations #3096 OCPBUGS-23997 : add watch for HCP pullsecret to HCCO #3265 OCPBUGS-28249 : Required RBAC for network-node-identity is not created when hosted cluster networkType is set to Other. #3485 NO-JIRA: Update RHTAP references (release-4.14) #3447
OCPBUGS-24315 : Add prestop to konnectiviy server #3268 OCPBUGS-24307 : Set shutdown-delay-duration to 15s #3264 OCPBUGS-21795 : change trusted bundle volume mount for CPO #3102 OCPBUGS-25217 : Konnectivity agent update strategy #3308 OCPBUGS-26574 : Set new condition on SG deletion. #3398 Update RHTAP references (release-4.14) #3402
Update RHTAP references (release-4.14) #3383
OCPBUGS-22360 : Validate accessTokenInactivityTimeout >= 300s #3175 OCPBUGS-23936 : Use correct kubeconfig in CCM and remove CCMs access t… #3232 OCPBUGS-12720 : Updating hypershift images to be consistent with ART #2467 OCPBUGS-24627 : unset ServiceAccount on ignition-server-proxy #3295 [Release 4.14] OCPBUGS-24556: Fix a bug on deletion of a hostedcluster #3290
OCPBUGS-24269 : add CLI oauthclient #3272 OCPBUGS-23569 : Added IPFamilyPolicy to services exposed at the HCP in DualStack mode #3224 HOSTEDCP-1318 : external OIDC enablement #3261 OCPBUGS-23747 : Added brackets to IPv6 KAS address on kubeconfig #3228 OCPBUGS-24063 : fix(cpo): Set restart annotation on network-node-identity #3248 release-4.14, HOSTEDCP-1315: Improve NodePool CPU arch & platform check #3236
OCPBUGS-22676 : Make the OLMCatalogPlacement field immutable #3143 OCPBUGS-23558 : Let router use svc ips 4.14 #3221 OCPBUGS-19678 : Remove cluster name validation from HCC #3040 ”[release-4.14] CNV-35326: unsupported escape hatch mechanism custom HS/KV vms” #3202
OCPBUGS-23027 : Configure HSTS for kube-apiserver #3169 NO-JIRA: chore(deps): update rhtap references (release-4.14) #3085
OCPBUGS-23142 : adding permission to CNO RBAC Calico path for network-node-identity deploy #3182 OCPBUGS-22295 : Added brackets to the kubeconfig server address when IPv6 #3117 OCPBUGS-22690 : Use the same etcd snapshot for all replicas during etcd restore #3146 OCPBUGS-22959 : Update regex validation for nodepool.spec.taints.value #3165 HOSTEDCP-1280 : Adjustment cluster-cidr,service-cidr to support dualstack #3162 OCPBUGS-22898 : Stop exposing kas on 6443 private route service load balancer #3159 OCPBUGS-22898 : Stop defaulting aws private haproxy external port to 6443 #3160 OCPBUGS-19897 : Add konnectivity-proxy container to CNO #3058 OCPBUGS-22379 : Cluster-policy-controller: add missing RBAC for privileged namespaces PSA syncer controller #3131 OCPBUGS-20526 : Align PSA labels on guest cluster namespaces with standalone OCP #3111 OCPBUGS-21869 : Remove EnsurePSANotPrivileged #3107 OCPBUGS-21822 : Add ign proxy label selector for LabelTopologyZone PodAntiAffinity #3105 OCPBUGS-21587 : change required pod anti-affinity rule to preferred rule #3098 OCPBUGS-19794 : Upgrade Agent APIs to v1beta1 #3059 OCPBUGS-19797 : reconcile Authentication global config #3053 OCPBUGS-19794 : Upgrade agent APIs to v1beta1 #3051 OCPBUGS-20249 : Set KAS config pod security Enforce to privileged #3083 OCPBUGS-20163 : Report correct port when API exposed via route #3078 OCPBUGS-19796 : set accesstoken-inactivity-timeout flag to openshift-oauth-apiserver #3052 Update RHTAP references (release-4.14) #3060
Migrate deprecated-base-image-check pipeline #3057
chore(deps): update rhtap references (release-4.14) #2752
Update kubevirt csi driver deployment with proper timeouts #3046
OCPBUGS-19463 : set default deploymentconfig params on AWS CCM #3029 ACM-7278 : Remove marking pull secret as required in hcp cli #3023 OCPBUGS-18978 : add KAS endpoints to Except in router egress rule #3010 CNV-31919 : Validate KubeVirt platform required versioning #3026 OCPBUGS-19063 : amend OLM catalogs ImageStream according to annotation #3016 enable CGO_ENABLED for building FIPS compliant images #3006
OCPBUGS-18828 : tuned DS should not use controlPlaneReleaseImage #3005 Red Hat Trusted App Pipeline update hypershift-release-414 #2639
HOSTEDCP-1185 : Add flag to create a single NAT gateway #2984 Dump kubevirt external infra clusters #2992
OCPBUGS-18568 : Use MCO and CCO image references when looking up mappings #2985 HOSTEDCP-591 : Amend OLM catalog IS according to OpenShiftImageRegistryOverrides #2947 e2e: skip CNO pod restart check #2986
HOSTEDCP-1133 : Signal NodePool rolling upgrade because of platform changes #2973 OCPBUGS-18127 : Enable caching of Unstructured Objects in HO #2988 e2e: run Ensure functions after Main part of test #2983
OCPBUGS-18127 : Ensure machineTemplate name length respects RFC1123 spec #2975 ACM-6435 : add pausedUntil create cluster option in CLI #2965 OCPBUGS-7840 : Untangle kas port #2964 OCPBUGS-18399 : Preserve mirror order when serializing ICSP to env #2977 OCPBUGS-18336 : make konnectivity routes roundrobin #2971 Use the correct pull secret for HCP KubeVirt components #2919
Disable nto inplace test for kubevirt #2980
OCPBUGS-18438 : Properly format IPv6 address when proxying it through Konnectivity #2969 OCPBUGS-18127 : Trigger a rolling upgrade on NodePool .spec.platfrom changes #2956 HOSTEDCP-1156 : Add defaulting webhook to installation and notes #2922 HOSTEDCP-979 : Re-enable nodepool in-place upgrade tests #2960 Add a default value (32Gi) for nodepool in create nodepool kubevirt command #2940
OCPBUGS-16221 : Adds trust bundle to ignition-server when configured in HC #2819 Avoid creating tar archive if –archive-dump=false #2963
OCPBUGS-3873 adding rbac for UserOAuthAccessToken #2962
HOSTEDCP-1178 fix limited support label key #2958
OCPBUGS-18065 : enable aws-pod-identity-webhook on AWS #2957 OCPBUGS-18308 : Do not use mgmt cluster ICSP to mutate CCO image in KAS pod #2966 OCPBUGS-18266 : fix Progressing condition when ControlPlaneRelease is set #2959 fix(ho): Restore match label selector behavior #2951
OCPBUGS-18072 : Set emptyDir storage for the image registry only on initial time for None and Kubevirt platform #2895 OCPBUGS-18024 : Set Arch to amd64 for HCP NodePool Create #2941 chore(deps): update rhtap references (main) #2920
OCPBUGS-16813 : switch konnectivity-server to additional container in KAS pods #2942 Updating hostedcluster controller to stop using deprecated flags #2946
OCPBUGS-17827 : e2e: remove private-router from NeedManagementKASAccessLabel allowlist #2939 MULTIARCH-3709 : PowerVS - Add reuse resource flags to e2e test #2902 MULTIARCH-3478 : Minor bug fix on PowerVS infra #2451 OCPBUGS-18069 : Ensure load balancers are not exist before declaring load balancers are cleaned up #2887 MULTIARCH-3708 : PowerVS - Fix cluster deletion when existing resources passed #2867 MGMT-15368 : Document scaling down NodePools #2944 OCPBUGS-13348 : Hypershift Audit configuration not working. #2945 TRT-1202 : set SkipReleaseImageValidation annotation properly on e2e clusters #2943 OCPBUGS-17678 : Reconcile cloud credentials configuration to hosted cluster #2937 Add e2e test for etcd member recovery #2930
OCPBUGS-17827 : remove NeedManagementKASAccessLabel from router pods #2934 OCPBUGS-17985 : Handle empty mirrorImage result for ignition disconnected registry #2935 OCPBUGS-17827 : e2e: refactor checkPodsHaveLabel to be allowlist rather than exact match #2928 OCPBUGS-16813 : do not hardcode ignition-server-proxy replicas #2933 fix(ho): Restore match label selector behavior #2893
TRT-1202 : add annotation to skip release image validation #2929 OCPBUGS-17812 : Update Etcd health check to mirror standalone etcd #2918 STOR-1443 : Sync 05_operator_role-hypershift.yaml manifest from cluster-csi-snapsht-controller-operator #2915 HOSTEDCP-1065 : CNO deployed hosted-cluster-kubecfg-setup initContainers use CPR image #2917 HOSTEDCP-1001 : Image registryOverride included in the image metadata extraction flow #2909 OCPBUGS-17669 : Validate HostedCluster name against RFC1123 #2914 HOSTEDCP-1075 : Document how to recover single etcd member #2916 HOSTEDCP-1085 : Create a monitoring dashboard per HostedCluster #2907 chore(deps): update rhtap references (main) #2903
HOSTEDCP-1063 : Account for guest webhook URLs without a port #2898 OCPBUGS-17680 : Remove immutable note from PullSecret #2910 Revert “HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow” #2908
OCPBUGS-16076 : Validate HostedCluster name against RFC1123 in CLI #2906 OCPBUGS-15331 , OCPBUGS-16049 : Enable AdvertiseAddress dual stack and IPv6 support and added the changes to be included in the certificates #2779 HOSTEDCP-1081 : Perform etcd recovery when etcd member data is lost #2900 SDN-4057 : Pass ControlPlane image to OVN #2896 test: e2e: remove SingleReplica etcd chaos test #2901
Allow overriding pod security admission label #2886
HOSTEDCP-1146 : cpo: use CPO spec container image if it is a sha256 reference #2899 HOSTEDCP-1022 : Set Arch to amd64 #2897 Re-introducing defaulting webhook for self managed HCP #2892
fix-CNV-30260: KubeVirt: fix failed conformance test #2891
OCPBUGS-16298 : Prevent the kube-apiserver from connecting to the managment kas #2888 HOSTEDCP-1001 : Image registryOverride included in the image metadata extraction flow #2820 HOSTEDCP-1046 , HOSTEDCP-1102 : Follow-on Items #2847 Revert “[HOSTEDCP-1041] Defaulting webhook for self managed HCP” #2889
OCPBUGS-17446 : Set advertise-address in HCP etcd to resolvable name #2884 Defaulting webhook for self managed HCP #2864
STOR-1432 : cso: add envvars for CSI driver controller images #2882 HOSTEDCP-1025 : Add HCP CLI Command to Create a NodePool on AWS #2852 SDN-4042 : Increase upgrade rollout timers #2881 skip olm-collect-profiles in EnsureComponentsHaveNeedManagementKASAccessLabel #2874
HOSTEDCP-1064 : Add egress policy for private-router #2792 HOSTEDCP-1121 : Ensure SG reconciliation for aws endpoint #2872 chore(deps): update rhtap references #2865
HOSTEDCP-1065 : add ControlPlaneImage API for provider-side HCP updates #2848 HOSTEDCP-1063 : Disallow webhooks URLs targeting control plane services #2775 OCPBUGS-17374 : Fast specific dockerignore #2879 Kubevirt how-to docs updates #2875
Fix nodepool upgrade docs link #2880
OCPBUGS-17171 : Update OLM catalog image tags #2877 HOSTEDCP-1029 : Add HCP CLI Command to Destroy a Cluster on AWS #2853 Add workload management annotation to kubevirt-csi daemonset #2840
WRKLDS-730 : use default /healthz path for readiness probe in OCM and RCM #2873 Add api and cli validation for kubevirt volume mode #2862
HOSTEDCP-1079 : RHTAP HO Containerfile #2857 OCPBUGS-16770 : add need-management-kas-access label to olm-collect-profiles pods #2854 MULTIARCH-3684 : PowerVS - Upgrade capi to use v1beta2 APIs #2831 HOSTEDCP-1046 : Add ImageDigestMirrorSet to Config API comment #2868 MULTIARCH-3683 : Add dev flags in destroy cluster powervs command #2764 kubevirt: Reconcile EgressFirewall only for ovn-k #2849
HOSTEDCP-1046 : Add IDMS to the list of valid config manifests #2837 OCPBUGS-17059 : Add volume mode to kubevirt root volume api #2860 Update RHTAP references (main) #2832
OCPBUGS-16809 : Configured IgnitionProxy to support IPv4 and IPv6 #2850 OCPBUGS-14163 : Fixed ETCD to work in Ipv6 and Dual stack envs #2846 HOSTEDCP-1112 : Add config to set creation frequency of RHTAP PRs #2838 HOSTEDCP-1020 : Remove name as a persistent flag required field #2836 OCPBUGS-16232 : skip z-stream version check when upgrade is forced #2823 OCPBUGS-16033 : ClusterNetwork’s HostPrefix validation for dual stack #2795 OCPBUGS-14783 : Fix NetworkPolicy to work over IPv4 and IPv6 #2704 Revert “HOSTEDCP-710: Make ImageContentSource immutable” #2829
Update RHTAP references (main) #2814
HOSTEDCP-1062 : Make CAPI pod selector backward compatible #2825 HOSTEDCP-1093 : Add default flags to HCP create cluster CLI cmd #2802 Revert “HOSTEDCP-1094: e2e autoscaler balancing similar node groups” #2828
HOSTEDCP-1090 : Use statically configured haproxy for router #2778 HOSTEDCP-1046 : Allow HCP Specification to Support ICSP & IDMS #2720 HOSTEDCP-710 : Make ImageContentSource immutable #2815 OCPBUGS-11835 : Add missing probes to two services #2430 HOSTEDCP-1094 : e2e autoscaler balancing similar node groups #2808 OCPBUGS-16113 : unshare ignition-server reconciliation between HO and CPO #2817 OCPBUGS-11939 : Fix additional issues with OCPBUGS-11939 #2804 OCPBUGS-16135 : fix deletion bug when hostedzone is already deleted #2811 OCPBUGS-14862 Improve clarity around hypershift operator permissions #2782
HOSTEDCP-1062 : Management kas policy #2796 Revert “HOSTEDCP-1062: Add management cluster KAS network policy” #2793
HOSTEDCP-1020 : Add pullSecret & NodePool replica flags to HCP CLI #2774 HOSTEDCP-1101 : Add snyk-secret HO RHTAP scripts #2788 OCPBUGS-15991 : use ignition-proxy Service to populate ignitionEndpoint with strategy NodePort #2787 OCPBUGS-15769 : Include hypershift specific labels to be ignored by similar autoscaler groups #2784 Add management cluster KAS network policy #2717
HOSTEDCP-1019 : Add create cluster for Agent for HCP CLI #2754 CNV-30407 : KubeVirt Platform: Support NetworkInterfaceMultiQueue #2760 HOSTEDCP-1030 : Add destroy cluster for Agent for HCP CLI #2756 OCPBUGS-15594 : Get valid arch image for cluster-config-operator #2753 kubevirt: Annotate VMs to be live migratable #2772
Revert “Merge pull request #2770 from dharaneeshvrd/upgrade-capi-ibmcloud #2776
MULTIARCH-3684 : PowerVS - Upgrade capi to use v1beta2 APIs #2770 OCPBUGS-14862 : Reject VPCE Connections during VPCE Service cleanup #2700 Update RHTAP references #2768
HOSTEDCP-1023 : Add create NodePool for Agent for HCP CLI #2755 HOSTEDCP-1061 : Implement dedicated request serving nodes for HostedClusters #2722 OCPBUGS-15769 : Set –balance-similar-node-groups for autoscaler #2769 Leader election config update. #2282
OCPBUGS-15723 : Let getMachinesForNodePool return machines ordered by creation Timestamp #2766 Fix KAS HealthCheck for non DNS-Based ingress points in LB service #2765
Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible #2741
Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /hack/tools #2740
Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 in /hack/tools #2737
OCPBUGS-12208 ensureExists pullSecret resource reconciliation strategy #2732
Bump github.com/coreos/ignition/v2 from 2.10.1 to 2.14.0 #2739
Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /hack/tools #2738
Remove hardcoded AWS CI References #2742
TRT-1118 : Remove DisableStrictZoneCheck from AWS CCM config #2757 Update RHTAP references #2750
add OWNERS for new ci-tooling area label #2743
Add production cli (hcp) to dockerfile #2747
feat: Enable priority class override #2661
test/e2e: retry configmap create in etcd chaos tests #2746
OCPBUGS-14578 : Set allocate-node-cidrs to false in the cluster-kube-controller-manager #2731 Revert “HOSTEDCP-1016: Validate publishing strategies” #2733
HOSTEDCP-1027 : Add Create kubeconfig for HCP CLI #2719 HOSTEDCP-1016 : Validate publishing strategies #2651 KubeVirt Platform documentation for Advanced Storage Configurations and External Infrastructure #2712
Follow up to PR comments on #2642 #2690
HOSTEDCP-1067 : Add dependabot dependency management #2708 HOSTEDCP-1073 : enforce blocked rollout of HCP #2726 Revert “HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default” #2705
Remove –service-publishing-strategy from production cli #2721
HOSTEDCP-1024 : Add Create NodePool for KubeVirt for HCP CLI #2718 HOSTEDCP-1032 : e2e: ensure default PSA policy is not privileged #2714 HOSTEDCP-1031 : Add Destroy Cluster Cmd for KubeVirt for HCP CLI #2673 Expose annotation to allow release image overrides #2595
HOSTEDCP-1060 : add ignition-server proxy #2668 OCPBUGS-14637 : Check OwningIngressController also in Labels #2706 HOSTEDCP-1020 : Add Create Cluster for KubeVirt for HCP CLI #2672 properly handle user CA bundle not existing #2703
OCPBUGS-15168 : fix(oauth): Do not proxy IBM Cloud IAM endpoints #2699 OCPBUGS-14859 : Skip AWS resource deletion for ‘Unknown’ OIDC state #2691 Whitelist access from virt-launchers to NodeIP if NodePort ServicePublishingStrategy is used #2688
OCPBUGS-13829 : cpo: oauth: honor AccessTokenInactivityTimeout #2693 Update NodePool docs to include data propagation #2687
HOSTEDCP-1008 : Add NodePoolTransitionSeconds metric #2631 HOSTEDCP-967 : [Re-revert] Disable v1alpha1 and conversion webhook by default #2685 Make NodePool arch input immutable #2689
Update autocaler RBAC to accomodate machinepools support added upstream #2663
Enforce Immutability of some KubeVirt Platform Values #2654
CNV-24818 : Add fsGroup support to kubevirt-csi-driver #2563 Let payload provider render feature gate yaml #2664
OCPBUGS-14633 : Check for OPENSHIFT_IMG_OVERRIDES before using #2660 HOSTEDCP-965 : Add impersonate feature to the CLI and document HC dump procedure #2653 OCPBUGS-11882 : Annotate HCP pods with the safe-to-evict-local-volume CA annotation #2647 Update RHTAP references #2657
Disable nodepool replace upgrade test #2665
OCPBUGS-14784 : Honor global ingress configuration LoadBalancer type on AWS #2669 OCPBUGS-14620 : Set DisableStrictZoneCheck = true in the AWS Cloud Provider config #2659 HOSTEDCP-992 : refactor ignition-server reconcilation #2662 Minor fix in KAS LB HealthCheck #2656
HOSTEDCP-1036 : Create Makefile path to create productized CLI #2633 Extend np test timeout for KubeVirt platform #2655
HOSTEDCP-1003 : Set AWS conditions only for AWS platform #2604 Remove alsologtostderr flag form CAP* #2648
OCPBUGS-14575 : Check for IDMS only if mgmt cluster has req API #2650 Network isolation of VirtualMachines for KubeVirt provider #2622
OCPBUGS-14428 : remove OLM alerts from the HCCO #2636 KubeVirt Openstack image annotation override #2629
Red Hat Trusted App Pipeline update hypershift-operator-main #2638
Red Hat Trusted App Pipeline purge hypershift-azjx #2635
cli: Add release-stream flag #2644
OCPBUGS-13547 : Pass payload-version to MCS and MCC #2643 KubeVirt: Handle deletion of the cache DV on an edge case #2620
OCPBUGS-14087 : Enable HCCO to reconcile over the OperatorHub’s disableAllDefaultSources object #2632 HOSTEDCP-1009 : Allow external-dns image to be set in install cli #2623 Ensure FeatureGate is copied from cluster to MCO render source #2581
OCPBUGS-12972 : Use different ports for MCS in the ignition provider #2628 hypershift dump: use random local port for kas port-forwarding #2625
OCPBUGS-11939 : Initialize RegistryOverrides w/ mgmt cluster ICSP #2437 Revert “Merge pull request #2596 from muraee/disable-valpha1” #2627
Add ‘Creating Arm NodePools Through the API’ Section #2587
HOSTEDCP-967 : Disable v1alpha1 and conversion webhook by default #2596 OCPBUGS-13113 : Add ClusterUpgradeDuration metric #2566 chore(deps): update rhtap references #2612
OCPBU-609 : agent infrastructure docs #2618 OCPBUGS-14169 : Remove external-dns –events flag #2616 OCPBUGS-13970 : Reconcile oauthDeployment annotations even if kubeadmin secret is not found #2593 cmd: infra: aws: retry on AuthorizeSecurityGroup failure #2605
Fix dump for Kubevirt #2589
Kubevirt CSI StorageClass mapping API #2528
Remove Arm e2e test #2591
HOSTEDCP-947 : Set ETCD Storage Size as immutable field and equalised the default size among both api versions #2588 OCPBUGS-13735 : Fixed revoking some permissions to CAPI Manager Clusterrole #2586 HOSTEDCP-445 : Add script to migrate hosted control plane #2598 Use newly introduced KubeVirt Platform rhcos Image #2576
OCPBUGS-13168 : Include default ingress CA in root CA bundle #2584 HOSTEDCP-975 : Add new grafana panels for nodepools SLOs #2592 HOSTEDCP-926 : Send metric when HO/CPO decide to skip cloud resource deletion #2531 Update RHTAP references #2420
OCPBUGS-13897 : Use cluster-config-operator to render featuregate status on KAS bootstrap #2585 HOSTEDCP-975 : Add cluster_name label to nodepools metrics #2580 Fix broken tests for non-aws platforms #2577
Updated secret permissions for openshift-route-controller-manager #2575
HOSTEDCP-987 : Update go version and dependencies in /hack/tools/go.mod #2551 remove flags set by CI env var #2521
HOSTEDCP-975 : Add NodePool DeletionDuration and InitialRolloutDuration metrics #2558 ARMOCP-412 : Add ARM nodepool to AWS x86 Hosted Cluster #1594 OCPBUGS-11939 : Fix minor codebase nits #2502 control-plane-operator/controllers/hostedcontrolplane: Align reconcileCloudControllerManager error strings #2500
HOSTEDCP-960 : Add e2e to validate HC/NP conditions expected status #2482 HOSTEDCP-830 : Update auto scaler role to get and list agentmachinetemplates #2564 HOSTEDCP-445 : Included how to fix image-registry clusteroperator after a disaster recovery migration #2481 OCPBUGS-13547 : Pass release image version to MCO bootstrap via –payload-version #2572 Cache KubeVirt Boot Image #1918
contrib: ci: increase HC quota in clusters namespace #2547
HOSTEDCP-996 : CLI: enable guest cluster dump for private clusters #2571 MULTIARCH-3205 : Support IBM COS as storage for PowerVS in image registry operator #2207 fix nil deref in DefaultWorkerSecurityGroupID check #2573
remove unused OLM catalog rollout code #2568
OCPBUGS-13034 : Cluster-api SA can’t create events #2565 ACM-4277 : docs: Add L2Advertisement CR to the Handling Ingress section in the agent docs #2470 HOSTEDCP-947 : Increases default etcd PV size to 8Gi #2549 Add a new e2e option for the ETCD storage class #2560
Red Hat Trusted App Pipeline update hypershift-azjx #2555
HOSTEDCP-975 : Revised nodePoolSize metric and added AvailableReplicasMetric #2532 OCPBUGS-11383 : Sync proxy TrustedCA to guest cluster #2550 Removed unused KMS permissions for nodePool role #2456
Lock down kubevirt csi storageclass mappings #2534
OCPBUGS-13021 : Add internal/external elb tags to subnets #2541 HOSTEDCP-918 : Add validation for NodePool security Group condition when using default SG #2498 HOSTEDCP-981 : Minor updates to Getting Started & Contribute pages #2527 OCPBUGS-13111 : Fix errors from HCP controller removeServiceCAAnnotationAndSecret() #2513 Stop triggering rollout on labels/taint change #2533
Validate HO private platform input #2536
OCPBUGS-13021 : Health check load balancers only on public clusters #2535 OCPBUGS-13309 : set FeatureGate global config #2543 Add audit-log-maxbackup setting for openshift-api-server #2509
OCPBUGS-11894 : Let the aws endpoint to use the hypershift owned SG #2475 HOSTEDCP-980 : Include HostedClusterDegraded in hypershift_hostedclusters_failure_conditions metric #2523 HOSTEDCP-788 : Configurable SRE MetricsSet #2505 OCPBUGS-13112 : Add timeout to KAS health check client #2522 HOSTEDCP-978 : Bump openshift/api version and fixed KCM flags (k8s 1.27) #2519 OCPBUGS-7841 : Account for expectedState == false when capturing hostedClustersWithFailureCondition #2507 OCPBUGS-11719 : Ensure ingress controllers are removed before load balancers #2444 Fixed assignment to entry in nil map #2508
Add new –featuregate-manifest to /usr/bin/cluster-config-operator render #2506
ACM-5116 : Increase KubeVirt default Mem and Root Volume Sizes #2471 HOSTEDCP-937 : New metric to expose Hypershift operator info #2443 HOSTEDCP-969 : Consolidate labels for metrics #2494 HOSTEDCP-969 : Move proxy, silence alerts and limited support metrics into HC controller #2489 HOSTEDCP-969 : Only track available metric once #2479 OCPBUGS-11738 : Delete kubeadmin secret when an idp is defined #2452 Add PollImmediate for e2e metrics to avoid race with prom scrape interval #2483
HOSTEDCP-969 : Move HC creation metrics #2477 OCPBUGS-12153 : fix(hcco): Get OLM CatalogSource images from defined map #2454 HOSTEDCP-917 : Add publicAndPrivate <-> Private e2e test #2383 add hyperv1.SilenceClusterAlertsLabel to HostedCluster on deletion #2476
HOSTEDCP-969 : Move guest cluster resource deletion metric #2463 OCPBUGS-11450 : Pass OPENSHIFT_RELEASE_IMAGE env variable to CNO #2384 HOSTEDCP-972 : Add pre-commit command to Make file #2465 HOSTEDCP-969 : Move cluster deletion duration metric into controller #2459 Fix kubevirt csi daemonset reconcile loop #2466
Fixes loop between HC controller and pod security label syncer #2460
docs: update OIDC bucket create with bucket policy #2461
OCPBUGS-11946 : Add new OCP 4.13 storage admission plugin #2445 OCPBUGS-11773 : remove ACL for aws bucket #2423 OCPBUGS-7841 : Set metrics to 0 when needed to keep time series honest #2440 OCPBUGS-11930 : Clean up existing VPC endpoint connections #2438 Revert “Add validation for default Security Group conditions during N… #2453
HOSTEDCP-918 : Add validation for default Security Group conditions during NodePool upgrade test #2342 OCPBUGS-11649 : Always requeue AWSEndpointService controllers #2424 Add IBMers as reviewers #2436
e2e: Cleanup shared OIDC provider on SIGTERM #2435
HOSTEDCP-950 : Fix haproxy image name in ignition server #2441 OCPBUGS-7091 : Restart kube-scheduler when its configuration changes #2421 OCPBUGS-11749 : Add pod security labels to hcp namespace #2415 HOSTEDCP-950 : Validate release payload images #2368 kubevirt: Block metadata server egress #2399
Bring latest MCO API #2434
Relax MCO API strict decoding #2433
docs: update OIDC s3 bucket creation procedure #2425
json export for a common grafana dashboard for SLOs #2422
Enable monitoring for hypershift namespace #2419
MULTIARCH-3449 : set priority class for cloud controller manager pod for PowerVS #2390 Fixes HCCO reconcile error for kubevirt csi driver #2259
Add monitoring label to HCP namespace #2393
Update tekton references #2308
add OWNERS for new area labels #2414
fix typo #2411
HOSTEDCP-807 : Requeue HCP always #2408 OCPBUGS-11640 : Update HostedCluster oauthCallbackURLTemplate #2400 e2e: Fixed idp test conflict error on HosterCluster update #2389
dump: Store guest worker node logs and increase kubevirt logs verbosity #2317
HOSTEDCP-568 : Update Konnectiviy socks5 proxy for IBM exception #2366 OCPBUGS-11442 : properly reconcile with user specified changes for in proxy configuration #2382 Updated kubevirt docs #2318
OCPBUGS-11439 : allow z-stream upgrade even if CVO Upgradeable is false #2381 HOSTEDCP-954 : Remove ec2:ReleaseAddress #2379 HOSTEDCP-802 : add cli flag to enable upgrade type #2367 e2e: Fix oauth idp e2e test #2377
HOSTEDCP-951 : Let install apply to aggregate errors #2372 Revert “Create a second scheme that always registers prometheusoperatorv1 GVKs” #2374
HOSTEDCP-807 : Check KAS loadbalancer health #2264 e2e: fix for non-AWS platform #2360
HOSTEDCP-445 : Fix the storage ClusterOperator during a DR migration #2358 HOSTEDCP-850 : Fix nodepool autoscaler logic #2354 support/releaseinfo/pod_provider: Drop unused legacy PodProvider #2341
Fix nodepool upgrade e2e test #2359
HOSTEDCP-806 : Fix ValidAWSKMSConfig condition #2322 HOSTEDCP-939 : Setup shared OIDC provider for e2e clusters #2335 OCPBUGS-10227 : Preserve false status of ValidAWSIdentityProvider condition #2344 ACM-4615 get pull secret instead of dockerconfigjson from mce credentials #2338
Slo alerts #2049
HOSTEDCP-943 : Add hypershift_hosted_cluster_transition_seconds histogram #2348 HOSTEDCP-944 : Add more expectedHCConditionStates metrics #2347 OCPBUGS-10227 : Create new EC2 client for AWS identity provider health check #2346 OCPBUGS-10823 ensure well known public domains do not get proxied on image imports #2321
SDA-8609 : No more specifying the scrape interval at servicemonitors & podmonitors level #2327 OCPBUGS-10807 : Pass runAsUser to CNO so it can run its managed services with proper security context #2319 Appstudio update hypershift-azjx #2332
Revert “cpo: cno: follow image name change in release payload” #2345
support/supportedversion: Include the problematic version strings in error messages #2334
OCPBUGS-10864 : fix external APIServer address selection based on endpointAccess #2328 OCPBUGS-8073 : Do not proxy when guest cluster resolution fails #2261 MULTIARCH-3028 : handle PowerVS instance which goes to failed state during infra create and destroy process. #2088 HOSTEDCP-938 : Added PSA default profile to RunTimeDefault in operator deployment #2333 HOSTEDCP-934 : Validate PublishingStrategyMapping #2324 OCPBUGS-7091 : Honor scheduler profile in HostedCluster configuration #2330 HOSTEDCP-736 : Docs on how we handle aws permissions #2311 Add support for external infra clusters in KubeVirt platform #2017
Create a second scheme that always registers prometheusoperatorv1 GVKs #2292
OCPBUGS-10504 : Deletion of the VPCEnpoint on conflicting service names #2290 HOSTEDCP-801 : Expose external DNS for private cluster endpoints #2286 HOSTEDCP-903 : Propagate AWSEndpointService conditions #2278 Appstudio update hypershift-azjx #2287
OCPBUGS-8691 : Add storage operators perms. to watch HostedControlPlane #2301 OCPBUGS-10423 : Add validation for taint.value in nodePool #2298 HOSTEDCP-839 : Audit log sidecars for openshift-apiserver and openshift-oauth-apiserver #2232 Route to kubevirt VMs using infra id as service label selector #2092
Force controleplane upgrade always #2288
HOSTEDCP-900 : Modified AWSPrivateLinkController and AWSEndpointServiceController to respect PausedUntil spec field #2265 HOSTEDCP-919 : Clean up and API doc #2280 HOSTEDCP-688 : E2E Test NodePool Upgrade #2256 HOSTEDCP-445 : Documented the possible issues found during a HostedCluster migration #2276 OCPBUGS-10227 : Ensure identity provider health check condition is persisted and remove awsendpoint control plane finalizer if invalid aws creds #2281 OCPBUGS-8040 : Switch NTO metrics auth to certs generated by HCP controller #2050 OCPBUGS-8381 : Use appropriate serving certificate for OAuth #2279 HOSTEDCP-501 : Added detailed documentation about Hypershift release process #2272 HOSTEDCP-919 : Add AWS cloud controller manager #2271 Update PowerVS prereq doc with install and authorization details #2172
Remove webhook validation #2217
HOSTEDCP-809 : Clone CA key/cert to TLS key/cert #2246 Refactor e2e nodepool tests #2228
Update HCP version in capi cluster ref #2119
Validate etcd KMS config #2174
OCPBUGS-8421 : fix API documentation for audit webhook field #2258 Add a debug section to the Node Tuning docs #2254
Destroy cloud resources by default #2224
Add e2e test for identity providers #2166
HOSTEDCP-638 : Add latest ocp supported info to -v command for cli and operator #2233 OCPBUGS-8231 : Fix cleanup of volumes on cluster deletion #2243 fix(cpo): Delete multus validatingwebhookconfiguration on CNO init #2231
add pull-secret to imagePullSecrets for NTO, CNO, and olm-collect-profiles #2248
Update images and hypershift operator to 4.14 #2249
HOSTEDCP-904 : Add release automation and docs #2236 kms addition for pod identity workflow #2214
fix(ho): No network validation for IBM Cloud #2225
feat(HCCO): Block DNS operator delete until Cluster Version updated #2223
Add configuration for automatic labeling and label commands #2238
Skip pod restart check for NTO #2239
cpo: cno: follow image name change in release payload #2230
Added documentation around supported-versions configmap #2220
Add comment for BaseDomainPrefix #2219
Add condition to NodePool indicating whether a security group for it is available #2216
HOSTEDCP-827 : Add root volume encryption e2e test #2192 fix(hypershift): reduce CAPI rbac access #2173
Validate Network Input for HostedCluster #2215
Add labels info #2218
HOSTEDCP-826 : Customize DNS base domain prefix #2213 ensure reconcilation of apiserver port #2197
Cleanup default security group only if authorized #2211
HOSTEDCP-593 : Update the pull secret source for ignition payload #2187 fix(ibmcloud): Explicitly set HCCO controllers #2185
Adding NTO again to find the issue with data recollection #2152
cli: Add –cli-root-volume-access-modes #2188
feat: Add pod gone check to prober + DNS operator leader elect #2155
HOSTEDCP-833 : Add Golang check for ‘go list’ errors in Makefile #2193 HOSTEDCP-833 : Set kubevirt.io/client-go version to fix ART Issue #2194 add KAS egress network policy #2181
cpo: kcm: add nfs pv recycler pod template #2183
Fix kubevirt how-to doc formatting issues #2178
Update cluster api provider kubevirt dependencies #2157
fix(cpo): Set restart annotation on multus-admission-controller #2150
fix(cpo): Remove OLM collect for IBM Cloud to reduce artifacts and rbac #2141
Add default NodePool name clarification to docs #2186
fix(cpo): Reduce CNO access if Calico used as network provider #2159
add PSA labels to openshift-infra in guest cluster #2180
Add cli flag to enable root volume encryption #2177
Update KubeVirt platform how-to documentation #2108
Filtering data recolection only for aws instances running #2153
Add PodMonitor for ingress-operator pods in HCP namespaces #2136
fix regex in registry operator pod monitor #2171
Add e2e test for hosted cluster behind a proxy #2077
Skip destroyAWSDefaultSecurityGroup if not AWS #2167
Give kubevirt csi controller get VMI RBAC #2154
set default PSA enforce to restricted #2097
Create default security group for AWS clusters #2146
AUTH-323 : konnectivity: split away the rootCA from konnectivity trust #2149 Use KAS kubeconfig for PowerVS CCM instead of external kubeconfig #2065
Add e2e test for secrets encryption using kms #2135
OSD-15099 : Delaying the creation of servicemonitor and podmonitor resources till the hostedcluster is Completed #2147 Add support for root volume encryption using KMS #2143
Check creation and deletion timestamps are not nil #2132
test: skip TestCreateClusterKms on non-AWS platforms #2151
expose silence alerts metric #2142
AUTH-323 : pki: split out konnectivity certs from the rootCA #1891 Clarify docs for nodePool.spec.config #2137
fix(ho): Delete user-data secret for non-AWS platforms #2134
Revert “Refactored NTO MachineConfig InPlace and Replace E2E Tests” #2145
Basic immutability for NodePool #2139
Changes autoscalling replica number when the nodepool replica is not set #2106
Add external DNS health condition #2130
Adding supportability for Private HostedCluster to be migrated #2089
fix openshift-route-controller-manager ServiceMonitor regex #2094
fix(api): Fix deprecated API conversion #1987
OpenID add support for groups claim in the config #2116
fix(cpo): Restart registry operator on annotation #2111
fix(cpo): Allow KAS profiling disablement #2110
update to golang 1.19 and 4.13 base image #2095
Add e2e test for cluster creation with AWS KMS #2093
Refactoring NTO MachineConfig InPlace and Replace E2E Tests #2051
Fix CAPA crd generation #2113
AWS: remove finalizer from deleted awsmachines if lost STS #2109
Minor fixes to notes on Getting Started and NodePool Upgrades pages #2117
Add dns docs clarification for private topology #2115
fix(cpo): Separate RBAC for NTO + CNO #2107
Set k8s.io/kubernetes dependency to v0.23.3 #2068
Moving from HC Migration to Disaster Recovery in documentation #1953
test: skip ovnkube-master in crashing pods check #2103
bump openshift/api and go1.19 for fmt #2096
Fixing issue between UpdatingVersion and UpdatingConfig at InPlace Up… #1978
Add tags and rename cloud instance name suffix #1779
fix(ibmcloud): Initialize image registry config on creates and bad config #2091
Full changelog
OCPBUGS-36065 : CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 #73 OCPBUGS-21246 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #50 OCPBUGS-18142 : [IBM VPC] failed provisioning volume in proxy cluster #46 OCPBUGS-16783 : Chore: Update OWNERS and OWNERS_ALIASES #41 OCPBUGS-12613 : 4.14: UPSTREAM: 157: K8S and grpc package upgrade #39 STOR-1158 : Merge v5.1.5 for OCP 4.14 #38 OCPBUGS-12325 : UPSTREAM: 118: Update golangci-lint #37 Updating ose-ibm-vpc-block-csi-driver images to be consistent with ART #36
Updating ose-ibm-vpc-block-csi-driver images to be consistent with ART #33
OCPBUGS-10125 : UPSTREAM: 121: Add missing Kubernetes deps #34 STOR-1011 : Rebase to v5.1.1 for OCP 4.13 #31 Updating ose-ibm-vpc-block-csi-driver images to be consistent with ART #29
Full changelog
OCPBUGS-36071 : CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 #122 OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #104 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #91 OCPBUGS-21339 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #81 OCPBUGS-18105 : [IBM VPC] failed provisioning volume in proxy cluster #74 OCPBUGS-16654 : Revert revert “STOR-1065: Rename node-driver-registrar… #69 OCPBUGS-16571 : Bump library-go to remove dependency on goproxy #71 OCPBUGS-16783 : Chore: Update OWNERS #70 Revert “STOR-1065: Rename node-driver-registrar RBAC and Rework sidecar bindings to bind common ClusterRoles” #68
STOR-1065 : Rename node-driver-registrar RBAC and Rework sidecar bindings to bind common ClusterRoles #64 OCPBUGS-14824 : Bump ibm-vpc-block-csi-driver-operator library-go #65 OCPBUGS-12614 , STOR-1168 : Bump common libraries #57 Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #56
Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #55
Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #54
OCPBUGS-8683 : Add management workloads annotations #53 Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #52
STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #51 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #48 Bug 2106736 : Add multiplePVsSameID capability #50 STOR-1078 : Add hostPaths necessary for SELinux mounts #49 Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #47
STOR-1060 : Update deployment files for snapshot support #45 Full changelog
OCPBUGS-36011 : CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 #42 OCPBUGS-21451 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #27 OCPBUGS-12510 : UPSTREAM: 20: Bump (golang.org/x/net): to address CVE-2022-41723 #23 Updating ibm-vpc-node-label-updater images to be consistent with ART #22
Updating ibm-vpc-node-label-updater images to be consistent with ART #21
Updating ibm-vpc-node-label-updater images to be consistent with ART #20
Updating ibm-vpc-node-label-updater images to be consistent with ART #19
STOR-1011 : Rebase to v4.3.0 for OCP 4.13 #18 Updating ibm-vpc-node-label-updater images to be consistent with ART #16
Full changelog
Binary should be compiled on rhel9 #89
Updating ironic-rhcos-downloader images to be consistent with ART #88
Updating ironic-rhcos-downloader images to be consistent with ART #87
Updating ironic-rhcos-downloader images to be consistent with ART #86
Updating ironic-rhcos-downloader images to be consistent with ART #85
Updating ironic-rhcos-downloader images to be consistent with ART #84
Full changelog
OCPBUGS-49890 : Fix subnet validation #50 OCPBUGS-14614 : Remove provisioning netowrk route from “lo” #39 OCPBUGS-4501 : Flush addresses on provisioning interface with global scope only #35 Updating ironic-static-ip-manager images to be consistent with ART #34
Updating ironic-static-ip-manager images to be consistent with ART #33
Full changelog
OCPBUGS-21473 : Add a toggle to disable HTTP/2 on the server to mitigate CVE-2023-44487 #89 OCPBUGS-21473 : upgrade golang.org/x/net to 0.17.0 to address CVE-2023… #81 OCPBUGS-20250 : limit number of simultaneous client requests #77 OCPBUGS-12659 : bump golang.org/x/net version #71 Updating ose-prometheus-adapter images to be consistent with ART #69
OCPBUGS-10172 : Updating ose-prometheus-adapter images to be consistent with ART #68 OCPBUGS-6458 : Bump golang.org/x/net to v0.4.0 for GO-2022-1144 #67 Updating ose-prometheus-adapter images to be consistent with ART #66
Full changelog
OCPBUGS-30414 : update unit tests in egress/dns-proxy #173 OCPBUGS-10176 : 15143307: Updating openshift-enterprise-keepalived-ipfailover images to be consistent with ART #132 OCPBUGS-10163 : Updating openshift-enterprise-egress-router images to be consistent with ART #131 OCPBUGS-10181 : 15143312: Updating openshift-enterprise-egress-dns-proxy images to be consistent with ART #133 NE-1304 : container builds: switch to haproxy26 package #141 OCPBUGS-11385 : Removed chroot setting #137 egress: update owners #139
OCPBUGS-11595 : Revert “[NE-1267] container builds: switch to haproxy26 package” #138 egress/dns-proxy/Dockerfile: switch to haproxy26 package #136
OCPBUGS-10003 : Revert “bump RHEL8 egress-dns-proxy image to haproxy26” #134 Updating ose-egress-http-proxy images to be consistent with ART #130
Updating openshift-enterprise-base-rhel9 images to be consistent with ART #129
Updating openshift-enterprise-base images to be consistent with ART #128
Add jupierce as approver / remove Clayton #127
rhel9 base image: Fix build failure #126
Dockerfile: add RHEL9 base image dockerfile #124
bump RHEL8 egress-dns-proxy image to haproxy26 #125
Updating openshift-enterprise-keepalived-ipfailover images to be consistent with ART #122
Updating ose-egress-http-proxy images to be consistent with ART #120
Updating openshift-enterprise-egress-dns-proxy images to be consistent with ART #123
Updating openshift-enterprise-base images to be consistent with ART #119
Full changelog
OCPBUGS-46536 : Bump openvswitch #647 [Release 4.14] OCPBUGS-43484: NP-1092: backport SDN live migration #631
OCPBUGS-20790 : update x/net to v0.17.0 #587 OCPBUGS-19558 : Collect pod operation latency metrics properly #577 OCPBUGS-17316 : CVE-2023-3978: golang.org/x/net/html: Cross site scripting #571 OCPBUGS-16790 : Change the permission of 80-openshift-network.conf to 600 #570 Dockerfile changes to build both rhel8 and rhel9 binaries #559
SDN-3900 : rebase to 1.27.1 #555 OCPBUGS-12644 : CVE-2022-41723 golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding #538 OCPBUGS-3176 : Enable IP Forwarding if disabled #549 OCPBUGS-13975 : fix possible concurrent map read/write #546 OCPBUGS-13717 : Use the ovsver build arg to infer the openvswitch short version number #534 Updating kube-proxy images to be consistent with ART #531
Updating ose-sdn images to be consistent with ART #530
OCPBUGS-12233 : CVE-2018-17419 ose-node-container: dns: Denial of Service (DoS) #535 OCPBUGS-12435 : EgressNetworkPolicy DNS resolution does not fall back to TCP #532 Change fedora image to use latest upstream #523
Updating kube-proxy images to be consistent with ART #516
OCPBUGS-1370 : save and delete the old egress network policy #525 Updating ose-sdn images to be consistent with ART #514
OCPBUGS-9985 : Prefer local TCP endpoint for cluster DNS service #518 OCPBUGS-8007 : Fix race in Egress IP Tracker start #515 Drop non-conntrack-based Service support #507
SDN-3635 : OSDN kube 1.26.0 rebase 2nd attempt #510 Revert “SDN-3635: OSDN kube 1.26.0 rebase” #508
SDN-3635 : OSDN kube 1.26.0 rebase #504 OCPBUGS-6714 : Initialize egress node monitoring struct with previous reachability status #503 OCPBUGS-5842 : Add /usr/bin/oc to image #495 OCPBUGS-4133 : rebase kube to kube 1.25.4 #498 Add Tim R and remove Casey from OWNERS #493
Handle race condition to setup default vnid flows #490
iptables: use container iptables, not host’s #496
Update for 4.13 / go 1.19, including gofmt updates #481
OCPBUGS-95 : Retry IP re-assignment on failure #480 OCPBUGS-95 : Add node egress IP assignment resync #463 Bug 2050230 : pass ResourceVersion:0 for kube List() calls #471 Full changelog
OCPBUGS-20794 : bump x/net to v0.17.0 #101 Merge with upstream/release-2.9 #95
OCPBUGS-12347 : Update 4.14 kube-state-metrics image to be consistent with ART #94 Bump openshift/kube-state-metrics to v2.8.2 #92
OCPBUGS-10177 : Updating kube-state-metrics images to be consistent with ART #91 Bump openshift/kube-state-metrics to v2.8.1 #90
OCPBUGS-6320 : Merge upstream/release-2.8 #89 Updating kube-state-metrics images to be consistent with ART #88
OCPBUGS-4275 : Update github.com/prometheus/exporter-toolkit #87 Bump openshift/kube-state-metrics to v2.7.0 #82
OCPBUGS-4089 : cherry-pick, do not expose ingress path metric when service is nil #81 OCPBUGS-3924 : cherry-pick, autoscaling/v2beta2 HorizontalPodAutoscaler is deprecated in v1.23+ #80 Full changelog
OCPBUGS-23866 : deps, bump opentelemetry #38 OCPBUGS-21174 : Bump golang.org/x/net to v0.18.0 #37 OCPBUGS-30861 : Bump golang.org/x/net to v0.18.0 #36 OCPBUGS-19020 : Auto sync upstream 2023 09 15 20 36 #26 Auto sync upstream 2023 05 15 20 44 #22
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #21
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #20
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #19
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #18
Updates the component owner field to match the new categories #17
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #16
Full changelog
“OCPBUGS-29792: [release-4.14] Address CVE-2024-1725: Restrict access to infrastructure PVCs by requiring matching infraClusterLabels on tenant PVCs” #34
OCPBUGS-19730 : Ensure volume is removed before returning success (https://github.com/kubevirt/csi-driver/pull/90 ) #25 Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #20
CNV-29315 : kubevirt-csi unable to unpublish volumes in the event a VM is unexpectedly destroyed #21 Auto sync upstream 2023 02 12 09 #19
Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #18
Upstream Sync Oct 31st #16
Full changelog
OCPBUGS-19926 : [release-4.14] Don’t force use of virtio console #269 OCPBUGS-18338 : Fix CI by running tests natively by default #261 Updating ose-libvirt-machine-controllers images to be consistent with ART #259
Updating ose-libvirt-machine-controllers images to be consistent with ART #258
Updating ose-libvirt-machine-controllers images to be consistent with ART #257
Updating ose-libvirt-machine-controllers images to be consistent with ART #254
Remove myself (frobware) from OWNERS #253
refactor: replace github.com/ghodss/yaml with sigs.k8s.io/yaml #252
Update vendoring master #251
Updating ose-libvirt-machine-controllers images to be consistent with ART #243
Fix go fmt and update controller image tag #242
Full changelog
OCPBUGS-53296 : add image/read permissions #1350 OCPBUGS-48245 : VSphere: Handle cloned instance with lost taskID #1322 OCPBUGS-47659 : Ensure deletion annotation takes priority and oldestPolicy can distinguish longer ages #1318 OCPBUGS-43821 : install/0000_30_machine-api-operator_00_credentials-request: Set skipServiceCheck again for GCP #1303 CFE-1051 : Adding web-hook validation for capacityReservationGroupID #1260 OCPBUGS-31980 : Update x/net to v0.25.0 #1236 OCPBUGS-30898 : Azure MAO CredentialsRequest Contains Unnecessary virtualMachines/extensions Permissions #1224 OCPBUGS-28745 : Set –max-concurrent-reconciles=10 for Azure machine controller #1217 OCPBUGS-28745 : Add AddWithActuatorOpts to allow overriding Machine controller options #1214 OCPBUGS-24998 : Add Snyk file to exclude vendor directory on scan #1191 OCPBUGS-24047 : Update reference URL #1186 OCPBUGS-24047 : Use docs URL instead of KCS article #1180 OCPBUGS-17297 : [release-4.14] Update x/net to fix CVE #1173 OCPBUGS-17872 : Azure MAO CredentialsRequest contains unnecessary network write permissions #1161 OCPBUGS-17090 : Set logger for controller runtime #1164 OCPBUGS-18338 : Fix CI by running tests natively by default #1163 OCPBUGS-17919 : [Azure] MAO Missing DiskEncryptionSet read permissions #1162 OCPCLOUD-2014 : Switch Azure credentials request to use explicit permissions #1152 OCPBUGS-16925 : only attempt to remove finalizers if staticIPFeatureGateEnabled #1160 install/0000_99_machine-api-operator_00_tombstones: Drop obsolete file #1159
OCPBUGS-16307 : default instance type for Azure based on the architecture (+ gcp) #1155 MGMT-13630 : Add Azure Confidential VM and TrustedLaunch for VMs webhook validations #1157 SPLAT-845 : add support for the capv NetworkDeviceSpec #1079 Fix data race conditions in unit tests #1156
reconcile status when the clusteroperator changes #1154
MULTIARCH-3693 : Add policies to operate on VPC loadbalacers #1153 Add feature gate for disabling the MHC controller #1151
Bump openshift/api package #1150
add capability annotation #1119
MachineAPIOperatorMetricsCollectionFailing to warning #1149
CCO-321 : Add support for feature-gating specific providers #1140 MIXEDARCH-129 : Adds the MergeCommaSeparatedKeyValues method in the util package #1147 updated hacking-guide.md to direct customers to open up issues on Jir… #1139
OCPBUGS-13132 : Golang update to 1.20 #1146 OCPBUGS-13956 : Bump controller-runtime to v0.15.0 #1145 OCPBUGS-13806 : Update dependencies to K8s 1.27 #1142 CCO-321 : Add service account name to Azure credentials request #1129 OCPBUGS-10165 : Updating ose-machine-api-operator images to be consistent with ART #1127 OCPBUGS-10591 : Fix empty component version #1128 OCPBUGS-7249 : Fix zone tag value reconciliation for vSphere machines #1126 OCPCLOUD-1778 : Add None and External platform type explicit handling #1122 OCPBUGS-6063 : Add missed permission for a pod deletion on vsphere platform #1121 Add Machine webhook to validate the new fields of NutanixMachineProviderConfig #1117
OCPBUGS-6063 : Forcefully delete unevicted pods within vSphere machine deletion procedure #1118 : Update tooling for MAO #1100
OCPCLOUD-1852 : Bump k8s dependencies to 1.26; go 1.19 #1115 OCPBUGS-3275 : Update machinehealthcheck dropping log from Error to Warning #1116 Metal3 remediation backport #1075
OCPBUGS-6063 : Block machine deletion if extra disks are attached #1114 Add webhook validation for ConfidentialCompute on GCP #1112
Remove the openstack-machine-controllers image #1111
MGMT-12838 : add webook validation for shieldedInstanceConfig on GCP #1102 : Short circuit misfiring #1107
OCPCLOUD-1801 : Port to ginkgo v2 #1099 Add warning for unknown fields when unmarshaling the provider spec #1106
OCPBUGS-5018 : machine-api-termination-handler: run DaemonSet only on Linux #1101 OCPBUGS-4566 : Append annotations from machine template spec to the node #1096 Updating ose-machine-api-operator images to be consistent with ART #1095
OCPCLOUD-1769 : Make machine phases public consts #1088 : Set default container for machine-api-operator #1092
Revert custom role #1097
Add permissions for regionBackendServices #1094
: GCP Credentials req. using new API field permissions #1087
Fix lint issues reported by golangci-lint #1069
Increase timeout for machineset tests #1091
Use StringDeref from k8s.io/utils instead of custrom implementation #1090
docs: Add a reference to machine-config-server #1089
Allow to use machine.openshift.io API in provider specs #1085
Bug 2095274 : vSphere, fix network existence check for network devices during machine creation #1082 Full changelog
OCPBUGS-54228 : Update ObservedGeneration in KubeletConfig #4950 OCPBUGS-50631 : Add clarification to invalid maxUnavailable alert #4848 OCPBUGS-48801 : Wait for all subcontrollers #4808 OCPBUGS-46057 : Remove trailing periods from AWS provided hostnames #4747 OCPBUGS-45271 : Post upgrading from 4.14 to 4.15.36, the observedGeneration count increased tremendously #4725 OCPBUGS-42111 : Do not use ‘restart’ for ‘oneshot’ service #4622 MCO-1278 : Backport Telemetry to 4.14 #4672 OCPBUGS-43981 : Panic seen in CI job for MCC pod #4671 OCPBUGS-43980 : MCPs report wrong number of nodes when we move nodes from one custom MCP to another custom MCP #4673 OCPBUGS-37552 : On-Prem resolv prepender to watch for NM changes #4500 OCPBUGS-35322 : Decrease logs of haproxy #4405 OCPBUGS-32258 : Log network service output to console #4320 OCPBUGS-38371 : Revert “MCD-pull: run after network-online.target in Azure” #4526 OCPBUGS-37769 : Move StartLimitIntervalSec to Unit section #4521 OCPBUGS-30794 : Mount /run/nodeip-configuration into coredns containers #4253 OCPBUGS-37483 : Remove weights from ingress check script #4485 OCPBUGS-37738 : Openshift uncordoned compute-node that was intentionally cordoned #4502 OCPBUGS-36915 : Use NM’s dns-change event for resolv.conf #4473 OCPBUGS-37223 : Copy RHEL9 binaries used in HCP #4479 OCPBUGS-36776 : daemon: Handle correctly OS Version for 4.1 and 4.2 bootimages #4463 OCPBUGS-36593 : MCD-pull: run after network-online.target in Azure #4456 OCPBUGS-36356 : daemon/update: disable systemd unit before overwriting #4447 OCPBUGS-32472 : Delete state files on reboot only #4331 OCPBUGS-33590 : ovs-configure: fix vlan_parent calculation #4361 OCPBUGS-34716 : If multiple hostnames are returned, use the first one for the Node name #4385 OCPBUGS-17658 : Controller pod is spamming unknown field “spec.dns.spec.platform” message #4383 OCPBUGS-33643 : Don’t error if the certs.d dir doesn’t exist yet #4362 OCPBUGS-32341 : Remove the condition for checking the multiple ovs-if-br-ex profiles #4325 OCPBUGS-27030 : Log network service output to console #4114 : OCPBUGS-31731: kubelet: restorecon necessary files on kubelet’s prestart #4307
OCPBUGS-32260 : fix: resources were in the wrong indentation level #4322 OCPBUGS-27108 : Add \n in cert_writer for old cert methods and skip cloudCA validation #4117 OCPBUGS-31487 : Prevent OVS-configuration to run before kdump #4291 OCPBUGS-29400 : Run resolv-prepender entirely async #4182 OCPBUGS-31681 : make verify should use MCO’s kube version #4305 OCPBUGS-30992 : add preferredduringscheduling annotation to kube-rbac-proxy-crio #4266 OCPBUGS-30872 : add static pods for rbacproxy #4258 OCPBUGS-30107 : annotate on-prem static pods for workload partitioning #4230 OCPBUGS-30225 : set nodeStatusReportFrequency #4242 OCPBUGS-29290 : AWS: Always persist the existing node name on 4.14 #4215 OCPBUGS-20039 : Add v6-primary dual stack support to VSphere UPI #3956 OCPBUGS-29457 : Add existing kubeletconfig/ctrcfg mc-name-suffix annotation #4187 OCPBUGS-26072 : Fix bootstrap with NTO Operator and duplicate MachineConfigs #4098 OCPBUGS-28379 : fix nodeStatusUpdateFrequency #4149 OCPBUGS-28384 : daemon: allow the user to override drains on IR changes #4150 OCPBUGS-27759 : Add Image Credential Provider flags for Kubelet on AWS #4144 [OCP 4.14] OCPBUGS-24660: daemon: Add support for new nmstate logic #4066
OCPBUGS-27178 : use *resource.Quantity to not automatically set 0 #4121 OCPBUGS-23089 : Don’t retry node-ip show in resolv-prepender #4022 OCPBUGS-27362 : Fix typo in AWS node env unit #4131 OCPBUGS-26500 : crio: drop automatic image cleanup on upgrades #4105 OCPBUGS-26559 : Azure Run ovs-configuration.service before dnsmasq.service #4109 OCPBUGS-26551 : kubelet: fix kubelet labels #4107 OCPBUGS-24596 : [release-4.14] execute cert related processes to ensure proper rotation #4063 OCPBUGS-24397 : gcp-routes: don’t exit on crictl failures #4056 OCPBUGS-20554 : Ensure gcp-routes hack for internalLB hairpin traffic works for SGW #3973 OCPBUGS-23474 : Use shorter IP label for keepalived VIP #4041 OCPBUGS-23208 : workaround nmstate bug by configuring ipv{4,6} addresses #4031 OCPBUGS-22275 : support icsp and idms objects #3995 OCPBUGS-22391 : Require a hostname override for AWS #4001 OCPBUGS-20418 : Introduce kubelet-dependencies.target and firstboot-osupdate.target #3967 OCPBUGS-20051 : Support to append the duplicate kernel arguments to the rendered MC #3957 OCPBUGS-21065 : Update library-go and k8s dependencies to latest version #3994 OCPBUGS-20025 : Consider ingress VIPs when selecting node IP #3951 OCPBUGS-21841 : CRI-O: Use 127.0.0.1 for stream server with random port #3984 OCPBUGS-20358 : dashboard should detect unknown and not ready for not ready dashboard #3966 OCPBUGS-19657 : After dual-stack conversion reconcile IPFamilies #3934 OCPBUGS-19430 : [release-4.14] resolv-prepender: avoid pulling baremetalRuntimeCfgImage again if it … #3925 OCPBUGS-19703 : Internal Registry Secrets merge causing excessive API calls #3941 OCPBUGS-19662 : fix merged image registry CA behavior #3937 OCPBUGS-19701 : Remove dependency on k8s.io/kubernetes packages #3940 OCPBUGS-19344 : Ignore invoking nbctl calls if its SDN #3928 OCPBUGS-19535 : daemon: always use podman cp to copy extensions container content #3932 OCPBUGS-19357 : install: Recreate and delayed default ServiceAccount deletion #3920 OCPBUGS-9972 : Fix azure routes hack for ovnk pods towards internalLB on master nodes in SGW mode #3878 OCPBUGS-18442 : MCO is degraded if not install image registry operator #3901 OCPBUGS-18097 : ensure cconfig is not updated too frequently #3891 OCPBUGS-18086 : Quiet controller noisiness #3886 OCPBUGS-16035 : daemon: create /etc/systemd/network directory on node #3883 Revert “fix nodeStatusUpdateFrequency” #3887
OCPBUGS-17787 : Fix sysctl breaking dots in paths #3870 OCPBUGS-16733 : on-prem: run resolv-prepender on NM reapply event #3827 OCPBUGS-15583 : fix nodeStatusUpdateFrequency #3784 OCPBUGS-17810 : temporarily remove cert observability fields, add storageversionmigration for machineconfigpools,controllerconfig #3866 OCPBUGS-11832 : SSHkeys fails to write on upgrade to 4.13.rc3 #3810 MCO-564 : Make MCD aware of on-cluster builds #3848 MCO 566: MCO 662 Wire up productionalized BuildController in Machine OS Builder binary and choosing backend image builder #3861
MCO-605 : MCO-550: Remove Certificates from MachineConfig #3787 MCO-573 : Wire up security/trust/pull secrets between rpm-ostree and internal registry #3806 OCPBUGS-17701 : daemon: igmore mounting MCD pod content when target is “/” #3860 mcs: Use certwatcher #3744
MCO-729 : BuildController should allow cluster admins to provide a custom Dockerfile #3847 MCO-564 : Make NodeController aware of BuildController #3817 OCPBUGS-17568 : Agent-based install process the container machine-config-controller will be oom #3862 OPNET-343 : Restore node-ip for kubelet in dual-stack vSphere #3859 OCPBUGS-17683 replace .. with : on registry CA file paths #3854
operator: remove metrics related log #3855
MCO-565 : MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions. Deletes deployment rather than scale down to 0 without label #3834 MCO-588 : Update ignition spec to 3.4, disallow ignition KernelArguments for now #3814 OCPBUGS-17433 : Sync featuregate controller during the node config controller sync #3846 OCPBUGS-8938 : OCPBUGS-15202: MCO-555: kube-rbac-proxy addition #3663 MCO-654 : forcefile should always trigger an OS update #3790 OCPBUGS-14945 : add HostToContainer propagation to all hostPath volume mounts #3792 MCO-532 : Finish lease type migration #3842 OCPBUGS-13825 : The machine-config-controller pod restart in SNO+1 causing daemonsets to restart #3838 OCPBUGS-14965 : Run hostnamectl with systemd-run #3746 install: Fix dash-to-hyhen for 04_kube_rbac_proxy_config.yaml prefix #3837
OCPNODE-1714 : files: add skip_mount_home to storage.conf #3777 OCPBUGS-16227 : make sure sshKey are not emptied out on firstboot #3829 daemon: Two minor fixes for reexec #3835
daemon: Remove even more dead legacy OS update code #3820
MCO-552 : implement the ability for the MCO to handle image registry certificates #3770 OCPBUGS-17156 : daemon: Always replace binary #3832 Revert “daemon: Make binary writing idempotent” #3831
OCPBUGS-16921 : daemon: Make binary writing idempotent #3825 Revert “MCO-565: MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions” #3830
Revert “ add Passwd to bootstrap served ignition” #3828
OCPBUGS-15367 : The kubeconfig copied on to each node has 644 permissions #3808 MCO-597 : Remove the MCO’s dependency on journal reads #3822 fix certExpiry description #3823
OCPBUGS-16227 : add Passwd to bootstrap served ignition #3811 MCO-565 : MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions #3763 OCPNODE-1717 : Make cgroupsv2 default in OCP-4.14 #3789 OCPNODE-1655 : Apply node-cluster dashboard as a config map #3708 MCO-607 : MCO-237: Keep track of certs in ControllerConfigStatus #3756 MCO-687 : Fix metrics e2e test #3813 MCO-585 : MCO-569: MCO-563: MCO-586: Introduces BuildController #3731 MCO MCO-424: daemon: Remove old legacy OS update path #3583
MGMT-14843 : ovs-configuration service should copy the statically configured address even if the method isn’t manual. #3774 OCPBUGS-16128 : daemon: Copy matching binary to host, re-exec with it #3799 MCO-596 : Deprecate the login monitor #3791 kubevirt: Configure IPv6 arp proxy default gw #3780
operator: Stop mounting /etc/kubernetes/ca.crt #3730
OCPBUGS-15613 : Soften grep pattern for ingress default router #3775 Bug OCPBUGS-15233: OpenStack: fix IPv6 configuration #3785
OCPBUGS-11997 : Prevent NM from unsetting the hostname #3794 add wasm extension #3776
set MCO namespace on all events #3767
OpenStack: restrict IPv6 configuration #3781
Update 0000_90_machine-config-operator_01_prometheus-rules.yaml #3779
OCPBUGS-14674 : set pool alert back to zero in more default scenarios. #3733 OCPBUGS-10115 : update image to use golang-1.20 #3766 OCPBUGS-15728 : Fix machine config drifts when deploying with platform external #3773 faq: Talk about “no enabled repositories” #3772
OCPBUGS-14185 : change the message annotation to description #3721 OKD-174 : Dockerfile: OKD: Reenable extensions image on SCOS #3741 OCPBUGS-15575 : Dockerfile: pin to nmstate-2.2.9 #3769 OCPBUGS-10924 : Switch default SA to machine-config-operator #3740 trivial: Fix namespace for kube api server operator #3762
OCPBUGS-8403 Deleting SSH keys / password hashes should not degrade MachineConfigPool / node #3606
OWNERS: Update onwer list #3761
OCPBUGS-4820 : Controller version mismatch causing degradation during upgrades #3738 MCO-640 : Move all log functions to klog #3734 OCPBUGS-14399 : Minor fix to support protectKernelDefaults field in Kubelet Config #3736 MCO-595 : Remove MCO’s pending config workflow #3700 OCPCLOUD-2010 : Re-vendor api and library-go for external platform support #3745 bootstrap: Clarify that “root ca” is really “MCS CA” #3728
add ipsec extension #3726
OpenStack: configure ipv6 addresses #3705
OCPBUGS-13656 : MCO-632: Update kube deps to 1.27.2 #3735 OCPBUGS-14612 : Improve logging for IPI deployments #3725 OCPBUGS-4370 : Add label to VIP via keepalived #3683 OCPBUGS-14793 : Allow userfaultfd syscall to be used by unprivileged users #3724 OCPBUGS-14272 : Race condition in TestMCDRotatesCertsOnPausedPool #3718 OCPBUGS-13547 : [OCPCLOUD-2034] Update Library-go and API for new featuregate changes #3688 OCPBUGS-2177 : MCO-634: add support for a node pool hierarchy #3505 OCPBUGS-13860 : Fix missing apiVersion and kind fields for embedded resources #3713 OCPBUGS-3176 : Disable global ipv4 and ipv6 forwarding for OVN deployments #3676 OCPBUGS-8447 : MCO-496: Support ignition versions 3.3 + 3.4 but keep version 3.2 as default #3576 OCPBUGS-13547 : Use payload-version flag to set release version consistently across components #3701 OCPBUGS-12885 : daemon: stop using nmstatectl persist-nic-names --inspect on el9 #3685 OCPBUGS-11304 : daemon: event only on actual OS updates #3695 OCPBUGS-11652 : kubelet: add enableSystemLogQuery #3645 OCPBUGS-12980 : daemon: write certs in firstboot-complete path #3694 OCPBUGS-11670 : mcc_drain_err metric should not be served for removed nodes #3689 OCPBUGS-12456 : fix duplicate RotateKubeletServerCertificate setting #3686 OCPBUGS-12951 : daemon: Don’t traverse /run/ostree/auth.json symlink #3691 OCPBUGS-11702 , OCPBUGS-4476 : keepalived/ingress: change healthcheck script #3441 OCPBUGS-11992 : ControllerConfig’s Proxy field should not be marked as embedded resource #3682 OCPBUGS-11162 : Do not trigger openshift-azure-routes/openshift-alibaba-routes service based on file existence #3643 OCPBUGS-10235 : Add quotes to variable with -z #3679 OCPBUGS-11280 : Fixing forcedns dispatcher script permission issue for assisted sno rhel9 upgrade #3648 OCPBUGS-7836 : The MCD has a non-functional pivot command that should be removed #3666 Test Revert “Block RHCOS gcp-routes service on both masters and workers” #3672
Accomodate ART limitation in parsing [[]] bash #3669
Block RHCOS gcp-routes service on both masters and workers #3619
OCPBUGS-10787 : Persist static IP addressed NIC names from rhel8 #3650 OCPBUGS-5356 : changed error handling so no runtime error #3651 OCPBUGS-4877 : End the operator’s “unknown field” logspam by marking controllerconfig embedded fields as embedded so they validate #3662 MCO-407 : add support for operator metrics #3537 Updating openshift-proxy-pull-test images to be consistent with ART #3593
OCPBUGS-4122 : Do not add deep nested scope to atomic transport #3653 OCPBUGS-10414 : Fix regex dot in coredns config file #3626 OCPBUGS-11092 : daemon: write certificate in OnceFrom and HyperShift #3654 remove container runtime flag #3640
OCPBUGS-4963 : Enable base nodeip-configuration for vsphere upi #3460 configure-ovs: would not retry on some errors #3625
OCPBUGS-10598 : Splitting NetworkManager-onprem.conf.yaml to 2 files: #3620 OCPBUGS-10379 : configure-ovs: support UUID in vlan.parent #3623 OCPBUGS-8676 : Fix kubelet.service node-ip for v6-primary dual-stack #3592 getPoolsForNode: Use constant MachineConfigPoolWorker instead of “worker” string #3635
MCO-423 : Adds OS image override test #3558 OCPBUGS-9969 : daemon: Drop duplicate --authfile used in run #3611 OCPBUGS-8446 : MCO-503: daemon: have a special path to sync in certs #3575 OCPBUGS-7559 : Remove hard requirement for the afterburn from early-running aws-related services #3585 Removing jstuever from OWNERS_ALIASES #3554
OCPBUGS-8113 : daemon: Only switchkernel if we are doing an OS update or kernel change #3600 OCPBUGS-9685 : daemon: Always remove pending deployment before we do updates #3599 Make OKD/SCOS Dockerfile regexes match again after rhel-coreos image name change #3597
Switch to rhel-coreos (9) #3596
OCPBUGS-8113 : daemon: Make switchKernel less stateful #3580 OCPBUGS-8523 : Revert “daemon: Temporarily copy auth file with more open perms on FCOS” #3591 Update library go to promote AWS CCM to out of tree #3590
machineconfigpool: Clarify status.configuration description #3371
daemon: Remove noisy log message #3588
OCPBUGS-5872 : Wrap podman commands in a while loop #3581 configure-ovs: permanent retry on failure #3544
OCPNODE-1495 : Default the cgroup version to “v1” via base template controller #3563 OCPBUGS-1662 : mcd_update_state metric should have a single time-series per node #3571 OPNET-208 : Prefer ipv6 on v6-primary dual stack deployments #3565 OCPBUGS-7719 : Add back cleanupDuplicateMC #3559 OCPBUGS-7903 : Pool degraded with error: rpm-ostree kargs: signal: terminated #3572 Fixing platform path order as platform specific path should be the last #3574
MCO-417 : MCO-418: MCD watches/create/update password with MachineConfig #3539 Regenerate controllerconfig.crd.yaml #3567
OCPBUGS-7743 : Adding dnsmasq config for sno #3551 WRKLDS-705 : Bump openshift/api to enable DynamicResourceAllocation through TechPreviewNoUpgrade #3568 OCPBUGS-7909 : Fix permissions on resolv.conf #3570 OCPBUGS-7896 : MCO should not add keepalived pod manifests in case of VSPHERE UPI #3569 OCPNODE-1501 : add protectKernelDefaults to kubelet config #3556 OPNET-197 : Remove node-ip from kubelet for dual-stack vSphere #3518 OSASINFRA-3091 : External LB support for on-prem platforms #3519 OCPBUGS-6682 : Switch from ifconfig to iproute2 #3524 OCPBUGS-1565 : Prevent possible split-brain scenario with keepalived unicast #3342 Fix typo in ctrcfg,kcfg docs #3547
OPNET-133 : Enabling remote worker feature only for baremetal platform #3540 OCPBUGS-7207 : configure-ovs: fix mtu-migration cleanup #3545 OCPBUGS-630 : controller: default overwrite to true for files #3525 Bug 2027000 : The user is ignored when we create a new file using a MachineConfig #3541 OCPNODE-1416 : CGroupsV2 feature GA in MCO #3520 Add doc for IDMS and ITMS CRDs #3530
OCPBUGS-5497 : MCDRebootError alarm disappears after 15 minutes #3507 OCPBUGS-6945 : Fixes node OS detection #3529 OCPBUGS-5888 : Don’t switch to the “live” certificate bundle until after first ControllerConfig is generated #3513 Bug 2104978 : fix degraded pool state message #3488 OCPBUGS-5520 : MCDPivotError alert fires due temporary transient failures #3523 Preserve logs from Podman executions #3516
daemon: Add some comments on the firstboot reboot sleep #3533
OCPBUGS-3612 : configure-ovs: optionally generate configuration in /run #3467 OCPBUGS-3909 : Don’t validate contents and mode for masked units #3437 OCPBUGS-3988 : haproxy - use curl for validation #3512 OCPBUGS-6213 : Update MCO images to be consistent with ART #3514 OCPBUGS-6004 : Adding network type parameter to nodeip-configuration service #3491 OCPBUGS-5188 : MCCDrainErr should reference the affected node #3477 OCPBUGS-6092 : Improvements for configure-ovs.sh #3509 ctrcfg: update CRD to always allow crun #3508
OCPCLOUD-1818 : Bump library-go to move vSphere to external CCM #3484 OCPBUGS-4049 : Only check image type if we are sure there is work that needs to be done #3464 OCPNODE-1330 : Set the CGroups version explicitly to “v1” #3486 Add CRD ImageDigestMirrorSet,ImageTagMirrorSet #3037
Bug 2113973 : Avoid ‘too restrictive’ SCC problems by being more explicit #3502 OCPBUGS-6018 : controller: don’t render new MC until base MCs update #3501 OCPBUGS-904 : Alerts from MCO are missing namespace #3498 OCPBUGS-5379 : There are not enough logs in case “oc extract” is stuck in mco first boot #3493 MCO-456 : Fix e2e test jobs #3492 OCPBUGS-5872 : Wrap podman commands in a while loop #3481 OCPBUGS-5696 : remove goutils from dependency tree #3480 Add mkowalsk as a bare metal reviewer and approver #3482
install/0000_90_machine-config-operator_01_prometheus-rules: Use labels for MCC logs #3470
fix unit test exit code propagation #3476
OCPBUGS-4769 : daemon: Explicitly pull image before running #3471 OCPBUGS-4521 : kubelet client certificate verification ca bundle should match kube-apiserver #3458 Bump openshift/api and update CSIMigration* feature gates #3469
OCPBUGS-5001 : install/0000_90_machine-config-operator_01_prometheus-rules: Fix MachineConfigControllerPausedPoolKubeletCA runbook URIs #3462 move envtest helpers into framework package for easier reuse #3428
OCPBUGS-2248 : [alicloud] provider ID not being set for kubelet #3449 MCO-420 : Migrate drain alert to drain controller #3424 Updating openshift-proxy-pull-test images to be consistent with ART #3444
OCPBUGS-4101 : Do not allow empty system reserved values #3439 Bug 1853264 : Fix unbound cardinality for MCDRebootErr and MCDPivotErr #3406 MCO-397 : Add repo doc for using “Layering Phase 0”, detail some of the tradeoffs/consequences/questions #3426 OCPBUGS-4656 : vsphere: check that /etc/hostname is not empty #3451 OCPBUGS-1761 : Imageinspect takes type of error into account, drop podman inspect fallback #3413 Add templates for required sysctls max_map_count and arp_announce #3440
OPNET-133 : Support remote worker in onprem installations #3431 OCPBUGS-4039 : NM resolv prepender: correct permissions for systemd resolved config #3432 OCPBUGS-4039 : NM resolve prepender: remove extra quotes in OKD flow #3430 OCPBUGS-2921 : configure-ovs: copy IP method and warn about low MTU #3411 daemon: Be very loud about failures of ostree-finalize-staged.service #3404
OCPBUGS-1491 : daemon: gate done state on uncordon completion #3399 OCPBUGS-3508 : Don’t make https call to http endpoint #3416 OCPBUGS-1577 : On-prem: Ensure resolv-prepender respects NM dispatcher timeout #3394 Cleanup BM owner aliases #3405
OCPBUGS-2935 : daemon: Stop setting I/O scheduler to bfq #3415 OCPBUGS-3621 : Revert “Substitute skopeo inspect for imageInspect/podman” #3412 Unpin all pinned dependencies #3403
OCPBUGS-2988 : Mount /run/nodeip-configuration into keepalived containers #3384 OCPBUGS-1761 : Substitute skopeo inspect for imageInspect/podman, drop podman inspect fallback #3390 Bug 2100181 : baremetal: clean state generated by NM when run by dracut #3208 Full changelog
OCPBUGS-54171 : Change rhcos release browser url #59 Force rebuild of CI image #31
Fix condition check for logging #29
Force updating main rhcos image to version 414.92.202303281555-0 #28
Updating ose-machine-os-images images to be consistent with ART #26
Updating ose-machine-os-images images to be consistent with ART #25
Full changelog
OCPBUGS-42048 : Update owners #91 OCPBUGS-21372 : Update go.mod for CVE-2023-39325 [Release-4.14] #71 OCPBUGS-12640 : Bump golang.org/x/net from 0.0.0-20211209124913-491a49abca63 to 0.7.0 #67 Updating ose-multus-admission-controller images to be consistent with ART #65
Updating ose-multus-admission-controller images to be consistent with ART #64
Updating ose-multus-admission-controller images to be consistent with ART #62
Full changelog
OCPBUGS-48160 : [backport 4.14] Adds a wait to account for the possiblity of a not ready unix socket #262 OCPBUGS-35578 : Update owners file #243 OCPBUGS-33478 : Fix CNI cache update function to prevent nil access #232 OCPBUGS-26331 : Fix SAST scan issues for multus-cni-container [4.14] #220 OCPBUGS-21099 : Update go.mod for CVE-2023-39325 [Release-4.14] #194 OCPBUGS-19860 : Multus annotation permissions: Certificate duration should be configurable [backport 4.14] #192 OCPBUGS-19679 : Move chroot from multus main process to its child processes #189 OCPBUGS-19375 : Per node certification cherry-pick #185 OCPBUGS-19074 : Performance and efficiency improvements in daemon/server mode #181 Use container base image’s /etc/os-release to copy multus binary #179
Change /usr/src/multus-cni/bin to rhel8 based one #178
Cherry pick upstream fix #177
Upstream sync 202308 #176
This change introduces wait to generate config until API is ready #175
Upstream sync to 202307, 99c4481 #168
Add rhel9 binary for multus #173
OCPBUGS-13815 : Fix multus to support CNI plugin which does not create interface #162 OCPBUGS-12519 : Bump golang.org/x/net from 0.1.0 to 0.7.0 (#1039) #160 Updating multus-cni images to be consistent with ART #159
Updating multus-cni images to be consistent with ART #158
Updating multus-cni images to be consistent with ART #157
Updating multus-cni images to be consistent with ART #148
Multus entrypoint should regenerate kubeconfig if secret changes #153
Multus 4.0 upstream sync, strike back #146
Updating multus-cni images to be consistent with ART #142
Full changelog
Update owners (#62) #62
Update vendor package (#40) #40
OCPBUGS-21454 : Update go.mod for CVE-2023-39325 (#33) #33 OCPBUGS-974 : Sync upstream (#30) #30 Updating multus-networkpolicy images to be consistent with ART (#27) #27
Updating multus-networkpolicy images to be consistent with ART (#26) #26
Updating multus-networkpolicy images to be consistent with ART (#25) #25
Updating multus-networkpolicy images to be consistent with ART (#24) #24
OCPBUGS-6917: Upstream sync 0c6df81 (#22) #22 Updating multus-networkpolicy images to be consistent with ART (#21) #21
Full changelog
OCPBUGS-42049 : [release-4.15]Update owners #60 15393552: Updating ose-multus-route-override-cni images to be consistent with ART #47
15393552: Updating ose-multus-route-override-cni images to be consistent with ART #45
Revert ART changes to fix rhel9 base binary #44
Updating ose-multus-route-override-cni images to be consistent with ART #43
Fix Dockerfile to use rhel9 #42
Updating ose-multus-route-override-cni images to be consistent with ART #41
Add rhel9 binary #40
Updating ose-multus-route-override-cni images to be consistent with ART #36
Updating ose-multus-route-override-cni images to be consistent with ART #35
Updating ose-multus-route-override-cni images to be consistent with ART #34
Updating ose-multus-route-override-cni images to be consistent with ART #33
Dev/sync upstream #30
Updating ose-multus-route-override-cni images to be consistent with ART #28
Full changelog
OCPBUGS-42047 : Update owners #311 OCPBUGS-37815 , OCPBUGS-37817 : [release-4.14] align api calls timeout and skip pods marked for deletion #309 OCPBUGS-36722 : Return previous IP allocation for add cmd #296 OCPBUGS-35263 : Use IP to identify orphaned allocation to be deleted #289 OCPBUGS-27858 : Enable reconciler configuration 4.14 #240 OCPBUGS-26553 : Cherry pick fix assignment 4.14 #230 OCPBUGS-21518 : update golang.org/x/net to v0.17.0 #207 Bug 16002 : Change default binary to RHEL8 image #172 OCPBUGS-15905 : Denormalize IP name before checking if pod is alive [Backport 4.14] #167 Bug 16136 : Introduce entrypoint.sh to call ip-control-loop based on RHEL ver #147 Downstream sync july23 #137
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #150
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #149
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #148
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #146
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #143
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #142
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #141
Restores RHEL specific binary copy and updates to rhel9/8 #140
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #136
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #130
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #129
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #128
OCPBUGS-11324 : respect requested allocation range when exluding ranges [backport 4.14] #121 Upstream sync 2023 03 29 #119
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #115
Full changelog
OCPBUGS-42971 : Collect etcd object count #457 OCPBUGS-48084 : Update owners #475 OCPBUGS-48058 : Support gathering IPsec data #472 OCPBUGS-43058 : [Backport 4.14] Multus is now a Pod and will be captured by normal #451 OCPBUGS-20429 : Revert “Add must gather script for network observability” #391 OCPBUGS-20354 : Removed workload partitioning annotation from ppc script #388 Use oc get daemonset to identify the NTO image #378
OCPBUGS-17907 : Revert “Added gathering script for SNOs with workload partitioning” #376 Split gather_network_logs into basics and extras #375
Added gathering script for SNOs with workload partitioning #373
Add csi-proxy logs collection in must-gather for Windows nodes #374
SDN-3687 : Support gathering DBs for OVNK-Interconnect mode #370 Collect information relevant to PerformanceProfile and low latency tuning #345
gather_network_logs: multus: Fix typo in error redirection #371
Collect leases.coordination.k8s.io from each namesapce #366
Create a generic “get_operator_ns” util function #368
Assert that only one subscription exists #367
MCO-608 : Gather MCO’s on-disk configs from degraded nodes #361 Gather ostree related bits #353
OCPBUGS-14984 : Collect Mellanox firmware information #365 OCPBUGS-14025 : Add gather_vsphere #363 NETOBSERV-987 : Add must gather script for network observability #357 Updating ose-must-gather images to be consistent with ART #358
OCPBUGS-10798 : Gather CSIStorageCapacity objects #356 OCPBUGS-11147 : network_logs: Gather multus resource yamls for namespaces #354 Updating ose-must-gather images to be consistent with ART #352
Revert “OCPNODE-1499: Add CMA gather script” #350
OCPNODE-1499 : Add CMA gather script #348 WINC-977 : Update kube-proxy log file name #347 Updating ose-must-gather images to be consistent with ART #343
WINC-958 : Collect WICD logs from Windows nodes #346 report correct version when multiple images invoked #327
Added hostsubnets to group_resources in gather_network_logs script #342
Remove no longer needed gather_admission_webhooks script #325
Added PodNetworkConnectivityCheck gather script #333
Full changelog
Add rhel9 binary #57
Updating ose-network-interface-bond-cni images to be consistent with ART #54
OCPBUGS-12327 : Updating ose-network-interface-bond-cni images to be consistent with ART #52 Updating ose-network-interface-bond-cni images to be consistent with ART #51
Updating ose-network-interface-bond-cni images to be consistent with ART #50
OCPBUGS-11190 : Ignore missing links during delete command #48 Update owners file #46
Align with upstream 14-04-2023 #45
Updating ose-network-interface-bond-cni images to be consistent with ART #44
Updating ose-network-interface-bond-cni images to be consistent with ART #43
Full changelog
Updating ose-network-metrics-daemon images to be consistent with ART #62
Full changelog
OCPBUGS-31862 : replace wireshark with wireshark-cli #122 OCPBUGS-22172 : Move commands to the function to avoid them being executed on -h. #94 OCPBUGS-20520 : Update scripts in network-tools to reflect the changes in IC model #92 ovn-db-run-locally: gracefully handle non-clustered dbs #84
Updating ose-network-tools images to be consistent with ART #81
Updating ose-network-tools images to be consistent with ART #78
Updating ose-network-tools images to be consistent with ART #76
OCPBUGS-7106 : Get OVN-Kubernetes leader identity from the lease #74 Rename subcomponent to ensure bugs are assigned correctly #73
Updating ose-network-tools images to be consistent with ART #72
Full changelog
OCPBUGS-17305 : bump golang.org/x/net to 0.17.0 #85 OCPBUGS-29549 : IPI install fails on Nutanix when using DHCP #70 OCPBUGS-19731 : machine stuck in Provisioning and machineset scale/delete not work #53 OCPBUGS-18338 : Fix CI by running tests natively by default #50 OCPBUGS-12098 : Updating ose-nutanix-machine-controllers images to be consistent with ART #47 OCPCLOUD-2053 : Update dependencies to K8s 1.27 #49 OCPBUGS-11223 : Reduce metrics cardinality #46 OCPBUGS-12726 : Fix userData handling for Windows Machine #48 OCPBUGS-10141 : Updating ose-nutanix-machine-controllers images to be consistent with ART #42 OCPBUGS-6727 : Nutanix Hostname of the VM is not set when using DHCP network config #43 Support categories and project fields of NutanixMachineProviderConfig #38
: Port to ginkgo v2 #41
Update OWNERS #39
: Update k8s packages to 1.26 #40
Update the component in OWNERS file #36
Update OWNERS #34
Updating ose-nutanix-machine-controllers images to be consistent with ART #33
Full changelog
changes the owners file (#1013) #1013
OCPBUGS-48513 : e2e: use same version of crane as in go.mod (#1023) #1023 Bump version to include v5.11.0 of go-git (#822) #822
Fix to ensure operator not found error exits with correct status (#797) #797
OCPBUGS-28871 : Capability to override default channel (#749) (#790) #749 OCPBUGS-19429 : Fix cross EUS channel upgrade path calculation (#769) #769 OCPBUGS-23327 : Fix MirrorToDisk of oci catalogs in hidden folders (#766) #766 skipping prune failure if manifest not found (#735) #735
OCPBUGS-21472 : fix: CVE-2023-39325 (#711) #711 Fixes HTTP 401 issues when several catalogs are being mirrored and need to be rendered using operator-registry (#704) (#706) #704
Fix OCPBUGS-17546: pod catalogsource generated by oc-mirror will crashloopBackOff randomly (#699) #699
OCPBUGS-17545 : Improve extracting opm binary from catalogs (#676) #676 OCPBUGS-7465 : Fix 401 Unauthorized due to stale auth token (#678) #678 Fix OCPBUGS-14402 - case where catalog is on a mirror from registries.conf (#682) #682
OCPBUGS-17998 : fix: ICSP with incorrect mirror path (#681) #681 OCPBUGS-17714 : Ensure errors are nil before closing registry to avoid… (#680) #680 CFE-825 : As a oc-mirror user, I would like mirrored operator catalogs to have valid caches (#651) #651 CFE-902 feat: removes go workspace due to incompatibility on ART builds (#672) #672
CFE-902 feat: adds go workspace to support multi-module (#670) #670
add go.mod files to testdata directories (#669) #669
fixing oc-mirror version when run from read-only fs (#660) #660
Make local storage port configurable via command line (#668) #668
Fix unit tests for local storage collector implementation (#667) #667
CFE-904 : Create AdditionalImage Collector implem. based on registry as localStore (#666) #666 v2 initial commit (#664) #664
OCPBUGS-13871 docs: changes the help message for oci-registries-config flag (#663) #663
OCPBUGS-11754 : add cleanup of /tmp directories (#655) #655 CFE-875 : Unlock MirrorToDisk and DiskToMirror workflows for local oci catalogs (#662) #662 Fix OCPBUGS-15329 - OCI index found, but accept header does not support OCI indexes (#658) #658
Enable mirroring of the multi release image (#657) #657
revendor to the latest oc (#656) #656
Replacing the hard coded path with graphDataMountPath (#585) #585
CFE-859 : Removing flag use-oci-feature starting release-4.14 (#622) #622 CFE-783 : A variety of changes needed for correct operation with multi architecture catalogs (#611) #611 MULTIARCH-3440 : refine multiarch support for test-unit and test-e2e using dockerfile and add ppc64le build to Makefile (#624) #624 Add ImageSetConfig examples (#610) #610
OCPBUGS-13871 : fix: changes on help info content (#653) #653 OCPBUGS-588 : minVersion in ImageSetConfiguration seems to be ignored (#603) #603 Fix OCPBUGS-14194 (#649) #649
Fix OCPBUGS-14402 (#652) #652
OCPBUGS-13332 : Create rfc 1035 compliant catalog source name (#636) #636 fix validateMapping OCPBUGS-13962 (#640) #640
adds Jeremy Peterson to OWNERS file (#644) #644
Chore: Remove Ross from OWNERS (#639) #639
OCPBUGS-13762 : make addRelatedImageToMapping multithreaded (#638) #638 Fix OCPBUGS-11840: ParseImageReference supports cases where both tag and digest are present in a ref (#633) #633
OCPBUGS-11922 : paths not needed in ICSPBuilder interface (#634) #634 OCPBUGS-11910 , OCPBUGS-11922 : Limit the nested repository path while mirroring the images (#623) #623 CFE-658 : Implementation of filtering by channel for OCI catalog (#627) #627 OCPBUGS-4959 : oc-mirror error on second synchronisation with no change (#605) #605 Deprecate –use-oci-feature in favor of –include-local-oci-catalogs (#620) #620
Updating oc-mirror-plugin images to be consistent with ART (#619) #619
Update OWNERS for CFE team (#614) #614
Revert adding ‘–cache-dir /tmp/cache’ to catalog images (#613) #613
OCPBUGS-11371 : fix: skips bundles with ‘skips’ field on head bundle (#608) #608 fix: work around OCPBUGS-6741 by explicitly setting –cache-dir (#604) #604
OCPBUGS-2633 : Fix (#601) #601 OCPBUGS-7845 fix: changes the way the version is shown (#599) #599
OCPBUGS-10348 fix: changes to include the registry path (#600) #600
OCPBUGS-1060 fix: changes confusing error message (#598) #598
Fix OCPBUGS-8156: Upgrade to containerd v1.6.18 (#593) #593
Bugfix check imagesetconfig for valid oci protocol when oci feature is used (#573) #573
Remove “unsupported” wording from info on console (#577) #577
Fix OCPBUGS-5168: Upgrade helm.sh/helm/v3 to v3.11.2 fixing CVE-2022-23526 and CVE-2022-23525 (#580) #580
OCPBUGS-10051 : fix: remove catalog reference from ImageContentSourcePolicy.yaml (#586) #586 Updating oc-mirror-plugin images to be consistent with ART (#575) #575
Bugfix for destination registry nested paths length (#572) #572
fix extract dir for cincinnati-graph-data container (#582) #582
OCPBUGS-8216 : fix: remove an unecessary error message (#579) #579 docs: add information about unsupported scenario (#574) #574
Fix usage of registries.conf for OCI feature (#569) #569
CFE-739 : Add skip pruning flag and logic (#567) #567 CFE-749 : add e2e test for oci catalog feature to include release and additiona… (#562) #562 CFE-764 : Introduce v1alpha2.Operator.TargetCatalog (#565) #565 docs: adds clarification to imageset reference and examples (#555) #555
CFE-768 : Update to allow for incremental and pruning for oci feature (#564) #564 use new cincinnati endpoint to download tarball (#552) #552
feat: OCI catalog filtering implementation (#559) #559
CFE-761 : Improve user experience of oc-mirror with the OCI FBC feature (#557) #557 Fix typo in diff.go (#556) #556
Upgrade base image for oc-mirror to 4.13 (#560) #560
CFE-743 : Update of golang version from 1.18.6 to 1.19.5 (#551) #551 Fix flaky test Valid/OperatorTypeWithRelatedImgs (#549) #549
OCPBUGS-5891 : fix: adds logic that searches for the correct name when using a heads… (#547) #547 New reviewers: Luigi Mario Zuccarelli, Sherine Khoury (#548) #548
CFE-657 : Update to include release and additionalImages with the new FBC feature (#535) #535 OCPBUGS-3414 : Fix: fixes issues encountered by QE (#536) #536 OCPBUGS-3414 : fix: Missing ‘ImageContentSourcePolicy’ and ‘CatalogSou… (#533) #533 OCPBUGS-4516 : fix: oc-mirror does not work as expected relative path for OCI format copy (#531) #531 OCPBUGS-4365 : Fix cases where namespace or subnamespace may be empty (#529) #529 OCPBUGS-2851 : fix (#525) #525 Full changelog
: OCPBUGS-27680,OCPBUGS-27595: UPSTREAM: <carry>: Update go-git to v5.11.0 #73
OCPBUGS-23358 : [release-4.14] Address http2 vulnerability #53 OCPBUGS-21379 : Bump golang.org/x/net from 0.15.0 to 0.17.0 #39 OCPBUGS-16793 : openshift/Dockerfile: exclude unpack binary from FIPS build overrides #33 Rename downstream overlay from service-ca-operator to openshift #32
UPSTREAM: <carry>: add manifests to image #31
Makefile,manifests: Add skeleton of default rukpak resources #18
Introduce barebones build and unit testing GH actions #14
Skeleton - k8s provisioner #7
update README to include latest APIs #5
Introduce a sanity github action check #3
Init API defs #1
Add barebones OWNERS file #2
Full changelog
OCPBUGS-50477 : Pass expected type to deploymentconfig/scale object validation. #497 OCPBUGS-32445 : bump(x/net) to v0.23.0 #429 OCPBUGS-31509 : vendor upgrade runtime-utils #426 OCPBUGS-27104 : UPSTREAM: <carry>: retry etcd Unavailable errors #412 : OCPBUGS-21464: Enable HTTP/2 CVE mitigation #397
OCPBUGS-20150 : pkg/image: avoid unnecessary service lookups when registry is removed #393 NE-1143 Adds route API changes to set/delete headers. #380
WRKLDS-728 : Disable apiservers #366 add comments about ownership of validation #384
add featuregates to server #382
idms migrations #318
Bump openshift/api to the latest release-4.14:head #383
Upgrade distribution to v3 #378
wire openapi v3 aggregation controller #379
OCPBUGS-11393 : Bump openshift/api #368 API-1586 : Bump k8s 1.27.2 #371 OCPBUGS-12813 : Updating ose-openshift-apiserver images to be consistent with ART #364 API-1537 : Bump k8s 1.26.2 proof #360 OCPBUGS-8232 : Clear metadata.namespace on projects before write. #356 Bump 1.26 proof #354
OCPBUGS-7689 : Fix a project validation error due to empty string value #352 OCPBUGS-6197 : Updating ose-openshift-apiserver images to be consistent with ART #338 IR-270 : support creation of image objects representing manifest lists #349 API-1492 : Bump kube-openapi for openapi-gen determinism fix. #348 IR-269 : Support multi-arch images in ImageStreamLayers #309 IR-269 : Bump openshift/api #344 pkg/image: add myself to OWNERS #342
IR-270 : handle image metadata for manifest lists #340 IR-326 : support get of image stream images of a manifest list #341 Use remaining route/v1 defaulters from library-go. #334
OCPBUGS-501 : fix printer panic #333 Drop dependency on internal types from route default test. #332
move the deployer role and binding to the ocm-o #331
Use shared route validation and defaulting from library-go. #328
IR-259 : changing image stream importMode increments its generation #325 Full changelog
OCPBUGS-48480 : Add team members to the OWNERS file #360 NO-JIRA: cleanup root and app OWNERS #349
OCPBUGS-32869 : replaces deprecated square/go-jose wtih go-jose/go-jose #342 OCPBUGS-41951 : Add adambkaplan as approver #334 [release 4.14] OCPBUGS-33288: Update opentelemetry dependency #295
OCPBUGS-28950 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #286 OCPBUGS-18980 : Disable Build and DeploymentConfig Informers if their caps are disabled #271 use constant controller names #265
OCPBUGS-16071 : Updating Kubernetes and other associated dependencies #263 update runtime-utils for idms migrations #243
OCPBUGS-14461 : Kubernetes 0.27 #261 Updating ose-openshift-controller-manager images to be consistent with ART #260
Updating ose-openshift-controller-manager images to be consistent with ART #259
Updating ose-openshift-controller-manager images to be consistent with ART #258
Updating ose-openshift-controller-manager images to be consistent with ART #253
OCPBUGS-10588 : mount build.Spec.Source.ConfigMaps for custom builder images #254 Add Divyanshu Agrawal as a reviewer #256
Add explicit license #248
BUILD-407 : Revert “remove tech preview feature gate for build csi volumes” #251 BUILD-407 : remove tech preview feature gate for build csi volumes #250 WRKLDS-594 : bump(k8s): 1.26.1 #249 Updating ose-openshift-controller-manager images to be consistent with ART #247
update the deploy pod to provide failure in pod #246
Full changelog
OCPBUGS-35337 : Correct out-of-bounds check #173 OCPBUGS-34792 : Make Cinder CSI Driver Topology feature configurable #162 OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #153 OCPBUGS-26460 , OCPBUGS-26461 : [release-4.14] CVE-2023-45142,CVE-2023-47108: bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.46.1 #156 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #142 OCPBUGS-21573 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #135 STOR-1436 : Restart openstack-cinder-csi-driver-controller Pods if metrics-serving-cert changed #128 Remove Dockerfile.rhel7 #126
Configure User Agent #123
OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #119 OCPBUGS-16783 : Chore: Update OWNERS and OWNERS_ALIASES #121 OCPBUGS-16526 : Bump library-go to remove dependency on goproxy #122 OCPBUGS-16678 : Fix SCC admission failure race during initial deployment #120 Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #118
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #117 OCPBUGS-14824 : Bump cinder-csi-driver-operator library-go #116 STOR-1168 : Bump common libraries #115 Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #113
OCPBUGS-12651 : Bump golang.org/x/net@v0.9.0 #114 Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #112
Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #111
OSASINFRA-3000 Prefer a Cinder CSI-specific config map #82
OCPBUGS-8683 : Add management workloads annotations #109 Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #108
STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #107 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #103 Bug 2106736 : Add multiplePVsSameID capability #106 STOR-1078 : Add hostPaths necessary for SELinux mounts #105 Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #101
OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #100 Bug OCPBUGS-2845: Add SecretHashAnnotation to node service #96
Full changelog
OCPBUGS-32428 : Ensure portSecurity is correctly set in the Instance Ports #109 OCPBUGS-23202 : Don’t build InstanceSpec during delete operations #95 Bug OCPBUGS-18806: Set controller’s SyncPeriod to 1 hour #81
Bump CAPO to match branch release-0.7 #80
Configure User Agent #75
Update README #77
OCPBUGS-16586 : Bump goproxy #74 Rework how we build the container image #76
go.mod: Upgrade Gophercloud to v1.5.0 #73
OSASINFRA-3063 : Bump CAPO to v0.7.2 #72 Updating ose-machine-api-provider-openstack images to be consistent with ART #70
Updating ose-machine-api-provider-openstack images to be consistent with ART #69
Updating ose-machine-api-provider-openstack images to be consistent with ART #68
OCPBUGS-8687 : machineset_controller: Stop caching clouds credentials #63 OCPBUGS-2153 : Use TenantID if ProjectID is empty #61 Updating ose-machine-api-provider-openstack images to be consistent with ART #60
Add dual stack API and Ingress VIPs support #58
OSASINFRA-3092 : Add support for external LB #56 OCPBUGS-6432 : Address CVE-2022-41717 #53 Bump gophercloud #50
Updating ose-machine-api-provider-openstack images to be consistent with ART #49
Use machine/v1alpha1 from openshift/api #46
Full changelog
OCPBUGS-46927 , OCPBUGS-46934 , OCPBUGS-47314 : x/net bump to v0.34.0 [release-4.14] #941 OCPBUGS-46595 : CRD upgrade existing CR validation fix (#3442) #921 OCPBUGS-45080 : SSA for Services and ClusterRoleBindings #905 OCPBUGS-42828 : add optional schema migrations; default to olm.bundle.object instead of olm.csv.metadata #878 OCPBUGS-41872 : Fix e2e flake: upgrade CRD with deprecated version #865 OCPBUGS-42150 : (fix) registry pods do not come up again after node failure (#3366) #872 OCPBUGS-42017 : adds paginating lister for evaluating CRs’ upgrade fitness versus new CRDs. #869 OCPBUGS-38544 : (fix) Resolver: list CatSrc using client, instead of referring to registry-server cache (#3349) #842 OCPBUGS-36949 : [CARRY] perform operator apiService certificate validity checks directly #821 OCPBUGS-37016 : Bump github.com/containers/image/v5 #824 OCPBUGS-36452 : Can’t install operator on 4.15 after uninstalling it on a prior version #811 OCPBUGS-31969 , OCPBUGS-31970 : UPSTREAM: <carry>: update golang.org/x/net for CVE-2023-45288 #787 OCPBUGS-35230 : Unblock CI #771 OCPBUGS-33356 : UPSTREAM: <carry>: bump go-jose #743 OCPBUGS-30775 : [4.14] bump grpc to 1.60.1, reconnect idle connections (#3147) #715 OCPBUGS-29192 : [release-4.14]: Clear (existing) error cond from Subscription, once error resolved #686 OCPBUGS-29194 : Retry failing unpack jobs #689 NO-ISSUE: [release-4.14] Backport e2e fixes to 4.14 #674
OCPBUGS-27314 : Don’t sync namespaces that have no subscriptions #675 OCPBUGS-27565 , OCPBUGS-27570 , OCPBUGS-27650 , OCPBUGS-27655 : bump go-git/v5 to 5.11.0 #677 OCPBUGS-27485 : [CARRY] SSC RBAC #665 OCPBUGS-22538 : bump otelhttp to 44.0 for api #647 OCPBUGS-22538 : otelhttp bump [release-4.14] #632 OCPBUGS-20829 : [releaser-4.14] Fix apiserver vulnerability #608 OCPBUGS-23212 : Do not derive installplan.spec.clusterServiceNames from bundle IDs #607 OCPBUGS-18904 : [release-4.14] Improve Leader Election Hand Off #605 OCPBUGS-23508 : [release-4.14] Use generated namespaces in e2e tests #614 OCPBUGS-20400 : Add OLMConfig API to control package server sync interval [release-4.14] #582 OCPBUGS-19789 : Backport OCPBUGS-14698: Rename ClusterRoles created by OperatorGroups [release-4.14] #566 OCPBUGS-22134 : [release-4.14] Bump golang.org/x/net to v0.17.0 #587 OCPBUGS-17950 : Make packageserver wakeup interval configurable #555 scripts/bumper: automate pushing changes and creating PRs #550
OCPBUGS-17157 : scripts: add a Go-based bumper, sync upstream #534 Add ncdc to DOWNSTREAM_OWNERS #539
OPRUN-3022 : Add support for make verify to sync script #537 Add tmshort to owners #535
fix the manifests generation #533
Sync 2023 08 04 #532
OCPBUGS-17157 : sync #531 OCPBUGS-17157 : operator-registry: cherry-pick to be up-to-date #526 OCPBUGS-17157 : cmd/package-server-manager: add pprof endpoints #527 OPRUN-3021 : Improve README #529 OPRUN-2913 : Sync api, operator-registry, operator-lifecycle-manager downstream #510 OPRUN-2913 : Add DOWNSTREAM_OWNERS #520 OCPBUGS-10178 : Updating operator-lifecycle-manager images to be consistent with ART #470 Allow cpb to be statically compiled / exempt from FIPS compliance #511
update verification script to work across non-standard bash location #505
OCPBUGS-13128 : Retry initialization error conditions (#2979) #502 Updating operator-registry images to be consistent with ART #495
OCPBUGS-13526 : fix dynamic conversion webhook #490 OPRUN-2995 : Remove dependency on cluster policy controller in favor of hardcoding #498 OPRUN-2941 : update cluster-policy-controller dependency #494 OCPBUGS-13789 : downstream y-streams-for-all semver template changes. #489 OCPBUGS-1684 : Optimize certificate generation #486 METAL-575 : Revert “Mutate service monitor manifests to include tlsConfig cert an… #478 OPRUN-2892 : Update service-monitor tls config #368 OCPBUGS-6016 : UpdateStrategy RegistryPoll with nil Interval #468 OCPBUGS-7910 : Sort channels in lexicographical order in Packagemanifestst (#2925) #476 OCPBUGS-7431 : Registry Pod Controller Flag #460 Update sync script #472
OPECO-2737 : Veneer template rename #461 fix pop_candidate script #467
Updating operator-registry images to be consistent with ART #469
OPECO-2646 : exclude bundles with olm.deprecated property when rendering #463 OCPBUGS-794 : remove dependence on OLM_VERSION file #462 OCPBUGS-7754 : update cluster policy operator dependency #455 OCPBUGS-948 : Set openshift.io/scc label to empty #445 update cpc dep #448
OCPBUGS-672 : Catalog Pod Startup Probe Timeout #446 OCPBUGS-7102 : make plugin e2e tests skippable #444 Packageserver version discoverability #437
Thread Safety test for UpdateSubsSyncCounterStorage (#2918) #438
OCPBUGS-6741 : refactor FBC caching (#1051) #435 OCPBUGS-6344 : Upgrade golang/x/net to v0.4.0 to fix CVE-2022-41717 (#1059) #434 OCPBUGS-6241 : Fix art consistency #433 OCPBUGS-5523 : Catalog, fatal error: concurrent map read and map write #429 OCPBUGS-4955 : Set ImagePullPolicy of bundle unpacker to “IfNotPresent” for image digests #425 OCPBUGS-4757 : Default to legacy psa settings (#273) #420 Updates to OWNERS file #422
Bump go and k8s #408
OCPBUGS-1088 : Run collect-profile pod on management nodes #394 provide the capability to filter mermaid output to a single package name / skipRange support (#1023) #400
OCPBUGS-1428 : fix service account token secret reference (#2862) #396 OCPBUGS-2556 : Order an operator CR’s status.Component.Refs array (#2880) #406 OCPBUGS-1272 : Add pipe support to render-veneer basic command (#1026) #401 Full changelog
OCPRHV-834 : set upgrade condition of operator to false #117 OCPBUGS-8683 : Add management workloads annotations #116 STOR-1019 : Bump to k8s 1.26 libs for OCP 4.13 #113 STOR-947 : support disabling default StorageClass via ClusterCSIDriver #111 Grant volumesnapshotcontents patch permissions to operator too #112
Updating ose-cluster-ovirt-csi-operator images to be consistent with ART #110
OCPBUGS-4347 : set TLS cipher suites in Kube RBAC sidecars #109 Full changelog
15143237: Updating ose-ovirt-machine-controllers images to be consistent with ART #174
Fix swapped CPU socket and thread mapping #172
Updating ose-ovirt-machine-controllers images to be consistent with ART #171
Full changelog
OCPBUGS-45096 : pin libreswan to 4.6-3.el9_0.3 #2368 OCPBUGS-44784 : Bump ovs to 3.1.0-137 #2360 OCPBUGS-44793 : Delete EgressIP LRP stale nexthops when node is not found #2361 OCPBUGS-42944 : Fix egress gateway pod cleanup for remote zone pods. #2356 OCPBUGS-44379 : Revert “Pin libreswan to the known working version 4.5” #2344 OCPBUGS-42952 : pin libreswan to the known working version 4.5 #2323 OCPBUGS-42986 : Add subnet overlap check for transit switch subnet #2317 OCPBUGS-38263 : [release-4.14] Bump OVSDBTimeout and make it configurable #2275 OCPBUGS-38073 : Fix registering northd metrics on appropriate nodes #2249 OCPBUGS-37197 : [release-4.14] ovspinning: Set affinity of each thread #2236 OCPBUGS-36253 : EgressIP: Reload certificates for the grpc heatlhcheck server #2213 OCPBUGS-36554 : Handle IP fragments in SGW mode #2219 OCPBUGS-36703 : Bump ovn to 23.09.4-16 #2222 OCPBUGS-35009 : ipv6+all protocols conntrack flush #2199 OCPBUGS-34570 : Fix EIP GARP config overwritten by gateway update #2188 OCPBUGS-33721 : use a forked version of j-keck/arping that fixes a threading issue #2170 OCPBUGS-34076 : Reuse node-subnet from cache if exists #2177 OCPBUGS-34405 : [release-4.14] dns: fix deadlock in case of error #2183 OCPBUGS-33469 : drop-forwarding: Add ClusterSubnets to allowed forwarding CIDRs #2160 OCPBUGS-33537 : Improves service iptables efficiency on start up #2164 OCPBUGS-32104 : Periodically check the ovnkube-node certificate is not expired #2117 OCPBUGS-32319 : [release-4.14] Full implementation of KEP-1669 ProxyTerminatingEndpoints + ETP=local fix #2128 [Release 4.14] OCPBUGS-32987: Bump OVS #2148
OCPBUGS-32247 : [release-4.14] OVN bump to 23.09.0-139 #2123 OCPBUGS-29397 : 4.14 High CPU usage with APB CRD #2118 OCPBUGS-32353 : Custom v4 and v6 transit switch subnets while creating kind cluster #2122 OCPBUGS-31853 , OCPBUGS-31854 : EIP multi NIC IPv6 support and default route with next hop #2114 OCPBUGS-31648 : Set mac binding age threshold in gateway routers #2115 OCPBUGS-29342 : AdminPolicyBasedExternalRoute CRD failing to watch and reconcile routes for later pods #2076 OCPBUGS-29606 : Update HostNetworkNamespace address_set for remote zone nodes #2091 OCPBUGS-28726 : Update netpol namespace address sets usage to the old ways #2068 OCPBUGS-28819 : Support Permanent Session Affinity #2046 OCPBUGS-29231 : [release-4.14] Separate timeout for handler sync from informer sync & do not resync services during node tracker startup #2061 OCPBUGS-29186 : Wait for ovnkube controller to start before checking result error. #2067 OCPBUGS-29207 : Ignore hybrid-overlay nodes from EgressIP controller #2062 OCPBUGS-25999 : Prevent multiple encap-ips per single chassis #2037 OCPBUGS-28789 : Fix LGW ETP=Local on IPv6 #2042 OCPBUGS-27925 : dont quit if node does not have subnet annotation #2026 OCPBUGS-27256 : Ensure session affinity cleanup on backend removal #2021 OCPBUGS-23395 : Egressfirewall use port groups #1956 OCPBUGS-27243 : CARRY: Updates owners and adds Surya #2019 OCPBUGS-25081 : Update ACL syncer: make default deny acls filter more strict, #1981 OCPBUGS-26568 : Synchronize node primary address update #2012 OCPBUGS-24326 : APB External Route: Add IPv4 and IPv6 validation in CRD schema for static hop IP field #1967 OCPBUGS-25903 : Fix Egress IP Deletion Handler to Prevent OVN Policy Leaks #2003 OCPBUGS-25746 , OCPBUGS-25747 : Dockerfile: Bump OVN to ovn-23.09.0-91.el9fdp #1996 OCPBUGS-24320 : APB status not updated when fails to process during the first reconciliations #1968 OCPBUGS-23257 : Update leaderelection config to allow retries #1955 OCPBUGS-23387 : Ignore completed virt-launcher pods #1954 OCPBUGS-25087 : Fragment oversized reply packets in LGW mode #1982 OCPBUGS-22735 : OVNK/GW: Ignore headless services in syncServices #1970 OCPBUGS-24350 : [release-4.14] fixes MTU configuration on gateway router #1969 OCPBUGS-24209 : Significantly reduce shared informer memory usage #1964 OCPBUGS-19781 : Dockerfile: Copy ovnkube-trace file for RHEL8 platform #1908 OCPBUGS-20260 , OCPBUGS-20261 : [release-4.14] Use private IPv4 address range for transit switch subnet & Incorrect webhook error and exit handling #1933 OCPBUGS-19932 : OCPBUGS-19931: DownStream Batch Merge Blocker Bug 29th september 2023 #1920 OCPBUGS-19886 , OCPBUGS-19887 , OCPBUGS-19888 , OCPBUGS-19889 : EIP fixes, remove ippool dupe call, allow gw mtu in webhook and ovnkube node can set mgt port for dpu #1915 OCPBUGS-19812 , OCPBUGS-19813 , OCPBUGS-19814 , OCPBUGS-19815 : release 4.14 blocker fixes #1909 OCPBUGS-18427 , OCPBUGS-19507 , OCPBUGS-19538 , OCPBUGS-19568 : merging from master to release-4.14 #1889 OCPBUGS-18977 : Update bridge flow cache when the host address changes #1874 OCPBUGS-19503 , OCPBUGS-19649 : Use status subresource, Introduce per-node certs with webhook #1898 OCPBUGS-18584 : Check libovsdbclient.ErrNotFound on wrapped errors #1863 OCPBUGS-19087 : Dockerfile: bump OVN to ovn23.09-23.09.0-beta.31.el9fdp #1879 OCPBUGS-12146 : Updating ovn-kubernetes-microshift images to be consistent with ART #1656 OCPBUGS-18467 : Fix OVN SNATing on GR by enabling gateway_mtu on rtoe port of GR #1854 OCPBUGS-14709 , OCPBUGS-16617 , OCPBUGS-18603 : Bump to OVN 23.09 #1842 OCPBUGS-18378 : LGW: Fix the precedence of rules in FORWARD chain #1851 OCPBUGS-17773 : Perf increases to pod deletion #1847 OCPBUGS-17731 : move clearInitialNodeNetworkUnavailableCondition to clustermanager #1839 OCPBUGS-18110 : Fix encap port configuration for remote chassis #1836 OCPBUGS-17406 , OCPBUGS-17844 , OCPBUGS-17970 : [DownstreamMerge] 24 Aug 2023 #1833 OCPBUGS-17867 : CARRY: Removes restriction for ip scope universe on node ips #1822 8-16-23 #1820
OCPBUGS-17666 : Downstream Merge august 15th 2023 #1817 Downstream Merge 2023-8-10 #1813
OCPBUGS-17147 : [DownstreamMerge] 8 Aug 2023 #1803 Downstream Merge 2023-08-03 #1798
8-1-23 #1795
OCPBUGS-16767 , SDN-3507 , SDN-3733 : [DownstreamMerge] 7-27-23 #1789 OCPBUGS-15811 : SDN-3733: Downstream Merge: 25th July 2023 #1784 OCPBUGS-10650 , OCPBUGS-12747 , OCPBUGS-16413 , SDN-3732 , SDN-3733 : [DownstreamMerge] 7-19-23 #1750 Dockerfile: build both RHEL8 and RHEL9 shims #1760
SDN-3733 : [DownstreamMerge] 7-13-23 #1757 11 jul 23 #1752
07 jul 23 #1747
SDN-3993 : [DownstreamMerge] 06 jul 23 #1742 OCPBUGS-14632 : [DownstreamMerge] 30 jun 23 #1729 OCPBUGS-15127 : Dockerfile: bump to ovn 23.03.0-69 (for LB templates) and ovs 3.1.0-32 (upgrade perf) #1710 OCPBUGS-15523 : [DownstreamMerge] 6-27-23 #1726 OCPBUGS-15227 : [DownstreamMerge] 6-21-23 #1718 OCPBUGS-15226 : EgressIP: do not patch the status if the object no longer exists #1717 6-18-2023 #1714
OCPBUGS-14769 , SDN-3885 : Downstream Merge 13th June 2023 #1707 OCPBUGS-10592 , OCPBUGS-10841 , OCPBUGS-11180 , OCPBUGS-12747 , OCPBUGS-1715 , OCPBUGS-4370 , OCPBUGS-4485 , SDN-3733 , SDN-3838 , SDN-3840 : Downstream Merge 6th June 2023 #1697 OCPBUGS-12352 : Updating ovn-kubernetes-base images to be consistent with ART #1700 OCPBUGS-14636 : Fix Downstream Unit Tests #1696 OCPBUGS-12800 , OCPBUGS-13863 , OCPBUGS-14286 , OCPBUGS-14449 , OCPBUGS-4485 , SDN-3555 , SDN-3790 : Downstream Merge 1st June #1692 OCPBUGS-9825 : LoadBalancer Templates Merge Downstream: 25th May 2023 #1683 OCPBUGS-6013 : Call SyncEndpoints from AddService #1671 OCPBUGS-13716 : Use ovsver and ovnver to infer the short version numbers for ovs and ovn #1664 OCPBUGS-12971 : Fix bug that resulted in routes not be restored to a new vnic #1665 OCPBUGS-11567 : Check the status of a pod before trying to get its ip #1663 OCPBUGS-11716 : [release-4.14] Use loadbalancer.Name as client index #1652 OCPBUGS-11534 : Stack migration #1643 Remove no-longer-used rhel9-specific dockerfiles #1635
OCPBUGS-283 , OCPBUGS-3176 : Downstream merge 3rd April 2023 #1626 Updating ovn-kubernetes-microshift images to be consistent with ART #1620
OCPBUGS-6947 : CARRY: use “prefer local” for annotated services #1622 OCPBUGS-10839 , OCPBUGS-10962 : [DownstreamMerge] 28 March 2023 #1611 OCPBUGS-10485 : Bump OVS to 3.1.0-10 #1613 node: small downstream CARRY patch cleanup #1549
OCPBUGS-10889 , OCPBUGS-8473 : Downstream Merge [27-mar-2023] #1608 OCPBUGS-7932 , OCPBUGS-7988 , OCPBUGS-8080 , OCPBUGS-8278 , OCPBUGS-8280 , OCPBUGS-9990 : Downstream Merge [10-mar-2023] #1574 Dockerfiles: copy RHEL-9 bits over top of unused RHEL8 bits #1553
OCPBUGS-10395 : Bump OVN to disable CT flush #1590 Updating ovn-kubernetes-microshift images to be consistent with ART #1576
Updating ose-ovn-kubernetes images to be consistent with ART #1578
Updating ovn-kubernetes-base images to be consistent with ART #1575
OCPBUGS-8222 , OCPBUGS-8397 , OCPBUGS-8464 : [DownstreamMerge] 7 Mar 2023 #1556 OCPBUGS-7952 : Dockerfile: bump to ovn23.03-23.03.0-4.el9fdp for RHEL9 #1554 OCPBUGS-5889 : [DownstreamMerge] 2023-03-03 #1552 Removal of small code delta from upstream #1548
rhel9: bump to ovn23.03-23.03.0-preview.4 #1550
Downstream Merge [March 2nd 2023] #1551
2-28-23 #1546
OCPBUGS-2663, Bug 2091780, OCPBUGS-6739: Downstream merge 2023-02-20 #1533
rhel9: bump to openvswitch3.1-3.1.0-2.el9fdp #1544
OCPBUGS-7296 : Remove ICNIv1 from ovn-kubernetes #1531 Dockerfiles: switch to dnf #1539
iptables package is missing in microshift image #1530
Updating ovn-kubernetes-microshift images to be consistent with ART #1443
rhel9: no longer need to use iptables wrappers #1526
cleanup: drop redundant selinux-policy install in onvkube dockerfiles #1525
iptables: use container iptables, not the host’s #1481
rhel9: oc RPM does the kubectl symlink #1523
rhel9: no longer need python3-pyOpenSSL #1519
rhel9: remove stray oc install #1518
Add RHEL9 image Dockerfiles #1495
Downstream merge 2023-02-07 #1510
OCPBUGS-6953 , OCPBUGS-6955 : [Downstream Merge 6th Feb 2023] #1509 OCPBUGS-4909 : Dockerfile: bump OVN to 22.12.0-18 #1487 Bug 2078222, OCPBUGS-4119, OCPBUGS-5930, OCPBUGS-4425: [DownstreamMerge] 1-31-23 #1496
Bug 2047299, OCPBUGS-2337: [DownstreamMerge] 13 Jan 2023 #1474
Bug 2041746 : Bump OVN to 22.12.0-4 #1468 Bug 2075548 : [DownstreamMerge] 09 Jan 2023 #1466 15 Dec 2022 #1454
Updating ose-ovn-kubernetes images to be consistent with ART #1430
OCPBUGS-4825 : [DownstreamMerge] 12-14-22 #1449 OCPBUGS-4659 : [DownstreamMerge] - 12-12-22 #1437 Updating ovn-kubernetes-base images to be consistent with ART #1431
Fix product build issue with more straight forward bash #1432
OCPBUGS-4502 : Downstream Merge 7th-December-2022 [Support service session affinity timeout] #1418 OCBUGS-4502 : Dockerfile: bump OVN to 22.09.0-25 #1424 Update base image of Dockerfile #1239
OCPBUGS-3739 : [DownstreamMerge] 12-02-22 #1410 OCPBUGS-2319 : [DownstreamMerge] 11-30-22 #1405 OCPBUGS-799 : Bump OVN to 22.09.0-22 #1403 Bug OCPBUGS-1352: [DownstreamMerge] 11-18-22 #1400
Bug 2092567 : [Downstream Merge] 16/11/2022 #1381 OCPBUGS-3797 : [4.13] Dockerfile: bump OVS to 2.17.0-62.el8fdp #1362 OCPBUGS-3292 : downstream windows fixes #1377 Update images to be consistent with ART #1371
Downstream merge 11-08-2022 #1364
EIP: remove downstream’s duplicate node delete test #1358
SDN-3589 : downstream merge 11-02-2022 #1355 OCPBUGS-2770 : Allow empty nexthop in L3GatewayConfig node annotation #1337 Full changelog
OCPBUGS-36095 : Fix CVE-2024-6104 by updating http-retryable to 0.7.7 #90 OCPBUGS-33637 : Fix CVE2023-45288 by bumping x/net to v0.24.0 - 4.14 #81 OCPBUGS-25980 : Rebase with upstream: Fix snyk code issue: Path Traversal #72 OCPBUGS-24713 : synk: ignore vendor dir #60 OCPBUGS-21112 : CVE-2023-39325 - Update net dependencies - 4.14 #51 cherry-pick: Improve delete device failure logs in driver node #48
OCPBUGS-17309 : Updated golang.org/x/net/html dependency. #43 Rebase with upstream: v0.4.0 changes #42
Rebase: upgrading go modules #40
Rebase with upstream: reduce multipathd usage (OCPBUGS-16878) #39
Rebase with upstream: removed panic and some cleanup #38
Rebase with upstream #37
Package device-mapper-multipath added #36
Merging upstream code with downstream #33
OCPBUGS-12922 : Updated net dependencies #29 OCPBUGS-12716 : Updating ose-powervs-block-csi-driver images to be consistent with ART #30 Updating ose-powervs-block-csi-driver images to be consistent with ART #26
OCPBUGS-6454 : update net deps #23 Update OWNERS to Multi-Arch component #22
Rebase to upstream v8 #21
Updating ose-powervs-block-csi-driver images to be consistent with ART #19
Rebase with upstream kubernetes-sigs/ibm-powervs-block-csi-driver. #20
Rebase with upstream kubernetes-sigs/ibm-powervs-block-csi-driver. #16
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #58 OCPBUGS-25715 : snyk: ignore vendor dir #60 OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #48 OCPBUGS-21203 : CVE-2023-39325 - Update net dependencies - 4.14 #40 Update OWNERS add yussufsh #44
STOR-1438 : Restart controller Pods if metrics-serving-cert changed #36 OCPBUGS-16531 : Upgraded openshift/library-go to remove indirect references to goproxy. #35 OCPBUGS-16654 : Rename sidecar binding RBACs #32 OCPBUGS-16783 : Chore: Update OWNERS #33 STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #31 OCPBUGS-14824 : Bump ibm-powervs-block-csi-driver-operator library-go #30 OCPBUGS-12925 : Updated net dependencies #26 Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #25
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #24
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #23
Adding storage team to OWNERS so they can perform lib-go updates. #21
OCPBUGS-8683 : Add management workloads annotations #20 Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #19
add proxy to node-update-controller #18
OCPBUGS-6455 : updating net deps #15 Update OWNERS to Multi-Arch component #14
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #12
Updated operator folder and deployment name in the readme file #11
Full changelog
OCPBUGS-36105 : UPSTREAM: <carry>: Fix go-retryablehttp CVE 4.14 #75 OCPBUGS-24727 : UPSTREAM: <carry>: snyk code scan exclude vendor directory #54 OCPBUGS-21299 : CVE-2023-39325 - Update net dependencies - 4.14 #45 UPSTREAM: <carry>: Add check for valid Power VS instance id #42
Manual rebase to k8s 1.27 and go 1.20 #40
Revert images golang 1.18 #38
Updating ose-powervs-cloud-controller-manager images to be consistent with ART #37
Revert build_image to the one currently specified in release repo #36
OCPBUGS-12921 : Updated net dependencies #33 Updating ose-powervs-cloud-controller-manager images to be consistent with ART #31
Updating ose-powervs-cloud-controller-manager images to be consistent with ART #30
OCPBUGS-6456 : update net deps #27 Update OWNERS to Multi-Arch component #26
Updating ose-powervs-cloud-controller-manager images to be consistent with ART #25
Full changelog
OCPBUGS-41978 : Update go.mod to fix CVE - 4.14 #86 OCPBUGS-24730 : snyk code scan exclude vendor directory #65 OCPBUGS-21879 : CVE-2023-39325 - Bump golang.org/x/net to v0.17.0 - 4.14 #54 OCPBUGS-18338 : Fix CI by running tests natively by default #50 MULTIARCH-3669 : Set instance build condition to avoid attempting to create duplicate vm with same name #49 MULTIARCH-3677 : Add pagination for listing service instances #48 MULTIARCH-3667 : Loadbalancer integration support for control plane machines #41 MULTIARCH-3668 : Update make file to use latest golang #47 MULTIARCH-3669 : Avoid setting VM provider ID as soon as VM creation #46 Updating ose-powervs-machine-controllers images to be consistent with ART #45
OCPBUGS-11223 : Reduce metrics cardinality #44 openshift/api version update to latest #42
Updating ose-powervs-machine-controllers images to be consistent with ART #40
OCPBUGS-6457 : Update dependencies to Kube 1.26 #38 Update OWNERS to Multi-Arch component #37
Updating ose-powervs-machine-controllers images to be consistent with ART #36
Full changelog
Bump openshift/prom-label-proxy to v0.7.0 #356
OCPBUGS-12293 : Update 4.14 prom-label-proxy image to be consistent with ART #355 Updating prom-label-proxy images to be consistent with ART #353
Bump openshift/prom-label-proxy to v0.6.0 #352
Updating prom-label-proxy images to be consistent with ART #351
Full changelog
OCPBUGS-43670 : fix(discovery): Handle cache.DeletedFinalStateUnknown … #239 OCPBUGS-22531 : bump otel dependencies #183 OCPBUGS-21262 : update golang.org/x/net to v0.17.0 [4.14] #176 Bump openshift/prometheus to v2.46.0 #167
Bump openshift/prometheus to v2.45.0 #166
Bump openshift/prometheus to v2.44.0 #164
Dockerfile.ocp: update note about UI assets after switching to embed #165
OCPBUGS-12996 : Add missing assets after manual merge #162 OCPBUGS-12825 : Updating golang-github-prometheus-prometheus images to be consistent with ART #160 Bump openshift/prometheus to v2.43.0 #158
Updating golang-github-prometheus-prometheus images to be consistent with ART #156
Bump openshift/prometheus to v2.42.0 #154
Bump openshift/prometheus to v2.41.0 #153
Bump openshift/prometheus to v2.40.7 #152
Bump openshift/prometheus to v2.40.6 #151
Bump openshift/prometheus to v2.40.5 #150
OCPBUGS-4273 : Bump openshift/prometheus to v2.40.4 #148 OCPBUGS-2873 : fix certificate reloads after rotation #145 Updating golang-github-prometheus-prometheus images to be consistent with ART #147
Full changelog
OCPBUGS-21064 : Bump golang.org/x/net to v0.17.0 #80 OCPBUGS-12506 : update golang.org/x/net #71 OCPBUGS-12289 : Update 4.14 golang-github-prometheus-alertmanager image to be consistent with ART #70 Updating golang-github-prometheus-alertmanager images to be consistent with ART #68
Bump openshift/prometheus-alertmanager to v0.25.0 #67
Updating golang-github-prometheus-alertmanager images to be consistent with ART #65
Full changelog
OCPBUGS-30015 : fix: convert continue field between v1beta1 and v1alpha1 #279 OCPBUGS-20881 : fix: disable HTTP2 connections by default #253 OCPBUGS-20881 : Bump golang.org/x/net to v0.17.0 #247 Bump openshift/prometheus-operator to v0.67.1 #240
Bump openshift/prometheus-operator to v0.67.0 #239
OCPBUGS-14466 : bump openshift/prometheus-operator to v0.66.0 #236 OCPBUGS-14033 : cmd/prometheus-config-reloader: add SIGTERM handler #234 OCPBUGS-1626 : [bot] Bump openshift/prometheus-operator to v0.65.1 #233 OCPBUGS-12324 : Update 4.14 prometheus-config-reloader image to be consistent with ART #230 Updating prometheus-operator images to be consistent with ART #229
Updating prometheus-config-reloader images to be consistent with ART #227
Updating prometheus-operator-admission-webhook images to be consistent with ART #226
Updating prometheus-config-reloader images to be consistent with ART #225
OCPBUGS-10109 : Updating openshift-state-metrics images to be consistent with ART #221 OCPBUGS-10137 : Updating openshift-state-metrics images to be consistent with ART #222 Updating prometheus-operator images to be consistent with ART #220
OCPBUGS-6055 : [bot] Bump openshift/prometheus-operator to v0.63.0 #216 Bump openshift/prometheus-operator to v0.62.0 #215
Updating prometheus-operator-admission-webhook images to be consistent with ART #214
Updating prometheus-config-reloader images to be consistent with ART #213
Updating prometheus-operator images to be consistent with ART #212
OCPBUGS-2778 : [bot] Bump openshift/prometheus-operator to v0.61.1 #209 Full changelog
OCPBUGS-21162 : (4.14) upgrade golang.org/x/net to v0.17.0 #134 Bump openshift/node_exporter to v1.6.1 #130
OCPBUGS-12714 : Bump openshift/node_exporter to v1.6.0 #129 OCPBUGS-12507 : Upgrade golang.org/x/net to v0.10.0 to fix the CVE #128 Updating golang-github-prometheus-node_exporter images to be consistent with ART #122
Updating golang-github-prometheus-node_exporter images to be consistent with ART #120
OCPBUGS-6311 : addressing vulnerability GO-2022-1144 #119 Bump openshift/node_exporter to v1.5.0 #118
Updating golang-github-prometheus-node_exporter images to be consistent with ART #117
build(deps): bump github.com/prometheus/client_model from 0.2.0 to 0.3.0 #114
build(deps): bump github.com/jsimonetti/rtnetlink from 1.2.2 to 1.2.3 #115
Full changelog
OCPBUGS-21576 : bump(k8s,openshift) to address CVE-2023-44487 [4.14] #34 refactor route controller manager to use library-go server and ControlerCommand for generic setup #28
add dummy flags needed for a switch to library-go server and ControlerCommand #29
Revert “[WRKLDS-730] refactor route controller manager to use library-go server and ControlerCommand for generic setup” #25
refactor route controller manager to use library-go server and ControlerCommand for generic setup #22
WRKLDS-700 : bump(k8s) to v0.27.1 #21 Updating ose-route-controller-manager images to be consistent with ART #19
Updating ose-route-controller-manager images to be consistent with ART #18
Updating ose-route-controller-manager images to be consistent with ART #17
Update gomod mapping for k8s.io/dynamic-resource-allocation #16
Updating ose-route-controller-manager images to be consistent with ART #13
WRKLDS-594 : bump(k8s): v1.26.1 #15 OCPBUGS-4198 : do not depend on the API defaulting when creating Routes #11 Full changelog
OCPBUGS-34830 : fix issuer check during JWT authentication 4.14 #539 OCPBUGS-32888 : update gopkg.in/square/go-jose.v2 to fix CVE-2024-28180 #535 OCPBUGS-22647 : go.mod: bump go.opentelemetry.io/contrib/instrumentation/net/http/ote… #494 OCPBUGS-21349 : [release-4.14]: Bump golang.org/x/net to v0.17.0 #484 OCPBUGS-16397 : Nutanix OCP cluster telemetry data “host_type” shows “virt-unknown” #474 chore: bump github.com/prometheus/prometheus to v0.45.0 #475
: fix mtls secret generation #473
Revert wrong cert name change of #455 #472
: add secret for external mtls connection #470
MON-3230 : Add TLS auth to telemeter-client #455 jsonnet: Add config to support rhelemeter #468
Improve debug roundtripper logs #467
Fix integration test documentation #461
Fix path benchmark #466
Add RHEL POC server #465
OCPBUGS-12345 : tools: update to golangci-lint v1.51 #464 OCPBUGS-12678 : Update golang.org/x/net to lastest version #462 add thibaultmg in OWNERS file #459
Update OWNERS #456
Use receive handler logger #450
OCPBUGS-10169 : Updating telemeter images to be consistent with ART #452 Filter noisy logs from TCP probes #453
Add douglascamata as reviewer and approver #454
OCPBUGS-6962 : Add ‘agent-installer’ value to ‘install_type’ label #447 OCPBUGS-6477 : Upgrade go version and dependencies #448 server: Ensure logging level is flag is respected #449
Add ‘hypershift’ value to ‘install_type’ label #437
Replace ‘hypershift-unknown’ with ‘unknown’ #438
Fix receive whitelist logic #445
Bump snappy version and add debug logs #444
Add metrics for telemeter receive path #443
Log faulty tokens #441
pkg/receive: Sanitize metric labels #440
Updating telemeter images to be consistent with ART #439
Add Daniel Mellado to OWNERS #436
Add rules for cluster vCPU-hours #435
Full changelog
OCPBUGS-52583 : Use payload pullspec for image info test #29591 OCPBUGS-51363 : Disable:Broken for [sig-builds][Feature:Builds][Slow] can use private repositories as build input build using an HTTP token should be able to clone source code via an HTTP token #29567 OCPBUGS-51044 : Add/remove team members to the OWNERS file for Builds #29554 OCPBUGS-44107 : Adjust createDNSPod() to support hypershift dual-stack test #29256 OCPBUGS-39137 : Bump timeout for the pod-network-service endpoints check #29062 OCPBUGS-38365 : add Proxy config #28998 OCPBUGS-36800 : Removes dependency on samples operator images #28952 #28775 FIX [release-4.14] OCPBUGS-33367: monitor test fix to wait before connecting to a non-existent dns on PowerVS and IBMCloud platforms #28792
#28745 FIX [release-4.14] OCPBUGS-33022: update egressFWTestE2E image which contains ping binary #28899
OCPBUGS-36464 : test/extended: skip etcd leader change check on hypershift #28921 OCPBUGS-35475 : Use centos7 tag instead of latest for cmd images tests #28881 OCPBUGS-33417 : Provide SCC access via RBAC #28806 OCPBUGS-33563 : Adjust the method of get the apiServer (release-4.14) #28763 OCPBUGS-29970 : Do not assume there is just a single kubelet systemd service #28620 OCPNODE-2101 : add kube-rbac-proxy-crio toleration change #28647 OCPBUGS-29928 : Only extract node role from properly formatted node-role label #28616 OCPBUGS-29182 : updated timeout to 3 seconds to account for network timing issues #28578 OCPBUGS-29034 : Replace ‘coreydaley’ with ‘sayan-biswas’ #28574 OCPBUGS-26044 : Adding test case for when exceed openshift.io/image-tags will ban to … #28493 OCPBUGS-21774 : backport #28316 to 4.14 release #28335 Revert “[release-4.14] OCPBUGS-22720: Use Centos 8 Stream mysql image in tests” #28368
OCPBUGS-23042 : tolerate AWS edge nodes on monitor tests #28387 OCPBUGS-23145 : Bump watch requests for cluster-baremetal-operator #28385 trt-1340: backport exact and disable monitor tests options to 4.14 #28391
OCPBUGS-19923 : Updating parameters for build timing PushImage test #28291 OCPBUGS-22411 : fix: increase upper bounds for samples operator #28356 OCPBUGS-22720 : Use Centos 8 Stream mysql image in tests #28365 OCPBUGS-22389 : Remove all docker.io images due to access denied #28355 OCPBUGS-21774 : backport https://github.com/openshift/origin/pull/28238 to 4.14 release #28333 Revert #28304 “OCPBUGS-20308: Backport PR 28295 and 28238” #28314
OCPBUGS-20308 : Backport PR 28295 and 28238 #28304 OCPBUGS-19903 : kubevirt: add live migration tests #28281 wait for the service to have endpoints before starting pollers #28279
some monitor tests only function on disruptive tests #28287
OCPBUGS-19718 : rteval #28276 OCPBUGS-19547 : fix: add rteval to the test image #28269 TRT-1244 : Bump aws-ovn upgradeDurationLimits to 130 #28265 OCPBUGS-19061 : Remove duplicate connection type from disruption name #28260 USHIFT-1590 : skip failing invariants in MicroShift #28193 Revert “created persistent volume claims can not exceed the limitation” #28232
Revert “in-cluster disruption: ensure that only one monitor is started in cluster” #28230
created persistent volume claims can not exceed the limitation #28224
Revert “Fail on APIs removed in the next release” #28227
OCPBUGS-13158 : in-cluster disruption: ensure that only one monitor is started in cluster #28081 Fail on APIs removed in the next release #27561
Service invariant #28202
prevent secondary errors reported in prior steps #28221
OCPBUGS-17477 : requestheader: wait for only 3 oauth-servers to be available #28161 [test/extended/networking] Rename ovnkube containers #28219
Reduce usage of dcs #28212
Do not fail etcd storage path test for GVRs that are not served. #28214
move graceful shutdown to monitor test #28201
move PDBUnhealthyPodEvictionPolicy from TP to beta #28206
if no openshift-tests image can be auto-detected or specified, skip it #28207
allow failures for tests intentionally producing failures #28211
fix *-to-host sampler failure calculation #28209
skip test with intermittent serial problems #28208
point host network, network disruption at the kubelet #28191
migrate some watching code to monitortests #28188
fail if no sampler output is found for the poller #28198
Fix possibility of intervals without from/to by requiring when we Build() #28182
OCPBUGS-17497 : Skip invariant load balancer test for None platform #28180 tolerate cluster without clusterversion #28197
select poller image from payload #28194
AUTH-409 : bump o/k for the updated PSa labels #28192 Fixes openshift-tests dry-run failure asking for KUBERNETES_MASTER #28165
TRT-930 : Update test to support 2 release query_results.json #28149 add e2e non-functional test for required-scc SCCs #28142
Add a test to flake if we see NetworkManager log “too many netlink events” #28098
OCPBUGS-16615 : Making prometheus telemetry test flake #28181 update watch-endpoint-slices to usable shape #28184
add comments requested in review #28186
rebrand invariant tests as monitor tests #28185
basic setup of podNetwork disruption tests #28179
start the watch-endpoint-slice command #28169
stop sampling when we stop #28178
run start and collect in parallel #28174
only close node ready if the node was not ready before #28170
make monitor command separately runnable #28168
OCPBUGS-15726 : add tests for openapi v3 #28129 fix microshift fix that broke all disruption #28175
Add stlaz and p0lyn0mial to OWNERS #28166
OCPBUGS-15726 : Revert “temporarily disable oc explain tests until openapi/v3 is working” #28155 Add some tests for event interval generation #28163
USHIFT-1464 : skip TestFrontProxy for MicroShift #28064 upgrade distribution to v3 #27958
Skip external service monitoring invariant for microshift #28160
Refactor e2e-test intervals to use the new locator builder #28099
OCPBUGS-16166 : Update to Kubernetes 1.27.4 #28147 Remove obsolete buildanalyzer tool #28158
Bug OCPBUGS-17483: Skip invariant load balancer test for OpenStack #28154
be sure the exit code fails when the invariant tests fail #28152
OCPBUGS-17351 : Skip some invariants in microshift #28136 OCPBUGS-16166 : disable 2 tests in preparation to land k8s 1.27.4 #28148 Fix kubevirt test flake caused by pod name collision #28153
move the discovery filtering into suite filtering instead of post filtering #28145
move remaining disruption tests to invariants #28144
Disable EgressIP test termporarily due to OVN-K bug #28146
Bug OCPBUGS-6778: Correct condition for rejecting connection #27876
USHIFT-1484 : skip prometheus alerts for MicroShift #28070 remove unnecessary global modification from upgrade #28143
OCPBUGS-16615 : Moving Prometheus reporting telemetry to serial jobs #28138 OCPBUGS-15568 : Set quota wait timeout to 1 minute #28071 rough package alignment #28131
return calculated intervals #28141
move existing invariant tests #28130
remove extraneous layering for the monitor #28127
Fix ClusterOperator tests that can only report failures #28120
properly categorize the stop and start intervals #28139
MON-1960 : Remove exceptions for alert annotations #28118 Revert invariant and other refactors #28133
Remove exception on KubeSchedulerDown runbook #28126
expedient engineering: inject intervals into recorded events from out… #28128
Add Fabio and remove Stefan from image approvers #28125
separate the run, run-upgrade, and run-test #28121
Remove enabling multinetwork policy #28116
OCPVE-292 : OCPVE-293: OCPVE-294: feat: added a realtime latency test suite #28110 Update image mirroring instructions to handle uncompressed layers #28101
protect against nil panic on unassigned disruption adapter #28123
fix: workload partitioning - added more error handling for retry attempts #28111
Revert “adds legacy disruption to invariant tests” #28117
adds legacy disruption to invariant tests #28104
refactor command line start for openshift-tests #28107
oauth requestheaders: gather oauth-server logs as admin #28114
Automated - Update synthetic test data #28108
SDN-4042 : Increase total upgrade time on OVN platforms #28074 Update image stream test to create a manifest list image by default #28017
Adjust interval builder before we continue porting #28109
Put times in UTC to allow local testing; use asserts where we can #28091
feat: make data gathering more robust #28102
remove suite hook configuration and make information flow one-way #28090
USHIFT-1463 : add [apigroup] annotation to skip tests for MicroShift #28061 OCPVE-318 : feat: add node validation for workload partitioning #28056 Unrevert pull request #28069 from dgoodwin/interval-builder #28095
Disruption reverts #28093
AUTH-401 : test/e/authorization/pod_security_admission: add e2e test for pinning SCCs #28092 fix logic – If error, return current time; else return log line time #28084
add interface for future invariant tests #28077
Interval Building Phase 1 #28069
create a recorder interface that separates monitoring from recording #28080
remove unnecessary options and make monitor act like controller #28079
Fix retrieval of virt-launcher pod of the guest node #28082
Fix usage of priviliged pods in sig-kubevirt test cases #28078
trt-1150: move lock so prevent multiple file updates in single commit #28065
finish scrubbing out sampler #28076
Automated - Update synthetic test data #28072
MON-3280 : enable etcd metrics check again #28049 OCPBUGS-13158 : Run new tests which monitors in-cluster API server disruption as daemonsets on masters/workers #27909 fix: add missing namespaces to exclude list #28060
Update S2i Image tests for removing nodejs 14 ubi8 eol #28058
only close intervals if they are open #28059
USHIFT-704 : skip [sig-cli] whoami result with console for MicroShift #28005 ignore machine api capability #28052
ODC-7333 : Add consolesamples to the exception list of CRDs without a status #28057 Handle partial discovery results in DoesApiResourceExist. #28047
Remove audit id from sample err #28043
Remove sampler #27960
ODC-7333 : Add consolesamples to the list of console resources that all users should have read access #28045 OCPBUGS-15893 : Update permission to incl. watch for helmchartrepositories for console users #28044 Automated - Update synthetic test data #28014
increase cloud-credential-operator watch since we added a self-clusteroperator watch #28046
OCPBUGS-15291 : Update broken dc tests due to deprecation warning #28041 Enable Azure platform check in external cloud provider test #27776
update pathological event namespace label to be unambiguous #28038
multinetpolicy: use RetryOnConflict to reduce flakes #28035
USHIFT-1379 : skip must-gather tests for MicroShift #28015 Provide more detailed information when extracting binary fails #28034
test: extended: deployment: use correct apigroup for imagestreamtags #27689
Add logs in clusterquota test for more verbosity #28032
OCPBUGS-15500 : Avoid panic attempting to process interval logs #28012 Add test checking nodes are in proper read state before upgrade #28028
trt-1030: 80s for service lb under test #28004
OCPBUGS-15835 : remove references to registry.centos.org #28029 OCPVE-379 : fix: avoid checking resources for BestEffort pods #28006 OCPBUGS-15568 : Increase clusterquota wait timeout from 10 to 30 seconds #28026 OCPBUGS-15558 : retry promql a few times to mask i/o timeouts #28010 AUTH-377 : Add oauth-server redirect URI validation e2e tests #27922 temporarily disable oc explain tests until openapi/v3 is working properly #28022
USHIFT-647 : skip non-existing resources from security.openshift.io #27897 trt-1117: Test for update lease errors #28020
print out deployment for incorrectly scheduled pods #28011
OCPBUGS-14425 : Skip CCM upgradable condition on AlibabaCloud #27967 Update “verify that nodes have no unexpected reboots” test #28016
allow cluster-config-operator to manage featuregate upgrade block #28009
add a networking alert for OVNKubernetesResourceRetryFailure #28008
add debugging info for cluster not ready to upgrade #28007
OCPVE-378 : feat: remove skip, allow check on all platforms regardless #27911 Report external binary usage #28000
Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure #27987
disruption refinement for availability, not latency. #28003
TRT-1097 : add KubeMemoryOvercommit to specific test so that the general test doesn’t fail #28002 OCPBUGS-11652 : Enable oc adm node-logs #27992 skip reboot test when machineconfigs not in target cluster #27999
OCPBUGS-15291 : [sig-cli] oc idle: get a dc name through labels instead of parsing oc create output #27998 Automated - Update synthetic test data #27995
Flake ci-cluster-network-liveness and new backend disruption failures to avoid payload rejections #27990
verifies number of node reboots even for HA #27994
OCPBUGS-13379 : machines: add a test which verifies number of node reboots #27993 strip operator framework from resource watch and fix bugs #27972
Fix panic in loki upload #27991
Replace dashes in locator keys for upload to loki, add namespace label when possible #27983
Automated - Update synthetic test data #27982
Update kubevirt LB connectivity tests to work with AWS ELB #27978
STOR-1263 : Bump (openshift/kubernetes): to get openshift/kubernetes#1595 #27970 add shutdown interval for apiserver from events #27919
Update expected name for OVN acl logging test #27974
Updated pathological events #27942
new disruption backend #27838
OCPBUGS-14667 : Revert “MON-3213: Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure” #27969 MON-3213 : Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure #27933 push intervals to loki #27930
USHIFT-1300 : Avoid getting cluster state for TEST_PROVIDER env var #27964 hard monitor.Event message creation #27946
ETCD-425 : restore test should validate state #27921 OCPBUGS-14338 : test/extended/prometheus: increase telemetry series threshold #27959 Running tests using external binary #27570
OCPBUGS-14321 : Increase timeout in sysctl allowlist test #27955 remove legacy recovery tests #27917
OCPBUGS-13649 : add tests for ClusterResourceQuota: count should work for all resources #27934 MON-3219 : Clear missing summary/description annotation test case exception #27944 OCPBUGS-13788 : 2x Revert “test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases” #27926 #27927 OCPBUGS-14125 : Move from registry.centos.org to quay.io #27945 LoadBalancer network connectivity test cases for HyperShift+KubeVirt #27931
Revert “Add coverage for GET verb and websocket handshake to SCC exec tests.” #27943
update the PDB resource to point to resource, not kind #27938
fix oc explain status and spec verification #27937
Add coverage for GET verb and websocket handshake to SCC exec tests. #27836
test/extended/prometheus: fix test with enabled telemetry #27915
bump(k8s.io/kubernetes) #27935
Automated - Update synthetic test data #27920
Change oc annotate cli test output check string #27932
Migrate set-image.sh to go based test #27863
STOR-1263 : Rebase 1.27.1 #27894 Update etcd team lead #27928
Revert “test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases” #27926
trt-1032: update upperbounds based on recent failures #27923
OCPBUGS-6586 : oc idle: increase wait timeouts to 60 sec #27913 test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases #27795
Mark ErrorReconcilingNode macAddress not found as known and with existing BZ #27918
OCPBUGS-13366 : ignore repeated TopologyAwareHintsDisabled events #27916 OCPBUGS-13372 : Add missing error check in sysctl allowlist test #27914 trt-900: log risk-analysis errors but don’t pass back up #27898
Automated - Update synthetic test data #27908
OCPBUGS-5943 : Revert “ignore repeated TopologyAwareHintsDisabled events” #27815 Reactivate netpol tests #26775
Adjust thresholds for reasonable upgrade durations #27905
Fix up the chart so the “Not” column is lined up #27886
Automated - Update synthetic test data #27861
OCPBUGS-12447 : Add intervals and test for ovs-vswitchd unreasonably long poll interval #27889 WRKLDS-665 : Enable [sig-scheduling] SchedulerPreemption [Serial] validates pod disruption condition is added to the preempted pod [Suite:openshift/conformance/serial] #27874 TRT-856 : DNS and disruption overlap test #27826 OCPBUGS-11944 : use tokenrequest from lib-go #27883 CCO-367 : Allow CCO to be Upgradeable=False when credentialsMode=Manual #27887 add anonymous cert detection test case #27890
Render html from monitor #27853
PSa podspec exporter e2e: don’t specifically add seccompProfile to the podspec #27756
ETCD-417 : add a new basic etcd backup/restore test #27875 test/extended: cpu-partitioning: skip cluster infrastructure for Hypershift #27884
OCPNODE-1257 : feat: remove custom node wait logic for upstream framework call #27882 Add (optional) dual-stack tests to the CNI certification test suite #27807
Trt-945 detect master node updates #27851
Updating openshift-enterprise-tests images to be consistent with ART #27793
Move selfsubjectreviews RBAC rule to the right place #27873
Add git retry to run resource watch #27865
Update ETCD storage data for k8s 1.27 #27871
OCPBUGS-11652 : disable oc adm node-logs #27867 NE-1243 : Validate TCP DNS local endpoint preference as well as UDP. #27791 Add selfsubjectreviews RBAC rules #27866
ETCD-399 : Add recovery suite to openshift-test cli #27869 add specific test for failing cgroups path #27852
not rely on deterministic pod names in oc debug tests #27842
Revert “TRT-889: Temp flake all azure disruption” #27843
add wait for ingress to be responsive before beginning upgrade #27857
Allow cluster daemonsets to use maxSurge #27819
retry getting the URL for routes until we succeed #27854
bump timeout #27849
OCPBUGS-11215 : fix: add namespace annotation helper for egress cni test #27834 negative filtering #27829
OCPBUGS-11072 : Add test for Egress Firewall node selector #27824 upkeep: updated query results #27835
Revert “Make unidle test more strict” #27833
OTA-824 : test/extended/cli/admin: Test ‘oc adm release extract –file image-references …’ #27822 STOR-1272 : DisableSC test should ignore in-tree storage classes #27814 add apiserver availability timeline events #27828
OCPBUGS-9831 : Make unidle test more strict #27673 remove runresourcewatch git lock file on failure #27820
Improve the disruptive suite description #27823
OpenStack: Restore in-tree cinder provisioner tests #27789
Add Divyanshu Agrawal as a reviewer #27821
Enable AWS platform check in external cloud provider test #27777
OCPBUGS-10824 : fix: add poll to get deployment status and avoid false positive #27818 Add a test case checking for cluster upgradeability #27806
Gather more interesting etcd pod logs for issues we’re debugging #27816
Strip ANSI control characters from junits #27801
Automated - Update synthetic test data #27703
move IsTechPreviewNoUpgrade function to exutil and reuse everywhere #27787
Mark previous pathological events so they get added to spyglass charts #27743
CNF-5652 : Add cpu partitioning tests #27770 Revert “Revert “Add vlan/macvlan/ipvlan incontainer master tests”” #27775
Separate pathological event tests for all known namespaces #27774
Scan etcd logs for dropped internal raft messages #27798
Add intervals, synthetic test, and charting for etcd “slow fdatasync” pod log messages #27772
OCPBUGS-8092 : Fix mounted volume expansion tests #27782 Specify Audit-ID to identify disruption requests in api audit logs #27780
TRT-889 : Temp flake all azure disruption #27781 OCPBUGS-8483 : Revert “Switch to readyz path for health probes on Azure” #27771 WRKLDS-657 : add test for UnhealthyPodEvictionPolicy for PDBs #27768 Enable vSphere platform check in external cloud provider test #27638
Realtime Kernel Tests #27751
OCPBUGS-8310 : Bump to 1.26.2 #27764 OSASINFRA-3109 : networking: add a test for control plane LB #27748 Add additional comments with findings from k8s 1.26 bump #27728
OCPBUGS-8092 : mark volume expansion test as Flaky #27767 Revert “Add vlan/macvlan/ipvlan incontainer master tests” #27766
OCPBUGS-7519 : Revert Skip nfs tests temporarilly #27762 TRT-800 : Collect variant data for risk analysis #27731 Add tap plugin test #27737
Port alert backstop test to invariant, allow running alert/disruption invariants locally for developers #27724
Add vlan/macvlan/ipvlan incontainer master tests #27700
STOR-1077 : promote CSIInlineVolumeAdmission feature gate to GA #27713 move disruption locators to monitorapi #27760
Switch to readyz path for health probes on Azure #27753
Fix defunct owners file in test/extended/util/annotate #27750
OCPBUGS-7833 : Rework no optional capabilities rules #27745 OCPVE-278 : fix: multi build error, only add rt-tests for x86 #27749 Restore alert refactor with fix for disruption tests all being skipped #27742
OCPBUGS-7519 : Skip nfs tests temporarilly #27747 OCPVE-278 : feat: add rt tests package to openshift-tests #27740 OCPBUGS-7616 : Revert Revert “bump(k8s): 1.26” #27738 Revert “bump(k8s): 1.26” #27736
test/extended/authorization/rbac: Condition console RBAC on ‘Console’ capability #27681
Revert “Alert Testing on new Namespace and Level” #27734
OCPBUGS-7488 : test flake: should not reconcile SC when state is Unmanaged #27726 Revert “perform build csi volume test on GA clusters” #27730
OCPBUGS-1125 : remove reference to old guard pods #27727 bump(k8s): 1.26 #27694
Do not bail on producing artifacts when nodes are dead #27729
audit inspection #27687
Allow baremetal tests to run on Azure platform #27573
OCPBUGS-6902 : Wait for DNS DS pods to be ready #27715 Chart CI cluster DNS problems in different color from disruption #27719
Add pathological events into spyglass charts #27649
BUILD-407 : perform build csi volume test on GA clusters #27720 Kubevirt network connectivity tests #27456
TRT-819 : Add check for parse signature error #27705 Allow baremetal tests to run on GCP platform #27618
Add PDB to resource watch #27721
replace centos with ubi8 in build test dockerfile #27718
Add external disruption sampling in openshift test #27717
STOR-950 : Add CI job for skipping StorageClass creation #27704 BUILD-407 : stage one of two of migrating shared resource from tech preview to GA #27708 Ensure NoColor for ginkgo in disruption/chamosmoney suite #27709
Alert Testing on new Namespace and Level #27710
STOR-1066 : add e2e tests for CSIInlineVolumeAdmission plugin #27682 OCPBUGS-3923 : adjust watch budget for monitoring components #27623 make supplemental groups test working again #27664
AUTH-337 : PSa: add test for SCC-mutated PodSpec extraction #27632 TRT-813 : Disabling disruption fallback for upgrades #27701 bump timeout #27695
OCPBUGS-6503 : upgrade/adminack: simplify polling and unblock “guaranteed” post-upgrade check #27678 Update S2i image tests for dotnet3.1 EOL #27698
extended: security: do not explicitly set api audience on token request #27697
Changes for NodeTuning cluster capability #27657
Skip the oc whoami –show-console test when the console capability is disabled #27679
Update etcd scaling test for CPMS supported platforms #27497
TRT-803 : FIxing test name #27688 Automated - Update synthetic test data #27676
Use ingress-canary route for testing instead of console since the console might be disabled #27680
ignore more repeated TopologyAwareHintsDisabled events #27672
Add result tag to the end of first line of an event message #27656
Automated - Update synthetic test data #27658
USHIFT-720 : skip server-side apply for rangeallocations #27619 ignore repeated TopologyAwareHintsDisabled events #27666
Update annotated rules for router tests #27662
Fix nil pointer dereference for createDNSPod. #27663
Revert “Remove dependency on some router tests on config.openshift.io api group” #27661
Don’t emit failure junit testcase when a retry is skipped #27652
OCPBUGS-5506 : DNS pod to be created on master node #27650 upgrade/adminack: guarantee one admin ack check post-upgrade #27645
Separate mcd error alert #27648
do not check for DeploymentConfig routers in router tests #27642
WRKLDS-605 : Remove dependency on some router tests on config.openshift.io api group #27643 Fix missing disruption data again. #27651
Add result key value to each topological event test output line #27641
fix tech preview test #27639
Fix missing disruption uploads. #27636
Update CVO test ownership: -Jack and Vadim, +Petr #27646
Automated - Update synthetic test data #27626
Add Event intervals for Startup Probe failures #27612
Use cluster network MTU for bond interfaces #27631
Use create token instead serviceaccounts token command #27629
Fix intervalcreation incorrect year unit test bug #27630
Update ETCD storage data for k8s 1.26 #27622
Filter out dropped targets to minimize the size of target api result #27594
NE-1068 : Add test using chaos plugin to detect local DNS endpoint preference. #27511 OpenStack: Skip in-tree cinder provisioner tests #27613
Automated - Update synthetic test data #27614
Test failures that flaked on retry remain counted as failures #27602
Remove ambiguity when checking for api resources existence #27583
OCPBUGS-4731 : oc status: clean job resource to prevent leaks #27608 Add tests for oc scc-subject-review and scc-review commands #27572
TRT-703 : Fix upgrade junit results not present in risk analysis #27600 Updating openshift-enterprise-tests images to be consistent with ART #27607
remove special cases for priority classes in the payload #27606
Automated - Update synthetic test data #27601
OCPBUGS-4550 : Bump api-requests for console-operator on vsphere #27605 run resourcewatch fixes #27596
OCPBUGS-4502 : Unskip service session affinity tests #27597 Automated - Update synthetic test data #27587
Add trozet to networking approvers #27395
Separate out “startupProbe failed” messages from pathological events test #27590
OCPBUGS-4190 : 1sec #27574 USHIFT-646 : ushift: Graceful return to disable telemetry #27578 Round the ratio for excessive watch requests test #27592
OCPVE-112 : feat: support higher threshold for connection refused on sno #27586 Allow baremetal tests to run on AWS platform #27569
USHIFT-644 : Skip sig-cloud-provider tests #27577 Remove redundant messages that might contain non-xml charactor #27582
USHIFT-647 : ushift: fix loop variable capture in sig-cli #27579 USHIFT-658 : ushift: skip networking bond interface tests #27584 TRT-662 : include test count totals for analysis #27585 OCPBUGS-2991 : Bump openshift/kubernetes to latest master v2 #27580 TRT-691 : use duplicateEventThreshold for ProbeTests #27562 Automated - Update synthetic test data #27543
Add separate tests for QPS exceeded and manifest unknown #27542
Test tuning cni whitelist update #27447
Introduce timeout for sippy risk analysis; add retries with backoff; add dated logging #27564
Remove unused cmd tests #27495
Fix risk analysis html to link to correct release and show bug keys #27568
Skip image-registry redirect test when non-permanent credentials used on GCP. #27556
Add Kuryr exception to “pods should successfully create sandboxes” test #27435
Bug 2093339 : Reenable data source test #27534 Flake and improve alert tests #27559
Trim stdout and stderr to the last 4K bytes to keep log size manageable #27560
OCPBUGS-3633 : Fix flake reporting for certain tests. #27553 Nginx 1.18 images will reach EOL in November 2022 #27551
make command errors easier to read #27544
OCPBUGS-3633 : Revert “Merge pull request #27533 from dgoodwin/merge-alert-backstops” #27547 Replace CreateProject with SetupProject #27271
cosmetic fix for bad disruption substitution #27510
Separate out more tests from ‘events should not repeat pathologically’ test #27539
OCPBUGSM-35025 : reenable unidling ci tests #27538 USHIFT-345 , USHIFT-348 , USHIFT-355 : API Groups for cli, arch & network #27540 Full changelog
Source code for this page located on github