Back to index
4.8.0-0.ci-2023-07-15-003738 Download the installer for your operating system or run
oc adm release extract --tools registry.ci.openshift.org/ocp/release:4.8.0-0.ci-2023-07-15-003738 Team Approvals:
Tests:
Blocking jobs Informing jobsupgrade-minor Failed periodic-ci-openshift-release-master-ci-4.8-upgrade-from-stable-4.7-e2e-aws-upgrade Upgrades from:
Upgrades to:
Loading changelog, this may take a while ...
Created: 2023-07-15 00:37:45 +0000 UTC
Image Digest: sha256:1aedaeb3b17a4600fe5e9f5201a75e0d20409113b1dad51ac01f8a54f7963ebf
Components
New images
Rebuilt images without code change
OCPBUGS-39429 : Updating ose-cluster-bootstrap-container image to be consistent with ART for 4.18 #107
OCPBUGS-24975 : Updating ose-cluster-bootstrap-container image to be consistent with ART #103
OCPBUGS-24975 : Updating ose-cluster-bootstrap-container image to be consistent with ART #102
OCPBUGS-19235 : Updating ose-cluster-bootstrap images to be consistent with ART #100
OCPBUGS-16504 : bump(*): vendor update #99
Updating ose-cluster-bootstrap images to be consistent with ART #88
Updating ose-cluster-bootstrap images to be consistent with ART #82
OCPBUGS-3505 : Waiting for 2 masters in HA mode case #71
OCPBUGS-6234 : Bump dependencies and image #74
Add API team to reviewers #75
Add API team to the OWNERS #73
Bug 2006945 : extend hardcoded restmapper for cluster-bootstrap to avoid crashlooping bootstrap kube-apiserver #64
update golang version #65
Full changelog
OCPBUGS-45341 : iptables-alerter daemonset should run everywhere #2581
OCPBUGS-42189 : Re-disable metrics server #2516
OCPBUGS-44950 : Propagate HCP pods labels to 2nd level operands #2567
: OCPBUGS-44812: Add nodeslicepool #2570
SDN-5234 : rebase k8s v1.31.1 #2509
OCPBUGS-44344 : The sysctl allowlist daemonset should set requests for memory and cpu #2557
SDN-5472 : ovn-k, cudn: Add missing permissions to ovnkube-node #2563
SDN-5472 : bindata, ovn-k: Add ClusterUserDefinedNetwork CRD and RBAC #2558
SDN-5436 : Use host ipsec binary inside ovn-ipsec container #2553
SDN-5436 : Provide support for user owned IPsec machine configs #2554
OCPBUGS-43740 : Pass transit_switch_subnet options in ovnkube-node pod #2549
SDN-4930 : UDN: Allow access to default/kubernetes and openshift-dns/dns-default #2492
OCPBUGS-39189 : fix annotation from deployment to pod #2545
NO-JIRA: onv-k, udn: Update UserDefinedNetwork CRD #2517
HOSTEDCP-2035 : Set up Azure authentication with cert for ARO HCP #2522
OCPBUGS-42605 : OCPBUGS-42244: Exporting environment varialbe NODE_CNI for live migration #2532
CNF-14971 : frr-k8s: allow setting the loglevel from env-overrides #2535
CNF-13671 : Adjust frr-k8s metrics #2531
CNF-14199 : Align FRR-K8s CRDs #2525
CNF-14251 , CNF-14257 : multi-networkpolicy: Enable for ipvlan
and bond
networkds #2518
SDN-5186 : Process OVNObservability feature gate #2462
NO-JIRA: OVN-Kubernetes node RBAC tightening #2526
SDN-4930 : Adds UDN list/watch to ovnknode rbac #2524
OCPBUGS-42449 : Use CNIConfDir for mounting directory to ovn-ipsec-host pod #2515
OCPBUGS-42472 : Add certificatesigningrequests/watch RBAC to ovnkube-node #2513
HOSTEDCP-1981 : Add controlplane cli image envar for use with hypershift #2507
OCPBUGS-42238 : Updates terminationGracePeriodSeconds to 30 seconds for Multus daemonset #2508
OCPBUGS-35417 : Configure narrowing=yes for IPsec connections #2400
OCPBUGS-39209 : Add configurable subnets while running hybrid-overlay-node binary #2495
OCPBUGS-39398 : Preload networking plugin locales #2488
OCPBUGS-39189 : add required-scc annotation to console-plugin deployment #2484
OCPBUGS-29497 : HyperShift: do not use antiaffinity on single replica control planes #2480
OCPBUGS-39096 : Live migration: report network overlap via live_migration_blocked metric #2482
SDN-4900 : rebase openshift/api for openshift-sdn removal #2476
CONSOLE-3952 : Deploy networking-console-plugin by CNO #2322
AUTH-482 : set required-scc for openshift workloads #2282
OCPBUGS-38249 : Verify that the codegen changes were commited #2373
NO-JIRA: iptables-alerter streamlining #2404
CONSOLE-3952 : Add networking-console-plugin image to release payload #2332
OCPBUGS-38326 : OVN-K, UDN CRD: Add missing permissions to control-plane #2468
OCPBUGS-38176 : multus, Add openshift-cnv to globalNamespace #2466
SDN-4919 : Change the masquerade subnet default value for new clusters #2460
SDN-5072 : Deploy FRR-K8s #2450
SDN-5144 : Add UserDefinedNetwork CRD and RBAC #2464
SDN-4773 : Add Azure MSI Env Var for ARO HCP #2465
NO-JIRA: more openshift-sdn cleanup #2455
SDN-5070 : Allow day 2 customization of masquerade subnet #2421
OCPBUGS-37786 : Add proxy env vars to onvkube-node #2453
OCPBUGS-37713 : Handle random crictl errors in iptables-alerter #2451
CNV-43973 : HCP custom tolerations integration #2441
SDN-4919 : OVN-Kubernetes UDN: EndpointSlice mirror controller RBAC permissions #2448
SDN-4934 : Enable TechPreview FeatureGate for NetworkSegmentation #2433
OCPBUGS-33758 : Fix IC distributed control plane alerts #2406
SDN-5029 : ipam, virt: enable the persistent ips feature #2431
SDN-4916 : Bump to k8s v1.30 latest #2429
OCPBUGS-30950 : Set mount propagation to HostToContainer for /var/lib/kubelet #2368
SDN-4934 : Network Segmentation Feature Gate Vendoring from API #2428
OCPBUGS-23758 : Set global IP forwarding sysctl parameters while starting ovnkube-node #2385
OCPBUGS-29648 : update whereabouts crd #2414
OCPBUGS-31878 : Propogate hypershift control plane priority class override to multus and preserve container resource requests #2335
OCPBUGS-35316 : Create the configmap mtu if not found #2410
OCPBUGS-34313 : Updating cluster-network-operator-container image to be consistent with ART for 4.17 #2381
OCPBUGS-30948 : Use applyconfigurations for updating network.oprerator status #2333
SDN-5029 : linter: removed deprecated linters #2408
OCPBUGS-23000 : Adds cluster-autoscaler annotation to prevent eviction #2369
OCPBUGS-33497 : Limit iptables-alerter’s cpu #2401
SDN-4896 : Drop openshift-sdn support #2384
NP-976 , OCPBUGS-34658 : Live migration: add metrics to observe CNI live migration #2388
OCPBUGS-34858 , OCPBUGS-34916 : Validate live migration before setting the progressing condition #2399
OCPBUGS-34524 : Fix DNSResolver feature gate enablement #2387
MON-3795 , SDN-3817 : Add ANP metric rule expressions for telemetry exposure #2347
OCPBUGS-33497 : Handle pod exiting race conditions in iptables-alerter #2377
OCPBUGS-31876 : Enable UDP aggregation on s390x #2331
OCPBUGS-34359 : Ensure that the node-identity webhook address contains colons for IPv6 #2382
NP-975 : Align new node subnet allocation between OVN-K and SDN during live migration #2367
OCPBUGS-32991 : Add conditions for ignored-namespaces #2358
NP-974 : Validation for live migration from OpenShiftSDN to OVNKubernetes #2344
OCPBUGS-33728 : Add custom masquerade subnet against right key at ovnkube-config CM #2371
CFE-888 : Enable DNSNameResolver feature-gate #2131
OCPBUGS-32979 : Update network operator status for IPsec #2360
USHIFT-2912 : Add ref to MicroShift’s Multus and CNI Plugins #2365
OCPBUGS-29403 : add more safe sysctls #2273
OCPBUGS-32525 : Check every MachineConfigPool for IPsec plugin existence #2349
OCPBUGS-28230 : enforce termination message policy on all platform pods #2364
OCPBUGS-33080 : Update EQoS CRD to latest #2362
SDN-4726 : Reapply “Merge pull request #2330 from pperiyasamy/block-sdn-upgrade” #2361
OCPBUGS-28230 : enforce termination message policy on all platform pods #2354
Revert #2330 “SDN-4726: Block upgrade for openshift-sdn” #2356
SDN-4434 : Network diagnostics scheduling #2339
SDN-4726 : Block upgrade for openshift-sdn #2330
SDN-4114 : Add iptables-alerter daemonset #2329
OCPBUGS-31528 : infraconfig: handle vSphere UPI by not updating any fields #2327
SDN-4163 : Improved prometheus rule for ipsec metric #2346
OCPBUGS-32402 : Fix wait logic for IPsec certificate signing request #2342
SDN-4688 : ANP: Add RBAC for cluster-manager #2338
OCPBUGS-32347 : Improve IPsec MachineConfig readiness check #2341
SDN-4163 : Add ipsec state to telemetry #2270
OCPBUGS-22969 : Use v1 for flowcontrol API #2095
OCPBUGS-28230 : enforce termination message policy on all platform pods #2340
SDN-4519 : Configure CNO as per new API changes for join and transit switch subnet #2318
OCPBUGS-28230 : enforce termination message policy on all platform pods #2334
NP-956 : Remove managed cluster checking for live migration #2321
OCPBUGS-26408 : automountServiceAccountToken:false hosted CP pods #2306
SDN-4596 : Update (B)ANP CRDs; prepare for GA #2328
SDN-4500 : Add write permission for EgressQoS status #2319
SDN-4607 : Allow HyperShift ability to set ConfigMap through env var #2309
OCPBUGS-22995 : Tighten the permissions on whereabouts.conf #2106
OCPBUGS-24690 : Fully disable network-node-identity on ROKS #2313
SDN-4598 : Set runAsUser to env variable if it is set #2307
OCPBUGS-30103 : ensure local networking deployments within hypershift use the client side load balancer to be resilient to control plane node failures #2288
OCPBUGS-30831 : Updating cluster-network-operator-container image to be consistent with ART for 4.16 #2308
OCPBUGS-30299 : Fix managed cluster detection on ARO #2299
OPNET-358 , OPNET-360 : Allow VIP mutation in Infra CR #2130
OCPBUGS-29288 : Ensure proper deprecation for the default field manager #2274
OCPBUGS-24380 , OCPBUGS-24381 , OCPBUGS-24382 : Update APBExternalRoute, EgressFirewall, EgressQoS permissions for ovnkube pods #2262
OCPBUGS-25764 : memory-trim-on-compaction is enabled by default #2260
OCPBUGS-23788 : Only allow valid values for gatewayConfig.ipForwarding #2127
OCPBUGS-29341 : Run dhcp-daemon pods as system-node-critical priority #2280
OCPBUGS-24690 : Disable network-node-identity on ROKS #2197
OCPBUGS-26492 : Not set CNO to degraded if API server returns conflict error #2192
OCPBUGS-24214 : Add ownership annotations #2120
OCPBUGS-24601 : Add minReadySeconds to network-node-identity #2151
OCPBUGS-29305 : ipsec: fix openssl typo #2269
OCPBUGS-28920 : Update ingressconfig_controller to use field Manager #2259
NO-JIRA: Remove ILB from CNCC #2182
OCPBUGS-27222 : Fix CloudPrivateIPConfig CRD in common #2249
OCPBUGS-24976 : Updating cluster-network-operator-container image to be consistent with ART for 4.16 #2233
OCPBUGS-28676 : Remove libreswan rpm existence checks #2238
OCPBUGS-29099 : Add hostNetwork:true to cni-sysctl-allowlist ds #2237
OCPBUGS-24436 : Add probes to node-network-identity #2148
OCPBUGS-24299 : network-node-identity mounts secrets with mode 0640 #2142
OCPBUGS-28230 : add FallbackToLogsOnError for easier debugging #2224
NP-874 , OCPBUGS-27222 : Bump openshift API #2246
OCPBUGS-24383 : Limit write permissions for egressservices #2171
NP-903 : Only allows live migration on standalone managed clusters #2236
OCPBUGS-19551 : ovnkube: simplify northd threading and SNO templating #2234
OCPBUGS-24976 : Updating cluster-network-operator-container image to be consistent with ART #2156
OCPBUGS-25079 : Prevent NoRunningOvnControlPlane alert getting fired continuously #2208
NO-JIRA: add kyrtapz as reviewer and approver #2226
OCPBUGS-27823 : Not update migration conditions when any MCP is updating #2213
OCPBUGS-26986 : Add ConfigMap mount to the whereabouts-reconciler #2209
SDN-3708 : Support configurable masquerade subnet in ovn-k #1807
OCPBUGS-26952 : Deploy CNO IPsec MC even if user already have one #2201
OCPBUGS-27264 : Only reconcile on Node updates with Label changes #2206
NO-JIRA: Fix jira component info #2199
SDN-4166 : Enable N-S IPsec #2191
OCPBUGS-24379 : Remove egressip write permissions from ovn-kubernetes-node #2170
OCPBUGS-24635 : network node identity: tolarate all taints #2153
OCPBUGS-25207 : Render IPsec MachineConfig after cluster settles with MachineConfigs #2187
OCPBUGS-25688 : remove microshift folder, since CNO doesn’t manage it #2173
OCPBUGS-25669 : Update ovn-k managed control-plane RBAC #2169
OCPBUGS-25760 : Keep the live migration annotation consistant with the enhancement doc #2179
OCPBUGS-19635 : OVN-K in SNO deployment mode: fix Lease override for CM #2070
SDN-4227 : Use specific permissions for CNCC in GCP #2069
OCPBUGS-24693 : HyperShift, network-node-identity: Check the deployment in the management cluster #2166
OCPBUGS-24176 : Ignore invalid PEM blocks #2178
OCPBUGS-25337 : Avoid removal of ipsec-host daemonset when node is NotReady #2161
HOSTEDCP-1308 : remove service account token mount in cloud-network-con… #2165
OCPBUGS-23729 : Set replicas of Multus admission controller according to Hypershift ControllerAvailabilityPolicy #2159
OCPBUGS-24036 : remove all managed fields used by old manager #2114
OCPBUGS-23199 : add env var in whereabouts-reconciler daemonset #2160
OCPBUGS-19830 : fix whereabouts conformance test failures #2103
OCPBUGS-24650 , SDN-4308 : Set enable-multi-external-gateway flag in ovnkube.conf #2149
OCPBUGS-19817 , SDN-4162 : Upgrade IPsec with single daemonset pod #2087
NP-615 : Live migration #2091
OCPBUGS-23161 : Set logging for controller-runtime #2129
SDN-4061 : Remove interconnect upgrade logic, single-zone YAMLs and everything related to OVNK centralized architecture #2101
OCPVE-779 : Annotate credentials request manifests #2105
NP-615 : Bump github.com/openshift/api #2138
SDN-4308 : Update status merge for APBRoute and EgressFirewall. #2132
OCPBUGS-22710 : Add apbroute/status patch rights for ovnkube-node to update status #2139
NETOBSERV-1047 : Add a cluster monitoring dashboard for ovn #1871
OCPBUGS-21924 : Bump library-go #2082
SDN-4101 : Remove HyperShift API dependency, Bump kubernetes dependencies #2128
NO ISSUE: add ownership of the proxy-ca #2111
OCPBUGS-22869 : hypershift, hosted clusters: enable multi-homing and multi-net features #2113
OCPBUGS-23082 : set automountServiceAccountToken to false for hypershift managed network-node-identity deploy #2100
OCPBUGS-21924 : Bump golang.org/x/net to v0.17.0 #2068
OCPBUGS-18088 , OCPBUGS-18089 : ovnkube: container scripts cleanup [v2] #2060
OCPBUGS-11179 : change CNO to use custom ServiceAccount #2084
two replicas for CM instead of 3 #2052
OCPBUGS-15817 : Egress router: request at least 100 milliCPU #2077
OCPBUGS-18785 : SDN controller manifest: add node name from downward kapi to sdn controller #2047
OCPBUGS-19370 : Added HCP label to CNO pods #2048
OCPBUGS-15220 : Add zone node preference to multus-admission-controller #1795
multinetworkpolicy: allow Neighbor Discovery Protocol traffic #2010
OCPBUGS-18569 : hypershift: adjust backoff on infrastructure name retry #1986
OCPBUGS-20533 : Revisit cipher suits for multus-admission-controller’s rbac-proxy #2074
OCPBUGS-10652 : ovnkube: disable conntrack on hybrid overlay VXLAN ports #1819
Make APB External Route namespace selector mandatory for a dynamic hop #1929
OCPBUGS-20519 : hosted cluster upgrade failure from 4.13 stable to 4.14 #2065
Revert “Merge pull request #2037 from dcbw/db-script-cleanup” #2058
OCPBUGS-18392 : notify when /etc/openvswitch path changes #1989
OCPBUGS-18088 , OCPBUGS-18089 : ovnkube: container scripts cleanup #2037
Remove ability to deploy with Kuryr #2056
OCPBUGS-20104 : Don’t run network node identity as root #2051
OCPBUGS-20076 : Multus should determine kubeconfig path #2049
Revert Kuryr MTU fixes #2038
Fix MTU miscalculation #1778
OCPBUGS-19918 : get ipsecStatus from host daemonset #2042
Network metrics daemon: change priority class to openshift-user-critical #2044
OCPBUGS-14819 : HyperShift: Use the local konnectivity proxy when checking proxy readiness #1985
OCPBUGS-19861 : Multus per-node certificates should have 24h duration #2039
OCPBUGS-19418 : Relax conditions to get IC upgrade started #2018
OCPBUGS-18396 : Fix config status MTU migration not being updated #2021
OCPBUGS-19705 : Use port 9108 for ovnkube-control-plane metrics #2031
OCPBUGS-19715 : Do not enable node admission webhook if the CNI is not OVN-Kubernetes #2030
OCPBUGS-17391 : remove prestop hooks for northd, sbdbd and nbdb #1978
OCPBUGS-19625 : Multus per-node certificate request #2009
OCPBUGS-19377 : Kuryr: Fix deriving MTU from previous config #2007
OCPBUGS-19648 : Network identity: node-specific certificate in ovnkube-node, admission webhook #1983
OCPBUGS-19550 : multus: set MULTUS_NODE_NAME to filter pods to local node #2020
OCPBUGS-19018 : use $CPE_NAME to find the OS major version #2003
OCPBUGS-19494 : ipsec: remove preStop from host #2015
OCPBUGS-18114 : Update node selector in various YAMLs #1845
Limit OVN-Kubernetes permissions #1982
OCPBUGS-18892 : make ipsec.service required #1999
OCPBUGS-19236 : Updating cluster-network-operator images to be consistent with ART #2006
separate libovsdblogs from main ovnkube-master logs #1938
OCPBUGS-15201 : Disable weak SSH cipher suites #1981
OCPBUGS-18676 : ovnkube: set northd backoff-interval and use a single thread to save CPU #1990
OCPBUGS-17380 : ipsec: fix oopsy from 2e3fc8e7a0 #1996
OCPBUGS-18517 : Kuryr: Set MTU on Bootstrap, not Render phase #1988
OCPBUGS-18135 : IBMCloud specific: patch out management workload for dataplane component thats needed for bootstrapping #1955
move IPsec to host #1849
OCPBUGS-17916 : Fix IC configmap lookup in pod_status.go #1954
OCPBUGS-17677 : [Azure]CNCC failed to assign egressIP to NIC for Azure Workload Identity Cluster #1980
OCPBUGS-18363 : Add ‘/etc/cni/multus/net.d’ into volumemount in multus pod #1979
OCPBUGS-18175 : Fix bond-cni’s default directory in multus manifest #1953
OCPBUGS-17782 , SDN-3664 : Join ovnkube-controller and ovnkube-node container for multizone setup #1971
OCPBUGS-16051 , OCPBUGS-3176 : Enables IP Forwarding config in CNO #1952
OCPBUGS-17257 : CVE-2023-3978: golang.org/x/net/html: Cross site scripting #1935
OCPBUGS-17677 : [Azure] Add granular permission for assigning egressIP to NIC to Azure CredentialsRequest for workload identity. #1949
OCPBUGS-17964 : ovn-k, managed: Align join subnet configuration #1962
SDN-4024 : Add ANP Feature Gate #1859
SDN-4057 : hypershift: Allow ovnkube-master and ovnkube-node to have different images #1942
Remove certificatesigningrequests/update permission from ovnkubenode #1934
Add rolling update for managed ovnkube-control-plane #1944
IC & openshift + hypershift #1874
OCPBUGS-16019 : prevent creation of multiple cni-sysctl-allowlist-ds pods #1904
OCPBUGS-10765 : make MAXLOGFILES a real variable and work for self-hosted #1931
Multus thick plugin support #1915
OVN-Kubernetes ipsec: create the CSR with a random name #1928
CCO-294 : Switch azure credentials request to use explicit permissions #1922
OVN-Kubernetes: Add status subresource permissions for setting labels and annotations #1896
SDN-3223 : Use encapsulation=true for IBM Cloud #1800
Bug 16136 : change whereabouts ip reconciler exec #1890
Add OpenStack platform to list of allowed dual-stack clusters #1697
OCPBUGS-15945 : Stop using utilruntime.PanicHandlers to handle reconciliation panics #1893
HOSTEDCP-1063 : allow webhooks in hosted clusters to reach multus-admission-controller service #1879
OCPBUGS-15961 : FIPS related CNO changes #1901
OCPBUGS-10765 : Revert “Revert “OCPBUGS-10765: Remove oldest ovn acl log files when f… #1876
ovn-k: Configure dns service namespace and name #1912
OCPBUGS-15544 : Enable multi-external-gateway feature by default for managed and hosted clusters #1887
OCPBUGS-15918 : Skip rendering 0.0.0.0/0 for cluster proxy status #1903
Change rhel7/8 to rhel8/9 #1870
Enable EgressService controller #1848
Edited multus-admission-controller deployment config to not add autom… #1767
OCPBUGS-15794 : fix: add missing annotation for workload partitioning #1866
OCPBUGS-15544 : Add adminpolicybasedexternalroutes rights for ovnkube-node. #1867
Revert “Remove oldest ovn acl log files when file limit exceeded” #1873 #1873
OCPBUGS-10765 : Remove oldest ovn acl log files when file limit exceeded #1868
kube-proxy config overriding updates #1831
OCPBUGS-15282 : Add release version annotation to whereabouts-reconciler #1851
CCO-356 : Add Infrastructures permission to CNCC cluster role #1843
Add multi-networkpolicies support for OVN #1796
Add support for AdminPolicyBasedExternalRoute CRD and controller’s RBAC #1765
OCPBUGS-15138 : Add kubernetes.io/os nodeSelector to wherebouts reconciler DS #1841
OCPBUGS-14988 , SDN-3901 : Rebase to kube 1.27 #1826
CCO-358 : Manifest changes necessary to support Azure Workload Identity #1755
OCPBUGS-14714 : Do not rely on ControlPlaneTopology do determine if running in HyperShift #1835
OCPBUGS-11882 : Added another volume to safe-to-evict-local-volume annotation #1830
OCPBUGS-14833 : Fixes lint issues #1834
OCPBUGS-14384 : Remove nodeSelector for architecture in whereabouts daemonset #1828
OCPBUGS-11882 : Added safe-to-evict annotation to ovnkube-master and multus admission controller components #1822
OCPBUGS-13922 : Revert “Do not set the operator as available before updating the network config” #1818
OCPBUGS-11448 : add Hypershift release-image annotation to multus #1770
OCPBUGS-10937 : multus-admission-controller mounts secret with mode 0640 #1752
OCPBUGS-13219 : Use IfNotPresent
instead of Always
in OVNK upgrades pre-puller #1803
OCPBUGS-5027 : Make the operator degraded on panic #1786
OCPBUGS-12856 : Support Device Plugin Resources For Smart NIC and DPU Hosts #1721
Updating cluster-network-operator images to be consistent with ART #1790
OCPBUGS-11565 : High API requests due to allowlist and operconfig reconcilers running too often #1788
OCPBUGS-8070 : Depreciate legacy field manager #1763
OCPBUGS-11550 : AUTH: update cluster-reader to include k8s.ovn.org #1791
OCPBUGS-10009 : HyperShift: Support HostedControlPlane node selector #1736
OCPBUGS-11046 : fix reconciliation process of the allowlist controller #1792
OCPBUGS-1341 : Enhance check controller to remove old check objects #1649
OCPBUGS-11046 : Fix allowlist ds template #1773
OCPBUGS-10647 : multus-admission-controller should not run as root under Hypershift #1745
OCPBUGS-9174 : The cluster-readers group should be able to get net-attach-defs #1343
Updating cluster-network-operator images to be consistent with ART #1768
OCPBUGS-9964 : Split out konnectivity certs #1734
SDN-3444 : Add runbook url for SBDB connectivity alert #1553
OCPBUGS-7777 : use –template instead of -a for ‘oc observe’ #1760
Fix tier label, privileged, HOSTNAME/NODENAME in whereabouts reconciler #1735
OCPBUGS-10433 : Hypershift: Add RollingUpdate parameters to multus-admission-controller #1740
ovn-kube: move back to unsuffixed RHEL9 images #1747
Updating cluster-network-operator images to be consistent with ART #1732
OCPBUGS-10649 : HyperShift: Add POD_NAME env to ovnkube-node #1748
OCPBUGS-10031 : operConfig reconcile can return nil error on failure #1744
Set OVN-K north/south bound stale alerts severity to critical #1668
OCPBUGS-8707 : Point libreswan to proper nss location #1727
Whereabouts should implement the reconciliation controller #1693
add/update some UTs around clusternetwork change #1725
OCPBUGS-9931 : Enable configuration of node healthz server on ovnkube #1715
OCPBUGS-8692 : HyperShift: Set affinity, tolerations and co-location for all hcp resources created by CNO #1728
Cno 4.13 kubernetes 1.26 #1708
use annotation on the daemonset to update hybrid overlay #1709
Remove the ovn-kind-cno.sh script #1710
SDN-3597 : OVN-K alerts: add OVS overflow alerts #1630
SDN-3730 : OVN IC: migrate master alerts to cluster manager #1716
Allow cidr expansion #1707
Enables nodeSelector to be used in egress firewall rule #1720
Add ovnk alert for resource retry failure #1674
OCPBUGS-6730 , SDN-3221 : ovn-kubernetes: use RHEL9-based images #1712
OCPBUGS-4343 : update apf configuration to use v1beta3 #1633
Jira OCPBUGS-7774: Print RawCNIConfig in its string representation #1718
OCPBUGS-6235 : Updating cluster-network-operator images to be consistent with ART #1656
Allow updates to pods #1717
OCPBUGS-5559 : add default noProxy config for Azure #1672
always create env.sh when run_vs_existing_cluster #1711
OCPBUGS-7354 : Revert “Revert “OCPBUGS-5842: Use pods oc vs host”” #1714
ovn-k, multi-homing: enable the feature #1699
Revert “OCPBUGS-5842: Use pods oc vs host” #1713
OCPBUGS-5842 : Use pods oc vs host #1681
OCPBUGS-4417 : Added missing API field podref to OverlappingRangeIPReservation CRD #1677
OCPBUGS-6651 : HyperShift: Add .hypershift.local to no proxy list #1692
OCPBUGS-6651 : HyperShift: Do not use proxy for internal routes #1694
remove TLS_RSA_WITH_AES_128_CBC_SHA256 cipher #1680
ovn-kubernetes: Allow node_mgmt_port_netdev_flags for non-DPU modes #1676
OCPBUGS-3272 : Unhealthy Readiness Probe failing ci #1665
OCPBUGS-5306 : ovn-kubernetes: ignore NB/SB readiness checks and dbchecker when not RAFT member #1673
OCPBUGS-5802 : Update github.com/Masterminds/sprig to v3 #1679
OCPBUGS-5306 : OVN-Kubernetes: Stop sorting master node addresses #1675
Allow SDN migration from Kuryr to OVNKubernetes #1639
update ‘make install.tools’ for golangci-lint #1670
Fix CNO crashing when Kuryr without MTU is set #1669
OCPBUGS-2947 : Disable the drop-icmp container ‘oc’ pprof webserver on Azure #1607
OCPBUGS-4350 : Fix handling of deployment and statefulset updates #1648
OCPBUGS-2532 : Fix default disable-udp-aggregation value on s390x #1655
Fix info log formatting #1650
Support RHOBS monitoring for HyperShift #1644
OCPBUGS-3916 : SDN alerts: Add $labels.node
to SDNPodNotRady
metric #1637
The allowlist daemonset should set a priority class. #1647
Bug OCPBUGS-736: Kuryr: If set use MTU from Config for svc net #1586
OCPBUGS-3883 : HyperShift: Co-locate OVN-Kubernetes master with other hcp pods #1627
OCPBUGS-2532 : Disable UDP aggregation on s390x #1629
Jira OCPBUGS-3777: IPsec: Fix broken counter++ expression #1623
OCPBUGS-3114 : HyperShift: Do not accept empty infrastructure name #1611
HyperShift: Fix typo in control-plane-component label value #1626
Remove references to the hosts kubeconfig #1612
OCPBUGS-3744 : SDN: /var/run mount cleanup #1625
OCPBUGS-3460 : CNI binary copy should account for the possibility of symlinks #1614
OCPBUGS-2598 : ipsec: Run ovs-monitor-ipsec in the foreground and change probes #1606
SDN-3508 : HyperShift: Render cncc with proxy settings of the management cluster #1577
NP-607 : update microshift ovnk manifests #1589
Bug 1896533 : moved SetDegraded call out of object loop to process all items first #1600
OCPBUGS-2362 : Prefer oldest nodes, harden new alerts and revert setting new OVN-K alerts to info #1579
fixed typo in comment #1597
Jira OCPBUGS-1736: Always set PROXY variables for CNCC #1576
Remove the allow_ra sysctl for ipv4 from default systl whitelist #1590
SDN-2591 : allow hybrid overlay to be enabled post install #1584
SDN-3515 : HyperShift: multus admission controller: expose metrics over HTTPs #1583
rebase to k8s v1.25.0 #1571
Bug OCPBUGS-2328: Fix for index out of range error #1588
Add sysctl whitelist controller #1573
Kuryr: Add missing keystoneauth options #1581
OCPBUGS-1341 : Set owner reference for pod network connectivity check #1566
ovn-k, managed: pass join-subnet to control-plane #1582
OCPBUGS-1083 : Move OVNK alert level to info #1564
Pass enable-udp-aggregation=true to ovn-kubernetes #1533
OCPBUGS-1038 : Multus IPAM detection should honor conflists #1570
egress_ip: remove redundant config #1568
OCPBUGS-1515 : Use custom uint128 type when validating v6InternalSubnet #1561
SDN-3283 : HyperShift: Use a socks-proxy in ovnkube-master to allow for node heath checks #1539
Bug: OCPBUGS-736: Kuryr: Use machine net MTU to create service net #1545
Migrate Egress IP configuration during SDN migration and rollback #1536
Allow empty vSphere status field in VIP sync #1558
microshift: update ovnk manifests #1552
Add ovn-kubernetes-microshift to image-stream #1556
Migrate Multicast configuration during SDN migration and rollback #1543
OVN-K: add patch/update service permissions to controller #1554
Add controller to synchronize the API and Ingress VIP fields #1519
Bug SDN-3458: HyperShift: Differentiate resources deployed by different CNO instances in status manager #1541
OVN-K alerts: first tranche #1526
SDN-3432 : Add alert for OVNKubernetesControllerDisconnectedSouthboundDatabase #1548
Add vSphere platform to allow dual-stack cluster #1518
OKD-49 : Adds support for scos to multus #1544
Bug 1894268 : Allow users to specify ovnkube join subnet #1508
Bug OCPBUGS-917: Add EgressQoS DstCIDR format validation #1492
Multus admission controller: Wait for token in Hypershift #1546
Use fixed name for creating EgressFirewall CRs #1540
Migrate Egress Firewall Configuration during SDN migration and Rollback #1534
hypershift: set multus controller priority appropriate for hosted clusters #1538
Bug 2094068 : Add northboundstale alert runbook #1482
microshift: compact ovn databases periodically #1537
Hypershift: Allow configuring hostname and labels on the route #1531
Multus admission controller changes for hypershift #1516
HyperShift: Move CNCC to the controll-plane namespace #1525
Bug OCPBUGS-216: Kuryr: Bump timeoutSeconds for livenessProbe #1528
Add missing runbook links for OVN-kubernetes alerts #1523
Bug 2103680 : avoid overrriding disableNetworkDiagnostics on reconciliation #1527
Render CRDs for both OSDN and OVNK during migration #1521
Configure ignored namespaces into multus-admission-controller #1515
Add microshift ovnk manifests #1517
Bug 2116982 : multus-admission-controller SNO number of replicas #1524
Enable the cloud-network-config-controller for OpenStack #1505
multi-networkpolicy: Enable on SR-IOV networks #1443
Updating cluster-network-operator images to be consistent with ART #1507
Add configmap list/watch rights to cloud-network-config-controller #1511
The Multus admission controller should run as a deployment #1514
Bug 2108232 : Revert “Bug 2085089: Pass enable-udp-aggregation=true to ovn-kubernetes” #1510
Bug 2100601 : Update CNO to config EgressIP timeout for ovnk #1498
Bug 2060079 : Enhance sensitivity of SDN alert NodeProxyApplySlow #1491
Bug 2103590 : Add init container to ensure that Status.podIP is set before postStart hooks run #1503
remove @squeed from owners #1497
Bug 2085089 : Pass enable-udp-aggregation=true to ovn-kubernetes #1489
Bug 2089681 : Disable EgressIP reachability check in hypershift deployments #1485
Bug 2084062 : Make northd probe interval default to 10 seconds #1494
Bug 2100079 : Update sdn-controller perms for “configmapsleases” leaderelection #1496
Bug 2099357 : k8s 1.24 bump: add RBAC coordination leases for ovn-k master #1490
Bug 2094071 : Add southboundStale alert runbook #1481
Bug 2095772 : bindata: managed: reduce memory requests to align with observed usage #1479
Bug 2095756 : client: register types during init, not later #1483
Bug 2090336 : Multus should log at a verbose log level (without a logfile) #1474
Bug 2092047 : cncc: add RBAC coordination.k8s.io leases #1461
Bug 2089805 : Enable config duration for OVN-Kubernetes #1455
Bug 2090437 : Bump CNO to k8s 1.24 #1459
Bug 2073452 : Copying CNI binaries should be an atomic operation. #1472
Bug 2092495 : ovn: use up to 4 northd threads in non-SNO clusters #1471
Bug 2091167 : incorrectly setting rbac role for certificatesigningrequests #1463
Revert “Copying CNI binaries should be an atomic operation.” #1466
Bug 2073452 : Copying CNI binaries should be an atomic operation. #1462
Bug 2076776 : remove patch permissions from ovnkube-node service account #1450
Bug 2089968 : ensures type: Directory for multus host paths #1453
Bug 2090343 : [temporary] Adds multus debug logging #1456
Bug 2087942 : bump to go 1.18, lint improvements #1451
Bug 2086461 : Hypershift: Also add default for Azure mtu #1454
Bug 2086461 : AWS: Use hardcoded MTU to speed up cluster creation #1441
Bug 2087556 : Fix rendering DPU manifests #1448
Bug 2086506 : hypershift: respect statefulset when upgrading ovnk #1447
Bug 2087135 : Fixing Hypershift nodeport flow #1440
Bug 2086544 : Stop passing hosted cluster token as a parameter to ovnkube-master #1446
Bug 2086437 : Enable EgressQoS controller #1430
Bug 2086143 : Status controller: use a label, rather than watching all objects #1431
Bug 2082235 : manifests: Add in service, service-cert, and ServiceMonitor #1433
Bug 2023295 : Cleanup CNO relatedObjects #1432
Bug 2079422 : Bump PodDisruptionBudget to v1 #1427
Re-reconcile network on configmap, stop watching all configmaps in proxy controllers #1416
hypershift: add ovnkube-node-proxy container in ovnkube-node ds #1408
Hypershift: enable TLS for ovnkube-master metrics #1423
Add gm metric record to use for telemetry exposure #1425
Revert “ovn: reduce SB<->ovn-controller inactivity probe to 30 seconds” #1428
Bug 2082611 : Limit Kuryr pods permissions #1367
Bug 2076877 : Bump FlowScema apiVersion to v1beta2 #1419
bindata/network-diagnostics, cloud-network-config-controller: comply to restricted pod security level #1406
Remove ObjectMeta.ClusterName usage #1421
Hypershift: Fix ovnkube-master priority class and set resource requests on token-minter #1420
add more sysctls to the multus allowlist #1411
ovn: fix northd preStop command handling #1414
Add control-plane-component label to ovnkube-master for hypershift #1422
Add link to runbook urls #1417
Hypershift: Copy all CNO conditions to HostedControlPlane status #1415
ovn: reduce SB<->ovn-controller inactivity probe to 30 seconds #1412
Bug 2075475 : Add default-route field to egress-router k8s.v1.cni.cncf.io/networks #1390
OCPVE-106 Customize rollout strategy to fix SNO upgrade #1392
Bug 2080255 : SDN: Re-add list/watch/get permissions for nodes needed for EgressIP #1409
Bug 2071859 : Switch dnsPolicy to Default for OVN hostNetwork pods #1395
Revert “Revert ipsec: Allow enablement/disablement at runtime” #1384
ovnkube: export OVS metrics along with OVN metrics #1393
Bug 2078910 : Correct runbook_url field location within schema #1396
Adds dougbtv to owners as approver and reviewer #1397
Bug 2072215 : Make the use of the ip-reconciler cronjob opt-in by detecting IPAM type usage #1369
ovn-kube hypershift: fix pipefailure that prevents HA startup #1394
Bug 2063123 : Drop Node update permission for sdn-node #1350
OVN-K alert: Increase severity and add runbook_url for NoRunningOvnMa… #1327
Remove Kuryr mutating DNS webhook #1363
raise the alert NoOvnMasterLeader to critical and add the runbook url #1328
Bug 2072710 : Make northd probe interval default to 10 seconds #1386
hypershift: get control plane replicas from hcp #1385
Bug 2072766 : Reserve port TCP/9104 for cluster-network-operator #1378
Multus: split pod/status rbac #1340
add runbook link for NodeWithoutOVNKubeNodePodRunning and V4SubnetAll… #1366
OVN: remove detecing db_ip via kapi #1368
Hypershift: Respect publishing strategy of OVN southbound database service #1349
Proxyconfig: Add a knob for Hypershift to enable proxying internal apiserver address #1381
Bug 1983056 : Kuryr: Update CRD from upstream #1360
hypershift: disable TLS for ovnk master metrics #1382
hypershift: enable publishNotReadyAddress explicitly for ovnk-master service #1372
Bug 2070047 : Bump max value of hist quantile for kuryr_cni_request_duration #1359
Don’t return err with empty relatedClusterObject annotation #1379
hypershift: enable ovnk-master metrics in management cluster #1374
Use (un)setProgressing for pod status update #1376
Use the hosted cluster token explicitly #1370
HyperShift: Watch StatefulSets in the management cluster #1364
Exclude openshift-kube-apiserver and openshift-apiserver service/endpoints from connectivity checks in hypershift #1375
Run ovnkube-master statefulset pods in parallel #1361
Add ibm-cloud-managed annotations to 02-cncc-credentials.yaml, this is required in HyperShift #1358
Add ipsec daemonset for hypershift managed cluster #1356
Add statefulset in status manager #1345
hypershift ovnk route status #1341
Add tuning cni sysctl allowlist to nodes #1347
Bug 2058368 : move enable memory trimming to readiness prob #1365
Add ovnkube-node initContainer to make sure sbdb is up before running other containers #1354
Vendor: pull in hypershift #1346
Hypershift: Use token minter instead of a kubeconfig in ovn-kubernetes master #1344
Add an option to define the client name for in-cluster config #1342
Add ovnkube manifests for hypershift #1329
network, bootstrap: don’t get apiserver from the environment #1339
Fix MTU detection for multi path default routes #1338
Multi cluster support in CNO #1319
Fix golang image version in Dockerfile #1330
Remove empty selector from the mtu prober job. #1331
Switch to server-side apply #1304
Probe MTU from a Job, rather than directly in the CNO #1313
Bug 2058368 : Move memory-trimming-on-compaction out of dbchecker to nbdb/sbdb #1320
Fix group for CVO override used for running CNO locally #1314
Bug 2058671 : ip reconciler: auto clean failed jobs #1318
Bug 2037721 : Do not apply OVN-Kubernetes PodDisruptionBudget
on single-node clusters #1307
ovn: stop spawning the ovn-nbctl daemon #1315
Bug 1944264 : ovnkube: gracefully terminate databases from preStop #1312
Bug 2044227 : Add rolling update strategy for Kuryr-CNI. #1311
Bug 2032559 : Block DualStack migration for unsupported cluster types #1257
Bug 2010361 : SDN alerts: conform to monitoring team style guide #1248
Update project owners #1309
Bug 2048575 : The Whereabouts ip-reconciler should use api-int load balancer #1302
Bug 2048793 : Kuryr: Decrease vif_annotation_timeout #1293
Bug 2049613 : Use a separate configmap for mtu migration config to avoid pod restart #1299
Fix bond cni source directory path #1295
Updating cluster-network-operator images to be consistent with ART #1294
Bug 2041546 : ovn-kubernetes: set RAFT election timer at RAFT cluster creation time #1282
Bug 2034484 : Upgrade library-go version #1247
Bug 2042796 : whereabouts, reconciler: disable retries on failure #1290
Bug 2039345 : Verify against mininimal IPv6 MTU value for clusters with IPv6 networks #1276
Bug 2034155 : Adds back –disable-snat-multiple-gws #1254
Bug 2039321 : SDN: Expose controller metrics for collection #1250
clean up OWNERS #1287
Bug 2041989 : no CredentialsRequests in ibm-cloud-managed #1280
Bug 2035459 : modify cluster-network-features for OpenshiftSDN #1251
Bug 1896533 : Nonexistent Namespaces Degradation logging message #1128
Bug 2038732 : Add egress* patch credentials for ovnkube-master #1285
Bug 2041329 : cncc: add serviceAccountNames to CredentialsRequests #1283
Bug 2010663 : OVN-K alerts: conform to monitoring team style guide #1246
Bug 2021191 : Project admins should be able to list net-attach-defs in their namespaces #1226
BUG 2034413: cncc: create Cloud CredentialsRequest in /manifests #1277
Bug 2034460 : cncc: handle advanced AWS and Azure configurations #1275
Bug 2034153 : Fix MTU migration verification for OpenShiftSDN #1259
Bug 1943363 : ovn: try to gracefully terminate ovn-northd #1221
Bug 2018093 : Kuryr: Add resource requests for pods #1269
Bug 2036861 : multitenant - Add openshift-kube-apiserver-operator to global namespaces #1272
Bug 2035093 : Cloud network config controller: Fix for Hypershift #1268
Bug 2034398 : Whereabouts CRD should include a “podref” field. #1262
Bug 2034517 : watch and apply changes of the ovs-flows-config configmap #1231
Bug 2034322 : Move infrastructure bootstrap to its own package #1261
Bug 2033422 : bootstrapOVNGatewayConfig should only be called once #1258
Add MTU migration support for OVNKubernetes and OpenshiftSDN #1241
Cloud network config controller - CNO deployment #1112
Bug 2022144 : sbdb and nbdb containers leave pid around if they restarted or crashed #1256
OVN-K alerts: Fix incorrect metric name reference #1237
Pod networking on DPU host in Infra and Tenant clusters #1249
OVN-K: Enable OVN metrics to be consumed by ServiceMonitor #1236
Bump openshift/build-machinery-go #1253
SDN 2316: Use GatewayConfig in OVN-K to set gateway modes #1209
Add CNI to DPU and enable Kube-Proxy on DPU #1220
NETOBSERV-31 : Expose CNI type features as a config-map #1204
Bump openshift/api module #1242
The ip-reconciler should not restart on failures. #1238
SDN: Do not tolerate a controller failure during upgrade #1213
Set upgrade strategy on kube-proxy #1214
openshift-sdn/daemonset: Mount /host/opt/cni/bin at /host-cni-bin #1172
Specific SDN controller alert #1206
update for ART #1233
bindata/network: specify pod-security levels via labels not annotations #1224
Add bond-cni #1205
Bug 1961509 : DHCP Daemon should have memory and CPU limits set #1218
Add ip6tables NOTRACK rules for udp/6081 #1222
Bug 1962206 : DHCP daemon should have maxunavailable for upgrade strategy #1219
Bug 1976399 : Raft election timer: move the logic to ovndbchecker #1161
Bug 2009078 : Remove NetworkPodsCrashLooping alert for ovn-kubernetes #1212
Bug 1914053 : whereabouts: add ip-reconciler cronjob #1207
Add Kuryr to be able to create events objects. #1210
fix a typo in a field name #1208
podsecurity: enforce privileged for network namespaces #1203
Bug 1988483 : OVN drop icmp frag from other nodes on Azure cluster #1132
Bug 1985486 : Use proxy to connect to OSP cloud #1173
Updating cluster-network-operator images to be consistent with ART #1198
Bug 2003676 : Restrict serving SDN metrics to loopback only #1197
Bug 2002713 : Add millisecond resolution to OVN logs #1196
Bug 1939435 : proxyconfig - accept IPv6 address literals for noProxy #1191
Bug 1986061 : Monitor openshift-network-diagnostics namespace #1190
Bug 1960101 : Fix update-codegen hack, pull in changes from openshift/api, bump k8.io deps to v0.22.1 #1140
Bug 1997050 : Fix panic with unknown networks #1188
Bug 1998508 : Fix the install-time “waiting for other operators” statuses #1192
Bug 1990631 : ovnkube: use ovn-nbctl daemon monitor mode to restart and log issues #1182
Bug 1914398 : Changed pod user to non-root #1124
Bug 1991551 : allow sdn (and others) to use new events.k8s.io API #1177
Bug 1989246 : use new default leader election values to handle apiserver rollout on SNO #1175
Bug 1992507 : Use prometheus rule annotations comply with the OpenShift alerting guidelines #1181
Bug 1989734 : Whereabouts should have RBAC for leases #1174
Bug 1984049 : Slow OVN Recovery on SNO #1159
Bug 1990725 : Add missing node name into KuryrSDNPodNotReady Alert #1176
Bug 1987019 : Support external control plane topology #1158
Docs: add architecture overview, remove outdated HACKING guide. #1078
Remove valadas from owners #1081
Bug 1989122 : let openshift-sdn use EndpointSliceProxying #1166
Updating cluster-network-operator images to be consistent with ART #1136
Bug 1981055 : ovnkube-master handle 60 seconds downtime of API server gracefully in SNO #1154
Bug 1985033 : Make inactivity_probe configurable #1165
Bug 1984449 : Change to use mountPath: /host #1160
Bug 1961757 : ovnkube: set ovn-controller lflow cache limit to 1GB #1147
Revert: Add env variable OVS_SYS_LOG_LEVEL for ovn nodes to setup ovs syslog level #1163
Bug 1981975 : Update service network status to reflect dual stack entries #1155
Bug 1970985 : SDN-1955: Add pre-puller ds to reduce upgrade downtime #1141
Bug 1961811 : Add a newline between user CAs and system CAs #1156
OVNKube: check if br-ex1 is available and pass it as a parameter #1152
Make egress IP and ICNI mutually exclusive when bootstrapping OVN-kube #1145
Bug 1970129 : Add env variable OVS_SYS_LOG_LEVEL for ovn nodes to setup ovs syslog level #1142
Add alerts for issues with load balancers/ports. #1148
Include alerts for critical lbs #1146
Removing old kuryr-kubernetes CRDs #989
Bug 1962951 : enable ovs column diffs feature #1101
Bug 1975016 : Kuryr: Store OpenStack credentials in a secret #1139
Add JacobTanenbaum to list of approvers #1099
Updating .ci-operator.yaml build_root_image
from openshift/release #1130
Full changelog
Revert PAO and later changes #330
Bug 2017427 : tuned: add timeout and restarts #282
Makefile cleanup, replace yq with yaml-patch from openshift/build-machinery-go #274
Bug 2016988 : openshift profile: fix malformed patch #283
Bug 2013321 : TuneD: workaround for high CPU utilization of [scheduler] plug-in. #278
RBAC: tighten the rules and remove unnecessary listers. #276
podsecurity: enforce privileged for openshift-cluster-node-tuning-operator namespace #275
Updating cluster-node-tuning-operator images to be consistent with ART #273
Bug 2004508 : TuneD: Revert the ConfigParser changes. #271
Updating cluster-node-tuning-operator images to be consistent with ART #270
OWNERS: updating based on team changes. #269
e2e tests: s/plugin/plug-in/ and TuneD renaming #253
Bug 1998247 : Reload when deps of recommended profile change. #267
Bug 1997486 : Ship the latest TuneD and stalld. #265
Bug 1994891 : Fix e2e tests after the recent 1.22.0 bump #264
Bug 1992560 : monitoring: comply with OpenShift alerting guidelines #263
Bug 1994891 : Bump vendor dependencies to k8s 1.22.0 #261
Bug 1985739 : Move OpenShift profile to TuneD. #258
Bug 1986477 : Handle kube-apiserver disruption more gracefully. #256
scheduler: new option cgroup_ps_blacklist #250
Address a race in the stalld e2e test. #249
IBM Cloud manifest profile patch for operator deployment #252
Ship the latest TuneD, adjust default Tuned CR. #245
Updating to the latest stalld v1.13.0. #246
openshift-tuned event-driven change processing #243
Adjusting the OWNERS file due to team changes. #244
Updating to the latest stalld v1.12.0. #242
Bug 1974277 : Fix conditional order for setting net device param. #239
Bug 1973154 : Switch back to NTO-shipped stalld. #236
Updating cluster-node-tuning-operator images to be consistent with ART #235
More precise description of MCP matching. #219
Updating .ci-operator.yaml build_root_image
from openshift/release #234
Full changelog
SO-142 : Periodic sync of OKD samples #582
SO-139 : Update the k8s API version #584
SO-138 : Periodic sync of supported OCP samples #583
SO-137 : Support updating the library separately for OKD and for OCP. #581
OKD-225 : Add back mysql samples #571
OCPBUGS-42265 : Fix the rails template before the upstream accepts or PR #574
OKD-225 : Sync samples - OKD CI is completely broken currently due to removed containers #569
OKD-225 : update okd dockerfile builder and base images #566
OCPBUGS-38994 : Fix library-sync.sh to handle renames in unsupported samples #562
OCPBUGS-38926 : Update Go version, API version and vendored libs to the same versions as in the openshift/api. #561
OCPBUGS-38273 : Updating ose-cluster-samples-operator-container image to be consistent with ART for 4.18 #559
NO-ISSUE: Only pick up the changes from the supported imagestreams and templates in library-sync.sh. #553
KUBESAW-162 : add mfrancisc and metlos as owners #549
SO-121 : Syncing the library for only S2i Samples for OCP 4.16 #543
Revert “SO-121: Resync Libray for 4.16” #542
SO-121 : Resync Libray for 4.16 #540
OCPBUGS-31303 : bump K8s version to 29.2 #536
AUTH-482 : set required-scc for openshift workloads #535
OCPBUGS-26992 : Align builder and base for Dockerfile.okd with Dockerfile #531
OCPBUGS-28230 : add FallbackToLogsOnError for easier debugging #532
OCPBUGS-24787 : Updating ose-cluster-samples-operator-container image to be consistent with ART #530
OCPBUGS-24787 : Updating ose-cluster-samples-operator-container image to be consistent with ART #527
SO-119 : Fix mariadb import url in OKD #525
SO-118 : Bumping the K8s to 28.2 and golang to 1.20 #524
SO-117 : Library Sync for OCP release 4.15 #522
OCPBUGS-22225 : Sync library to remove invalid dockerhub references for OKD #519
Use latest tag for network-tools imagestream #518
OCPBUGS-18857 : Updating ose-cluster-samples-operator images to be consistent with ART #517
manifests: Drop explicit runlevel from CRD manifest #515
OCPBUGS-16435 : Bump k8 to v0.27.2 for ocp 4.14 #514
OCPBUGS-16403 : Update Cluster Sample Operator dependencies and libraries for OCP 4.14 #511
reconcile status when clusteroperator changes #510
OCPBUGS-15754 : Update Jenkins and Jenkins Agent Base image versions #504
OCPBUGS-14491 : Updating to use Jenkins 4.13 images #502
OCPBUGS-12775 : Update Cluster Sample Operator dependencies and libraaies for OCP 4.14 #500
Updating ose-cluster-samples-operator images to be consistent with ART #499
OCPBUGS-10910 : Add network tools imagestreams #495
Updating ose-cluster-samples-operator images to be consistent with ART #493
Fix jira component #494
update Jenkins to use v4.12 imagestreams #491
OCPBUGS-855 : When setting allowedRegistries urls the openshift-samples operator is degraded #487
OCPBUGS-6811 : Update Cluster Sample Operator dependencies and libraries for OCP 4.13 #485
Change importMode to preserveOriginal for Openshift imagestreams #482
OCPBUGS-6579 : update sample imagestreams with latest 4.11 image using specific image tag reference #483
OCPBUGS-4357 : Bump k8s master #476
OCPBUGS-4166 : Update Cluster Sample Operator dependencies and libraries for OCP 4.13 #474
OCPBUGS-3426 : Update Cluster Sample Operator dependencies and libraries for OCP 4.12 #471
Updating ose-cluster-samples-operator images to be consistent with ART #470
Updating ose-cluster-samples-operator images to be consistent with ART #465
Add client certificate and key to service monitor #464
Updating ose-cluster-samples-operator images to be consistent with ART #435
Bug 2086086 : Update Cluster Sample Operator dependencies and libraries for OCP 4.11 #433
update jenkins CPaaS image refs prior to 4.11 GA #432
Bug 2086086 : Update Cluster Sample Operator dependencies and libraries for OCP 4.11 #431
Bug 2095256 : Samples Owner needs to be Updated #429
Bug 2086086 : Update Cluster Sample Operator dependencies and libraries for OCP 4.11 #428
AUTH-133 : manifests/deployment: comply to restricted pod security level #425
Updating ose-cluster-samples-operator images to be consistent with ART #426
JNKS-289 : pull in jenkins imagestream updates (add back maven/nodejs streams) #422
Jira SO-19: Make sure template and imagestream api version is groupified #420
JNKS-287 : remove imagestream manifest refs; remove override of jenkins images with payload images #416
Bug 2010364 : OpenShift Alerting Rules Style-Guide Compliance #419
Bug 2067823 : Taking care of CVE-2022-21698 #418
Bug 2064610 : Remove duplicate v1 from cakephp-mysql templates #417
manifests: Add capability.openshift.io/name #414
Updating ose-cluster-samples-operator images to be consistent with ART #412
Bug 2027745 : Allowing ImageStream creation when config registry empty #406
Bug 2033720 : Synching SSO library #411
upd rhel7 Dockerfile in case still used for rhel7 worker nodes #410
Bug 2033720 : Bump k8 dependencies to v0.23.1 #409
Bug 2033720 : Library synchronization for OCP 4.10 #408
Bug 2027745 : Move openshift build-machinery-go dependency #407
Update OWNERS #402
Remove single node prod cluster profile annotation as it is not used #405
Bug 2007757 : Including Template in must-gather related objects. #399
Bug 2006947 : fix proxy portion of tbr inaccessible check #397
Updating ose-cluster-samples-operator images to be consistent with ART #396
Bug 2002368 : acccount for image api returning invalid on imagestream create based on allowed/blocked registry settings #394
Bug 2003683 : fix recently introduced panic when conflict errors occur #395
Bug 1993840 : more avoiding immediate degraded on intermittent API errors #391
Updating ose-cluster-samples-operator images to be consistent with ART #390
add david peraza as approver, clean up reviewers #389
BUILD-298 : Bump k8s to 1.22.1 #388
Bug 1993840 : avoid immediate degraded on intermittent API errors; set reason/message when Available=false #387
Bug 1995386 : don’t return err in wait.Poll on net.DialTimeout err; tweak time intervals #386
Bug 1990140 : add connection with timeout in TBR accessibility check to expedite ‘disconnected’ mode #384
Bug 1990988 : Refreshing samples for OCP 4.9 #381
Bug 1975539 : delete hello-openshift in payload imagestream via CVO annotation #380
Updating ose-cluster-samples-operator images to be consistent with ART #378
Updating .ci-operator.yaml build_root_image
from openshift/release #377
Full changelog
WRKLDS-1449 : Update to Kubernetes v1.31.3 #2141
OCPBUGS-44896 : Enable format library for 4.18 #2139
TRT-1835 : Add an openshift-tests-extension compatible test binary #2105
OCPBUGS-34373 : Bump library-go to fix routes/custom-host permission for externalCertificate #2129
NO-JIRA: drop openshift-sdn references #2057
SDN-5457 : Bump kube-proxy image to 4.18 base images #2127
SDN-5457 : Add Dockerfile for standalone kube-proxy image #2082
WRKLDS-1449 : Bump k8s api to 1.31.2 #2122
OCPBUGS-28812 : UPSTREAM: <carry>: kubelet/cm: fix bug where kubelet restarts from missing cpuset cgroup #2031
OCPBUGS-39004 : CRD type check test fix #2116
OCPBUGS-38838 : Re-enable 1.31 kubectl tests #2114
TRT-1867 : Revert #2067 “OCPBUGS-39305: log only deprecated api requests” #2112
OCPBUGS-39305 : log only deprecated api requests #2067
WRKLDS-1449 : Update Hyperkube Dockerfile with the right Kubernetes version #2102
WRKLDS-1449 : Rebase 1.31.1 #2092
OCPBUGS-41172 : Updating openshift-enterprise-pod-container image to be consistent with ART for 4.18 #2076
OCPBUGS-42120 : UPSTREAM: 125398: Fix issue with scheduler failing on hostname mismatch #2095
NO-JIRA: UPSTREAM: <carry>: retrying etcd Unavailable errors for the etcd health and ready checkers #2079
OCPBUGS-39004 : UPSTREAM: 127243: Fix invalid label use in validatingadmissionpolicy e2e #2080
OCPBUGS-36295 : UPSTREAM: 126295: dynamiccertificates: denoise Kubelet logs by skipping removal of non-existent file watchers #2064
OCPBUGS-38515 : UPSTREAM: <carry>: bump cadvisor version to fix missing network stats #2074
NO-JIRA: UPSTREAM: annotate audit events for requests during unready phase and graceful termination phase #2077
OCPBUGS-39004 : UPSTREAM: 126994: Add required FieldManager for validatingadmissionpolicy e2e #2069
NO-JIRA: UPSTREAM:<drop>: bump openshift/library-go@4d55b6d #2068
OCPBUGS-38336 : UPSTREAM: 126641: e2e/storage: update block device test to always specify a valid path #2054
NO-JIRA: update downstream owners #2047
OCPBUGS-35297 : UPSTREAM: 126470: Move APIServingWithRoutine to alpha and disabled by default #2044
OCPBUGS-37620 : Bump 1.30.3 #2038
NO-JIRA: UPSTREAM: 126213: add test about container metrics from cadvisor #2040
OCPBUGS-37281 : UPSTREAM: 126104: Add funcs in pkg/filesystem/util to set file permissions on Windows and update container log dir perms #2034
OCPEDGE-1181 : UPSTREAM: <carry>: update test annotations for sno #2033
NO-JIRA: add tool to validate test packages imported #2024
OCPBUGS-36742 : UPSTREAM: <carry>: sync imports #2017
OCPBUGS-37111 : UPSTREAM: 125404: Fix that PodIP field is temporarily removed for a terminal pod #2025
NO-JIRA: UPSTREAM: <drop>: bump(github.com/openshift/apiserver-library-go) #2023
MULTIARCH-4229 : UPSTREAM:<carry>:bump cadvisor for 3516 upstream patches #2012
OCPBUGS-36743 : UPSTREAM: <carry>: inject k8s version from hyperkube Dockerfile #2018
OCPBUGS-34294 : OCPBUGS-34309: UPSTREAM: <carry>: update base image #1998
API-1783 : Bump 1.30.2 #1996
OCPBUGS-14613 : drop carry “don’t fail integration due to too many goroutines” #1995
OCPBUGS-34544 : UPSTREAM: <carry>: Disable PersistentVolumeLabel by default #1991
OCPBUGS-34050 : Backport 125337 #1987
OCPBUGS-34544 : UPSTREAM: <carry>: Disable e2e tests that need PersistentVolumeLabel #1986
OCPBUGS-34593 : UPSTREAM: 124933: [Scheduler] Use allNodes when calculating nextStartNodeIndex #1983
API-1783 : UPSTREAM: <carry>: skip PodLifecycleSleepAction test #1982
API-1783 : UPSTREAM: <carry>: skip storage tests #1981
OCPBUGS-25331 : UPSTREAM: <carry>: extend termination events #1827
API-1783 : Bump 1.30.1 #1979
API-1783 : Rebase 1.30.0 #1953
OCPBUGS-33574 : bump openshift/library-go@e22d25a #1967
OCPBUGS-32934 : UPSTREAM: 124795: e2e: DaemonSet maxSurge test should account for terminated pods #1966
no-jira: UPSTREAM <carry>: add native build to installer image #1961
API-1809 : Provide SCC access via RBAC #1959
NO-JIRA: UPSTREAM: <carry>: Revert create readyz event for kubeapi server #1957
OCPBUGS-20097 : Migrate tools image to RHEL9 #1954
OCPBUGS-32296 : Bump K8s api to 1.29.4 #1947
OCPBUGS-22301 : UPSTREAM: <carry>: Fix garbage-collection for CRDs. #1811
OCPBUGS-26440 : UPSTREAM: <carry>: create readyz event for kubeapi server #1914
UPSTREAM: <carry>: OCPEDGE-807: add support for cpu limits into management workloads #1902
CFE-910 : RouteExternalCertificate validation in openshift-kube-apiserver custom resource validator #1904
NO-JIRA: UPSTREAM: <carry>: featureset validation moved to CEL #1944
CFE-910 : bump library-go #1941
OCPBUGS-11933 : UPSTREAM: <drop>: bump apiserver-library-go #1910
OCPBUGS-31663 : UPSTREAM: <carry>: add management workload check for guaranteed qos #1928
OCPBUGS-30957 : Use the right feature gate when updating uncertain … #1919
OCPBUGS-31384 : UPSTREAM: <carry>: allow type mutation for specific secrets #1932
OCPNODE-1886 : Bump k8s 1.29.3 #1925
OCPBUGS-31384 : UPSTREAM: <carry>: allow type mutation for specific secrets #1929
OCPBUGS-31384 : UPSTREAM: <carry>: allow type mutation for specific secrets #1924
OCPBUGS-30767 : UPSTREAM: 124110: retry policy creation for CRD type checking E2E test #1922
OCPBUILD-13 : UPSTREAM: <carry>: fix [sig-auth] ServiceAccounts no secret-based service account token should be auto-generated #1909
CFE-910 : [o/k-apis] Add context to ObjectValidator; Consume FeatureGate(s) in kube-apiserver #1852
UPSTREAM: <carry>: OCPBUGS-29520: fix cpu manager cpuset check #1892
OCPBUGS-30954 : Set up CEL IP/CIDR library from 4.14 onwards #1911
OCPBUGS-24481 : Enable SELinux tests #1908
MCO-392 : openshift-hack/images/os: delete #1805
OCPBUGS-23900 : UPSTREAM: 123512: system:kube-scheduler: extend the RBAC with pods/finalizers #1900
OCPBUGS-10996 : Fix race condition between resizer and kubelet #1899
OCPBUGS-29437 : Upstream: <carry>: RPM: Split apiserver, scheduler, k-c-m, kubelet into subpackages #1882
OCPNODE-1892 : Bump k8s to 1.29.2 #1888
NO-JIRA: Clean carry patches #1880
OCPBUGS-29435 : UPSTREAM: 123165: Add AudienceMatchPolicy and support multiple audien… #1881
CORS-3191 : Add Dockerfile to buld kube-apiserver for openshift-install architectures #1872
NO-JIRA: Revert “OCPBUGS-24404: add ignore for SAST scan” #1870
OCPBUGS-24404 : UPSTREAM <carry>: use snyk file #1871
OCPBUGS-26058 : UPSTREAM: <carry>: watch-termination: termination.log file with restricted permissions #1841
OCPBUGS-16760 : permanently disable NodeLogQuery e2e test #1792
OCPNODE-1892 : Bump k8s to 1.29.1 #1858
OCPNODE-1892 : Switch to golang 1.21 #1845
OCPBUGS-24606 : UPSTREAM: <carry>: Update management webhook pod admission logic #1821
OCPNODE-1892 : UPSTREAM: <carry>: update test rules #1849
OCPBUGS-17249 : UPSTREAM: <carry>: openshift-kube-apiserver: pod .spec.nodeName should not override project node selector in podNodeEnvironment admission plugin #1787
OCPNODE-1892 : UPSTREAM: 122683: Use v1beta1 endpoints when cleaning up ValidatingAdmissionPolicies #1848
OCPBUGS-23896 : Fix device uncertain errors on reboot #1829
OCPBUGS-24404 : add ignore for SAST scan #1824
AUTH-439 : loosen authentication.spec.type validation #1770
OCPNODE-1892 : UPSTREAM: 122643: Add a new neverTerminate job behavior just for upgrade #1846
OCPBUGS-26067 : Backport CEL IP and CIDR validations #1828
OCPNODE-1892 : Bump k8s api to 1.29.0 #1840
OCPNODE-1895 : temporarily disable reporting e2e text bugs #1836
OCPNODE-1892 : Rebase 1.29.0 #1815
CNF-8809 : admission: add new admission for handling shared cpus request #1799
CNF-8326 : advertise shared cpus for mixed cpus feature #1795
OCPBUGS-23565 : Update to kubernetes 1.28.4 #1806
OCPBUGS-23073 : .spec.numberOfUsersToReport is not correctly applied in some circumstances #1794
OCPBUGS-22724 : UPSTREAM: 121881: Use golang library instead of mklink #1800
OCPBUGS-16922 : Remove skip flag for e2e tests related to AdmissionWebhookMatchConditions #1790
Update REBASE.openshift.md #1788
STOR-1278 : Fixes for SELinux mount context metrics #1771
Update to Kubernetes v1.28.3 #1776
openshift-hack: Fix sporadic 141 errors in build-rpms #1769
UPSTREAM: <carry>: support for both icsp and idms objects #1685
OCPBUGS-21584 : UPSTREAM: 121128: [CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 #1757
Do not allow nodes to set forbidden openshift labels #1735
OCPBUGS-20096 : bump pause image to RHEL9 #1734
Revert #1731 “Revert #1703 “Update builder & base images”” #1732
Revert #1703 “Update builder & base images” #1731
Update builder & base images #1703
UPSTREAM: <drop>: bump(openshift/client-go,library-go,apiserver-library-go) #1726
OCPBUGS-19666 : kubelet/cm: use MkdirAll when creating cpuset to ignore file exists error #1724
OCPBUGS-17534 : UPSTREAM: <carry>: vendor: bump cadvisor and runc to 1.1.9 #1711
UPSTREAM: 120817: e2e: bootstrap vsphere tests earlier #1714
OCPBUGS-19452 : UPSTREAM: 119317: change rolling update logic to exclude sunsetting nodes #1716
Update to new openshift/* dependencies #1704
STOR-1425 : Update to Kubernetes 1.28.1 #1646
OCPBUGS-16080 : UPSTREAM: <carry>: watch-termination: termination.log file #1638
UPSTREAM: <carry>: disable test removed in 1.28 #1698
<carry>: Export cpu stats of ovs.slice via prometheus #1686
OCPBUGS-17654 : cm: reorder setting of sched_load_balance for sandbox slice #1665
OCPBUGS-18608 : UPSTREAM: <carry>: Force using host go always and use host libriaries #1688
OCPBUGS-18149 : UPSTREAM: <carry>: retry etcd Unavailable errors #1681
OCPBUGS-18149 : UPSTREAM: <carry>: retry etcd Unavailable errors #1676
OCPBUGS-14301 : UPSTREAM: 117245: Fix TopologyAwareHint not working when zone label is added after Node creation #1673
OCPBUGS-14301 : UPSTREAM: 117249,118189: fix TopologyCache crashes #1668
OCPBUGS-7415 : grant user:full scope to self-SARs #1493
UPSTREAM: 118280: Set all PSa labels in tests #1663
OCPBUGS-17119 : UPSTREAM: <drop>: bump apiserver-library-go for updated required-scc errors #1661
OCPBUGS-15726 : UPSTREAM: <carry>: merge v3 openapi discovery and specs for special groups #1654
OCPBUGS-16166 : Update to Kubernetes 1.27.4 #1660
Update to Kubernetes 1.27.4 #1653
OCPBUGS-15726 : UPSTREAM: 118879: make apiservices.apiregistration.k8s.io discoverabl… #1630
OCPBUGS-16166 : Update to Kubernetes 1.27.4 #1645
OCPBUGS-15726 : UPSTREAM: 118881: fix openapi/v3 non local apiservices aggregation #1629
UPSTREAM: <drop>: hack/update-vendor.sh #1634
UPSTREAM: 119107: Stop using deprecated API #1624
OCPBUGS-13392 : UPSTREAM: 118915: remove legacy NetworkPolicy tests #1623
UPSTREAM: <drop>: update openshift/api,openshift/apiserver-library-go #1621
UPSTREAM: <carry>: when only this kube-apiserver can fulfill the kube… #1616
Update to Kubernetes 1.27.3 #1609
UPSTREAM: <carry>: STOR-1270: Admission plugin to deny deletion of storages.operator.openshift.io #1550
OCPBUGS-7181 : UPSTREAM: <drop>: bump apiserver-library-go #1605
STOR-1263 : Add csimock tests #1595
OCPBUGS-4053 : UPSTREAM: 118383: bump cadvisor for upstream patch 3301 #1594
Update test wrapper to match new k8s #1584
STOR-1263 : Bump to k8s 1.27.2 #1583
cherry-pick
: #117785 from k/k
- disable external IPs on e2e net tests #1581
UPSTREAM: 117893: When expecting pods count only active ones #1577
OCPBUGS-13854 : UPSTREAM: 117371: kubelet: Don’t reference the pod manager interface directly from components #1578
OCPBUGS-11652 : UPSTREAM: <carry>: Extend NodeLogQuery feature #1579
OCPBUGS-13148 : kubelet/cm: disable cpu load balancing on slices when using static cpu manager policy #1573
UPSTREAM: <carry>: move test rules from origin #1574
OCPBUGS-11143 : Azure: move to kube-proxy LB probes, don’t detach masters when unready #1569
OCPBUGS-10048 : UPSTREAM: <carry>: add conditional shutdown response header #1555
OCPBUGS-2474 : UPSTREAM: 116995: kubelet: Ensure pods that have not started track pendingUpdate #1561
STOR-1263 : Update to Kubernetes 1.27.1 #1558
OCPBUGS-10829 : UPSTREAM: 117310: kube-aggregator: correctly use client-go TLS cache with custom dialer #1548
UPSTREAM: <carry>: add shutdown annotation to response header #1537
UPSTREAM: <carry>: OCPNODE-1548,OCPNODE-1584: disable load balancing on created cgroups when managed is enabled #1518
Add wrapper which will allow running o/k tests as external binary in origin #1485
OCPBUGS-7267 : More fixes to SCC PSa extractor #1482
OCPBUGS-10048 : UPSTREAM: 115328: apiserver: annotate early (server not ready) and late (during shutdown) requests #1456
OCPBUGS-8220 : CSI Inline Volume admission plugin does not log object name correctly #1499
OCPBUGS-8092 : Fix mounted volume expansion tests #1498
UPSTREAM: <carry>: update rebase doc #1464
Bump to k8s 1.26.2 #1494
AUTH-336 : UPSTREAM: <carry>: PSa metrics: unset ocp_namespace on non-platform n… #1489
Bump to k8s 1.26.1 #1479
OCPBUGS-7267 : add SeccompProfile to Pod and Container accessors/mutators #1490
UPSTREAM: <drop>: OCPBUGS-5991: Kube APIServer panics in admission controller #1488
CNF-5901 : admission hook change for workload partition on all clusters #1312
UPSTREAM: 113799: tests: network: Prefer internal IPs first #1446
UPSTREAM: 115863: Remove global framework variable #1480
UPSTREAM: <carry>: add new approvers #1458
OCPBUGS-7555 : UPSTREAM: <carry>: add default kubelet sysctls within rpm #1475
AUTH-336 : UPSTREAM: <carry>: PSa metrics: log platform namespaces in audit denies #1454
add icsp validation: reject one of icsp idms.itms resources #1310
UPSTREAM: 114027: make GetSubnetPrefix IP family agnostic #1469
disable tests dependent on StackDriver #1466
UPSTREAM: 115484: Don’t explicitly set image version in tests #1465
UPSTREAM: 114994: kubelet: fix readiness probes with pod termination #1450
OCPBUGS-6030 : Rebase onto kube v1.26 #1432
Fix the mutated PodSpec extractor for warns if no SCC matches #1453
OCPBUGS-4900 : remove in-tree volume limits test now that CSIMigration is GA #1448
OCPBUGS-4658 : Apply shared defaulters to CRD-based routes. #1440
OCPBUGS-4657 : Bump library-go. #1431
UPSTREAM: <carry>: make the PSA workload admission warnings honor the… #1393
UPSTREAM: <carry>: Ensure balanced brackets in annotated test names #1410
STOR-829 : Add CSIInlineVolumeSecurity admission plugin #1384
OCPBUGS-3501 : UPSTREAM: <carry>: Add host assignment plugin for CRD-based routes. #1419
UPSTREAM: <drop>: Bump openshift/api. #1424
OCPBUGS-3499 : UPSTREAM: <carry>: Add validation plugin for CRD-based route parity. #1416
Bug 2117374 : UPSTREAM: <drop>: update apiserver-library-go to add message about wo… #1395
Bug OCPBUGS-2991: Disable expansion in SC, if driver does not support it #1402
OCPBUGS-3093 : Tag AWS security groups at creation #1411
UPSTREAM: <drop>: Bump library-go. #1406
OCPBUGS-2946 : Revert: 1340: tag AWS security group at creation #1401
OCPBUGS-3084 : UPSTREAM: 113481: kubelet: fix pod log line corruption when using timestamps and long lines #1404
OCPBUGS-2774 : UPSTREAM: 112807 Fix Load balancer services with xTP local #1400
UPSTREAM: 113208: Set default test timeouts first, only then modify the required ones #1396
UPSTREAM: <carry>: Bug 2098054: tag AWS security group at creation #1340
UPSTREAM: 113135: Wait for pod not running or gone in storage tests #1394
Bump to k8s 1.25.2 #1380
Bug 2041317 : Fix replica calculation at start of HPA scaling policy period #1391
UPSTREAM: <carry>: allow annotating with a specific suite #1388
k8s 1.25.0 #1360
UPSTREAM: <carry>: Dockerfile: use centos:stream9 #1366
OCPBUGS-718 : UPSTREAM: 112267: aws: skip health rules if they are a subnet of the client rule #1358
UPSTREAM: <carry>: optionally enable retry after until apiserver is ready #1346
UPSTREAM: 110639: endpointslices: node missing on Pod scenario #1359
UPSTREAM: <carry>: Update kubensenter to use exec instead of subprocess #1350
UPSTREAM: 110039: Add readinessProbe to aggregated api service test #1307
Bug 2118318 : UPSTREAM: 110939: don’t quota events.k8s.io events by default #1344
UPSTREAM: 111789: Update Netpol e2e tests to use framework CreateName… #1349
UPSTREAM: <carry>: Skip session affinity timeout tests #1339
Bug 2117569 : UPSTREAM: 110888: feat: fix a bug thaat not all event be ignored by gc controller #1338
Add kubensenter to the openshift RPM #1327
UPSTREAM: 111306: Make scheduling e2e tests run PSa-restricted pods #1333
trt-393: add plugin name to caches not synchronized error #1330
Bug 2102383 : UPSTREAM: 89885: Fix panic in openstack.InstanceExistsByProviderID() #1315
Bug 2088606 : Overly loose admission check when configuring UpstreamResolvers or ForwardPlugin #1247
Bug 2081194 : UPSTREAM: <carry>: update list of deprecated apis #1091
Bug 2082773 : Fix resizing of ephemeral volumes #1296
UPSTREAM: <carry>: Remove reserved CPUs from default set #1295
Bug 2094012 : UPSTREAM: 110652: fix: –chunk-size with selector returns missing result #1303
Bug 2063414 : UPSTREAM: 109441: kubelet: parseResolvConf: Handle “search .” #1283
Bug 2086519 : get SCC admission default securityContext.runAsNonRoot to true on positive UIDs #1290
Bug 2078778 : UPSTREAM: 110408: apiserver: printers should use int64 #1288
Bug 2089933 : Backport 110191 Re-enable Kubelet Pod Readiness Probes on Termination and Pod probes should be handled by pod worker #1285
Bug 2087685 : Worker Latency Profiles: Config node object validation for extreme profile transition #1287
Bug 2065749 : UPSTREAM: 109103: cpu/memory manager containerMap memory leak #1229
Bug 2094954 : UPSTREAM: 110258: Fix pod eviction ip #1282
UPSTREAM: <carry>: provide unique reason for pod probe event during t… #1281
Bug 2086092 : UPSTREAM: 108284: fix: exclude non-ready nodes and deleted nodes from azure load balancers #1261
Fixes probe readiness shutdowns #1269
Bug 2086092 : update kube to v1.24.0 #1252
Bug 2086519 : UPSTREAM: <carry>: e2e-framework: don’t autosync PodSecurity labels #1268
Bug 2062459 : Identify if there are multiple schedulers running #1251
Bug 2075621 : UPSTREAM: 109487: Disable JobTrackingWithFinalizers due to unresolved bug #1243
Bug 1999325 : Backport 107821 and 107831 #1225
UPSTREAM: 109283: test/e2e/*: use restricted policy by default, default existing tests to privileged #1238
Bug 2051985 : UPSTREAM: <carry>: An APIRequestCount without dots in the name can cause a panic #1172
Bug 2066865 : Skip azure topology tests #1230
UPSTREAM: 106454: test/e2e: fix e2e tests for restricted policy #1227
Revert “UPSTREAM: <carry>: Unskip OCP SDN related tests” #1228
bump apiserver-library-go #1218
UPSTREAM: <carry>: update list of deprecated apis #1204
UPSTREAM: 106454: test/e2e: fix e2e tests for restricted policy #1226
Bug 1957668 : UPSTREAM: <carry>: use console-public config map for console redirect #1110
UPSTREAM: 106454: test/e2e: fix e2e tests for restricted policy #1212
Bug 2022507 : Backport 108366: OutofCpu Fixes #1199
Bug 1945329 : enable should drop INVALID conntrack entries test #897
Bug 2063938 : UPSTREAM: <carry>: use hardcoded rest mapper from library-go #1215
Bug 2062459 : Generate event when cache update is failed #1210
UPSTREAM:<carry>:Unskip OCP SDN related tests #1201
Bug 2034958 : enable “Conntrack should be able to preserve UDP traffic when initial… #1197
UPSTREAM: 106454: SQUASH: test/e2e: let e2e tests specify pod security admiss… #1128
Bug 2040715 : UPSTREAM: 108284: fix: exclude non-ready nodes from azure load balancer #1190
UPSTREAM: <drop>: zero-diff to pick up tags for versions #1193
Bug 2040715 : upstream 108149: do not return early in the node informer when there is no change #1184
Bug 2040533 : UPSTREAM: <drop>: Ignore container notfound error while getPodstatuses #1176
Bug 2040533 : UPSTREAM: 107900: Pods that have terminated before starting should not block startup #1157
UPSTREAM: 107847: service REST: Call Decorator(old) on update path #1156
Bug 1979671 : UPSTREAM <carry>: Remove pod warning annotation when workload partitioning is disabled #977
Bug 2044824 : UPSTREAM: 107786: Ensure the execHostnameTest() compares hostnames #1153
Bug 2044347 : bump to k8s 1.23.3 #1145
Bug 2039539 : Revert “UPSTREAM: <drop>: revert upstream PR 106306” #1143
Bug 2041583 : UPSTREAM: <carry>: set correctly static pods CPUs when workload partitioning is disabled #1136
Bug 2040533 : UPSTREAM: 107695: kubelet: fix podstatus not containing pod full name #1140
Bug 2039539 : UPSTREAM: <drop>: revert upstream PR 106306 #1130
Bug 2022824 : Fix the leak of vSphere client sessions #1104
Bug 2042169 : UPSTREAM: <carry>: remove egressnetworkpolicies from gc ignored resources #1123
Bug 2040793 : Fix ordering issues with snapshot e2e #1119
Bug 2038968 : Restore upstream feature gates #1112
Bug 2004542 : UPSTREAM: 89885: SQUASH: Retry fetching clouds.conf #1099
Bug 2041641 : Backport k8s.io/utils fix for a memory leak within the inotify utilities #1122
Bug 2042493 : UPSTREAM 107564: kube-apiserver integration test: allow IPs with leading zeros on the API #1124
Bug 2039414 : UPSTREAM: <carry>: allows for switching KS to talk to Kube API over localhost-squash to other #1121
Bug 2042493 : UPSTREAM: <carry>: Fix conformance and serial tests by stopping node cordoning #1129
Bug 1933144 : hardens the aggregated API e2e tests in an HA setup #1114
Bug 2001442 : empty termination.log file for the kube-apiserver has too permissive mode #1096
Bug 2034705 : UPSTREAM 107136: Don’t log vSphere configuration data in storage e2e tests #1098
Bug 2033751 : fix -rt builds and copy extensions into resulting image #1106
Bug 2033751 : Kube 1.23.0 rebase #1087
Switch to go1.17 #1080
Bug 2021629 : UPSTREAM: <carry>: api request counts for current hour are incorrect #1037
UPSTREAM: 105910: retry PV create in e2e-test on API quota failure #1078
UPSTREAM: <drop>: revert to go1.16 #1079
Updating openshift-enterprise-hyperkube images to be consistent with ART #934
UPSTREAM: <drop>: remove creation of openshift-infra ns and recycler SA #1039
Bug 2008532 : Fix subpath sources check #1065
Bug 2017276 : UPSTREAM: 105934: Don’t guess SELinux support on error #1052
Rebase Automation Script #1040
Updating openshift-enterprise-pod images to be consistent with ART #933
UPSTREAM: <carry>: delay queuing deletion for PV to allow nodes some time to unmount #1062
Bug 1978528 : UPSTREAM: <carry>: bump cadvisor for 2957, 2999 and 2979 upstream patches #1049
Bug 2023779 : Fix patch 104847 #1059
Bug 2022811 : UPSTREAM: 106382: defer close the rotated log open #1051
Bug 2007495 : UPSTREAM: 105213: remove StartedPodsErrorsTotal metrice message #988
Bug 2021936 : Read k8s version from hyperkube Dockerfile #1038
Bug 2002759 : UPSTREAM: <carry>: verify required http2 cipher suites #1022
UPSTREAM: <carry>: update rebase doc #1031
Bug 2000216 : Image policy should mutate DeploymentConfigs, StatefulSets, and new CronJobs #1014
Bug 1970331 : UPSTREAM: <drop>: bump apiserver-library-go #1017
Bug 1990190 : Remove Error Message Check Dynamic PV Tests #1011
Bug 2011513 : kubelet: do not arbitrarily create a podSyncStatus for finished pods #1007
UPSTREAM: <drop>: bump apiserver-library-go #1008
Bug 1997478 : Ensure terminal pods maintain terminal status #999
Bug 2010348 : UPSTREAM: 105352: revert pie build mode #993
UPSTREAM: <carry>: allow SCC to be disabled on a per-namespace basis #984
Bug 2000754 : UPSTREAM: 104865: e2e iperf2 change threshold to 10MBps = 80 Mbps #980
Bug 1965368 : UPSTREAM: <drop>: bump(apiserver-library-go) #971
Remove Error Message for Unsupported Volume Test #905
Add CSI migration feature gates for vSphere and Azure File #961
etcd-client starts retrying transient errors from the etcd cluster #959
UPSTREAM: <carry>: openshift-hack/images/os/Dockerfile: Add io.openshift.build.versions, etc. #963
Bug 2005182 : UPSTREAM: <carry>: update list of deprecated apis to be removed #965
Bug 1999133 : kubelet: Handle UID reuse in pod worker #938
UPSTREAM: <carry>: add control plane to allowed roles #957
UPSTREAM: <drop>: bump openshift, k8s to 1.22.1 #950
Bug 2003269 : UPSTREAM: 104817: kubelet: Rejected pods should be filtered from admission #948
Bugzilla 2001763: UPSTREAM: <carry>: 104437: run etcd healthcheck in the background and… #893
UPSTREAM: 104314: legacy-cloud-providers: aws: Add support for consuming web identity credentials #927
Bug 1996689 : Tighten up RestrictedEndpointsAdmission #899
Bug 1996779 : Fix bug with goroutine capturing loop variable #904
Bug 2000451 : UPSTREAM: <drop>: Disable broken sig-storage test #925
Bug 1994643 : UPSTREAM: 104630: remove server option startup-send-retry-after-until… #922
Bug 1992016 : UPSTREAM: <carry>: add OPENSHIFT_MAX_HOUSEKEEPING_INTERVAL_DURATION and OPENSHIFT_EVICTION_MONITORING_PERIOD_DURATION #909
Bug 1994927 : Revert “Remove Endpoints write access from aggregated edit role” #908
Bug 1997657 : UPSTREAM: 104577: kubelet: Admission must exclude completed pods and avoid races #920
Bug 1948089 : openshift-apiserver should not set Available=False APIServicesAvailable on update #915
Bug 1986003 : Rebase 1.22.1 #916
Bug 1994643 : UPSTREAM: <carry>: sets X-OpenShift-Internal-If-Not-Ready HTTP Header for GC and Namespace controllers #907
Bug 1994643 : UPSTREAM: <carry>: send Retry-After when not ready with a caller opt in #906
Bug 1993980 : UPSTREAM: 104529: [1.22] vendor: bump runc to 1.0.2 #910
Bug 1948089 : openshift-apiserver should not set Available=False APIServicesAvailable on update #903
Bug 1986307 : UPSTREAM: <carry>: re-enable networking tests #885
Bug 1995804 : UPSTREAM: <carry>: rename termination events to use lifecycleSignals #896
Bug 1950993 : UPSTREAM: <drop>: bump cadvisor for 2868 and 2925 upstream patches #892
Bug 1997465 : UPSTREAM: 104466: bump k8s.io/util to get fix for LRU cache #898
Bug 1994643 : UPSTREAM: 104281: send retry-after until the apiserver is ready #889
Bug 1982868 : UPSTREAM: <carry>: admission/managementcpusoverride: cover the roll-back case #877
Bug 1986306 : Kubectl client kubectl wait should ignore not found error with –for=delete #891
Bug 1994643 : UPSTREAM: <carry>: use lifeCycleSignals for isTerminating #887
Bug 1980118 : UPSTREAM: <carry>: drop the warning to use –keep-annotations #860
Bug 1992900 : Fix build with multiple GOFLAGS #886
Bug 1986003 : Bump k8s.io to 1.22.0-rc.0 #862
UPSTREAM: <carry>: prevent the kubecontrollermanager service-ca from getting less secure #853
Bug 1981477 : Do not throw error when we can’t get canonical path #817
UPSTREAM: <carry>: add a way to inject a vulnerable, legacy service-c… #852
produce events for readyz going true #807
UPSTREAM: <drop>: remove the openshift authenticator from the apiserver #822
UPSTREAM: <drop>: bump(apiserver-library-go) #846
UPSTREAM: <carry>: add CSI migration feature gates for GCE PD and Azure Disk #831
UPSTREAM: 103385: Fix Multi-AZ test #837
Bug 1977920 : Ensure scc compatibility with BoundServiceAccountTokenVolume #841
UPSTREAM: 103050: Bug 1975325: Fix NodeAuthenticator tests in dual stack #823
Updating openshift-enterprise-hyperkube images to be consistent with ART #814
Bug 1976379 : UPSTREAM: <carry>: Reject the pod creation when we can not decide the cluster type #832
Updating openshift-enterprise-pod images to be consistent with ART #812
UPSTREAM: <carry>: update rebase doc #824
Bug 1975283 : update Multi-AZ Cluster Volumes test name #825
UPSTREAM: <carry>: update rebase doc #818
UPSTREAM: <carry>: crd: add ClusterOperator condition message table column #810
Bug 1971745 : only chown if non-windows machine with projected volumes #804
Full changelog
OCPBUGS-44319 : Fix oauth-proxy e2e-component tests #289
OCPBUGS-24791 : Updating golang-github-openshift-oauth-proxy-container image to be consistent with ART #270
OCPBUGS-21718 : go.mod: bump golang.org/x/net to v0.17.0 #266
OCPBUGS-18858 : Updating golang-github-openshift-oauth-proxy images to be consistent with ART #265
OCPBUGS-16459 : bump kube and lib-go to get rid of goproxy dep #260
fix route apiVersion #257
Updating golang-github-openshift-oauth-proxy images to be consistent with ART #251
APPSRE-7970 : Add support for configuring upstream timeout #258
OCPBUGS-14033 : Handle TERM signal gracefully #255
AUTH-373 : add audit-ID headers to TokenReview and SAR requests #252
Update logo #245
fix json examples for –openshift-delegate-urls #203
Use resourceName in Openshift SAR rule #243
Updating golang-github-openshift-oauth-proxy images to be consistent with ART #241
Bug 2026860 : ocp provider: don’t fail client creation if oauth-server cert is not present #238
Golang bump 1.17 #235
Bug 1966298 : Update golang.org/x/net #223
Bug 1986810 : trust the oauth-server when constructing a client to OpenShift #220
Bug 1980235 : deprecate version #218
Updating golang-github-openshift-oauth-proxy images to be consistent with ART #216
Updating .ci-operator.yaml build_root_image
from openshift/release #215
Full changelog
Merge https://github.com/kubernetes-sigs/cluster-api-provider-openstack:release-0.11 into main #339
OCPBUGS-45387 : Updating openstack-cluster-api-controllers-container image to be consistent with ART for 4.19 #345
Merge https://github.com/kubernetes-sigs/cluster-api-provider-openstack:release-0.11 into main #336
NO-JIRA: manual git merge on upstream 0.11 #335
CARRY: add comment to .snyk about Glance #334
snyk: ignore md5 & SHA1 warnings for ORC images #333
Merge https://github.com/kubernetes-sigs/cluster-api-provider-openstack:release-0.11 into main #332
OCPBUGS-43892 : manual rebase on upstream release-0.11 #331
Merge https://github.com/kubernetes-sigs/cluster-api-provider-openstack:release-0.10 into main #324
Updating openstack-cluster-api-controllers-container image to be consistent with ART for 4.18 #322
OCPBUGS-34072 : Updating openstack-cluster-api-controllers-container image to be consistent with ART for 4.17 #317
Merge https://github.com/kubernetes-sigs/cluster-api-provider-openstack:release-0.10 into main #316
Remove dulek from shiftstack-team #313
NO-JIRA: Bump to latest CAPO v0.10 #314
NO-JIRA: Bump to latest CAPO v0.10 #312
OCPBUGS-33170 : openshift: Set FallbackToLogsOnError on infra-cluster controller #311
OSASINFRA-3437 : Rebase on CAPO v0.10 #305
OCPBUGS-31277 : Updating openstack-cluster-api-controllers-container image to be consistent with ART for 4.16 #301
🐛 Persist API FloatingIP immediately on creation #1831
:bug: Fix patching OpenstackMachine’s immutable spec during reconcile #1819
✨ Add flags for configuring rate limits #1817
:bug: Fix potential panic during instance create #1806
🐛 Revert “Move FloatingIP to Bastion spec” #1783
🌱 Import CAPI v1.6.0 #1780
🌱 Bump version artifacts for release-0.9 #1775
🐛 Verify success of parsing OpenStack cloud cacert #1770
📖 Fix network-related docs for API v1alpha7 #1764
🌱 Remove Containerfile and Dockerfile experimental #1760
🌱 Fix log message typo #1758
🐛 Update e2e testing image of CAPI version from 1.5.0 to 1.5.1 #1754
🐛Fix missing endpoint type in OpenStack endpoint clients configuration #1744
✨remove flavor check to relief restrictions to CPU #1745
⚠️ Move FloatingIP to Bastion spec #1739
⚠️ Bump Go to 1.20.10 #1740
✨ Add ephemeral storage support to the AdditionalBlockDevices #1696
✨ Use kustomize new syntax for patches #1735
✨ Add cache on provider scope #1688
🌱 deps: Bump dependencies #1733
🌱 Enable k8s upgrade in self hosted test #1732
🌱 Use k8s v1.28 in tests #1723
🐛 Don’t remove BYO api server loadbalancer floating IP #1728
🌱 Replace kustomize vars with replacements #1726
🌱 e2e: dump cinder volumes #1722
🌱 Ignore go workspaces #1724
🌱 E2e: Use pre-build node images #1699
✨ Add option to customize private network MTU #1701
:seedling: ci: bump Flatcar tested version #1713
🌱 ci: Several CI fixes #1718
✨ Add server name for the Machine InternalDNS #1715
🌱 Bump devstack image to ubuntu 22.04 #1716
🌱 Add explicit dependency on github.com/golang/mock/mockgen/model #1712
🌱 Allow custom KUBEBUILDER_ASSETS_DIR in tests #1710
🌱 Ignore vendor directories in boilerplate check #1709
🌱 Build setup-envtest in hack/tools #1707
🌱 Bump ginkgo #1705
:sparkles: Additional data volumes for machines #1668
🌱 gitignore: ignore vendor/ directory #1690
🌱 Move webhook CA injection into webhook resource #1686
Update Gophercloud to 1.7.0 #1682
🐛 Only delete all ports when deleting cluster network #1680
:book: Clarify release notes content for releases and pre-releases #1678
🌱 Remove defaulter-gen #1677
:book: doc/development: add devstack notes #1569
🌱 Add test for getOrCreate #1673
Set failure only on instance error when no nodeRef #1637
🌱Fix various issues with CRD generation #1669
✨Allow changing allowAllInClusterTraffic in a deployed cluster #1663
avoid duplicate error event #1655
🌱Bump CAPI to v1.5.1 #1666
🌱Structured logging migration of instance.go, service.go, floatingip.go, and securitygroups.go #1631
Fix v1alpha6 -> v1alpha7 idempotence #1626
🐛 Don’t fail when deleting non-existing port #1660
🐛 Fix panic on delete before cluster is initialised #1657
🐛Fix failing clusterctl upgrade test (second attempt) #1661
🐛Fix failing clusterctl upgrade test #1659
🌱 Bump golangci-lint to 1.54.2 #1652
🐛 fix port cleanup when using CAPO-created cluster network #1651
:bug: Fix Port Leaks #1648
🌱 Update verbosity levels in instance.go #1635
📖 Fix APIVersion to use existing router with OpenStackCluster #1638
🌱 Migrate pkg/cloud/services/networking/network.go and router.go to structured logging #1624
🐛 Fix application credential support in env.rc #1646
🌱Remove APIServerLoadBalancer.Provider Up Conversion #1642
🌱Migrate controllers/openstackcluster_controller.go to structured logging #1630
:seedling: Migrating /pkg/cloud/services/loadbalancer/loadbalancer.go and /controllers/openstackmachine_controller.go to structured logging #1621
✨ Add --version
flag #1641
✨ Add support to IPv6 in Machine’s status #1633
🌱 chore: use capo cluster agent for API requests #1614
✨ Update to CAPI 1.5 #1600
🌱 Simplify types of Instance.SecurityGroup and Instance.Networks #1625
remove subnet from the output in kubectl get
#1609
:sparkles: Allow Use of Public CAs #1610
:seedling: ci: bump flatcar to latest stable #1607
📖 Add link to book in README #1602
🌱 Add metadata for release 0.8 #1601
⚠️ Update NetworkStatus ready for dual stack #1577
🌱 E2e: Unify machine log collection #1595
🌱 E2e: Bump the tested Kubernetes versions #1594
🌱 E2e: Implement LogCollector interface #1581
✨ Allowing update of OpenstackCluster API server fixed IP #1590
:sparkles: Add additional sec group rule for additionalPorts of LB #1592
do not set failure reason/message when LB not created #1591
🌱 Replace github.com/pkg/errors #1585
🌱 dependencies: Bump Go stdlib #1584
🐛 Fix deadlock #1579
🌱 Bump Kubernetes version used in e2e tests #1571
⚠️ Remove ProjectID from PortOpts #1575
🐛 Always filter cluster subnets by cluster network ID #1572
🌱 E2e: Bump clusterctl upgrade to start from v0.7.2 #1568
:warning: Transform Profile
into an interface #1560
🌱 Set provider ID through kubelet in ubuntu templates #1551
⚠️Remove last uses of TenantID and pagination filters #1563
:seedling: Deprecate v1alpha5 #1561
:seedling: bump docker distribution to 2.8.2+incompatible #1562
⚠️ Replace SubnetParam with SubnetFilter #1559
⚠️ Replace SecurityGroupParam with SecurityGroupFilter #1557
🌱Remove unused fields from ExternalNetwork #1555
🌱Remove PortOpts from Network #1550
🌱 Reduce the Bastion status to only fields which are used #1546
⚠️ Remove PortOpts.SecurityGroups #1516
Use dl.k8s.io instead of kubernetes-release bucket #1542
Fix OWNERS_ALIASES syntax error #1543
Update external approvers #1536
⚠️ Remove Networks #1518
Add lentzi90 to cluster-api-openstack-maintainers #1537
⚠️ Remove v1alpha3 and v1alpha4 #1527
Update linter to v1.52.2 #1534
🌱 Remove creation of 2 Events for the same event #1531
🐛 Patch: Backport Provider to v1alpha6 #1530
🐛 Improve env.rc
and create_cloud_conf.sh
templates #1381
✨ Support propagate uplink status #1481
✨Infer port network from subnet #1519
:seedling: ci: bump flatcar to latest major stable #1524
🌱 bump docker to 20.10.24+incompatible #1525
:warning: flatcar: make external-cloud-provider-flatcar the default one #1522
:seedling: pull cluster-api@v1.4.1 #1521
⚠️ Deprecate In-tree Cloud Provider #1514
🌱 Bump gophercloud to v1.3.0 #1520
:sparkles: Add RouterName for use existing router #1370
Restore APIServerLoadBalancer.Provider on up-conversion #1517
📖 Document removal of OpenStackMachineSpec.Subnet #1515
🌱 Un-pointer PortOpts.SecurityGroups #1511
✨Add Octavia OVN Provider Support #1501
Add dulek to reviewers #1512
⚠️Remove OpenStackMachineSpec.Subnet #1504
🌱 Add fuzzy conversion tests for v1alpha6 #1509
:book: docs/configuration: add Flatcar to OS section #1503
:bug: e2e: refresh packages list before install containerd #1507
:sparkles: templates: add flatcar template #1444
📖 Add documentation for creating local test environments #1500
🐛 fix: allow using multiattach volume types #1498
⚠️ Add v1alpha7 #1497
✨ Support value specs for Ports #1452
fix: fix typo of worker rules and controller rules #1492
🐛 Switch to “4” instead of “ipip” for rules #1489
:bug: Fix Provisioning to Unavailable AZs #1479
🐛 uplift golang and x/net #1482
Fix “internal ip doesn’t exist (yet)” in e2e logs #1474
Remove the resource and machine tickers from e2e tests #1471
Fix boilerplate linter #1473
Download golangci-lint instead of building it #1470
🌱 Bump gophercloud to v1.2.0 #1463
📖 Add documentation about –ca-cert flag #1467
🐛 Return from reconciler after adding finalizer #1464
✨ Add Tags to API-Loadbalancer resources #1457
🐛 Fix Tilt by adding CAPO label in tilt-provider.json #1430
Add e2e remediation tests #1380
🌱 Add e2e self hosted test #1428
Envtest mocks #1236
🌱 Bump ginkgo to v2.7.0 and sync with hack/tools #1460
check flavor and reject CPUs less than 2 #1451
✨ add explicit securitycontext to controller #1461
📖 fix path for taggin and serverMetadata in OpenstackMachineTemplates #1454
✨ Add ca-cert flag to supply a default ca certificate for each requests #1440
🌱 Use newer containerd in e2e tests #1456
🌱 E2e: Use plain ubuntu cloud image #1441
🐛 fix nil-pointer in initial reconciliation loop with empty status field #1445
🌱Add log to provide more info in case error happen #1443
🌱Be more robust when checking gophercloud errors in IsNotFound #1432
🐛 uplift x/net to 0.4.0 #1427
🌱Bump CAPI to v1.3.1 #1424
✨Add lentzi90 to reviewers #1421
:book: Fix spelling errors on docs #1418
🌱 e2e: Change logging to avoid use of By #1417
🌱 Remove It block from clusterctl upgrade #1412
✨ Bump CAPI to v1.3.0 #1406
🌱Release 0.7 patches #1405
🐛 Update Ubuntu, CirrOS & Amphora image #1408
🌱 Add e2e clusterctl upgrade tests #1371
🌱 Bump Gophercloud to v1.1.0 #1402
🌱 scripts: replace apt with apt-get #1401
🌱 Tag current e2e tests as PR-Blocking #1390
🐛 Allow UDP traffic over nodeports #1396
🌱Ensure we capture early devstack logs #1399
🐛 Don’t enable router-ovn service in CI deployments #1400
🐛 Decrease initial backoff for Floating IP operations #1386
🐛 Fix Octavia versions endpoint #1385
🐛 openstackmachine: do not set transient error message and reason #1301
🐛 fix: improve load balancer health checks #1375
🌱 Synchronize versions between Makefile, Containerfile, e2e and go.mod #1369
:book: Add more infomation to run e2e test in locally #1362
Fix accesIPv4 checking #1366
switch version from float to int #1281
🌱 CI: Clean openstack volumes #1364
🌱 Bump CAPI to v1.2.4 #1361
✨ Enable additional linters and metalinter checks. Fix findings #1359
🌱 Remove unnecessary mock import aliases #1357
🐛 Don’t require cinder when not using volumes #1353
🌱 Add the cluster templates back #1354
🌱 Update golangci-lint (v1.46.2 -> v1.50.0), remove deprecated linters #1342
🐛 Don’t require an InstanceSpec for DeleteInstance #1350
ci: Pin to the yoga version of openstackclient #1352
✨ Allow for omitting AZ from control plane nodes #1318
🌱 Group Makefile targets #1343
doc: update calico location #1338
update doc to make it more clear #1335
🐛 fix nilpointer during clusterctl move #1340
update k8s to 1.25 #1330
🌱 remove apricote from reviewers #1333
📖 update README to include Yoga #1331
update devstack release #1329
🌱 add merge strategy markers #1325
🌱 gce-project.sh: loop over all GCP zones during instance creation #1324
:bug: Add security groups to ports only #1319
📖 Update PlantUML version (1.2020.16 -> 1.2022.6) #1321
✨ Conditions for OpenStackMachines #1288
🐛 Fix go1.19 linting errors #1313
🌱 Ensure that python and pip is installed for e2e and conformance tests #1309
not assign floating ip when there are multiple controller nodes #1276
🐛 Update calico manifest for e2e testing #1307
✨ Add re-creation of bastion host on change #1303
e2e test: add more dump output #1304
🐛 Fix conformance tests #1305
refactory sec group code (for additional CNI support) #1299
🌱 Bump CAPI to v1.2.0 #1302
🌱 Set ginkgo.timeout in our kubetest config #1297
🌱 bump to capi v1.2.0-rc.0 #1295
🌱 only reconcile loadbalancer member if machine is control-plane #1294
✨ Enable JSON Logging #1296
replace “4” with “ipip” #1290
✨ Bump to CAPI v1.2.0-beta.1 #1283
🐛 Fix logger arguments #1284
Fix generation of e2e-templates when running conformance tests #1287
📖 add v1alpha6 breaking changes book page #1285
🌱 Generate cluster templates with kustomize #1271
🐛 delete port left over by err openstackmachine #1260
Add Age column for osc/osm #1279
✨ Add v1alpha6 API types #1272
use 1.24 as test env #1277
update doc to reflect latest version, add helm link #1275
nit:make event to log for already associated FIP #1268
📖 Instance create timeout is in minutes #1267
🐛 Make failure domain optional for OpenStackMachine #1263
✨ Feature: restrict API Server LB access via IPs #1247
:sparkles: bump golangci-lint version to v1.46.2 #1258
cleanup: remove used file #1243
Passing security groups by specifying more options in addition to UUIDs on ports #1246
🐛 implement conversion for OpenStackClusterTemplate CRD #1249
refactory test code (reuse existing function) #1194
🏃 Add tests for cluster controller #1199
🐛 remove webhooks for old APIversion v1alpha4 #1240
🌱 Fix ginkgo warnings #1239
🌱 Remove macaptain from cluster-api-openstack-reviewers #1237
move chrischdi to emeritus_approvers #1233
:bug: Fix nil pointer reference during bastion deletion #1231
:seedling: Update RELEASE.md process for release branches #1228
🏃 update PR icon template to match CAPI #1229
📖 allow up to 20 tabs in book #1224
🌱 Add release 0.6.x to metadata.yaml #1226
🐛Don’t set ImageRef on server when booting from volume #1225
🐛Fix conversion of boot from volume images #1223
🐛 always wait for active Loadbalancer after getOrCreate #1200
📖 Document CRD changes from v1alpha4 to v1alpha5 #1216
🐛 controllers/openstackcluster_controller.go fix nil pointer and dump openstack ports #1217
Improve log message #1202
🐛 bump CAPI to v1.1.3 #1209
🏃Remove prankul88 as a reviewer #1213
🏃 Add apricote as a reviewer #1212
📖 replace dead link for cloud.conf details #1211
⚠️ rename v1beta1 to v1alpha5 #1198
address CVE-2022-27191 #1204
✨ Support Application Credential auth #1189
✨Refactor CreateInstance and CreateBastion #1191
⚠️ move loadbalancer opts to struct #1187
🏃 Explain mutability of bastion configuration in CRD #1190
🏃 Enable controller tests #1183
🐛 Install sshuttle using pip instead of from source #1185
🏃 Add Scopes to pass data to services #1178
🐛 Address CVE-2022-21698 #1182
🐛 upgrade golangci-lint for go 1.18 support #1184
✨Export GetFloatingIP #1179
Add unit test for trunk #1172
📖update doc to talk about microversion #1161
🐛 Fix event target of floating ip operations #1177
Fix flaky UT on gate #1175
Remove internal
AZ special handling #1168
🐛 Clean up removed AvailabilityZones from OpenStackCluster.status.failureDomains
#1165
📖 add info about office hours to README and Book #1167
move CI to xena #1158
🐛 api/v1beta1/openstackmachine_types.go: change errorReason/errorMessage to failureReason/failureMessage #1150
✨Remove FIXME (adjust the comment and code both) #1157
🐛 containerfile: Bump Go version #1156
🏃 devstack: Allow empty private SSH key #1144
Make hidekazuna emeritus #1152
Avoid set failMessage when bastion creation failed #1138
🏃 OWNERS: satisfy the maintainers tool #1123
manager.yaml: enable metrics endpoint #1141
📖 Document external repositories referencing CAPO owners #1142
bump CAPI to v1.1.0 #1137
Add test for trunk feature #1128
🐛Bump CAPI to v1.0.4 #1136
✨ Ensure trunk deletion #1125
✨Service interface load balancer #1119
🐛 Prevent creation of floating IPs when reconcile load balancer in non ACTIVE state #1115
Remove duplicate tags before making API calls #1112
iamemilio resigns as a reviewer #1113
Document running CI devstack on CentOS #1108
✨Cinder AZ and volume type support #1030
✨ improve log entry for ReplaceAllAttributesTags #1110
🐛 Avoid replacing tags when no tags are provided. #1107
Delete trunk on failure #1095
Allow image uuid to be used in instanceSpec #1101
📖nit: update doc to include spec #1102
🐛update log to make it clear (LB member instead of LB) #1104
🐛 loadbalancer service: fix metric name for member list #1097
🏃 Migrate CI to Wallaby #1091
Fail fast without create port at all #1094
🐛 fix loadbalancer service to reconcile all ports instead of returning at the first #1089
Update .golangci.yml #1090
:book: Update documentation according to clusterctl sub command changes #1088
🌱 Standardize api import aliases #1082
Update OWNERS file #1084
🏃Fix generated clouds.yaml for local e2e tests #1069
🏃Add new maintainers and reviewers #1083
:sparkles: Port rework #1059
🏃 Fix SECURITY_CONTACTS #1080
✨ Allow webhook changes to OpenStackCluster.Spec.Bastion #1070
images: use k8s-staging-test-infra/gcb-docker-gcloud #1068
🐛Cleanup ports #1063
:sparkles: Add tags on security groups created by capo #1053
🐛Fix conversion of IdentityRef converting between v1alpha4 and v1beta1 #1066
📖 Update configuration document #1056
✨Add unit tests for compute service #1061
🐛update logic to support more instance state #909
🏃 Delete unused annotation #1057
🐛Fixes for running E2E tests locally against devstack on OpenStack #1048
🏃 Fix conversion-gen in Makefile #1052
📖 Update version support #1055
🏃 Move sbueringer to emeritus maintainers #1058
✨ Bump golangci-lint to 1.43.0 #1042
📖 Update RELEASE document #1051
📖 Fix yaml example #1050
✨ Add v1beta1 API types #1047
🐛Pull Calico from quay.io instead of docker.io #1049
✨ Update CAPI to v1beta1 #1041
✨ Remove ensure kind binary script from repository #1036
🐛 Fix image push in Makefile for image-push jobs #1039
✨E2E error logging improvements #1032
Check trunk support before enabling trunk at port level #1014
✨ Change default branch to “main” #1031
✨ Add tags to portOpts #1027
✨Devstack on openstack and multi-AZ support #1026
🏃 Add unit tests for getOrCreatePort func #1020
Port Tagging Regression #1016
🐛 Fix typo in delete server log #1025
📖 Fix typo in OPENSTACK_CLOUD_CACERT_B64 example #1018
✨ controllers: replace context.TODO with real context objects #1019
🏃update e2e container to latest cluster-api #1010
✨Return all NodeAddresses in OpenStackMachine.Status.Addresses #1004
🏃 Bump calico from v3.18.1 to v3.20.1 #1015
🐛 Don’t make unnecessary REST API calls in getServerNetworks #994
✨Allow update for some param only first time update #1012
✨Add webhook of openstackcluster, no update allowed for now #1006
🏃 Standardize metrics in networking package #1003
:sparkles: Allow clusters without a floating IP for the API server #973
:sparkles: Implement allowAllInClusterTraffic flag #998
🏃 Move deletePorts back to compute package #1002
✨Add InstanceStatus.AvailabilityZone() #992
📖 Add book link to README #996
🏃 Refactor all network client calls into networking package #950
:bug: Add alpha3 Resources to Scheme #985
⚠️ Don’t overwrite openstackcluster.status.network on reconciliation #989
✨Document running E2E tests locally #982
:bug: Fix Conversion from alpha3 to alpha4 #986
✨Enhancements for running E2E tests locally #981
only use loadbalaner reference if needed #978
✨ Allow Trunk configuration at a Port level #934
fix gate lint issue #980
Update flavor usage of e2e test #977
Add gc for error instance’s port #975
:sparkles: Refactor: Don’t use infrav1.Instance internally #971
✨ Cleanup and refactor InstanceExists and DeleteInstance #960
getOrCreatePort: add support to configure port Profile #964
update from v1alpha3 to v1alpha4 in Makefile #970
🏃Return error if instance go error #967
🐛 bump controller-runtime to 0.9.6 to fix webhook tls errors #969
📖Add port security doc #958
📖 Add netlify.toml to publish our book #963
🐛 ignore Conflict status in order to make instance able to detach interface #962
📖Fix broken link #957
🐛 Fix failure to create server with specified tags #924
✨ Apply Port Security to Ports #921
✨ Add webhook readiness and health checks #955
🐛 openstackcluster reconciliation: reset .Status.failureMessage and .Status.FailureReason on success #953
✨ Do not update fip if its already mapped correct #947
✨ Add mock client and 2 tests for networking package #935
📖 improve release documentation #946
✨ Fix Webhook names for OpenStackMachineTemplate and OpenStackCluster #945
✨ Add OpenStackClusterTemplates Type #933
📖 Adjust README.md to fit v0.4.0 and bump k8s to v1.21.3 #944
✨ Add conversion for SecretReference to string #937
🐛 Wait for ports creation in ports e2e test #938
Use the kubernetesversions package of the cluster-api repo again #905
🐛 Remove the ttl flag from sshuttle invocation #941
Revert “reassociate Floating IP if first associate fails” #939
Add failure fields in OpestackCluster status section #893
✨ Add GET gophercloud metrics #932
reassociate Floating IP if first associate fails #930
✨ add description and tag to floating ips #925
🏃 sync linter settings with cluster-api repo and fix findings #923
Rename master to main #928
🏃 use amphora image from GCS in e2e tests #922
✨Update CAPI to v0.4.0 #919
📖 Upgrading a cluster without LBaaS is not supported #915
🐛 Don’t log nil error when AuthInfo is not set #916
🏃 Add test for custom port options feature #908
🐛 fixup release targets and update doc accordingly #903
🐛 Fix doc about external cloud provider #904
Add resource shortNames #894
🐛 fix release staging target #902
✨ Upgrade CAPI to v0.4.0-beta.0 #901
📖 Document custom ports feature #900
:sparkles: add predicates.ResourceIsNotExternallyManaged to cluster controller #897
✨ Add feature to create ports with custom options #876
Fix error logging for OpenStack instance creation #891
🐛 Fix event of associate/disassociate floating IP #880
Add some events related to load balancer #869
honor server group ID parm #881
Add metrics of gophercloud (POST,UPDATE and DELETE) actions #863
🏃 Validate OpenStackMachineTemplate spec.template.spec immutability #872
🏃 Refactor: use Service struct field more #871
Add seanschneeweiss as reviewer #874
Add chrischdi as reviewer #873
🏃 Add some events and refactor related to instance #862
Add more logs for LB creation #867
📖 Add doc related to log level #866
Upgrade to latest CAPI version (2021-05-07) #861
✨ api/v1alpha4 remove obsolete UserDataSecret field #865
✨ Add gophercloud request logs, fix contexts #860
✨ adjust loadbalancer wait.Backoff #853
🐛 Fix polling deleting instance #852
set image param as optional for boot from volume #851
Delete watching Status when deleting #846
bump tests to Kubernetes 1.20.6 #849
Wait for instance delete #845
Cleanup docs changes #838
📖 add documentation about postsubmit and nightly images/manifests #836
📖Add book build process #822
🐛 do not propagate the cloud field to clientconfig.AuthOptions #829
🐛 fix conversion-gen #827
🏃 Refactor/cleanup load balancer related code #835
🏃 Optimize devstack setup on GCP, add a script to setup a devstack on AWS #800
🏃 upgrade to latest CAPI version and upgrade/cleanup some other deps #833
🏃 Refactor: event consistency #828
🐛 fix path of uploaded artifacts #830
🏃 publish nightly artifacts #819
🏃 Reorder function variables #820
🏃 Refactor: Make getLoadBalancerName function #823
📖 Remove note about CI #821
📖 Update supported version of k8s in Readme #818
🏃 Test openstack key in our e2e tests #815
🏃 Remove neutron lbaas support #813
🐛 Delete bastion if basion.enabled=false #817
🏃 Improve ci script patching #812
🏃 Add e2e tests for all flavors #798
fix post-cluster-api-provider-openstack-push-images and add post-submit manifests #811
🐛 Fix configuration.md about bastion #810
🐛 fix post-cluster-api-provider-openstack-push-images #809
🏃 Update golangci-lint and fix most of the linter issues #797
📖 Update links for filing new issue #807
🏃 Remove unused release note section in the PR template #806
🐛 fix conversion gen #805
🏃 Implement conformance test via e2e test framework #782
🏃 Bump ginkgo version #803
🐛 InstanceExists should not do substring search on name #799
🐛 Make conversion-gen output location explicit #802
🏃 update yq commands to support yq V4 #792
🏃 Remove useOctavia from nonha template #795
🏃 Remove disablePortSecurity: false from template #793
🏃 goimports: fix import order, add local-prefix to linter #791
Update development guide #789
🏃 Add todos to PR template #786
✨ pkg/cloud/services/networking/securitygroups.go reimplement reconcilation #773
✨ Update klog dependency to v2 #779
🏃 migrate conformance test to Prow #759
📖 Update configuration doc #781
Initial impl v1alpha4 #748
Add support for failureDomain (AZ) for bastion #757
🐛Remove start.sh and restart.sh #761
Fix gate issue (test failure) #767
🏃 Update OWNERS files #766
Fix a doc typo #762
🏃 Update pull request template to use /hold per default #758
:sparkles: AccessSubnetUUID: we can specify source subnet for access IP address #756
🐛 use APIServerFloatingIP instead of ControlPlaneEndpoint.Host for LB #755
Refactory network functions (router.go==>network.go) #751
📖 improve RELEASE.md #747
Fix clusterctl config command #744
Update sync logic #736
Fix LoadBalancerMember creation #737
🐛 fix rbac aggregation manager role #743
🐛 Pass GOPROXY environment variable to Docker image build #740
🐛 Add NAMESPACE variable in cluster templates. #739
🏃 Revert Merge pull request #725 #733
🏃Remove unnecessary field in manager.yaml #729
Specify –metrics-bind-addr for CAPO manager #725
update openstack provider format from // to /// #727
🏃 Bump CAPI to v0.3.12 #724
🐛Ignore not found error when remove router interface #720
📖 Add instructions to use cluster template with load-balancer #703
Fix ca-file path in env.rc #716
move from 0.3.1 to 0.3.3 in the CI test #686
:bug: Fix domain_name and domain_id usage in env.rc #714
🏃 Refactor loadbalancer package #710
🏃Refactor create, delete instance #711
🏃 Move ncdc to emeritus status #708
:bug: Add SecurityGroup to Loadbalancerport when not using octavia #700
🐛 Fix SecurityGroupInUse error #705
Fix nil pointer error for Network #693
🏃 Add OpenStack version to bug report template #696
📖 fix getting log #697
🐛 Delete spec.disableServerTags of OpenStackCluster #692
✨ Align flag names with upstream Kubernetes components #690
update Make method to avoid mismatch #688
move to capi 0.3.11 #683
Add cluster-template-external-cloud-provider.yaml into release doc #682
Add openstack ussuri into support list #586
Switch CI from U to V release #680
Move log to creating place #673
set openstack cluster status for Bastion #671
📖 Update how to retrieve kubeconfig #677
✨ Add support for Tilt #666
nit: remove duplicate blanks #672
🐛 Fix to delete only automatically created floating IPs #669
fix location for env.rc file #665
Add doc update for boot from volume case #664
Add root volume support (put root volume into instance create param) #662
🐛 Update reference to the latest version of CAPO v0.3.1 #656
Remove USE_PYTHON3 #660
✨ Delete automatically created floating IP when deleting cluster #653
🏃 Cleanup unused variables #657
🏃 Delete spec.kubeadmConfigSpec.ntp.servers in cluster-template-without-lb.yaml #659
🏃 Bump Go to v1.13.15 in conformance pr job #658
🐛 Fix event message about port ID with associate Floating IP #655
Remove unnecessary colon #654
✨ My594 revised #590 #594 wrong parameter for a user provider network #610
📖 Update calico version in documentation #652
Add openStackMachine.Status.Addresses value #648
🏃 Bump CAPI to v0.3.10 #650
✨ Add events deleting resources #645
Add doc for how to move a cluster #630
📖 Update external cloud provider URL #646
Update configuration document #644
🏃 Bump Go to 1.13.15 #640
Add force move of secret cloud config #636
update cluster-api to 0.3.9 #639
Refactor creating/deleting instance #641
Add version into log #638
default concurrent reconcile from 1 to 10 #637
✨ Add bastion host to login the nodes and update non HA template #619
CI: Wget kubernetes binary be quiet #632
📖 Fix Link for external openstack template #629
Add tags to status #617
cleanup keys params #625
nit: update name of get
output for openstackmachine #624
🏃 Add CAPO version to github issue template #623
🐛 Fix get openstackcluster to show ENDPOINT value #620
Rename to capoerrors #618
Remove Tag creation for ports and add description for it #596
Add application cred usage #599
switch to no-admin for CI test #606
🐛 Fix e2e test Kubernetes official binaries version #616
🏃 Update template for the external cloud provider #611
update openstack CI test version from T => U #605
✨ Use OpenStack key pair instead of KubeadmConfig spec #607
🏃 e2e test uses official Kubernetes version #613
🏃 Bump Cluster-API to v0.3.8 #615
Update e2e test and document of non lb case #608
✨Add external network discovery #573
nit: replace return with exit #602
📖 Add reference to the external cloud provider doc #600
🐛Update mtu size in Makefile #598
🏃 Add hidekazuna to reviewer #597
✨ Use external cloud provider #595
Add more logs for debug purpose #593
nit: Add default egress rule description #585
Add event for seucrity group #592
report error if security group not exist #583
Add doc tip for floating ip #575
📖 Update Required Configuration #576
🐛 Fix README.md #579
ignore router get return 404 error #571
Add generated security groups automatically #563
🐛 Invoke KUSTOMIZE in release-manifests #569
🐛 Show openstackcluster ENDPOINT #570
update doc about ssh security group #564
Remove APIServerLoadBalancerAdditionalPorts #561
🐛 Fix auto generate security groups #555
Make DisablePortSecurity compatible with platforms not using the port… #560
🏃 Update support for CAPI v0.3.5 #552
🐛 enable managedAPIServerLoadBalancer w/ existing network #548
🐛 Set up OPENSTACK_CLOUD environment variable in env.rc #550
reviewers: remove flaper87 #549
📖 Update Configuration doc #545
Add additional info when error occur #541
🐛 e2e test: switch to -bazel folder because bin folder has been removed #540
🐛 remove docker-build from build test #542
Add availability zone to be used by controller plane #537
🏃 Pr add prow test scripts #539
🐛 Fix updating to Cluster API v0.3.3 #538
🐛 Fix cluster-template.yaml #534
Add 1.18 support into list #536
🏃 Add Stein to v1alpha3 tested version #535
🏃 Add Zuul jobs for e2e conformance tests #491
🐛 use sec groups from the current project, wait for lb from last reconcile #523
🏃 Update to cluster-api v0.3.3, controller-tools v0.2.8 and controller-runtime v0.5.2 #532
✨ Delete router/network/subnet #522
✨ Add ServerGroupID to OpenStackMachineSpec #531
Fix cacert issue #527
avoid basename usage to avoid source action failure #529
Revert “Add kuryr support” #221
Full changelog
SDN-5498 : make dnf get through repo troubles faster #2367
OCPBUGS-44381 : ds merge 11-11-2024 #2345
SDN-4930 : Bump OVN to ovn24.09-24.09.0-33.el9fdp #2319
OKD-227 : bump ovn version to 24.09.0-41 for OKD #2327
OCPBUGS-41499 , SDN-4930 : Downstream Merge [10-31-2024] #2334
OCPBUGS-38753 , OCPBUGS-42616 , SDN-4930 , SDN-5031 : [DownstreamMerge] 10-8-24 #2314
OCPBUGS-39009 , SDN-4930 : Downstream Merge Sept 18th #2302
SDN-4930 : Bump OVN to ovn24.09-24.09.0-beta.31.el9fdp #2297
OCPBUGS-39157 , SDN-4930 : Downstream Merge Sept 4th #2286
OCPBUGS-38949 , SDN-4930 : Downstream Merge 28th August #2276
OCPBUGS-38270 : Dockerfile: Bump OVS to 3.4.0-1 #2273
SDN-4930 : Downstream Merge August 26th #2272
SDN-4930 : Downstream Merge 20th august #2268
OCPBUGS-37056 , OCPBUGS-37439 , OCPBUGS-37439 : Downstream Merge 14th August 2024 #2259
OCPBUGS-37541 : Fix per-pod MCS/metadata blocking #2240
OCPBUGS-36614 , OCPBUGS-36865 , SDN-4919 : [DownstreamMerge] 29 July 2024 #2241
OCPBUGS-37709 : Revert #2233 DownStream Merge: 24th July 2024 #2243
OCPBUGS-36865 , SDN-4919 : DownStream Merge: 24th July 2024 #2233
SDN-4919 : Downstream Merge July 10th #2223
OCPBUGS-33758 , OCPBUGS-33758 , OCPBUGS-35347 , OCPBUGS-35367 , SDN-4919 , SDN-5011 : Downstream Merge: July 2nd #2217
OCPBUGS-34463 : Updating ovn-kubernetes-microshift-container image to be consistent with ART for 4.17 #2186
OCPBUGS-34778 : bump OVN to fix multicast bug #2210
OCPBUGS-34462 : Updating ose-ovn-kubernetes-container image to be consistent with ART for 4.17 #2191
OCPBUGS-33005 : Downstream Merge June 17th #2206
SDN-4157 : Downstream Merge June 7th 2024 #2201
OCPBUGS-34109 : Updating ose-ovn-kubernetes-base-container image to be consistent with ART for 4.17 #2176
OCPBUGS-34331 : [DownstreamMerge] 23 May 2024 #2180
OKD-40 : Add ovnver_okd and ovsver_okd to Dockerfile.base #2161
SDN-4157 , SDN-4436 : Downstream Merge 16th May 2024 #2171
OCPBUGS-30224 , OCPBUGS-33328 , SDN-4388 : [DownstreamMerge] 10 may 2024 #2162
OCPBUGS-33080 : Downstream Merge May 2nd 2024 #2152
OCPBUGS-32925 , OCPBUGS-32985 : Dockerfile: Bump OVS to 3.3.0-2 #2142
OCPBUGS-32985 , SDN-4436 : Dockerfile.base: Bump OVN to ovn24.03-24.03.1-36.el9fdp #2126
OCPBUGS-31419 , OCPBUGS-32461 , SDN-4243 : Downstream Merge 22nd April 2024 #2136
SDN-4458 : Do per-pod MCS/metadata blocking with nftables rather than iptables #1946
SDN-4606 , SDN-4688 : Downstream Merge April 18th 2024 #2132
OCPBUGS-31419 : [DownstreamMerge] 4-16-24 #2129
SDN-4403 : Downstream merge 20240415 #2124
OCPBUGS-25889 , OCPBUGS-29952 , SDN-3931 : Downstream merge 12 04 24 #2120
OCPBUGS-27093 , OCPBUGS-29511 , SDN-4157 : [DownstreamMerge] 4 April 2024 #2110
SDN-4157 : DownstreamMerge 25th march 2024 #2100
OCPBUGS-31557 : Revert “Remove unnecessary rhel8 build layer” #2104
OCPBUGS-24007 : Remove unnecessary rhel8 build layer #2083
OCPBUGS-27821 : [DownstreamMerge] 3-8-24 #2093
OCPBUGS-29350 , OCPBUGS-29389 , SDN-4542 : Downstream Merge 29th Feb 2024 #2089
OCPBUGS-17207 , OCPBUGS-28742 : Downstream Merge 22nd Feb 2024 #2081
OCPBUGS-12876 , OCPBUGS-13665 , OCPBUGS-23519 , OCPBUGS-28724 : Downstream Merge 15th Feb 2024 #2073
OCPBUGS-27093 : Dockerfile: Bump OVN to ovn-23.09.0-112.el9fdp #2066
OCPBUGS-27853 : [DownstreamMerge] 9 Feb 2024 #2063
OCPBUGS-20336 , OCPBUGS-28558 : [DownstreamMerge] 7 Feb 2024 #2057
USHIFT-2256 : updating ovn kubernetes microshift image to golang-1.21 #2051
OCPBUGS-20209 , OCPBUGS-20220 , OCPBUGS-22923 , OCPBUGS-24271 , OCPBUGS-26979 , OCPBUGS-27215 : Downstream Merge 2nd Feb 2024 #2048
OCPBUGS-22221 , OCPBUGS-24219 , OCPBUGS-25670 : Downstream Merge 31st Jan 2024 #2038
OCPBUGS-27933 : Updating ose-ovn-kubernetes-container image to be consistent with ART for 4.16 #2027
OCPBUGS-23430 , OCPBUGS-24363 , OCPBUGS-26023 , OCPBUGS-27211 : [DownstreamMerge] Merge 1-16-24 #2018
OCPBUGS-27285 : Dockerfile: Bump OVS to openvswitch3.1-3.1.0-73.el9fdp #1995
OCPBUGS-25030 : Updating ovn-kubernetes-microshift-container image to be consistent with ART #1979
OCPBUGS-18716 : [DownstreamMerge] 1-5-24 #2010
OCPBUGS-24965 : Updating ose-ovn-kubernetes-base-container image to be consistent with ART #1978
OCPBUGS-25810 : CARRY: Updates owners and adds Surya #2000
OCPBUGS-25032 : Updating ose-ovn-kubernetes-container image to be consistent with ART #1980
OCPBUGS-24055 , OCPBUGS-25394 , SDN-4194 : [DownstreamMerge] 14 Dec 2023 #1990
OCPBUGS-24322 , OCPBUGS-25357 : Dockerfile: Bump OVN to ovn-23.09.0-91.el9fdp #1986
OCPBUGS-22847 : Downstream merge 12-7-23 #1976
NP-618 , OCPBUGS-22847 , SDN-4124 , SDN-4149 , SDN-4150 : [DownstreamMerge] 1 Dec 2023 #1965
OCPBUGS-24014 : Downstream merge 28th November 2023 #1962
OCPBUGS-21773 : Downstream Merge 22nd November 2023 #1958
NHE-805 , OCPBUGS-19050 , OCPBUGS-22691 , OCPBUGS-22767 , SDN-4173 : [DownstreamMerge] 11 November 2023 #1952
OCPBUGS-16634 , OCPBUGS-19635 , OCPBUGS-20210 : Downstream Merge 24th October 2023 #1942
OCPBUGS-11710 : Downstream Merge 18th Oct 2023 #1939
OCPBUGS-15538 , OCPBUGS-19961 : Downstream merge 2023-10-10 #1935
OCPBUGS-14787 : Dockerfile: stop installing CNI plugins RPM #1702
OCPBUGS-19289 : Updating ose-ovn-kubernetes images to be consistent with ART #1884
OCPBUGS-20178 , OCPBUGS-20238 : Downstream merge 2023-10-09 #1931
OCPBUGS-16217 , OCPBUGS-18071 , OCPBUGS-18598 , OCPBUGS-19698 : DownStream Merge 4th October 2023 #1923
OCPBUGS-19900 : DownStream Merge: 29th-September-2023 #1919
OCPBUGS-18317 : DownStream Merge: 28th-September-2023 #1917
OCPBUGS-18162 , OCPBUGS-19792 , OCPBUGS-19836 : [DownstreamMerge] 9-27-23 #1911
OCPBUGS-17455 , OCPBUGS-17641 , OCPBUGS-18352 , OCPBUGS-18549 , OCPBUGS-19456 : [DownstreamMerge] 9-26-23 #1907
OCPBUGS-19013 : Dockerfile: Copy ovnkube-trace file for RHEL8 platform #1887
OCPBUGS-19501 : Add additonal certificate acceptance condition feature in ovnkube-ide… #1895
Add ovnkube-identity binary to the downstream image #1897
OCPBUGS-19288 : Updating ovn-kubernetes-microshift images to be consistent with ART #1883
OCPBUGS-19278 : Updating ovn-kubernetes-base images to be consistent with ART #1882
OCPBUGS-16641 , OCPBUGS-18572 , OCPBUGS-19331 : [DownstreamMerge] 9-18-23 #1885
OCPBUGS-19004 , OCPBUGS-19010 : Dockerfile: bump OVN to ovn23.09-23.09.0-beta.31.el9fdp #1875
OCPBUGS-18895,OCPBUGS-14549,OCPBUGS-18402 [DownstreamMerge] 9-11-23 #1868
OCPBUGS-18467 : Fix OVN SNATing on GR by enabling gateway_mtu on rtoe port of GR #1854
OCPBUGS-14709 , OCPBUGS-16617 , OCPBUGS-18603 : Bump to OVN 23.09 #1842
OCPBUGS-18378 : LGW: Fix the precedence of rules in FORWARD chain #1851
OCPBUGS-17773 : Perf increases to pod deletion #1847
OCPBUGS-17731 : move clearInitialNodeNetworkUnavailableCondition to clustermanager #1839
OCPBUGS-18110 : Fix encap port configuration for remote chassis #1836
OCPBUGS-17406 , OCPBUGS-17844 , OCPBUGS-17970 : [DownstreamMerge] 24 Aug 2023 #1833
OCPBUGS-17867 : CARRY: Removes restriction for ip scope universe on node ips #1822
8-16-23 #1820
OCPBUGS-17666 : Downstream Merge august 15th 2023 #1817
Downstream Merge 2023-8-10 #1813
OCPBUGS-17147 : [DownstreamMerge] 8 Aug 2023 #1803
Downstream Merge 2023-08-03 #1798
8-1-23 #1795
OCPBUGS-16767 , SDN-3507 , SDN-3733 : [DownstreamMerge] 7-27-23 #1789
OCPBUGS-15811 : SDN-3733: Downstream Merge: 25th July 2023 #1784
OCPBUGS-10650 , OCPBUGS-12747 , OCPBUGS-16413 , SDN-3732 , SDN-3733 : [DownstreamMerge] 7-19-23 #1750
Dockerfile: build both RHEL8 and RHEL9 shims #1760
SDN-3733 : [DownstreamMerge] 7-13-23 #1757
11 jul 23 #1752
07 jul 23 #1747
SDN-3993 : [DownstreamMerge] 06 jul 23 #1742
OCPBUGS-14632 : [DownstreamMerge] 30 jun 23 #1729
OCPBUGS-15127 : Dockerfile: bump to ovn 23.03.0-69 (for LB templates) and ovs 3.1.0-32 (upgrade perf) #1710
OCPBUGS-15523 : [DownstreamMerge] 6-27-23 #1726
OCPBUGS-15227 : [DownstreamMerge] 6-21-23 #1718
OCPBUGS-15226 : EgressIP: do not patch the status if the object no longer exists #1717
6-18-2023 #1714
OCPBUGS-14769 , SDN-3885 : Downstream Merge 13th June 2023 #1707
OCPBUGS-10592 , OCPBUGS-10841 , OCPBUGS-11180 , OCPBUGS-12747 , OCPBUGS-1715 , OCPBUGS-4370 , OCPBUGS-4485 , SDN-3733 , SDN-3838 , SDN-3840 : Downstream Merge 6th June 2023 #1697
OCPBUGS-12352 : Updating ovn-kubernetes-base images to be consistent with ART #1700
OCPBUGS-14636 : Fix Downstream Unit Tests #1696
OCPBUGS-12800 , OCPBUGS-13863 , OCPBUGS-14286 , OCPBUGS-14449 , OCPBUGS-4485 , SDN-3555 , SDN-3790 : Downstream Merge 1st June #1692
OCPBUGS-9825 : LoadBalancer Templates Merge Downstream: 25th May 2023 #1683
OCPBUGS-6013 : Call SyncEndpoints from AddService #1671
OCPBUGS-13716 : Use ovsver and ovnver to infer the short version numbers for ovs and ovn #1664
OCPBUGS-12971 : Fix bug that resulted in routes not be restored to a new vnic #1665
OCPBUGS-11567 : Check the status of a pod before trying to get its ip #1663
OCPBUGS-11716 : [release-4.14] Use loadbalancer.Name as client index #1652
OCPBUGS-11534 : Stack migration #1643
Remove no-longer-used rhel9-specific dockerfiles #1635
OCPBUGS-283 , OCPBUGS-3176 : Downstream merge 3rd April 2023 #1626
Updating ovn-kubernetes-microshift images to be consistent with ART #1620
OCPBUGS-6947 : CARRY: use “prefer local” for annotated services #1622
OCPBUGS-10839 , OCPBUGS-10962 : [DownstreamMerge] 28 March 2023 #1611
OCPBUGS-10485 : Bump OVS to 3.1.0-10 #1613
node: small downstream CARRY patch cleanup #1549
OCPBUGS-10889 , OCPBUGS-8473 : Downstream Merge [27-mar-2023] #1608
OCPBUGS-7932 , OCPBUGS-7988 , OCPBUGS-8080 , OCPBUGS-8278 , OCPBUGS-8280 , OCPBUGS-9990 : Downstream Merge [10-mar-2023] #1574
Dockerfiles: copy RHEL-9 bits over top of unused RHEL8 bits #1553
OCPBUGS-10395 : Bump OVN to disable CT flush #1590
Updating ovn-kubernetes-microshift images to be consistent with ART #1576
Updating ose-ovn-kubernetes images to be consistent with ART #1578
Updating ovn-kubernetes-base images to be consistent with ART #1575
OCPBUGS-8222 , OCPBUGS-8397 , OCPBUGS-8464 : [DownstreamMerge] 7 Mar 2023 #1556
OCPBUGS-7952 : Dockerfile: bump to ovn23.03-23.03.0-4.el9fdp for RHEL9 #1554
OCPBUGS-5889 : [DownstreamMerge] 2023-03-03 #1552
Removal of small code delta from upstream #1548
rhel9: bump to ovn23.03-23.03.0-preview.4 #1550
Downstream Merge [March 2nd 2023] #1551
2-28-23 #1546
OCPBUGS-2663, Bug 2091780, OCPBUGS-6739: Downstream merge 2023-02-20 #1533
rhel9: bump to openvswitch3.1-3.1.0-2.el9fdp #1544
OCPBUGS-7296 : Remove ICNIv1 from ovn-kubernetes #1531
Dockerfiles: switch to dnf #1539
iptables package is missing in microshift image #1530
Updating ovn-kubernetes-microshift images to be consistent with ART #1443
rhel9: no longer need to use iptables wrappers #1526
cleanup: drop redundant selinux-policy install in onvkube dockerfiles #1525
iptables: use container iptables, not the host’s #1481
rhel9: oc RPM does the kubectl symlink #1523
rhel9: no longer need python3-pyOpenSSL #1519
rhel9: remove stray oc
install #1518
Add RHEL9 image Dockerfiles #1495
Downstream merge 2023-02-07 #1510
OCPBUGS-6953 , OCPBUGS-6955 : [Downstream Merge 6th Feb 2023] #1509
OCPBUGS-4909 : Dockerfile: bump OVN to 22.12.0-18 #1487
Bug 2078222, OCPBUGS-4119, OCPBUGS-5930, OCPBUGS-4425: [DownstreamMerge] 1-31-23 #1496
Bug 2047299, OCPBUGS-2337: [DownstreamMerge] 13 Jan 2023 #1474
Bug 2041746 : Bump OVN to 22.12.0-4 #1468
Bug 2075548 : [DownstreamMerge] 09 Jan 2023 #1466
15 Dec 2022 #1454
Updating ose-ovn-kubernetes images to be consistent with ART #1430
OCPBUGS-4825 : [DownstreamMerge] 12-14-22 #1449
OCPBUGS-4659 : [DownstreamMerge] - 12-12-22 #1437
Updating ovn-kubernetes-base images to be consistent with ART #1431
Fix product build issue with more straight forward bash #1432
OCPBUGS-4502 : Downstream Merge 7th-December-2022 [Support service session affinity timeout] #1418
OCBUGS-4502 : Dockerfile: bump OVN to 22.09.0-25 #1424
Update base image of Dockerfile #1239
OCPBUGS-3739 : [DownstreamMerge] 12-02-22 #1410
OCPBUGS-2319 : [DownstreamMerge] 11-30-22 #1405
OCPBUGS-799 : Bump OVN to 22.09.0-22 #1403
Bug OCPBUGS-1352: [DownstreamMerge] 11-18-22 #1400
Bug 2092567 : [Downstream Merge] 16/11/2022 #1381
OCPBUGS-3797 : [4.13] Dockerfile: bump OVS to 2.17.0-62.el8fdp #1362
OCPBUGS-3292 : downstream windows fixes #1377
Update images to be consistent with ART #1371
Downstream merge 11-08-2022 #1364
EIP: remove downstream’s duplicate node delete test #1358
SDN-3589 : downstream merge 11-02-2022 #1355
OCPBUGS-2770 : Allow empty nexthop in L3GatewayConfig node annotation #1337
OCPBUGS-2569 : Fix netpol races #1323
OCPBUGS-1427 : Ignore non-ready endpoints when processing endpointslices #1330
OCPBUGS-2826 : ovnkube-trace: Fix ofproto/trace for IPv6 #1338
OCPBUGS-1520 : Fixes SNAT-ing Logic for EgressIPs #1331
OCPBUGS-1520 : Prioritize adding events to handlers for shared resources #1333
OCPBUGS-1643 : Add logging verbosity to configuring OVN logs #1324
OCPBUGS-2175 : Allocate Hybrid Overlay IP on node updates too #1319
OCPBUGS-2004 : egress IP: fix log when gRPC connection fails #1304
OCPBUGS-2176 : add endpointSlice informer in master process #1302
OCPBUGS-2085 : CARRY: Dockerfile.base: bump to openvswitch2.17.0-37.4.el8fdp #1298
OCPBUGS-1705 : Don’t use ACL names ever! #1300
Dockerfile: bump to ovn22.09-22.09.0-5.el8fdp #1284
9-23-22 b - dualstack fixed #1289
OCPBUGS-1705 : Trim ACL names according to RFC1123 #1281
OCPBUGS-1553 : Dockerfile: bump to openvswitch2.17.0-37.4.el8fdp #1273
Use iptables-restore to add MCS/metadata blocking in the pod #1262
9-12-22 merge #1267
9-7-22 merge #1264
9-2-22 merge #1263
OCPBUGS-165 : [DownstreamMerge] 8-29-2022 merge #1255
8-25-2022 #1253
revert endpoints #1248
8-8-2022 #1237
Fix ovn version in Dockerfile.base #1236
Introduce ovn-kubernetes-{base|singlenode} images #1213
Bug 2109945 : [Downstream Merge: 04-08-2022] #1231
Bug 2111534 : Downstream Merge: 27-07-2022 #1214
Updating ose-ovn-kubernetes images to be consistent with ART #1174
Bug 2111733 : Bump OVN to 22.06.0-27 #1222
OCPBUGSM-45393 : Bug 2078691: [Downstream Merge] 22-07-2022 #1210
4.12 initial merge from upstream: 7-18-22 #1205
Bug 2106862 : Append the SNAT rule in management chain #1199
Bug 2095444 : EGW: Clean Stale Conntrack Entries #1189
Bug 2106298 : populate sock address for ovndb connection in unix mode #1188
Bug 2100507 : Remove redundant log lines in obj_retry.go #1162
Bug 2097243 : Fix egressips for pods recreated with same name #1169
Bug 2097221 : Dockerfile: bump to ovn22.06-22.06.0-7.el8fdp #1170
Bug 2091238 : Fix Panic in Network Policy deletion #1166
Bug 2100220 : Fix completed pods releasing IP address on update #1158
Bug 2089807 : Release Leader election lock on errors #1167
Bug 2100249 : Revert “Bug 2082599: add upper bound to number of failed attempts” #1161
Bug 2085089 : Add support for enabling UDP packet aggregation on veth interfaces #1129
Bug 2099755 : Add new EgressIP config option “egressip-reachability-total-timeout” #1156
Bug 2073378 : Add node name into egress ip status for the removal #1114
Bug 2079012 : Fix egressIP object deletion if the node is deleted first #1143
Bug 2089392 : Update logging for specific policy when creating it #1145
Bug 2082599 : add upper bound to number of failed attempts #1147
Bug 2094088 : Fixes Updating non-default columns as well as libovsdb fixes for empty values #1146
[release 4.11] Bug 2092579: pods: deleteLogicalPort should not fail if port is already deleted #1123
Bug 2092889 : update all egress ACLs’ direction to “from-lport” #1128
Bug 2089716 : Downstream fix for OVN-Kube node cardinality #1135
Bug 2095113 : Dockerfile: bump to openvswitch2.17-2.17.0-22.el8fdp #1117
Bug 2094039 : egressIP: node retrieval failure is not respected, causes panic #1130
Bug 2093396 : Remove node-tainting for too-small MTU #1127
Bug 2091634 : Use ovs-appctl dpctl/* instead of ovs-dpctl #1118
Bug 2091990 : fix lflow-cache-limit-kb ovs external-id #1116
Bug 2070674 : improve performance of service sync #1110
Bug 2092473 : libovsdb perf backports #1119
Bug 2089930 : Dockerfile: bump OVN to ovn22.06 #1102
Bug 2090843 : addLogicalPort() optimization cherry-picks #1109
Bug 2090537 : OVNDBManager: Retry migrations #1108
Bug 2081069 : Bumps OVN to 22.03.0-37.el8fdp #1100
Bug 2086851 : enable exportloopref
linter and fix violations #1092
Bug 2084249 : [DownstreamMerge] 5-12-22 #1090
Bug 2077357 : Bump OVN to ovn22.03-22.03.0-24 #1052
5-4-22 #1081
Bug 2070929 : Downstream Merge: 04-05-2022 #1078
Bug 2079439 : [DownstreamMerge] 4-29-22 #1064
Downstream Merge 25-04-2022 #1050
Bug 2023691 : Downstream merge 2022-04-22 #1049
Bug 2072134 : [DownstreamMerge] 4-18-22 #1040
Dockerfile: bump to OVS 2.17 #1031
Fix gofmt for downstream files #1028
Bug 2026461 : 4-4-22 merge #1010
Bug 2047710 : Bump OVS version to 2.16.0-57.el8fdp #980
Downstream merge 2022-03-22 #1006
Bug 2063321 : [DownstreamMerge] Downstream merge 17-03-2022 #1000
Bug 2060549 : Downstream merge 3-8-22 #989
Bug 2052975 : Downstream merge 07-03-2022 #988
Merge 3-4-22 #987
Bug 2052975 : Bump OVN to ovn-2021-21.12.0-30.el8fdp #982
Bug 2052398 : [DownstreamMerge] 2-25-22 #975
Bump OVS to 2.16.0-53.el8fdp #968
Bug 2048538 : [DownstreamMerge] 2-22-22 #966
Bug 2045577 : Bump OVN to ovn-2021-21.12.0-15.el8fdp #958
Bug 2048538 : [DownstreamMerge] 2-14-22 #956
Bug 2011525 : [DownstreamMerge] Downstream merge 08-02-2022 #947
Update project owners #950
Downstream merge 2-1-22 #940
Bug 2040357 : Dockerfile: bump OVN to ovn-2021-21.12.0-11.el8fdp #902
Bug 2039253 : avoid passing duplicate Flow endpoints to ovs-vsctl #930
Bug 2031926 : Shared gateway: Modification of ClusterIPs shall trigger svc update #924
Bug 2042001 : Adds wait method for ovsdb operations that created named objects #934
Bug 2044303 : Fix update of CloudPrivateIPConfig #923
Bug 2046297 : libovsdb: give connects more time to process than normal transactions #931
Bug 2044680 : libovsdb performance and resource consumption fixes #927
Bug 2017650 : EF: Pull up switch names from cache #908
Bug 2025467 : ETP=local,SGW: Add DNAT rule towards 169.254.169.3 #907
Bug 2043961 : Fix pod-creation-retry #926
Bug 2040540 : Fix String formatting error #904
Clean up OWNERS a bit #919
Bug 2039880 : Metrics: Increase log level for CP recorder #899
Bug 2039099 : EgressIP fixes for 4.10 #917
Bug 2032998 : perf/scale backports #911
Bug 2034577 : Set l3GWConfig.mode correctly #909
Bug 2034155 : Make egressIPs compatible with ICNI #915
Bug 2029742 : egressip: fix usage of clientModel doAfter #910
Bug 2041830 : Fix panic in Hybrid Overlay #913
Bug 2039698 : Hacky way of doing ITP:preferLocal for openshift-dns:default #896
Bug 2039516 : Dockerfile: bump OVN to ovn21.12-21.12.0-25 #883
Bug 2022536 : Validate ExGW Cache and fix cache keys #895
Bug 2031012 : Create iptables NAT rules also for loadbalancer services #888
Bug 2033728 : Dockerfile: bump OVS to 2.16.0-33.el8fdp #833
Merge 21-12-16 #875
Block access to metadata service based on platform type #873
Downstream merge 2021-12-10 #871
21-12-9 #869
Merge 21-12-7 #867
ovn: bump to ovn21.12-21.12.0-24.el8fdp #818
03-12-2021 #863
Bug 2019809 : [DownstreamMerge] 11-29-21 #851
Bug 2009873 : [4.10.0] Avoid stale annotations by re-subscribing to netlink #843
Revert revert #834
Revert “[DownstreamMerge] Fix previous downstream merge” #831
Fix previous downstream merge #812
Bug 2017909 : EgressGW: only return unique elements from getRouteInfosForGateway() #816
Revert #796 and #807 #810
fixup: reduce delta from upstream #807
Merge 2021-10-13 #796
CARRY: go-ovn: prevent deadlock processing Updates during initial DB dump #800
Bug 2016479 : Update iface-id-ver for existing ports #802
Bug 1987445 : Fix gateway routers answer ARP/NDP requests for LoadBalancer/ExternalIP services #793
Bug 2011386 : pods: fix overwriting returned error from defer() #787
Bug 2007443 : bump OVN to ovn21.09-21.09.0-20.el8fdp #784
pods: remove unnecessary LSPGet() calls #781
Bug 1959352 : phase 2 scale improvements #750
ovs: bump to 2.16.0-15.el8fdp #775
Bug 2006325 : Bump OVN to ovn21.09-21.09.0-19.el8fdp #768
Updating ose-ovn-kubernetes images to be consistent with ART #744
Bug 1999261 : filter out KubeAPIAuth when logging CNI requests #742
Bug 2002010 : Fixes skipping pods accidentally in retry #739
Bug 2000057 : panic after EgressFirewall deletion and DNS record expiration #741
Bug 2003195 : Ensure host interfaces are deleted by CNI #738
Fix bad merge on egressip test #732
Bug 2002372 : Fixes misuse of pod annotations during update event #735
Bug 1995335 : Add “iface-id-ver=${POD_UID}” tuple to the external-ids of logical and OVS ports #729
Bug 1903408 : Merge externalTrafficPolicy ONLY #663
Bug 1976399 : DBChecker: reconcile the election timeouts when specified #647
Bug 1998614 : Ensure client handling of canceled/dropped OVSDB monitor #717
Bug 1997438 : egressfirewall not set after upgrade #716
Bug 1998423 : kube master don’t fail trying to cache same GW LRP IPs as already exist #705
Bug 1986946 : Fix ensurePod to call addPodExternalGW only for annotation updates #691
Bug 2000721 : bump OVS userland to openvswitch2.16-2.16.0-6.el8fdp #714
Bug 1999852 : bump OVN to ovn21.09-21.09.0-18.el8fdp #704
Bug 1999138 : Revert “Taint node with NoSchedule effect when ovnkube pod is down” #708
README: Add doc links #669
Bug 1998146 : Fix lb delete during node deletion #698
Bug 1962344 : Use DGP to connect logical switches to the cluster router. #688
Bug 1997270 : bump OVN to ovn21.09-21.09.0-15.el8fdp #685
Bug 1995816 : [4.9] backport “attempting to reduce cardinality in the interest of memory performance” #672
Bug 1997114 : Fixes ensure address set #684
Bug 1994647 : Add quotes around nexthop and dst-ip fields #677
Bug 1973215 : fix reserve joinSwitch LRP IPs #679
Bug 1989615 : Fix GetPortAddresses for HBO #670
Bug 1943334 : Taint node with NoSchedule when ovnkube pod is down #671
Bug 1995330 : Cherry-pick of per-service loadbalancers #666
Bug 1959352 : scale fixes 1 #667
Bug 1978797 : Sync exgw routes on startup #658
Bug 1994069 : bump OVN to ovn21.09-21.09.0-13.el8fdp #659
Bug 1976215 : Fix: sync egress IP for missed events on start-up #655
Bug 1991793 : [4.9] bump OVN to ovn21.09-21.09.0-12.el8fdp #652
Bug 1989694 : Bump OVN to ovn21.09-21.09.0-10.el8fdp #643
Bug 1986440 : Bump OVN to ovn21.09-21.09.0-9.el8fdp #630
Bug 1986443 : Fix pod handler race downstream #628
Bump OVN to ovn21.09-21.09.0-8.el8fdp #621
Bump OVS to openvswitch2.15-2.15.0-28.el8fdp #622
Bug 1985512 : Add v6 management interface address for host network policy #623
Merge 2021-07-21 2nd #619
Merge 2021-07-18 #609
Bug 1973286 : Merge 2021-07-06 #600
Bug 1973813 : 6-21-2021 merge #582
Updating ose-ovn-kubernetes images to be consistent with ART #578
Bug 1972287 : 6-17-21 merge #579
add JacobTanenbaum to the list of approvers #544
Bug 1958375 : Bump OVN to 20.12.0-140.el8fdp #580
Updating .ci-operator.yaml build_root_image
from openshift/release #574
Full changelog
OCPBUGS-45586 : Updating golang-github-prometheus-prometheus-container image to be consistent with ART for 4.19 #238
NO-JIRA: [bot] Bump openshift/prometheus to v2.55.1 #236
NO-JIRA: [bot] Bump openshift/prometheus to v2.55.1 #235
NO-JIRA: [bot] Bump openshift/prometheus to v2.55.0 #234
MON-4065 : [bot] Bump openshift/prometheus to v2.55.0 #232
OCPBUGS-43378 : fix(discovery): Handle cache.DeletedFinalStateUnknown in node informers’ DeleteFunc #229
OCPBUGS-41113 : Updating golang-github-prometheus-prometheus-container image to be consistent with ART for 4.18 #226
MON-3989 : [bot] Bump openshift/prometheus to v2.54.1 #223
MON-3989 : [bot] Bump openshift/prometheus to v2.54.1 #222
OCPBUGS-38622 : Restore Prometheus functionality to accept samples with different timestamps from the same series in a single scrape. #220
MON-3981 : [bot] Bump openshift/prometheus to v2.54.0 #219
MON-3981 : [bot] Bump openshift/prometheus to v2.54.0 #218
MON-3914 : [bot] Bump openshift/prometheus to v2.53.1 #215
OCPBUGS-37370 : backport of upstream fix #216
OCPBUGS-37244 : [bot] Bump openshift/prometheus to v2.53.1 #211
OCPBUGS-35483 : cherry-pick upstream fix to make PrometheusRemoteWriteBehind fire when remote endpoint is never reached. #213
OCPBUGS-36768 : cherry-pick upstream remote-write fix #210
MON-3914 : [bot] Bump openshift/prometheus to v2.53.0 #208
MON-3914 : [bot] Bump openshift/prometheus to v2.53.0 #206
OCPBUGS-34264 : Updating golang-github-prometheus-prometheus-container image to be consistent with ART for 4.17 #205
MON-3856 : Bump openshift/prometheus to v2.52.0 #202
MON-3856 : Bump openshift/prometheus to v2.52.0 #201
MON-3825 : Bump openshift/prometheus to v2.51.2 #200
MON-3825 : Bump openshift/prometheus to v2.51.2 #199
MON-3794 : Bump openshift/prometheus to v2.51.1 #198
MON-3794 : Bump openshift/prometheus to v2.50.1 #196
OCPBUGS-29981 : Updating golang-github-prometheus-prometheus-container image to be consistent with ART for 4.16 #197
MON-3673 : [bot] Bump openshift/prometheus to v2.49.1 #193
MON-3676 : move raptorsun out of reviewer list #194
MON-3673 : Bump Prometheus to v2.49.1 #192
MON-3633 : Bump openshift/prometheus to v2.48.1 #188
OCPBUGS-24745 : Updating golang-github-prometheus-prometheus-container image to be consistent with ART #187
MON-3528 : [bot] Bump openshift/prometheus to v2.48.0 #186
OCPBUGS-22743 : bump Prometheus to 2.48.0 (manual) #185
Bump openshift/prometheus to v2.47.2 #181
Bump openshift/prometheus to v2.47.2 #180
Bump openshift/prometheus to v2.47.2 #179
OCPBUGS-21633 : update golang.org/x/net to v0.17.0 #173
update OWNERS file #172
Bump openshift/prometheus to v2.47.0 #168
OCPBUGS-18846 : Updating golang-github-prometheus-prometheus images to be consistent with ART #169
Bump openshift/prometheus to v2.46.0 #167
Bump openshift/prometheus to v2.45.0 #166
Bump openshift/prometheus to v2.44.0 #164
Dockerfile.ocp: update note about UI assets after switching to embed #165
OCPBUGS-12996 : Add missing assets after manual merge #162
OCPBUGS-12825 : Updating golang-github-prometheus-prometheus images to be consistent with ART #160
Bump openshift/prometheus to v2.43.0 #158
Updating golang-github-prometheus-prometheus images to be consistent with ART #156
Bump openshift/prometheus to v2.42.0 #154
Bump openshift/prometheus to v2.41.0 #153
Bump openshift/prometheus to v2.40.7 #152
Bump openshift/prometheus to v2.40.6 #151
Bump openshift/prometheus to v2.40.5 #150
OCPBUGS-4273 : Bump openshift/prometheus to v2.40.4 #148
OCPBUGS-2873 : fix certificate reloads after rotation #145
Updating golang-github-prometheus-prometheus images to be consistent with ART #147
Revert unwanted downstream patch #144
OCPBUGS-1718 : [bot] Bump openshift/prometheus to v2.39.1 #142
Updating golang-github-prometheus-prometheus images to be consistent with ART #141
Bump openshift/prometheus to v2.38.0 #140
OWNERS: Add myself, and move former team members to emeritus #139
Updating golang-github-prometheus-prometheus images to be consistent with ART #137
Bump openshift/prometheus to v2.37.0 #138
Bug 2099561 : Bump openshift/prometheus to v2.36.2 #136
Bug 2064984 : Update Prometheus to v2.36.1 #133
Updating golang-github-prometheus-prometheus images to be consistent with ART #132
web/ui/.gitignore: unignore generated assets for downstream build #130
Bump openshift/prometheus to v2.35.0 #128
Updates OWNERS file #124
Bump openshift/prometheus to v2.34.0 #123
Bump openshift/prometheus to v2.33.5 #122
Bug 2056802 : scrape: Fix label_limits cache usage #121
Bump openshift/prometheus to v2.33.4 #120
Updating golang-github-prometheus-prometheus images to be consistent with ART #119
Bug 2034192 : [bot] Bump openshift/prometheus to v2.32.1 #117
Don’t use dependabot #115
Bump openshift/prometheus to v2.32.0 #104
Bump openshift/prometheus to v2.31.1 #103
Update scripts/rh-manifest.sh replacing yarn by npm #99
Updating golang-github-prometheus-prometheus images to be consistent with ART #102
OWNERS: cleanup #101
Bump v2.30.3 #98
Bug 1943860 : Bump 2.30.0 #96
Updating golang-github-prometheus-prometheus images to be consistent with ART #94
openshift: Add script to generate rh-manifest.txt #90
Updating golang-github-prometheus-prometheus images to be consistent with ART #93
Bug 1999397 : Bump 2.29.2 #92
Bug 1986243 : bump 2.29 #91
Bug 1934324 : Update to 2.28.1 #89
Updating golang-github-prometheus-prometheus images to be consistent with ART #88
Update OWNERS file to reflect new maintainers #87
Full changelog
OCPBUGS-45453 : Updating prometheus-operator-admission-webhook-container image to be consistent with ART for 4.19 #317
NO-JIRA: [bot] Bump openshift/prometheus-operator to v0.78.2 #314
OCPBUGS-27250 : [bot] Bump openshift/prometheus-operator to v0.78.1 #313
MON-4060 : Bump openshift/prometheus-operator to v0.77.2 #311
OCPBUGS-30122 : Bump openshift/prometheus-operator to v0.77.1 #307
MON-3994 : [bot] Bump openshift/prometheus-operator to v0.76.2 #305
Updating prometheus-config-reloader-container image to be consistent with ART for 4.18 #303
OCPBUGS-41278 : Updating prometheus-operator-container image to be consistent with ART for 4.18 #304
MON-3994 : [bot] Bump openshift/prometheus-operator to v0.76.1 #301
Updating prometheus-operator-admission-webhook-container image to be consistent with ART for 4.18 #302
MON-3982 : [bot] Bump openshift/prometheus-operator to v0.76.0 #297
OCPBUGS-38174 : feat: sync proxy settings in Alertmanager configuration #295
MON-3947 : Bump openshift/prometheus-operator to v0.75.2 #294
MON-3889 : [bot] Bump openshift/prometheus-operator to v0.74.0 #287
OCPBUGS-34153 , OCPBUGS-34308 , OCPBUGS-34459 : Updating prometheus-operator-container image to be consistent with ART for 4.17 #293
OCPBUGS-34308 : Updating prometheus-config-reloader-container image to be consistent with ART for 4.17 #289
OCPBUGS-34153 : Updating prometheus-operator-admission-webhook-container image to be consistent with ART for 4.17 #288
MON-3838 : Bump openshift/prometheus-operator to v0.73.2 #286
OCPBUGS-31847 : Bump openshift/prometheus-operator to v0.73.1 #285
MON-3793 : Bump openshift/prometheus-operator to v0.73.0 #284
MON-3771 : Bump openshift/prometheus-operator to v0.72.0 #281
OCPBUGS-29304 : fix: don’t fail metadata transform on unknown types (#6298) #277
OCPBUGS-28251 : fix: convert continue
field between v1beta1 and v1alpha1 #275
MON-3689 : Bump openshift/prometheus-operator to v0.71.2 #274
MON-3689 : Bump openshift/prometheus-operator to v0.71.1 #273
MON-3676 : move raptorsun out of reviewer list #272
MON-3661 : Bump openshift/prometheus-operator to v0.71.0 #271
OCPBUGS-26147 : configure Snyk scanner #269
OCPBUGS-25560 : Updating prometheus-config-reloader-container image to be consistent with ART #270
OCPBUGS-24947 : Updating prometheus-operator-admission-webhook-container image to be consistent with ART #266
OCPBUGS-24914 : Updating prometheus-config-reloader-container image to be consistent with ART #268
OCPBUGS-24914 : Updating prometheus-config-reloader-container image to be consistent with ART #265
OCPBUGS-24872 : Updating prometheus-operator-container image to be consistent with ART #264
OCPBUGS-24323 : Bump openshift/prometheus-operator to v0.70.0 #263
OCPBUGS-24126 : Updating prometheus-operator-admission-webhook-container image to be consistent with ART #260
OCPBUGS-24073 : Updating prometheus-operator-container image to be consistent with ART #258
OCPBUGS-24105 : Updating prometheus-config-reloader-container image to be consistent with ART #259
MON-3479 : [bot] Bump openshift/prometheus-operator to v0.69.1 #256
OCPBUGS-18707 : [bot] Bump openshift/prometheus-operator to v0.69.0 #255
OCPBUGS-22946 : fix: remove verbose logging admission-webhook #254
OCPBUGS-21637 : fix: disable HTTP2 connections by default #252
OCPBUGS-21637 : Bump golang.org/x/net to v0.17.0 #246
update OWNERS file #245
OCPBUGS-19108 : Updating prometheus-operator images to be consistent with ART #242
OCPBUGS-19204 : Updating prometheus-operator-admission-webhook images to be consistent with ART #244
OCPBUGS-19174 : Updating prometheus-config-reloader images to be consistent with ART #243
: Bump openshift/prometheus-operator to v0.68.0 #241
Bump openshift/prometheus-operator to v0.67.1 #240
Bump openshift/prometheus-operator to v0.67.0 #239
OCPBUGS-14466 : bump openshift/prometheus-operator to v0.66.0 #236
OCPBUGS-14033 : cmd/prometheus-config-reloader: add SIGTERM handler #234
OCPBUGS-1626 : [bot] Bump openshift/prometheus-operator to v0.65.1 #233
OCPBUGS-12324 : Update 4.14 prometheus-config-reloader image to be consistent with ART #230
Updating prometheus-operator images to be consistent with ART #229
Updating prometheus-config-reloader images to be consistent with ART #227
Updating prometheus-operator-admission-webhook images to be consistent with ART #226
Updating prometheus-config-reloader images to be consistent with ART #225
OCPBUGS-10109 : Updating openshift-state-metrics images to be consistent with ART #221
OCPBUGS-10137 : Updating openshift-state-metrics images to be consistent with ART #222
Updating prometheus-operator images to be consistent with ART #220
OCPBUGS-6055 : [bot] Bump openshift/prometheus-operator to v0.63.0 #216
Bump openshift/prometheus-operator to v0.62.0 #215
Updating prometheus-operator-admission-webhook images to be consistent with ART #214
Updating prometheus-config-reloader images to be consistent with ART #213
Updating prometheus-operator images to be consistent with ART #212
OCPBUGS-2778 : [bot] Bump openshift/prometheus-operator to v0.61.1 #209
Bump openshift/prometheus-operator to v0.60.1 #208
Bump openshift/prometheus-operator to v0.60.0 #207
Updating prometheus-operator-admission-webhook images to be consistent with ART #206
Updating prometheus-config-reloader images to be consistent with ART #205
Bump openshift/prometheus-operator to v0.59.2 #203
Bump openshift/prometheus-operator to v0.59.1 #200
OWNERS: Add myself, and move former team members to emeritus #198
Bump openshift/prometheus-operator to v0.58.0 #197
Updating prometheus-operator-admission-webhook images to be consistent with ART #195
Updating prometheus-config-reloader images to be consistent with ART #194
Updating prometheus-operator images to be consistent with ART #193
Bug 2097716 : pkg/apis/monitoring/v1beta1: fix httpConfig conversion #191
Bug 2091595 : bump to Prometheus operator v0.57.0 #190
Bug 2079679 : pkg/prometheus: fix curl exec probe #189
Revert “Bug 2091595: Bump openshift/prometheus-operator to v0.56.3” #188
Bug 2091595 : Bump openshift/prometheus-operator to v0.56.3 #185
Updating prometheus-operator-admission-webhook images to be consistent with ART #180
Updating prometheus-config-reloader images to be consistent with ART #178
Bug 2084288 : Revert “Bump openshift/prometheus-operator to v0.56.2” #177
Updating prometheus-operator images to be consistent with ART #176
Bump openshift/prometheus-operator to v0.56.2 #174
Revert “Bump openshift/prometheus-operator to v0.56.1” #171
Bump openshift/prometheus-operator to v0.56.1 #170
Add myself to OWNER file #166
Bug 2079679 : Revert “[bot] Bump openshift/prometheus-operator to v0.56.0” #168
Bump openshift/prometheus-operator to v0.56.0 #165
Bump openshift/prometheus-operator to v0.55.1 #164
Bump openshift/prometheus-operator to v0.55.0 #162
Fix typo in admission webhook bin output #163
Add Dockerfile and targets for standalone admission webhook image #160
Standalone webhook server #159
Bump openshift/prometheus-operator to v0.54.1 #158
Updating prometheus-config-reloader images to be consistent with ART #155
Bump openshift/prometheus-operator to v0.54.0 #151
Updating prometheus-operator images to be consistent with ART #154
Bug 2030539 : Address race condition in recreate flow for statefulset #152
Bug 2036717 : [bot] Bump openshift/prometheus-operator to v0.53.1 #147
Bump openshift/prometheus-operator to v0.53.0 #146
Release 0.52 #141
Updating prometheus-config-reloader images to be consistent with ART #144
OWNERS: cleanup #140
Bump v0.51.2 #139
Updating prometheus-operator images to be consistent with ART #136
Bump to v0.50.0 #133
Updating prometheus-config-reloader images to be consistent with ART #135
Updating prometheus-operator images to be consistent with ART #134
Bug 1977435 : Bump prometheus-operator to v0.49.0 #131
Updating prometheus-config-reloader images to be consistent with ART #130
Updating prometheus-operator images to be consistent with ART #129
Update OWNERS file to reflect new maintainers #127
Updating .ci-operator.yaml build_root_image
from openshift/release #128
Full changelog
Source code for this page located on github