Test capo v0.10 #309
Closed
Test capo v0.10 #309
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…r-update 🌱 test: bump Flatcar version
…block-device-volume-name fix: fix the block device type name in doc
Add --tls-min-version and --tls-max-versin configuration flags. Same flags can be found in k8s, CAPI, CAPM3 etc. Co-authored-by: Jawad Zaheer <[email protected]> Signed-off-by: Tuomo Tanskanen <[email protected]>
When a reconcile loop for the bastion is requeued, we have this error: ``` OpenStackCluster.infrastructure.cluster.x-k8s.io \"cluster-e2e-rha0r3\" is invalid: ready: Required value" ``` The OpenStackMachine.Status is false by default now, so if the status has not been set to anything, patching the object will not fail with the previous error.
We now have a webhook that checks that a bastion has been disabled if a change has to be made (update or delete) in the bastion field. We also document it better. Also, we added some code to prevent that we don't have a nil pointer if the Spec.Bastion or Status.Bastion are unset.
🐛 api: openstackcluster.status default to false
🐛 Adds Kind to ipaddress pool name index
…ration-flags ✨ add TLS configuration flags
…_addresses OpenstackFloatingIPPool: Adds popped ip to claimedIPs kubernetes-sigs#1869
🐛Make sure that allowedCidrs lists are compared correctly to avoid patching LB listener when not needed
`ControlPlaneEndpoint.Host` is not guaranteed to be an IP address, it can also be an hostname. Now we'll try to lookup the hostname if it's not an IP and set that for the LB VipAddress.
🐛 Prevent the bastion to be removed before it's been disabled
This commit introduces SubnetSpec field onto the OpenStackClusterSpec that is supposed to hold all options related to subnets created by CAPO. This means nodeCidr and DNSNameservers are moved into that struct.
✨ Move subnet options to SubnetSpec
✨ Bump Go to 1.22.0
…rk-cleanup 🐛 Fix cluster network cleanup
Users should configure things via a secret, not via environment variables. Signed-off-by: Stephen Finucane <[email protected]>
🐛 Ignore 'OS_*' environment variables
⚠️ Stop serving v1alpha5
🌱 Fix doc references to NodeCIDR in v1alpha8
Signed-off-by: Lennart Jern <[email protected]>
🐛 Fix crash on delete with no bastion
The v1alpha7 tests were previously testing v1alpha6.
…ot/cherry-pick-2028-to-release-0.10 [release-0.10] 🐛 Fix v1alpha7 e2e tests
In addition to vendor directories, we can ignore things that do not end up in the product. Co-Authored-By: Martin André <[email protected]>
This is required for it to be included in the release payload. CAPO is actually deployed by cluster-capi-operator, but is not directly referenced by cluster-capi-operator. cluster-capi-operator instead consumes a ConfigMap deployed by CAPO. CAPO must be included in the release payload in order for cluster-capi-operator to be able to consume this ConfigMap.
Also fix lint issues hightlighted by these tests.
This is step 1 of 3 in the dance necessary to add e2e tests. Next up, the job definition itself (in 'openshift/release'). Signed-off-by: Stephen Finucane <[email protected]>
These are heavily based on the tests for other platforms, which are currently included in the cluster-capi-operator tree [1] but which will eventually be moved out to the openshift forks of the respective CAPI implementations. The key difference from these is that (a) we don't create a cluster (since we have the infracluster controller for this) and (b) we obviously use OpenStack-specific semantics. [1] https://github.com/openshift/cluster-capi-operator/tree/release-4.15/e2e Co-Authored-By: Emilien Macchi <[email protected]> Co-Authored-By: Stephen Finucane <[email protected]>
As in openshift/cluster-version-operator@48fe9f2669 (install: Drop single-node-developer profile, 2021-11-05, openshift/cluster-version-operator#685). There's an enhancement proposal for this profile [1], and the Code Ready Containers folks took a run at using it in [2] before backing off in [3]. I don't have any problems with having a specific CRC profile, but if we end up going that way, we'll need a lot more manifests with the annotation (e.g. we'll probably also want the CVO manifests to include this annotation, or there won't be anything consuming the admin-ack ConfigMaps ;). This commit drops the annotation from this repository to avoid distracting folks with dead code. [1]: https://github.com/openshift/enhancements/blob/2911c46bf7d2f22eb1ab81739b4f9c2603fd0c07/enhancements/single-node/developer-cluster-profile.md [2]: crc-org/snc#338 [3]: crc-org/snc#373 (comment)
openshift/machine-api-operator@9c20871740 (annotate cloud credentials request, 2023-11-14, openshift/machine-api-operator#1174) added this capability to the machine-API analog of this manifest. And openshift/cluster-capi-operator@e305541274 (annotate credentials request manifests, 2023-11-13, openshift/cluster-capi-operator#143) annotated some cluster-API CredentialsRequests used for other providers. This commit catches cluster-API OpenStack up with those other changes. There is a risk that tech-preview clusters updating into this change will have the CloudCredential capability implicitly enabled. But because TechPreviewNoUpgrade blocks minor updates, and we don't intend to backport this to 4.14.z, that exposure is confined to unsuported prerelease clusters.
This commit makes security linting easier by never setting a TLS version outside v1.2 or v1.3, even in case of an unacceptable user input. Upstream PR: kubernetes-sigs#2037 (cherry picked from commit 27526d5)
openshift-ci
bot
added
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Author
|
/test e2e-techpreview |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
18 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
TODOs:
/hold