From fd52c58942b1b5ba76dcd0b81ff03bda64232f8e Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 3 Jan 2024 14:04:14 -0800 Subject: [PATCH 1/2] openshift/manifests: Drop single-node-developer profile As in openshift/cluster-version-operator@48fe9f2669 (install: Drop single-node-developer profile, 2021-11-05, openshift/cluster-version-operator#685). There's an enhancement proposal for this profile [1], and the Code Ready Containers folks took a run at using it in [2] before backing off in [3]. I don't have any problems with having a specific CRC profile, but if we end up going that way, we'll need a lot more manifests with the annotation (e.g. we'll probably also want the CVO manifests to include this annotation, or there won't be anything consuming the admin-ack ConfigMaps ;). This commit drops the annotation from this repository to avoid distracting folks with dead code. [1]: https://github.com/openshift/enhancements/blob/2911c46bf7d2f22eb1ab81739b4f9c2603fd0c07/enhancements/single-node/developer-cluster-profile.md [2]: https://github.com/crc-org/snc/pull/338 [3]: https://github.com/crc-org/snc/pull/373#issue-835807822 --- .../components/common/kustomization.yaml | 1 - ...ider-openstack_00_credentials-request.yaml | 1 - ...penstack_04_infrastructure-components.yaml | 25 ------------------- 3 files changed, 27 deletions(-) diff --git a/openshift/kustomize/components/common/kustomization.yaml b/openshift/kustomize/components/common/kustomization.yaml index 37aba34e3c..702a6c91d9 100644 --- a/openshift/kustomize/components/common/kustomization.yaml +++ b/openshift/kustomize/components/common/kustomization.yaml @@ -7,7 +7,6 @@ resources: commonAnnotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" patches: # Common configuration for CAPI controller workloads diff --git a/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml b/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml index 769529414a..9f3c9d4024 100644 --- a/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml +++ b/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml @@ -4,7 +4,6 @@ metadata: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade name: openshift-cluster-api-openstack namespace: openshift-cloud-credential-operator diff --git a/openshift/manifests/0000_30_cluster-api-provider-openstack_04_infrastructure-components.yaml b/openshift/manifests/0000_30_cluster-api-provider-openstack_04_infrastructure-components.yaml index 6b14b75b27..3cde6ae8a9 100644 --- a/openshift/manifests/0000_30_cluster-api-provider-openstack_04_infrastructure-components.yaml +++ b/openshift/manifests/0000_30_cluster-api-provider-openstack_04_infrastructure-components.yaml @@ -8,7 +8,6 @@ data: controller-gen.kubebuilder.io/version: v0.13.0 exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" labels: @@ -4724,7 +4723,6 @@ data: controller-gen.kubebuilder.io/version: v0.13.0 exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" labels: @@ -6977,7 +6975,6 @@ data: controller-gen.kubebuilder.io/version: v0.13.0 exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" labels: @@ -8610,7 +8607,6 @@ data: controller-gen.kubebuilder.io/version: v0.13.0 exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" labels: @@ -9965,7 +9961,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -9978,7 +9973,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -9991,7 +9985,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10033,7 +10026,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10085,7 +10077,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10107,7 +10098,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10151,7 +10141,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10241,7 +10230,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10262,7 +10250,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10283,7 +10270,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10304,7 +10290,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10325,7 +10310,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10345,7 +10329,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10365,7 +10348,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/serving-cert-secret-name: capo-webhook-service-cert labels: @@ -10385,7 +10367,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10403,7 +10384,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}' labels: @@ -10475,7 +10455,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: cluster.x-k8s.io/provider: infrastructure-openstack @@ -10493,7 +10472,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}' labels: @@ -10553,7 +10531,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" labels: @@ -10630,7 +10607,6 @@ data: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" labels: @@ -10726,7 +10702,6 @@ metadata: annotations: exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade labels: provider.cluster.x-k8s.io/name: openstack From 0df0d51d7fef7ec660b48b5f4bfe6f5e93cd2f84 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 3 Jan 2024 14:25:15 -0800 Subject: [PATCH 2/2] openshift/manifests: CloudCredential capability for CredentialsRequest openshift/machine-api-operator@9c20871740 (annotate cloud credentials request, 2023-11-14, openshift/machine-api-operator#1174) added this capability to the machine-API analog of this manifest. And openshift/cluster-capi-operator@e305541274 (annotate credentials request manifests, 2023-11-13, openshift/cluster-capi-operator#143) annotated some cluster-API CredentialsRequests used for other providers. This commit catches cluster-API OpenStack up with those other changes. There is a risk that tech-preview clusters updating into this change will have the CloudCredential capability implicitly enabled. But because TechPreviewNoUpgrade blocks minor updates, and we don't intend to backport this to 4.14.z, that exposure is confined to unsuported prerelease clusters. --- .../kustomize/credentials-request/credentials-request.yaml | 2 ++ ...0_cluster-api-provider-openstack_00_credentials-request.yaml | 1 + 2 files changed, 3 insertions(+) diff --git a/openshift/kustomize/credentials-request/credentials-request.yaml b/openshift/kustomize/credentials-request/credentials-request.yaml index 405f57a3de..ce378e959d 100644 --- a/openshift/kustomize/credentials-request/credentials-request.yaml +++ b/openshift/kustomize/credentials-request/credentials-request.yaml @@ -3,6 +3,8 @@ kind: CredentialsRequest metadata: name: openshift-cluster-api-openstack namespace: openshift-cloud-credential-operator + annotations: + capability.openshift.io/name: CloudCredential spec: providerSpec: apiVersion: cloudcredential.openshift.io/v1 diff --git a/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml b/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml index 9f3c9d4024..89a7219503 100644 --- a/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml +++ b/openshift/manifests/0000_30_cluster-api-provider-openstack_00_credentials-request.yaml @@ -2,6 +2,7 @@ apiVersion: cloudcredential.openshift.io/v1 kind: CredentialsRequest metadata: annotations: + capability.openshift.io/name: CloudCredential exclude.release.openshift.io/internal-openshift-hosted: "true" include.release.openshift.io/self-managed-high-availability: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade