New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NO-ISSUE: Merge from metal3-io/ironic-image (33275f5) #443
Conversation
dtantsur
commented
Dec 18, 2023
•
edited
edited
- Switch from current-tripleo to puppet-passed-ci
- Install ironic-lib from main
- Remove unused ironic-python-agent.ign.j2
- Use bash process substitution instead of pipe
- Make sure /certs/ca is created in configure-nonroot
- Add upper-constraints file customization
- Support Firmware Interface
- Remove ServerName from httpd.conf
- Consolidate the authentication code
- Trivial: curly brackets in auth-common.sh
- Disable nova power notifications
- Update OWNERS
- Create /shared in configure-nonroot.sh
- add ironic-image branching and releasing procedure
- Allow guessing PROVISIONING_INTERFACE by PROVISIONING_IP
- add custom ipxe firmware building support
- Add github action to trigger container images build
- sushy-tools: make listen interface customizable
- Allow customizing conductor hostname
- Detect default images downloaded by ipa-downloader
- Don't install ironic-lib from git when it's not requested
- bump markdownlint to 0.13.0
- Stop using the deprecated 'idrac' interface aliases
- Minimum change to support inspection without inspector
- Add openstacksdk to sushy-tools container image
- add clomonitor badge to README
- add condition for ipxe_tls template usage
- Fix invalid iPXE TLS variables
current-triple is no longer maintained, puppet-passed-ci has at least gone through some RDO packstack scenario ci jobs.
Also allow installing ironic-lib from local path or specify a commit hash, tag or branch
Install ironic-lib from main
The file is not used anymore and it's absent from the Dockerfile or any script
Switch from current-tripleo to puppet-passed-ci
Provides more debugging info and can avoid situation where the pipe hides errors.
Use bash process substitution instead of pipe
Otherwise, it cannot be created later if something is mounted under it.
Also fix ironic-lib from source installation
Make sure /certs/ca is created in configure-nonroot
This commit adds `enabled_firmware_interfaces` configuration option with current available options. Updates the sushy-tools to a version that has minimum support of Firmware Interface
Support Firmware Interface
The ServerName value is not mandatory and it's not really needed as apache can get that from /etc/hosts. Also this configuration will never work in an ipv6 environemnt as ipv6 ips are not allowed as values for ServerName.
Remove ServerName from httpd.conf
Remove unused ironic-python-agent.ign.j2
Add upper-constraints file customization
To simplify future extensions and make the critical code easier to review, move all credentials logic to a new script.
Co-authored-by: Tuomo Tanskanen <tuomo@tanskanen.org>
Since there is no nova involved, lets disable the power notifications. Closes: metal3-io#444 Signed-off-by: Harald Jensas <hjensas@redhat.com>
Currently, all containers mount it, but it's actually not required for dnsmasq since it only needs a few bits of static configuration.
Update OWNERS
This simplifies the case where PROVISIONING_IP is known but the exact interface name is not.
Create /shared in configure-nonroot.sh
add ironic-image branching and releasing procedure
Disable nova power notifications
Allow guessing PROVISIONING_INTERFACE by PROVISIONING_IP
This commit adds the following: - Support for detecting iPXE certificates - When iPXE certs are detected, the iPXE services and configs will be advertised with https addresses - Enforce chainloading of the iPXE firmware provided by the user even if the client machine comes with an iPXE firmware by default - Adds modular iPXE apache2 config file to enable separate iPXE specific virtual host (port) where TLS is enforced - Custom iPXE config file template has been added thus Ironic can generate node specific iPXE config files that use the custom iPXE firmware - A set of environment variable that control the new iPXE related features Signed-off-by: Adam Rozman <adam.rozman@est.tech>
Consolidate the authentication code
Minimum change to support inspection without inspector
sushy-tools: make listen interface customizable
This will allow sushy-tools containers to use the nova driver, as well as the libvirt driver.
introduction of custom iPXE firmware support
Add openstacksdk to sushy-tools container image
Add CLOMonitor badge to README as ironic-image is one of the included repos that is checked. Signed-off-by: Tuomo Tanskanen <tuomo.tanskanen@est.tech>
add clomonitor badge to README
Previously custom ironic ipxe template was taken into use in ironic config even when the TLS support was not enabled for the ironic-image. This commit: - Adds a condition to exclude/include referencing custom ipxe template based on whether TLS is enabled for the ipxe.
add condition for ipxe_tls template usage
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dtantsur The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/payload-job periodic-ci-openshift-release-master-nightly-4.16-e2e-metal-ipi-ovn-dualstack |
@dtantsur: trigger 1 job(s) for the /payload-(job|aggregate) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/68c43850-9db7-11ee-8074-b7a2e07e7b88-0 |
@dtantsur: This pull request explicitly references no jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
The variables are confused there, breaking, for instance, vmedia TLS. (cherry picked from commit 1ab059e)
/payload-job periodic-ci-openshift-release-master-nightly-4.16-e2e-metal-ipi-ovn-dualstack |
@dtantsur: trigger 1 job(s) for the /payload-(job|aggregate) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/7ca73a40-9e5f-11ee-869e-06fb32fe49b6-0 |
/test e2e-metal-ipi-bm |
/lgtm |
[ART PR BUILD NOTIFIER] This PR has been included in build ironic-container-v4.16.0-202312191650.p0.g6a63297.assembly.stream for distgit ironic. |