NO-ISSUE: Merge from metal3-io/ironic-image (33275f5) #443
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
dtantsur
commented
Dec 18, 2023
•
dtantsur
commented
- Switch from current-tripleo to puppet-passed-ci
- Install ironic-lib from main
- Remove unused ironic-python-agent.ign.j2
- Use bash process substitution instead of pipe
- Make sure /certs/ca is created in configure-nonroot
- Add upper-constraints file customization
- Support Firmware Interface
- Remove ServerName from httpd.conf
- Consolidate the authentication code
- Trivial: curly brackets in auth-common.sh
- Disable nova power notifications
- Update OWNERS
- Create /shared in configure-nonroot.sh
- add ironic-image branching and releasing procedure
- Allow guessing PROVISIONING_INTERFACE by PROVISIONING_IP
- add custom ipxe firmware building support
- Add github action to trigger container images build
- sushy-tools: make listen interface customizable
- Allow customizing conductor hostname
- Detect default images downloaded by ipa-downloader
- Don't install ironic-lib from git when it's not requested
- bump markdownlint to 0.13.0
- Stop using the deprecated 'idrac' interface aliases
- Minimum change to support inspection without inspector
- Add openstacksdk to sushy-tools container image
- add clomonitor badge to README
- add condition for ipxe_tls template usage
- Fix invalid iPXE TLS variables
current-triple is no longer maintained, puppet-passed-ci has at least gone through some RDO packstack scenario ci jobs.
Also allow installing ironic-lib from local path or specify a commit hash, tag or branch
Install ironic-lib from main
The file is not used anymore and it's absent from the Dockerfile or any script
Switch from current-tripleo to puppet-passed-ci
Provides more debugging info and can avoid situation where the pipe hides errors.
Use bash process substitution instead of pipe
Otherwise, it cannot be created later if something is mounted under it.
Also fix ironic-lib from source installation
Make sure /certs/ca is created in configure-nonroot
This commit adds `enabled_firmware_interfaces` configuration option with current available options. Updates the sushy-tools to a version that has minimum support of Firmware Interface
Support Firmware Interface
The ServerName value is not mandatory and it's not really needed as apache can get that from /etc/hosts. Also this configuration will never work in an ipv6 environemnt as ipv6 ips are not allowed as values for ServerName.
Remove ServerName from httpd.conf
Remove unused ironic-python-agent.ign.j2
Add upper-constraints file customization
To simplify future extensions and make the critical code easier to review, move all credentials logic to a new script.
Co-authored-by: Tuomo Tanskanen <tuomo@tanskanen.org>
Since there is no nova involved, lets disable the power notifications. Closes: metal3-io#444 Signed-off-by: Harald Jensas <hjensas@redhat.com>
Currently, all containers mount it, but it's actually not required for dnsmasq since it only needs a few bits of static configuration.
Update OWNERS
This simplifies the case where PROVISIONING_IP is known but the exact interface name is not.
Create /shared in configure-nonroot.sh
add ironic-image branching and releasing procedure
Disable nova power notifications
Allow guessing PROVISIONING_INTERFACE by PROVISIONING_IP
This commit adds the following:
- Support for detecting iPXE certificates
- When iPXE certs are detected, the iPXE services
and configs will be advertised with https addresses
- Enforce chainloading of the iPXE firmware provided by
the user even if the client machine comes with an iPXE
firmware by default
- Adds modular iPXE apache2 config file to enable separate
iPXE specific virtual host (port) where TLS is enforced
- Custom iPXE config file template has been added thus Ironic can
generate node specific iPXE config files that use the custom iPXE
firmware
- A set of environment variable that control the new iPXE related
features
Signed-off-by: Adam Rozman <adam.rozman@est.tech>
Consolidate the authentication code
Minimum change to support inspection without inspector
sushy-tools: make listen interface customizable
This will allow sushy-tools containers to use the nova driver, as well as the libvirt driver.
introduction of custom iPXE firmware support
Add openstacksdk to sushy-tools container image
Add CLOMonitor badge to README as ironic-image is one of the included repos that is checked. Signed-off-by: Tuomo Tanskanen <tuomo.tanskanen@est.tech>
add clomonitor badge to README
Previously custom ironic ipxe template was taken into use
in ironic config even when the TLS support was not enabled
for the ironic-image.
This commit:
- Adds a condition to exclude/include referencing
custom ipxe template based on whether TLS is enabled for
the ipxe.
add condition for ipxe_tls template usage
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dtantsur The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
/payload-job periodic-ci-openshift-release-master-nightly-4.16-e2e-metal-ipi-ovn-dualstack |
|
@dtantsur: trigger 1 job(s) for the /payload-(job|aggregate) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/68c43850-9db7-11ee-8074-b7a2e07e7b88-0 |
dtantsur
changed the title
openshift-ci-robot
added
the
jira/valid-reference
|
@dtantsur: This pull request explicitly references no jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
The variables are confused there, breaking, for instance, vmedia TLS. (cherry picked from commit 1ab059e)
|
/payload-job periodic-ci-openshift-release-master-nightly-4.16-e2e-metal-ipi-ovn-dualstack |
|
@dtantsur: trigger 1 job(s) for the /payload-(job|aggregate) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/7ca73a40-9e5f-11ee-869e-06fb32fe49b6-0 |
|
/test e2e-metal-ipi-bm |
|
/lgtm |
|
[ART PR BUILD NOTIFIER] This PR has been included in build ironic-container-v4.16.0-202312191650.p0.g6a63297.assembly.stream for distgit ironic. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.