-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DownstreamMerge] Rebase to upstream/main (2022-09-07) #298
[DownstreamMerge] Rebase to upstream/main (2022-09-07) #298
Conversation
* proposal: Host IP pool with NNCP Signed-off-by: Enrique Llorente <ellorent@redhat.com> * discarding proposal host ip pool Signed-off-by: Enrique Llorente <ellorent@redhat.com>
Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
…trol plane nodes (nmstate#1103) * Use new node selector for cp nodes (node-role.kubernetes.io/control-plane) Signed-off-by: Christoph Stäbler <cstabler@redhat.com> * Add node affinity to respect both control-plan/master node labels Adds default node affinity for infra pods to schedule them on control-plane nodes having the new (node-role.kubernetes.io/control-plane) label or on the nodes with the old (node-role.kubernetes.io/master) label, as OR can't be used in a nodeSelector. This commit can be reverted, as soon as the control-plane nodes do not have the old (node-role.kubernetes.io/master) label anymore. Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Make github_release_cmd a functio instead of running it as a string. The current form executes the ENV variable as a command, instead of evaluating it as an env variable. Signed-off-by: Radim Hrazdil <rhrazdil@redhat.com>
Having GOFLAGS as part of command does not work, this change move it to the main part of the script after make so it does not affect how knmstate is build. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
* Bump k8s dependencies to v1.24.1 Signed-off-by: Christoph Stäbler <cstabler@redhat.com> * Bump controller-tools to v0.8.0 Signed-off-by: Christoph Stäbler <cstabler@redhat.com> * Update kubevirtci to k8s-1.24 Signed-off-by: Christoph Stäbler <cstabler@redhat.com> * Increase linting timeout to 20 minutes Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Built such that automation can use it: In case fatal happens return error code. In case all is good, determine if there was a change according non empty stdout. Signed-off-by: Or Shoval <oshoval@redhat.com>
Updated module to address CVE-2021-38561 Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Signed-off-by: Or Shoval <oshoval@redhat.com>
…context constraint on OCP/OKD (nmstate#1113) * Grant handler SA permissions to use privileged security context constraint on OCP or OKD Signed-off-by: Christoph Stäbler <cstabler@redhat.com> * Fix typo Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Signed-off-by: Radim Hrazdil <rhrazdil@redhat.com>
Signed-off-by: Radim Hrazdil <rhrazdil@redhat.com>
Signed-off-by: Mark Spencer Tan <msgtan@gmail.com> Signed-off-by: Mark Spencer Tan <msgtan@gmail.com>
The internal Networking team needs to be able to approve and review. Signed-off-by: Brad P. Crochet <brad@redhat.com> (cherry picked from commit 8b7ee34) (cherry picked from commit 5a3b58d) (cherry picked from commit fa7c3d9) (cherry picked from commit 6044f9b) (cherry picked from commit 6a7d583) (cherry picked from commit 535fa8a)
Without this, make sees the manifests directory we added and thinks the target is always up to date. (cherry picked from commit c0fd1a9) (cherry picked from commit c7d95f8) (cherry picked from commit e3bc585) (cherry picked from commit 2e373ba) (cherry picked from commit eeff5e4) (cherry picked from commit cfabf98)
When running the e2e tests on OCP, we need to do some things slightly different. This adds a script and the necessary files to do so. (cherry picked from commit 567716a) (cherry picked from commit dfb4c3c) (cherry picked from commit b4064be) (cherry picked from commit 00025c6) (cherry picked from commit f906068) (cherry picked from commit a78a700)
knmstate can be realistically installed only in a single instance on the cluster. Currently, when creating an NMState CR, user is asked to define the namespace. We can make this easier for them by pre-populating the namespace to our default - openshift-nmstate. Signed-off-by: Petr Horáček <phoracek@redhat.com> (cherry picked from commit 0709939) (cherry picked from commit 38b3cec) (cherry picked from commit 5b1375a) (cherry picked from commit b578607) (cherry picked from commit 95b57ac) (cherry picked from commit 62c2026)
This is no longer required[0] and may cause issues when newer versions of the operator-sdk are used. 0: operator-framework/operator-sdk#5326 (cherry picked from commit 6a8abee) (cherry picked from commit a051449) (cherry picked from commit 20a57d3) (cherry picked from commit 4fe5758) (cherry picked from commit 5c84fd9)
Currently, admins have to install the NMState in two steps. First they have to install the operator and then navigate to the operator menu to create an NMState CR. With this patch, these two are merged into a single step where while installing NMState operator, user will be asked to create the CR since it is required. That then immediatelly triggers deployment of NMState operands as a part of the NMState operator installation. Signed-off-by: Petr Horáček <phoracek@redhat.com> (cherry picked from commit b6dbdf5) (cherry picked from commit 600c605) (cherry picked from commit ab635c0) (cherry picked from commit d395c3d) (cherry picked from commit f81f823) (cherry picked from commit 464f992)
Signed-off-by: Christoph Stäbler <cstabler@redhat.com> (cherry picked from commit b8396cb)
Signed-off-by: Christoph Stäbler <cstabler@redhat.com> (cherry picked from commit a103e36)
Signed-off-by: Christoph Stäbler <cstabler@redhat.com> (cherry picked from commit ce16efa)
Signed-off-by: Christoph Stäbler <cstabler@redhat.com> (cherry picked from commit da609f9)
(cherry picked from commit d821355)
Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Since 2e8c06a the permissions for the handler service account are all defined in the operator code, so there is no need anymore to define OpenShift specific permissions in the CSV or for e2e tests anymore. Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
b0c65f5
to
0412ecb
Compare
/assign @cybertron @dougsland |
/retest |
1 similar comment
/retest |
Waiting all tests pass 👍 |
/hold |
An OVS-bridge e2e tests was reenabled in a5ed4b5 in upstreams. This required a fix in nmstate which was not yet backported to nmstate 1.2. Therefor we keep this test skipping until it was backported to nmstate 1.2 as this does not make things worse. Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
/hold cancel |
|
@creydr: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
@cybertron @dougsland could you PTAL? |
Yeah, I looked at that briefly a couple weeks ago and I think it did eventually pass in my local tests, but it flaked like 8 times before that. /lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: creydr, cybertron The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Inspired by the commit description for #283
Identify carry commits:
Note that the
UPSTREAM: <carry>:
prefix was added to any new commits to carry since the previous rebase. This will make new carry commits easy to identify alongside prior carry commits.After identifying the carry commits, the next step is to create the new commit-tree that will be used for the rebase and then cherry pick the carry commits into the new branch.
The following commands cover these steps:
Process
merge nmstate/main 2022-06-30
744a661.Carried Commits:
UPSTREAM: <carry>: Add midstream approvers and reviewers
(f0fd523)UPSTREAM: <carry>: Add manifests for 4.7
(c522a98)UPSTREAM: <carry>: Add manifests for 4.8
(643350c)UPSTREAM: <carry>: Add manifests for 4.9
(5e9aad4)UPSTREAM: <carry>: Add manifests to .PHONY in Makefile
(fd969a0)UPSTREAM: <carry>: Add ocp-e2e-tests script
(09e4bf4)UPSTREAM: <carry>: Update Dockerfile images to match ART
(da65e51)UPSTREAM: <carry>: Define the suggested namespace for NMState CR
(3ff03e2)UPSTREAM: <carry>: Add machineconfigs before running e2e tests on OCP
(fa55fa8)UPSTREAM: <carry>: update naming convention
(49ae475)UPSTREAM: <carry>: Update dockerfile to match ART
(632e9f2)UPSTREAM: <carry>: Remove serviceaccount manifest
(80f876f)UPSTREAM: <carry>: Provide default NMState CR
(943b62e)UPSTREAM: <carry>: Skip e2e tests which are not supported on OVN
(b2626f2)UPSTREAM: <carry>: Add 4.10 release OLM manifests
(6b6ca4e)UPSTREAM: <carry>: add arm64 to 4.10 CSV
(3a96324)UPSTREAM: <carry>: Add ppc64le and s390x to 4.10 CSV
(1ef62a7)UPSTREAM: <carry>: Fix JSON error in initialization resource
(65c2239)UPSTREAM: <carry>: Update OWNERS
(a320db2)UPSTREAM: <carry>: Switch to dnf in Openshift handler image
(4aa6e19)UPSTREAM: <carry>: Add disconnected annotation for OperatorHub
(6b5304c)UPSTREAM: <carry>: enable all archs in nmstate example CR
(7869123)UPSTREAM: <carry>: Add ssh proxy for e2e tests in CI
(171fe84)UPSTREAM: <carry>: Remove initialization resource from CSV
(627ddcd)UPSTREAM: <carry>: Apply SCC in e2e tests when reinstalling operator in another namespace
(d4d08a0)UPSTREAM: <carry>: Add make target to run operator e2e tests against ocp
(9b77532)UPSTREAM: <carry>: Update Dockerfile images to match ART
(3b54cbc)UPSTREAM: <carry>: Add operators app label in CSV
(df1f23e)UPSTREAM: <carry>: Do not ignore parameters for ocp tests
(2f12709)UPSTREAM: <carry>: Add manifests for 4.11
(2f36a18)UPSTREAM: <carry>: Fix ssh-ci.sh for dualstack environments
(1c7e78a)UPSTREAM: <carry>: Update Dockerfile images to match ART
(ab56679)UPSTREAM: <carry>: Add qosClass to operator CSV
(55e599e)UPSTREAM: <carry>: add priority class to operator CSV
(8be32d2)UPSTREAM: <carry>: Rerun flaky e2e tests
(51b4fdc)UPSTREAM: <carry>: Update 4.11 CSV file after rebase
(83f5854)UPSTREAM: <carry>: Update NMState CRD
(4b35551)UPSTREAM: <carry>: Set SSH env correctly for operator e2e tests
(c0ff5e3)UPSTREAM: <carry>: Update Dockerfile images to match ART
(0b1de1a)UPSTREAM: <carry>: Update CSV after rebase
(27d04ee)tmp: Skip failing e2e test on OpenShiftSDN
(f1077bb)UPSTREAM: <carry>: Fix OLM skipRange replacement
(19b80de)UPSTREAM: <carry>: Remove old manifests
(e85e959)UPSTREAM: <carry>: Rename deprecated flakeAttempts parameter
(a27fa57)UPSTREAM: <carry>: Timeout handler e2e tests after 4h
(e40fc60)UPSTREAM: <carry>: Add make target to update bundle manifests and install bundle
(492d38e)UPSTREAM: <carry>: Add check to verify bundles have been updated
(4c82db6)UPSTREAM: <carry>: Add manifests for 4.12
(2ec5355)UPSTREAM: <carry>: Make sure yq v4 is installed for bundle updates
(6321651)UPSTREAM: <carry>: Update OPM for 4.12
(7447b28)UPSTREAM: <carry>: Update Dockerfile images to match ART
(8eaf9ca)I updated the bundle manifests (by running
make ocp-update-bundle-manifests
) after the rebase in 5ec7109 and squashed the commit 9076ea4 with da609f9 into 7447b28, as this was forgotten and belongs together (#296)In addition I removed the handler SA from the CSV file (0412ecb) as this is not needed anymore since 2e8c06a.
Included bug fixes:
knmstate csv in Pending state after delete nmstate instance
(BZ 2103027): 2e8c06a and 0412ecbFailed to watch *v1.Node: unknown (get nodes) error in the kubernates nmstate logs after sucsessful instalation
(BZ 2102682): c5d0800[UX] Make the message about missing nmstate instance more user-friendly
(BZ 2102670): be488a6No information about knmstate instance in Openshift UI console
(BZ 2102666): be488a6CVE-2021-38561 operator
(BZ 2105549): ef09dddCVE-2021-38561 handler
(BZ 2105571): ef09dddRelease note: