Back to index
4.13.0-0.okd-scos-2023-03-29-124824
Download installer and client with:
oc adm release extract --tools quay.io/okd/scos-release:4.13.0-0.okd-scos-2023-03-29-124824
No tests for this release
Upgrades from:
Upgrades to:
Created: 2023-03-29 19:19:49 +0000 UTC
Image Digest: sha256:9e31ffa320e60a68a3456b23d0be97de4a667d0d2b74e9ce6db132a7da0d2790
Release 4.13.0-0.okd-scos-2023-03-29-124824 was created from registry.ci.openshift.org/origin/release-scos:4.13.0-0.okd-scos-2023-03-29-124824
Components
New images
Removed images
- ovn-kubernetes
- ovn-kubernetes-microshift
Rebuilt images without code change
- manifests: Add a shebang to NM dispatcher script (#5085) #5085
- bminventory: throw Bad Request error on arm64 Nutanix clusters (#4906) #4906
- Revert “MGMT-13471: SNO installation with OCP 4.13 lacks proper dnsmasq configuration (#4939)” (#5012) #4939
- NO-ISSUE: customize the image path for disk creation (#5010) #5010
- MGMT-13445: Update Assisted Installer with the new LVMS requirements (#4986) #4986
- MGMT-12956: Add feature IDs for ppc64le and s390x (#5008) #5008
- add 4.13 multi ec.3 dev preview images (#5005) #5005
- NO-ISSUE: Bump gorm.io/gorm from 1.23.8 to 1.24.5 (#5006) #5006
- MGMT-13580: GC orphan hosts (#4997) #4997
- Make get_image_without_tag work when registry has a port (#5007) #5007
- MGMT-13374: support Nutanix in kube-api (#4996) #4996
- Updating ose-agent-installer-api-server images to be consistent with ART (#4752) #4752
- Revert “Increase timeout waiting for image-service (#4871)” (#5001) #4871
- Use the correct env var for the hub release image mirror (#4998) #4998
- MGMT-12547: Enhancement doc “api-for-skipping-validations” (#4870) #4870
- Add registry config for ironic agent image (#4995) #4995
- MGMT-13274: Update time-synced-between-host-and-service message to remove bad advice (#4994) #4994
- MGMT-13521: Clearer messaging when non-overlapping-subnets validation is pending. (#4993) #4993
- MGMT-13204: Implement skipping of host and cluster validations (#4907) #4907
- MGMT-13708: allow overriding image service image in subscription (#4985) #4985
- MGMT-13454: Group Host and boot logs to a single tarball (#4975) #4975
- MGMT-13711: it takes the assisted-service few minutes to notice that the cluster installation is completed (#4988) #4988
- MGMT-13620: Make worker to use custom MCP if it was set as part of the host DB record (#4976) #4976
- MGMT-13549: Day1 implementation for K8S node labels (#4972) #4972
- NO-ISSUE: Add logs to supported-platforms (#4982) #4982
- MGMT-13045: Enhancement document for node labeling (#4826) #4826
- MGMT-13682: Gather host logs on failure in day2 flow (#4983) #4983
- MGMT-13292: Add the installed version of the OLM operators in the monitor operators response (#4961) #4961
- MGMT-13471: SNO installation with OCP 4.13 lacks proper dnsmasq configuration (#4939) #4939
- MGMT-13487: handle day2 cluster authz (#4973) #4973
- NO-ISSUE: added ENABLE_ORG_TENANCY to deploy-test target (#4974) #4974
- MGMT-11805:
docs/change-iso-password.sh
lint (#4971) #4971
- Full changelog
- Updating ose-agent-installer-csr-approver images to be consistent with ART (#587) #587
- NO-ISSUE: controller logs optimizations (#646) #646
- NO-ISSUE: Bump golang.org/x/sync (#644) #644
- MULTIARCH-3387: Set boot device to target disk for powervm (#626) #626
- MGMT-13710: assisted-installer-controller hangs for 2 minutes before uploading the ingress CA (#638) #638
- NO-ISSUE: Bump golang.org/x/net from 0.5.0 to 0.7.0 (#640) #640
- NO-ISSUE: Replace iotil by os and io in order to fix lint issues (#642) #642
- NO-ISSUE: Bump openshift/release from golang-1.18 to golang-1.19 (#612) #612
- MGMT-13568: Add pause mcp while setting new role labels (#623) #623
- MGMT-13292: Add the installed version of the OLM operators in the monitor operators response (#622) #622
- Remove uninitialized taint from vSphere nodes (#629) #629
- Full changelog
- OCPBUGS-8695: vendor agent-installer-utils to v0.0.0-20230310220517-8506fbb6a346 (#518) #518
- MGMT-13946: Ignore Proliant Gen 11 serial (#523) #523
- OCPBUGS-8677: vendor agent-installer-utils to v0.0.0-20230308101916-306b7995977e (#515) #515
- OCPBUGS-8390: vendor agent-installer-utils to v0.0.0-20230307094740-57807526b660 (#512) (#513) #512
- AGENT-565: revendor agent-utils (#508) #508
- vendor agent-installer-utils to v0.0.0-20230228190135-5b30a39dadf6 (#506) #506
- vendor agent-installer-utils (#505) #505
- NO-ISSUE: Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#504) #504
- NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.14.0 to 2.15.0 (#502) #502
- MGMT-13758: In connectivity check, ARPING checks should not run on nics without valid IPv4 address (#501) #501
- Updating ose-agent-installer-node-agent images to be consistent with ART (#469) #469
- AGENT-502: Add agent based installer agent-tui (#482) #482
- Make the agent team be the OWNERS of the Dockerfile.ocp file (#498) #498
- Add sg3_utils package (#497) #497
- NO-ISSUE: Bump github.com/onsi/gomega from 1.26.0 to 1.27.1 (#495) #495
- MGMT-13665: Bring full journal by default in log gather (#492) #492
- NO-ISSUE: Bump golang.org/x/sys from 0.4.0 to 0.5.0 (#491) #491
- Full changelog
- OCPBUGS-10405: feat: add workload annotation to deployment and daemonset #199
- STOR-875: Implement custom keys in AWS EBS CSI driver operator #185
- OCPBUGS-7837: do not inject-proxy when deploying in hypershift control plane #186
- Bump github.com/spf13/cobra from 1.6.0 to 1.6.1 #182
- Add ok-to-test label to dependabot PRs #184
- Bump k8s.io/klog/v2 from 2.80.1 to 2.90.0 #183
- Full changelog
- Bug OCPBUGS-7408: UPSTREAM: 1725: Pin k8s.io/dynamic-resource-allocation version #38
- Full changelog
- OCPBUGS-10773: bump repo sclorg/s2i-ruby-container location for newapp test #1381
- OCPBUGS-10378: Add microshift into generate-docs #1372
- Microshift command docs #1357
- Do not set master node selector if there’s no masters #1347
- OCPBUGS-7190: Reuse LDAP connection when performing group sync #1336
- Adding
CommitDate
to the Changelog json output #1348
- OCPBUGS-7780: pkg/cli/admin/upgrade/channel: Use PATCH instead of POST for spec updates #1346
- Use registry.k8s.io and update image version #1343
- Add icsp file convert command #1238
- OWNERS_ALIASES: Update approvers: add David, remove Jack #1340
- oc debug: Use own fields instead directly depending on Attach’s #1337
- Full changelog
- OCPBUGS-10771: updates: manually requeue when waiting for replicas being ready #181
- OCPBUGS-8424: machine’s node must be ready for CPMS machine to be ready #173
- e2e: periodics: remove test with cluster-wide-proxy #170
- Update ginkgo to 2.8.1 #169
- Update OWNERS #168
- Migrate test utils to actuator-pkg repository #159
- Full changelog
- OCPBUGS-10793: bugfix in Node Exporter argument setting #1922
- OCPBUGS-10476: turn off netlink mode of netclass collector in Node Exporter. #1919
- MON-2973: test/e2e: Add cleanup func for alertmanager uwm secret test #1907
- MON-2693: Scrape profiles #1785
- MON-2959: test/e2e: Add test for alertmanager secret platform #1899
- MON-2904: add nodeExporter.collectors.buddyinfo settings. #1891
- MON-2895: toggle netlink implementation of netclass collector #1894
- MON-2932: jsonnet/dashboards: add role template variable to node related dashbo… #1879
- MON-2900: add nodeExporter.collectors.netclass settings. #1893
- Update jsonnet dependencies #1903
- MON-2951: create Routes only with ingress operator #1885
- OCPBUGS-7391: wait for service CA secrets #1900
- Synchronize versions of the downstream components #1902
- MON-2973: pkg/manifests: Allow configuring secrets in alertmanager (UWM) #1884
- Synchronize versions of the downstream components #1898
- pkg/operator: fix typo in info logs #1896
- MON-2901: add nodeExporter.collectors.netdev settings. #1888
- STOR-1154: Add vSphere topology to telemetry #1886
- Add nodeExporter.collectors.tcpstat settings. #1876
- Synchronize versions of the downstream components #1887
- MON-2959: Allow configuring secrets in alertmanager (platform) #1882
- Full changelog
- Fix failing HyperShift presubmits (#578) #578
- Add a script to validate upstream TuneD (#577) #577
- CNF-5900: feat: added support for generating workload partitioning files (#431) #431
- Re enable node selector tests in update tests (#574) #574
- Handle different # of CPUs are in the same MCP (#558) #558
- composable OCP: make NTO components optional (#524) #524
- Update to TuneD v2.20.0 (#565) #565
- Remove trailing spaces from test names (#570) #570
- Remove optimization to allow full resync (#567) #567
- Report host-level sysctls in conflict with TuneD ones (#566) #566
- E2E: Per Core Runtime Tuning Test automation (#509) #509
- Add test case to check single rx queue on veth interface (#562) #562
- Full changelog
- OCPBUGS-8710: psalabelsyncer: invert the enforce/log logic to default to logging #106
- update psa dependency version #103
- update controller-manager dependency to point to v0.25.0 #101
- Full changelog
- OCPBUGS-10221: pkg/cvo/availableupdates: Prioritize conditional risks for largest target version #912
- pkg/cvo: code cleanups #902
- OCPBUGS-7419: Trigger new sync round on ClusterOperator Available changes #904
- install/0000_90_cluster-version-operator_02_servicemonitor: Add ClusterReleaseNotAccepted #906
- OCPBUGS-6097: CVO hotloops on ImageStream and logs the information incorrectly #894
- OCPBUGS-6292: Update golang.org/x/net/http2 for CVE-2022-41717 #901
- Bug 2090680: RetrievePayload: Improve timeouts and cover behavior with tests #896
- pkg/cvo: Set ‘controller’ in our ownerReferences #900
- pkg/cvo/sync_worker: Fix “The sync worker already has a pending notification” formatting #898
- vendor: update openshift/api for NodeTuning capability #883
- Full changelog
- OCPBUGS-10515: UPSTREAM: 115328: apiserver: annotate early (server not ready) and late (during shutdown) requests #1517
- OCPBUGS-8412: Fix mounted volume expansion tests #1502
- OCPBUGS-8308: Bump to k8s 1.26.2 #1495
- AUTH-336: UPSTREAM: <carry>: PSa metrics: unset ocp_namespace on non-platform n… #1489
- Bump to k8s 1.26.1 #1479
- OCPBUGS-7267: add SeccompProfile to Pod and Container accessors/mutators #1490
- UPSTREAM: <drop>: OCPBUGS-5991: Kube APIServer panics in admission controller #1488
- CNF-5901: admission hook change for workload partition on all clusters #1312
- UPSTREAM: 113799: tests: network: Prefer internal IPs first #1446
- UPSTREAM: 115863: Remove global framework variable #1480
- UPSTREAM: <carry>: add new approvers #1458
- OCPBUGS-7555: UPSTREAM: <carry>: add default kubelet sysctls within rpm #1475
- AUTH-336: UPSTREAM: <carry>: PSa metrics: log platform namespaces in audit denies #1454
- Full changelog
- OCPBUGS-32496: Controller to assist autoscaling for placeholder nodes #3922
- Revert “Revert “HOSTEDCP-1465: Create HCPs with externalDNS on AKS Clusters”” #3895
- chore(deps): update rhtap references #3919
- OCPBUGS-32487: Fix OLM intilization args #3918
- OCPNODE-2096: Add ClusterImagePolicy to the list of valid config manifests #3894
- CNV-36073: KubeVirt, Add snapshot side car and volumesnapshot class #3640
- NO-ISSUE: placeholders: ignore auto-sizer placeholders #3877
- OCPBUGS-32228: Fix failure to create a second hostedcluster in the same namespace #3900
- OCPBUGS-32248: Replace periods with commas in subnet label value #3885
- chore(deps): update rhtap references #3886
- HOSTEDCP-1462: set HostPath.Type on volumesource in CloudNodeManagerD… #3892
- NO-JIRA: fixed e2e teardown failing the outer test instead of subtest #3891
- HOSTEDCP-1519: feat(api): Add ingress-controller-load-balancer-scope annotation #3848
- NO-JIRA: remove ovnkube-control-plane from expected component token m… #3850
- CNV-40622: Docs: Avoid cidr Collisions b/w Infra &Guest cluster #3863
- NO-JIRA: Disable kubevirt-csi crash detection in e2e #3896
- Revert “HOSTEDCP-1465: Create HCPs with externalDNS on AKS Clusters” #3890
- HOSTEDCP-1465: Create HCPs with externalDNS on AKS Clusters #3688
- chore(deps): update rhtap references #3872
- OSD-19085: Replaced hypershift_cluster_cores metric with hypershift_cluster_vcpus metric #3697
- NO-ISSUE: *: use the api package constant for the size label #3876
- NO-JIRA: bump capk ci image #3830
- NO-JIRA: chore(deps): update rhtap references (main) #3867
- OCPBUGS-29466: Fix ICSP and IDMS inclusion as registriesOverrides #3862
- STOR-1805: Set RUN_AS_USER if mgmt cluster doesn’t have SCC #3819
- OCPBUGS-29494: Fix disconnected metadata inspection #3860
- OCPBUGS-31012: Disable audit-log container in kas when profile is None #3765
- NO-JIRA: [e2e test framework] Add a flag to add an annotation to HostedCluster #3854
- NO-JIRA: update private cluster IAM policy doc #3851
- NO-JIRA: chore(deps): update rhtap references (main) #3856
- OCPBUGS-14383: disable autoscaler when no nodepool requires it #3846
- NO-JIRA: Document additional known issues for the disconnected scenario #3611
- NO-JIRA: Update RHTAP references (main) #3834
- OCPBUGS-29391: Add new permission required in CAPA #3779
- CNF-11885: nto: add events resources under operator
Role
#3827
- OCPBUGS-31444: use dnsPolicy: Default for konnectivity-agent in data plane #3810
- NO-JIRA: docs: fixing wrong key name #3833
- NO-JIRA: Update expected condition to false for ValidAzureKmsConfig s… #3837
- OCPBUGS-31725: include hostnetwork SCC CPO role for 4.13 and earlier #3838
- HOSTEDCP-1511: enable and document kubevirt custom default network #3832
- HOSTEDCP-1513: Support annotation scoping for hostedcluster resources #3702
- OCPBUGS-31415: update desired image even when HCP doesn’t exist yet #3829
- NO-JIRA: Added regression tests to ensure certain deployment fields do not get set. #2707
- OCPBUGS-31585: disable http2 for ignition server and proxy #3817
- OTA-1211: api/v1beta1/hostedcluster_types: Add spec.updateService #3576
- HOSTEDCP-1365: kubevirt, Generate kccm lb endpointslices #3528
- NO-JIRA: Add –auto-repair flag to
hcp create nodepool
#3163
- NO-JIRA: Set control plane to HA by default #3788
- NO-JIRA: Fix docs commands related to Azure ephemeral OS disks #3809
- Update RHTAP references #3814
- NO-JIRA: Documentation overview of HCP KubeVirt Storage #3763
- OCPBUGS-31465: remove max function usage from deicated request serving nodes #3815
- OCPBUGS-31106: Reduce log file size for hypershift apiservers #3781
- HOSTEDCP-1462: Enable TestNodePool and CreateCluster tests on Azure #3732
- OCPBUGS-31319: copy issuerCertificateAuthority configmap into HC openshift-config #3799
- HOSTEDCP-1478: Request serving node scheduler that uses HC size label #3776
- OCPBUGS-31076: Support other azure clouds #3804
- OCPBUGS-31110: Fix empty RHCOSImage error when creating Azure Infrastructure #3782
- HOSTEDCP-1104: Skip CPU Check on Render & Get Mgmt Cluster CPU from API Server #3797
- OCPBUGS-13726: fix race between ignition payload generation and MCS configmap update #3795
- NO-JIRA: Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /hack/tools #3752
- NO-JIRA: Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 #3710
- OCPBUGS-31089: Fix empty resourceGroupName error when deleting Azure infra #3775
- OCPBUGS-31090: Fix empty subnet name error when creating Azure infrastructure #3778
- OCPBUGS-31263: Add missing PodSecurityViolation alert #3733
- OCPBUGS-31118: fix(ignition): Fix priority class override #3784
- OCPBUGS-31088: Fix loopvar issue #3770
- Update RHTAP references #3790
- HOSTEDCP-1104, HOSTEDCP-1105: Validate multi-arch aspects in an AWS Hosted Cluster #3769
- HOSTEDCP-1501: Create default ClusterSizingConfig CR on start #3787
- NO-JIRA: Remove unused ref to hostnetwork in cpo role #3789
- OCPBUGS-30930: Add CEL validation for NodePool autoScaling / replicas #3786
- OCPBUGS-31102: inject built-in MCP selector for KubeletConfigs and ContainerRuntimeConfigs #3780
- NO-JIRA: Adding Disable PKI Reconciliation annotation as an option #2989
- OCPBUGS-30991: external OIDC: fix certificateAuthority field in structured auth config #3773
- HOSTEDCP-1429: Add install flag to enable/disable size tagging #3766
- OCPBUGS-30968: ibmcloud KMS: remove breaking image check and enable KMS v2 support #3760
- HOSTEDCP-1487: Add managed service constants to HyperShift API #3762
- OCPBUGS-30260: Support subnet labels separated by periods #3767
- HOSTEDCP-1429: hypershift-operator: wire up placeholder pods for sizes #3749
- NO-JIRA: Increase stability in autoscaled environments #3757
- NO-JIRA: Bump HO read budget in e2e to 6000 #3761
- HOSTEDCP-1220: Add multi-arch flag to CLI & associated validation #3743
- HOSTEDCP-1467: ARO HCP - Add ability to specify subnet at nodepool level #3748
- NO-JIRA: Update RHTAP references #3753
- OCPBUGS-30260: Support specifying AWS LB subnets #3746
- HOSTEDCP-1487: Add ability to set managed service type in HO #3736
- NO-ISSUE: hypershift-operator: react to hosted cluster changes #3735
- HOSTEDCP-1429: hypershift-operator: add a controller for t-shirt sizing #3686
- HOSTEDCP-929: Add nodepool annotation to allow requesting IMDSv2 #3584
- NO-JIRA:Bump CPO Read API budget to 4000 in EnsureApiBudget #3745
- OCPBUGS-30320: speed up HCP rollout durations #3734
- STOR-1805: Set env var when the mgmt cluster supports SCC #3701
- HOSTEDCP-1488: Use regionalized STS endpoints in AWS #3742
- NO-JIRA: Update RHTAP references #3737
- OCPBUGS-30242: consider nigthly images in payoad version check #3727
- OCPBUGS-28634: Update agentserviceconfig.md to remove PUBLIC_CONTAINER_REGISTRIES #3687
- HOSTEDCP-1478: Support additional node selectors for request serving nodes #3729
- Revert “HOSTEDCP-1220: Add multi-arch flag to CLI & associated validation” #3731
- OCPBUGS-13726: honor HC image configuration #3714
- HOSTEDCP-1220: Add multi-arch flag to CLI & associated validation #3689
- OCPBUGS-30769: include node local client loadbalancer address in kube-apiserver signing ips #3699
- NO-JIRA: Temporary remove promtool from hack/tools to unblock RHTAP pipeline #3728
- HOSTEDCP-1460: Remove resource limits on azure-cloud-node-manager #3725
- HOSTEDCP-1479: Update IBM/networking-go-sdk package #3722
- HOSTEDCP-1480: Update TLS cert hash creation with sha512 #3718
- NO-JIRA: Fixes Dependabot PR #3712 #3716
- HOSTEDCP-1466: support/metrics: don’t filter HCCO metrics #3715
- MCO-392: ignition-server/controllers: drop
MCSIgnitionProvider
#3709
- HOSTEDCP-1469: Set GOMEMLIMIT annotation based on request serving node label #3708
- OCPBUGS-30574: Update OLM Default Catalog Sources to 4.16 on main #3707
- chore(deps): update rhtap references #3704
- OCPBUGS-30242: Use cluster-config-operator for 4.14 payload #3685
- NO-JIRA: Dependabot#3659 #3665
- Revert “NO-JIRA: test/e2e: temporarily skip NTO machineconfig test” #3700
- NO-JIRA: cleanup: nilness check failures #3698
- HOSTEDCP-1464: Add pull secret to install CLI & create k8s secret #3682
- OCPBUGS-30060: Set OPERATOR_IMAGE environment variable #3667
- OCPBUGS-28370: Use correct return error when destroying AWS SG #3661
- OCPBUGS-30301: [kubevirt] Fix virt-launcher netpol to allow missing access #3680
- OCPBUGS-30124: do not set KAS OAuthMetadataFile with Authentication type OIDC #3678
- NO-JIRA: Bump the misc-dependencies group in /hack/tools with 1 update #3658
- NO-JIRA: Bump the golang-dependencies group with 1 update #3657
- chore(deps): update rhtap references #3674
- NO-JIRA: test/e2e: temporarily skip NTO machineconfig test #3683
- NO-JIRA: chore(deps): update rhtap references #3671
- NO-JIRA: Remove specific pull secret watch in HCCO #3605
- OCPBUGS-30102: Support to disable machine management components #3570
- NO-JIRA: Minor cleanup of Azure create cluster document #3663
- NO-JIRA: chore(deps): update rhtap references #3650
- OCPBUGS-29613: test: add a test for invalid CSRs #3612
- NO-JIRA: test: skip CCO in pod crash check #3652
- OCPBUGS-29773: set Konnectivity cipher suites #3618
- OCPBUGS-30030: rollout kas on auth config change #3647
- NO-JIRA: test: increase CPO mutate budget #3649
- NO-JIRA: test: debug certificates on unauthz error #3642
- NO-JIRA: Remove replace statements #3631
- NO-JIRA: DEPENDABOT#3613 #3617
- NO-JIRA: chore(deps): update rhtap references #3638
- NO-JIRA: Bump the misc-dependencies group in /hack/tools with 2 updates #3636
- NO-JIRA: Bump the misc-dependencies group with 5 updates #3634
- OCPBUGS-28370: Skip SG deletion if it has dependancy violation #3622
- NO-JIRA: Update RHTAP references #3621
- NO-JIRA: Update RHTAP references (main) #3623
- OCPBUGS-23457: Switch to use service endpoint for Konnectivity #3627
- OCPBUGS-27180: Update the oauth API server’s shutdown delay duration #3608
- NO-JIRA: Re-enable InPlace NodePool upgrade test for kubevirt (CNV-36608) #3600
- OCPBUGS-29855: feat(ho): Add flag for dedicated request serving isolation #3601
- OCPBUGS-28607: feat(config): Default RevisionHistoryLimit to 2 for deployments #3477
- NO-JIRA: adjust pdb for oauth-apiserver #3619
- OCPBUGS-29645: control-plane-pki-operator: fix CA used for SRE client credentials #3615
- HOSTEDCP-1424: ARO HCP Support Disabling Outbound SNAT #3583
- NO-JIRA: always set minAvailable on PDBs to 1 #3616
- OCPBUGS-29723: CLI: create nodepool aws - remove sg requirement #3614
- NO-JIRA: Bump the misc-dependencies group with 15 updates #3609
- NO-JIRA: Ignore kubectl version mistmaches in Component Versions #3575
- NO-JIRA: Bump the k8s-dependencies group in /api with 2 updates #3598
- OCPBUGS-28538: Add an SCC for validation pods with Cilium SDN #3602
- NO-JIRA: chore(deps): update rhtap references #3603
- HOSTEDCP-1411: Add capability to specify additional tags to azure resource… #3490
- NO-JIRA: chore(deps): update rhtap references #3590
- OCPBUGS-29435: Use structured authentication config #3574
- HOSTEDCP-1428: hcco: report node count on HCPs #3557
- HOSTEDCP-1436: Make nodepool.spec.aws.subnet required #3581
- OCPBUGS-29586: use 2040 for apiserver svc in IBM provider #3569
- HOSTEDCP-1438: Preserve container resources for more hosted control plane components #3120
- NO-JIRA: contrib/aws-tag-lb-service-webhook: JSONPatch improvements #3585
- NO-JIRA: KubeVirt Platform Documentation for Additional Network, CPU Performance, and VM NodeSelector #3464
- NO-JIRA: remove dead code from kas config #3578
- OCPBUGS-29115: Default NodeUpgradeType on day2 nodepool creation #3572
- Revert “CNV-36608: Enable InPlace NodePool upgrade test for kubevirt” #3547
- NO-JIRA: Update RHTAP references #3577
- OCPBUGS-28538: Added docs to get other sdn providers deployed with agent provider #3405
- Update RHTAP references #3568
- CNF-6516: NTO: Enable PerformanceProfile #1782
- OCPBUGS-29209: hypershift-operator: don’t create PKI rbac when disabled #3544
- OCPBUGS-29104: control-plane-pki-operator: add a signer for SRE break-glass #3542
- NO-ISSUE: test: wait longer for certificate signing, revocation #3560
- NO-JIRA: Reduce nodepool test cases for KubeVirt due to infra perf issues #3562
- NO-JIRA: Developer namespace template for CI clusters #3561
- HOSTEDCP-1419: Always include AWS default security group in worker security groups #3527
- HOSTEDCP-1407: Add steps for seting up azure CI cluster #3545
- Update RHTAP references (main) #3546
- HOSTEDCP-1420: Set a fixed minimum supported version #3525
- NO-JIRA: Update RHTAP references #3518
- OCPBUGS-29103: control-plane-pki-operator: validate CN for CSR #3538
- NO-JIRA: stevekuznetsov approver on CPPO and integration tests #3540
- NO-JIRA: Fix issue with release note tool #3429
- HOSTEDCP-336: Hypershift API separation #3390
- HOSTEDCP-1344: control-plane-pki-operator: add a revocation controller #3339
- CNV-36608: Enable InPlace NodePool upgrade test for kubevirt #3517
- OCPBUGS-27282: Make ControllerAvailabilityPolicy immutable #3513
- NO-JIRA: remove unneeded code to copy Authentication refs #3512
- OCPBUGS-28659: Add ValidatingAdmissionPolicy to KAS config #3488
- OCPBUGS-28741: Fix default release image lookup #3450
- NO-JIRA: Add app labels to KubeVirt CCM component #3510
- MULTIARCH-4084: Reduce the policy access scope to specific instance #3491
- NO-JIRA: Bump the misc-dependencies group with 5 updates #3503
- OCPBUGS-28625: cpo: honor user provided oauthmetadata configmap passed in Authentication config #3511
- NO-JIRA: Bump github.com/go-resty/resty/v2 from 2.10.0 to 2.11.0 in /hack/tools #3505
- Update RHTAP references (main) #3508
- OCPBUGS-28763: Ensure cloud resources are destroyed for all platforms when –destroy-cloud-resources is used #3494
- OCPBUGS-28601: Remove webhook validations that introduce resource ordering #3484
- NO-JIRA: manifests: Skip pod anti affinity for nil labels #3507
- MULTIARCH-3882: Support PER solution for powervs platform via transit gateway #3277
- HOSTEDCP-1408: Update CAPZ Identity Type to Service Principal #3501
- OCPBUGS-27161: reflect NodePool replica count nil in status #3472
- NO-JIRA: Fix dependabot pr 3414 #3453
- NO-JIRA: kubevirt, e2e, Add additional network test #3449
- NO-JIRA: remove PrivateIngressController cleanup #3489
- HOSTEDCP-1373: ARO HCP - Add capability for Azure VMs to be created with ephemeral disks #3483
- NO-JIRA: contrib: add code for aws-tag-lb-service-webhook #3493
- NO-JIRA: Bump the misc-dependencies group with 3 updates #3486
- NO-JIRA: Bump the misc-dependencies group in /hack/tools with 1 update #3469
- HOSTEDCP-1364: kubevirt, use selector less services for ingress #3343
- OCPBUGS-22899: node spread anti-affinity for HA HCP #3286
- NO-JIRA: Bump the misc-dependencies group with 17 updates #3476
- HOSTEDCP-1401: Enable BYO NSG #3455
- NO-JIRA: Update go-jose to the latest version to fix CVE #3475
- HOSTEDCP-1344: re-revert api stuff #3463
- OCPBUGS-26940: Include OperatorHubSpec sync with HC when Config is empty #3454
- NO-JIRA: Simplified kubectl component version check #3458
- NO-JIRA: Remove ‘–attach-default-network’ from productized cli #3462
- NO-JIRA: Tolerate restarts for kubevirt external infra #3451
- NO-ISSUE: .ci-operator.yaml: base off of RHEL 9 #3466
- OCPBUGS-27366: indicate cluster profile to render the correct manifests #3443
- OCPBUGS-26977: Required RBAC for network-node-identity is not created when hosted cluster networkType is set to Other. #3403
- TRT-1456: Revert #3448 “api: move CSRA to a new group” #3460
- HOSTEDCP-1344: api: move CSRA to a new group #3448
- HOSTEDCP-1397: Add documentation on how to debug Azure nodes #3452
- NO-JIRA: Update Dockerfiles to use publicly available RHEL9 images #3426
- HOSTEDCP-1308: Add e2e to ensure SA token not mounted on mgmt workloa… #3301
- NO-JIRA: Fix promql testdata missing issue #3438
- NO-JIRA: Update RHTAP references (main) #3446
- HOSTEDCP-1188: Add docs for control plane scheduling topologies #3434
- HOSTEDCP-1283: Set outbound LoadBalancer name on AzureCluster #3445
- NO-JIRA: Bump misc dependencies 21f825371d #3433
- HOSTEDCP-1207: Automated etcd backup #3034
- NO-JIRA: Document machine configuration in HyperShift #3331
- HOSTEDCP-1382: [Subtask] Restore Ability to Create HCPs on Azure #3404
- HOSTEDCP-1314: Ensure all e2e HCs use NLB for ingress controller #3293
- OCPBUGS-26757: Change KAS bootstrap image to cluster-config-api #3400
- NO-JIRA: Improve nodepool’s machine condition message #3354
- OCPBUGS-23228: Add storage, csisnapshotcontroller and clustercsidrive… #3396
- OCPBUGS-27027: availability-prober: wait for infrastructure name to be set #3409
- NO-JIRA: remove non-existent v1beta2 from webhook #3407
- HOSTEDCP-1376: Bump the sigs.k8s-dependencies group and update dependabot groupings #3392
- OCPBUGS-25696: Apply Scheduling Configuration for kCCM #3382
- OCPBUGS-26547: remove LoadBalancer filter from external-dns #3410
- OCPBUGS-26547: fix up external-dns flags #3408
- OCPBUGS-26547: reduce external-dns route53 call volume #3394
- Update RHTAP references (main) #3401
- OCPBUGS-25897: hcco: use manual mode for CCO #3375
- HOSTEDCP-1309: Add GC knobs for KAS #3384
- NO-JIRA: [KubeVirt] Fix external infra permissions documentation #3391
- HOSTEDCP-1374: external OIDC: copy Authentication OIDC client secrets through to guest #3373
- OCPBUGS-25974: Do not use CPO image from status if it’s not a valid image reference #3361
- OCPBUGS-23518: consider HCP upgradeable if CVO has no upgradable condition #3239
- OCPBUGS-26232: set KAS runtime-config in alignment with feature gates #3377
- HOSTEDCP-1372: Bumps k8s to v0.29 #3360
- OCPBUGS-25342: Add extra resources to be encrypted. #3341
- OCPBUGS-26197: hostedcontrolplane: don’t start pki operator when disabled #3368
- CNV-36656: Documenting the mimimum RBAC required for External Infra cluster with KubeVirt provider #3364
- NO-JIRA: Update RHTAP references (main) #3365
- HOSTEDCP-1371: Bump Golang to v1.21 #3359
- HOSTEDCP-1328: Add Ability to Encrypt VM OS Disks #3281
- HOSTEDCP-1122: Etcd defrag controller #2869
- NO-JIRA: Update RHTAP references (main) #3275
- HOSTEDCP-336: Move fixtures out of API #3342
- OCPBUGS-23362: Set new condition on SG deletion. #3307
- NO-JIRA: Bump the k8s-dependencies group in /hack/tools with 1 update #3251
- NO-JIRA: Add rbac permission for kubevirt capi #3344
- OCPBUGS-22399: Disable UWM Telemetry writer when telemeter-client cm not exists #3348
- NO-JIRA: Approvers update #3347
- HOSTEDCP-1262: Add additional CEL to Arch in NodePoolSpec #3333
- NO-JIRA: Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /hack/tools #3334
- NO-JIRA: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 #3335
- OCPBUGS-22399: Disable UWM Telemetry remote writer when MGMT cluster is disconnected #3332
- HOSTEDCP-336: Move CAPI imports from /api package into support/api #3270
- OCPBUGS-24308: Add PodDisruptionBudget for router deployment #3337
- HOSTEDCP-1355: Remove unused functions from repo #3325
- NO-JIRA: RHTAP Multi-Arch PipelineSpec #3340
- HOSTEDCP-1329: Allow user to specify resource group for NodePool resources #3279
- HOSTEDCP-1353: Improve description for agent APIServerAddress CLI flag #3314
- ACM-8917: Add agentLabelSelector to nodepool agent create to CLI #3285
- CCO-388: control-plane-operator: reconcile the CCO #2794
- NO-JIRA: Bump github.com/prometheus/alertmanager from 0.25.0 to 0.25.1 in /hack/tools #3045
- NO-JIRA: Bump github.com/docker/docker from 23.0.3+incompatible to 24.0.7+incompatible in /hack/tools #3145
- HOSTEDCP-1344: use library-go crypto where we can #3326
- OCPBUGS-25332: Force KMSv1 on #3318
- HOSTEDCP-1273: Added support for OLM Disable default sources on HC creation #3320
- HOSTEDCP-1327: Remove Old Azure SDKs from Azure Infra #3274
- OCPBUGS-25306: Use k8s.io/kube-scheduler/config/v1 #3313
- TRT-1406: Revert #3283 “HOSTEDCP-1273: Added support for OLM Disable default sources on HC creation” #3306
- OCPBUGS-25103: Remove reference to v1alpha1 flowcontrol #3304
- HOSTEDCP-1257: control-plane-pki-operator: add a CSR flow for break-glass creds #3267
- NO-JIRA: Align kubevirt MinSupportedVersion with the default one (4.14.0) #3305
- OCPBUGS-24261: Konnectivity agent update strategy #3294
- CNV-36056: Expose NodeSelector for KubeVirt VMs in NodePool #3280
- ACM-8466: Add Kubernetes SCC V2 options to HO containers #3284
- OCPBUGS-23511: Remove IAM path when applying control-plane-operator ARN to VPC Endpoint Service allowed principals #3215
- NO-JIRA: Update Latest Supported Version to 4.16 After Branch-out #3302
- HOSTEDCP-1343: docs(ibmcloud): Add HC/HCP yamls for IBM Cloud #3287
- HOSTEDCP-1273: Added support for OLM Disable default sources on HC creation #3283
- HOSTEDCP-1272: Added CLI support to create DualStack clusters using default values #3276
- OCPBUGS-20035: Add HostedCluster false conditions sumamry when cluste… #3190
- HOSTEDCP-1336: bump openshift/api #3282
- NO-JIRA: Fix wrong annotation on cluster deletion #3289
- OTA-855: Enable CVO to evaluate conditional updates on self-managed HyperShift deployed on OpenShift #2807
- HOSTEDCP-1318: correct typo for OAS internal-oauth-disabled flag #3278
- NO-JIRA: Bump the golang-dependencies group with 3 updates #3254
- OCPBUGS-23126: Fix a bug on deletion of a hostedcluster #3234
- CNV-35774: Improve CRD defaulting for HostedCluster and NodePool #3116
- HOSTEDCP-1322: NodeUpgradeType defaulted by provider via CLI #3273
- NO-JIRA: cmd/cluster/core/dump: Gather PodDisruptionBudgets too #3263
- CNV-34093: kubevirt: verify release image falls within supported release window #3184
- CNV-29003: Re-enable NodePoolUpgradeTest for KubeVirt (Replace Only) #3189
- OCPBUGS-22459: Add prestop to konnectiviy server #3250
- HOSTEDCP-1318: pass internal-oauth-disable flag to openshift-apiserver when Auth type is OIDC #3244
- OCPBUGS-23397: Set shutdown-delay-duration to 15s #3204
- HOSTEDCP-1234: Add KMS support on Azure clusters using Azure Key Vault #3183
- OCPBUGS-23555: set respondWithChallenges false on CLI OAuth client #3249
- WRKLDS-925: remove duplicate passing of kubeconfig into route-controller-manager #3220
- HOSTEDCP-1256: control-plane-pki-operator: add an operator for managing PKI #3193
- HOSTEDCP-1319: Fix Dependabot & Group Dependency Updates #3246
- OCPBUGS-24062: fix(cpo): Set restart annotation on network-node-identity #3245
- kubevirt, hcp, HOSTEDCP-1311: Add multinet knobs #3235
- HOSTEDCP-1312: Fixed update-codegen.sh to work locally #3214
- OCPBUGS-23555: add CLI oauthclient #3238
- HOSTEDCP-1300: Bump k8s.io/client-go to v0.28.3 #3191
- OCPBUGS-19834: add watch for HCP pullsecret to HCCO #3237
- Update RHTAP references (main) #3230
- HOSTEDCP-1236: Enable public router+external DNS for azure #3233
- OCPBUGS-23921: Use correct kubeconfig in CCM and remove CCMs access t… #3222
- OCPBUGS-22473: Added OLMCatalogPlacement option to the CLI #3206
- OSD-19085: New hypershift_cluster_cores metric giving the total number of worker cores #3089
- OCPBUGS-20246: Added brackets to IPv6 KAS address on kubeconfig #3207
- OCPBUGS-23737: remove machine-approver probes #3227
- OCPBUGS-23350: Added IPFamilyPolicy to services exposed at the HCP in DualStack mode #3210
- OCPBUGS-23466: Let router use svc ips #3218
- HOSTEDCP-1256: api/hypershift: mark more conditions with list key types #3212
- OCPBUGS-23472: unset ServiceAccount on ignition-server-proxy #3209
- OCPBUGS-23528: Fix error when removing finalizer on cluster destroy #3219
- HOSTEDCP-1256: api/v1beta1: annotate hostedcontrolplane conditions #3211
- OCPBUGS-23398: Fixed AWS KMS Backup container args #3216
- HOSTEDCP-1311: kubevirt, Add support for secondary networks #3066
- HOSTEDCP-1256: expose cert rotation scale parameter #3208
- OCPBUGS-23314: SetLogger for CLI #3199
- HOSTEDCP-1237: Retrieve RHCOS VHD image from release image #3177
- HOSTEDCP-1284: Bumps k8s.io/pod-security-admission to v0.28.3 #3181
- CNV-23418: Validate jsonpatch annotation + add condition on wrong patch #3197
- HOSTEDCP-1285: Kas port svc cleanup #3186
- HOSTEDCP-1254: disable deployment of integrated oauth when authentication type is OIDC and set KAS flags #3151
- CNV-23418: fix the jsonpath annotation implemetation #3201
- HOSTEDCP-1305: Simplify HostedControlPlaneNamespace().Name #2619
- OCPBUGS-22912: Set value of elb tag to 1 instead of true #3198
- CNV-30444: Document recommended MTU settings for KubeVirt HCP #3129
- HOSTEDCP-1306: Bump Golang builder to 1.20 for RHTAP dockerfile #3196
- NO-JIRA: chore(deps): update rhtap references #3192
- CNV-23418: unsupported escape hatch mechanism custom HS/KV vms #3187
- HOSTEDCP-1256: generate typed clients for apis #3179
- NO-JIRA: *: Fix “succesfully” -> “successfully” typos #3188
- OCPBUGS-20179: Stop defining time series for hosted clusters or node pools which do not exist anymore. #2671
- HOSTEDCP-1285: Consume kas Pod port by name #3185
- OCPBUGS-23083: adding permission to CNO RBAC Calico path for network-node-identity deploy #3172
- HOSTEDCP-1256: Update Dependencies #3154
- HOSTEDCP-1283: Fixed Azure nodes not joining #3174
- HOSTEDCP-1227: Retrieve CAPZ image from OCP release image #3074
- NO-JIRA: fix formatting for releaseImage log #3156
- HOSTEDCP-1206: Req serving isolation e2e enxebre #3150
- OCPBUGS-23015: Configure HSTS for kube-apiserver #3088
- HOSTEDCP-1281: Fix a bug in the validating webhook #3164
- CNV-33847: KubeVirt: create the etcd encryption key secret, if missing #3148
- HOSTEDCP-1278: Adjustment cluster-cidr,service-cidr to support dualstack #3161
- OCPBUGS-10423: Update regex validation for nodepool.spec.taints.value #3141
- OCPBUGS-20161: Stop exposing kas on 6443 private route service load balancer #3149
- OCPBUGS-16079: No error for overlapping service network and API IP #3067
- OCPBUGS-22868: Fixed accessTokenInactivityTimeout validation #3157
- CNV-34094: Add validating webhook #3132
- Stop defaulting aws private haproxy external port to 6443 #3147
- Remove GITHUB_ACCESS_TOKEN requirement from release notes script #3134
- HOSTEDCP-1215: Use the same etcd snapshot for all replicas during etcd restore #3081
- Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /hack/tools #3136
- OCPBUGS-20033: Make the OLMCatalogPlacement field immutable #3113
- HOSTEDCP-1113: Improve NodePool CPU arch & platform check #3072
- HOSTEDCP-1253: bump openshift/api for new authentication config #3135
- HOSTEDCP-1229: Move azure cloud provider to out of tree #3086
- contrib: increase HC quota to 40 #3140
- HOSTEDCP-1200: Remove pod exceptions from EnsureNoCrashingPods #3138
- run EnsurePSANotPrivileged for TestCreateCluster only #3137
- OCPBUGS-21776: Cluster-policy-controller: add missing RBAC for privileged namespaces PSA syncer controller #3115
- OCPBUGS-21626: Validate accessTokenInactivityTimeout >= 300s #3110
- OCPBUGS-20246: Added brackets to the kubeconfig server address when IPv6 #3097
- Bump golang.org/x/net from 0.13.0 to 0.17.0 #3092
- OCPBUGS-22195: Fix label selector check for CAPI provider #3108
- Bump golang.org/x/net from 0.9.0 to 0.17.0 in /hack/tools #3093
- Update RHTAP references #3062
- OCPBUGS-21822: Add ign proxy label selector for LabelTopologyZone PodAntiAffinity #3103
- OCPBUGS-19419 change trusted bundle volume mount for CPO #3099
- Disabling unused monitoring services #2730
- OCPBUGS-18341: change required pod anti-affinity rule to preferred rule #3095
- SDN-4062: Revert “SDN-4042: Increase upgrade rollout timers” #3090
- CNV-31891: Document port 80 is not supported with default ingress for KubeVirt #3079
- MULTIARCH-3760: Rename depricated flag for PowerVS capi deployment #3028
- HOSTEDCP-1051 addition of grace period for aws infra destruction #2967
- HOSTEDCP-1232: Add clusterName label to CAPI kubeconfig secret #3087
- OCPBUGS-19957: Reconcile CNCC secret to CPO namespace #3065
- OCPBUGS-20105: OCPBUGS-20109: Update the scheduler to only accept paired Nodes and check scheduler HCs has two Nodes #3077
- OCPBUGS-16189, OCPBUGS-19746: Added network validations #3047
- CNV-30697: Dedicated CPU for KubeVirt node pool #3048
- Add record rules for kas qps #2858
- Fix a typo in KubeVirt troubleshooting script #3073
- HOSTEDCP-1184: Document IPv6/IPv4/DualStack deployments for Hypershift in Baremetal #3008
- Add aws-ebs-csi-driver-operator to allowed NeedManagementKASAccessLab… #3076
- Upate azure docs #3075
- OCPBUGS-13348: Hypershift Audit configuration not working (part2). #3014
- OCPBUGS-11939, OCPBUGS-18128, OCPBUGS-18460, OCPBUGS-18602, OCPBUGS-18879: Support Disconnected HCP #2950
- Add private link perms to docs and clarify log message #3063
- OCPBUGS-14819: Add konnectivity-proxy container to CNO #2974
- OCPBUGS-19784: Update capi agent version for CRD label #3050
- KubeVirt platform troubleshooting documentation #3055
- Remove EgressFirewall Creation in HCP namespace #3049
- HOSTEDCP-1212: Bump Golang to v1.20 #3038
- Update RHTAP references (main) #3054
- OCPBUGS-15215: OAuth template config in HostedCluter.configuration.ouath is not honored in HyperShift #3041
- Update RHTAP references (main) #3042
- OCPBUGS-19271: Updating hypershift images to be consistent with ART #3017
- Update kubevirt csi driver deployment with proper timeouts #3044
- OCPBUGS-19516: Upgrade agent APIs to v1beta1 #3022
- [kubevirt platform] Detect Suboptimal MTU and raise HostedCluster Condition accordingly #2976
- OCPBUGS-19674: Report correct port when API exposed via route #3037
- OCPBUGS-13829: set accesstoken-inactivity-timeout flag to openshift-oauth-apiserver #3025
- HOSTEDCP-1209: set ubi Containerfile labels #3039
- Use example versions for KubeVirt platform that are supported #3027
- OCPBUGS-17669: Remove cluster name validation from HCC #3036
- KubeVirt: document VMs logs collection #3031
- Update RHTAP references (main) #3033
- OCPBUGS-19381: Let NodePools skip min version when SkipReleaseImageValidation is in HC #3024
- OCPBUGS-19346: set default deploymentconfig params on AWS CCM #3021
- ACM-7278: Remove marking pull secret as required in hcp cli #3013
- OCPBUGS-19332: Use impersonated client for fetching the localhost-kubeconfig from ma… #3011
- Relax network policy e2e for private #3020
- Dump KubeVirt pod logs #3000
- Update RHTAP references #2995
- OCPBUGS-19014: Apply private-router network policy only if running OCP 4.14 #3012
- Validate KubeVirt platform required versioning #2948
- OCPBUGS-18720: amend OLM catalogs ImageStream according to annotation #3001
- OCPBUGS-17906: reconcile Authentication global config #3009
- feat: add _id label to all hypershift operator metrics #2991
- OCPBUGS-18122: Rename isUpgradeable to isUpgrading according to its return value #2955
- OCPBUGS-18762: unset ControlPlaneReleaseImage on HCP when ControlPlaneRelease is unset on HC #3004
- OCPBUGS-18754: tuned DS should not use controlPlaneReleaseImage #3003
- HYPBLD-99: enable CGO_ENABLED for building FIPS compliant images #2997
- e2e: fixed gomega created from parent test context #2987
- bump HO supported version for 4.15 #2927
- HOSTEDCP-1075: Document instructions for recovering etcd cluster from lost quorum #2952
- HOSTEDCP-1185: Add flag to create a single NAT gateway #2984
- Dump kubevirt external infra clusters #2992
- OCPBUGS-18568: Use MCO and CCO image references when looking up mappings #2985
- HOSTEDCP-591: Amend OLM catalog IS according to OpenShiftImageRegistryOverrides #2947
- e2e: skip CNO pod restart check #2986
- HOSTEDCP-1133: Signal NodePool rolling upgrade because of platform changes #2973
- OCPBUGS-18127: Enable caching of Unstructured Objects in HO #2988
- e2e: run Ensure functions after Main part of test #2983
- OCPBUGS-18127: Ensure machineTemplate name length respects RFC1123 spec #2975
- ACM-6435: add pausedUntil create cluster option in CLI #2965
- OCPBUGS-7840: Untangle kas port #2964
- OCPBUGS-18399: Preserve mirror order when serializing ICSP to env #2977
- OCPBUGS-18336: make konnectivity routes roundrobin #2971
- Use the correct pull secret for HCP KubeVirt components #2919
- Disable nto inplace test for kubevirt #2980
- OCPBUGS-18438: Properly format IPv6 address when proxying it through Konnectivity #2969
- OCPBUGS-18127: Trigger a rolling upgrade on NodePool .spec.platfrom changes #2956
- HOSTEDCP-1156: Add defaulting webhook to installation and notes #2922
- HOSTEDCP-979: Re-enable nodepool in-place upgrade tests #2960
- Add a default value (32Gi) for nodepool in
create nodepool kubevirt
command #2940
- OCPBUGS-16221: Adds trust bundle to ignition-server when configured in HC #2819
- Avoid creating tar archive if –archive-dump=false #2963
- OCPBUGS-3873 adding rbac for UserOAuthAccessToken #2962
- HOSTEDCP-1178 fix limited support label key #2958
- OCPBUGS-18065: enable aws-pod-identity-webhook on AWS #2957
- OCPBUGS-18308: Do not use mgmt cluster ICSP to mutate CCO image in KAS pod #2966
- OCPBUGS-18266: fix Progressing condition when ControlPlaneRelease is set #2959
- fix(ho): Restore match label selector behavior #2951
- OCPBUGS-18072: Set emptyDir storage for the image registry only on initial time for None and Kubevirt platform #2895
- OCPBUGS-18024: Set Arch to amd64 for HCP NodePool Create #2941
- chore(deps): update rhtap references (main) #2920
- OCPBUGS-16813: switch konnectivity-server to additional container in KAS pods #2942
- Updating hostedcluster controller to stop using deprecated flags #2946
- OCPBUGS-17827: e2e: remove private-router from NeedManagementKASAccessLabel allowlist #2939
- MULTIARCH-3709: PowerVS - Add reuse resource flags to e2e test #2902
- MULTIARCH-3478: Minor bug fix on PowerVS infra #2451
- OCPBUGS-18069: Ensure load balancers are not exist before declaring load balancers are cleaned up #2887
- MULTIARCH-3708: PowerVS - Fix cluster deletion when existing resources passed #2867
- MGMT-15368: Document scaling down NodePools #2944
- OCPBUGS-13348: Hypershift Audit configuration not working. #2945
- TRT-1202: set SkipReleaseImageValidation annotation properly on e2e clusters #2943
- OCPBUGS-17678: Reconcile cloud credentials configuration to hosted cluster #2937
- Add e2e test for etcd member recovery #2930
- OCPBUGS-17827: remove NeedManagementKASAccessLabel from router pods #2934
- OCPBUGS-17985: Handle empty mirrorImage result for ignition disconnected registry #2935
- OCPBUGS-17827: e2e: refactor checkPodsHaveLabel to be allowlist rather than exact match #2928
- OCPBUGS-16813: do not hardcode ignition-server-proxy replicas #2933
- fix(ho): Restore match label selector behavior #2893
- TRT-1202: add annotation to skip release image validation #2929
- OCPBUGS-17812: Update Etcd health check to mirror standalone etcd #2918
- STOR-1443: Sync
05_operator_role-hypershift.yaml
manifest from cluster-csi-snapsht-controller-operator #2915
- HOSTEDCP-1065: CNO deployed hosted-cluster-kubecfg-setup initContainers use CPR image #2917
- HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow #2909
- OCPBUGS-17669: Validate HostedCluster name against RFC1123 #2914
- HOSTEDCP-1075: Document how to recover single etcd member #2916
- HOSTEDCP-1085: Create a monitoring dashboard per HostedCluster #2907
- chore(deps): update rhtap references (main) #2903
- HOSTEDCP-1063: Account for guest webhook URLs without a port #2898
- OCPBUGS-17680: Remove immutable note from PullSecret #2910
- Revert “HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow” #2908
- OCPBUGS-16076: Validate HostedCluster name against RFC1123 in CLI #2906
- OCPBUGS-15331, OCPBUGS-16049: Enable AdvertiseAddress dual stack and IPv6 support and added the changes to be included in the certificates #2779
- HOSTEDCP-1081: Perform etcd recovery when etcd member data is lost #2900
- SDN-4057: Pass ControlPlane image to OVN #2896
- test: e2e: remove SingleReplica etcd chaos test #2901
- Allow overriding pod security admission label #2886
- HOSTEDCP-1146: cpo: use CPO spec container image if it is a sha256 reference #2899
- HOSTEDCP-1022: Set Arch to amd64 #2897
- Re-introducing defaulting webhook for self managed HCP #2892
- fix-CNV-30260: KubeVirt: fix failed conformance test #2891
- OCPBUGS-16298: Prevent the kube-apiserver from connecting to the managment kas #2888
- HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow #2820
- HOSTEDCP-1046, HOSTEDCP-1102: Follow-on Items #2847
- Revert “[HOSTEDCP-1041] Defaulting webhook for self managed HCP” #2889
- OCPBUGS-17446: Set advertise-address in HCP etcd to resolvable name #2884
- Defaulting webhook for self managed HCP #2864
- STOR-1432: cso: add envvars for CSI driver controller images #2882
- HOSTEDCP-1025: Add HCP CLI Command to Create a NodePool on AWS #2852
- SDN-4042: Increase upgrade rollout timers #2881
- skip olm-collect-profiles in EnsureComponentsHaveNeedManagementKASAccessLabel #2874
- HOSTEDCP-1064: Add egress policy for private-router #2792
- HOSTEDCP-1121: Ensure SG reconciliation for aws endpoint #2872
- chore(deps): update rhtap references #2865
- HOSTEDCP-1065: add ControlPlaneImage API for provider-side HCP updates #2848
- HOSTEDCP-1063: Disallow webhooks URLs targeting control plane services #2775
- OCPBUGS-17374: Fast specific dockerignore #2879
- Kubevirt how-to docs updates #2875
- Fix nodepool upgrade docs link #2880
- OCPBUGS-17171: Update OLM catalog image tags #2877
- HOSTEDCP-1029: Add HCP CLI Command to Destroy a Cluster on AWS #2853
- Add workload management annotation to kubevirt-csi daemonset #2840
- WRKLDS-730: use default /healthz path for readiness probe in OCM and RCM #2873
- Add api and cli validation for kubevirt volume mode #2862
- HOSTEDCP-1079: RHTAP HO Containerfile #2857
- OCPBUGS-16770: add need-management-kas-access label to olm-collect-profiles pods #2854
- MULTIARCH-3684: PowerVS - Upgrade capi to use v1beta2 APIs #2831
- HOSTEDCP-1046: Add ImageDigestMirrorSet to Config API comment #2868
- MULTIARCH-3683: Add dev flags in destroy cluster powervs command #2764
- kubevirt: Reconcile EgressFirewall only for ovn-k #2849
- HOSTEDCP-1046: Add IDMS to the list of valid config manifests #2837
- OCPBUGS-17059: Add volume mode to kubevirt root volume api #2860
- Update RHTAP references (main) #2832
- OCPBUGS-16809: Configured IgnitionProxy to support IPv4 and IPv6 #2850
- OCPBUGS-14163: Fixed ETCD to work in Ipv6 and Dual stack envs #2846
- HOSTEDCP-1112: Add config to set creation frequency of RHTAP PRs #2838
- HOSTEDCP-1020: Remove name as a persistent flag required field #2836
- OCPBUGS-16232: skip z-stream version check when upgrade is forced #2823
- OCPBUGS-16033: ClusterNetwork’s HostPrefix validation for dual stack #2795
- OCPBUGS-14783: Fix NetworkPolicy to work over IPv4 and IPv6 #2704
- Revert “HOSTEDCP-710: Make ImageContentSource immutable” #2829
- Update RHTAP references (main) #2814
- HOSTEDCP-1062: Make CAPI pod selector backward compatible #2825
- HOSTEDCP-1093: Add default flags to HCP create cluster CLI cmd #2802
- Revert “HOSTEDCP-1094: e2e autoscaler balancing similar node groups” #2828
- HOSTEDCP-1090: Use statically configured haproxy for router #2778
- HOSTEDCP-1046: Allow HCP Specification to Support ICSP & IDMS #2720
- HOSTEDCP-710: Make ImageContentSource immutable #2815
- OCPBUGS-11835: Add missing probes to two services #2430
- HOSTEDCP-1094: e2e autoscaler balancing similar node groups #2808
- OCPBUGS-16113: unshare ignition-server reconciliation between HO and CPO #2817
- OCPBUGS-11939: Fix additional issues with OCPBUGS-11939 #2804
- OCPBUGS-16135: fix deletion bug when hostedzone is already deleted #2811
- OCPBUGS-14862 Improve clarity around hypershift operator permissions #2782
- HOSTEDCP-1062: Management kas policy #2796
- Revert “HOSTEDCP-1062: Add management cluster KAS network policy” #2793
- HOSTEDCP-1020: Add pullSecret & NodePool replica flags to HCP CLI #2774
- HOSTEDCP-1101: Add snyk-secret HO RHTAP scripts #2788
- OCPBUGS-15991: use ignition-proxy Service to populate ignitionEndpoint with strategy NodePort #2787
- OCPBUGS-15769: Include hypershift specific labels to be ignored by similar autoscaler groups #2784
- Add management cluster KAS network policy #2717
- HOSTEDCP-1019: Add create cluster for Agent for HCP CLI #2754
- CNV-30407: KubeVirt Platform: Support NetworkInterfaceMultiQueue #2760
- HOSTEDCP-1030: Add destroy cluster for Agent for HCP CLI #2756
- OCPBUGS-15594: Get valid arch image for cluster-config-operator #2753
- kubevirt: Annotate VMs to be live migratable #2772
- Revert “Merge pull request #2770 from dharaneeshvrd/upgrade-capi-ibmcloud #2776
- MULTIARCH-3684: PowerVS - Upgrade capi to use v1beta2 APIs #2770
- OCPBUGS-14862: Reject VPCE Connections during VPCE Service cleanup #2700
- Update RHTAP references #2768
- HOSTEDCP-1023: Add create NodePool for Agent for HCP CLI #2755
- HOSTEDCP-1061: Implement dedicated request serving nodes for HostedClusters #2722
- OCPBUGS-15769: Set –balance-similar-node-groups for autoscaler #2769
- Leader election config update. #2282
- OCPBUGS-15723: Let getMachinesForNodePool return machines ordered by creation Timestamp #2766
- Fix KAS HealthCheck for non DNS-Based ingress points in LB service #2765
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible #2741
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /hack/tools #2740
- Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 in /hack/tools #2737
- OCPBUGS-12208 ensureExists pullSecret resource reconciliation strategy #2732
- Bump github.com/coreos/ignition/v2 from 2.10.1 to 2.14.0 #2739
- Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /hack/tools #2738
- Remove hardcoded AWS CI References #2742
- TRT-1118: Remove DisableStrictZoneCheck from AWS CCM config #2757
- Update RHTAP references #2750
- add OWNERS for new ci-tooling area label #2743
- Add production cli (hcp) to dockerfile #2747
- feat: Enable priority class override #2661
- test/e2e: retry configmap create in etcd chaos tests #2746
- OCPBUGS-14578: Set allocate-node-cidrs to false in the cluster-kube-controller-manager #2731
- Revert “HOSTEDCP-1016: Validate publishing strategies” #2733
- HOSTEDCP-1027: Add Create kubeconfig for HCP CLI #2719
- HOSTEDCP-1016: Validate publishing strategies #2651
- KubeVirt Platform documentation for Advanced Storage Configurations and External Infrastructure #2712
- Follow up to PR comments on #2642 #2690
- HOSTEDCP-1067: Add dependabot dependency management #2708
- HOSTEDCP-1073: enforce blocked rollout of HCP #2726
- Revert “HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default” #2705
- Remove –service-publishing-strategy from production cli #2721
- HOSTEDCP-1024: Add Create NodePool for KubeVirt for HCP CLI #2718
- HOSTEDCP-1032: e2e: ensure default PSA policy is not privileged #2714
- HOSTEDCP-1031: Add Destroy Cluster Cmd for KubeVirt for HCP CLI #2673
- Expose annotation to allow release image overrides #2595
- HOSTEDCP-1060: add ignition-server proxy #2668
- OCPBUGS-14637: Check OwningIngressController also in Labels #2706
- HOSTEDCP-1020: Add Create Cluster for KubeVirt for HCP CLI #2672
- properly handle user CA bundle not existing #2703
- OCPBUGS-15168: fix(oauth): Do not proxy IBM Cloud IAM endpoints #2699
- OCPBUGS-14859: Skip AWS resource deletion for ‘Unknown’ OIDC state #2691
- Whitelist access from virt-launchers to NodeIP if NodePort ServicePublishingStrategy is used #2688
- OCPBUGS-13829: cpo: oauth: honor AccessTokenInactivityTimeout #2693
- Update NodePool docs to include data propagation #2687
- HOSTEDCP-1008: Add NodePoolTransitionSeconds metric #2631
- HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default #2685
- Make NodePool arch input immutable #2689
- Update autocaler RBAC to accomodate machinepools support added upstream #2663
- Enforce Immutability of some KubeVirt Platform Values #2654
- CNV-24818: Add fsGroup support to kubevirt-csi-driver #2563
- Let payload provider render feature gate yaml #2664
- OCPBUGS-14633: Check for OPENSHIFT_IMG_OVERRIDES before using #2660
- HOSTEDCP-965: Add impersonate feature to the CLI and document HC dump procedure #2653
- OCPBUGS-11882: Annotate HCP pods with the safe-to-evict-local-volume CA annotation #2647
- Update RHTAP references #2657
- Disable nodepool replace upgrade test #2665
- OCPBUGS-14784: Honor global ingress configuration LoadBalancer type on AWS #2669
- OCPBUGS-14620: Set
DisableStrictZoneCheck = true
in the AWS Cloud Provider config #2659
- HOSTEDCP-992: refactor ignition-server reconcilation #2662
- Minor fix in KAS LB HealthCheck #2656
- HOSTEDCP-1036: Create Makefile path to create productized CLI #2633
- Extend np test timeout for KubeVirt platform #2655
- HOSTEDCP-1003: Set AWS conditions only for AWS platform #2604
- Remove alsologtostderr flag form CAP* #2648
- OCPBUGS-14575: Check for IDMS only if mgmt cluster has req API #2650
- Network isolation of VirtualMachines for KubeVirt provider #2622
- OCPBUGS-14428: remove OLM alerts from the HCCO #2636
- KubeVirt Openstack image annotation override #2629
- Red Hat Trusted App Pipeline update hypershift-operator-main #2638
- Red Hat Trusted App Pipeline purge hypershift-azjx #2635
- cli: Add release-stream flag #2644
- OCPBUGS-13547: Pass payload-version to MCS and MCC #2643
- KubeVirt: Handle deletion of the cache DV on an edge case #2620
- OCPBUGS-14087: Enable HCCO to reconcile over the OperatorHub’s disableAllDefaultSources object #2632
- HOSTEDCP-1009: Allow external-dns image to be set in install cli #2623
- Ensure FeatureGate is copied from cluster to MCO render source #2581
- OCPBUGS-12972: Use different ports for MCS in the ignition provider #2628
- hypershift dump: use random local port for kas port-forwarding #2625
- OCPBUGS-11939: Initialize RegistryOverrides w/ mgmt cluster ICSP #2437
- Revert “Merge pull request #2596 from muraee/disable-valpha1” #2627
- Add ‘Creating Arm NodePools Through the API’ Section #2587
- HOSTEDCP-967: Disable v1alpha1 and conversion webhook by default #2596
- OCPBUGS-13113: Add ClusterUpgradeDuration metric #2566
- chore(deps): update rhtap references #2612
- OCPBU-609: agent infrastructure docs #2618
- OCPBUGS-14169: Remove external-dns –events flag #2616
- OCPBUGS-13970: Reconcile oauthDeployment annotations even if kubeadmin secret is not found #2593
- cmd: infra: aws: retry on AuthorizeSecurityGroup failure #2605
- Fix dump for Kubevirt #2589
- Kubevirt CSI StorageClass mapping API #2528
- Remove Arm e2e test #2591
- HOSTEDCP-947: Set ETCD Storage Size as immutable field and equalised the default size among both api versions #2588
- OCPBUGS-13735: Fixed revoking some permissions to CAPI Manager Clusterrole #2586
- HOSTEDCP-445: Add script to migrate hosted control plane #2598
- Use newly introduced KubeVirt Platform rhcos Image #2576
- OCPBUGS-13168: Include default ingress CA in root CA bundle #2584
- HOSTEDCP-975: Add new grafana panels for nodepools SLOs #2592
- HOSTEDCP-926: Send metric when HO/CPO decide to skip cloud resource deletion #2531
- Update RHTAP references #2420
- OCPBUGS-13897: Use cluster-config-operator to render featuregate status on KAS bootstrap #2585
- HOSTEDCP-975: Add cluster_name label to nodepools metrics #2580
- Fix broken tests for non-aws platforms #2577
- Updated secret permissions for openshift-route-controller-manager #2575
- HOSTEDCP-987: Update go version and dependencies in /hack/tools/go.mod #2551
- remove flags set by CI env var #2521
- HOSTEDCP-975: Add NodePool DeletionDuration and InitialRolloutDuration metrics #2558
- ARMOCP-412: Add ARM nodepool to AWS x86 Hosted Cluster #1594
- OCPBUGS-11939: Fix minor codebase nits #2502
- control-plane-operator/controllers/hostedcontrolplane: Align reconcileCloudControllerManager error strings #2500
- HOSTEDCP-960: Add e2e to validate HC/NP conditions expected status #2482
- HOSTEDCP-830: Update auto scaler role to get and list agentmachinetemplates #2564
- HOSTEDCP-445: Included how to fix image-registry clusteroperator after a disaster recovery migration #2481
- OCPBUGS-13547: Pass release image version to MCO bootstrap via –payload-version #2572
- Cache KubeVirt Boot Image #1918
- contrib: ci: increase HC quota in clusters namespace #2547
- HOSTEDCP-996: CLI: enable guest cluster dump for private clusters #2571
- MULTIARCH-3205: Support IBM COS as storage for PowerVS in image registry operator #2207
- fix nil deref in DefaultWorkerSecurityGroupID check #2573
- remove unused OLM catalog rollout code #2568
- OCPBUGS-13034: Cluster-api SA can’t create events #2565
- ACM-4277: docs: Add L2Advertisement CR to the Handling Ingress section in the agent docs #2470
- HOSTEDCP-947: Increases default etcd PV size to 8Gi #2549
- Add a new e2e option for the ETCD storage class #2560
- Red Hat Trusted App Pipeline update hypershift-azjx #2555
- HOSTEDCP-975: Revised nodePoolSize metric and added AvailableReplicasMetric #2532
- OCPBUGS-11383: Sync proxy TrustedCA to guest cluster #2550
- Removed unused KMS permissions for nodePool role #2456
- Lock down kubevirt csi storageclass mappings #2534
- OCPBUGS-13021: Add internal/external elb tags to subnets #2541
- HOSTEDCP-918: Add validation for NodePool security Group condition when using default SG #2498
- HOSTEDCP-981: Minor updates to Getting Started & Contribute pages #2527
- OCPBUGS-13111: Fix errors from HCP controller removeServiceCAAnnotationAndSecret() #2513
- Stop triggering rollout on labels/taint change #2533
- Validate HO private platform input #2536
- OCPBUGS-13021: Health check load balancers only on public clusters #2535
- OCPBUGS-13309: set FeatureGate global config #2543
- Add audit-log-maxbackup setting for openshift-api-server #2509
- OCPBUGS-11894: Let the aws endpoint to use the hypershift owned SG #2475
- HOSTEDCP-980: Include HostedClusterDegraded in hypershift_hostedclusters_failure_conditions metric #2523
- HOSTEDCP-788: Configurable SRE MetricsSet #2505
- OCPBUGS-13112: Add timeout to KAS health check client #2522
- HOSTEDCP-978: Bump openshift/api version and fixed KCM flags (k8s 1.27) #2519
- OCPBUGS-7841: Account for expectedState == false when capturing hostedClustersWithFailureCondition #2507
- OCPBUGS-11719: Ensure ingress controllers are removed before load balancers #2444
- Fixed assignment to entry in nil map #2508
- Add new –featuregate-manifest to /usr/bin/cluster-config-operator render #2506
- ACM-5116: Increase KubeVirt default Mem and Root Volume Sizes #2471
- HOSTEDCP-937: New metric to expose Hypershift operator info #2443
- HOSTEDCP-969: Consolidate labels for metrics #2494
- HOSTEDCP-969: Move proxy, silence alerts and limited support metrics into HC controller #2489
- HOSTEDCP-969: Only track available metric once #2479
- OCPBUGS-11738: Delete kubeadmin secret when an idp is defined #2452
- Add PollImmediate for e2e metrics to avoid race with prom scrape interval #2483
- HOSTEDCP-969: Move HC creation metrics #2477
- OCPBUGS-12153: fix(hcco): Get OLM CatalogSource images from defined map #2454
- HOSTEDCP-917: Add publicAndPrivate <-> Private e2e test #2383
- add hyperv1.SilenceClusterAlertsLabel to HostedCluster on deletion #2476
- HOSTEDCP-969: Move guest cluster resource deletion metric #2463
- OCPBUGS-11450: Pass OPENSHIFT_RELEASE_IMAGE env variable to CNO #2384
- HOSTEDCP-972: Add pre-commit command to Make file #2465
- HOSTEDCP-969: Move cluster deletion duration metric into controller #2459
- Fix kubevirt csi daemonset reconcile loop #2466
- Fixes loop between HC controller and pod security label syncer #2460
- docs: update OIDC bucket create with bucket policy #2461
- OCPBUGS-11946: Add new OCP 4.13 storage admission plugin #2445
- OCPBUGS-11773: remove ACL for aws bucket #2423
- OCPBUGS-7841: Set metrics to 0 when needed to keep time series honest #2440
- OCPBUGS-11930: Clean up existing VPC endpoint connections #2438
- Revert “Add validation for default Security Group conditions during N… #2453
- HOSTEDCP-918: Add validation for default Security Group conditions during NodePool upgrade test #2342
- OCPBUGS-11649: Always requeue AWSEndpointService controllers #2424
- Add IBMers as reviewers #2436
- e2e: Cleanup shared OIDC provider on SIGTERM #2435
- HOSTEDCP-950: Fix haproxy image name in ignition server #2441
- OCPBUGS-7091: Restart kube-scheduler when its configuration changes #2421
- OCPBUGS-11749: Add pod security labels to hcp namespace #2415
- HOSTEDCP-950: Validate release payload images #2368
- kubevirt: Block metadata server egress #2399
- Bring latest MCO API #2434
- Relax MCO API strict decoding #2433
- docs: update OIDC s3 bucket creation procedure #2425
- json export for a common grafana dashboard for SLOs #2422
- Enable monitoring for hypershift namespace #2419
- MULTIARCH-3449: set priority class for cloud controller manager pod for PowerVS #2390
- Fixes HCCO reconcile error for kubevirt csi driver #2259
- Add monitoring label to HCP namespace #2393
- Update tekton references #2308
- add OWNERS for new area labels #2414
- fix typo #2411
- HOSTEDCP-807: Requeue HCP always #2408
- OCPBUGS-11640: Update HostedCluster oauthCallbackURLTemplate #2400
- e2e: Fixed idp test conflict error on HosterCluster update #2389
- dump: Store guest worker node logs and increase kubevirt logs verbosity #2317
- HOSTEDCP-568: Update Konnectiviy socks5 proxy for IBM exception #2366
- OCPBUGS-11442: properly reconcile with user specified changes for in proxy configuration #2382
- Updated kubevirt docs #2318
- OCPBUGS-11439: allow z-stream upgrade even if CVO Upgradeable is false #2381
- HOSTEDCP-954: Remove ec2:ReleaseAddress #2379
- HOSTEDCP-802: add cli flag to enable upgrade type #2367
- e2e: Fix oauth idp e2e test #2377
- HOSTEDCP-951: Let install apply to aggregate errors #2372
- Revert “Create a second scheme that always registers prometheusoperatorv1 GVKs” #2374
- HOSTEDCP-807: Check KAS loadbalancer health #2264
- e2e: fix for non-AWS platform #2360
- HOSTEDCP-445: Fix the storage ClusterOperator during a DR migration #2358
- HOSTEDCP-850: Fix nodepool autoscaler logic #2354
- support/releaseinfo/pod_provider: Drop unused legacy PodProvider #2341
- Fix nodepool upgrade e2e test #2359
- HOSTEDCP-806: Fix ValidAWSKMSConfig condition #2322
- HOSTEDCP-939: Setup shared OIDC provider for e2e clusters #2335
- OCPBUGS-10227: Preserve false status of ValidAWSIdentityProvider condition #2344
- ACM-4615 get pull secret instead of dockerconfigjson from mce credentials #2338
- Slo alerts #2049
- HOSTEDCP-943: Add hypershift_hosted_cluster_transition_seconds histogram #2348
- HOSTEDCP-944: Add more expectedHCConditionStates metrics #2347
- OCPBUGS-10227: Create new EC2 client for AWS identity provider health check #2346
- OCPBUGS-10823 ensure well known public domains do not get proxied on image imports #2321
- SDA-8609: No more specifying the scrape interval at servicemonitors & podmonitors level #2327
- OCPBUGS-10807: Pass runAsUser to CNO so it can run its managed services with proper security context #2319
- Appstudio update hypershift-azjx #2332
- Revert “cpo: cno: follow image name change in release payload” #2345
- support/supportedversion: Include the problematic version strings in error messages #2334
- OCPBUGS-10864: fix external APIServer address selection based on endpointAccess #2328
- OCPBUGS-8073: Do not proxy when guest cluster resolution fails #2261
- MULTIARCH-3028: handle PowerVS instance which goes to failed state during infra create and destroy process. #2088
- HOSTEDCP-938: Added PSA default profile to RunTimeDefault in operator deployment #2333
- HOSTEDCP-934: Validate PublishingStrategyMapping #2324
- OCPBUGS-7091: Honor scheduler profile in HostedCluster configuration #2330
- HOSTEDCP-736: Docs on how we handle aws permissions #2311
- Add support for external infra clusters in KubeVirt platform #2017
- Create a second scheme that always registers
prometheusoperatorv1
GVKs #2292
- OCPBUGS-10504: Deletion of the VPCEnpoint on conflicting service names #2290
- HOSTEDCP-801: Expose external DNS for private cluster endpoints #2286
- HOSTEDCP-903: Propagate AWSEndpointService conditions #2278
- Appstudio update hypershift-azjx #2287
- OCPBUGS-8691: Add storage operators perms. to watch HostedControlPlane #2301
- OCPBUGS-10423: Add validation for taint.value in nodePool #2298
- HOSTEDCP-839: Audit log sidecars for openshift-apiserver and openshift-oauth-apiserver #2232
- Route to kubevirt VMs using infra id as service label selector #2092
- Force controleplane upgrade always #2288
- HOSTEDCP-900: Modified AWSPrivateLinkController and AWSEndpointServiceController to respect PausedUntil spec field #2265
- HOSTEDCP-919: Clean up and API doc #2280
- HOSTEDCP-688: E2E Test NodePool Upgrade #2256
- HOSTEDCP-445: Documented the possible issues found during a HostedCluster migration #2276
- OCPBUGS-10227: Ensure identity provider health check condition is persisted and remove awsendpoint control plane finalizer if invalid aws creds #2281
- OCPBUGS-8040: Switch NTO metrics auth to certs generated by HCP controller #2050
- OCPBUGS-8381: Use appropriate serving certificate for OAuth #2279
- HOSTEDCP-501: Added detailed documentation about Hypershift release process #2272
- HOSTEDCP-919: Add AWS cloud controller manager #2271
- Update PowerVS prereq doc with install and authorization details #2172
- Remove webhook validation #2217
- HOSTEDCP-809: Clone CA key/cert to TLS key/cert #2246
- Refactor e2e nodepool tests #2228
- Update HCP version in capi cluster ref #2119
- Validate etcd KMS config #2174
- OCPBUGS-8421: fix API documentation for audit webhook field #2258
- Add a debug section to the Node Tuning docs #2254
- Destroy cloud resources by default #2224
- Add e2e test for identity providers #2166
- HOSTEDCP-638: Add latest ocp supported info to -v command for cli and operator #2233
- OCPBUGS-8231: Fix cleanup of volumes on cluster deletion #2243
- fix(cpo): Delete multus validatingwebhookconfiguration on CNO init #2231
- add pull-secret to imagePullSecrets for NTO, CNO, and olm-collect-profiles #2248
- Update images and hypershift operator to 4.14 #2249
- HOSTEDCP-904: Add release automation and docs #2236
- kms addition for pod identity workflow #2214
- fix(ho): No network validation for IBM Cloud #2225
- feat(HCCO): Block DNS operator delete until Cluster Version updated #2223
- Add configuration for automatic labeling and label commands #2238
- Skip pod restart check for NTO #2239
- cpo: cno: follow image name change in release payload #2230
- Added documentation around supported-versions configmap #2220
- Add comment for BaseDomainPrefix #2219
- Add condition to NodePool indicating whether a security group for it is available #2216
- HOSTEDCP-827: Add root volume encryption e2e test #2192
- fix(hypershift): reduce CAPI rbac access #2173
- Validate Network Input for HostedCluster #2215
- Add labels info #2218
- HOSTEDCP-826: Customize DNS base domain prefix #2213
- ensure reconcilation of apiserver port #2197
- Cleanup default security group only if authorized #2211
- HOSTEDCP-593: Update the pull secret source for ignition payload #2187
- fix(ibmcloud): Explicitly set HCCO controllers #2185
- Adding NTO again to find the issue with data recollection #2152
- cli: Add –cli-root-volume-access-modes #2188
- feat: Add pod gone check to prober + DNS operator leader elect #2155
- HOSTEDCP-833: Add Golang check for ‘go list’ errors in Makefile #2193
- HOSTEDCP-833: Set kubevirt.io/client-go version to fix ART Issue #2194
- add KAS egress network policy #2181
- cpo: kcm: add nfs pv recycler pod template #2183
- Fix kubevirt how-to doc formatting issues #2178
- Update cluster api provider kubevirt dependencies #2157
- fix(cpo): Set restart annotation on multus-admission-controller #2150
- fix(cpo): Remove OLM collect for IBM Cloud to reduce artifacts and rbac #2141
- Add default NodePool name clarification to docs #2186
- fix(cpo): Reduce CNO access if Calico used as network provider #2159
- add PSA labels to openshift-infra in guest cluster #2180
- Add cli flag to enable root volume encryption #2177
- Update KubeVirt platform how-to documentation #2108
- Filtering data recolection only for aws instances running #2153
- Add PodMonitor for ingress-operator pods in HCP namespaces #2136
- fix regex in registry operator pod monitor #2171
- Add e2e test for hosted cluster behind a proxy #2077
- Skip destroyAWSDefaultSecurityGroup if not AWS #2167
- Give kubevirt csi controller get VMI RBAC #2154
- set default PSA enforce to restricted #2097
- Full changelog
- OCPBUGS-10239: service_accounts.go Marshal fix (#750) #750
- test(clusterconfig): add unit test for silenced_alerts.go and rename it to gather_silenced_alerts.go (#728) #728
- test(clusterconfig): add unit test for ingresses.go and rename it to gather_cluster_ingress.go (#729) #729
- test(oauth): add unit test for oauth.go and rename it to gather_cluster_oauth.go (#738) #738
- gather logs - update “FilterLogFromScanner” function and add some tests (#735) #735
- Add unit tests to openshift sdn controller logs gatherer (#733) #733
- OCPBUGS-6731: Anonymize env vars from containers: HTTP_PROXY, HTTPS_PROXY (#723) #723
- OCPBUGS-6832: feat(recent_metrics) adds openshift_apps_deploymentconfigs_strategy_total (#726) #726
- Full changelog
- OCPBUGS-24790: Updating ironic-static-ip-manager-container image to be consistent with ART #41
- OCPBUGS-18864: Updating ironic-static-ip-manager images to be consistent with ART #40
- OCPBUGS-14614: Remove provisioning netowrk route from “lo” #39
- OCPBUGS-4501: Flush addresses on provisioning interface with global scope only #35
- Updating ironic-static-ip-manager images to be consistent with ART #34
- Full changelog
- OCPBUGS-30532: upgrade github.com/golang/protobuf to v1.5.4 for bette… #101
- OCPBUGS-25583: Updating ose-prometheus-adapter-container image to be consistent with ART #100
- OCPBUGS-24986: Updating ose-prometheus-adapter-container image to be consistent with ART #99
- OCPBUGS-24986: Updating ose-prometheus-adapter-container image to be consistent with ART #98
- MON-3584: Remove trailing spaces from Dockerfile.ocp #97
- OCPBUGS-24155: Updating ose-prometheus-adapter-container image to be consistent with ART #95
- MON-3489: Bump openshift/k8s-prometheus-adapter to v0.11.2 #94
- OCPBUGS-21621: Add a toggle to disable HTTP/2 on the server to mitigate CVE-2023-44487 #88
- add
machine424
and rexagod
to OWNERS #73
- OCPBUGS-21621: upgrade golang.org/x/net to 0.17.0 to address CVE-2023… #80
- OCPBUGS-18971: limit number of simultaneous client requests #76
- OCPBUGS-19251: Updating ose-prometheus-adapter images to be consistent with ART #74
- Bump openshift/k8s-prometheus-adapter to v0.11.0 #72
- OCPBUGS-12659: bump golang.org/x/net version #71
- Updating ose-prometheus-adapter images to be consistent with ART #69
- OCPBUGS-10172: Updating ose-prometheus-adapter images to be consistent with ART #68
- Full changelog
- OCPBUGS-10519: Revert “bump RHEL8 egress-dns-proxy image to haproxy26” #135
- Add jupierce as approver / remove Clayton #127
- rhel9 base image: Fix build failure #126
- Dockerfile: add RHEL9 base image dockerfile #124
- Full changelog
- CNV-36073: Sync upstream kubevirt-csi 2024-04-19 #39
- “NO-JIRA: Sync upstream kubevirt-csi 2024-04-08” #38
- OCPBUGS-31276: Updating ose-kubevirt-csi-driver-container image to be consistent with ART for 4.16 #37
- CNV-32073: Sync upstream 2024-03-15 #36
- NO-JIRA: Address CVE-2024-1725: Restrict access to infrastructure PVCs by requiring matching infraClusterLabels on tenant PVCs #32
- NO-JIRA: Snapshot backport #31
- NO-JIRA: Auto sync upstream 2024 01 05 18 36 #27
- OCPBUGS-24805: Updating ose-kubevirt-csi-driver-container image to be consistent with ART #26
- OCPBUGS-19115: Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #23
- Ensure volume is removed before returning success (#90) #22
- Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #20
- CNV-29315: kubevirt-csi unable to unpublish volumes in the event a VM is unexpectedly destroyed #21
- Auto sync upstream 2023 02 12 09 #19
- Full changelog
- OCPBUGS-26046: Replace genisoimage with xorriso in 4.15 to allow rhel9 bump #281
- OCPBUGS-25630: Add Snyk file to exclude vendor directory on scan #276
- OCPBUGS-25173: Updating ose-libvirt-machine-controllers-container image to be consistent with ART #275
- OCPBUGS-25101: Updating ose-libvirt-machine-controllers-container image to be consistent with ART #274
- OCPBUGS-24833: Updating ose-libvirt-machine-controllers-container image to be consistent with ART #273
- Add workaround for SLOF regression #263
- client/domain: Remove spice as domain grahics #260
- OCPBUGS-19187: Updating ose-libvirt-machine-controllers images to be consistent with ART #262
- OCPBUGS-18338: Fix CI by running tests natively by default #261
- Updating ose-libvirt-machine-controllers images to be consistent with ART #259
- Updating ose-libvirt-machine-controllers images to be consistent with ART #258
- Updating ose-libvirt-machine-controllers images to be consistent with ART #257
- Updating ose-libvirt-machine-controllers images to be consistent with ART #254
- Remove myself (frobware) from OWNERS #253
- refactor: replace
github.com/ghodss/yaml
with sigs.k8s.io/yaml
#252
- Full changelog
- Force updating rhcos image to version 413.92.202303190222-0 #27
- Updating ose-machine-os-images images to be consistent with ART #25
- Full changelog
- Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #112
- Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #111
- Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #110
- Upstream sync: IP reconciler controller and dual stack #107
- Full changelog
- Updating ose-network-metrics-daemon images to be consistent with ART #62
- Full changelog
- Updating ose-nutanix-cloud-controller-manager images to be consistent with ART #4
- Update OWNERS #8
- Full changelog
- Support categories and project fields of NutanixMachineProviderConfig #38
- : Port to ginkgo v2 #41
- Update OWNERS #39
- : Update k8s packages to 1.26 #40
- Full changelog
- Remove “unsupported” wording from info on console (#594) #594
- Bugfix for destination registry nested paths length (#583) #583
- Fix OCPBUGS-5168: Upgrade helm.sh/helm/v3 to v3.11.2 fixing CVE-2022-23526 and CVE-2022-23525 (#592) #592
- OCPBUGS-10051: fix: remove catalog reference from ImageContentSourcePolicy.yaml (#587) #587
- OCPBUGS-8216: fix: remove an unecessary error message (#581) #581
- docs: add information about unsupported scenario (#578) #578
- Updating oc-mirror-plugin images to be consistent with ART (#570) #570
- Fix usage of registries.conf for OCI feature (#569) #569
- CFE-739: Add skip pruning flag and logic (#567) #567
- CFE-749: add e2e test for oci catalog feature to include release and additiona… (#562) #562
- CFE-764: Introduce v1alpha2.Operator.TargetCatalog (#565) #565
- docs: adds clarification to imageset reference and examples (#555) #555
- CFE-768: Update to allow for incremental and pruning for oci feature (#564) #564
- use new cincinnati endpoint to download tarball (#552) #552
- feat: OCI catalog filtering implementation (#559) #559
- CFE-761: Improve user experience of oc-mirror with the OCI FBC feature (#557) #557
- Full changelog
- Adding storage team to OWNERS so they can perform lib-go updates. #22
- add proxy to node-update-controller #18
- Full changelog
Source code for this page located on github