✨ pulls in changes to main #11
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…king until previous one is finished (which may have led to failing nodes due to outdated join token)
Co-authored-by: Daniel Lipovetsky <[email protected]>
The API for DescribeEgressOnlyInternetGateways does not support attachment.vpc-id filter. Thus, the call will return all available eigw. Consequences: - CAPA incorrectly selects an unintended eigw for use. Leading to route creation failure since the eigw belongs to a different VPC. - CAPA incorrectly destroys all eigw of all VPCs. This is very catastrophic as it can break other workloads. This commit changes the filter to use cluster tag instead. Additional safeguard is also included to check if the eigw is truly attached the VPC.
* Add RosaRoleConfig API and CRD. * Enable partial reconcile of Rosa Operator Roles * Review fixes * Add integration tests * Add more tests * Fix comments Signed-off-by: serngawy <[email protected]> --------- Signed-off-by: serngawy <[email protected]> Co-authored-by: rknaur <[email protected]>
The overall job timeout in prow is 5h, let's use all of the available time.
🌱 Bump ginkgo timeout
* feat: support setting EKS AuthenticationMode * feat: support setting EKS AuthenticationMode * Update controlplane/eks/api/v1beta2/awsmanagedcontrolplane_webhook_test.go Co-authored-by: Damiano Donati <[email protected]> * add EOF to new files --------- Co-authored-by: Adam Malcontenti-Wilson <[email protected]> Co-authored-by: Damiano Donati <[email protected]>
Update Red Hat documentation links.
🐛 fix: use cluster tag key to list managed egress-only internet gateway
Signed-off-by: serngawy <[email protected]>
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.0.2 to 4.0.5. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Commits](go-jose/go-jose@v4.0.2...v4.0.5) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v4 dependency-version: 4.0.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
…re for ROSA-HCP (#5464) * RosaNetwork: new CRD & reconciler to provision net infra for ROSA-HCP * ROSANetwork: tests
📖 KEP: adds nodedm proposal
* Support EKS upgrade policy * Apply suggestions from code review Co-authored-by: Damiano Donati <[email protected]> * regenerate * Apply suggestions from code review Co-authored-by: Damiano Donati <[email protected]> * Update pkg/cloud/services/eks/cluster.go Co-authored-by: Damiano Donati <[email protected]> * remove log * Update config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml Co-authored-by: Faiq <[email protected]> * docstring typo * set NotReady if cluster was automatically upgraded * Update pkg/cloud/services/eks/cluster.go Co-authored-by: Faiq <[email protected]> * fix version compare logic * e2e * Apply suggestions from code review Co-authored-by: Damiano Donati <[email protected]> * syntax * WaitForEKSClusterUpgradePolicy fail early on NotFound --------- Co-authored-by: Damiano Donati <[email protected]> Co-authored-by: Faiq <[email protected]>
🌱 Update releasing.md
🌱 Bump cloud build timeout to 2h
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
📖 Update ROSA docs
…ithub.com/go-jose/go-jose/v4-4.0.5 🌱 Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5
🌱 Log desired AMI architecture and owner ID on errors
…ns/github/codeql-action-4 🌱 Bump github/codeql-action from 3 to 4
✨ Cancel instance refresh on any relevant change to ASG instead of blocking until previous one is finished (which may have led to failing nodes due to outdated join token)
🌱 ci: updates devbox.lock file
Signed-off-by: serngawy <[email protected]>
🐛 ROSA: Fix delete ROSAControlPlane with multiple availability zones
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8.0.0 to 9.0.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@4afd733...0a35821) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
🐛 Add update permission for `AWSMachinePool` finalizers as needed by `OwnerReferencesPermissionEnforcement` admission policy for setting `BlockOwnerDeletion: true` on AWSMachinePool AWSMachines
Bumps the dependencies group in /hack/tools with 1 update: [sigs.k8s.io/kustomize/kustomize/v5](https://github.com/kubernetes-sigs/kustomize). Updates `sigs.k8s.io/kustomize/kustomize/v5` from 5.7.1 to 5.8.0 - [Release notes](https://github.com/kubernetes-sigs/kustomize/releases) - [Commits](kubernetes-sigs/kustomize@kustomize/v5.7.1...kustomize/v5.8.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/kustomize/kustomize/v5 dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]>
📖 OIDC identity provider description matches field name
…ns/golangci/golangci-lint-action-9.0.0 🌱 Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0
…ack/tools/dependencies-85bd8b3fe4 🌱 Bump sigs.k8s.io/kustomize/kustomize/v5 from 5.7.1 to 5.8.0 in /hack/tools in the dependencies group
…ctions 🌱 Drop unused conversion functions
🐛 fix: CAPA v1beta1 to v1beta2 generated conversion webhook
🌱 e2e: fix panic when dumping CloudTrail logs
✨ Add node auto repair configuration for EKS managed node groups
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0. - [Commits](golang/crypto@v0.43.0...v0.45.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
…ack/tools/golang.org/x/crypto-0.45.0 🌱 Bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /hack/tools
* deps: upgrade Kubernetes dependencies to v0.33.4 - Update core Kubernetes dependencies from v0.32.3 to v0.33.4: - k8s.io/api, k8s.io/apimachinery, k8s.io/client-go - k8s.io/apiserver, k8s.io/cli-runtime, k8s.io/kubectl - k8s.io/apiextensions-apiserver, k8s.io/component-base - Upgrade prometheus/client_golang from v1.19.1 to v1.22.0 - Update cel.dev/expr from v0.18.0 to v0.19.1 - Upgrade google/cel-go from v0.22.0 to v0.23.2 - Update golang.org/x/time from v0.8.0 to v0.9.0 - Upgrade gRPC from v1.67.3 to v1.68.1 - Update OpenTelemetry packages to v1.33.0 - Refresh k8s.io/utils and other indirect dependencies - Update kube-openapi and structured-merge-diff versions * deps: update cluster-api to v1.11.1 and controller-runtime to v0.21.0 - Upgrade cluster-api from v1.10.2 to v1.11.1 - Upgrade controller-runtime from v0.20.4 to v0.21.0 - Update various golang.org/x/* packages - Update testing dependencies (ginkgo, gomega) - Update OpenTelemetry and other indirect dependencies * WIP no IDE errors * WIP IDE Errors * Fix go dependencies Signed-off-by: Borja Clemente <[email protected]> * Update imports, code and generations to CAPI 1.11 - Update all imports to v1beta2 types except for conditions staying in v1beta1. - Adapt source code to work with v1beta2 and deprecated conditions. - Manually update conversions. Signed-off-by: Borja Clemente <[email protected]> * Update linting pkg alias and fix broken imports blocks Signed-off-by: Borja Clemente <[email protected]> * Remove unnecessary Paused constants Signed-off-by: Borja Clemente <[email protected]> * Fix import aliases Signed-off-by: Borja Clemente <[email protected]> * Fix broken imports Signed-off-by: Borja Clemente <[email protected]> * Revert public APIS back to v1beta1 while internally using v1beta2 Introducing v1beta2 on public types is a breaking change so they have to stay in v1beta1. Internally though, migration to v1beta2 is happening (except for conditions). Signed-off-by: Borja Clemente <[email protected]> * Revert infrav1 conditions to v1beta1 and consolidate imports Signed-off-by: Borja Clemente <[email protected]> * Consolidate conditions imports and fix linting Signed-off-by: Borja Clemente <[email protected]> * Fix regression in machine deployments without failure domain set Signed-off-by: Borja Clemente <[email protected]> * Revert missing public APIs to v1beta1 Signed-off-by: Borja Clemente <[email protected]> * Consolidate infrav1beta1 imports into infrav1 Signed-off-by: Borja Clemente <[email protected]> * Remove unused conditions constants Signed-off-by: Borja Clemente <[email protected]> * Fix setting wrong condition type Signed-off-by: Borja Clemente <[email protected]> * Cast v1beta1 conditions instead of creating a new constant Signed-off-by: Borja Clemente <[email protected]> * Revert changed public APIs and adapt internally to v1beta2 Signed-off-by: Borja Clemente <[email protected]> * Resolve conflicts with main Signed-off-by: Borja Clemente <[email protected]> * Add deprecated CAPI imports linter rule Add rule to allow using deprecated v1beta1 CAPI APIs and removed linter comments everywhere. Signed-off-by: Borja Clemente <[email protected]> * Apply review corrections Signed-off-by: Borja Clemente <[email protected]> * Adjust e2e and metadata versions Signed-off-by: Borja Clemente <[email protected]> * Apply review feedback on awscluster_webhook Signed-off-by: Borja Clemente <[email protected]> * FIx unit tests Signed-off-by: Borja Clemente <[email protected]> * Review feedback Signed-off-by: Borja Clemente <[email protected]> * Apply review feedback Signed-off-by: Borja Clemente <[email protected]> * Add CRD RBAC to the awsmachine controller Signed-off-by: Borja Clemente <[email protected]> * e2e: add v1beta1 CAPI scheme to clients and adjust modifyFunc test to use the new field name * Fix linting issues Signed-off-by: Borja Clemente <[email protected]> * Fix nodeDrainTimeoutSeconds field in clusterclass test Signed-off-by: Borja Clemente <[email protected]> * e2e: fix contract for CAPI * fix path again * e2e: fix contract for capa 9.99.99 (#3) * e2e: use correct type for setting field (#4) * rosa: deflake unit test (#5) * rosa: deflake unit test * fixup * e2e: fix config metadata and contract version pinning (#6) * e2e: fix config metadata file path Signed-off-by: Borja Clemente <[email protected]> * Bump KCP Template for clusterclass changes (#7) --------- Signed-off-by: Borja Clemente <[email protected]> Co-authored-by: Bryan Cox <[email protected]> Co-authored-by: Christian Schlotter <[email protected]>
This change has no effect on the output of this kustomization because the removed configuration was redundant. However, it fixes a bug which can be triggered when using this kustomization as a base for another kustomization. kustomizeconfig contained 3 directives: * nameReference * namespace * varReference varReference remains required until vars are removed from this kustomization. nameReference is redundant because the specified configuration is already in kustomize's defaults. However, nameReference is the important transformation here. namespace is incorrect. It directs the namespace transformer to update webhooks/clientConfig/service/namespace. However, this is not the intended function of the namespace transformer: it should only set the namespace directly on objects and allow references to be updated automatically by nameReference. Configuring it to update a reference directly leaves kustomize with inconsistent internal state. Depending on execution order this can cause a subsequent transformation to fail to update the reference when it makes further changes to the Service object.
…leARN` field as well
…Template capacity (#5711) * feat: implement auto-population of AWSMachineTemplate capacity and nodeInfo Add AWSMachineTemplateReconciler to automatically populate capacity and node info fields by querying AWS EC2 API. This completes the autoscaling from zero implementation by ensuring the required metadata is available without manual configuration. Changes include: - Add NodeInfo struct with Architecture and OperatingSystem fields to AWSMachineTemplate status - Implement controller that queries EC2 API for instance type specifications - Auto-populate CPU, memory, pods, and ephemeral storage capacity - Auto-detect architecture (amd64/arm64) and OS (linux/windows) from AMI - Add conversion logic for backward compatibility with v1beta1 - Enable status subresource on AWSMachineTemplate CRD - Add comprehensive unit tests (351 lines) covering various scenarios - Add RBAC permissions for controller operations The controller automatically populates these fields when an AWSMachineTemplate is created or updated, eliminating the need for manual configuration and enabling Cluster Autoscaler to make informed scaling decisions from zero nodes. Related: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md Squashed from 5 commits: - 9a92a43 Implement autoscaling from zero by auto-populating AWSMachineTemplate capacity - 86fe072 add AWSMachineTemplate NodeInfo - ddaf62c Fix review comments - 4ea52c8 Fix review comments 2 - b398ffc Fix review comments 3 * feat(api): add Conditions field and update for CAPI v1.11 Add Conditions to AWSMachineTemplateStatus and update controller for CAPI v1.11 API changes. Squashed from 2 commits: - ffdf7db Fix review comments 4 - 6493363 rebase #5720
…tomizeconfig 🐛 Remove invalid kustomizeconfig from config/webhook
🐛 Only try to delete AWSMachine bootstrap data for non-machine pool machines
…dates 🐛 Fix lifecycle hooks being updated constantly, consider changes to `RoleARN` field as well
🌱 Deflake ROSA test
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
17 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates to main