check for ingressIP when ingressProfiles > 1 #2021
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
karanmagdani
requested review from
jewzaam,
m1kola,
hawkowl,
mwoodson,
rogbas,
petrkotas and
ross-bryan
as code owners
|
/azp run ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
karanmagdani
force-pushed
the
karan/fix-default-ingress-profile
branch
from
57c5b1c
to
7a8a62f
Compare
s-amann
reviewed
Mar 22, 2022
bennerv
reviewed
Mar 22, 2022
karanmagdani
force-pushed
the
karan/fix-default-ingress-profile
branch
3 times, most recently
from
2faa0ff
to
12741f7
Compare
s-amann
previously approved these changes
Mar 22, 2022
ross-bryan
reviewed
Mar 22, 2022
m1kola
previously requested changes
Mar 23, 2022
s-amann
previously approved these changes
Mar 29, 2022
karanmagdani
force-pushed
the
karan/fix-default-ingress-profile
branch
from
7f342b4
to
c493919
Compare
ross-bryan
suggested changes
Mar 30, 2022
cadenmarchese
previously requested changes
Mar 30, 2022
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jun 10, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jun 10, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jun 29, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 13, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 13, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 13, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 13, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 13, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 13, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 22, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 22, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 22, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 22, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 22, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 22, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 25, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 25, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Jul 25, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Aug 17, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Aug 17, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Aug 17, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Sep 5, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Sep 5, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Sep 5, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Sep 13, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Sep 13, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Sep 13, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
ellis-johnson
pushed a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Oct 6, 2022
Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]>
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Oct 6, 2022
Fixed linting of dot imports Initial files + dependencies for the react-fluent portal Initial POC for portal UI Finished front end API for cluster information Co-authored-by: Brett Embery <[email protected]> Adding cluster detail pane Co-authored-by: Ellis Johnson <[email protected]> Format tsx source Add cluster detail nav + tweaks Co-authored-by: Ellis Johnson <[email protected]> Cluster detail MVP Co-authored-by: Brett Embery <[email protected]> bump deps fixes update deps cleanups and style improvements for the portal, as well as a new copy resource ID button update package deps Added base eslint config Fixed linter errors in SRE Portal Added linter step for e2e pipeline Reverting package-lock json to appease PR testing Another attempt to test admin portal linting in e2e pipeline Another fix for e2e admin portal linting Yet another attempt Reordered e2e jobs Added fix to commands Modifying linting settings to try and working e2e pipeline More config changes More changes Modified eslintrc Modified eslintrc Perform npm install before running container Debugging Trying npm install as a seperate task Moved admin portal lint from e2e pipeline to ci pipeline Fixed formatting Fixed formatting Fixed formatting Fixed image name Added dockerfile for SRE Portal linting Using new docker image in ADO CI pipeline Removed old dockerfile and modified package.json Split portal into v1 and v2 Modified portal backend to allow v1 and v2 portals to run at the same time Modified makefile to make both v1 and v2 portal Added option to change portal hostname locally whether wanting to run dev server or compiled build code Created initial selenium script Fixed linter Added documentation for new admin portal Added makefile command for linting admin portal Remove accident commit Refactored portal backend code Renamed temp to template in portal code Modified documentation to explain NO_NPM env var Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript Fixed SSHModal indexing Fixed SSHModal indexing Commit generated bindata code Added vscode folders to gitignore Made minor changes based on review feedback Added conditional statements for linting Fixed booleans Added vm image to first stage Modified powershell to bash Made small changes based on review feedback Update Makefile Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Update docs/admin-portal.md Co-authored-by: Ben Vesel <[email protected]> Small documentation change Small ci fix Small ci fix Small ci fix Small ci fix Still fixing CI Still fixing CI Still fixing CI Still fixing CI Fix CI again Fix CI again Fix CI again Fix CI again Fix CI again Removing conditional linting and moving to future PR Remove stage from CI yaml to pass github check Fixed off by one error with SSH in admin portal First 3 e2e test cases complete Test image pull Rewrote first test in golang on e2e pipeline Added second test Fixed tests for CT Added 2 more tests Added 1 more test and fixed others Finished initial e2e tests Fixed linting errors Fixed validation and linting Still trying to fix linting issues Moved cookie generation back out to hack file and refactored test Fixed linting of dot imports Remove test focus for e2e Fixed potential infinite for loop Removed test command from makefile Removed test pipeline step Fixed vendoring removals Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Fixed dodgy e2e test Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. Testing test in isolation refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Added more checks for cluster panel test to figure out test failure enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Download aro deployer from tagged image Pull aro deployer from tagged container instead of pipeline artifact. Signed-off-by: Petr Kotas <[email protected]> Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) Updated portal bindata create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Added cookie as part of test and added extra error output Seperated image pull and container start for selenium Fixing up docker command
ellis-johnson
added a commit
to ellis-johnson/ARO-RP
that referenced
this pull request
Oct 6, 2022
Modified css selectors for test Remove Test Focus Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation enable reconciling azuresubnets/NSGs by default refector e2e for removing dependency. Update 2 removed old code. make test to fail on getting error. Expect(err).NotTo(HaveOccurred()) Formating done White-spaces removed. handle the use of the AddressPrefixes field alongside AddressPrefix improved ValidateCIDRRanges test add vnet names to help with debugging if needed in the future comment improvement Bump follow-redirects from 1.14.0 to 1.14.7 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.0...v1.14.7) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Store downloaded cert only when it differs When systemd downloader downloads fresh certificate check whether it differs from the stored one. Replace old one with fresh when there is a difference. Signed-off-by: Petr Kotas <[email protected]> Restart mdm service on cert change Forces MDM container to pick up changed certificate. Signed-off-by: Petr Kotas <[email protected]> doc: Document fp cert rotation Add doc file with information how the first party certificate is rotated in the RP and on the host VM. Signed-off-by: Petr Kotas <[email protected]> Replace artifacts with direct code checkout Replaces configuration fetching via build pipeline with direct code checkout. Signed-off-by: Petr Kotas <[email protected]> Update .pipelines/int-release.yml Co-authored-by: Ben Vesel <[email protected]> provide the ability to specify an overridden fluentbit image in operator feature flags Add deploy pipelines using tag Add new pipelines using tagged deployment Signed-off-by: Petr Kotas <[email protected]> Set XDG_RUNTIME_DIR explicitly on CI VMs Add tagged aro image Add annotated tag build and push into makefile. Without annotation, the TAG is empty and action is not performed. Signed-off-by: Petr Kotas <[email protected]> Build and push tagged aro image into ACR When annotated TAG is not set the new step fails. Otherwise it builds the tagged image and pushes it to the ACR. Signed-off-by: Petr Kotas <[email protected]> Build release on tag When CI started from tag build image and push to registry. Extract annotation from the tag and use it as summary for changelog. Automated summary is extracted from commits titles. Signed-off-by: Petr Kotas <[email protected]> mdm/mdsd++ make generate Revert "[PIPELINES 4] Create release based on annotated git tag" Fix: Broken pull path The original path is not working as it is blocked for writing, Using the pipeline default instead Signed-off-by: Petr Kotas <[email protected]> Fix: Broken checkout code path The checkout behaves differently when checking out single repository. It checkout to /s Signed-off-by: Petr Kotas <[email protected]> Update prod pipeline params to be consistent Enable SBOM on all OneBranch pipelines Fixing typo in paths Add Documentation and Scripts for ARO Monitor Metric testing Fix typo Co-authored-by: Caden Marchese <[email protected]> Handle cleanup of spawned processes. Clarify a few things in the procdure. Add example script to directly inject test data Revert "Revert "[PIPELINES 4] Create release based on annotated git tag"" Fix: Remove build to run after e2e Signed-off-by: Petr Kotas <[email protected]> Bump nanoid from 3.1.22 to 3.2.0 in /portal Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.2.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Add uaenorth to non-zonal regions imageconfig controller Fixing bug where incorrect ACR domain name was being generated added doc for cert rotation Signed-off-by: Karan.Magdani <[email protected]> Vendor installer release 4.9 This also forces the RP from Go 1.14 to Go 1.16. Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the other go.mod changes are all manual workarounds from failed "make vendor" runs. Automated updates from "make vendor" Alter client-gen command to stay within repo The way this is written seems to assume the ARO-RP repo is cloned under the user's $GOPATH tree. That's not where I typically clone git repos for development. Use relative paths in the client-gen command and arguments to stay within the ARO-RP git repo. Automated updates from "make generate" Set InstallStream to OCP 4.9.8 Automated updates from "make discoverycache" pipelines: Demand agents with go-1.16 capability for CI/E2E Update documentation for Go 1.16 and installer 4.9 Fix: Remove the wrong git pull path Removes the wrong git pull path for ADO RP-config Removes unused parameter Signed-off-by: Petr Kotas <[email protected]> fix: Add go1.16 requirement to run pipelines With addition of 4.9 release, the go build have to run with go1.16 Signed-off-by: Petr Kotas <[email protected]> Add geneva action to reconcile a failed NIC Suppress stderr within Makefile command Do not overwrite FIPs environment variable in CI VMs fix: fix service connection to the github existing service connection does not meet requirement for the github release Signed-off-by: Petr Kotas <[email protected]> ADO Pipelines make no sense Ensure TAG environment var is consistent case Incorrect quoting on variables in pipeline Clean up debug print statement in pipelines Add INT/Prod variable group requirements Update correct directory path for pipeline template files Update release tag pipeline parameters Vendor updated autorest adal to fix nil pointer exception in MSI add fl to owners :-) Fix: use the correct variable syntax for updated variables in pipelines Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success Vendor openshift installer carry patch Bump golang version to 1.16 in CI VMs Fix wrongly updated parameters and variables in prod release Feedback follow up on image config controller Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub clean temporary gomock folders (Azure#1912) Signed-off-by: Karan.Magdani <[email protected]> fix 2 cred scan findings by adding suppression settings (Azure#1960) add tsaoptions json file, enable tsa in build rp official pipeline (Azure#1959) chore: removed logging onebranch pipelines files from aro-rp repo (Azure#1942) quick fixes in docs (Azure#1956) Removes unneeded field (Azure#1962) Updated linux container image for build (Azure#1964) Updating go-toolset tag to 1.16.12 (Azure#1965) Bump follow-redirects from 1.14.7 to 1.14.8 in /portal Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> add fips validation scripts and ci step drop net_raw and make generate Adding norwaywest to deploy from tag ALL regions Pipeline. (Azure#1968) Include variable groups for prod single region release (Azure#1957) Add Central US EUAP to nonZonalRegions (Azure#1927) remove network acceleration due to issues discovered reapply the primary tag make generate Add metric gauge for nohost present on request to gateway Fix net_raw caps, make generate (Azure#1971) Refactors operator requeues * Adds the clarifying comment on requeues into the checker controller * Removes `Requeue: true` in places where we use `RequeueAfter` as it is has no effect. add a field to indicate spotInstances in node.conditions metric (Azure#1928) Bump url-parse from 1.5.3 to 1.5.7 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.3...1.5.7) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> docs: add cleaner info to shared env docs add westus3 to pipeline manifests add additional logging to redeploy to help understand state when this job fails in e2e Re-enable Egress Lockdown Enable egress lockdown feature by default on new clusters while also allowing current clusters to be admin-upgraded with the new feature Co-authored-by: Ben Vesel <[email protected]> fix: use the tag/commit as the aro version ARO uses both tags and commits as its version. The commits are used for the development scenario, tags are used when building and deploing to production. add: copy ARO iamge to integration Signed-off-by: Petr Kotas <[email protected]> add: release pipeline documentation Signed-off-by: Petr Kotas <[email protected]> fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (Azure#1978) * If don't have an apiVersion defined for a resource, then skip over it instead of returning an error. * Reword the comment. * Double quote the resource type in the log warning message. Co-authored-by: Mikalai Radchuk <[email protected]> add operator storage acc and endpoints reconcilers operator tests storageacc handling for install/update generate vendor review feedback Add dev env rules exception Comply with the Authorizer changes Fix tests Fix merge conflicts Add operator flags Fix tests Change operator flags Addressing feedback generate Operator flag tests Addressing feedback FIx update cluster spec Add an Operator controller for Managed Upgrade Operator add MUO deployment manifests run go generate add a mocks directory in the operator make dynamichelper produce less spurious changes for MUO fix: move int mirroring to separate pipelines integration requires it own set of credentials, this can only by provided in a separate pipeline Signed-off-by: Petr Kotas <[email protected]> fix: provide the correct dependent pipeline (Azure#1982) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Remove unused parameter fix: replace parameter with variable (Azure#1984) Signed-off-by: Petr Kotas <[email protected]> Update mirror-aro-to-int.yml for Azure Pipelines Fix typo Cleans up unused args in `muo.NewReconciler` Bump url-parse from 1.5.7 to 1.5.10 in /portal Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](unshiftio/url-parse@1.5.7...1.5.10) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Removes a explicit `gomock.Eq()` matcher calls (Azure#1983) `gomock.Eq()` is a default matcher in gomock so it doesn't have to be explicitly called in these cases Docs: Set GOPATH (Azure#1987) - A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix. Adds extra fields to the PreviewFeature CRD Adds the controller implementation It currently implements only one feature: NSG flow logs preview feature controller and NSG flow log feature implementation L series support - RP changes (Azure#1751) * add L-series SKUs to internal, admin, validate api * make client Add SKU availability and restriction checks to dynamic validation (Azure#1790) * add sku filtering and restriction checks * add install-time instance validation Minor ARO operator refactoring * Gets rid of exported constants like `ENABLED` where exported constants are not required * Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier * Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable. Introduces `DefaultOperatorFlags()` instead. Removing call to listByResourceGroup due to flakyness in the Azure API add validate-fips step into onebranch build rp template exclude vuln protobuf exclude vulnerable containerd versions Changed CloudErrorCodes from vars to consts. (Azure#1997) Co-authored-by: Jeremy Facchetti <[email protected]> Add sourcebranchname to build_tag (Azure#1996) adding a way to pass additional flags to E2E tests (Azure#1998) Fix typo in deploy-development-rp doc (Azure#2005) Better documentation support for multiple envs (Azure#1932) - Now there are two env files: standard, and int-like files - Instructions modified for int envs to create the new file and source it - Fixed a small typo in the instructions that was being masked by indentation vendor: fake operator client Signed-off-by: Petr Kotas <[email protected]> feature: add autosizednodes reconciler Introduce autosizednodes reconciler which watches aro cluster object feature flags for ReconcileAutoSizedNodes. When feature flag is present new KubeletConfig is created enabling the AutoSizingReserver feature which auto computes the system reserved for nodes. feature: add aro cluster to workaround Adds aro cluster instance to IsRequires check to allow for feature flags checking. Signed-off-by: Petr Kotas <[email protected]> feature: disable systemreserved when autosizednodes enabled Signed-off-by: Petr Kotas <[email protected]> Avoid AdminUpdate panic when Nodes are down (Azure#1972) * Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call * Refactor Cluster Manager code to make ensureAROOperator code testable * Add unit test for ensureAROOperator code Co-authored-by: Ulrich Schlueter <[email protected]> update go-cosmosdb version to incorporate the latest change (Azure#2006) Filter out unwanted data from azure list geneva action (Azure#1969) * filter our Microsoft.Compute/snapshots from azure list geneva action * change filter input for test Doc to create & push ARO Operator image to ACR/Quay (Azure#1888) * Doc to create/push AROOperator image ACR/Quay A document on How to create & publish ARO Operator image to ACR/Quay. Added alternative to go get command (Azure#2015) Update Makefile (Azure#2020) The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests Update node-selector on muo namespace Dockerfile for MUO image (Azure#1993) Update OB Build Pipeline to Pass Build Tag as Var (Azure#2011) * adding release_tag functionality to support releasing by tag or commit add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists add muo config yaml add openshift-azure-logging to the ignored namespaces run go generate Fix VM Redeploy Test Flake - Removing test to check k8s Events for Node readiness - Adding test for Azure VM readiness (power state) - Adding test for Linux Kernel uptime to guarantee reboot disable ipv6 router advertisements on rp/gateway vmss Install python3 on RP and gateway VMs make pullspec an optional flag add enabled and managed by default add e2e test Bump minimist from 1.2.5 to 1.2.6 in /portal Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> cleanup: proxy now uses idiomatic waitgroup. cleanup: removed useless anonymous function definition. add containers_image_openpgp tag (Azure#2032) Change secrets-update to allow subsequent updates (Azure#2038) Co-authored-by: Nont <[email protected]> add containers_image_openpgp everywhere add controller into operator for machine health check (Azure#1950) * add worker only controller with operator for machine health check * align mhc node selector pattern with osd Create 2022-04-01 API (Azure#1876) check for default ingressIP when ingressProfiles > 1 (Azure#2021) Signed-off-by: Karan.Magdani <[email protected]> Skip Linux AZ Sec Pack policies from running on VMSS creation (Azure#2041) Admin Portal v2 (Azure#2019) Add in sre portal v2, still default to v1 Co-authored-by: Amber Brown <[email protected]> Co-authored-by: Brett Embery <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (Azure#2043) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> added changes to make local e2e test work/ update doc (Azure#2036) * added changes to make local e2e test work/ update doc updated operator README to include instructions for running the ARO operator locally for a private cluster (Azure#2045) Fix off by one error when truncating name Now it truncates to 14 instead of 15. the corresponding arm templates truncate to 15. Refactors createOrUpdateRouterIPFromCluster Make it reuse isIngressProfileAvailable to check IngressProfile Adds an extra case into TestAroDeploymentReady Updates dev env docs * Removes mention of Python virtualenv as it comes by default with Python 3 * Updates macOS docs to make sure that steps work for Intel and ARM macs * Markdown formatting fixes give /tmp a bit more room for when the CI VM gets busy refactor+test: refactored some functions to test refactored tests added license to test file added err check on validateProxyResquest made the errors more explicit fixed typo in function name removed useless test case renamed oddly named metrics.Interface to Emitter update codeowners renamed github username updated path to quota file (Azure#2058) refactor/add-test : refactored linkid and gateway to add tests (Azure#2013) Enable first basic linters in ARO (Azure#2060) * Enable first basic linters in ARO * Remove modules-download-mode from the linter run config Commit to allow password auth for VMSS jit access (Azure#2027) * Commit to allow password auth for VMSS jit access fix: now uses renamed interface metricsEmitter fix issues with linting new test files added doc.go for imgconfig controller (Azure#2064) Signed-off-by: Karan.Magdani <[email protected]> Revert 2027: Commit to allow password auth for VMSS jit access Add logic to reconcile failed Nic on az aro delete Co-authored-by: Ben Vesel <[email protected]> Update pull secret references from cloud.redhat.com to cloud.openshift.com (Azure#2084) Enables go fmt simplify (Azure#2081) update reference to cloud.redhat.com in README file (Azure#2085) ensure apiserverready check redesigned the quota computation to something understandable (Azure#2059) Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue Fail MUO test if we expect an error but don't get one Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s Bump async from 2.6.3 to 2.6.4 in /portal/v2 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Update the secret rotate time to 7 days during RP deploy (Azure#2051) Remove dead mirror code referencing 4.3 version which isn't mirrored (Azure#2092) add MTU to the internal OCP Document make generate before mock added unit tests for two new functions fix import order remove trailing spaces make validate-go wants to add trailing lines again found/fixed trailing new line add new line at end of test file added admin update method to adminupdate tests newlinw fixed unit test issue add helper method Improve comment gofmt Remove ACR Image Override (Azure#2090) added stylecheck and moved golangci-lint to a github action (Azure#2083) * enabled github action instead of running from ADO * fixed style * fixed some style fixed styling fixed failing tests because of case on errs Small updates to shared rp docs (Azure#2079) "note" syntax adjustments Small updates to shared rp docs from working sessions added note related to gwy keyvault not being in dev Update docs/prepare-a-shared-rp-development-environment.md Language adjustment. Committing syntax change per Caden's suggestion. Co-Authored-By: Caden Marchese <[email protected]> Co-authored-by: Caden Marchese <[email protected]> Additional gateway tests (Azure#2062) * Add coverage for pkg/gateway. Gateway creation now fails fast when env properties are missing. * refactor large test into multiple test cases Move gateway fluentbit to container Bump async from 2.6.3 to 2.6.4 in /portal/v1 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (Azure#2095) Remove mwoodson from codeowners (Azure#2106) Updated FIPs e2e test for 2022-04-01 API Development subscription migration prepare for dns migration Signed-off-by: Karan.Magdani <[email protected]> Update az cli extension to use api v2022_04_01 (Azure#2042) * Bumping az aro extenion api version to v2022_04_01 * Adding new command flags and data structures to az aro create * linting Update cluster Update pkg/util/cluster/cluster.go Co-authored-by: Ben Vesel <[email protected]> Better err handling to customer remove installconfig dependency from deploystorage Remove unnecessary to.StringPtr usages Fixing exception handling for missing subnet (Azure#2117) * Fixing exception handling for missing subnet * use isinstance * Another err.message fix Added a new function for a hardcoded filter of namespaces (Azure#1994) Added unit test for the makeURLSegments function of dynamichelper (Azure#2031) add minor version Master resize (Azure#1889) * master resize GA move arm template deploy to util use the ARM deploytemplate code directly in pkg/cluster Add David Newman to CODEOWNERS il5 series support, vm.go improvements and tests (Azure#2086) Add improvements to `deploy-full-rp-service-in-dev.md` doc (Azure#2048) * Add improvements to full rp service doc * Update docs/deploy-full-rp-service-in-dev.md Co-authored-by: Spencer Amann <[email protected]> NSG controller - reconcile nil NSG (Azure#2116) * adding test case for NSGs = nil * Adding handling of empty NSG Fix deleteNic when the nic is in failed provisioning state Add documentation outlining our keyvaults, certificates, and secrets Provide clearer error for a particular type of PUCM failure Instead of "subnet ID "" has incorrect length", catch the error earlier and provide a clearer "lastAdminUpdateError" message. This particular PUCM failure occurs when a machineset object fails to decode during cluster document enriching. increase the timeout to 10 minutes, since a rebuild can trigger the timeout Vendor installer release 4.10 Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules. Automated updates from "make generate" Set default InstallStream to OCP 4.10.15 Automated updates from "make discoverycache". pipelines: Require agents with go-1.17 capability for CI/E2E Update documentation for Go 1.17 and installer 4.10 Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API * Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing clusters machine provider spec into the new struct. * Switches tests to use the new machine API struct. Ref: openshift/installer@f9725dd Switch to building with golang 1.17 Switch maoclient -> machineclient and maofake -> machinefake gofmt: add "go:build e2e" Switch to using the ubi8 go-toolset for building. Add additional values to CloudError and Cluster Operation Logs (Azure#2094) * Added additional values to CloudError * Update pkg/api/error.go Co-authored-by: Weinong Wang <[email protected]> * Add details for cluster logs in terminal state * Fixed issue with logging clusterResult * Changed to generic name, add String() func * Update logging comments Co-authored-by: Weinong Wang <[email protected]> * Add prefix to cloudErrorMessage String() * Add additional json monikers * Fix bug with resultType output * Defined CloudErrorCategory string type * Empty-Commit to retrigger test * Shift logs, remove code for next PR * Added log fields, removed category * Shift resultType to Logs * Empty-Commit to retrigger test * Remove all error changes * Update openshiftcluster.go change logs to lowercase Co-authored-by: BCarvalheira <[email protected]> Co-authored-by: Weinong Wang <[email protected]> Improved the unit test coverage for the merge function of dynamichelper Fixed the validate golang code errors in the pipeline Updated the code based on Mikalai's feedback Fixed a go validation error added yaml lint (Azure#2132) * added yaml lint * updated the doc Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17. Bump to the latest Microsoft Golang FIPS release. Updated bindata. Switch back to the vanilla ci vmss names. Revert the address prefix and keyvault name changes necessary to deploy to CI. Switch back to using the RHEL go-toolset now that 8.6 is available on Azure. Double the OS Disk size. Increase the disk size of the CI vmss to 200GB. Updated bindata and move disk size to the correct vmss spec. Add an option to send metrics via UDP instead of Unix Domain Sockets (Azure#2074) replace allowOCM flag with a forceLocalOnly flag upgrade image to b4 when mhc is managed create an alert for frequent remediation (Azure#2123) allow overriding the operator version in the admin API (Azure#2134) Update pipelines to demand go 1.17 and update OB container to go 1.17 (Azure#2146) update mdm/mdsd Add new ARO regions to pipelines - australiacentral - australiacentral2 - swedencentral test for infra ID generation this does not need installconfig, and so can be moved upwards in the install replace it with a vendored version, so that we don't need to utilise the installer portion validate apimachinery rand as utilrand split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently. refactored muo to extract deployer (Azure#2122) removed go-bindata from pkg/operator (Azure#2119) add: Getpodlogs kubeaction api (Azure#1885) Migrate from AD to MS Graph Also changed the AADManager so that it only returns values instead of the data structure. This hides the implementation details so that in the future if MSAL changes the internal representation, any required changes will be contained within the class (vs. right now custom.py has to be changed accordingly). fixed conflict created when moving to the new library (Azure#2150) Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: eventsource dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> clean up of validate import, now uses a yaml file for maintainability (Azure#2136) create lint-go script and call it from Makefile (Azure#2118) Co-authored-by: Jeremy Facchetti <[email protected]> Add name length validation on ARO clusters for non-zonal regions Truncate cluster names to 19 char in e2e pipelines Typo in pipeline script Minor change in deploy-dev-rp.md move validate-go to github action (Azure#2153) include openshift-operator-lifecycle-manager in monitoring for gateway change arm deployment template name from storage to gatewayprivateendpoint fix bug where mhc wouldn't kick in after CR change RP support for 2-zone regions, centraluseuap Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0 Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/coreos/ignition/releases) - [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md) - [Commits](coreos/ignition@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/coreos/ignition/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> reduce the use of bindata by using embed for machinehealthcheck controller Add the development AKS ARM template. New deploy_aks_dev function for the AKS ARM template. Script to SSH into AKS node pool VM instances for prototyping and debugging. Add 'make aks.kubeconfig' for use in development environments. Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access. Display list of clusters when a search returns 0 or >1 AKS clusters. Filter for the system node pool for cases when there are more than one deployed. Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes. add managed identity Format JSON. Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in. Minor tweaks to naming, max agent VMs, and variables. Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades. Add aks.kubeconfig to Makefile .PHONY Output an error if the AKS kubeconfig generation fails Delegate pod subnet and wire up the AzureSecrets identity for keyvault access. Remove any previous AKS config. Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones. improve Python unit testing and refactor _validators.py (Azure#2120) * refactor: apply Guard clauses in _validators.py to simplify code * fix _validators.py trailing whitespace * improve python test tructure, include execution of unit tests in make test-python * crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr * add tests for test_validate_client_id and include test cases description * add unit tests for validate_client_secret from azext_aro._validators * add explicit fields to named tuple in test cases in test_validators.py * add two test scenarios for validate_cluster_resource_group * simplify mocks * add test case for test_validate_cluster_resource_group * improve test descriptions * add test_validate_disk_encryption_set test to test validate_disk_encryption_set * add test cases to test_validate_disk_encryption_set() * refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes * refactor (simplify code): remove explicit assignemnt to None when it is the default value * create test_validate_domain() with 1st test case * add test case, domain with '_' * explicit import of unittest.TestCase * fix test message in test_validate_domain * finish test_validate_domain() * finish test_validate_sdn() and test_validate_pull_secret() * create test_validate_subnet() with first test case * finish test_validate_subnet() and minor refactor in _validators.py * create test_validate_subnets() and add first test case * finish validate_vnet_resource_group_name() * finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py * finish test_validate_worker_vm_disk_size_gb() * refactor _validators.py * add test_validate_refresh_cluster_credentials() and minor refactor of test_validators() * refactor _test_validators.py to use pytest, create script and invoke it from Makefile * simplify test_validate_cidr() using pytest.mark.parametrize * simplify some tests using pytest.mark.parametrize * finish applying pytest.mark.parametrize * clean up Makefile test-python * add blank line to hack/unit-test-python.sh * fix typo in test case * fix mega-linter error, blank space * fix test case to fail due to invalid range * fix typo in beeing to be being * remove redundant test case * reformat code for better readability * add missing license to __init__.py files Panic on AdminUpdate with MaintenanceTaskEverything Fixed formatting issues and made the changes suggested in PR 2152 Panic on AdminUpdate PR changes. error message updated as per PR comments move installtime set to startInstallation rather than in the middle of kubeconfig generation Fix azureproviderspec regression (Azure#2167) * Fix AzureMachineProviderSpec regression in 4.10 * refactor to reduce branches and clean up Co-authored-by: bennerv <[email protected]> Removed temporary timestamp update code (Azure#2172) mirror MUO and Hive images to ACR attempt to make this e2e test a bit more reliable Add pull secret to allow mirroring from pd -> int Pass NIC on CreateOrUpdate call add required build images to mirror add a listen to the cluster pull secret move deploystorage portions to pkg/installer manager for installer code, call the installer code from the cluster/install.go code move some steps earlier in the installer we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly Hive AKS development environment deploy (Azure#2171) * Add hive config generation script * Script to install hive into the AKS dev environments * Add note about semi-scientific container image search * Vanilla hive config gleaned from app-sre config * Initial OCP 4.10.15 image set * Ignore the generated hive config files * Check for crds folder and ask to re-running install * Add docs * Add newline to yaml EOF * Spelling is clearly hard at this hour... * Fix typo, grammer, and spelling * Use the shell var instead * Use the expanded output variable syntax. No lazy typing :) * Use 1's for all error exit's * Fix make aks.kubeconfig in docs/hive.md Co-authored-by: Spencer Amann <[email protected]> * Fix hive docs kubeconfig typo * Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd * Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define Co-authored-by: Spencer Amann <[email protected]> Go vet with tags
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Karan.Magdani [email protected]
Which issue this PR addresses:
Fixes #2010
Fixes https://msazure.visualstudio.com/AzureRedHatOpenShift/_workitems/edit/13948245
What this PR does / why we need it:
Bug where we end up selecting wrong ingress when there are multiple ingressProfiles.
Test plan for issue:
Is there any documentation that needs to be updated for this PR?