# 4.14.0-0.okd-2024-01-06-084517 Created: 2024-01-07 09:26:56 +0000 UTC Image Digest: `sha256:c4a6b6850701202f629c0e451de784b02f0de079650a1b9ccbf610448ebc9227` Promoted from registry.ci.openshift.org/origin/release:4.14.0-0.okd-2024-01-06-084517 ## Changes from 4.14.0-0.okd-2023-10-28-073550 ### Components * Kubernetes upgraded from 1.27.6 to 1.27.9 * Fedora CoreOS upgraded from 38.20231002.3 to 38.20231027.3 ### Rebuilt images without code change * [agent-installer-node-agent](https://github.com/openshift/assisted-installer-agent) git [e438a5e9](https://github.com/openshift/assisted-installer-agent/commit/e438a5e93d2b08ba670acf742c0f1c6ad44ab92b) `sha256:85c91f106917d5b81514f5bffc604ff42d38a75c70dc3f2e621b3177d73828ef` * [agent-installer-utils](https://github.com/openshift/agent-installer-utils) git [ad853769](https://github.com/openshift/agent-installer-utils/commit/ad8537697818870b53b6262041f0dfa78a3b41c2) `sha256:489284071d0c2589438a8ac95f59d0c771036e9b568d53bccc67429f6b3e74f2` * [multus-cni](https://github.com/openshift/multus-cni) git [599223b8](https://github.com/openshift/multus-cni/commit/599223b858ca334e23eba3f12b4866e833807826) `sha256:3b4016c2feaddb883b851df19fbbc0bb7d3d00ea976152de32612b5ebac9dc91` * [olm-catalogd](https://github.com/openshift/operator-framework-catalogd) git [aa44c026](https://github.com/openshift/operator-framework-catalogd/commit/aa44c0262f1de5d888dc11abe6d730b0c84a8df3) `sha256:67308408fa9d18bc605be7cb6b58c3080a4ba828c8481f6571368b893d583363` ### [agent-installer-api-server](https://github.com/openshift/assisted-service/tree/0634e0aaf3cd89258f47ef0f255a9ff5702963d3) * [OCPBUGS-23069](https://issues.redhat.com/browse/OCPBUGS-23069): Ignore hostPrefix validation for plugins other than OVN/SDN (#5676) [#5676](https://github.com/openshift/assisted-service/pull/5676) * [Full changelog](https://github.com/openshift/assisted-service/compare/4e1a1e59cef06c75a9a09f6251ecbd19eecb8be5...0634e0aaf3cd89258f47ef0f255a9ff5702963d3) ### [agent-installer-csr-approver, agent-installer-orchestrator](https://github.com/openshift/assisted-installer/tree/02dc1175d8d1278f94287d14899c66344cef9174) * [OCPBUGS-20049](https://issues.redhat.com/browse/OCPBUGS-20049): Remove uninitialized taint for agent-based installs (#753) [#753](https://github.com/openshift/assisted-installer/pull/753) * [Full changelog](https://github.com/openshift/assisted-installer/compare/9fd99e3861fc32b8a608bb0c81344435e32ad004...02dc1175d8d1278f94287d14899c66344cef9174) ### [alibaba-cloud-controller-manager](https://github.com/openshift/cloud-provider-alibaba-cloud/tree/8ba0b37a45510404a842d6dbd84d40a18008e81d) * [OCPBUGS-21255](https://issues.redhat.com/browse/OCPBUGS-21255): Bump golang.org/x/net to v0.18.0 [#38](https://github.com/openshift/cloud-provider-alibaba-cloud/pull/38) * [Full changelog](https://github.com/openshift/cloud-provider-alibaba-cloud/compare/8c532d2e64aa0f2fc30e49d658a47426fab38cb3...8ba0b37a45510404a842d6dbd84d40a18008e81d) ### [alibaba-disk-csi-driver-operator](https://github.com/openshift/alibaba-disk-csi-driver-operator/tree/2ac2780e6b09d8b11a2064b8f7d1c5e946768343) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#71](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/71) * [Full changelog](https://github.com/openshift/alibaba-disk-csi-driver-operator/compare/7e0204aeee1770a98afb7ace4f3ccb5568c906e8...2ac2780e6b09d8b11a2064b8f7d1c5e946768343) ### [apiserver-network-proxy](https://github.com/openshift/apiserver-network-proxy/tree/3362d673b054807a4974b4d600486933f7e0bd42) * [HOSTEDCP-1323](https://issues.redhat.com/browse/HOSTEDCP-1323): Merge latest code into 4.14 branch [#45](https://github.com/openshift/apiserver-network-proxy/pull/45) * [Full changelog](https://github.com/openshift/apiserver-network-proxy/compare/15cd4347b9384fac3d93029c6426dc15b964f557...3362d673b054807a4974b4d600486933f7e0bd42) ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/8dac7fcdc597614acc5969a8d152ead2a28b9ad4) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#296](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/296) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/024bec5b1d318b874fd93d6e57018467d26333d1...8dac7fcdc597614acc5969a8d152ead2a28b9ad4) ### [aws-pod-identity-webhook](https://github.com/openshift/aws-pod-identity-webhook/tree/ad7aa0ae2c85eca233fbe1afc35e64452a880a1c) * [OCPBUGS-21761](https://issues.redhat.com/browse/OCPBUGS-21761): Backport the recent rebase to 4.14 [#168](https://github.com/openshift/aws-pod-identity-webhook/pull/168) * NO-ISSUE: Sync OWNERS with team members [#176](https://github.com/openshift/aws-pod-identity-webhook/pull/176) * snyk: exclude vendor/ [#171](https://github.com/openshift/aws-pod-identity-webhook/pull/171) * [Full changelog](https://github.com/openshift/aws-pod-identity-webhook/compare/ed5ae281ece6092735140617c486e5822ce5b7b6...ad7aa0ae2c85eca233fbe1afc35e64452a880a1c) ### [azure-cloud-controller-manager, azure-cloud-node-manager](https://github.com/openshift/cloud-provider-azure/tree/f0e7cbbcf37fb44c34a192ecffaf40a6639c8bea) * [OCPBUGS-21439](https://issues.redhat.com/browse/OCPBUGS-21439): Bump golang.org/x/net to v0.18.0 [#93](https://github.com/openshift/cloud-provider-azure/pull/93) * [Full changelog](https://github.com/openshift/cloud-provider-azure/compare/cca9a841e807dd87708b82562fc5f376ed2f274c...f0e7cbbcf37fb44c34a192ecffaf40a6639c8bea) ### [azure-disk-csi-driver-operator](https://github.com/openshift/azure-disk-csi-driver-operator/tree/557c4f4617d45e50127363e34d4512b59e8c8bb6) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#109](https://github.com/openshift/azure-disk-csi-driver-operator/pull/109) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver-operator/compare/3e2ddb326b30b0a4bf482b2869beee2ffdf8695b...557c4f4617d45e50127363e34d4512b59e8c8bb6) ### [azure-file-csi-driver-operator](https://github.com/openshift/azure-file-csi-driver-operator/tree/96fab8160e575991c1f50101bf1ec8bb0259165e) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#83](https://github.com/openshift/azure-file-csi-driver-operator/pull/83) * [Full changelog](https://github.com/openshift/azure-file-csi-driver-operator/compare/43838ae6c329e7d818c19ec59dfba5abde7535f6...96fab8160e575991c1f50101bf1ec8bb0259165e) ### [baremetal-installer, installer, installer-artifacts, ovirt-installer](https://github.com/openshift/installer/tree/a3cbb199faaa440a9d7e130f35b6be83f912aef9) * [OCPBUGS-22771](https://issues.redhat.com/browse/OCPBUGS-22771): aws: use security groups from defaultMachinePlatform [#7658](https://github.com/openshift/installer/pull/7658) * [OCPBUGS-24489](https://issues.redhat.com/browse/OCPBUGS-24489): baremetal: populate customDeploy in advance [#7802](https://github.com/openshift/installer/pull/7802) * [OCPBUGS-22770](https://issues.redhat.com/browse/OCPBUGS-22770): destroy: gcp: fix destroying regional disks [#7657](https://github.com/openshift/installer/pull/7657) * Bug OCPBUGS-22776: OpenStack: Fix IPv6 address configuration for bootstrap [#7660](https://github.com/openshift/installer/pull/7660) * [OCPBUGS-22978](https://issues.redhat.com/browse/OCPBUGS-22978): IBMCloud: Add eu-es region [#7684](https://github.com/openshift/installer/pull/7684) * [OCPBUGS-23399](https://issues.redhat.com/browse/OCPBUGS-23399): Check if PER is enabled in the target PowerVS workspace [#7736](https://github.com/openshift/installer/pull/7736) * [OCPBUGS-22688](https://issues.redhat.com/browse/OCPBUGS-22688): Bump Fedora CoreOS to latest stable [#7647](https://github.com/openshift/installer/pull/7647) * [OCPBUGS-22774](https://issues.redhat.com/browse/OCPBUGS-22774): Add KMS encryption keys if provided [#7659](https://github.com/openshift/installer/pull/7659) * [OCPBUGS-21868](https://issues.redhat.com/browse/OCPBUGS-21868): vSphere,segfault on version check [#7605](https://github.com/openshift/installer/pull/7605) * [OCPBUGS-22945](https://issues.redhat.com/browse/OCPBUGS-22945): Update gcloud version to 447.0.0 [#7681](https://github.com/openshift/installer/pull/7681) * [OCPBUGS-22187](https://issues.redhat.com/browse/OCPBUGS-22187): azure: validation: validate defaultMachinePlatform [#7615](https://github.com/openshift/installer/pull/7615) * [OCPBUGS-22758](https://issues.redhat.com/browse/OCPBUGS-22758): update RHCOS 4.14 bootimage metadata to 414.92.202310210434-0 [#7655](https://github.com/openshift/installer/pull/7655) * [OCPBUGS-19922](https://issues.redhat.com/browse/OCPBUGS-19922): Release 4.14 skip agent tui on external oci platform [#7599](https://github.com/openshift/installer/pull/7599) * [OCPBUGS-21653](https://issues.redhat.com/browse/OCPBUGS-21653): Rectify GCP label key validation check [#7606](https://github.com/openshift/installer/pull/7606) * [Full changelog](https://github.com/openshift/installer/compare/03546e550ae68f6b36d78d78b539450e66b5f6c2...a3cbb199faaa440a9d7e130f35b6be83f912aef9) ### [baremetal-operator](https://github.com/openshift/baremetal-operator/tree/9cd5c076afbccee3f4297cb2c9eb1435f572abf8) * [OCPBUGS-24489](https://issues.redhat.com/browse/OCPBUGS-24489): Do not update instance_info and deploy_interface for active nodes [#325](https://github.com/openshift/baremetal-operator/pull/325) * [Full changelog](https://github.com/openshift/baremetal-operator/compare/8643f32fea3e50b81b70a4bd5367a7487a73e7c6...9cd5c076afbccee3f4297cb2c9eb1435f572abf8) ### [baremetal-runtimecfg](https://github.com/openshift/baremetal-runtimecfg/tree/4b7c64bd91deabdba2c87a22c70f87ab2f7c2e6f) * [OCPBUGS-23474](https://issues.redhat.com/browse/OCPBUGS-23474): Use shorter IP label for keepalived VIP [#288](https://github.com/openshift/baremetal-runtimecfg/pull/288) * [Full changelog](https://github.com/openshift/baremetal-runtimecfg/compare/e7fa0f25f9fb18253f948f08939d0766b6a880a2...4b7c64bd91deabdba2c87a22c70f87ab2f7c2e6f) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/286cfa5f978c4a89c776347c82fa09a232eef144) * [OCPBUGS-25983](https://issues.redhat.com/browse/OCPBUGS-25983): Remove deprecated password defaulting in default config flag [#1646](https://github.com/openshift/oc/pull/1646) * [OCPBUGS-24197](https://issues.redhat.com/browse/OCPBUGS-24197): Add client version in must-gather summary [#1607](https://github.com/openshift/oc/pull/1607) * [OCPBUGS-24460](https://issues.redhat.com/browse/OCPBUGS-24460): Overwrite template's namespace with the explicit one [#1616](https://github.com/openshift/oc/pull/1616) * [OCPBUGS-22702](https://issues.redhat.com/browse/OCPBUGS-22702): Reflect container's exit code for long running tasks not attached to terminal [#1592](https://github.com/openshift/oc/pull/1592) * [OCPBUGS-20508](https://issues.redhat.com/browse/OCPBUGS-20508): regeneratemco: explicitly check for PlatformStatus field [#1573](https://github.com/openshift/oc/pull/1573) * [Full changelog](https://github.com/openshift/oc/compare/0c63f9da2694c080257111616c60005f32a5bf47...286cfa5f978c4a89c776347c82fa09a232eef144) ### [cloud-credential-operator](https://github.com/openshift/cloud-credential-operator/tree/fba5608095b60438575339bd406c7a9ed40995ae) * [OCPBUGS-25275](https://issues.redhat.com/browse/OCPBUGS-25275): Azure Workload Identity info in CredsRequests creates a Secret [#643](https://github.com/openshift/cloud-credential-operator/pull/643) * [OCPBUGS-24346](https://issues.redhat.com/browse/OCPBUGS-24346): Discover AWS dns suffix from partition and region. [#635](https://github.com/openshift/cloud-credential-operator/pull/635) * [OCPBUGS-23986](https://issues.redhat.com/browse/OCPBUGS-23986): Use per-project custom roles instead of per-cluster custom roles [#631](https://github.com/openshift/cloud-credential-operator/pull/631) * [OCPBUGS-23426](https://issues.redhat.com/browse/OCPBUGS-23426): Explicitly set the vsphere secret credential data on sync. [#629](https://github.com/openshift/cloud-credential-operator/pull/629) * [OCPBUGS-21388](https://issues.redhat.com/browse/OCPBUGS-21388): Upgrade golang/x/net for CVE-2023-39325 [#622](https://github.com/openshift/cloud-credential-operator/pull/622) * NO-ISSUE: Removing andrew from OWNERS [#617](https://github.com/openshift/cloud-credential-operator/pull/617) * snyk: exclude vendor/ [#615](https://github.com/openshift/cloud-credential-operator/pull/615) * [OCPBUGS-22651](https://issues.redhat.com/browse/OCPBUGS-22651): explicitly set azure oidc bucket to allow public blob access [#612](https://github.com/openshift/cloud-credential-operator/pull/612) * [Full changelog](https://github.com/openshift/cloud-credential-operator/compare/2c18aadc530c825a87b54ac8a762509a8d0d73f0...fba5608095b60438575339bd406c7a9ed40995ae) ### [cluster-authentication-operator](https://github.com/openshift/cluster-authentication-operator/tree/9ad3782e5e7c17c15f824572c7049a44e8f85700) * [OCPBUGS-20705](https://issues.redhat.com/browse/OCPBUGS-20705): go.mod: bump golang.org/x/net to v0.17.0 [#637](https://github.com/openshift/cluster-authentication-operator/pull/637) * [Full changelog](https://github.com/openshift/cluster-authentication-operator/compare/bebf0fd3932be12594227b415fecd5d664611bc0...9ad3782e5e7c17c15f824572c7049a44e8f85700) ### [cluster-baremetal-operator](https://github.com/openshift/cluster-baremetal-operator/tree/270579c644f97dd9f2e8e771c939833ffee1dd3e) * [OCPBUGS-23392](https://issues.redhat.com/browse/OCPBUGS-23392), [OCPBUGS-23393](https://issues.redhat.com/browse/OCPBUGS-23393): fix IRONIC_EXTERNAL_URL_V6 [#384](https://github.com/openshift/cluster-baremetal-operator/pull/384) * Jira OCPBUGS-22208: Trigger reconcile if Secret openshift-config/pull-secret changes [#376](https://github.com/openshift/cluster-baremetal-operator/pull/376) * [Full changelog](https://github.com/openshift/cluster-baremetal-operator/compare/6d5d5187f1b469eee613cebc1be14c5fb985e2a8...270579c644f97dd9f2e8e771c939833ffee1dd3e) ### [cluster-capi-operator](https://github.com/openshift/cluster-capi-operator/tree/b4c4fb13a40c2c71b8f21fe379befad95e341a77) * [OCPBUGS-22314](https://issues.redhat.com/browse/OCPBUGS-22314): fix: add missing azure identity diff [#136](https://github.com/openshift/cluster-capi-operator/pull/136) * [Full changelog](https://github.com/openshift/cluster-capi-operator/compare/445968f3f0222b1d0679741898faa2e695543086...b4c4fb13a40c2c71b8f21fe379befad95e341a77) ### [cluster-cloud-controller-manager-operator](https://github.com/openshift/cluster-cloud-controller-manager-operator/tree/c10ac3773e44951bb3dbcf2b30c9b93818d78fd0) * [OCPBUGS-21189](https://issues.redhat.com/browse/OCPBUGS-21189): Bump golang.org/x/net to v0.18.0 [#295](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/295) * [OCPBUGS-20552](https://issues.redhat.com/browse/OCPBUGS-20552): apply necessary RBAC for the alibaba cloud controller manager [#289](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/289) * [Full changelog](https://github.com/openshift/cluster-cloud-controller-manager-operator/compare/6036333a63fbc93726ae704f1af359af49ab0987...c10ac3773e44951bb3dbcf2b30c9b93818d78fd0) ### [cluster-config-operator](https://github.com/openshift/cluster-config-operator/tree/d069e1477c7855035935a716100b3e8d4751d951) * [OCPBUGS-21653](https://issues.redhat.com/browse/OCPBUGS-21653): Update openshift/api package to latest version [#371](https://github.com/openshift/cluster-config-operator/pull/371) * : OCPBUGS-21286: bump library-go to include switch to HTTP/1.1 [#369](https://github.com/openshift/cluster-config-operator/pull/369) * [Full changelog](https://github.com/openshift/cluster-config-operator/compare/fa99c083c1e6044855246c18042e6da2476964bb...d069e1477c7855035935a716100b3e8d4751d951) ### [cluster-control-plane-machine-set-operator](https://github.com/openshift/cluster-control-plane-machine-set-operator/tree/0455a742f260ad7d39f63890559efd4f63429165) * [OCPBUGS-20566](https://issues.redhat.com/browse/OCPBUGS-20566): webhooks: set min version TLS 1.2 + exclude weak ciphersuites [#254](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/254) * [Full changelog](https://github.com/openshift/cluster-control-plane-machine-set-operator/compare/dc70181ee973124b2c3c6866a3c081fcd45d91a8...0455a742f260ad7d39f63890559efd4f63429165) ### [cluster-csi-snapshot-controller-operator](https://github.com/openshift/cluster-csi-snapshot-controller-operator/tree/73dc400fbbbd7dc131c98199e3b5c5cac957ee83) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#174](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/174) * [Full changelog](https://github.com/openshift/cluster-csi-snapshot-controller-operator/compare/5d8bae88fdceefd3cc6e9befe3da641839403d9c...73dc400fbbbd7dc131c98199e3b5c5cac957ee83) ### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/e29f97d93ca1c4fa423b871ad7f1b73bd64ed1d0) * Revert "[release-4.14] OCPBUGS-21802: remove revision stability check from bootstrap complet…" [#1168](https://github.com/openshift/cluster-etcd-operator/pull/1168) * [OCPBUGS-22477](https://issues.redhat.com/browse/OCPBUGS-22477): Remove z-upgrades from UpgradeBackupController [#1140](https://github.com/openshift/cluster-etcd-operator/pull/1140) * [OCPBUGS-21802](https://issues.redhat.com/browse/OCPBUGS-21802): remove revision stability check from bootstrap complet… [#1138](https://github.com/openshift/cluster-etcd-operator/pull/1138) * [OCPBUGS-21175](https://issues.redhat.com/browse/OCPBUGS-21175): fixing CVE-2023-39325 by updating dependencies [#1142](https://github.com/openshift/cluster-etcd-operator/pull/1142) * [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/a30b074095df7195ed0126bcd212b74114a88ee9...e29f97d93ca1c4fa423b871ad7f1b73bd64ed1d0) ### [cluster-image-registry-operator](https://github.com/openshift/cluster-image-registry-operator/tree/d27b918c32a5bcd04a2aba77c35b73b3f005b3e9) * [OCPBUGS-22127](https://issues.redhat.com/browse/OCPBUGS-22127): increase storage account key cache expiration [#941](https://github.com/openshift/cluster-image-registry-operator/pull/941) * [OCPBUGS-20710](https://issues.redhat.com/browse/OCPBUGS-20710): mitigate effects of rapid reset [#942](https://github.com/openshift/cluster-image-registry-operator/pull/942) * [Full changelog](https://github.com/openshift/cluster-image-registry-operator/compare/b0ee859b641ff2b1d9896d0cd13743ee3335051a...d27b918c32a5bcd04a2aba77c35b73b3f005b3e9) ### [cluster-kube-apiserver-operator](https://github.com/openshift/cluster-kube-apiserver-operator/tree/2a07e2dc098b9bea4e3e27279c692da10a6a519e) * [OCPBUGS-25384](https://issues.redhat.com/browse/OCPBUGS-25384): psa cluster fleet evaluation [#1600](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1600) * : OCPBUGS-24022: Add workload partitioning annotation [#1590](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1590) * : OCPBUGS-20898: bump library-go to include switch to HTTP/1.1 [#1569](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1569) * [OCPBUGS-22718](https://issues.redhat.com/browse/OCPBUGS-22718): [release-4.14] OCPBUGS-20331: manifests: rename API performance dashboard [#1570](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1570) * [Full changelog](https://github.com/openshift/cluster-kube-apiserver-operator/compare/8b38d12efe5f4c4906473acbe53e36961e91490f...2a07e2dc098b9bea4e3e27279c692da10a6a519e) ### [cluster-kube-storage-version-migrator-operator](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/tree/9cd9922a42a64fe058718f10e3b4123b943bb55f) * : OCPBUGS-21371: bump library-go to include switch to HTTP/1.1 [#96](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/96) * [Full changelog](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/compare/332cb1cd0f9a00c03e3f9d400ae8483abd03036c...9cd9922a42a64fe058718f10e3b4123b943bb55f) ### [cluster-machine-approver](https://github.com/openshift/cluster-machine-approver/tree/8bf6e7c04fe8ac3f891e8ee1672f4e17b97572dc) * [OCPBUGS-23150](https://issues.redhat.com/browse/OCPBUGS-23150): Filter non node CSRs in metrics [#209](https://github.com/openshift/cluster-machine-approver/pull/209) * [OCPBUGS-21468](https://issues.redhat.com/browse/OCPBUGS-21468): Bump x/net package to v0.17.0 [#206](https://github.com/openshift/cluster-machine-approver/pull/206) * [Full changelog](https://github.com/openshift/cluster-machine-approver/compare/d364966705ccb291cc9e14a614c3a2f638128b81...8bf6e7c04fe8ac3f891e8ee1672f4e17b97572dc) ### [cluster-monitoring-operator](https://github.com/openshift/cluster-monitoring-operator/tree/94ddd62daa1ed729055e97b76e07745aa02098fd) * [OCPBUGS-21473](https://issues.redhat.com/browse/OCPBUGS-21473): Set the new --disable-http2 flag for prometheus-adapter to disable HTTP2 [#2147](https://github.com/openshift/cluster-monitoring-operator/pull/2147) * [OCPBUGS-22917](https://issues.redhat.com/browse/OCPBUGS-22917): jsonnet: pin commits [#2143](https://github.com/openshift/cluster-monitoring-operator/pull/2143) * [OCPBUGS-22734](https://issues.redhat.com/browse/OCPBUGS-22734): [release-4.14] add RHACS telemetry metrics [#2137](https://github.com/openshift/cluster-monitoring-operator/pull/2137) * [Full changelog](https://github.com/openshift/cluster-monitoring-operator/compare/88803c7f4d8dedb565b303d15e03d72f31412f5a...94ddd62daa1ed729055e97b76e07745aa02098fd) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/2d7ced4536c90a4c848ae9a67caf4c0766cfde78) * [OCPBUGS-24320](https://issues.redhat.com/browse/OCPBUGS-24320): Add apbroute/status patch rights for ovnkube-node to update status [#2143](https://github.com/openshift/cluster-network-operator/pull/2143) * [OCPBUGS-22787](https://issues.redhat.com/browse/OCPBUGS-22787), [OCPBUGS-22788](https://issues.redhat.com/browse/OCPBUGS-22788), [OCPBUGS-22789](https://issues.redhat.com/browse/OCPBUGS-22789): ovnkube: container scripts cleanup [#2090](https://github.com/openshift/cluster-network-operator/pull/2090) * [OCPBUGS-23371](https://issues.redhat.com/browse/OCPBUGS-23371): hypershift, hosted clusters: enable multi-homing and multi-net features [#2117](https://github.com/openshift/cluster-network-operator/pull/2117) * [OCPBUGS-21717](https://issues.redhat.com/browse/OCPBUGS-21717): Bump golang.org/x/net and github.com/openshift/library-go [#2122](https://github.com/openshift/cluster-network-operator/pull/2122) * [OCPBUGS-24633](https://issues.redhat.com/browse/OCPBUGS-24633): ipsec add pluto restart [#2152](https://github.com/openshift/cluster-network-operator/pull/2152) * [OCPBUGS-22363](https://issues.redhat.com/browse/OCPBUGS-22363): Added HCP label to CNO pods [#2081](https://github.com/openshift/cluster-network-operator/pull/2081) * [OCPBUGS-22286](https://issues.redhat.com/browse/OCPBUGS-22286): hypershift: adjust backoff on infrastructure name retry [#2078](https://github.com/openshift/cluster-network-operator/pull/2078) * [OCPBUGS-23011](https://issues.redhat.com/browse/OCPBUGS-23011): Block upgrades to 4.15 with Kuryr [#2096](https://github.com/openshift/cluster-network-operator/pull/2096) * [OCPBUGS-23315](https://issues.redhat.com/browse/OCPBUGS-23315): set automountServiceAccountToken to false for hypershift managed network-node-identity deploy [#2107](https://github.com/openshift/cluster-network-operator/pull/2107) * [OCPBUGS-19897](https://issues.redhat.com/browse/OCPBUGS-19897): HyperShift: Use the local konnectivity proxy when checking proxy readiness [#2043](https://github.com/openshift/cluster-network-operator/pull/2043) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/5572bce9c04feaf970862db03fe4c4fe03b912b4...2d7ced4536c90a4c848ae9a67caf4c0766cfde78) ### [cluster-node-tuning-operator](https://github.com/openshift/cluster-node-tuning-operator/tree/c2dffde35f3d6de662ab0f7dfa9698affba286b2) * Make MC names deterministic (#903) [#903](https://github.com/openshift/cluster-node-tuning-operator/pull/903) * [OCPBUGS-25671](https://issues.redhat.com/browse/OCPBUGS-25671): rps: fix mask update for SR-IOV devices (#891) [#891](https://github.com/openshift/cluster-node-tuning-operator/pull/891) * [OCPBUGS-18640](https://issues.redhat.com/browse/OCPBUGS-18640): Fix Racing Machine Configs and add Day 0 Support (#854) (#871) [#854](https://github.com/openshift/cluster-node-tuning-operator/pull/854) * [OCPBUGS-24638](https://issues.redhat.com/browse/OCPBUGS-24638): Do not set default RPS sysctl twice (#880) [#880](https://github.com/openshift/cluster-node-tuning-operator/pull/880) * [OCPBUGS-21845](https://issues.redhat.com/browse/OCPBUGS-21845): rps: trigger udev event per queue #832 (#832) [#832](https://github.com/openshift/cluster-node-tuning-operator/pull/832) * [OCPBUGS-21845](https://issues.redhat.com/browse/OCPBUGS-21845): e2e:rps: improve logging (#831) [#831](https://github.com/openshift/cluster-node-tuning-operator/pull/831) * render: change dir path (#826) [#826](https://github.com/openshift/cluster-node-tuning-operator/pull/826) * Disable HTTP/2 for webhook and metrics servers (#841) [#841](https://github.com/openshift/cluster-node-tuning-operator/pull/841) * Remove obsolete protocols and weak ciphers (#835) [#835](https://github.com/openshift/cluster-node-tuning-operator/pull/835) * [Full changelog](https://github.com/openshift/cluster-node-tuning-operator/compare/a91f9945a89f6c5b68ee15618d20bc89e1c0caa6...c2dffde35f3d6de662ab0f7dfa9698affba286b2) ### [cluster-olm-operator](https://github.com/openshift/cluster-olm-operator/tree/0dbbb6132ced379602040731ff889eebb4202e73) * [OCPBUGS-25481](https://issues.redhat.com/browse/OCPBUGS-25481): NO-ISSUE: Bump k8s.io/apiextensions-apiserver [#41](https://github.com/openshift/cluster-olm-operator/pull/41) * [OCPBUGS-22581](https://issues.redhat.com/browse/OCPBUGS-22581): [release-4.14] OCPBUGS-24652: Bump k8s dependencies [#38](https://github.com/openshift/cluster-olm-operator/pull/38) * [Full changelog](https://github.com/openshift/cluster-olm-operator/compare/9e05f328825215a8ad58c9023c0f9d62c843c5aa...0dbbb6132ced379602040731ff889eebb4202e73) ### [cluster-openshift-apiserver-operator](https://github.com/openshift/cluster-openshift-apiserver-operator/tree/8bd86026e9eaab600dafa3c89c102f1cf86677fe) * : OCPBUGS-20724: bump library-go to include switch to HTTP/1.1 [#554](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/554) * [Full changelog](https://github.com/openshift/cluster-openshift-apiserver-operator/compare/00f7e4cc95063ba5aba1992568088d924cfbf516...8bd86026e9eaab600dafa3c89c102f1cf86677fe) ### [cluster-openshift-controller-manager-operator](https://github.com/openshift/cluster-openshift-controller-manager-operator/tree/77e0d6a07854665a7e9c8458db67e25d02da934a) * [OCPBUGS-23490](https://issues.redhat.com/browse/OCPBUGS-23490): Remove blockage of ConfigObserver by build informer has synced flag [#318](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/318) * [Full changelog](https://github.com/openshift/cluster-openshift-controller-manager-operator/compare/04cec68a4cd060be0f324db5d30f02476a85d20e...77e0d6a07854665a7e9c8458db67e25d02da934a) ### [cluster-storage-operator](https://github.com/openshift/cluster-storage-operator/tree/d212f20b9b2c639384baef9879af149ac259c014) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#416](https://github.com/openshift/cluster-storage-operator/pull/416) * [OCPBUGS-23210](https://issues.redhat.com/browse/OCPBUGS-23210): [IBM ROKS] cluster-storage-operator does not set upgradeable=True [#419](https://github.com/openshift/cluster-storage-operator/pull/419) * [Full changelog](https://github.com/openshift/cluster-storage-operator/compare/dbb1514dbf9923c56a4a198374cc59e45f9bc0cc...d212f20b9b2c639384baef9879af149ac259c014) ### [cluster-update-keys](https://github.com/openshift/cluster-update-keys/tree/e0c26a084139906e866d9eec89f05d2d3211b334) * [OCPBUGS-10126](https://issues.redhat.com/browse/OCPBUGS-10126): Updating ose-agent-installer-orchestrator images to be consistent with ART [#48](https://github.com/openshift/cluster-update-keys/pull/48) * [Full changelog](https://github.com/openshift/cluster-update-keys/compare/9dd3eedebc62725e806d7b52d640b70e61a96f98...e0c26a084139906e866d9eec89f05d2d3211b334) ### [cluster-version-operator](https://github.com/openshift/cluster-version-operator/tree/2a48f5e228f27a26383f1a613fa328c1ffba7977) * [OCPBUGS-20762](https://issues.redhat.com/browse/OCPBUGS-20762): [4.14] Bump http-related deps [#986](https://github.com/openshift/cluster-version-operator/pull/986) * [Full changelog](https://github.com/openshift/cluster-version-operator/compare/a091f80be76fbcb92fe49b2668c81fe6bf685c4e...2a48f5e228f27a26383f1a613fa328c1ffba7977) ### [console](https://github.com/openshift/console/tree/52c0b1598989cea2264a4dda1372a91bcd6647ec) * [OCPBUGS-24349](https://issues.redhat.com/browse/OCPBUGS-24349): Fix crash when ArtifactHub Task has no version [#13399](https://github.com/openshift/console/pull/13399) * [OCPBUGS-25397](https://issues.redhat.com/browse/OCPBUGS-25397): fix runtime error on Node details Overview when Machin… [#13446](https://github.com/openshift/console/pull/13446) * [OCPBUGS-23771](https://issues.redhat.com/browse/OCPBUGS-23771): Fix for yaml editor that crashes with MCE and ACM plugins enabled [#13360](https://github.com/openshift/console/pull/13360) * [OCPBUGS-24667](https://issues.redhat.com/browse/OCPBUGS-24667): Fix plugin proxy handler [#13425](https://github.com/openshift/console/pull/13425) * [OCPBUGS-24474](https://issues.redhat.com/browse/OCPBUGS-24474): S2I Build Wizard should check for Containerfile in addition to Dockerfile [#13415](https://github.com/openshift/console/pull/13415) * [OCPBUGS-24432](https://issues.redhat.com/browse/OCPBUGS-24432): fix filtering issues on Events [#13413](https://github.com/openshift/console/pull/13413) * [OCPBUGS-24352](https://issues.redhat.com/browse/OCPBUGS-24352): add access review for impersonate [#13400](https://github.com/openshift/console/pull/13400) * [OCPBUGS-22240](https://issues.redhat.com/browse/OCPBUGS-22240): Save also the location.search and .hash values in localStorage to restore them after login [#13270](https://github.com/openshift/console/pull/13270) * [OCPBUGS-24293](https://issues.redhat.com/browse/OCPBUGS-24293): ConsolePlugin metrics must no longer be grouped by the vendor [#13391](https://github.com/openshift/console/pull/13391) * [OCPBUGS-24423](https://issues.redhat.com/browse/OCPBUGS-24423): Searching for items in quick search is confusing [#13412](https://github.com/openshift/console/pull/13412) * [OCPBUGS-22375](https://issues.redhat.com/browse/OCPBUGS-22375): Delete results.tekton.dev annotations before rerun the pipelineRun [#13278](https://github.com/openshift/console/pull/13278) * [OCPBUGS-22478](https://issues.redhat.com/browse/OCPBUGS-22478): Extra space is in the translation text(Chinese) of 'Create rolebinding' and 'replicate rolebinding' [#13290](https://github.com/openshift/console/pull/13290) * [OCPBUGS-24196](https://issues.redhat.com/browse/OCPBUGS-24196): ApiVersion displayed on console is v1alpha1 whereas we support v1beta1 [#13402](https://github.com/openshift/console/pull/13402) * [OCPBUGS-23423](https://issues.redhat.com/browse/OCPBUGS-23423): Cannot Edit Shipwright Build [#13343](https://github.com/openshift/console/pull/13343) * [OCPBUGS-22980](https://issues.redhat.com/browse/OCPBUGS-22980): remove expandable toggle for conditional update risk d… [#13308](https://github.com/openshift/console/pull/13308) * [OCPBUGS-22374](https://issues.redhat.com/browse/OCPBUGS-22374): Telemetry- Current page was sometimes not tracked when reloading the current page [#13277](https://github.com/openshift/console/pull/13277) * [OCPBUGS-22177](https://issues.redhat.com/browse/OCPBUGS-22177): Channel page shows "Required" message for the default name when navigate to create channel page [#13262](https://github.com/openshift/console/pull/13262) * [OCPBUGS-19371](https://issues.redhat.com/browse/OCPBUGS-19371): Upgrade DomainMapping apiVersion to v1beta1 [#13165](https://github.com/openshift/console/pull/13165) * [OCPBUGS-19416](https://issues.redhat.com/browse/OCPBUGS-19416): Correct logout process [#13173](https://github.com/openshift/console/pull/13173) * [OCPBUGS-22285](https://issues.redhat.com/browse/OCPBUGS-22285): updating doc links for 4.14 GA [#13273](https://github.com/openshift/console/pull/13273) * [OCPBUGS-19845](https://issues.redhat.com/browse/OCPBUGS-19845): mock apis for git repo in test serverless function tests [#13199](https://github.com/openshift/console/pull/13199) * [OCPBUGS-22460](https://issues.redhat.com/browse/OCPBUGS-22460): Fix the forms when BC is not installed in the cluster [#13288](https://github.com/openshift/console/pull/13288) * [OCPBUGS-21877](https://issues.redhat.com/browse/OCPBUGS-21877): add support for new features annotations while preserv… [#13258](https://github.com/openshift/console/pull/13258) * [OCPBUGS-22377](https://issues.redhat.com/browse/OCPBUGS-22377): Fixed Edit Application form for Knative Services [#13279](https://github.com/openshift/console/pull/13279) * [Full changelog](https://github.com/openshift/console/compare/c16ab01920d47d71a8853f70181ff5bb6cd1f374...52c0b1598989cea2264a4dda1372a91bcd6647ec) ### [console-operator](https://github.com/openshift/console-operator/tree/a5176b4e8454e5d1d28023d77ddbad880db99168) * [OCPBUGS-23968](https://issues.redhat.com/browse/OCPBUGS-23968): Disable route controller health check for NLB setup [#817](https://github.com/openshift/console-operator/pull/817) * [OCPBUGS-24293](https://issues.redhat.com/browse/OCPBUGS-24293): ConsolePlugin metrics must no longer be grouped by the vendor [#820](https://github.com/openshift/console-operator/pull/820) * [OCPBUGS-22274](https://issues.redhat.com/browse/OCPBUGS-22274): Disable HTTP/2 for webhook [#803](https://github.com/openshift/console-operator/pull/803) * [OCPBUGS-20480](https://issues.redhat.com/browse/OCPBUGS-20480): Reset console operator's conditions [#797](https://github.com/openshift/console-operator/pull/797) * [Full changelog](https://github.com/openshift/console-operator/compare/483bbcfcf019a58afb70ae1b021ba01e074b09e0...a5176b4e8454e5d1d28023d77ddbad880db99168) ### [container-networking-plugins](https://github.com/openshift/containernetworking-plugins/tree/7295a5e0d5b273bd02a9cab8237928bf2957b383) * [OCPBUGS-20374](https://issues.redhat.com/browse/OCPBUGS-20374): build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.14] [#129](https://github.com/openshift/containernetworking-plugins/pull/129) * [Full changelog](https://github.com/openshift/containernetworking-plugins/compare/463386589579bd9e74578b3c0fb278840570cd0f...7295a5e0d5b273bd02a9cab8237928bf2957b383) ### [csi-driver-manila, openstack-cinder-csi-driver, openstack-cloud-controller-manager](https://github.com/openshift/cloud-provider-openstack/tree/a80805c456a51f78dd561801e2721d9f5596eca9) * [OCPBUGS-25804](https://issues.redhat.com/browse/OCPBUGS-25804): Merge https://github.com/kubernetes/cloud-provider-openstack:release-1.27 into release-4.14 [#247](https://github.com/openshift/cloud-provider-openstack/pull/247) * [OCPBUGS-22974](https://issues.redhat.com/browse/OCPBUGS-22974): [release-4.14] manage-security-groups: Only add SGs to LB members (#2455) [#244](https://github.com/openshift/cloud-provider-openstack/pull/244) * [OCPBUGS-21271](https://issues.redhat.com/browse/OCPBUGS-21271): Merge kubernetes/cloud-provider-openstack:release-1.27 into release-4.14 [#237](https://github.com/openshift/cloud-provider-openstack/pull/237) * [Full changelog](https://github.com/openshift/cloud-provider-openstack/compare/6b8f88a9c34a541ffaf4b0abf1d8cd1acb55ff9b...a80805c456a51f78dd561801e2721d9f5596eca9) ### [csi-driver-manila-operator](https://github.com/openshift/csi-driver-manila-operator/tree/da69ca4786ca424228e28f223568c7340b1de99e) * [OCPBUGS-23443](https://issues.redhat.com/browse/OCPBUGS-23443): Fix selector for manila-csi-driver-controller-metrics service [#211](https://github.com/openshift/csi-driver-manila-operator/pull/211) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#209](https://github.com/openshift/csi-driver-manila-operator/pull/209) * [Full changelog](https://github.com/openshift/csi-driver-manila-operator/compare/ea34192d229b15ef335be349005df184b4814be8...da69ca4786ca424228e28f223568c7340b1de99e) ### [csi-driver-shared-resource, csi-driver-shared-resource-webhook](https://github.com/openshift/csi-driver-shared-resource/tree/3ffcdcf8b2519009797f871c9c33beae2d5328ed) * [OCPBUGS-23111](https://issues.redhat.com/browse/OCPBUGS-23111): Should reference configmaps instead of secrets [#152](https://github.com/openshift/csi-driver-shared-resource/pull/152) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource/compare/740b4427f2c3d72f47c0cd7b9af6b9c51c009c31...3ffcdcf8b2519009797f871c9c33beae2d5328ed) ### [csi-driver-shared-resource-operator](https://github.com/openshift/csi-driver-shared-resource-operator/tree/a351354201f3ea7ef0bbf49ad0d57f34a40a8149) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#91](https://github.com/openshift/csi-driver-shared-resource-operator/pull/91) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource-operator/compare/73ddf3e313dbcec4238657af9b4237b405b16c4a...a351354201f3ea7ef0bbf49ad0d57f34a40a8149) ### [docker-builder](https://github.com/openshift/builder/tree/720efaad602436b04becc332342aa8457a8059be) * [OCPBUGS-23006](https://issues.redhat.com/browse/OCPBUGS-23006): Add -p flag to cp command to preserve timestamps [#370](https://github.com/openshift/builder/pull/370) * [Full changelog](https://github.com/openshift/builder/compare/d58710291b41f833400c4fbc30b662072bfd575b...720efaad602436b04becc332342aa8457a8059be) ### [docker-registry](https://github.com/openshift/image-registry/tree/690b5a215111ec83d1368ce14d63152d917e0392) * [OCPBUGS-22826](https://issues.redhat.com/browse/OCPBUGS-22826): Allow ICSP IDMS coexisting [#385](https://github.com/openshift/image-registry/pull/385) * [Full changelog](https://github.com/openshift/image-registry/compare/5e7788a16fbbf051c16f28d590905a8f69cd29ac...690b5a215111ec83d1368ce14d63152d917e0392) ### [etcd](https://github.com/openshift/etcd/tree/ba21c5bca59afce3800577c1cbb073c5556ca990) * [OCPBUGS-22727](https://issues.redhat.com/browse/OCPBUGS-22727): [4.14] Rebase openshift/etcd to 3.5.10 [#226](https://github.com/openshift/etcd/pull/226) * [Full changelog](https://github.com/openshift/etcd/compare/497a17f227c4cacf2fc16626c38f57879ec648be...ba21c5bca59afce3800577c1cbb073c5556ca990) ### [fedora-coreos, machine-os-content, okd-rpms](https://github.com/openshift/okd-machine-os/tree/aa2b15a465b4a36e0b24902d8b373e39a8dda18d) * Bump fedora-coreos to latest stable [#718](https://github.com/openshift/okd-machine-os/pull/718) * Bump machine OS version [#711](https://github.com/openshift/okd-machine-os/pull/711) * Bump fedora-coreos to latest stable [#707](https://github.com/openshift/okd-machine-os/pull/707) * Dockerfile: use previous machine-os-content as a base [#703](https://github.com/openshift/okd-machine-os/pull/703) * Unpin kernel [#699](https://github.com/openshift/okd-machine-os/pull/699) * Bump FCOS version [#695](https://github.com/openshift/okd-machine-os/pull/695) * Fix pinned kernel and CRI-O version [#690](https://github.com/openshift/okd-machine-os/pull/690) * Bump fedora-coreos to latest stable [#689](https://github.com/openshift/okd-machine-os/pull/689) * Bump Fedora CoreOS to latest stable [#686](https://github.com/openshift/okd-machine-os/pull/686) * [Full changelog](https://github.com/openshift/okd-machine-os/compare/1d6ba5a3682ae378f2c6feabc6121c8e12053f41...aa2b15a465b4a36e0b24902d8b373e39a8dda18d) ### [gcp-cloud-controller-manager](https://github.com/openshift/cloud-provider-gcp/tree/09e96a91c4c95e4f8a3d77bae81875c570dd9e3c) * [OCPBUGS-21321](https://issues.redhat.com/browse/OCPBUGS-21321): Bump golang.org/x/net to v0.18.0 [#42](https://github.com/openshift/cloud-provider-gcp/pull/42) * [Full changelog](https://github.com/openshift/cloud-provider-gcp/compare/37deba9d5cc01f1d0cfe741b3996b0474d5ef84e...09e96a91c4c95e4f8a3d77bae81875c570dd9e3c) ### [gcp-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-gcp/tree/d99fb31aa7280f6b5da00880a64b4774600817a2) * [OCPBUGS-17290](https://issues.redhat.com/browse/OCPBUGS-17290), [OCPBUGS-21417](https://issues.redhat.com/browse/OCPBUGS-21417): Bump golang.org/x/net to v0.17.0 [#203](https://github.com/openshift/cluster-api-provider-gcp/pull/203) * [Full changelog](https://github.com/openshift/cluster-api-provider-gcp/compare/38e337585cf606957429f7043db1a57cda34fcec...d99fb31aa7280f6b5da00880a64b4774600817a2) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/b39caeae907ca5c43e331a66b4ebe112d604f174) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#96](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/96) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/92376a4b846366ae3c7a61e5af895e3221d09703...b39caeae907ca5c43e331a66b4ebe112d604f174) ### [hyperkube, pod](https://github.com/openshift/kubernetes/tree/5c56cc35e3edc1f34290e7aaaec57e9c88c91859) * UPSTREAM: 117349: OCPBUGS-19431: Bump lumberjack.v2 v2.0.0 -> v2.2.1 [#1552](https://github.com/openshift/kubernetes/pull/1552) * [OCPBUGS-26006](https://issues.redhat.com/browse/OCPBUGS-26006): Update to Kubernetes 1.27.9 [#1838](https://github.com/openshift/kubernetes/pull/1838) * [OCPBUGS-23566](https://issues.redhat.com/browse/OCPBUGS-23566): followup to #1808 [#1813](https://github.com/openshift/kubernetes/pull/1813) * [OCPBUGS-23566](https://issues.redhat.com/browse/OCPBUGS-23566): Update to kubernetes 1.27.8 [#1808](https://github.com/openshift/kubernetes/pull/1808) * [OCPBUGS-23286](https://issues.redhat.com/browse/OCPBUGS-23286): UPSTREAM: 121881: Use golang library instead of mklink [#1801](https://github.com/openshift/kubernetes/pull/1801) * [OCPBUGS-22861](https://issues.redhat.com/browse/OCPBUGS-22861): UPSTREAM: <carry>: support for both icsp and idms objects [#1780](https://github.com/openshift/kubernetes/pull/1780) * [Full changelog](https://github.com/openshift/kubernetes/compare/f67aeb31c9b95fd8998de8b895ac91bfdf733b2e...5c56cc35e3edc1f34290e7aaaec57e9c88c91859) ### [hypershift](https://github.com/openshift/hypershift/tree/e2071ef95a7904b3a748cba28ddfd3583eb358c8) * [OCPBUGS-23936](https://issues.redhat.com/browse/OCPBUGS-23936): Use correct kubeconfig in CCM and remove CCMs access t… [#3232](https://github.com/openshift/hypershift/pull/3232) * [OCPBUGS-12720](https://issues.redhat.com/browse/OCPBUGS-12720): Updating hypershift images to be consistent with ART [#2467](https://github.com/openshift/hypershift/pull/2467) * [OCPBUGS-24627](https://issues.redhat.com/browse/OCPBUGS-24627): unset ServiceAccount on ignition-server-proxy [#3295](https://github.com/openshift/hypershift/pull/3295) * [Release 4.14] OCPBUGS-24556: Fix a bug on deletion of a hostedcluster [#3290](https://github.com/openshift/hypershift/pull/3290) * [OCPBUGS-24269](https://issues.redhat.com/browse/OCPBUGS-24269): add CLI oauthclient [#3272](https://github.com/openshift/hypershift/pull/3272) * [OCPBUGS-23569](https://issues.redhat.com/browse/OCPBUGS-23569): Added IPFamilyPolicy to services exposed at the HCP in DualStack mode [#3224](https://github.com/openshift/hypershift/pull/3224) * [HOSTEDCP-1318](https://issues.redhat.com/browse/HOSTEDCP-1318): external OIDC enablement [#3261](https://github.com/openshift/hypershift/pull/3261) * [OCPBUGS-23747](https://issues.redhat.com/browse/OCPBUGS-23747): Added brackets to IPv6 KAS address on kubeconfig [#3228](https://github.com/openshift/hypershift/pull/3228) * [OCPBUGS-24063](https://issues.redhat.com/browse/OCPBUGS-24063): fix(cpo): Set restart annotation on network-node-identity [#3248](https://github.com/openshift/hypershift/pull/3248) * release-4.14, HOSTEDCP-1315: Improve NodePool CPU arch & platform check [#3236](https://github.com/openshift/hypershift/pull/3236) * [OCPBUGS-22676](https://issues.redhat.com/browse/OCPBUGS-22676): Make the OLMCatalogPlacement field immutable [#3143](https://github.com/openshift/hypershift/pull/3143) * [OCPBUGS-23558](https://issues.redhat.com/browse/OCPBUGS-23558): Let router use svc ips 4.14 [#3221](https://github.com/openshift/hypershift/pull/3221) * [OCPBUGS-19678](https://issues.redhat.com/browse/OCPBUGS-19678): Remove cluster name validation from HCC [#3040](https://github.com/openshift/hypershift/pull/3040) * "[release-4.14] CNV-35326: unsupported escape hatch mechanism custom HS/KV vms" [#3202](https://github.com/openshift/hypershift/pull/3202) * [OCPBUGS-23027](https://issues.redhat.com/browse/OCPBUGS-23027): Configure HSTS for kube-apiserver [#3169](https://github.com/openshift/hypershift/pull/3169) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3085](https://github.com/openshift/hypershift/pull/3085) * [OCPBUGS-23142](https://issues.redhat.com/browse/OCPBUGS-23142): adding permission to CNO RBAC Calico path for network-node-identity deploy [#3182](https://github.com/openshift/hypershift/pull/3182) * [OCPBUGS-22295](https://issues.redhat.com/browse/OCPBUGS-22295): Added brackets to the kubeconfig server address when IPv6 [#3117](https://github.com/openshift/hypershift/pull/3117) * [OCPBUGS-22690](https://issues.redhat.com/browse/OCPBUGS-22690): Use the same etcd snapshot for all replicas during etcd restore [#3146](https://github.com/openshift/hypershift/pull/3146) * [OCPBUGS-22959](https://issues.redhat.com/browse/OCPBUGS-22959): Update regex validation for nodepool.spec.taints.value [#3165](https://github.com/openshift/hypershift/pull/3165) * [HOSTEDCP-1280](https://issues.redhat.com/browse/HOSTEDCP-1280): Adjustment cluster-cidr,service-cidr to support dualstack [#3162](https://github.com/openshift/hypershift/pull/3162) * [OCPBUGS-22898](https://issues.redhat.com/browse/OCPBUGS-22898): Stop exposing kas on 6443 private route service load balancer [#3159](https://github.com/openshift/hypershift/pull/3159) * [OCPBUGS-22898](https://issues.redhat.com/browse/OCPBUGS-22898): Stop defaulting aws private haproxy external port to 6443 [#3160](https://github.com/openshift/hypershift/pull/3160) * [OCPBUGS-19897](https://issues.redhat.com/browse/OCPBUGS-19897): Add konnectivity-proxy container to CNO [#3058](https://github.com/openshift/hypershift/pull/3058) * [OCPBUGS-22379](https://issues.redhat.com/browse/OCPBUGS-22379): Cluster-policy-controller: add missing RBAC for privileged namespaces PSA syncer controller [#3131](https://github.com/openshift/hypershift/pull/3131) * [Full changelog](https://github.com/openshift/hypershift/compare/34d364cd66a3a85d8fad01d5f6dad5c15de43436...e2071ef95a7904b3a748cba28ddfd3583eb358c8) ### [ibm-cloud-controller-manager](https://github.com/openshift/cloud-provider-ibm/tree/d2c38ce33a2bc38e1d30313ca61954d09400b466) * [OCPBUGS-21149](https://issues.redhat.com/browse/OCPBUGS-21149): Bump golang.org/x/net to v0.18.0 [#55](https://github.com/openshift/cloud-provider-ibm/pull/55) * [Full changelog](https://github.com/openshift/cloud-provider-ibm/compare/ea5a37bbb6bf9e340ccd85ce730c6a8545eae4cd...d2c38ce33a2bc38e1d30313ca61954d09400b466) ### [ibm-vpc-block-csi-driver-operator](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/tree/504fbad135ee976d8b5baa846e9da46607262b46) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#91](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/91) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/compare/faf68eda7983c9e4c6cab158b067fe73ea594173...504fbad135ee976d8b5baa846e9da46607262b46) ### [ibmcloud-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-ibmcloud/tree/c62bc9d9dc7d5b9918694d67e1a521cc1d36b55f) * [OCPBUGS-21436](https://issues.redhat.com/browse/OCPBUGS-21436): Bump golang.org/x/net to v0.18.0 [#63](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/63) * [Full changelog](https://github.com/openshift/cluster-api-provider-ibmcloud/compare/a7e5c6a5b96a3851d1807d4c3f80113a47a4e54d...c62bc9d9dc7d5b9918694d67e1a521cc1d36b55f) ### [insights-operator](https://github.com/openshift/insights-operator/tree/b90c2d6fa313e5240c3d307af6eb93c66a2d477e) * [OCPBUGS-23962](https://issues.redhat.com/browse/OCPBUGS-23962): adds helm information gather (#868) (#877) [#868](https://github.com/openshift/insights-operator/pull/868) * [OCPBUGS-23445](https://issues.redhat.com/browse/OCPBUGS-23445): DVO gatherer - add retry logic (#861) (#870) [#861](https://github.com/openshift/insights-operator/pull/861) * [OCPBUGS-22958](https://issues.redhat.com/browse/OCPBUGS-22958): adds cluster storageclasses gather (#858) (#865) [#858](https://github.com/openshift/insights-operator/pull/858) * [OCPBUGS-21859](https://issues.redhat.com/browse/OCPBUGS-21859): remove username & password config options (#843) [#843](https://github.com/openshift/insights-operator/pull/843) * [Full changelog](https://github.com/openshift/insights-operator/compare/e967e1db834b065ac8ec4449acf15afed750b6cf...b90c2d6fa313e5240c3d307af6eb93c66a2d477e) ### [ironic](https://github.com/openshift/ironic-image/tree/bd013d93f9e968f7893665644415c4e67b7a2a1a) * [OCPBUGS-19884](https://issues.redhat.com/browse/OCPBUGS-19884): update Ironic to include secure boot fixes [#445](https://github.com/openshift/ironic-image/pull/445) * [OCPBUGS-23903](https://issues.redhat.com/browse/OCPBUGS-23903): Ironic side of external_http_url (METAL-163) is not wired in correctly [#429](https://github.com/openshift/ironic-image/pull/429) * [OCPBUGS-23505](https://issues.redhat.com/browse/OCPBUGS-23505): Uplift eventlet version [#426](https://github.com/openshift/ironic-image/pull/426) * [OCPBUGS-23354](https://issues.redhat.com/browse/OCPBUGS-23354): Upgrade markupsafe and werkzeug dependencies [#421](https://github.com/openshift/ironic-image/pull/421) * [OCPBUGS-14926](https://issues.redhat.com/browse/OCPBUGS-14926): Handle Eject DVD 4.14 [#415](https://github.com/openshift/ironic-image/pull/415) * [OCPBUGS-22253](https://issues.redhat.com/browse/OCPBUGS-22253): Use bash process substitution instead of pipe [#411](https://github.com/openshift/ironic-image/pull/411) * [Full changelog](https://github.com/openshift/ironic-image/compare/5c6d6ee69ac7c37989ab891332ed2612217e753d...bd013d93f9e968f7893665644415c4e67b7a2a1a) ### [ironic-agent](https://github.com/openshift/ironic-agent-image/tree/66340dfefda40211a0bd33b1f42a625f666cf1bf) * [OCPBUGS-25685](https://issues.redhat.com/browse/OCPBUGS-25685): Relax packages requirements [#103](https://github.com/openshift/ironic-agent-image/pull/103) * [OCPBUGS-23751](https://issues.redhat.com/browse/OCPBUGS-23751): Update packages with latest fixes [#96](https://github.com/openshift/ironic-agent-image/pull/96) * [Full changelog](https://github.com/openshift/ironic-agent-image/compare/ed6e12a62fc40fc450ad394034769cc734acb5e5...66340dfefda40211a0bd33b1f42a625f666cf1bf) ### [k8s-prometheus-adapter](https://github.com/openshift/k8s-prometheus-adapter/tree/801a912b3a60d7e840fb1ff38b5ca992f47327fd) * [OCPBUGS-21473](https://issues.redhat.com/browse/OCPBUGS-21473): Add a toggle to disable HTTP/2 on the server to mitigate CVE-2023-44487 [#89](https://github.com/openshift/k8s-prometheus-adapter/pull/89) * [Full changelog](https://github.com/openshift/k8s-prometheus-adapter/compare/428bb46ca455d22477df7fb62e7a63d2a48fcfbc...801a912b3a60d7e840fb1ff38b5ca992f47327fd) ### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/1a9befcb519d0b6c6a0907d514493f1d88aacf45) * [OCPBUGS-20790](https://issues.redhat.com/browse/OCPBUGS-20790): update x/net to v0.17.0 [#587](https://github.com/openshift/sdn/pull/587) * [Full changelog](https://github.com/openshift/sdn/compare/128c28c6f6d1078627c452afc867b492894e0ac4...1a9befcb519d0b6c6a0907d514493f1d88aacf45) ### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/2a4b57d1cc6ab5095d61feab9d144c652baab5b8) * [OCPBUGS-24047](https://issues.redhat.com/browse/OCPBUGS-24047): Update reference URL [#1186](https://github.com/openshift/machine-api-operator/pull/1186) * [OCPBUGS-24047](https://issues.redhat.com/browse/OCPBUGS-24047): Use docs URL instead of KCS article [#1180](https://github.com/openshift/machine-api-operator/pull/1180) * [OCPBUGS-17297](https://issues.redhat.com/browse/OCPBUGS-17297): [release-4.14] Update x/net to fix CVE [#1173](https://github.com/openshift/machine-api-operator/pull/1173) * [Full changelog](https://github.com/openshift/machine-api-operator/compare/525f8e5b89947b38ce07a6a6a3d194bf780d5075...2a4b57d1cc6ab5095d61feab9d144c652baab5b8) ### [machine-config-operator](https://github.com/openshift/machine-config-operator/tree/7649b9274cde2fb50a61a579e3891c8ead2d79c5) * [OCPBUGS-24596](https://issues.redhat.com/browse/OCPBUGS-24596): [release-4.14] execute cert related processes to ensure proper rotation [#4063](https://github.com/openshift/machine-config-operator/pull/4063) * [OCPBUGS-24397](https://issues.redhat.com/browse/OCPBUGS-24397): gcp-routes: don't exit on crictl failures [#4056](https://github.com/openshift/machine-config-operator/pull/4056) * [OCPBUGS-20554](https://issues.redhat.com/browse/OCPBUGS-20554): Ensure gcp-routes hack for internalLB hairpin traffic works for SGW [#3973](https://github.com/openshift/machine-config-operator/pull/3973) * [OCPBUGS-23474](https://issues.redhat.com/browse/OCPBUGS-23474): Use shorter IP label for keepalived VIP [#4041](https://github.com/openshift/machine-config-operator/pull/4041) * [OCPBUGS-23208](https://issues.redhat.com/browse/OCPBUGS-23208): workaround nmstate bug by configuring ipv{4,6} addresses [#4031](https://github.com/openshift/machine-config-operator/pull/4031) * [OCPBUGS-22275](https://issues.redhat.com/browse/OCPBUGS-22275): support icsp and idms objects [#3995](https://github.com/openshift/machine-config-operator/pull/3995) * [OCPBUGS-22391](https://issues.redhat.com/browse/OCPBUGS-22391): Require a hostname override for AWS [#4001](https://github.com/openshift/machine-config-operator/pull/4001) * [OCPBUGS-20418](https://issues.redhat.com/browse/OCPBUGS-20418): Introduce kubelet-dependencies.target and firstboot-osupdate.target [#3967](https://github.com/openshift/machine-config-operator/pull/3967) * [OCPBUGS-20051](https://issues.redhat.com/browse/OCPBUGS-20051): Support to append the duplicate kernel arguments to the rendered MC [#3957](https://github.com/openshift/machine-config-operator/pull/3957) * [OCPBUGS-21065](https://issues.redhat.com/browse/OCPBUGS-21065): Update library-go and k8s dependencies to latest version [#3994](https://github.com/openshift/machine-config-operator/pull/3994) * [Full changelog](https://github.com/openshift/machine-config-operator/compare/5ac7b4ae0bca76358e4d40f546306775a8e0ea2c...7649b9274cde2fb50a61a579e3891c8ead2d79c5) ### [monitoring-plugin](https://github.com/openshift/monitoring-plugin/tree/a0a1b5a635edc33eba73ada9a9a74a9bdc79711b) * [OCPBUGS-24664](https://issues.redhat.com/browse/OCPBUGS-24664): disable query link for non metric-based alerts [#82](https://github.com/openshift/monitoring-plugin/pull/82) * [Full changelog](https://github.com/openshift/monitoring-plugin/compare/87571978825e63392a56f6920e068af3a71cda6e...a0a1b5a635edc33eba73ada9a9a74a9bdc79711b) ### [multus-admission-controller](https://github.com/openshift/multus-admission-controller/tree/5e74b0fa273076f4a73db00dd0081032f0325405) * [OCPBUGS-21372](https://issues.redhat.com/browse/OCPBUGS-21372): Update go.mod for CVE-2023-39325 [Release-4.14] [#71](https://github.com/openshift/multus-admission-controller/pull/71) * [Full changelog](https://github.com/openshift/multus-admission-controller/compare/1a9985bd714c8a8be934082945ec76f083feeba4...5e74b0fa273076f4a73db00dd0081032f0325405) ### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/cd6eae10a368d23b94530cdc2a2c2f2356d8cc02) * Update vendor package (#40) [#40](https://github.com/openshift/multus-networkpolicy/pull/40) * [OCPBUGS-21454](https://issues.redhat.com/browse/OCPBUGS-21454): Update go.mod for CVE-2023-39325 (#33) [#33](https://github.com/openshift/multus-networkpolicy/pull/33) * [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/0d76ba791dc3432c51c9a9fa6b95e41034af7988...cd6eae10a368d23b94530cdc2a2c2f2356d8cc02) ### [multus-whereabouts-ipam-cni](https://github.com/openshift/whereabouts-cni/tree/2e723a7a0dbb0bc1d3b18d219d8ff7f366110f91) * [OCPBUGS-21518](https://issues.redhat.com/browse/OCPBUGS-21518): update golang.org/x/net to v0.17.0 [#207](https://github.com/openshift/whereabouts-cni/pull/207) * [Full changelog](https://github.com/openshift/whereabouts-cni/compare/7e454367b5994241feb5dc713065508c5534f8f3...2e723a7a0dbb0bc1d3b18d219d8ff7f366110f91) ### [network-metrics-daemon](https://github.com/openshift/network-metrics-daemon/tree/69d0021a4b60db315f47d83bde1c455362a03808) * Added METRIC_TEST_IMAGE var (#88) [#88](https://github.com/openshift/network-metrics-daemon/pull/88) * Update the k8s dependencies to 1.27.7 (#82) [#82](https://github.com/openshift/network-metrics-daemon/pull/82) * [Full changelog](https://github.com/openshift/network-metrics-daemon/compare/5fd1f2dd60022b33fcd989ba80b8a23d19b890b0...69d0021a4b60db315f47d83bde1c455362a03808) ### [oauth-proxy](https://github.com/openshift/oauth-proxy/tree/a4a2f270a57af830508e8cef52d4c8d4f4dfba76) * [OCPBUGS-20980](https://issues.redhat.com/browse/OCPBUGS-20980): go.mod: bump golang.org/x/net to v0.17.0 [#267](https://github.com/openshift/oauth-proxy/pull/267) * [Full changelog](https://github.com/openshift/oauth-proxy/compare/55e0cd172625b3419c698014fa233e54021af9a3...a4a2f270a57af830508e8cef52d4c8d4f4dfba76) ### [oc-mirror](https://github.com/openshift/oc-mirror/tree/058c3324517b7a043a823e203bf6b282de5e3b8f) * [OCPBUGS-23327](https://issues.redhat.com/browse/OCPBUGS-23327): Fix MirrorToDisk of oci catalogs in hidden folders (#766) [#766](https://github.com/openshift/oc-mirror/pull/766) * skipping prune failure if manifest not found (#735) [#735](https://github.com/openshift/oc-mirror/pull/735) * [OCPBUGS-21472](https://issues.redhat.com/browse/OCPBUGS-21472): fix: CVE-2023-39325 (#711) [#711](https://github.com/openshift/oc-mirror/pull/711) * [Full changelog](https://github.com/openshift/oc-mirror/compare/68cf97ec715ad2d78fb2bac411a118709c191719...058c3324517b7a043a823e203bf6b282de5e3b8f) ### [olm-operator-controller](https://github.com/openshift/operator-framework-operator-controller/tree/d714b463a400b2138af5d589a45bddca2404c298) * [OCPBUGS-22616](https://issues.redhat.com/browse/OCPBUGS-22616): [release-4.14] Bump go.opentelemetry.io dependencies [#58](https://github.com/openshift/operator-framework-operator-controller/pull/58) * [Full changelog](https://github.com/openshift/operator-framework-operator-controller/compare/17343293267cad10f074fbe155c7fa31ed6b9336...d714b463a400b2138af5d589a45bddca2404c298) ### [olm-rukpak](https://github.com/openshift/operator-framework-rukpak/tree/9308d8bb9d14b098829f5bda3e0fd69ea17a30e1) * [OCPBUGS-23358](https://issues.redhat.com/browse/OCPBUGS-23358): [release-4.14] Address http2 vulnerability [#53](https://github.com/openshift/operator-framework-rukpak/pull/53) * [Full changelog](https://github.com/openshift/operator-framework-rukpak/compare/daa50736076ed6c207c57ef29d94cde6c7cdbdbd...9308d8bb9d14b098829f5bda3e0fd69ea17a30e1) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/a9364565cd3471a9b718a3274b35970269d20e09) * : OCPBUGS-21464: Enable HTTP/2 CVE mitigation [#397](https://github.com/openshift/openshift-apiserver/pull/397) * [OCPBUGS-20150](https://issues.redhat.com/browse/OCPBUGS-20150): pkg/image: avoid unnecessary service lookups when registry is removed [#393](https://github.com/openshift/openshift-apiserver/pull/393) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/064c2d0ef0ecaeda2bcc4387eaaa7258cee5adcf...a9364565cd3471a9b718a3274b35970269d20e09) ### [openstack-cinder-csi-driver-operator](https://github.com/openshift/openstack-cinder-csi-driver-operator/tree/d5770c29b0dad798ab77f3a76f78a78dbc721934) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#142](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/142) * [Full changelog](https://github.com/openshift/openstack-cinder-csi-driver-operator/compare/dcf0e7d57cce1ff6264c3575f73396f73ace6719...d5770c29b0dad798ab77f3a76f78a78dbc721934) ### [openstack-machine-api-provider](https://github.com/openshift/machine-api-provider-openstack/tree/898587671ad3ed5c1844f549175411736ebcabc1) * [OCPBUGS-23202](https://issues.redhat.com/browse/OCPBUGS-23202): Don't build InstanceSpec during delete operations [#95](https://github.com/openshift/machine-api-provider-openstack/pull/95) * [Full changelog](https://github.com/openshift/machine-api-provider-openstack/compare/47ad2845b2477e1bce01eca4ffc016c2a2af9bf8...898587671ad3ed5c1844f549175411736ebcabc1) ### [operator-lifecycle-manager, operator-registry](https://github.com/openshift/operator-framework-olm/tree/f5327f08e8f332f036c4f46bc87e1195088717d6) * [OCPBUGS-22538](https://issues.redhat.com/browse/OCPBUGS-22538): bump otelhttp to 44.0 for api [#647](https://github.com/openshift/operator-framework-olm/pull/647) * [OCPBUGS-22538](https://issues.redhat.com/browse/OCPBUGS-22538): otelhttp bump [release-4.14] [#632](https://github.com/openshift/operator-framework-olm/pull/632) * [OCPBUGS-20829](https://issues.redhat.com/browse/OCPBUGS-20829): [releaser-4.14] Fix apiserver vulnerability [#608](https://github.com/openshift/operator-framework-olm/pull/608) * [OCPBUGS-23212](https://issues.redhat.com/browse/OCPBUGS-23212): Do not derive installplan.spec.clusterServiceNames from bundle IDs [#607](https://github.com/openshift/operator-framework-olm/pull/607) * [OCPBUGS-18904](https://issues.redhat.com/browse/OCPBUGS-18904): [release-4.14] Improve Leader Election Hand Off [#605](https://github.com/openshift/operator-framework-olm/pull/605) * [OCPBUGS-23508](https://issues.redhat.com/browse/OCPBUGS-23508): [release-4.14] Use generated namespaces in e2e tests [#614](https://github.com/openshift/operator-framework-olm/pull/614) * [OCPBUGS-20400](https://issues.redhat.com/browse/OCPBUGS-20400): Add OLMConfig API to control package server sync interval [release-4.14] [#582](https://github.com/openshift/operator-framework-olm/pull/582) * [OCPBUGS-19789](https://issues.redhat.com/browse/OCPBUGS-19789): Backport OCPBUGS-14698: Rename ClusterRoles created by OperatorGroups [release-4.14] [#566](https://github.com/openshift/operator-framework-olm/pull/566) * [Full changelog](https://github.com/openshift/operator-framework-olm/compare/f515d1ce7c78cb9838bc065e66a229e0b4879d4b...f5327f08e8f332f036c4f46bc87e1195088717d6) ### [ovn-kubernetes, ovn-kubernetes-microshift](https://github.com/openshift/ovn-kubernetes/tree/f27cd40338356e2e979e82b0151d0ed3246d36da) * [OCPBUGS-25903](https://issues.redhat.com/browse/OCPBUGS-25903): Fix Egress IP Deletion Handler to Prevent OVN Policy Leaks [#2003](https://github.com/openshift/ovn-kubernetes/pull/2003) * [OCPBUGS-25746](https://issues.redhat.com/browse/OCPBUGS-25746), [OCPBUGS-25747](https://issues.redhat.com/browse/OCPBUGS-25747): Dockerfile: Bump OVN to ovn-23.09.0-91.el9fdp [#1996](https://github.com/openshift/ovn-kubernetes/pull/1996) * [OCPBUGS-24320](https://issues.redhat.com/browse/OCPBUGS-24320): APB status not updated when fails to process during the first reconciliations [#1968](https://github.com/openshift/ovn-kubernetes/pull/1968) * [OCPBUGS-23257](https://issues.redhat.com/browse/OCPBUGS-23257): Update leaderelection config to allow retries [#1955](https://github.com/openshift/ovn-kubernetes/pull/1955) * [OCPBUGS-23387](https://issues.redhat.com/browse/OCPBUGS-23387): Ignore completed virt-launcher pods [#1954](https://github.com/openshift/ovn-kubernetes/pull/1954) * [OCPBUGS-25087](https://issues.redhat.com/browse/OCPBUGS-25087): Fragment oversized reply packets in LGW mode [#1982](https://github.com/openshift/ovn-kubernetes/pull/1982) * [OCPBUGS-22735](https://issues.redhat.com/browse/OCPBUGS-22735): OVNK/GW: Ignore headless services in syncServices [#1970](https://github.com/openshift/ovn-kubernetes/pull/1970) * [OCPBUGS-24350](https://issues.redhat.com/browse/OCPBUGS-24350): [release-4.14] fixes MTU configuration on gateway router [#1969](https://github.com/openshift/ovn-kubernetes/pull/1969) * [OCPBUGS-24209](https://issues.redhat.com/browse/OCPBUGS-24209): Significantly reduce shared informer memory usage [#1964](https://github.com/openshift/ovn-kubernetes/pull/1964) * [Full changelog](https://github.com/openshift/ovn-kubernetes/compare/7a232386623498f099ccdedfc58bc1c134c61ddd...f27cd40338356e2e979e82b0151d0ed3246d36da) ### [powervs-block-csi-driver](https://github.com/openshift/ibm-powervs-block-csi-driver/tree/8ecfd7fd6a201844bb9a926146db70468345852b) * [OCPBUGS-25980](https://issues.redhat.com/browse/OCPBUGS-25980): Rebase with upstream: Fix snyk code issue: Path Traversal [#72](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/72) * [OCPBUGS-24713](https://issues.redhat.com/browse/OCPBUGS-24713): synk: ignore vendor dir [#60](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/60) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver/compare/e9694cefd775cd6313acdd8d6382fe60cec8559c...8ecfd7fd6a201844bb9a926146db70468345852b) ### [powervs-block-csi-driver-operator](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/tree/5d2d9d65c6763829c92856cc9a0ed2ebecfc2c55) * [OCPBUGS-25715](https://issues.redhat.com/browse/OCPBUGS-25715): snyk: ignore vendor dir [#60](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/60) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#48](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/48) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/compare/48b56bbfa3557eb528b20d7d34a99bbd0d542355...5d2d9d65c6763829c92856cc9a0ed2ebecfc2c55) ### [powervs-cloud-controller-manager](https://github.com/openshift/cloud-provider-powervs/tree/32c1028ecf58851eb1270f47351a4423ba081c3b) * [OCPBUGS-24727](https://issues.redhat.com/browse/OCPBUGS-24727): UPSTREAM: <carry>: snyk code scan exclude vendor directory [#54](https://github.com/openshift/cloud-provider-powervs/pull/54) * [Full changelog](https://github.com/openshift/cloud-provider-powervs/compare/0a89a6ef29a15f2fa51a0735c200e54f5af122c6...32c1028ecf58851eb1270f47351a4423ba081c3b) ### [powervs-machine-controllers](https://github.com/openshift/machine-api-provider-powervs/tree/1a957dae3a7c9c36752b4869854a90e6b88eaf7e) * [OCPBUGS-24730](https://issues.redhat.com/browse/OCPBUGS-24730): snyk code scan exclude vendor directory [#65](https://github.com/openshift/machine-api-provider-powervs/pull/65) * [Full changelog](https://github.com/openshift/machine-api-provider-powervs/compare/02379e59576940766549f8d5c0ccec245a2682e3...1a957dae3a7c9c36752b4869854a90e6b88eaf7e) ### [prometheus](https://github.com/openshift/prometheus/tree/b7c61bcba6ff69bbb91d1a4b86ba7191653776cd) * [OCPBUGS-22531](https://issues.redhat.com/browse/OCPBUGS-22531): bump otel dependencies [#183](https://github.com/openshift/prometheus/pull/183) * [Full changelog](https://github.com/openshift/prometheus/compare/bcb475d970214c3f48308426014b1ffb05758e34...b7c61bcba6ff69bbb91d1a4b86ba7191653776cd) ### [prometheus-config-reloader, prometheus-operator, prometheus-operator-admission-webhook](https://github.com/openshift/prometheus-operator/tree/73729eda632c401837124ffe7a2bf903e7421076) * [OCPBUGS-20881](https://issues.redhat.com/browse/OCPBUGS-20881): fix: disable HTTP2 connections by default [#253](https://github.com/openshift/prometheus-operator/pull/253) * [Full changelog](https://github.com/openshift/prometheus-operator/compare/3de5e6d28b10142179eda77d218fb5c3e9f04667...73729eda632c401837124ffe7a2bf903e7421076) ### [service-ca-operator](https://github.com/openshift/service-ca-operator/tree/3c3f82f7112ee4b5656e5c554f9887acdf881175) * [OCPBUGS-21066](https://issues.redhat.com/browse/OCPBUGS-21066): go.mod: bump golang.org/x/net to v0.17.0 [#224](https://github.com/openshift/service-ca-operator/pull/224) * [Full changelog](https://github.com/openshift/service-ca-operator/compare/030a429b314d772b7cc7a1dd9af2073988a5b0a5...3c3f82f7112ee4b5656e5c554f9887acdf881175) ### [telemeter](https://github.com/openshift/telemeter/tree/c683f6571479cdb0e7577a22e9cf0f64d9ed77f9) * [OCPBUGS-22647](https://issues.redhat.com/browse/OCPBUGS-22647): go.mod: bump go.opentelemetry.io/contrib/instrumentation/net/http/ote… [#494](https://github.com/openshift/telemeter/pull/494) * [Full changelog](https://github.com/openshift/telemeter/compare/c8b876a2ba2965c90a57ca543d4f55d7bf9a8702...c683f6571479cdb0e7577a22e9cf0f64d9ed77f9) ### [tests](https://github.com/openshift/origin/tree/c35d76db9ee8a2f5b67f12fc708989b66015eab8) * [OCPBUGS-26044](https://issues.redhat.com/browse/OCPBUGS-26044): Adding test case for when exceed openshift.io/image-tags will ban to … [#28493](https://github.com/openshift/origin/pull/28493) * [OCPBUGS-21774](https://issues.redhat.com/browse/OCPBUGS-21774): backport #28316 to 4.14 release [#28335](https://github.com/openshift/origin/pull/28335) * Revert "[release-4.14] OCPBUGS-22720: Use Centos 8 Stream mysql image in tests" [#28368](https://github.com/openshift/origin/pull/28368) * [OCPBUGS-23042](https://issues.redhat.com/browse/OCPBUGS-23042): tolerate AWS edge nodes on monitor tests [#28387](https://github.com/openshift/origin/pull/28387) * [OCPBUGS-23145](https://issues.redhat.com/browse/OCPBUGS-23145): Bump watch requests for cluster-baremetal-operator [#28385](https://github.com/openshift/origin/pull/28385) * trt-1340: backport exact and disable monitor tests options to 4.14 [#28391](https://github.com/openshift/origin/pull/28391) * [OCPBUGS-19923](https://issues.redhat.com/browse/OCPBUGS-19923): Updating parameters for build timing PushImage test [#28291](https://github.com/openshift/origin/pull/28291) * [OCPBUGS-22411](https://issues.redhat.com/browse/OCPBUGS-22411): fix: increase upper bounds for samples operator [#28356](https://github.com/openshift/origin/pull/28356) * [OCPBUGS-22720](https://issues.redhat.com/browse/OCPBUGS-22720): Use Centos 8 Stream mysql image in tests [#28365](https://github.com/openshift/origin/pull/28365) * [Full changelog](https://github.com/openshift/origin/compare/ae357035e709be61c051b7b45e5a005e6599d66f...c35d76db9ee8a2f5b67f12fc708989b66015eab8) ### [thanos](https://github.com/openshift/thanos/tree/a26712509e3f9c511926ca9d8bba3e3ea8e95ada) * [OCPBUGS-22636](https://issues.redhat.com/browse/OCPBUGS-22636): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.42.0 to 0.44.0 [#130](https://github.com/openshift/thanos/pull/130) * [Full changelog](https://github.com/openshift/thanos/compare/175a63002855e7a3f4f5cd49c90680c41be181d8...a26712509e3f9c511926ca9d8bba3e3ea8e95ada) ### [vsphere-cloud-controller-manager](https://github.com/openshift/cloud-provider-vsphere/tree/b04567f77273f6c338ece9fda29c0a65297130d5) * [OCPBUGS-21520](https://issues.redhat.com/browse/OCPBUGS-21520): Bump golang.org/x/net to v0.18.0 [#54](https://github.com/openshift/cloud-provider-vsphere/pull/54) * [Full changelog](https://github.com/openshift/cloud-provider-vsphere/compare/a24e1713cb61b7a56482fb0a23eb94b642fbeb78...b04567f77273f6c338ece9fda29c0a65297130d5) ### [vsphere-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-vsphere/tree/72e998c300e17a7ba81d4a5a7624d69b0a104603) * [OCPBUGS-17312](https://issues.redhat.com/browse/OCPBUGS-17312), [OCPBUGS-21558](https://issues.redhat.com/browse/OCPBUGS-21558): [release-4.14] bump golang.org/x/net to v0.17.0 [#20](https://github.com/openshift/cluster-api-provider-vsphere/pull/20) * [Full changelog](https://github.com/openshift/cluster-api-provider-vsphere/compare/9f1d564131eae50d9d490a4518a699b8786ad346...72e998c300e17a7ba81d4a5a7624d69b0a104603) ### [vsphere-csi-driver-operator](https://github.com/openshift/vmware-vsphere-csi-driver-operator/tree/cbfec1135914340ef16c7dd109ac9271a2e5d2ee) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#186](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/186) * [OCPBUGS-23169](https://issues.redhat.com/browse/OCPBUGS-23169): Fix vsphere csi controller pods from getting constantly restarted [#193](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/193) * [OCPBUGS-22430](https://issues.redhat.com/browse/OCPBUGS-22430): disable http/2 server support in webhook [#182](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/182) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver-operator/compare/f7afb6462c79317cc53c621084640860a4351788...cbfec1135914340ef16c7dd109ac9271a2e5d2ee) ### [vsphere-problem-detector](https://github.com/openshift/vsphere-problem-detector/tree/db5e66c6ff913207b2286db21c3da9d440fb0be9) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#138](https://github.com/openshift/vsphere-problem-detector/pull/138) * [Full changelog](https://github.com/openshift/vsphere-problem-detector/compare/6b359ea5b69636a00cfd5c4f81f0279cfd41401a...db5e66c6ff913207b2286db21c3da9d440fb0be9)