Back to index
4.13.0-0.okd-scos-2023-03-29-124824
Download installer and client with:
oc adm release extract --tools quay.io/okd/scos-release:4.13.0-0.okd-scos-2023-03-29-124824
Team Approvals:
No tests for this release
Upgrades from:
Loading changelog, this may take a while ...
Created: 2023-03-29 19:19:49 +0000 UTC
Image Digest: sha256:9e31ffa320e60a68a3456b23d0be97de4a667d0d2b74e9ce6db132a7da0d2790
Release 4.13.0-0.okd-scos-2023-03-29-124824 was created from registry.ci.openshift.org/origin/release-scos:4.13.0-0.okd-scos-2023-03-29-124824
Components
New images
Removed images
- ovn-kubernetes
- ovn-kubernetes-microshift
Rebuilt images without code change
- manifests: Add a shebang to NM dispatcher script (#5085) #5085
- bminventory: throw Bad Request error on arm64 Nutanix clusters (#4906) #4906
- Revert “MGMT-13471: SNO installation with OCP 4.13 lacks proper dnsmasq configuration (#4939)” (#5012) #4939
- NO-ISSUE: customize the image path for disk creation (#5010) #5010
- MGMT-13445: Update Assisted Installer with the new LVMS requirements (#4986) #4986
- MGMT-12956: Add feature IDs for ppc64le and s390x (#5008) #5008
- add 4.13 multi ec.3 dev preview images (#5005) #5005
- NO-ISSUE: Bump gorm.io/gorm from 1.23.8 to 1.24.5 (#5006) #5006
- MGMT-13580: GC orphan hosts (#4997) #4997
- Make get_image_without_tag work when registry has a port (#5007) #5007
- MGMT-13374: support Nutanix in kube-api (#4996) #4996
- Updating ose-agent-installer-api-server images to be consistent with ART (#4752) #4752
- Revert “Increase timeout waiting for image-service (#4871)” (#5001) #4871
- Use the correct env var for the hub release image mirror (#4998) #4998
- MGMT-12547: Enhancement doc “api-for-skipping-validations” (#4870) #4870
- Add registry config for ironic agent image (#4995) #4995
- MGMT-13274: Update time-synced-between-host-and-service message to remove bad advice (#4994) #4994
- MGMT-13521: Clearer messaging when non-overlapping-subnets validation is pending. (#4993) #4993
- MGMT-13204: Implement skipping of host and cluster validations (#4907) #4907
- MGMT-13708: allow overriding image service image in subscription (#4985) #4985
- MGMT-13454: Group Host and boot logs to a single tarball (#4975) #4975
- MGMT-13711: it takes the assisted-service few minutes to notice that the cluster installation is completed (#4988) #4988
- MGMT-13620: Make worker to use custom MCP if it was set as part of the host DB record (#4976) #4976
- MGMT-13549: Day1 implementation for K8S node labels (#4972) #4972
- NO-ISSUE: Add logs to supported-platforms (#4982) #4982
- MGMT-13045: Enhancement document for node labeling (#4826) #4826
- MGMT-13682: Gather host logs on failure in day2 flow (#4983) #4983
- MGMT-13292: Add the installed version of the OLM operators in the monitor operators response (#4961) #4961
- MGMT-13471: SNO installation with OCP 4.13 lacks proper dnsmasq configuration (#4939) #4939
- MGMT-13487: handle day2 cluster authz (#4973) #4973
- NO-ISSUE: added ENABLE_ORG_TENANCY to deploy-test target (#4974) #4974
- MGMT-11805:
docs/change-iso-password.sh
lint (#4971) #4971
- Full changelog
- Updating ose-agent-installer-csr-approver images to be consistent with ART (#587) #587
- NO-ISSUE: controller logs optimizations (#646) #646
- NO-ISSUE: Bump golang.org/x/sync (#644) #644
- MULTIARCH-3387: Set boot device to target disk for powervm (#626) #626
- MGMT-13710: assisted-installer-controller hangs for 2 minutes before uploading the ingress CA (#638) #638
- NO-ISSUE: Bump golang.org/x/net from 0.5.0 to 0.7.0 (#640) #640
- NO-ISSUE: Replace iotil by os and io in order to fix lint issues (#642) #642
- NO-ISSUE: Bump openshift/release from golang-1.18 to golang-1.19 (#612) #612
- MGMT-13568: Add pause mcp while setting new role labels (#623) #623
- MGMT-13292: Add the installed version of the OLM operators in the monitor operators response (#622) #622
- Remove uninitialized taint from vSphere nodes (#629) #629
- Full changelog
- OCPBUGS-8695: vendor agent-installer-utils to v0.0.0-20230310220517-8506fbb6a346 (#518) #518
- MGMT-13946: Ignore Proliant Gen 11 serial (#523) #523
- OCPBUGS-8677: vendor agent-installer-utils to v0.0.0-20230308101916-306b7995977e (#515) #515
- OCPBUGS-8390: vendor agent-installer-utils to v0.0.0-20230307094740-57807526b660 (#512) (#513) #512
- AGENT-565: revendor agent-utils (#508) #508
- vendor agent-installer-utils to v0.0.0-20230228190135-5b30a39dadf6 (#506) #506
- vendor agent-installer-utils (#505) #505
- NO-ISSUE: Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#504) #504
- NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.14.0 to 2.15.0 (#502) #502
- MGMT-13758: In connectivity check, ARPING checks should not run on nics without valid IPv4 address (#501) #501
- Updating ose-agent-installer-node-agent images to be consistent with ART (#469) #469
- AGENT-502: Add agent based installer agent-tui (#482) #482
- Make the agent team be the OWNERS of the Dockerfile.ocp file (#498) #498
- Add sg3_utils package (#497) #497
- NO-ISSUE: Bump github.com/onsi/gomega from 1.26.0 to 1.27.1 (#495) #495
- MGMT-13665: Bring full journal by default in log gather (#492) #492
- NO-ISSUE: Bump golang.org/x/sys from 0.4.0 to 0.5.0 (#491) #491
- Full changelog
- OCPBUGS-10405: feat: add workload annotation to deployment and daemonset #199
- STOR-875: Implement custom keys in AWS EBS CSI driver operator #185
- OCPBUGS-7837: do not inject-proxy when deploying in hypershift control plane #186
- Bump github.com/spf13/cobra from 1.6.0 to 1.6.1 #182
- Add ok-to-test label to dependabot PRs #184
- Bump k8s.io/klog/v2 from 2.80.1 to 2.90.0 #183
- Full changelog
- Bug OCPBUGS-7408: UPSTREAM: 1725: Pin k8s.io/dynamic-resource-allocation version #38
- Full changelog
- OCPBUGS-10773: bump repo sclorg/s2i-ruby-container location for newapp test #1381
- OCPBUGS-10378: Add microshift into generate-docs #1372
- Microshift command docs #1357
- Do not set master node selector if there’s no masters #1347
- OCPBUGS-7190: Reuse LDAP connection when performing group sync #1336
- Adding
CommitDate
to the Changelog json output #1348
- OCPBUGS-7780: pkg/cli/admin/upgrade/channel: Use PATCH instead of POST for spec updates #1346
- Use registry.k8s.io and update image version #1343
- Add icsp file convert command #1238
- OWNERS_ALIASES: Update approvers: add David, remove Jack #1340
- oc debug: Use own fields instead directly depending on Attach’s #1337
- Full changelog
- OCPBUGS-10771: updates: manually requeue when waiting for replicas being ready #181
- OCPBUGS-8424: machine’s node must be ready for CPMS machine to be ready #173
- e2e: periodics: remove test with cluster-wide-proxy #170
- Update ginkgo to 2.8.1 #169
- Update OWNERS #168
- Migrate test utils to actuator-pkg repository #159
- Full changelog
- OCPBUGS-10793: bugfix in Node Exporter argument setting #1922
- OCPBUGS-10476: turn off netlink mode of netclass collector in Node Exporter. #1919
- MON-2973: test/e2e: Add cleanup func for alertmanager uwm secret test #1907
- MON-2693: Scrape profiles #1785
- MON-2959: test/e2e: Add test for alertmanager secret platform #1899
- MON-2904: add nodeExporter.collectors.buddyinfo settings. #1891
- MON-2895: toggle netlink implementation of netclass collector #1894
- MON-2932: jsonnet/dashboards: add role template variable to node related dashbo… #1879
- MON-2900: add nodeExporter.collectors.netclass settings. #1893
- Update jsonnet dependencies #1903
- MON-2951: create Routes only with ingress operator #1885
- OCPBUGS-7391: wait for service CA secrets #1900
- Synchronize versions of the downstream components #1902
- MON-2973: pkg/manifests: Allow configuring secrets in alertmanager (UWM) #1884
- Synchronize versions of the downstream components #1898
- pkg/operator: fix typo in info logs #1896
- MON-2901: add nodeExporter.collectors.netdev settings. #1888
- STOR-1154: Add vSphere topology to telemetry #1886
- Add nodeExporter.collectors.tcpstat settings. #1876
- Synchronize versions of the downstream components #1887
- MON-2959: Allow configuring secrets in alertmanager (platform) #1882
- Full changelog
- Fix failing HyperShift presubmits (#578) #578
- Add a script to validate upstream TuneD (#577) #577
- CNF-5900: feat: added support for generating workload partitioning files (#431) #431
- Re enable node selector tests in update tests (#574) #574
- Handle different # of CPUs are in the same MCP (#558) #558
- composable OCP: make NTO components optional (#524) #524
- Update to TuneD v2.20.0 (#565) #565
- Remove trailing spaces from test names (#570) #570
- Remove optimization to allow full resync (#567) #567
- Report host-level sysctls in conflict with TuneD ones (#566) #566
- E2E: Per Core Runtime Tuning Test automation (#509) #509
- Add test case to check single rx queue on veth interface (#562) #562
- Full changelog
- OCPBUGS-8710: psalabelsyncer: invert the enforce/log logic to default to logging #106
- update psa dependency version #103
- update controller-manager dependency to point to v0.25.0 #101
- Full changelog
- OCPBUGS-10221: pkg/cvo/availableupdates: Prioritize conditional risks for largest target version #912
- pkg/cvo: code cleanups #902
- OCPBUGS-7419: Trigger new sync round on ClusterOperator Available changes #904
- install/0000_90_cluster-version-operator_02_servicemonitor: Add ClusterReleaseNotAccepted #906
- OCPBUGS-6097: CVO hotloops on ImageStream and logs the information incorrectly #894
- OCPBUGS-6292: Update golang.org/x/net/http2 for CVE-2022-41717 #901
- Bug 2090680: RetrievePayload: Improve timeouts and cover behavior with tests #896
- pkg/cvo: Set ‘controller’ in our ownerReferences #900
- pkg/cvo/sync_worker: Fix “The sync worker already has a pending notification” formatting #898
- vendor: update openshift/api for NodeTuning capability #883
- Full changelog
- OCPBUGS-10515: UPSTREAM: 115328: apiserver: annotate early (server not ready) and late (during shutdown) requests #1517
- OCPBUGS-8412: Fix mounted volume expansion tests #1502
- OCPBUGS-8308: Bump to k8s 1.26.2 #1495
- AUTH-336: UPSTREAM: <carry>: PSa metrics: unset ocp_namespace on non-platform n… #1489
- Bump to k8s 1.26.1 #1479
- OCPBUGS-7267: add SeccompProfile to Pod and Container accessors/mutators #1490
- UPSTREAM: <drop>: OCPBUGS-5991: Kube APIServer panics in admission controller #1488
- CNF-5901: admission hook change for workload partition on all clusters #1312
- UPSTREAM: 113799: tests: network: Prefer internal IPs first #1446
- UPSTREAM: 115863: Remove global framework variable #1480
- UPSTREAM: <carry>: add new approvers #1458
- OCPBUGS-7555: UPSTREAM: <carry>: add default kubelet sysctls within rpm #1475
- AUTH-336: UPSTREAM: <carry>: PSa metrics: log platform namespaces in audit denies #1454
- Full changelog
- OCPBUGS-44380: Reconcile proxy CA bundle into hosted cluster #5197
- HOSTEDCP-2075: Dns cel e2e #5171
- OCPBUGS-44934: Fix error message when kas is route and hostname is not set #5192
- NO-JIRA: CPO V2 cleanup #5188
- HOSTEDCP-2075: Nodeport address cel #5172
- OCPBUGS-44967: Reconcile SecretProvider for CNCC on ARO HCP #4903
- OCPBUGS-44910: openstack: don’t reconcile image registry config during bootstrap #5178
- OCPBUGS-44957: Use fleet manager configmaps to determine placeholder pod node antiaffinity #5191
- OCPBUGS-44698: Create AWS clients on every reconcile instead of at initialization #5179
- OCPBUGS-44964: Reconcile SecretProviderClass for Ingress on ARO HCP #4884
- OCPBUGS-44929: e2e: fix manila CSI operator #5186
- OCPBUGS-44326: Separate CPO containerfiles #5177
- HOSTEDCP-2181: update latest supported version for 4.19 branching #5146
- NO-JIRA: chore(deps): update konflux references (main) #5180
- NO-JIRA: chore(deps): update dependency mkdocs-mermaid2-plugin to v1.2.1 (main) #5185
- NO-JIRA: chore(deps): update dependency mkdocs to v1.6.1 (main) #5181
- HOSTEDCP-2187: [CPO Refactor] Refactor cluster-policy-controller #5170
- HOSTEDCP-2178: Add CLI flag to support shared vpc private zones in cluster account #5127
- HOSTEDCP-2183: [CPO Refactor] Refactor hcp-router #5157
- NO-JIRA: bump nodepoolConfigUpdate start timeout to 1min to reduce flakes #5152
- HOSTEDCP-2166: Add ability to set Labels on HCP Pods #5114
- HOSTEDCP-2022: Reconcile SecretProviderClass for Image Registry on ARO HCP #4888
- OSASINFRA-3644: openstack: allow to pre-define a floating IP for Ingress router-default #4835
- OSASINFRA-3639: Enable cluster-storage-operator for OpenStack Manila #4988
- NO-JIRA: Disable ASOAPI feature gate for CAPz #5167
- OSASINFRA-3636: Enable cluster-storage-operator for OpenStack Cinder #4936
- NO-JIRA: chore(deps): update konflux references (main) #5153
- HOSTEDCP-2182: Sync main and api go module vendoring to fix go workspaces #5156
- NO-JIRA: Relax cel 4.16 #5155
- OCPBUGS-41365: use controlplaneCLI image in CNO init containers #5089
- HOSTEDCP-2177: [CPO Refactor] Refactor cluster-version-operator #5125
- OCPBUGS-44689: skip np image validation when skipReleaseImageValidation annotation is present on HC #5149
- HOSTEDCP-2173: [CPO Refactor] Refactor oauth-server #5104
- NO-JIRA: Fix unit tests #5150
- OCPBUGS-44568: update diskStorageAccountType consts #5124
- chore(deps): update konflux references (main) #5134
- NO-JIRA: remove out of date releas notes #5147
- OCPBUGS-44476: Use ingress role in private link controller for DNS operations #5126
- HOSTEDCP-2075: Hostedcluster api validation #5090
- NO-JIRA: Bump github.com/Azure/azure-sdk-for-go/sdk/storage/azblob from 1.4.1 to 1.5.0 in the azure-github-dependencies group #5131
- NO-JIRA: Bump golang.org/x/net from 0.30.0 to 0.31.0 in the golang-dependencies group #5132
- chore(deps): update konflux references (main) #5117
- NO-JIRA: e2e: skip OSP multinet before 4.18 #5123
- HOSTEDCP-1542: Add developer instructions on how to setup workload identity on Azure #5128
- OCPBUGS-44041: add –skip-service-principal-deletion flag #5107
- OCPBUGS-44504: doc, fix kubevirt –attach-default-network opt #5115
- OCPBUGS-44473: Add openshift to the groups of system:hosted-cluster-config #5111
- chore(deps): update konflux references (main) #5108
- NO-JIRA: docs: minor fix for OpenStack #5116
- NO-JIRA: docs/openstack: clarify CLI #5103
- OSASINFRA-3565: openstack: additional ports #4515
- OCPBUGS-44336: add missing comment in v2 openstack ccm #5084
- OCPBUGS-44041: add flags for passing in ManageIdentities on Azure HC … #5092
- OCPBUGS-44375: openstack: make external network ID really optional #5091
- HOSTEDCP-2077: [CPO Refactor] Refactor kube-scheduler #5083
- HOSTEDCP-2063: [CPO Refactor] Refactor openshift-oauth-apiserver #5071
- CNF-14742: HCCO: copy KubeletConfigs to hosted-cluster #4833
- OCPBUGS-44413: add missing assets and RBAC for OpenStack with newer CAPO #5095
- NO-JIRA: improve OpenStack documentation #5066
- NO-JIRA: Fix Spec retrieval from infra for PowerVS platform #5063
- NO-JIRA: Change globalConfigString to drop empty imageStreamImportMode #4942
- NO-JIRA: Update Konflux references (main) #5097
- NO-JIRA: Bump the golang-dependencies group with 3 updates #5087
- NO-JIRA: Bump github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys from 1.2.0 to 1.3.0 in the azure-github-dependencies group #5086
- HOSTEDCP-2070: add az cli to e2e dockerfile #5081
- chore(deps): update konflux references (main) #5080
- OCM-12313: expose NodeStartupTimeout in MHC as annotation in HC/NP #5049
- HOSTEDCP-2063: [CPO Refactor] Refactor openshift-apiserver #5065
- NO-JIRA: Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 #5039
- NO-JIRA: remove namespace wide node check on nodepool specific tests #5027
- HOSTEDCP-2073: Review NodePool API validations and doc #5046
- OCPBUGS-44163: Configure OAuth https proxy to dial cloud endpoints directly #5057
- HOSTEDCP-1826: Remove API wording on setting AzureDiskPersistence to a default value of Persistent #5051
- NO-JIRA: Update Konflux references #5052
- OCPBUGS-44221: remove hard dependcy on kubeconfig for hypershift CLI #5045
- HOSTEDCP-2072: [CPO Refactor] Refactor openshift-controller-manager #5035
- NO-JIRA: Add API promotion criteria #5050
- OCPBUGS-42422: Fix order rendering HCP objects #5038
- HOSTEDCP-2000: Add E2E test validating the node runtime #4945
- Update Konflux references #5008
- HOSTEDCP-2070: add e2e flags for controlling AKS keyvault name and te… #5032
- HOSTEDCP-2067: [CPO Refactor] Refactor cloud-controller-manager #5007
- NO-JIRA: Add rpms-signature-scan task #5036
- HOSTEDCP-1989: Prevent kubevirt from removing valid machine config condition #4991
- OCPBUGS-43883: openstack: bump CAPO to v0.11.0 #4990
- OCPBUGS-43943: add retry timeout to nodepoolUpgradeTest #4996
- NO-JIRA: cmd: add support to configure machine networts via CLI #4287
- OSASINFRA-3623: openstack: Only upload required cloud credentials #4848
- OCPBUGS-36387: resource group not found should not prevent azure infr… #5015
- OCPBUGS-43985: failure to retrieve techPreview CM in azure cli should… #5014
- NO-JIRA: Document how to disable kubevirt csi #4967
- OCPBUGS-44001: handle errors returned by createServicePrincipalWithCe… #5001
- OCPBUGS-41365: use appropriate images to avoid overrides in dataplane #4791
- HOSTEDCP-2055: [CPO Refactor] Refactor kube-controller-manager #4986
- HOSTEDCP-2046: Parametrize Control Plane Dockerfile #4995
- OCPBUGS-42434: Update Azure CLI to Handle Authenticating with Service Principal Backed by Certificates #4877
- HOSTEDCP-2057: [CPO Refactor] Refactor ETCD #4987
- HOSTEDCP-1826: review Azure API #4963
- ARO-11084: Helm chart generator #4872
- NO-JIRA: Move left over conditions funcs into their own file #4989
- HOSTEDCP-967: Drop alpha api and conversion #4977
- NO-JIRA: Bump github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys from 1.1.0 to 1.2.0 in the azure-github-dependencies group #4982
- HOSTEDCP-1989: Move NTO reconcile logic into their own file #4962
- NO-JIRA: chore(deps): update konflux references (main) #4968
- HOSTEDCP-2054: [CPO Refactor] Refactor kube-apiserver #4941
- NO-JIRA: Add API label #4984
- OCPBUGS-43756: update eventuallyDaemonSetRollsOut to only watch ready… #4973
- NO-JIRA: Make api module dependencies consistent with main module dependencies #4978
- NO-JIRA: Update azure and AKS upstream docs #4966
- OCPBUGS-43707: Add crd override for NodePool scale subresource #4970
- NO-JIRA: doc/openstack: install operator with
--tech-preview-no-upgrade
#4976
- OCPBUGS-38357: openstack: add option to configure nodepool AZ #4531
- HOSTEDCP-1994: Add generic create function for SecretProvider #4960
- OCPBUGS-43698: dump: make ControlPlaneComponent’s GKV optional #4965
- HOSTEDCP-1472: update TestNodePoolPrevRelease tests to use RFC 1123 nodepool name #4950
- HOSTEDCP-1883: Remove hardcoded catalog images in CPO #4612
- NO-JIRA: chore(deps): update konflux references #4952
- HOSTEDCP-2002: fix typo in doc commands #4951
- HOSTEDCP-2018: Reorder Nodepool conditions #4859
- NO-JIRA: chore(deps): update capz to v1.17.0 #4808
- OCPBUGS-38132: cpo: produce valid oauth config even if idp config is invalid #4955
- OCPBUGS-42434: Add Managed Identity Support in Azure HC API behind AROHCPManagedIdentities Feature gate #4811
- NO-JIRA: Bump the azure-github-dependencies group with 2 updates #4938
- NO-JIRA: Split API into platform files #4944
- NO-JIRA: KubeVirt CSI Security and Isolation Documentation #4937
- NO-JIRA: chore(deps): update konflux references (main) #4930
- HOSTEDCP-2002: Add documentation around crun migration for HCP #4912
- HOSTEDCP-1994: Pass Azure Key Vault’s Managed Identity’s Client ID to HO and CPO Deployments #4926
- HOSTEDCP-2040: Add README.md for ControlPlaneComponent #4915
- HOSTEDCP-2040: [CPO Refactor] Refactor HCCO #4860
- HOSTEDCP-1773: Feature gates openshift markers #4918
- OCPBUGS-43448: Pass feature flags to clusterpolicy controller #4925
- NO-JIRA: chore(deps): update konflux references #4920
- HOSTEDCP-1472: add CP with n-2 NP test #4911
- OCPBUGS-38132: add ValidIDPConfiguration condition to report IDP config issues #4852
- HOSTEDCP-2028: e2e: use TechPreviewNoUpgrade feature set in TestCreateCluster #4902
- OCPBUGS-43087: openstack/e2e: re-work nodepool tests #4868
- NO-JIRA: Bump the golang-dependencies group with 3 updates #4891
- HOSTEDCP-1801: [CPO Refactor] Introduced ControlPlaneComponent CRD #4839
- NO-JIRA: chore(deps): update konflux references (main) #4892
- NO-JIRA: e2e: rename file to avoid IDE errors #4901
- HOSTEDCP-2026: Add support for static control plane operator overrides #4889
- HOSTEDCP-1994: Add Secrets Store CSI RBAC Policies for HO and CPO #4878
- NO-JIRA: statically link CLI binaries #4871
- HOSTEDCP-2025: Allow setting the VPC CIDR when creating AWS infrastructure #4866
- HOSTEDCP-1994: Remove infra create MI for Azure NP #4874
- OCPBUGS-43064: move resource.k8s.io to v1alpha3 for kube 1.31 #4887
- NO-JIRA: cli: add feature-set flag to create cluster #4886
- NO-JIRA: Enforce EnsurePSANotPrivileged for 4.18 and later #4875
- HOSTEDCP-1994: Create separate secrets for Azure disk and file #4861
- NO-JIRA: switch to using ptr instead of pointer #4856
- HOSTEDCP-2009: change from NumberOfProbes to ProbeThreshold #4863
- OCPBUGS-42873: Do not send traffic to local audit-webhook through konnectivity #4864
- OCPBUGS-42783: Use guest DNS resolution in Konnectivity HTTPS proxy by default #4858
- CNV-39662: Document HCP KubeVirt GPU device usage #4844
- NO-JIRA: Fixes kubevirt image cacher #4847
- OCPBUGS-42579: Add network policies for konnectivity server and ignition server proxy #4840
- NO-JIRA: chore(deps): update konflux references to cf9edf8 (main) #4849
- OCPBUGS-39369: Add TokenMinter container and RBAC for the CNO #4765
- HOSTEDCP-1930: Add AWS Shared VPC support #4814
- NO-JIRA: disable ensurePSANotPrivileged test on <4.17 #4842
- OSASINFRA-3623: openstack: Auto-discover clouds.yaml #4837
- OCPBUGS-42100: Run 2 replicas of active/passive HA components #4738
- HOSTEDCP-1801: [CPO Refactor] Introduced an abstraction for CP Components #4708
- NO-JIRA: e2e: skip ValidKubeVirtInfraNetworkMTU condition check on 4.14 and ea… #4836
- NO-JIRA: Fix recover-etcd cmd marking a missing flag required #4826
- HOSTEDCP-1815: feat(ignition): Add option to disable ignition server reconciliation #4417
- CNV-48479: Add documentation for KubeVirt hosted cluster backup and restore #4804
- chore(deps): update konflux references (main) #4818
- HOSTEDCP-1976: Nodepool controller cleanup #4823
- OCPBUGS-42306: hash additionalTrustBundle as part of ignition config … #4775
- NO-JIRA: Bump the azure-github-dependencies group with 2 updates #4819
- HOSTEDCP-1788: use getResourceGroupName for infra deletion in azure so destroy infra can be ran without –resource-group-name #4809
- HOSTEDCP-1984: Refactor capi logic out from NodePool controller #4795
- NO-JIRA: e2e: openstack: fix nil deref in route53 teardown #4803
- OCPBUGS-42433: Retry reconciliation with invalid configuration #4802
- NO-JIRA: clarify use of render and render-sensitive cli flags #4797
- HOSTEDCP-1569: add dockerfile for e2e #4800
- OTA-1349: *: Propagate RetrievedUpdates from ClusterVersion up to HostedCluster #4744
- NO-JIRA: e2e: add service and cluster CIDRs as flags to the e2e framework #4782
- HOSTEDCP-1732: add PDB to sharedIngress router pod #4596
- HOSTEDCP-1788: Create seperate RGs for NSG and VNet #4282
- NO-JIRA: chore(deps): update konflux references to 5ac9b24 (main) #4779
- NO-JIRA: Add Dockerfile.dev to build all-in-one container image for development purposes #4776
- NO-JIRA: chore(deps): update konflux references (main) #4771
- NO-JIRA: Fix docker check ‘AS’ as uppercase in container and docker files #4772
- NO-JIRA: chore(deps): update konflux references #4756
- NO-JIRA: cmd/dump: add OpenStack CAPI resources #4768
- HOSTEDCP-1966: wrap nodePool tenancy API field in Placement struct #4731
- NO-JIRA: repo cleanup #4755
- NO-JIRA: Remove hack for CI in 4.11 release #4745
- NO-JIRA: remove CPO/CPPKIO from the hypershift-operator image build #4754
- HOSTEDCP-1442: Split worker and vpc endpoint security groups #4742
- OCPBUGS-32592: Add Annotation to skip deleting hcp namespace #4741
- HOSTEDCP-1569: e2e: add version gating for 4.14 #4743
- OCPBUGS-41824: Conditionally manage kubeconfig secrets for DNS and Ingress operators #4709
- OCPBUGS-42107: Allow the control plane operator to finish deleting VPC endpoint for PrivateLink clusters #4740
- OCPBUGS-41992: Sanitize ignition payload #4735
- HOSTEDCP-1968: Refactor nodepool token management #4734
- NO-JIRA: Add ddcache entry into gitignore #4730
- HOSTEDCP-1569: e2e: add version gating for 4.15 #4732
- NO-JIRA: Bump the azure-github-dependencies group with 4 updates #4713
- chore(deps): update konflux references #4725
- HOSTEDCP-1678: Refactor config generation for NodePool #4717
- HOSTEDCP-1965: Ignore vendor and resources.go from snyk code test #4722
- OCPBUGS-41935: Sanitize the IgnitionPayload (XSS) #4723
- NO-JIRA: Add log for ignition provider using mirrored release image #4720
- OCPBUGS-39039: Add EncryptionAtHost to create azure cluster CLI #4711
- HOSTEDCP-1569: e2e: add version gating for 4.16 #4712
- ARO-10259: add install render option to write manifests to file #4703
- OCPBUGS-38425: Return the right tagReference on Catalogs ImageStream #4707
- HOSTEDCP-1569: e2e: add version gating for 4.17 #4704
- OCPBUGS-39039: Allow Encryption at Host to be Independently Toggled from DiskEncryptionSetID #4701
- HOSTEDCP-1942: Add functional tests for Etcd Recovery #4668
- OCPBUGS-39123: Add external kas address to no proxy skip list #4693
- HOSTEDCP-1940: Add alert for Etcd recovery #4679
- OCPBUGS-41328: Use KubeClientCABundle for HostedClusterConfigOperator cluster-signer-ca #4676
- OCPBUGS-39420: Let payload generation pick the release for the NodePool #4686
- NO-JIRA: Bump the golang-dependencies group with 4 updates #4675
- OCPBUGS-38349: CPO oauth idp converter: resolve names before dialing #4516
- NO-JIRA: docs: add diagram to konnectivity reference #4674
- OCPBUGS-41120: Updating ose-hypershift-container image to be consistent with ART for 4.18 #4672
- OCPBUGS-37052: Use http dialer when dialing through proxy #4671
- HOSTEDCP-1850: HyperShift operator: Allow setting Kube APIServer maximum requests inflight #4554
- OSASINFRA-3584: openstack: remove support for floating IP #4669
- CNV-45889: Add –labels hcp cli arg for adding labels to HostedCluster #4451
- NO-JIRA: Bump github.com/opencontainers/runc from 1.1.12 to 1.1.14 #4663
- OCPBUGS-33628: Add oauth domain for kas cert #4670
- OCPBUGS-39525: Fix uses of MustParse* on non-constant input #4546
- OCPBUGS-24400: Reconcile over an ETCD failing member #4503
- OCPBUGS-39396: Fix multi-arch validation by prioritizing ReleaseImage check #4660
- chore(deps): update konflux references (main) #4652
- OCPBUGS-38794: handle version skewed NodePools that do not have rhel9 binaries #4656
- NO-JIRA: Bump gotest.tools/gotestsum from 1.11.0 to 1.12.0 in /hack/tools in the misc-dependencies group #4641
- HOSTEDCP-1939: Trigger SharedIngress reconciliation immediately on start #4650
- NO-JIRA: Konflux migration #4649
- HOSTEDCP-1767: chore: organize install command for readability #4643
- NO-JIRA: custom tolerations docs #4639
- OSASINFRA-3573: openstack: when using floating IP, don’t create a dedicated service for Ingress #4589
- OSASINFRA-3572: e2e/openstack: handle DNS for ingress using route53 #4586
- OCPBUGS-38921: Set Image as mutable and trigger upgrades on Azure NodePool spec changes #4606
- HOSTEDCP-1933: Expose AWS Tenancy through NodePool API #4635
- OCPBUGS-39147: regroup KAS certs into public and private certs #4632
- OCPBUGS-39078: e2e: skip VAP checks if platform is None #4629
- OCPBUGS-39001: Fix CAPA ROSA feature gate being set on releases where its not available #4619
- OCPBUGS-38474: copy image-registry AdditionalTrustedCA configmap into HC openshift-config #4621
- OCPBUGS-38878: allow changes to infrastructures global config for Openstack #4609
- OCPBUGS-38936: Fixed NodePool version validation #4608
- OCPBUGS-38709: Join default HTTPS port to Spec.Configuration.Proxy.HTTPSProxy if missing #4603
- NO-JIRA: fix a typo in the architecture doc #4610
- OCPBUGS-38755: Remove go workspaces from source control #4582
- OCPBUGS-38925: copy oapi ca-trust recursively when building trust anchor #4605
- OCPBUGS-38183: Update CSO deployment file #4542
- HOSTEDCP-1483: update cloud-credential-operator in go.mod #4532
- OCPBUGS-36680: ensure additionalTrustBundle propogates to workers #4331
- NO-JIRA: add 4.14 and 4.15 HO base images to docker cve scan scripts #4591
- OCPBUGS-38739: [Azure] Use infraID from infra-json if provided #4579
- chore(deps): update konflux references #4568
- chore(deps): update golang docker tag to v1.23 #4569
- OCPBUGS-38463: nodepoolcontroller:
List()
PerformanceProfile status per NodePool #4556
- HOSTEDCP-1565: external-dns: add proxy env vars if cluster proxy is configured #4580
- NO-JIRA: [kubevirt] Fix KubeVirtNodesLiveMigratable condition for NodePools with 0 replicas #4494
- HOSTEDCP-1861: cpo: separate KAS cert into internal and external #4566
- OCPBUGS-34816: Block data plane HC configuration requests #4303
- HOSTEDCP-1868: Pause CAPI cluster when HostedCluster is paused #4578
- OCPBUGS-38409: Update CPO and HO base images to 4.18 #4543
- HOSTEDCP-1903: Remove unused ROSA/EKS CRDs from hypershift install #4576
- NO-JIRA: add docker script to find package versions in HO & CPO #4537
- CONSOLE-3952: Add networking-console-plugin image to CNO as an env var #4558
- NO-JIRA: fix(KONFLUX-3663): format PipelineRun files and upload SAST results #4533
- OCPBUGS-36261: label routes when using SharedIngress #4562
- OCPBUGS-37052: HTTPS proxy: do not proxy communication to cloud providers #4560
- OSASINFRA-3567: openstack: fix setting external DNS on create #4517
- OCPBUGS-38154: Fix bug where nodes were not triggering dedicated serving reconciliation #4563
- OSASINFRA-3553: relax PodAffinityTerm for zone spreading in HA #4513
- OCPBUGS-38467: allow for shared-ingress router pod creation without p… #4557
- NO-JIRA: Fix CEL rules in the CRD #4512
- HOSTEDCP-1475: Remove hard-coded konnectivity agenty image URI #4548
- HOSTEDCP-1609: Support configuring Azure diagnostics via CLI flags #4529
- OCPBUGS-38437: Stop building mce-2.7 from main #4549
- OCPBUGS-36261: label routes only when HCP router used #4495
- HOSTEDCP-1707: Update version support and upgrade docs #4347
- HOSTEDCP-1874: Remove saas_template.yaml #4521
- NO-JIRA: Bump
LatestSupportedVersion
to 4.18.0 after branch-out #4530
- chore(deps): update konflux references (main) #4522
- chore(deps): update quay.io/openshift/origin-base docker tag to v4.16 (main) #4526
- NO-JIRA: Update golang Docker tag to v1.22 (main) #4523
- CNV-42532: KubeVirt: add label to DataVolume #4509
- OCPBUGS-38183: make use of azure-disk-driver-control-plane-image #4514
- OSASINFRA-3546: docs/openstack: fix typo #4510
- OCPBUGS-25937: Support KMS v2 on AWS #4502
- OSASINFRA-3555: openstack: e2e adjustments #4492
- HOSTEDCP-1776: Set KCM node monitor grace period #4404
- HOSTEDCP-1853: Add Arm NodePool Support Through Azure Marketplace #4455
- OCPBUGS-38041: test: e2e: handle 409 conflict in EnsureHostedClusterImmutability #4493
- HOSTEDCP-1850: Allow setting Kube APIServer maximum requests in flight #4488
- OSASINFRA-3550: openstack: ingress API & octavia ingress provider #4474
- OCPBUGS-37488: CSO: add environment variable for tools image #4483
- NO-JIRA: Update Konflux 4.17 and perform migration #4486
- NO-JIRA: Update Konflux and perform migration #4485
- OSASINFRA-3554: OpenStack: Use external network ID in favor of Name #4477
- OCPBUGS-37934: Reverting ETCD cluster rebuild #4475
- OCPBUGS-37052: Use konnectivity HTTP proxy for ingress controller #4456
- HOSTEDCP-1669: Add first azure services validation #4466
- NO-JIRA: Remove non relevant OVNSbDb service type declarations #4465
- HOSTEDCP-1565: add VPC Endpoint Service proxy support #4470
- OCPBUGS-37832: set proxy envvars on aws and azure CCMs #4468
- HOSTEDCP-1851: Use a multi-arch haproxy image for shared ingress #4454
- HOSTEDCP-1669: Make hostedcluster.spec.services immutable for non IBM platforms #4449
- NO-JIRA: Ensure VolumeSnapshots are deleted during cloud resource cleanup #4306
- OCPBUGS-37753: Let the CPO oidc check resolve through data plane #4273
- NO-JIRA: Update IBM go sdk #4435
- NO-JIRA: Flaky cert validation test #4448
- CNF-12681: Added support for performance profile status #4020
- HOSTEDCP-1778: Default multi-arch flag to true and default release stream for HCP CLI #4447
- OCPBUGS-36932: Add HTTP konnectivity proxy to OAuth server #4381
- OSASINFRA-3550: docs/openstack: adds content for Ingress with MetalLB #4439
- OCPBUGS-37703: fix release stream flag/rhcos image for create cluste… #4445
- CNV-32074: Add Kubevirt live-migratable condition for HC and NP #4361
- OCPBUGS-37698: mce-2.7 enablement for main #4442
- OCPBUGS-36689: Omit the unused 0000_50_olm_06-psm-operator.service.ya… #4348
- OSASINFRA-3546: openstack: document how to create a cluster #4414
- NO-JIRA: chore(deps): update konflux references (main) #4426
- HOSTEDCP-1798: Update AWS multi-arch docs to include migration #4421
- OCPBUGS-37625: DedicatedRequestServing scheduler: make taken labels list consistent #4425
- OCPBUGS-37486: Set right endpointSlice port #4422
- OCPBUGS-24400: Only recreate etcd if hasn’t ever been ready #4419
- OSASINFRA-3319: implements required OpenStack credentials #4410
- HOSTEDCP-1791: dont render any secrets in manifest file #4420
- HOSTEDCP-1798: Refactor multi-arch validation algorithm #4405
- OSASINFRA-3538: openstack: small fixes for CLI #4415
- OCPBUGS-34820: Keep in sync the HC and HCP ICS field #4412
- HOSTEDCP-1813: Moves MachineIdentity from the HostedCluster API to the NodePool API #4408
- HOSTEDCP-1791: dont render cloud-credentials secret #4406
- OSASINFRA-3312: Implements OpenStack Node pools #4409
- OSASINFRA-3539: Add ipam to cluster-api assets #4399
- OSASINFRA-3538: openstack: cluster CLI #4396
- HOSTEDCP-1838: Migrate buildah config in tekton files for migration from 0.1 to 0.2 #4403
- HOSTEDCP-1836: Fix Snyk vulnerability with python deps #4394
- OCPBUGS-36897: fix(api): Nodepool CEL validation fix #4378
- OSASINFRA-3311: openstack: CAPO provider deployment #4373
- OCPBUGS-37222: extract rhel9 MCO binaries for rhel8 based MCO images #4382
- HOSTEDCP-1834: Fix Dependabot Issue By Updating Azure RHCOS Image Copy Process #4379
- OCPBUGS-37102: Separate ibmcloud kms encryption configuration types #4372
- NO-JIRA: Fix OADP backup objects #4376
- HOSTEDCP-1832: Document konnectivity in HyperShift #4374
- CNV-39630: Add ability to set tolerations on the HostedCluster #4339
- OSASINFRA-3525: Initial PR to start supporting OpenStack platform #4350
- CNF-11845: nodepoolcontroller: mirror containerruntimeconfig to HCP NS #4150
- HOSTEDCP-1795, HOSTEDCP-1796: Customize the self-generated cert validity and rotation #4335
- OCPBUGS-34816: Fix the resource from is checking the MHC platform #4365
- HOSTEDCP-1820: Add snyk helper scripts to contrib #4359
- NO-JIRA: Update Konflux references #4362
- OCPBUGS-35899: Doubled machineHealthCheck timeout on Agent and None #4345
- OCPBUGS-24400: Recreate the ETCD statefulSet on HostedCluster deployment when stays failing #4354
- OCPBUGS-35905: E2E test to verify openshift-apiserver TLS certificates #4322
- OSASINFRA-3310: Adds cluster-api-provider-openstack assets #4355
- HOSTEDCP-1734, HOSTEDCP-1737: use proxy-protocol-v2 for shared ingress #4330
- NO-JIRA: Let cmd unit tests run without a running Kubernetes cluster #4310
- NO-JIRA: Default azure to run as managed-service=aro #4316
- OCPBUGS-34865: Fix name resolution for HTTPS konnectivity proxy #4351
- NO-JIRA: add ignition payload inspect docs #4346
- OCPBUGS-33934: Add newline after TLS certs referenced by image.config #4343
- NO-JIRA: Update catalog annotation based on an OCP version #4344
- HOSTEDCP-1818: fix(build): update to the fixed clamav image #4342
- OCPBUGS-36681: Set Azure VM identity if user assigned identity set #4332
- HOSTEDCP-1716: When running the HO locally it should no required a running pod #4268
- CNF-12951: hypershift:performanceprofile: associate profile name with user input #4108
- NO-JIRA: Add net policy to allow ingress from sharedingress namespace #4336
- OCPBUGS-34865: Add HTTP(s) konnectivity proxy for openshift-apiserver #4218
- OCPBUGS-34820: Delete IDMS in dataplane once HCP ICS field is removed #4333
- NO-JIRA: KubeVirtJsonPatchTest: fix vmi slice assignment #4319
- NO-JIRA: Update ci image of capk to 4.17 #4183
- NO-JIRA: Dump capz azure resources #4329
- NO-JIRA: Remove Steve Kuznetsov from approvers/owners #4334
- NO-JIRA: Update Konflux references #4324
- NO-JIRA: Update AKS contrib docs #4314
- HOSTEDCP-1808: Update Mkdocs, dependencies and dockerfile #4323
- NO-JIRA: Dump sharedingress manifest #4321
- NO-JIRA: Enhance aks docs #4311
- NO-JIRA: e2e tests: skip checking ValidKubeVirtInfraNetworkMTU if no workers #4313
- Revert “HOSTEDCP-1778: Enable MultiArch flag by default” #4312
- NO-JIRA: skip validate metrics on azure e2e #4305
- NO-JIRA: skip multiarch test before HC creation #4292
- OCPBUGS-30986: remove weak ciphers from security profile #4294
- NO-JIRA: Add release notes to commit and print proper output when release errors #4304
- HOSTEDCP-1778: Enable MultiArch flag by default #4272
- CNV-39589: [Kubevirt] Add support for passing GPU devices to NodePools #4101
- NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v8.5.11 - abandoned #4300
- NO-JIRA: chore(deps): update konflux references #4297
- OCPBUGS-23922: hcco: reconcile apiserver config into hosted cluster #4278
- OCPBUGS-36230: Use a reconciled proxy config when generating nodepool userdata #4277
- OCPBUGS-35521: Move infra-volumesnapshot-class-mapping to core binding #4290
- OCPBUGS-33060: enable audit log for oauth-openshift #3994
- NO-JIRA: test/e2e: remove api budget checks #4286
- NO-JIRA: fixup azure aks docs #4293
- NO-JIRA: Update HC on AKS doc for new flags for infra #4274
- HOSTEDCP-1342: Add new metrics to check CA bundle validity and expiry [OSD-15414] #3442
- NO-JIRA: cmd/cluster/kubevirt: add a test from dvossel #4220
- HOSTEDCP-1709, HOSTEDCP-1777: test/e2e: complete move to eventually blocks #4263
- OCPBUGS-36188: kubevirt-csi-driver: Pass infra kubeconfig in case of external infra #4271
- OCPBUGS-31840: Make guest cluster components use the correct KAS port #3849
- HOSTEDCP-1447: test/e2e: tar.gz hosted cluster content #4256
- Update Konflux references #4258
- OCPBUGS-35979: Keep old user data for aws < 4.16 #4269
- NO-JIRA: Fix the getting started page by adding export to BUCKET_NAME #4207
- HOSTEDCP-1221: add heterogenous NP e2e #4005
- OCPBUGS-35874: check mgmt cluster for route capability before DeleteIfNeeded for ovn sbdb route #4254
- HOSTEDCP-1709: test/e2e: actually wait for guest cluster client #4262
- NO-JIRA: OWNERS: add stevekuznetsov #4255
- HOSTEDCP-1709: test/e2e: use the eventually abstraction in chaos test #4247
- HOSTEDCP-1709: test/e2e: updates to the eventually construct #4253
- HOSTEDCP-1684: remove CLI requirement for RG flag when NSG ID is supp… #4232
- CNV-30445: KubeVirt: Enable multiqueue by default #4221
- NO-JIRA: chore(deps): update konflux references #4249
- HOSTEDCP-1729: Support for on-demand global routing when creating transit gateway #4081
- NO-JIRA: test/e2e: reduce logging for ssh and oc adm inspect #4242
- NO-JIRA: test/e2e: reduce logging on guest cluster infra cleanup #4239
- NO-JIRA: remove CI_TESTS_RUNS from e2e script as we now directly pass… #4226
- OCPBUGS-35450: Remove KMS V1 provider support for IBM Cloud #4215
- NO-JIRA: chore(deps): update konflux references to ff44cf3 #4244
- HOSTEDCP-1709: test/e2e: add a harness for asynchronous assertions #4206
- NO-JIRA: test: e2e: bump CPO mutate budget #4237
- OCPBUGS-34544: Disable PersistentVolumeLabel admission plugin #4107
- NO-JIRA: Shared ingress tests #4229
- NO-JIRA: Bump golang.org/x/net from 0.20.0 to 0.23.0 in /contrib/aws-tag-lb-service-webhook #3914
- NO-JIRA: chore(deps): update konflux references to 2be7c9c (main) #4222
- NO-JIRA: Revert “kubevirt, e2e: Skip advanced multinet for CI” #4203
- OCPBUGS-35513: cluster/core: fix nodepool naming #4219
- OCPBUGS-33428: Complete KAS migration to none endpoint reconciler type #4133
- CNV-42626: Transition kubevirt vms to use topology spread constraints #4145
- NO-JIRA: Fix tests to avoid race conditions #4214
- HOSTEDCP-1542: cmd: use validated and completed opts pattern #4212
- NO-JIRA: feat(olm): Set packageserver replicas to 2 for IBMCloudPlatform #4184
- NO-JIRA: Added markdown for storage table support #4213
- HOSTEDCP-1542: Fixed infra-id not being defaulted first #4210
- HOSTEDCP-1721: Enable shared ingress for Azure #4188
- HOSTEDCP-1542: cmd/cluster: refactor to remove example fixtures #4018
- HOSTEDCP-1402: cmd/infra/aws/destroy: allow using component credentials #3975
- HOSTEDCP-1446: hack: remove old arguments and scripts #4186
- OCPBUGS-34650: Allow specifying the volume detach timeout for machines via NodePools #4136
- HOSTEDCP-1709: test/e2e: misc context fixes: #4172
- IR-471: registry operator: Add missing env var, wait for rbac #4123
- HOSTEDCP-1514: support Azure diagnostics on NodePools #3970
- OCPBUGS-34807: Fixed ValidReleaseInfo condition #4129
- OCPBUGS-33951: Documentation for disconnected MGMT Cluster #4182
- kubevirt, e2e: Skip advanced multinet for CI #4187
- OCPBUGS-35205: Add hypershift-cluster-version-operator image to release providers #4138
- chore(deps): update konflux references #4165
- HOSTEDCP-1446: hack: make the e2e script generic #4176
- NO-JIRA: Delete references to the openshift-sdn image in CNO #4164
- HOSTEDCP-1709: test/e2e: always bound assertions in time #4170
- HOSTEDCP-1712: Initialize infra id for e2e-azure tests #4163
- OCPBUGS-34274: Generate default worker security group rules based on machineCIDR #4085
- NO-JIRA: test/e2e: remove dead code #4171
- HOSTEDCP-1709: hack/test: remove timeouts #4169
- OCPBUGS-34987: Add missing Tag permissions to cli role #4166
- HOSTEDCP-1553: Add annotation to customize log verbosity of kube-apiserver #4026
- HOSTEDCP-1689: add PodMonitor for external-dns #4147
- OCPBUGS-33953: Document how ICSP/IDMS work in HCP #4098
- OCPBUGS-33952: Documented HCP service exposure #4086
- NO-JIRA: Dependabot updates #4152
- HOSTEDCP-1709: test/e2e: constrain actions to context, timeout #4142
- HOSTEDCP-1709: e2e/util: improve logging during node readiness poll #4153
- OCPBUGS-34607: Disable machine pool feature gate #4109
- HOSTEDCP-1694: Automate HO Deployment Tag & Commit Updates for ROSA HCP #4102
- OCPBUGS-32467: nodepool_controller: add a reconciler for cleanup #3969
- OCPBUGS-34699: Allow access to root-ca configmap in cluster-network-operator role #4122
- HOSTEDCP-1542: cmd: add an option to render into a file, use it in e2e #4036
- OCPBUGS-33724: Fixes update issue with KubeVirt platform #4039
- HOSTEDCP-1564: Ensure VNET, NSG, & Managed RG locations match #4071
- HOSTEDCP-1687: Allow arm64 baremetal nodes to a nodepool in a multi-arch cluster #4060
- NO-JIRA: test/e2e: don’t validate metrics after failure #4143
- OCPBUGS-32186: cmd: report server version, supported OCP #3987
- NO-JIRA: Add link to agent heterogeneous nodepools doc #4135
- OCPBUGS-34734: Fix disconnected metadata inspection for nodepool #4130
- HOSTEDCP-1697: Allow overriding hosted cluster size label #4121
- OCPBUGS-18711: add AWS STS URL to OIDC provider audiences #4094
- HOSTEDCP-1558: use openshift/api instead of thirdparty for machineconfig #3983
- OCPBUGS-34741: Fix fleet manager pair label check #4132
- HOSTEDCP-1683: Use go workspaces #3980
- OCPBUGS-31568: Prevent hypershift install render –template and –outputs from being used together #3824
- NO-JIRA: chore(deps): update rhtap references #4118
- NO-JIRA: Update RHTAP references #4113
- HOSTEDCP-1688: Use operator namespace for openshift-config-managed-trusted-ca-bundle #4088
- HOSTEDCP-1570: remove liveness and readiness probes using metrics endpoint #4001
- OCPBUGS-33987: Use configmaps to track hosted cluster pair labels and set controller concurrency #4103
- MULTIARCH-4668: Add how to doc for heterogeneous node pools on Agent platform #3991
- OCPBUGS-34540: Fix RegistryMirrorProvider modifying the cached image directly #4100
- TRT-1685: bump openshift/api #4095
- OCPBUGS-33428: Reconcile KAS endpoints and endpoint slice #3942
- OCPBUGS-33181: Fixed audit-logs sigterm failing to terminate gracefully #3972
- OCPBUGS-31446: Add TrustedBundles to OAS container #4031
- NO-JIRA: Align kv min version to the default min version (now that default is >= 4.14 #4083
- OCPBUGS-30986: remove weak cipher #3855
- OCPBUGS-34071: Do not scale down legacy nodes #4076
- NO-JIRA: test: relax mgmt KAS egress check #4082
- HOSTEDCP-1681: Skip konflux when not necessary #4080
- OCPBUGS-33977: Allow specifying machine health check timeout in cluster sizing config #4075
- OCPBUGS-34095: Sync the autoscaler periodically #4074
- OCPBUGS-25758: fix router on 4.14 y-stream upgrade #4033
- NO-JIRA: Reinstate wrongly removed fields from cert rotation objects #4070
- OCPBUGS-34019: Make active & backup Azure KMS containers use different –metrics-addr #4066
- OCPBUGS-33742: setting higher priority class for external-dns pods #4050
- OCPBUGS-32257: Fix userReleaseProvider not using icsp/idms from mgmt cluster #4043
- CNF-12792: nto: add configmaps/finalizers under operator
Role
#3992
- CNV-40881: kubevirt, e2e, add test for advanced multinet #3902
- OCPBUGS-33377: Modify token secret MCS hash in place #4057
- chore(deps): update rhtap references #4063
- HOSTEDCP-1556: Support Priority based expander for cluster-autoscaler #4029
- NO-JIRA: Bump library-go dependency and bump
LatestSupportedVersion
to 4.17.0 #4044
- OCPBUGS-33726: Remove service-ca annotation from azure csi & file controller metrics services #4035
- OCPBUGS-33802: don’t delay new cluster creation #4045
- TRT-1672: e2e: proceed with teardown even if dump fails #4051
- OCPBUGS-33659: Improve resliency of size tagging when hostedcluster KAS down #4034
- NO-JIRA: Update RHTAP references #4042
- OCPBUGS-33729: Do not ignore single placeholder pods for a specific hosted cluster #4037
- HOSTEDCP-1668: remove dns-operator leader-elect flags #4038
- OCPBUGS-33595: Cluster sizing controller: do not error on not found HC #4023
- HOSTEDCP-1655: Don’t Ignore SubnetID and Network Security Group ID flags when values are passed through #4021
- HOSTEDCP-1518: Preserve container resource requests and limits #3864
- HOSTEDCP-1310: use kms images from payload #3996
- OCPBUGS-32257: Restrict image registry overrides to control plane components #3952
- HOSTEDCP-1560: Create AWS STS Role for the hypershift/hcp cli #4003
- HOSTEDCP-1566: Bump Azure SDK, IBM, AWS, ectd, & gomega dependencies #4012
- HOSTEDCP-1566: Bump CAPI dependencies #4011
- OCPBUGS-33320: Fix nil dereference in clustersizingconfig validation #4016
- HOSTEDCP-1525: Fixed azure using incorrect kms socket #3981
- HOSTEDCP-1563: Refine the Azure API in the NodePool Spec #4004
- OCPBUGS-33320: Autoscaler for non request serving nodes #4007
- HOSTEDCP-1557: Allow the NSG ID to drive the NSG Resource Group for the Azure Cloud Provider Config #4006
- NO-JIRA: Remove CLI inspection of release image #3548
- OCPBUGS-33237: Run haproxy to connect to kas from data plane if noproxy settings contain kas #3999
- OCPBUGS-26762: Disable DNS resolving for CNO #3986
- MULTIARCH-4637: Set arch to ppc64le within PowerVS platform func #4002
- MULTIARCH-4637: Support ppc64le arch for Agent and PowerVS platform #3979
- HOSTEDCP-1544: Allow user to specify subnet ID for Hosted Cluster & NodePool Creation #3945
- CNV-36073: Set time out for external snapshotter on kubevirt csi driver #3968
- HOSTEDCP-1523: Bump k8s to v0.29.3 #3878
- OCPBUGS-25012: Updating ose-hypershift-container image to be consistent with ART #3303
- OCPBUGS-33203, OCPBUGS-33274: Autoscaler: scale down unused machinesets #3988
- NO-JIRA: chore(deps): update rhtap references #3973
- HOSTEDCP-1513: Add operator scoping support to nodepool controller #3928
- OCPBUGS-33132: Restore ingresscontroller rbac #3965
- NO-JIRA: sizing: add logging for what we’re doing #3961
- chore(deps): update rhtap references #3966
- NO-JIRA: Minor doc updates to creating Azure HC on AKS #3964
- OCPBUGS-29110: Reconcile over ICSP/IDMS #3933
- OCPBUGS-33101: Fix nil pointer deref when effects not specified in CSC #3959
- OCPBUGS-32110: disable OCM pull secret controller when imageregistry config managementstate is Removed #3906
- HOSTEDCP-1552: Update RHTAP tekton files for 0.3 -> 0.4 migration #3956
- OCPBUGS-31398: Recycler-pod image now points to the OCP Payload reference #3901
- HOSTEDCP-1525: Support Azure KMS key rotation #3940
- CNV-40687: Detect machine and cluster-network cidr collision #3880
- OCPBUGS-32930: Allow specifying resource requests per cluster size #3941
- OCPBUGS-32760: Request serving scheduler: omit deleting nodes #3929
- OCPBUGS-14383: fix setting replicas on autoscaler #3947
- OCPBUGS-32378: Ensure placeholder deployments are deleted #3931
- OCPBUGS-32255: Remove kube-scheduler readiness probe #3889
- HOSTEDCP-1484: Disaster recovery documentation with OADP #3950
- OCPBUGS-32492: Set ImportMode for catalog #3937
- HOSTEDCP-1522: Add API definitions and CEL for AzurePlatformSpec vars #3879
- NO-JIRA: Kubevirt on Azure: Change KAS LB Port to 7443 #3821
- chore(deps): update rhtap references (main) #3943
- OCPBUGS-30260: Ignore subnet annotations for control plane load balancers #3944
- OCPBUGS-32759: Fix invalid node selector in autosizing placeholder #3930
- HOSTEDCP-1044: Add NodePool Size/Replicas to Telemetry #3593
- NO-JIRA: remove obsolete konnectivity image code #3932
- HOSTEDCP-1219: Add arch & multi-arch flags to HCP CLI #3926
- NO-JIRA: reduce autoscaling test memory requests #3938
- NO-JIRA: chore(deps): update rhtap references #3934
- ACM-11259: Add mapping documentation for KubeVirt CSI driver snaphotting #3925
- OCPBUGS-32496: Controller to assist autoscaling for placeholder nodes #3922
- Revert “Revert “HOSTEDCP-1465: Create HCPs with externalDNS on AKS Clusters”” #3895
- chore(deps): update rhtap references #3919
- OCPBUGS-32487: Fix OLM intilization args #3918
- OCPNODE-2096: Add ClusterImagePolicy to the list of valid config manifests #3894
- CNV-36073: KubeVirt, Add snapshot side car and volumesnapshot class #3640
- NO-ISSUE: placeholders: ignore auto-sizer placeholders #3877
- OCPBUGS-32228: Fix failure to create a second hostedcluster in the same namespace #3900
- OCPBUGS-32248: Replace periods with commas in subnet label value #3885
- chore(deps): update rhtap references #3886
- HOSTEDCP-1462: set HostPath.Type on volumesource in CloudNodeManagerD… #3892
- NO-JIRA: fixed e2e teardown failing the outer test instead of subtest #3891
- HOSTEDCP-1519: feat(api): Add ingress-controller-load-balancer-scope annotation #3848
- NO-JIRA: remove ovnkube-control-plane from expected component token m… #3850
- CNV-40622: Docs: Avoid cidr Collisions b/w Infra &Guest cluster #3863
- NO-JIRA: Disable kubevirt-csi crash detection in e2e #3896
- Revert “HOSTEDCP-1465: Create HCPs with externalDNS on AKS Clusters” #3890
- HOSTEDCP-1465: Create HCPs with externalDNS on AKS Clusters #3688
- chore(deps): update rhtap references #3872
- OSD-19085: Replaced hypershift_cluster_cores metric with hypershift_cluster_vcpus metric #3697
- NO-ISSUE: *: use the api package constant for the size label #3876
- NO-JIRA: bump capk ci image #3830
- NO-JIRA: chore(deps): update rhtap references (main) #3867
- OCPBUGS-29466: Fix ICSP and IDMS inclusion as registriesOverrides #3862
- STOR-1805: Set RUN_AS_USER if mgmt cluster doesn’t have SCC #3819
- OCPBUGS-29494: Fix disconnected metadata inspection #3860
- OCPBUGS-31012: Disable audit-log container in kas when profile is None #3765
- NO-JIRA: [e2e test framework] Add a flag to add an annotation to HostedCluster #3854
- NO-JIRA: update private cluster IAM policy doc #3851
- NO-JIRA: chore(deps): update rhtap references (main) #3856
- OCPBUGS-14383: disable autoscaler when no nodepool requires it #3846
- NO-JIRA: Document additional known issues for the disconnected scenario #3611
- NO-JIRA: Update RHTAP references (main) #3834
- OCPBUGS-29391: Add new permission required in CAPA #3779
- CNF-11885: nto: add events resources under operator
Role
#3827
- OCPBUGS-31444: use dnsPolicy: Default for konnectivity-agent in data plane #3810
- NO-JIRA: docs: fixing wrong key name #3833
- NO-JIRA: Update expected condition to false for ValidAzureKmsConfig s… #3837
- OCPBUGS-31725: include hostnetwork SCC CPO role for 4.13 and earlier #3838
- HOSTEDCP-1511: enable and document kubevirt custom default network #3832
- HOSTEDCP-1513: Support annotation scoping for hostedcluster resources #3702
- OCPBUGS-31415: update desired image even when HCP doesn’t exist yet #3829
- NO-JIRA: Added regression tests to ensure certain deployment fields do not get set. #2707
- OCPBUGS-31585: disable http2 for ignition server and proxy #3817
- OTA-1211: api/v1beta1/hostedcluster_types: Add spec.updateService #3576
- HOSTEDCP-1365: kubevirt, Generate kccm lb endpointslices #3528
- NO-JIRA: Add –auto-repair flag to
hcp create nodepool
#3163
- NO-JIRA: Set control plane to HA by default #3788
- NO-JIRA: Fix docs commands related to Azure ephemeral OS disks #3809
- Update RHTAP references #3814
- NO-JIRA: Documentation overview of HCP KubeVirt Storage #3763
- OCPBUGS-31465: remove max function usage from deicated request serving nodes #3815
- OCPBUGS-31106: Reduce log file size for hypershift apiservers #3781
- HOSTEDCP-1462: Enable TestNodePool and CreateCluster tests on Azure #3732
- OCPBUGS-31319: copy issuerCertificateAuthority configmap into HC openshift-config #3799
- HOSTEDCP-1478: Request serving node scheduler that uses HC size label #3776
- OCPBUGS-31076: Support other azure clouds #3804
- OCPBUGS-31110: Fix empty RHCOSImage error when creating Azure Infrastructure #3782
- HOSTEDCP-1104: Skip CPU Check on Render & Get Mgmt Cluster CPU from API Server #3797
- OCPBUGS-13726: fix race between ignition payload generation and MCS configmap update #3795
- NO-JIRA: Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /hack/tools #3752
- NO-JIRA: Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 #3710
- OCPBUGS-31089: Fix empty resourceGroupName error when deleting Azure infra #3775
- OCPBUGS-31090: Fix empty subnet name error when creating Azure infrastructure #3778
- OCPBUGS-31263: Add missing PodSecurityViolation alert #3733
- OCPBUGS-31118: fix(ignition): Fix priority class override #3784
- OCPBUGS-31088: Fix loopvar issue #3770
- Update RHTAP references #3790
- HOSTEDCP-1104, HOSTEDCP-1105: Validate multi-arch aspects in an AWS Hosted Cluster #3769
- HOSTEDCP-1501: Create default ClusterSizingConfig CR on start #3787
- NO-JIRA: Remove unused ref to hostnetwork in cpo role #3789
- OCPBUGS-30930: Add CEL validation for NodePool autoScaling / replicas #3786
- OCPBUGS-31102: inject built-in MCP selector for KubeletConfigs and ContainerRuntimeConfigs #3780
- NO-JIRA: Adding Disable PKI Reconciliation annotation as an option #2989
- OCPBUGS-30991: external OIDC: fix certificateAuthority field in structured auth config #3773
- HOSTEDCP-1429: Add install flag to enable/disable size tagging #3766
- OCPBUGS-30968: ibmcloud KMS: remove breaking image check and enable KMS v2 support #3760
- HOSTEDCP-1487: Add managed service constants to HyperShift API #3762
- OCPBUGS-30260: Support subnet labels separated by periods #3767
- HOSTEDCP-1429: hypershift-operator: wire up placeholder pods for sizes #3749
- NO-JIRA: Increase stability in autoscaled environments #3757
- NO-JIRA: Bump HO read budget in e2e to 6000 #3761
- HOSTEDCP-1220: Add multi-arch flag to CLI & associated validation #3743
- HOSTEDCP-1467: ARO HCP - Add ability to specify subnet at nodepool level #3748
- NO-JIRA: Update RHTAP references #3753
- OCPBUGS-30260: Support specifying AWS LB subnets #3746
- HOSTEDCP-1487: Add ability to set managed service type in HO #3736
- NO-ISSUE: hypershift-operator: react to hosted cluster changes #3735
- HOSTEDCP-1429: hypershift-operator: add a controller for t-shirt sizing #3686
- HOSTEDCP-929: Add nodepool annotation to allow requesting IMDSv2 #3584
- NO-JIRA:Bump CPO Read API budget to 4000 in EnsureApiBudget #3745
- OCPBUGS-30320: speed up HCP rollout durations #3734
- STOR-1805: Set env var when the mgmt cluster supports SCC #3701
- HOSTEDCP-1488: Use regionalized STS endpoints in AWS #3742
- NO-JIRA: Update RHTAP references #3737
- OCPBUGS-30242: consider nigthly images in payoad version check #3727
- OCPBUGS-28634: Update agentserviceconfig.md to remove PUBLIC_CONTAINER_REGISTRIES #3687
- HOSTEDCP-1478: Support additional node selectors for request serving nodes #3729
- Revert “HOSTEDCP-1220: Add multi-arch flag to CLI & associated validation” #3731
- OCPBUGS-13726: honor HC image configuration #3714
- HOSTEDCP-1220: Add multi-arch flag to CLI & associated validation #3689
- OCPBUGS-30769: include node local client loadbalancer address in kube-apiserver signing ips #3699
- NO-JIRA: Temporary remove promtool from hack/tools to unblock RHTAP pipeline #3728
- HOSTEDCP-1460: Remove resource limits on azure-cloud-node-manager #3725
- HOSTEDCP-1479: Update IBM/networking-go-sdk package #3722
- HOSTEDCP-1480: Update TLS cert hash creation with sha512 #3718
- NO-JIRA: Fixes Dependabot PR #3712 #3716
- HOSTEDCP-1466: support/metrics: don’t filter HCCO metrics #3715
- MCO-392: ignition-server/controllers: drop
MCSIgnitionProvider
#3709
- HOSTEDCP-1469: Set GOMEMLIMIT annotation based on request serving node label #3708
- OCPBUGS-30574: Update OLM Default Catalog Sources to 4.16 on main #3707
- chore(deps): update rhtap references #3704
- OCPBUGS-30242: Use cluster-config-operator for 4.14 payload #3685
- NO-JIRA: Dependabot#3659 #3665
- Revert “NO-JIRA: test/e2e: temporarily skip NTO machineconfig test” #3700
- NO-JIRA: cleanup: nilness check failures #3698
- HOSTEDCP-1464: Add pull secret to install CLI & create k8s secret #3682
- OCPBUGS-30060: Set OPERATOR_IMAGE environment variable #3667
- OCPBUGS-28370: Use correct return error when destroying AWS SG #3661
- OCPBUGS-30301: [kubevirt] Fix virt-launcher netpol to allow missing access #3680
- OCPBUGS-30124: do not set KAS OAuthMetadataFile with Authentication type OIDC #3678
- NO-JIRA: Bump the misc-dependencies group in /hack/tools with 1 update #3658
- NO-JIRA: Bump the golang-dependencies group with 1 update #3657
- chore(deps): update rhtap references #3674
- NO-JIRA: test/e2e: temporarily skip NTO machineconfig test #3683
- NO-JIRA: chore(deps): update rhtap references #3671
- NO-JIRA: Remove specific pull secret watch in HCCO #3605
- OCPBUGS-30102: Support to disable machine management components #3570
- NO-JIRA: Minor cleanup of Azure create cluster document #3663
- NO-JIRA: chore(deps): update rhtap references #3650
- OCPBUGS-29613: test: add a test for invalid CSRs #3612
- NO-JIRA: test: skip CCO in pod crash check #3652
- OCPBUGS-29773: set Konnectivity cipher suites #3618
- OCPBUGS-30030: rollout kas on auth config change #3647
- NO-JIRA: test: increase CPO mutate budget #3649
- NO-JIRA: test: debug certificates on unauthz error #3642
- NO-JIRA: Remove replace statements #3631
- NO-JIRA: DEPENDABOT#3613 #3617
- NO-JIRA: chore(deps): update rhtap references #3638
- NO-JIRA: Bump the misc-dependencies group in /hack/tools with 2 updates #3636
- NO-JIRA: Bump the misc-dependencies group with 5 updates #3634
- OCPBUGS-28370: Skip SG deletion if it has dependancy violation #3622
- NO-JIRA: Update RHTAP references #3621
- NO-JIRA: Update RHTAP references (main) #3623
- OCPBUGS-23457: Switch to use service endpoint for Konnectivity #3627
- OCPBUGS-27180: Update the oauth API server’s shutdown delay duration #3608
- NO-JIRA: Re-enable InPlace NodePool upgrade test for kubevirt (CNV-36608) #3600
- OCPBUGS-29855: feat(ho): Add flag for dedicated request serving isolation #3601
- OCPBUGS-28607: feat(config): Default RevisionHistoryLimit to 2 for deployments #3477
- NO-JIRA: adjust pdb for oauth-apiserver #3619
- OCPBUGS-29645: control-plane-pki-operator: fix CA used for SRE client credentials #3615
- HOSTEDCP-1424: ARO HCP Support Disabling Outbound SNAT #3583
- NO-JIRA: always set minAvailable on PDBs to 1 #3616
- OCPBUGS-29723: CLI: create nodepool aws - remove sg requirement #3614
- NO-JIRA: Bump the misc-dependencies group with 15 updates #3609
- NO-JIRA: Ignore kubectl version mistmaches in Component Versions #3575
- NO-JIRA: Bump the k8s-dependencies group in /api with 2 updates #3598
- OCPBUGS-28538: Add an SCC for validation pods with Cilium SDN #3602
- NO-JIRA: chore(deps): update rhtap references #3603
- HOSTEDCP-1411: Add capability to specify additional tags to azure resource… #3490
- NO-JIRA: chore(deps): update rhtap references #3590
- OCPBUGS-29435: Use structured authentication config #3574
- HOSTEDCP-1428: hcco: report node count on HCPs #3557
- HOSTEDCP-1436: Make nodepool.spec.aws.subnet required #3581
- OCPBUGS-29586: use 2040 for apiserver svc in IBM provider #3569
- HOSTEDCP-1438: Preserve container resources for more hosted control plane components #3120
- NO-JIRA: contrib/aws-tag-lb-service-webhook: JSONPatch improvements #3585
- NO-JIRA: KubeVirt Platform Documentation for Additional Network, CPU Performance, and VM NodeSelector #3464
- NO-JIRA: remove dead code from kas config #3578
- OCPBUGS-29115: Default NodeUpgradeType on day2 nodepool creation #3572
- Revert “CNV-36608: Enable InPlace NodePool upgrade test for kubevirt” #3547
- NO-JIRA: Update RHTAP references #3577
- OCPBUGS-28538: Added docs to get other sdn providers deployed with agent provider #3405
- Update RHTAP references #3568
- CNF-6516: NTO: Enable PerformanceProfile #1782
- OCPBUGS-29209: hypershift-operator: don’t create PKI rbac when disabled #3544
- OCPBUGS-29104: control-plane-pki-operator: add a signer for SRE break-glass #3542
- NO-ISSUE: test: wait longer for certificate signing, revocation #3560
- NO-JIRA: Reduce nodepool test cases for KubeVirt due to infra perf issues #3562
- NO-JIRA: Developer namespace template for CI clusters #3561
- HOSTEDCP-1419: Always include AWS default security group in worker security groups #3527
- HOSTEDCP-1407: Add steps for seting up azure CI cluster #3545
- Update RHTAP references (main) #3546
- HOSTEDCP-1420: Set a fixed minimum supported version #3525
- NO-JIRA: Update RHTAP references #3518
- OCPBUGS-29103: control-plane-pki-operator: validate CN for CSR #3538
- NO-JIRA: stevekuznetsov approver on CPPO and integration tests #3540
- NO-JIRA: Fix issue with release note tool #3429
- HOSTEDCP-336: Hypershift API separation #3390
- HOSTEDCP-1344: control-plane-pki-operator: add a revocation controller #3339
- CNV-36608: Enable InPlace NodePool upgrade test for kubevirt #3517
- OCPBUGS-27282: Make ControllerAvailabilityPolicy immutable #3513
- NO-JIRA: remove unneeded code to copy Authentication refs #3512
- OCPBUGS-28659: Add ValidatingAdmissionPolicy to KAS config #3488
- OCPBUGS-28741: Fix default release image lookup #3450
- NO-JIRA: Add app labels to KubeVirt CCM component #3510
- MULTIARCH-4084: Reduce the policy access scope to specific instance #3491
- NO-JIRA: Bump the misc-dependencies group with 5 updates #3503
- OCPBUGS-28625: cpo: honor user provided oauthmetadata configmap passed in Authentication config #3511
- NO-JIRA: Bump github.com/go-resty/resty/v2 from 2.10.0 to 2.11.0 in /hack/tools #3505
- Update RHTAP references (main) #3508
- OCPBUGS-28763: Ensure cloud resources are destroyed for all platforms when –destroy-cloud-resources is used #3494
- OCPBUGS-28601: Remove webhook validations that introduce resource ordering #3484
- NO-JIRA: manifests: Skip pod anti affinity for nil labels #3507
- MULTIARCH-3882: Support PER solution for powervs platform via transit gateway #3277
- HOSTEDCP-1408: Update CAPZ Identity Type to Service Principal #3501
- OCPBUGS-27161: reflect NodePool replica count nil in status #3472
- NO-JIRA: Fix dependabot pr 3414 #3453
- NO-JIRA: kubevirt, e2e, Add additional network test #3449
- NO-JIRA: remove PrivateIngressController cleanup #3489
- HOSTEDCP-1373: ARO HCP - Add capability for Azure VMs to be created with ephemeral disks #3483
- NO-JIRA: contrib: add code for aws-tag-lb-service-webhook #3493
- NO-JIRA: Bump the misc-dependencies group with 3 updates #3486
- NO-JIRA: Bump the misc-dependencies group in /hack/tools with 1 update #3469
- HOSTEDCP-1364: kubevirt, use selector less services for ingress #3343
- OCPBUGS-22899: node spread anti-affinity for HA HCP #3286
- NO-JIRA: Bump the misc-dependencies group with 17 updates #3476
- HOSTEDCP-1401: Enable BYO NSG #3455
- NO-JIRA: Update go-jose to the latest version to fix CVE #3475
- HOSTEDCP-1344: re-revert api stuff #3463
- OCPBUGS-26940: Include OperatorHubSpec sync with HC when Config is empty #3454
- NO-JIRA: Simplified kubectl component version check #3458
- NO-JIRA: Remove ‘–attach-default-network’ from productized cli #3462
- NO-JIRA: Tolerate restarts for kubevirt external infra #3451
- NO-ISSUE: .ci-operator.yaml: base off of RHEL 9 #3466
- OCPBUGS-27366: indicate cluster profile to render the correct manifests #3443
- OCPBUGS-26977: Required RBAC for network-node-identity is not created when hosted cluster networkType is set to Other. #3403
- TRT-1456: Revert #3448 “api: move CSRA to a new group” #3460
- HOSTEDCP-1344: api: move CSRA to a new group #3448
- HOSTEDCP-1397: Add documentation on how to debug Azure nodes #3452
- NO-JIRA: Update Dockerfiles to use publicly available RHEL9 images #3426
- HOSTEDCP-1308: Add e2e to ensure SA token not mounted on mgmt workloa… #3301
- NO-JIRA: Fix promql testdata missing issue #3438
- NO-JIRA: Update RHTAP references (main) #3446
- HOSTEDCP-1188: Add docs for control plane scheduling topologies #3434
- HOSTEDCP-1283: Set outbound LoadBalancer name on AzureCluster #3445
- NO-JIRA: Bump misc dependencies 21f825371d #3433
- HOSTEDCP-1207: Automated etcd backup #3034
- NO-JIRA: Document machine configuration in HyperShift #3331
- HOSTEDCP-1382: [Subtask] Restore Ability to Create HCPs on Azure #3404
- HOSTEDCP-1314: Ensure all e2e HCs use NLB for ingress controller #3293
- OCPBUGS-26757: Change KAS bootstrap image to cluster-config-api #3400
- NO-JIRA: Improve nodepool’s machine condition message #3354
- OCPBUGS-23228: Add storage, csisnapshotcontroller and clustercsidrive… #3396
- OCPBUGS-27027: availability-prober: wait for infrastructure name to be set #3409
- NO-JIRA: remove non-existent v1beta2 from webhook #3407
- HOSTEDCP-1376: Bump the sigs.k8s-dependencies group and update dependabot groupings #3392
- OCPBUGS-25696: Apply Scheduling Configuration for kCCM #3382
- OCPBUGS-26547: remove LoadBalancer filter from external-dns #3410
- OCPBUGS-26547: fix up external-dns flags #3408
- OCPBUGS-26547: reduce external-dns route53 call volume #3394
- Update RHTAP references (main) #3401
- OCPBUGS-25897: hcco: use manual mode for CCO #3375
- HOSTEDCP-1309: Add GC knobs for KAS #3384
- NO-JIRA: [KubeVirt] Fix external infra permissions documentation #3391
- HOSTEDCP-1374: external OIDC: copy Authentication OIDC client secrets through to guest #3373
- OCPBUGS-25974: Do not use CPO image from status if it’s not a valid image reference #3361
- OCPBUGS-23518: consider HCP upgradeable if CVO has no upgradable condition #3239
- OCPBUGS-26232: set KAS runtime-config in alignment with feature gates #3377
- HOSTEDCP-1372: Bumps k8s to v0.29 #3360
- OCPBUGS-25342: Add extra resources to be encrypted. #3341
- OCPBUGS-26197: hostedcontrolplane: don’t start pki operator when disabled #3368
- CNV-36656: Documenting the mimimum RBAC required for External Infra cluster with KubeVirt provider #3364
- NO-JIRA: Update RHTAP references (main) #3365
- HOSTEDCP-1371: Bump Golang to v1.21 #3359
- HOSTEDCP-1328: Add Ability to Encrypt VM OS Disks #3281
- HOSTEDCP-1122: Etcd defrag controller #2869
- NO-JIRA: Update RHTAP references (main) #3275
- HOSTEDCP-336: Move fixtures out of API #3342
- OCPBUGS-23362: Set new condition on SG deletion. #3307
- NO-JIRA: Bump the k8s-dependencies group in /hack/tools with 1 update #3251
- NO-JIRA: Add rbac permission for kubevirt capi #3344
- OCPBUGS-22399: Disable UWM Telemetry writer when telemeter-client cm not exists #3348
- NO-JIRA: Approvers update #3347
- HOSTEDCP-1262: Add additional CEL to Arch in NodePoolSpec #3333
- NO-JIRA: Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /hack/tools #3334
- NO-JIRA: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 #3335
- OCPBUGS-22399: Disable UWM Telemetry remote writer when MGMT cluster is disconnected #3332
- HOSTEDCP-336: Move CAPI imports from /api package into support/api #3270
- OCPBUGS-24308: Add PodDisruptionBudget for router deployment #3337
- HOSTEDCP-1355: Remove unused functions from repo #3325
- NO-JIRA: RHTAP Multi-Arch PipelineSpec #3340
- HOSTEDCP-1329: Allow user to specify resource group for NodePool resources #3279
- HOSTEDCP-1353: Improve description for agent APIServerAddress CLI flag #3314
- ACM-8917: Add agentLabelSelector to nodepool agent create to CLI #3285
- CCO-388: control-plane-operator: reconcile the CCO #2794
- NO-JIRA: Bump github.com/prometheus/alertmanager from 0.25.0 to 0.25.1 in /hack/tools #3045
- NO-JIRA: Bump github.com/docker/docker from 23.0.3+incompatible to 24.0.7+incompatible in /hack/tools #3145
- HOSTEDCP-1344: use library-go crypto where we can #3326
- OCPBUGS-25332: Force KMSv1 on #3318
- HOSTEDCP-1273: Added support for OLM Disable default sources on HC creation #3320
- HOSTEDCP-1327: Remove Old Azure SDKs from Azure Infra #3274
- OCPBUGS-25306: Use k8s.io/kube-scheduler/config/v1 #3313
- TRT-1406: Revert #3283 “HOSTEDCP-1273: Added support for OLM Disable default sources on HC creation” #3306
- OCPBUGS-25103: Remove reference to v1alpha1 flowcontrol #3304
- HOSTEDCP-1257: control-plane-pki-operator: add a CSR flow for break-glass creds #3267
- NO-JIRA: Align kubevirt MinSupportedVersion with the default one (4.14.0) #3305
- OCPBUGS-24261: Konnectivity agent update strategy #3294
- CNV-36056: Expose NodeSelector for KubeVirt VMs in NodePool #3280
- ACM-8466: Add Kubernetes SCC V2 options to HO containers #3284
- OCPBUGS-23511: Remove IAM path when applying control-plane-operator ARN to VPC Endpoint Service allowed principals #3215
- NO-JIRA: Update Latest Supported Version to 4.16 After Branch-out #3302
- HOSTEDCP-1343: docs(ibmcloud): Add HC/HCP yamls for IBM Cloud #3287
- HOSTEDCP-1273: Added support for OLM Disable default sources on HC creation #3283
- HOSTEDCP-1272: Added CLI support to create DualStack clusters using default values #3276
- OCPBUGS-20035: Add HostedCluster false conditions sumamry when cluste… #3190
- HOSTEDCP-1336: bump openshift/api #3282
- NO-JIRA: Fix wrong annotation on cluster deletion #3289
- OTA-855: Enable CVO to evaluate conditional updates on self-managed HyperShift deployed on OpenShift #2807
- HOSTEDCP-1318: correct typo for OAS internal-oauth-disabled flag #3278
- NO-JIRA: Bump the golang-dependencies group with 3 updates #3254
- OCPBUGS-23126: Fix a bug on deletion of a hostedcluster #3234
- CNV-35774: Improve CRD defaulting for HostedCluster and NodePool #3116
- HOSTEDCP-1322: NodeUpgradeType defaulted by provider via CLI #3273
- NO-JIRA: cmd/cluster/core/dump: Gather PodDisruptionBudgets too #3263
- CNV-34093: kubevirt: verify release image falls within supported release window #3184
- CNV-29003: Re-enable NodePoolUpgradeTest for KubeVirt (Replace Only) #3189
- OCPBUGS-22459: Add prestop to konnectiviy server #3250
- HOSTEDCP-1318: pass internal-oauth-disable flag to openshift-apiserver when Auth type is OIDC #3244
- OCPBUGS-23397: Set shutdown-delay-duration to 15s #3204
- HOSTEDCP-1234: Add KMS support on Azure clusters using Azure Key Vault #3183
- OCPBUGS-23555: set respondWithChallenges false on CLI OAuth client #3249
- WRKLDS-925: remove duplicate passing of kubeconfig into route-controller-manager #3220
- HOSTEDCP-1256: control-plane-pki-operator: add an operator for managing PKI #3193
- HOSTEDCP-1319: Fix Dependabot & Group Dependency Updates #3246
- OCPBUGS-24062: fix(cpo): Set restart annotation on network-node-identity #3245
- kubevirt, hcp, HOSTEDCP-1311: Add multinet knobs #3235
- HOSTEDCP-1312: Fixed update-codegen.sh to work locally #3214
- OCPBUGS-23555: add CLI oauthclient #3238
- HOSTEDCP-1300: Bump k8s.io/client-go to v0.28.3 #3191
- OCPBUGS-19834: add watch for HCP pullsecret to HCCO #3237
- Update RHTAP references (main) #3230
- HOSTEDCP-1236: Enable public router+external DNS for azure #3233
- OCPBUGS-23921: Use correct kubeconfig in CCM and remove CCMs access t… #3222
- OCPBUGS-22473: Added OLMCatalogPlacement option to the CLI #3206
- OSD-19085: New hypershift_cluster_cores metric giving the total number of worker cores #3089
- OCPBUGS-20246: Added brackets to IPv6 KAS address on kubeconfig #3207
- OCPBUGS-23737: remove machine-approver probes #3227
- OCPBUGS-23350: Added IPFamilyPolicy to services exposed at the HCP in DualStack mode #3210
- OCPBUGS-23466: Let router use svc ips #3218
- HOSTEDCP-1256: api/hypershift: mark more conditions with list key types #3212
- OCPBUGS-23472: unset ServiceAccount on ignition-server-proxy #3209
- OCPBUGS-23528: Fix error when removing finalizer on cluster destroy #3219
- HOSTEDCP-1256: api/v1beta1: annotate hostedcontrolplane conditions #3211
- OCPBUGS-23398: Fixed AWS KMS Backup container args #3216
- HOSTEDCP-1311: kubevirt, Add support for secondary networks #3066
- HOSTEDCP-1256: expose cert rotation scale parameter #3208
- OCPBUGS-23314: SetLogger for CLI #3199
- HOSTEDCP-1237: Retrieve RHCOS VHD image from release image #3177
- HOSTEDCP-1284: Bumps k8s.io/pod-security-admission to v0.28.3 #3181
- CNV-23418: Validate jsonpatch annotation + add condition on wrong patch #3197
- HOSTEDCP-1285: Kas port svc cleanup #3186
- HOSTEDCP-1254: disable deployment of integrated oauth when authentication type is OIDC and set KAS flags #3151
- CNV-23418: fix the jsonpath annotation implemetation #3201
- HOSTEDCP-1305: Simplify HostedControlPlaneNamespace().Name #2619
- OCPBUGS-22912: Set value of elb tag to 1 instead of true #3198
- CNV-30444: Document recommended MTU settings for KubeVirt HCP #3129
- HOSTEDCP-1306: Bump Golang builder to 1.20 for RHTAP dockerfile #3196
- NO-JIRA: chore(deps): update rhtap references #3192
- CNV-23418: unsupported escape hatch mechanism custom HS/KV vms #3187
- HOSTEDCP-1256: generate typed clients for apis #3179
- NO-JIRA: *: Fix “succesfully” -> “successfully” typos #3188
- OCPBUGS-20179: Stop defining time series for hosted clusters or node pools which do not exist anymore. #2671
- HOSTEDCP-1285: Consume kas Pod port by name #3185
- OCPBUGS-23083: adding permission to CNO RBAC Calico path for network-node-identity deploy #3172
- HOSTEDCP-1256: Update Dependencies #3154
- HOSTEDCP-1283: Fixed Azure nodes not joining #3174
- HOSTEDCP-1227: Retrieve CAPZ image from OCP release image #3074
- NO-JIRA: fix formatting for releaseImage log #3156
- HOSTEDCP-1206: Req serving isolation e2e enxebre #3150
- OCPBUGS-23015: Configure HSTS for kube-apiserver #3088
- HOSTEDCP-1281: Fix a bug in the validating webhook #3164
- CNV-33847: KubeVirt: create the etcd encryption key secret, if missing #3148
- HOSTEDCP-1278: Adjustment cluster-cidr,service-cidr to support dualstack #3161
- OCPBUGS-10423: Update regex validation for nodepool.spec.taints.value #3141
- OCPBUGS-20161: Stop exposing kas on 6443 private route service load balancer #3149
- OCPBUGS-16079: No error for overlapping service network and API IP #3067
- OCPBUGS-22868: Fixed accessTokenInactivityTimeout validation #3157
- CNV-34094: Add validating webhook #3132
- Stop defaulting aws private haproxy external port to 6443 #3147
- Remove GITHUB_ACCESS_TOKEN requirement from release notes script #3134
- HOSTEDCP-1215: Use the same etcd snapshot for all replicas during etcd restore #3081
- Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /hack/tools #3136
- OCPBUGS-20033: Make the OLMCatalogPlacement field immutable #3113
- HOSTEDCP-1113: Improve NodePool CPU arch & platform check #3072
- HOSTEDCP-1253: bump openshift/api for new authentication config #3135
- HOSTEDCP-1229: Move azure cloud provider to out of tree #3086
- contrib: increase HC quota to 40 #3140
- HOSTEDCP-1200: Remove pod exceptions from EnsureNoCrashingPods #3138
- run EnsurePSANotPrivileged for TestCreateCluster only #3137
- OCPBUGS-21776: Cluster-policy-controller: add missing RBAC for privileged namespaces PSA syncer controller #3115
- OCPBUGS-21626: Validate accessTokenInactivityTimeout >= 300s #3110
- OCPBUGS-20246: Added brackets to the kubeconfig server address when IPv6 #3097
- Bump golang.org/x/net from 0.13.0 to 0.17.0 #3092
- OCPBUGS-22195: Fix label selector check for CAPI provider #3108
- Bump golang.org/x/net from 0.9.0 to 0.17.0 in /hack/tools #3093
- Update RHTAP references #3062
- OCPBUGS-21822: Add ign proxy label selector for LabelTopologyZone PodAntiAffinity #3103
- OCPBUGS-19419 change trusted bundle volume mount for CPO #3099
- Disabling unused monitoring services #2730
- OCPBUGS-18341: change required pod anti-affinity rule to preferred rule #3095
- SDN-4062: Revert “SDN-4042: Increase upgrade rollout timers” #3090
- CNV-31891: Document port 80 is not supported with default ingress for KubeVirt #3079
- MULTIARCH-3760: Rename depricated flag for PowerVS capi deployment #3028
- HOSTEDCP-1051 addition of grace period for aws infra destruction #2967
- HOSTEDCP-1232: Add clusterName label to CAPI kubeconfig secret #3087
- OCPBUGS-19957: Reconcile CNCC secret to CPO namespace #3065
- OCPBUGS-20105: OCPBUGS-20109: Update the scheduler to only accept paired Nodes and check scheduler HCs has two Nodes #3077
- OCPBUGS-16189, OCPBUGS-19746: Added network validations #3047
- CNV-30697: Dedicated CPU for KubeVirt node pool #3048
- Add record rules for kas qps #2858
- Fix a typo in KubeVirt troubleshooting script #3073
- HOSTEDCP-1184: Document IPv6/IPv4/DualStack deployments for Hypershift in Baremetal #3008
- Add aws-ebs-csi-driver-operator to allowed NeedManagementKASAccessLab… #3076
- Upate azure docs #3075
- OCPBUGS-13348: Hypershift Audit configuration not working (part2). #3014
- OCPBUGS-11939, OCPBUGS-18128, OCPBUGS-18460, OCPBUGS-18602, OCPBUGS-18879: Support Disconnected HCP #2950
- Add private link perms to docs and clarify log message #3063
- OCPBUGS-14819: Add konnectivity-proxy container to CNO #2974
- OCPBUGS-19784: Update capi agent version for CRD label #3050
- KubeVirt platform troubleshooting documentation #3055
- Remove EgressFirewall Creation in HCP namespace #3049
- HOSTEDCP-1212: Bump Golang to v1.20 #3038
- Update RHTAP references (main) #3054
- OCPBUGS-15215: OAuth template config in HostedCluter.configuration.ouath is not honored in HyperShift #3041
- Update RHTAP references (main) #3042
- OCPBUGS-19271: Updating hypershift images to be consistent with ART #3017
- Update kubevirt csi driver deployment with proper timeouts #3044
- OCPBUGS-19516: Upgrade agent APIs to v1beta1 #3022
- [kubevirt platform] Detect Suboptimal MTU and raise HostedCluster Condition accordingly #2976
- OCPBUGS-19674: Report correct port when API exposed via route #3037
- OCPBUGS-13829: set accesstoken-inactivity-timeout flag to openshift-oauth-apiserver #3025
- HOSTEDCP-1209: set ubi Containerfile labels #3039
- Use example versions for KubeVirt platform that are supported #3027
- OCPBUGS-17669: Remove cluster name validation from HCC #3036
- KubeVirt: document VMs logs collection #3031
- Update RHTAP references (main) #3033
- OCPBUGS-19381: Let NodePools skip min version when SkipReleaseImageValidation is in HC #3024
- OCPBUGS-19346: set default deploymentconfig params on AWS CCM #3021
- ACM-7278: Remove marking pull secret as required in hcp cli #3013
- OCPBUGS-19332: Use impersonated client for fetching the localhost-kubeconfig from ma… #3011
- Relax network policy e2e for private #3020
- Dump KubeVirt pod logs #3000
- Update RHTAP references #2995
- OCPBUGS-19014: Apply private-router network policy only if running OCP 4.14 #3012
- Validate KubeVirt platform required versioning #2948
- OCPBUGS-18720: amend OLM catalogs ImageStream according to annotation #3001
- OCPBUGS-17906: reconcile Authentication global config #3009
- feat: add _id label to all hypershift operator metrics #2991
- OCPBUGS-18122: Rename isUpgradeable to isUpgrading according to its return value #2955
- OCPBUGS-18762: unset ControlPlaneReleaseImage on HCP when ControlPlaneRelease is unset on HC #3004
- OCPBUGS-18754: tuned DS should not use controlPlaneReleaseImage #3003
- HYPBLD-99: enable CGO_ENABLED for building FIPS compliant images #2997
- e2e: fixed gomega created from parent test context #2987
- bump HO supported version for 4.15 #2927
- HOSTEDCP-1075: Document instructions for recovering etcd cluster from lost quorum #2952
- HOSTEDCP-1185: Add flag to create a single NAT gateway #2984
- Dump kubevirt external infra clusters #2992
- OCPBUGS-18568: Use MCO and CCO image references when looking up mappings #2985
- HOSTEDCP-591: Amend OLM catalog IS according to OpenShiftImageRegistryOverrides #2947
- e2e: skip CNO pod restart check #2986
- HOSTEDCP-1133: Signal NodePool rolling upgrade because of platform changes #2973
- OCPBUGS-18127: Enable caching of Unstructured Objects in HO #2988
- e2e: run Ensure functions after Main part of test #2983
- OCPBUGS-18127: Ensure machineTemplate name length respects RFC1123 spec #2975
- ACM-6435: add pausedUntil create cluster option in CLI #2965
- OCPBUGS-7840: Untangle kas port #2964
- OCPBUGS-18399: Preserve mirror order when serializing ICSP to env #2977
- OCPBUGS-18336: make konnectivity routes roundrobin #2971
- Use the correct pull secret for HCP KubeVirt components #2919
- Disable nto inplace test for kubevirt #2980
- OCPBUGS-18438: Properly format IPv6 address when proxying it through Konnectivity #2969
- OCPBUGS-18127: Trigger a rolling upgrade on NodePool .spec.platfrom changes #2956
- HOSTEDCP-1156: Add defaulting webhook to installation and notes #2922
- HOSTEDCP-979: Re-enable nodepool in-place upgrade tests #2960
- Add a default value (32Gi) for nodepool in
create nodepool kubevirt
command #2940
- OCPBUGS-16221: Adds trust bundle to ignition-server when configured in HC #2819
- Avoid creating tar archive if –archive-dump=false #2963
- OCPBUGS-3873 adding rbac for UserOAuthAccessToken #2962
- HOSTEDCP-1178 fix limited support label key #2958
- OCPBUGS-18065: enable aws-pod-identity-webhook on AWS #2957
- OCPBUGS-18308: Do not use mgmt cluster ICSP to mutate CCO image in KAS pod #2966
- OCPBUGS-18266: fix Progressing condition when ControlPlaneRelease is set #2959
- fix(ho): Restore match label selector behavior #2951
- OCPBUGS-18072: Set emptyDir storage for the image registry only on initial time for None and Kubevirt platform #2895
- OCPBUGS-18024: Set Arch to amd64 for HCP NodePool Create #2941
- chore(deps): update rhtap references (main) #2920
- OCPBUGS-16813: switch konnectivity-server to additional container in KAS pods #2942
- Updating hostedcluster controller to stop using deprecated flags #2946
- OCPBUGS-17827: e2e: remove private-router from NeedManagementKASAccessLabel allowlist #2939
- MULTIARCH-3709: PowerVS - Add reuse resource flags to e2e test #2902
- MULTIARCH-3478: Minor bug fix on PowerVS infra #2451
- OCPBUGS-18069: Ensure load balancers are not exist before declaring load balancers are cleaned up #2887
- MULTIARCH-3708: PowerVS - Fix cluster deletion when existing resources passed #2867
- MGMT-15368: Document scaling down NodePools #2944
- OCPBUGS-13348: Hypershift Audit configuration not working. #2945
- TRT-1202: set SkipReleaseImageValidation annotation properly on e2e clusters #2943
- OCPBUGS-17678: Reconcile cloud credentials configuration to hosted cluster #2937
- Add e2e test for etcd member recovery #2930
- OCPBUGS-17827: remove NeedManagementKASAccessLabel from router pods #2934
- OCPBUGS-17985: Handle empty mirrorImage result for ignition disconnected registry #2935
- OCPBUGS-17827: e2e: refactor checkPodsHaveLabel to be allowlist rather than exact match #2928
- OCPBUGS-16813: do not hardcode ignition-server-proxy replicas #2933
- fix(ho): Restore match label selector behavior #2893
- TRT-1202: add annotation to skip release image validation #2929
- OCPBUGS-17812: Update Etcd health check to mirror standalone etcd #2918
- STOR-1443: Sync
05_operator_role-hypershift.yaml
manifest from cluster-csi-snapsht-controller-operator #2915
- HOSTEDCP-1065: CNO deployed hosted-cluster-kubecfg-setup initContainers use CPR image #2917
- HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow #2909
- OCPBUGS-17669: Validate HostedCluster name against RFC1123 #2914
- HOSTEDCP-1075: Document how to recover single etcd member #2916
- HOSTEDCP-1085: Create a monitoring dashboard per HostedCluster #2907
- chore(deps): update rhtap references (main) #2903
- HOSTEDCP-1063: Account for guest webhook URLs without a port #2898
- OCPBUGS-17680: Remove immutable note from PullSecret #2910
- Revert “HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow” #2908
- OCPBUGS-16076: Validate HostedCluster name against RFC1123 in CLI #2906
- OCPBUGS-15331, OCPBUGS-16049: Enable AdvertiseAddress dual stack and IPv6 support and added the changes to be included in the certificates #2779
- HOSTEDCP-1081: Perform etcd recovery when etcd member data is lost #2900
- SDN-4057: Pass ControlPlane image to OVN #2896
- test: e2e: remove SingleReplica etcd chaos test #2901
- Allow overriding pod security admission label #2886
- HOSTEDCP-1146: cpo: use CPO spec container image if it is a sha256 reference #2899
- HOSTEDCP-1022: Set Arch to amd64 #2897
- Re-introducing defaulting webhook for self managed HCP #2892
- fix-CNV-30260: KubeVirt: fix failed conformance test #2891
- OCPBUGS-16298: Prevent the kube-apiserver from connecting to the managment kas #2888
- HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow #2820
- HOSTEDCP-1046, HOSTEDCP-1102: Follow-on Items #2847
- Revert “[HOSTEDCP-1041] Defaulting webhook for self managed HCP” #2889
- OCPBUGS-17446: Set advertise-address in HCP etcd to resolvable name #2884
- Defaulting webhook for self managed HCP #2864
- STOR-1432: cso: add envvars for CSI driver controller images #2882
- HOSTEDCP-1025: Add HCP CLI Command to Create a NodePool on AWS #2852
- SDN-4042: Increase upgrade rollout timers #2881
- skip olm-collect-profiles in EnsureComponentsHaveNeedManagementKASAccessLabel #2874
- HOSTEDCP-1064: Add egress policy for private-router #2792
- HOSTEDCP-1121: Ensure SG reconciliation for aws endpoint #2872
- chore(deps): update rhtap references #2865
- HOSTEDCP-1065: add ControlPlaneImage API for provider-side HCP updates #2848
- HOSTEDCP-1063: Disallow webhooks URLs targeting control plane services #2775
- OCPBUGS-17374: Fast specific dockerignore #2879
- Kubevirt how-to docs updates #2875
- Fix nodepool upgrade docs link #2880
- OCPBUGS-17171: Update OLM catalog image tags #2877
- HOSTEDCP-1029: Add HCP CLI Command to Destroy a Cluster on AWS #2853
- Add workload management annotation to kubevirt-csi daemonset #2840
- WRKLDS-730: use default /healthz path for readiness probe in OCM and RCM #2873
- Add api and cli validation for kubevirt volume mode #2862
- HOSTEDCP-1079: RHTAP HO Containerfile #2857
- OCPBUGS-16770: add need-management-kas-access label to olm-collect-profiles pods #2854
- MULTIARCH-3684: PowerVS - Upgrade capi to use v1beta2 APIs #2831
- HOSTEDCP-1046: Add ImageDigestMirrorSet to Config API comment #2868
- MULTIARCH-3683: Add dev flags in destroy cluster powervs command #2764
- kubevirt: Reconcile EgressFirewall only for ovn-k #2849
- HOSTEDCP-1046: Add IDMS to the list of valid config manifests #2837
- OCPBUGS-17059: Add volume mode to kubevirt root volume api #2860
- Update RHTAP references (main) #2832
- OCPBUGS-16809: Configured IgnitionProxy to support IPv4 and IPv6 #2850
- OCPBUGS-14163: Fixed ETCD to work in Ipv6 and Dual stack envs #2846
- HOSTEDCP-1112: Add config to set creation frequency of RHTAP PRs #2838
- HOSTEDCP-1020: Remove name as a persistent flag required field #2836
- OCPBUGS-16232: skip z-stream version check when upgrade is forced #2823
- OCPBUGS-16033: ClusterNetwork’s HostPrefix validation for dual stack #2795
- OCPBUGS-14783: Fix NetworkPolicy to work over IPv4 and IPv6 #2704
- Revert “HOSTEDCP-710: Make ImageContentSource immutable” #2829
- Update RHTAP references (main) #2814
- HOSTEDCP-1062: Make CAPI pod selector backward compatible #2825
- HOSTEDCP-1093: Add default flags to HCP create cluster CLI cmd #2802
- Revert “HOSTEDCP-1094: e2e autoscaler balancing similar node groups” #2828
- HOSTEDCP-1090: Use statically configured haproxy for router #2778
- HOSTEDCP-1046: Allow HCP Specification to Support ICSP & IDMS #2720
- HOSTEDCP-710: Make ImageContentSource immutable #2815
- OCPBUGS-11835: Add missing probes to two services #2430
- HOSTEDCP-1094: e2e autoscaler balancing similar node groups #2808
- OCPBUGS-16113: unshare ignition-server reconciliation between HO and CPO #2817
- OCPBUGS-11939: Fix additional issues with OCPBUGS-11939 #2804
- OCPBUGS-16135: fix deletion bug when hostedzone is already deleted #2811
- OCPBUGS-14862 Improve clarity around hypershift operator permissions #2782
- HOSTEDCP-1062: Management kas policy #2796
- Revert “HOSTEDCP-1062: Add management cluster KAS network policy” #2793
- HOSTEDCP-1020: Add pullSecret & NodePool replica flags to HCP CLI #2774
- HOSTEDCP-1101: Add snyk-secret HO RHTAP scripts #2788
- OCPBUGS-15991: use ignition-proxy Service to populate ignitionEndpoint with strategy NodePort #2787
- OCPBUGS-15769: Include hypershift specific labels to be ignored by similar autoscaler groups #2784
- Add management cluster KAS network policy #2717
- HOSTEDCP-1019: Add create cluster for Agent for HCP CLI #2754
- CNV-30407: KubeVirt Platform: Support NetworkInterfaceMultiQueue #2760
- HOSTEDCP-1030: Add destroy cluster for Agent for HCP CLI #2756
- OCPBUGS-15594: Get valid arch image for cluster-config-operator #2753
- kubevirt: Annotate VMs to be live migratable #2772
- Revert “Merge pull request #2770 from dharaneeshvrd/upgrade-capi-ibmcloud #2776
- MULTIARCH-3684: PowerVS - Upgrade capi to use v1beta2 APIs #2770
- OCPBUGS-14862: Reject VPCE Connections during VPCE Service cleanup #2700
- Update RHTAP references #2768
- HOSTEDCP-1023: Add create NodePool for Agent for HCP CLI #2755
- HOSTEDCP-1061: Implement dedicated request serving nodes for HostedClusters #2722
- OCPBUGS-15769: Set –balance-similar-node-groups for autoscaler #2769
- Leader election config update. #2282
- OCPBUGS-15723: Let getMachinesForNodePool return machines ordered by creation Timestamp #2766
- Fix KAS HealthCheck for non DNS-Based ingress points in LB service #2765
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible #2741
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /hack/tools #2740
- Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 in /hack/tools #2737
- OCPBUGS-12208 ensureExists pullSecret resource reconciliation strategy #2732
- Bump github.com/coreos/ignition/v2 from 2.10.1 to 2.14.0 #2739
- Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /hack/tools #2738
- Remove hardcoded AWS CI References #2742
- TRT-1118: Remove DisableStrictZoneCheck from AWS CCM config #2757
- Update RHTAP references #2750
- add OWNERS for new ci-tooling area label #2743
- Add production cli (hcp) to dockerfile #2747
- feat: Enable priority class override #2661
- test/e2e: retry configmap create in etcd chaos tests #2746
- OCPBUGS-14578: Set allocate-node-cidrs to false in the cluster-kube-controller-manager #2731
- Revert “HOSTEDCP-1016: Validate publishing strategies” #2733
- HOSTEDCP-1027: Add Create kubeconfig for HCP CLI #2719
- HOSTEDCP-1016: Validate publishing strategies #2651
- KubeVirt Platform documentation for Advanced Storage Configurations and External Infrastructure #2712
- Follow up to PR comments on #2642 #2690
- HOSTEDCP-1067: Add dependabot dependency management #2708
- HOSTEDCP-1073: enforce blocked rollout of HCP #2726
- Revert “HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default” #2705
- Remove –service-publishing-strategy from production cli #2721
- HOSTEDCP-1024: Add Create NodePool for KubeVirt for HCP CLI #2718
- HOSTEDCP-1032: e2e: ensure default PSA policy is not privileged #2714
- HOSTEDCP-1031: Add Destroy Cluster Cmd for KubeVirt for HCP CLI #2673
- Expose annotation to allow release image overrides #2595
- HOSTEDCP-1060: add ignition-server proxy #2668
- OCPBUGS-14637: Check OwningIngressController also in Labels #2706
- HOSTEDCP-1020: Add Create Cluster for KubeVirt for HCP CLI #2672
- properly handle user CA bundle not existing #2703
- OCPBUGS-15168: fix(oauth): Do not proxy IBM Cloud IAM endpoints #2699
- OCPBUGS-14859: Skip AWS resource deletion for ‘Unknown’ OIDC state #2691
- Whitelist access from virt-launchers to NodeIP if NodePort ServicePublishingStrategy is used #2688
- OCPBUGS-13829: cpo: oauth: honor AccessTokenInactivityTimeout #2693
- Update NodePool docs to include data propagation #2687
- HOSTEDCP-1008: Add NodePoolTransitionSeconds metric #2631
- HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default #2685
- Make NodePool arch input immutable #2689
- Update autocaler RBAC to accomodate machinepools support added upstream #2663
- Enforce Immutability of some KubeVirt Platform Values #2654
- CNV-24818: Add fsGroup support to kubevirt-csi-driver #2563
- Let payload provider render feature gate yaml #2664
- OCPBUGS-14633: Check for OPENSHIFT_IMG_OVERRIDES before using #2660
- HOSTEDCP-965: Add impersonate feature to the CLI and document HC dump procedure #2653
- OCPBUGS-11882: Annotate HCP pods with the safe-to-evict-local-volume CA annotation #2647
- Update RHTAP references #2657
- Disable nodepool replace upgrade test #2665
- OCPBUGS-14784: Honor global ingress configuration LoadBalancer type on AWS #2669
- OCPBUGS-14620: Set
DisableStrictZoneCheck = true
in the AWS Cloud Provider config #2659
- HOSTEDCP-992: refactor ignition-server reconcilation #2662
- Minor fix in KAS LB HealthCheck #2656
- HOSTEDCP-1036: Create Makefile path to create productized CLI #2633
- Extend np test timeout for KubeVirt platform #2655
- HOSTEDCP-1003: Set AWS conditions only for AWS platform #2604
- Remove alsologtostderr flag form CAP* #2648
- OCPBUGS-14575: Check for IDMS only if mgmt cluster has req API #2650
- Network isolation of VirtualMachines for KubeVirt provider #2622
- OCPBUGS-14428: remove OLM alerts from the HCCO #2636
- KubeVirt Openstack image annotation override #2629
- Red Hat Trusted App Pipeline update hypershift-operator-main #2638
- Red Hat Trusted App Pipeline purge hypershift-azjx #2635
- cli: Add release-stream flag #2644
- OCPBUGS-13547: Pass payload-version to MCS and MCC #2643
- KubeVirt: Handle deletion of the cache DV on an edge case #2620
- OCPBUGS-14087: Enable HCCO to reconcile over the OperatorHub’s disableAllDefaultSources object #2632
- HOSTEDCP-1009: Allow external-dns image to be set in install cli #2623
- Ensure FeatureGate is copied from cluster to MCO render source #2581
- OCPBUGS-12972: Use different ports for MCS in the ignition provider #2628
- hypershift dump: use random local port for kas port-forwarding #2625
- OCPBUGS-11939: Initialize RegistryOverrides w/ mgmt cluster ICSP #2437
- Revert “Merge pull request #2596 from muraee/disable-valpha1” #2627
- Add ‘Creating Arm NodePools Through the API’ Section #2587
- HOSTEDCP-967: Disable v1alpha1 and conversion webhook by default #2596
- OCPBUGS-13113: Add ClusterUpgradeDuration metric #2566
- chore(deps): update rhtap references #2612
- OCPBU-609: agent infrastructure docs #2618
- OCPBUGS-14169: Remove external-dns –events flag #2616
- OCPBUGS-13970: Reconcile oauthDeployment annotations even if kubeadmin secret is not found #2593
- cmd: infra: aws: retry on AuthorizeSecurityGroup failure #2605
- Fix dump for Kubevirt #2589
- Kubevirt CSI StorageClass mapping API #2528
- Remove Arm e2e test #2591
- HOSTEDCP-947: Set ETCD Storage Size as immutable field and equalised the default size among both api versions #2588
- OCPBUGS-13735: Fixed revoking some permissions to CAPI Manager Clusterrole #2586
- HOSTEDCP-445: Add script to migrate hosted control plane #2598
- Use newly introduced KubeVirt Platform rhcos Image #2576
- OCPBUGS-13168: Include default ingress CA in root CA bundle #2584
- HOSTEDCP-975: Add new grafana panels for nodepools SLOs #2592
- HOSTEDCP-926: Send metric when HO/CPO decide to skip cloud resource deletion #2531
- Update RHTAP references #2420
- OCPBUGS-13897: Use cluster-config-operator to render featuregate status on KAS bootstrap #2585
- HOSTEDCP-975: Add cluster_name label to nodepools metrics #2580
- Fix broken tests for non-aws platforms #2577
- Updated secret permissions for openshift-route-controller-manager #2575
- HOSTEDCP-987: Update go version and dependencies in /hack/tools/go.mod #2551
- remove flags set by CI env var #2521
- HOSTEDCP-975: Add NodePool DeletionDuration and InitialRolloutDuration metrics #2558
- ARMOCP-412: Add ARM nodepool to AWS x86 Hosted Cluster #1594
- OCPBUGS-11939: Fix minor codebase nits #2502
- control-plane-operator/controllers/hostedcontrolplane: Align reconcileCloudControllerManager error strings #2500
- HOSTEDCP-960: Add e2e to validate HC/NP conditions expected status #2482
- HOSTEDCP-830: Update auto scaler role to get and list agentmachinetemplates #2564
- HOSTEDCP-445: Included how to fix image-registry clusteroperator after a disaster recovery migration #2481
- OCPBUGS-13547: Pass release image version to MCO bootstrap via –payload-version #2572
- Cache KubeVirt Boot Image #1918
- contrib: ci: increase HC quota in clusters namespace #2547
- HOSTEDCP-996: CLI: enable guest cluster dump for private clusters #2571
- MULTIARCH-3205: Support IBM COS as storage for PowerVS in image registry operator #2207
- fix nil deref in DefaultWorkerSecurityGroupID check #2573
- remove unused OLM catalog rollout code #2568
- OCPBUGS-13034: Cluster-api SA can’t create events #2565
- ACM-4277: docs: Add L2Advertisement CR to the Handling Ingress section in the agent docs #2470
- HOSTEDCP-947: Increases default etcd PV size to 8Gi #2549
- Add a new e2e option for the ETCD storage class #2560
- Red Hat Trusted App Pipeline update hypershift-azjx #2555
- HOSTEDCP-975: Revised nodePoolSize metric and added AvailableReplicasMetric #2532
- OCPBUGS-11383: Sync proxy TrustedCA to guest cluster #2550
- Removed unused KMS permissions for nodePool role #2456
- Lock down kubevirt csi storageclass mappings #2534
- OCPBUGS-13021: Add internal/external elb tags to subnets #2541
- HOSTEDCP-918: Add validation for NodePool security Group condition when using default SG #2498
- HOSTEDCP-981: Minor updates to Getting Started & Contribute pages #2527
- OCPBUGS-13111: Fix errors from HCP controller removeServiceCAAnnotationAndSecret() #2513
- Stop triggering rollout on labels/taint change #2533
- Validate HO private platform input #2536
- OCPBUGS-13021: Health check load balancers only on public clusters #2535
- OCPBUGS-13309: set FeatureGate global config #2543
- Add audit-log-maxbackup setting for openshift-api-server #2509
- OCPBUGS-11894: Let the aws endpoint to use the hypershift owned SG #2475
- HOSTEDCP-980: Include HostedClusterDegraded in hypershift_hostedclusters_failure_conditions metric #2523
- HOSTEDCP-788: Configurable SRE MetricsSet #2505
- OCPBUGS-13112: Add timeout to KAS health check client #2522
- HOSTEDCP-978: Bump openshift/api version and fixed KCM flags (k8s 1.27) #2519
- OCPBUGS-7841: Account for expectedState == false when capturing hostedClustersWithFailureCondition #2507
- OCPBUGS-11719: Ensure ingress controllers are removed before load balancers #2444
- Fixed assignment to entry in nil map #2508
- Add new –featuregate-manifest to /usr/bin/cluster-config-operator render #2506
- ACM-5116: Increase KubeVirt default Mem and Root Volume Sizes #2471
- HOSTEDCP-937: New metric to expose Hypershift operator info #2443
- HOSTEDCP-969: Consolidate labels for metrics #2494
- HOSTEDCP-969: Move proxy, silence alerts and limited support metrics into HC controller #2489
- HOSTEDCP-969: Only track available metric once #2479
- OCPBUGS-11738: Delete kubeadmin secret when an idp is defined #2452
- Add PollImmediate for e2e metrics to avoid race with prom scrape interval #2483
- HOSTEDCP-969: Move HC creation metrics #2477
- OCPBUGS-12153: fix(hcco): Get OLM CatalogSource images from defined map #2454
- HOSTEDCP-917: Add publicAndPrivate <-> Private e2e test #2383
- add hyperv1.SilenceClusterAlertsLabel to HostedCluster on deletion #2476
- HOSTEDCP-969: Move guest cluster resource deletion metric #2463
- OCPBUGS-11450: Pass OPENSHIFT_RELEASE_IMAGE env variable to CNO #2384
- HOSTEDCP-972: Add pre-commit command to Make file #2465
- HOSTEDCP-969: Move cluster deletion duration metric into controller #2459
- Fix kubevirt csi daemonset reconcile loop #2466
- Fixes loop between HC controller and pod security label syncer #2460
- docs: update OIDC bucket create with bucket policy #2461
- OCPBUGS-11946: Add new OCP 4.13 storage admission plugin #2445
- OCPBUGS-11773: remove ACL for aws bucket #2423
- OCPBUGS-7841: Set metrics to 0 when needed to keep time series honest #2440
- OCPBUGS-11930: Clean up existing VPC endpoint connections #2438
- Revert “Add validation for default Security Group conditions during N… #2453
- HOSTEDCP-918: Add validation for default Security Group conditions during NodePool upgrade test #2342
- OCPBUGS-11649: Always requeue AWSEndpointService controllers #2424
- Add IBMers as reviewers #2436
- e2e: Cleanup shared OIDC provider on SIGTERM #2435
- HOSTEDCP-950: Fix haproxy image name in ignition server #2441
- OCPBUGS-7091: Restart kube-scheduler when its configuration changes #2421
- OCPBUGS-11749: Add pod security labels to hcp namespace #2415
- HOSTEDCP-950: Validate release payload images #2368
- kubevirt: Block metadata server egress #2399
- Bring latest MCO API #2434
- Relax MCO API strict decoding #2433
- docs: update OIDC s3 bucket creation procedure #2425
- json export for a common grafana dashboard for SLOs #2422
- Enable monitoring for hypershift namespace #2419
- MULTIARCH-3449: set priority class for cloud controller manager pod for PowerVS #2390
- Fixes HCCO reconcile error for kubevirt csi driver #2259
- Add monitoring label to HCP namespace #2393
- Update tekton references #2308
- add OWNERS for new area labels #2414
- fix typo #2411
- HOSTEDCP-807: Requeue HCP always #2408
- OCPBUGS-11640: Update HostedCluster oauthCallbackURLTemplate #2400
- e2e: Fixed idp test conflict error on HosterCluster update #2389
- dump: Store guest worker node logs and increase kubevirt logs verbosity #2317
- HOSTEDCP-568: Update Konnectiviy socks5 proxy for IBM exception #2366
- OCPBUGS-11442: properly reconcile with user specified changes for in proxy configuration #2382
- Updated kubevirt docs #2318
- OCPBUGS-11439: allow z-stream upgrade even if CVO Upgradeable is false #2381
- HOSTEDCP-954: Remove ec2:ReleaseAddress #2379
- HOSTEDCP-802: add cli flag to enable upgrade type #2367
- e2e: Fix oauth idp e2e test #2377
- HOSTEDCP-951: Let install apply to aggregate errors #2372
- Revert “Create a second scheme that always registers prometheusoperatorv1 GVKs” #2374
- HOSTEDCP-807: Check KAS loadbalancer health #2264
- e2e: fix for non-AWS platform #2360
- HOSTEDCP-445: Fix the storage ClusterOperator during a DR migration #2358
- HOSTEDCP-850: Fix nodepool autoscaler logic #2354
- support/releaseinfo/pod_provider: Drop unused legacy PodProvider #2341
- Fix nodepool upgrade e2e test #2359
- HOSTEDCP-806: Fix ValidAWSKMSConfig condition #2322
- HOSTEDCP-939: Setup shared OIDC provider for e2e clusters #2335
- OCPBUGS-10227: Preserve false status of ValidAWSIdentityProvider condition #2344
- ACM-4615 get pull secret instead of dockerconfigjson from mce credentials #2338
- Slo alerts #2049
- HOSTEDCP-943: Add hypershift_hosted_cluster_transition_seconds histogram #2348
- HOSTEDCP-944: Add more expectedHCConditionStates metrics #2347
- OCPBUGS-10227: Create new EC2 client for AWS identity provider health check #2346
- OCPBUGS-10823 ensure well known public domains do not get proxied on image imports #2321
- SDA-8609: No more specifying the scrape interval at servicemonitors & podmonitors level #2327
- OCPBUGS-10807: Pass runAsUser to CNO so it can run its managed services with proper security context #2319
- Appstudio update hypershift-azjx #2332
- Revert “cpo: cno: follow image name change in release payload” #2345
- support/supportedversion: Include the problematic version strings in error messages #2334
- OCPBUGS-10864: fix external APIServer address selection based on endpointAccess #2328
- OCPBUGS-8073: Do not proxy when guest cluster resolution fails #2261
- MULTIARCH-3028: handle PowerVS instance which goes to failed state during infra create and destroy process. #2088
- HOSTEDCP-938: Added PSA default profile to RunTimeDefault in operator deployment #2333
- HOSTEDCP-934: Validate PublishingStrategyMapping #2324
- OCPBUGS-7091: Honor scheduler profile in HostedCluster configuration #2330
- HOSTEDCP-736: Docs on how we handle aws permissions #2311
- Add support for external infra clusters in KubeVirt platform #2017
- Create a second scheme that always registers
prometheusoperatorv1
GVKs #2292
- OCPBUGS-10504: Deletion of the VPCEnpoint on conflicting service names #2290
- HOSTEDCP-801: Expose external DNS for private cluster endpoints #2286
- HOSTEDCP-903: Propagate AWSEndpointService conditions #2278
- Appstudio update hypershift-azjx #2287
- OCPBUGS-8691: Add storage operators perms. to watch HostedControlPlane #2301
- OCPBUGS-10423: Add validation for taint.value in nodePool #2298
- HOSTEDCP-839: Audit log sidecars for openshift-apiserver and openshift-oauth-apiserver #2232
- Route to kubevirt VMs using infra id as service label selector #2092
- Force controleplane upgrade always #2288
- HOSTEDCP-900: Modified AWSPrivateLinkController and AWSEndpointServiceController to respect PausedUntil spec field #2265
- HOSTEDCP-919: Clean up and API doc #2280
- HOSTEDCP-688: E2E Test NodePool Upgrade #2256
- HOSTEDCP-445: Documented the possible issues found during a HostedCluster migration #2276
- OCPBUGS-10227: Ensure identity provider health check condition is persisted and remove awsendpoint control plane finalizer if invalid aws creds #2281
- OCPBUGS-8040: Switch NTO metrics auth to certs generated by HCP controller #2050
- OCPBUGS-8381: Use appropriate serving certificate for OAuth #2279
- HOSTEDCP-501: Added detailed documentation about Hypershift release process #2272
- HOSTEDCP-919: Add AWS cloud controller manager #2271
- Update PowerVS prereq doc with install and authorization details #2172
- Remove webhook validation #2217
- HOSTEDCP-809: Clone CA key/cert to TLS key/cert #2246
- Refactor e2e nodepool tests #2228
- Update HCP version in capi cluster ref #2119
- Validate etcd KMS config #2174
- OCPBUGS-8421: fix API documentation for audit webhook field #2258
- Add a debug section to the Node Tuning docs #2254
- Destroy cloud resources by default #2224
- Add e2e test for identity providers #2166
- HOSTEDCP-638: Add latest ocp supported info to -v command for cli and operator #2233
- OCPBUGS-8231: Fix cleanup of volumes on cluster deletion #2243
- fix(cpo): Delete multus validatingwebhookconfiguration on CNO init #2231
- add pull-secret to imagePullSecrets for NTO, CNO, and olm-collect-profiles #2248
- Update images and hypershift operator to 4.14 #2249
- HOSTEDCP-904: Add release automation and docs #2236
- kms addition for pod identity workflow #2214
- fix(ho): No network validation for IBM Cloud #2225
- feat(HCCO): Block DNS operator delete until Cluster Version updated #2223
- Add configuration for automatic labeling and label commands #2238
- Skip pod restart check for NTO #2239
- cpo: cno: follow image name change in release payload #2230
- Added documentation around supported-versions configmap #2220
- Add comment for BaseDomainPrefix #2219
- Add condition to NodePool indicating whether a security group for it is available #2216
- HOSTEDCP-827: Add root volume encryption e2e test #2192
- fix(hypershift): reduce CAPI rbac access #2173
- Validate Network Input for HostedCluster #2215
- Add labels info #2218
- HOSTEDCP-826: Customize DNS base domain prefix #2213
- ensure reconcilation of apiserver port #2197
- Cleanup default security group only if authorized #2211
- HOSTEDCP-593: Update the pull secret source for ignition payload #2187
- fix(ibmcloud): Explicitly set HCCO controllers #2185
- Adding NTO again to find the issue with data recollection #2152
- cli: Add –cli-root-volume-access-modes #2188
- feat: Add pod gone check to prober + DNS operator leader elect #2155
- HOSTEDCP-833: Add Golang check for ‘go list’ errors in Makefile #2193
- HOSTEDCP-833: Set kubevirt.io/client-go version to fix ART Issue #2194
- add KAS egress network policy #2181
- cpo: kcm: add nfs pv recycler pod template #2183
- Fix kubevirt how-to doc formatting issues #2178
- Update cluster api provider kubevirt dependencies #2157
- fix(cpo): Set restart annotation on multus-admission-controller #2150
- fix(cpo): Remove OLM collect for IBM Cloud to reduce artifacts and rbac #2141
- Add default NodePool name clarification to docs #2186
- fix(cpo): Reduce CNO access if Calico used as network provider #2159
- add PSA labels to openshift-infra in guest cluster #2180
- Add cli flag to enable root volume encryption #2177
- Update KubeVirt platform how-to documentation #2108
- Filtering data recolection only for aws instances running #2153
- Add PodMonitor for ingress-operator pods in HCP namespaces #2136
- fix regex in registry operator pod monitor #2171
- Add e2e test for hosted cluster behind a proxy #2077
- Skip destroyAWSDefaultSecurityGroup if not AWS #2167
- Give kubevirt csi controller get VMI RBAC #2154
- set default PSA enforce to restricted #2097
- Full changelog
- OCPBUGS-10239: service_accounts.go Marshal fix (#750) #750
- test(clusterconfig): add unit test for silenced_alerts.go and rename it to gather_silenced_alerts.go (#728) #728
- test(clusterconfig): add unit test for ingresses.go and rename it to gather_cluster_ingress.go (#729) #729
- test(oauth): add unit test for oauth.go and rename it to gather_cluster_oauth.go (#738) #738
- gather logs - update “FilterLogFromScanner” function and add some tests (#735) #735
- Add unit tests to openshift sdn controller logs gatherer (#733) #733
- OCPBUGS-6731: Anonymize env vars from containers: HTTP_PROXY, HTTPS_PROXY (#723) #723
- OCPBUGS-6832: feat(recent_metrics) adds openshift_apps_deploymentconfigs_strategy_total (#726) #726
- Full changelog
- OCPBUGS-38507: Fix subnet validation #45
- OCPBUGS-38282: Updating ironic-static-ip-manager-container image to be consistent with ART for 4.18 #44
- OCPBUGS-33907: Updating ironic-static-ip-manager-container image to be consistent with ART for 4.17 #43
- OCPBUGS-24790: Updating ironic-static-ip-manager-container image to be consistent with ART #41
- OCPBUGS-18864: Updating ironic-static-ip-manager images to be consistent with ART #40
- OCPBUGS-14614: Remove provisioning netowrk route from “lo” #39
- OCPBUGS-4501: Flush addresses on provisioning interface with global scope only #35
- Updating ironic-static-ip-manager images to be consistent with ART #34
- Full changelog
- Updating ose-prometheus-adapter-container image to be consistent with ART for 4.18 #108
- MON-3906: Bump prometheus adapter to 0.12.0 #106
- OCPBUGS-34299: Updating ose-prometheus-adapter-container image to be consistent with ART for 4.17 #105
- OCPBUGS-34299: Updating ose-prometheus-adapter-container image to be consistent with ART for 4.17 #104
- OCPBUGS-30532: upgrade github.com/golang/protobuf to v1.5.4 for bette… #101
- OCPBUGS-25583: Updating ose-prometheus-adapter-container image to be consistent with ART #100
- OCPBUGS-24986: Updating ose-prometheus-adapter-container image to be consistent with ART #99
- OCPBUGS-24986: Updating ose-prometheus-adapter-container image to be consistent with ART #98
- MON-3584: Remove trailing spaces from Dockerfile.ocp #97
- OCPBUGS-24155: Updating ose-prometheus-adapter-container image to be consistent with ART #95
- MON-3489: Bump openshift/k8s-prometheus-adapter to v0.11.2 #94
- OCPBUGS-21621: Add a toggle to disable HTTP/2 on the server to mitigate CVE-2023-44487 #88
- add
machine424
and rexagod
to OWNERS #73
- OCPBUGS-21621: upgrade golang.org/x/net to 0.17.0 to address CVE-2023… #80
- OCPBUGS-18971: limit number of simultaneous client requests #76
- OCPBUGS-19251: Updating ose-prometheus-adapter images to be consistent with ART #74
- Bump openshift/k8s-prometheus-adapter to v0.11.0 #72
- OCPBUGS-12659: bump golang.org/x/net version #71
- Updating ose-prometheus-adapter images to be consistent with ART #69
- OCPBUGS-10172: Updating ose-prometheus-adapter images to be consistent with ART #68
- Full changelog
- OCPBUGS-10519: Revert “bump RHEL8 egress-dns-proxy image to haproxy26” #135
- Add jupierce as approver / remove Clayton #127
- rhel9 base image: Fix build failure #126
- Dockerfile: add RHEL9 base image dockerfile #124
- Full changelog
- Updating kube-state-metrics-container image to be consistent with ART for 4.18 #116
- OCPBUGS-33620: [bot] Bump openshift/kube-state-metrics to v2.13.0 #115
- OCPBUGS-34202: Updating kube-state-metrics-container image to be consistent with ART for 4.17 #113
- OCPBUGS-34202: Updating kube-state-metrics-container image to be consistent with ART for 4.17 #112
- NO-JIRA: Merge
v2.11.0
and v2.12.0
tags #110
- OCPBUGS-25585: Updating kube-state-metrics-container image to be consistent with ART #109
- OCPBUGS-24993: Updating kube-state-metrics-container image to be consistent with ART #108
- MON-3548: Bump openshift/kube-state-metrics to v2.10.1 #107
- MON-3548: Merge tag v2.10.1 #106
- OCPBUGS-21760: bump x/net to v0.17.0 #100
- add
machine424
and rexagod
to OWNERS #96
- OCPBUGS-19256: Updating kube-state-metrics images to be consistent with ART #97
- Merge with
upstream/release-2.9
#95
- OCPBUGS-12347: Update 4.14 kube-state-metrics image to be consistent with ART #94
- Bump openshift/kube-state-metrics to v2.8.2 #92
- OCPBUGS-10177: Updating kube-state-metrics images to be consistent with ART #91
- Bump openshift/kube-state-metrics to v2.8.1 #90
- OCPBUGS-6320: Merge
upstream/release-2.8
#89
- Full changelog
- OCPBUGS-44350: During detach don’t return error if VM is not found #47
- OCPBUGS-39451: Updating ose-kubevirt-csi-driver-container image to be consistent with ART for 4.18 #46
- CNV-45886: Add csi-clone support to kubevirt-csi (#118) #45
- CNV-44899: Sync upstream 2024-07-22 #44
- OCPBUGS-35093: Updating ose-kubevirt-csi-driver-container image to be consistent with ART for 4.17 #43
- OCPBUGS-34058: Updating ose-kubevirt-csi-driver-container image to be consistent with ART for 4.17 #41
- CNV-36073: Enable snapshot tests #40
- CNV-36073: Sync upstream kubevirt-csi 2024-04-19 #39
- “NO-JIRA: Sync upstream kubevirt-csi 2024-04-08” #38
- OCPBUGS-31276: Updating ose-kubevirt-csi-driver-container image to be consistent with ART for 4.16 #37
- CNV-32073: Sync upstream 2024-03-15 #36
- NO-JIRA: Address CVE-2024-1725: Restrict access to infrastructure PVCs by requiring matching infraClusterLabels on tenant PVCs #32
- NO-JIRA: Snapshot backport #31
- NO-JIRA: Auto sync upstream 2024 01 05 18 36 #27
- OCPBUGS-24805: Updating ose-kubevirt-csi-driver-container image to be consistent with ART #26
- OCPBUGS-19115: Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #23
- Ensure volume is removed before returning success (#90) #22
- Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #20
- CNV-29315: kubevirt-csi unable to unpublish volumes in the event a VM is unexpectedly destroyed #21
- Auto sync upstream 2023 02 12 09 #19
- Full changelog
- OCPBUGS-26046: Replace genisoimage with xorriso in 4.15 to allow rhel9 bump #281
- OCPBUGS-25630: Add Snyk file to exclude vendor directory on scan #276
- OCPBUGS-25173: Updating ose-libvirt-machine-controllers-container image to be consistent with ART #275
- OCPBUGS-25101: Updating ose-libvirt-machine-controllers-container image to be consistent with ART #274
- OCPBUGS-24833: Updating ose-libvirt-machine-controllers-container image to be consistent with ART #273
- Add workaround for SLOF regression #263
- client/domain: Remove spice as domain grahics #260
- OCPBUGS-19187: Updating ose-libvirt-machine-controllers images to be consistent with ART #262
- OCPBUGS-18338: Fix CI by running tests natively by default #261
- Updating ose-libvirt-machine-controllers images to be consistent with ART #259
- Updating ose-libvirt-machine-controllers images to be consistent with ART #258
- Updating ose-libvirt-machine-controllers images to be consistent with ART #257
- Updating ose-libvirt-machine-controllers images to be consistent with ART #254
- Remove myself (frobware) from OWNERS #253
- refactor: replace
github.com/ghodss/yaml
with sigs.k8s.io/yaml
#252
- Full changelog
- Force updating rhcos image to version 413.92.202303190222-0 #27
- Updating ose-machine-os-images images to be consistent with ART #25
- Full changelog
- Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #112
- Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #111
- Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #110
- Upstream sync: IP reconciler controller and dual stack #107
- Full changelog
- Updating ose-network-metrics-daemon images to be consistent with ART #62
- Full changelog
- Updating ose-nutanix-cloud-controller-manager images to be consistent with ART #4
- Update OWNERS #8
- Full changelog
- Support categories and project fields of NutanixMachineProviderConfig #38
- : Port to ginkgo v2 #41
- Update OWNERS #39
- : Update k8s packages to 1.26 #40
- Full changelog
- Remove “unsupported” wording from info on console (#594) #594
- Bugfix for destination registry nested paths length (#583) #583
- Fix OCPBUGS-5168: Upgrade helm.sh/helm/v3 to v3.11.2 fixing CVE-2022-23526 and CVE-2022-23525 (#592) #592
- OCPBUGS-10051: fix: remove catalog reference from ImageContentSourcePolicy.yaml (#587) #587
- OCPBUGS-8216: fix: remove an unecessary error message (#581) #581
- docs: add information about unsupported scenario (#578) #578
- Updating oc-mirror-plugin images to be consistent with ART (#570) #570
- Fix usage of registries.conf for OCI feature (#569) #569
- CFE-739: Add skip pruning flag and logic (#567) #567
- CFE-749: add e2e test for oci catalog feature to include release and additiona… (#562) #562
- CFE-764: Introduce v1alpha2.Operator.TargetCatalog (#565) #565
- docs: adds clarification to imageset reference and examples (#555) #555
- CFE-768: Update to allow for incremental and pruning for oci feature (#564) #564
- use new cincinnati endpoint to download tarball (#552) #552
- feat: OCI catalog filtering implementation (#559) #559
- CFE-761: Improve user experience of oc-mirror with the OCI FBC feature (#557) #557
- Full changelog
- Adding storage team to OWNERS so they can perform lib-go updates. #22
- add proxy to node-update-controller #18
- Full changelog
Source code for this page located on github