Граф коммитов

207 Коммитов

Автор SHA1 Сообщение Дата
dependabot[bot] e794becec0
Bump github.com/containerd/containerd from 1.7.0 to 1.7.11
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.0 to 1.7.11.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.7.0...v1.7.11)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-06 02:50:56 +00:00
Amber Brown ed94c28346
Update to Go 1.20 (#3429)
* Go 1.20 changes

* go 1.20 does not need the seed randomised by default

* go generate
2024-03-05 18:18:36 +11:00
dependabot[bot] 6a5569049d
Bump github.com/containers/podman/v4 from 4.4.2 to 4.5.0 (#3390)
Bumps [github.com/containers/podman/v4](https://github.com/containers/podman) from 4.4.2 to 4.5.0.
- [Release notes](https://github.com/containers/podman/releases)
- [Changelog](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/containers/podman/compare/v4.4.2...v4.5.0)

---
updated-dependencies:
- dependency-name: github.com/containers/podman/v4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-14 08:45:20 -05:00
Steven Fairchild 6bd01cddf4
Revendor hive to 5fbe0d158ba9 (#3377)
* Increase golangci-lint verbosity

* Revender hive to 9dd47f8bfa1f
2024-02-12 10:13:32 -05:00
dependabot[bot] 47121a5cf9 Bump github.com/opencontainers/runc from 1.1.6 to 1.1.12
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.6 to 1.1.12.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.12/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.1.6...v1.1.12)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-05 16:30:55 -05:00
Amber Brown 253a59efa4
Trim the dependency tree (#3351) 2024-01-17 12:08:17 +11:00
Nont 5068e9d4e7
Add unit tests for ensureAccessTokenClaims (#3337) 2024-01-11 07:22:44 -07:00
dependabot[bot] c2e4bf4509 Bump golang.org/x/crypto from 0.14.0 to 0.17.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 16:15:36 -05:00
dependabot[bot] 5aac7c6b93 Bump github.com/containerd/containerd from 1.6.18 to 1.6.26
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.6.18 to 1.6.26.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.6.18...v1.6.26)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 16:14:35 -05:00
Steven Fairchild 72fd8ad97c
Update Go Vendored Modules - ARO-4776 (#3302)
* MDM Image Bump - ARO-4792

Update MDM image to genevamdm:2.2023.1118.1225-d7e0d6-20231118t1338

* Update k8s.io/kubernetes - ARO-4776
Update Go vendored modules to fix:
  - [GHSA-hq6q-c2x6-hmch](https://github.com/advisories/GHSA-hq6q-c2x6-hmch)
2023-12-01 13:39:42 -05:00
Lisa Rashidi-Ranjbar b86781166e ARO-4779: Update hive dependency to close vulns 2023-11-29 15:43:28 -05:00
Kipp Morris 9a9edacf6b
Update ARO operator Azure auth scheme to use a DefaultAzureCredential (#3274)
* Update the cluster authorizer to use a DefaultAzureCredential

* Update the ARO operator to set and use DefaultAzureCredential via env vars

* Add a CredentialsRequest to the ARO operator deployment

* Restart the ARO operator upon `az aro update`

* Removed now unused AzCredentials function

* Changed ARO operator deployment wait time during `az aro update` from
  20 minutes -> 5 minutes

* Refactor CliWithApply to generalize to different object types

* Updated Restart in pkg/util/kubernetes to use server-side apply
* Updated Restart in pkg/operator/deploy to only return an error after
  at least attempting to restart all of the deployments passed in

* E2E test for ARO operator master deployment's restart upon cluster update

* Wait for the ARO operator's CredentialsRequest to be reconciled before
restarting
2023-11-28 10:45:00 -05:00
Nont e7f514086d
Migrate documentdb client from sdk track 1 to track 2 client (#3255)
* Create documentdb track 2 client and mockgen

* Replace track 1 documentdb with track 2

* Refactor per comments

* Delete unused client

* Fix generated env mocks
2023-11-17 15:34:17 -05:00
Matthew Barnes d25e7f29d9
graph: Add HTTP tracing option for MS Graph requests (#3269)
* graph: Add HTTP tracing option for MS Graph requests

Debug feature enabled by ARO_MSGRAPH_TRACE environment variable.

* graph: Temporarily disable gzip compression in requests

---------

Co-authored-by: Matthew Barnes <mbarnes@fedorapeople.org>
2023-11-08 15:12:42 -05:00
dependabot[bot] 7e96231739
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.3+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.3...v24.0.7)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-30 15:45:12 +00:00
Nont effcd0beab Fix make generate 2023-10-27 09:51:40 -04:00
nont dfa6c1a0ab Add azcore/arm and network/v2 to vendor 2023-10-27 09:51:40 -04:00
dependabot[bot] dc0e7e130c
Bump golang.org/x/net from 0.14.0 to 0.17.0 (#3209)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 08:49:43 -04:00
Petr Kotas 78f2f66680
Trim dependency graph by removing unused stuff (#3186)
Signed-off-by: Petr Kotas <pkotas@redhat.com>
2023-10-11 10:40:03 -04:00
Ben Vesel c45d6cc21f
Revendor go-cosmosdb to fix database.EmitMetrics() json decode error (#3190) 2023-09-24 09:31:09 -04:00
dependabot[bot] 5b240b2bdf
Bump github.com/coreos/ignition/v2 from 2.7.0 to 2.14.0
Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.7.0 to 2.14.0.
- [Release notes](https://github.com/coreos/ignition/releases)
- [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md)
- [Commits](https://github.com/coreos/ignition/compare/v2.7.0...v2.14.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/ignition/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-13 13:13:23 +00:00
Tanmay Satam f99e9e1980
Remove Ignition V2 from the ARO Operator (#3140) 2023-09-12 10:04:17 +02:00
dependabot[bot] db74c9e22e
Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4)

---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-07 13:08:37 +00:00
Amber Brown 4939676d7e go mod update 2023-09-04 10:36:59 +10:00
Christoph Blecker 0134e4020c
Fix kube versions in go.mod (#3144) 2023-09-02 19:49:53 -04:00
bennerv 6fa30d22dc Bump openshift dependencies 2023-09-01 17:39:42 -04:00
Christoph Blecker b108c4ddbd go mod vendor 2023-09-01 16:53:58 -04:00
Christoph Blecker 6947c3b68a
Bump kube dependencies 2023-09-01 12:58:52 -07:00
Christoph Blecker 5e58754a7a
Update k8s.io/utils dependency 2023-09-01 10:25:32 -07:00
dependabot[bot] eadedd9e2f
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.1+incompatible to 23.0.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.1...v23.0.3)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-01 14:10:53 +00:00
dependabot[bot] 6e5083d30f
Bump github.com/sigstore/rekor from 1.0.1 to 1.2.0 (#3138)
Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.0.1 to 1.2.0.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/rekor/compare/v1.0.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-01 10:07:04 -04:00
Ben Vesel 37d6378a88
Bump github.com/containers/podman/v4 from 4.1.1 to 4.4.2 (#3135)
Bumps [github.com/containers/podman/v4](https://github.com/containers/podman) from 4.1.1 to 4.4.2.
- [Release notes](https://github.com/containers/podman/releases)
- [Changelog](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/containers/podman/compare/v4.1.1...v4.4.2)

---
updated-dependencies:
- dependency-name: github.com/containers/podman/v4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-31 18:59:01 -04:00
kimorris27 a3a442d730 `azidentity v1.2.2 -> v1.3.1`, `azidext v0.4.0 -> v0.5.0`, `go mod tidy; go mod vendor`
Goal was to update `azidentity` for compatibility with workload identities, but `azidext` needed to be updated as well for compatibility with the newer `azidentity`
version; see https://github.com/jongio/azidext/releases/tag/go%2Fazidext%2Fv0.5.0
2023-08-30 08:53:24 -05:00
Amber Brown e6442d7506
Remove the unneeded replace for hive (#3123) 2023-08-28 13:19:31 +10:00
Eric Fried d32c09410f
Revendor hive to 70b666ec8
Hive needs to be vendored at the same commit level as it is deployed in
ARO. One reason, as described in the linked card, is that changes in
APIs can lead to unintended edits during round-trip Get()/Update()
flows.

ARO-3801
2023-08-25 10:52:26 -05:00
Amber Brown b5ea75e75f
Add jq for must-gather (#3050) 2023-07-28 11:29:23 +10:00
Amber Brown 12f1466e35
Remove the inbuilt installer (#3030)
* axe the build tags

* graph removals

* remove installer code

* go mod tidy

* go mod vendor
2023-07-18 14:56:23 +10:00
Christoph Blecker a1b73e9647
Merge pull request #3024 from Azure/dependabot/go_modules/github.com/containerd/containerd-1.6.18
Bump github.com/containerd/containerd from 1.6.4 to 1.6.18
2023-07-15 18:33:12 -07:00
dependabot[bot] f34cffd04a
Bump github.com/containerd/containerd from 1.6.4 to 1.6.18
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.6.4 to 1.6.18.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.6.4...v1.6.18)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-15 21:08:50 +00:00
dependabot[bot] dec2d8f2c2
Bump github.com/theupdateframework/go-tuf from 0.3.1 to 0.3.2
Bumps [github.com/theupdateframework/go-tuf](https://github.com/theupdateframework/go-tuf) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/theupdateframework/go-tuf/releases)
- [Commits](https://github.com/theupdateframework/go-tuf/compare/v0.3.1...v0.3.2)

---
updated-dependencies:
- dependency-name: github.com/theupdateframework/go-tuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-15 21:03:33 +00:00
dependabot[bot] b9b7fa8872
Bump github.com/sylabs/sif/v2 from 2.7.0 to 2.8.1
Bumps [github.com/sylabs/sif/v2](https://github.com/sylabs/sif) from 2.7.0 to 2.8.1.
- [Release notes](https://github.com/sylabs/sif/releases)
- [Changelog](https://github.com/sylabs/sif/blob/main/.goreleaser.yml)
- [Commits](https://github.com/sylabs/sif/compare/v2.7.0...v2.8.1)

---
updated-dependencies:
- dependency-name: github.com/sylabs/sif/v2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-14 16:28:36 +00:00
dependabot[bot] 3b6a3ce949
Bump github.com/containers/buildah from 1.26.1 to 1.27.1 (#3027)
Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.26.1 to 1.27.1.
- [Release notes](https://github.com/containers/buildah/releases)
- [Changelog](https://github.com/containers/buildah/blob/v1.27.1/CHANGELOG.md)
- [Commits](https://github.com/containers/buildah/compare/v1.26.1...v1.27.1)

---
updated-dependencies:
- dependency-name: github.com/containers/buildah
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-14 12:25:34 -04:00
Amber Brown 06b565ae84
Run local development and PR E2E in podman (#2817)
Runs local development and PR E2E in podman containers, rather than using the inbuilt installer.
---------

Co-authored-by: Jeremy Facchetti <facchettos@gmail.com>
2023-07-13 13:04:39 +10:00
Amber Brown 738a5e6771
Trim dependency graph with old code (#2980)
* try minimal changes to prune deps

* go mod sum cleanups
2023-06-23 14:02:04 +10:00
Amber Brown c95b1e3539
remove non-current Azure SDK dependencies from being considered (#2966) 2023-06-15 14:56:03 +10:00
Matthew Barnes 156383c4a6
Migrate RP from Azure AD Graph to Microsoft Graph (#1970)
* go.mod: Add github.com/microsoftgraph/msgraph-sdk-go

* azureclient: Add NewGraphServiceClient

Creates a GraphServiceClient with scope and graph endpoint set
appropriately for the cloud environment (public or US government).

* pkg/util/graph: Add GetServicePrincipalIDByAppID

* armhelper: Use MS Graph to obtain service principal ID

* armhelper: Remove unused authorizer parameter

* Use MS Graph endpoint to validate service principal

I don't think it matters for the purpose of validation, but the
AD Graph endpoint is nearing its end-of-life.

* pkg/cluster: Use MS Graph to obtain service principal ID

* pkg/util/cluster: Use MS Graph to create and delete clusters

* Pretty-print OData errors from MS Graph

To aid debugging failed MS Graph requests.

MS Graph's top-level APIError message is hard-coded and only says
"error status code received from the API".  Further details have
to be extracted from the "ODataErrorable" interface type.

* azureclient: Remove ActiveDirectoryGraphScope

No longer used.

* Remove pkg/util/azureclient/graphrbac

No longer used.

* pipelines: Run CodeQL analysis for Go on 1ES Hosted Pool

Vendoring the Microsoft Graph SDK for Go causes memory consumption
during CodeQL analysis to double due to its enormous API surface,
putting it well beyond the memory limit of standard GitHub Action
runners.

I inquired with the Azure organization admins about provisioning
larger GitHub runners, but was directed instead to use the 1ES
Hosted Pool which runs our other CI checks. Since ARO controls
the VM type for Hosted Pool agents, we can use a VM type with
adequate memory for CodeQL analysis with the Graph SDK.

Note: Implemented CodeQL commands in a template in case we
      ever decide to move Javascript or Python analysis to
      1ES Hosted Pool as well.
2023-06-14 11:10:37 -06:00
Amber Brown 1ee42feb78
[ARO-3194] Vendor dnsmasq into the operator (#2932)
vendor in dnsmasq config into the operator, rather than importing the installer
2023-06-13 22:52:57 +10:00
Daniel Holmes 386753af33
Remove reliance on hiveclient set which in-turn relies on openshift installer (#2806)
* chore(hive): Replace hive clientset with controller-runtime client

* chore(hive): Replace clientset with controller-runtime

* chore(vendor): Tidy dependencies up

* chore(hive): Remove vendored clientset
2023-06-02 12:21:09 +10:00
Jeff Yuan 31a396cfec fix ci issue 2023-05-30 23:10:39 +12:00
Jeff Yuan ae487eac38
Merge branch 'master' into feature/guardrails 2023-05-30 22:50:21 +12:00
Jeremy Facchetti bc7e1a1889
modified login command to include host key (#2911) 2023-05-30 11:03:55 +02:00
Jeff Yuan 8ea2925b35 Merge branch 'master' into feature/guardrails 2023-05-22 16:09:37 +12:00
dependabot[bot] 101d4d7387
Bump github.com/docker/distribution
Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 20:51:51 +00:00
Jeff Yuan 848014c3a6 run go mod vendor 2023-05-08 18:47:23 +12:00
Jeff Yuan dbb42a4414 Merge branch 'master' 2023-05-08 18:37:17 +12:00
Tanmay Satam d1600a0313
Spike - Cluster Operator Errors (#2703)
* ARO Cluster Operator Status derives the Cluster Operator's Available/Progressing/Degraded conditions from the state of its controllers
* Implements controller status conditions on the node operator controller
2023-04-27 12:32:30 -06:00
Amber Brown 03578b9c0c
Update to use new fluentbit, mdm, and mdsd (#2855)
* update to use new fluentbit, mdm, and mdsd
2023-04-27 12:14:09 +10:00
Amber Brown 061407ec5e
Update mirror image syncs to the latest versions (#2849)
Add more mirror images
2023-04-19 10:05:35 +10:00
Matthew Barnes 868acfa722 Remove pkg/util/aad
No longer used.
2023-04-11 16:32:49 -04:00
Matthew Barnes f64314a33f go.mod: Add github.com/jongio/azidext/go/azidext
This package is temporary glue to keep the autorest-based Azure
SDK working until the RP is fully migrated to azure-sdk-for-go.
2023-04-11 16:32:49 -04:00
Christoph Blecker 70f68529d5
Merge pull request #2824 from Azure/dependabot/go_modules/github.com/docker/docker-20.10.24incompatible
Bump github.com/docker/docker from 20.10.14+incompatible to 20.10.24+incompatible
2023-04-11 10:22:43 -07:00
Weinong Wang e27c6277c9 bump azidentity package 2023-04-05 20:42:33 +00:00
dependabot[bot] 447a85e799
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.14+incompatible to 20.10.24+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v20.10.14...v20.10.24)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-05 19:23:53 +00:00
dependabot[bot] 0ad78426cf
Bump github.com/opencontainers/runc from 1.1.2 to 1.1.5
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.2 to 1.1.5.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.5/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.1.2...v1.1.5)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-29 14:51:00 +00:00
Roland Kunkel 45b022ce94 add e2e test to check if MHC gets recreated on deletion 2023-03-27 16:55:42 +02:00
Amber Brown 472d035f7e
Move CI/dev tool usage to use go run pkg@version to reduce the number of vendored dependencies (#2789)
Use the new go run thing@version for test/CI items to remove vendoring
2023-03-24 10:01:05 +11:00
Jeremy Facchetti cf8ed6b7d0
Gorilla removal from pkg/frontend (#2711)
removes the use of gorilla/mux from the frontend
2023-03-14 12:06:58 +01:00
Jeff Yuan 5fefad4b19 merge with master plus some adaptions 2023-02-28 16:07:07 +13:00
Matthew Barnes 458322d9c0 go.mod: Unpin github.com/go-logr/logr
Vendors in the latest release: v1.2.3

v1.0.0 introduced breaking changes, so additional dependency bumps
were necessary:

k8s.io/klog/v2 v2.8.0 => latest
sigs.k8s.io/controller-runtime v0.9.1 => v0.11.2
2023-02-27 15:49:39 -05:00
dependabot[bot] e23a55bb7e
Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220722155237-a158d28d115b to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/commits/v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-25 01:38:51 +00:00
Petr Kotas c758170d6b
Update go version to 1.18 (#2691) 2023-02-14 11:35:54 +11:00
Shawn Bai 17754ace6c
To detect and show the unsupported conditions on the console banner (#2166) 2023-02-10 15:07:00 +11:00
Christoph Blecker ee03957b37
Bump github.com/opencontainers/runc from 1.1.1 to 1.1.2 2023-02-07 16:09:37 -08:00
Mike Drum fe9017d3d2 Add empty line to go.mod 2022-12-16 12:53:35 -05:00
Mike Drum 9c6114f4fb Update go.sum
Also remove empty line from go.mod
2022-12-16 12:53:35 -05:00
Zach Jones dc62f40fe3 feat: add azidentity vendor files 2022-12-16 12:53:35 -05:00
Jeff Yuan 16f6d48ad6 fix lint and go test issue 2022-11-24 12:34:36 +13:00
Jeff Yuan 878d9e5169 vendor update 2022-11-24 00:23:29 +13:00
Mikalai Radchuk 6191c11a03 Ginkgo update 2022-10-31 16:18:59 +00:00
Ellis Johnson b57d647632 Fix bad previous bad rebase 2022-10-07 15:47:15 +11:00
Ellis Johnson 09e0d6c2ab Revert "Fixed previous bad rebase"
This reverts commit cc137d8573.
2022-10-07 15:16:40 +11:00
Ellis Johnson cc137d8573 Fixed previous bad rebase 2022-10-06 17:45:59 +11:00
Ellis Johnson 961080beff Fixed rebasing issues 2022-10-06 15:15:41 +11:00
Ellis Johnson fa29039208 Fixed more dodgy rebasing 2022-10-06 15:15:40 +11:00
Ellis Johnson ed65513f55 Fixed issues caused from dodgy rebasing 2022-10-06 15:15:39 +11:00
Ellis Johnson 6f88e50e9e Updated Azure Pipelines config for admin portal page source
Modified css selectors for test

Remove Test Focus

Minor change in deploy-dev-rp.md

move validate-go to github action (#2153)

include openshift-operator-lifecycle-manager in monitoring

for gateway change arm deployment template name from storage to gatewayprivateendpoint

fix bug where mhc wouldn't kick in after CR change

RP support for 2-zone regions, centraluseuap

Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0

Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/coreos/ignition/releases)
- [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md)
- [Commits](https://github.com/coreos/ignition/compare/v2.13.0...v2.14.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/ignition/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

reduce the use of bindata by using embed for machinehealthcheck controller

Add the development AKS ARM template.

New deploy_aks_dev function for the AKS ARM template.

Script to SSH into AKS node pool VM instances for prototyping and debugging.

Add 'make aks.kubeconfig' for use in development environments.

Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access.

Display list of clusters when a search returns 0 or >1 AKS clusters.

Filter for the system node pool for cases when there are more than one deployed.

Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes.

add managed identity

Format JSON.

Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in.

Minor tweaks to naming, max agent VMs, and variables.

Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades.

Add aks.kubeconfig to Makefile .PHONY

Output an error if the AKS kubeconfig generation fails

Delegate pod subnet and wire up the AzureSecrets identity for keyvault access.

Remove any previous AKS config.

Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones.

improve Python unit testing and refactor _validators.py (#2120)

* refactor: apply Guard clauses in _validators.py to simplify code
* fix _validators.py trailing whitespace
* improve python test tructure, include execution of unit tests in make test-python
* crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr
* add tests for test_validate_client_id and include test cases description
* add unit tests for validate_client_secret from azext_aro._validators
* add explicit fields to named tuple in test cases in test_validators.py
* add two test scenarios for validate_cluster_resource_group
* simplify mocks
* add test case for test_validate_cluster_resource_group
* improve test descriptions
* add test_validate_disk_encryption_set test to test validate_disk_encryption_set
* add test cases to test_validate_disk_encryption_set()
* refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes
* refactor (simplify code): remove explicit assignemnt to None when it is the default value
* create test_validate_domain() with 1st test case
* add test case, domain with '_'
* explicit import of unittest.TestCase
* fix test message in test_validate_domain
* finish test_validate_domain()
* finish test_validate_sdn() and test_validate_pull_secret()
* create test_validate_subnet() with first test case
* finish test_validate_subnet() and minor refactor in _validators.py
* create test_validate_subnets() and add first test case
* finish validate_vnet_resource_group_name()
* finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py
* finish test_validate_worker_vm_disk_size_gb()
* refactor _validators.py
* add test_validate_refresh_cluster_credentials() and minor refactor of test_validators()
* refactor _test_validators.py to use pytest, create script and invoke it from Makefile
* simplify test_validate_cidr() using pytest.mark.parametrize
* simplify some tests using pytest.mark.parametrize
* finish applying pytest.mark.parametrize
* clean up Makefile test-python
* add blank line to hack/unit-test-python.sh
* fix typo in test case
* fix mega-linter error, blank space
* fix test case to fail due to invalid range
* fix typo in beeing to be being
* remove redundant test case
* reformat code for better readability
* add missing license to __init__.py files

Panic on AdminUpdate with MaintenanceTaskEverything

Fixed formatting issues and made the changes suggested in PR 2152

Panic on AdminUpdate PR changes.

error message updated as per PR comments

move installtime set to startInstallation rather than in the middle of kubeconfig generation

enable reconciling azuresubnets/NSGs by default

refector e2e for removing dependency.

Update 2

removed old code.

make test to fail on getting error.

Expect(err).NotTo(HaveOccurred())

Formating done

White-spaces removed.

handle the use of the AddressPrefixes field alongside AddressPrefix

improved ValidateCIDRRanges test

add vnet names to help with debugging if needed in the future

comment improvement

Bump follow-redirects from 1.14.0 to 1.14.7 in /portal

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.0...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Store downloaded cert only when it differs

When systemd downloader downloads fresh certificate
check whether it differs from the stored one.

Replace old one with fresh when there is a difference.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Restart mdm service on cert change

Forces MDM container to pick up changed certificate.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

doc: Document fp cert rotation

Add doc file with information how the first party certificate is
rotated in the RP and on the host VM.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Replace artifacts with direct code checkout

Replaces configuration fetching via build pipeline with
direct code checkout.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update .pipelines/int-release.yml

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

provide the ability to specify an overridden fluentbit image in operator feature flags

Add deploy pipelines using tag

Add new pipelines using tagged deployment

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Set XDG_RUNTIME_DIR explicitly on CI VMs

Add tagged aro image

Add annotated tag build and push into makefile.
Without annotation, the TAG is empty and
action is not performed.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Build and push tagged aro image into ACR

When annotated TAG is not set the new step fails.
Otherwise it builds the tagged image and pushes it
to the ACR.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Build release on tag

When CI started from tag build image and push to registry.
Extract annotation from the tag and use it as summary
for changelog. Automated summary is extracted from commits
titles.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

mdm/mdsd++

make generate

Revert "[PIPELINES 4] Create release based on annotated git tag"

Fix: Broken pull path

The original path is not working as it is blocked for writing,
Using the pipeline default instead

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Fix: Broken checkout code path

The checkout behaves differently when checking out single repository.
It checkout to /s

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update prod pipeline params to be consistent

Enable SBOM on all OneBranch pipelines

Fixing typo in paths

Add Documentation and Scripts for ARO Monitor Metric testing

Fix typo

Co-authored-by: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Handle cleanup of spawned processes.

Clarify a few things in the procdure.

Add example script to directly inject test data

Revert "Revert "[PIPELINES 4] Create release based on annotated git tag""

Fix: Remove build to run after e2e

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Bump nanoid from 3.1.22 to 3.2.0 in /portal

Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.1.22...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Add uaenorth to non-zonal regions

imageconfig controller

Fixing bug where incorrect ACR domain name was being generated

added doc for cert rotation

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Vendor installer release 4.9

This also forces the RP from Go 1.14 to Go 1.16.

Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the
other go.mod changes are all manual workarounds from failed
"make vendor" runs.

Automated updates from "make vendor"

Alter client-gen command to stay within repo

The way this is written seems to assume the ARO-RP repo is cloned
under the user's $GOPATH tree.  That's not where I typically clone
git repos for development.

Use relative paths in the client-gen command and arguments to stay
within the ARO-RP git repo.

Automated updates from "make generate"

Set InstallStream to OCP 4.9.8

Automated updates from "make discoverycache"

pipelines: Demand agents with go-1.16 capability for CI/E2E

Update documentation for Go 1.16 and installer 4.9

Fix: Remove the wrong git pull path

Removes the wrong git pull path for ADO RP-config
Removes unused parameter

Signed-off-by: Petr Kotas <pkotas@redhat.com>

fix: Add go1.16 requirement to run pipelines

With addition of 4.9 release, the go build
have to run with go1.16

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Add geneva action to reconcile a failed NIC

Suppress stderr within Makefile command

Do not overwrite FIPs environment variable in CI VMs

fix: fix service connection to the github

existing service connection does not meet requirement
for the github release

Signed-off-by: Petr Kotas <pkotas@redhat.com>

ADO Pipelines make no sense

Ensure TAG environment var is consistent case

Incorrect quoting on variables in pipeline

Clean up debug print statement in pipelines

Add INT/Prod variable group requirements

Update correct directory path for pipeline template files

Update release tag pipeline parameters

Vendor updated autorest adal to fix nil pointer exception in MSI

add fl to owners :-)

Fix: use the correct variable syntax for updated variables in pipelines

Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success

Vendor openshift installer carry patch

Bump golang version to 1.16 in CI VMs

Fix wrongly updated parameters and variables in prod release

Feedback follow up on image config controller

Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub

clean temporary gomock folders (#1912)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

fix 2 cred scan findings by adding suppression settings (#1960)

add tsaoptions json file, enable tsa in build rp official pipeline (#1959)

chore: removed logging onebranch pipelines files from aro-rp repo (#1942)

quick fixes in docs (#1956)

Removes unneeded field (#1962)

Updated linux container image for build (#1964)

Updating go-toolset tag to 1.16.12 (#1965)

Bump follow-redirects from 1.14.7 to 1.14.8 in /portal

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

add fips validation scripts and ci step

drop net_raw and make generate

Adding norwaywest to deploy from tag ALL regions Pipeline. (#1968)

Include variable groups for prod single region release (#1957)

Add Central US EUAP to nonZonalRegions (#1927)

remove network acceleration due to issues discovered

reapply the primary tag

make generate

Add metric gauge for nohost present on request to gateway

Fix net_raw caps, make generate (#1971)

Refactors operator requeues

* Adds the clarifying comment on requeues into the checker controller
* Removes `Requeue: true` in places where we use `RequeueAfter`
  as it is has no effect.

add a field to indicate spotInstances in node.conditions metric (#1928)

Bump url-parse from 1.5.3 to 1.5.7 in /portal

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.3...1.5.7)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

docs: add cleaner info to shared env docs

add westus3 to pipeline manifests

add additional logging to redeploy to help understand state when this job fails in e2e

Re-enable Egress Lockdown

Enable egress lockdown feature by default on new clusters while also
allowing current clusters to be admin-upgraded with the new feature

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

fix: use the tag/commit as the aro version

ARO uses both tags and commits as its version.
The commits are used for the development scenario,
tags are used when building and deploing to
production.

add: copy ARO iamge to integration

Signed-off-by: Petr Kotas <petr@kotas.tech>

add: release pipeline documentation

Signed-off-by: Petr Kotas <petr@kotas.tech>

fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (#1978)

* If don't have an apiVersion defined for a resource, then skip over it instead of returning an error.

* Reword the comment.

* Double quote the resource type in the log warning message.

Co-authored-by: Mikalai Radchuk <509198+m1kola@users.noreply.github.com>

add operator storage acc and endpoints reconcilers

operator tests

storageacc handling for install/update

generate

vendor

review feedback

Add dev env rules exception

Comply with the Authorizer changes

Fix tests

Fix merge conflicts

Add operator flags

Fix tests

Change operator flags

Addressing feedback

generate

Operator flag tests

Addressing feedback

FIx

update cluster spec

Add an Operator controller for Managed Upgrade Operator

add MUO deployment manifests

run go generate

add a mocks directory in the operator

make dynamichelper produce less spurious changes for MUO

fix: move int mirroring to separate pipelines

integration requires it own set of credentials,
this can only by provided in a separate pipeline

Signed-off-by: Petr Kotas <pkotas@redhat.com>

fix: provide the correct dependent pipeline (#1982)

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update mirror-aro-to-int.yml for Azure Pipelines

Remove unused parameter

fix: replace parameter with variable (#1984)

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update mirror-aro-to-int.yml for Azure Pipelines

Fix typo

Cleans up unused args in `muo.NewReconciler`

Bump url-parse from 1.5.7 to 1.5.10 in /portal

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.7...1.5.10)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Removes a explicit `gomock.Eq()` matcher calls (#1983)

`gomock.Eq()` is a default matcher in gomock
so it doesn't have to be explicitly called in these cases

Docs: Set GOPATH (#1987)

- A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix.

Adds extra fields to the PreviewFeature CRD

Adds the controller implementation

It currently implements only one feature: NSG flow logs

preview feature controller and NSG flow log feature implementation

L series support - RP changes (#1751)

* add L-series SKUs to internal, admin, validate api

* make client

Add SKU availability and restriction checks to dynamic validation (#1790)

* add sku filtering and restriction checks

* add install-time instance validation

Minor ARO operator refactoring

* Gets rid of exported constants like `ENABLED` where exported constants are not required
* Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier
* Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable.
  Introduces `DefaultOperatorFlags()` instead.

Removing call to listByResourceGroup due to flakyness in the Azure API

add validate-fips step into onebranch build rp template

exclude vuln protobuf

exclude vulnerable containerd versions

Changed CloudErrorCodes from vars to consts. (#1997)

Co-authored-by: Jeremy Facchetti <jfacchet@jfacchet.remote.csb>

Add sourcebranchname to build_tag (#1996)

adding a way to pass additional flags to E2E tests (#1998)

Fix typo in deploy-development-rp doc (#2005)

Better documentation support for multiple envs (#1932)

- Now there are two env files: standard, and int-like files
  - Instructions modified for int envs to create the new file and source it
  - Fixed a small typo in the instructions that was being masked by indentation

vendor: fake operator client

Signed-off-by: Petr Kotas <pkotas@redhat.com>

feature: add autosizednodes reconciler

Introduce autosizednodes reconciler which watches aro cluster object
feature flags for ReconcileAutoSizedNodes.

When feature flag is present new KubeletConfig is created enabling the
AutoSizingReserver feature which auto computes the system reserved
for nodes.

feature: add aro cluster to workaround

Adds aro cluster instance to IsRequires check
to allow for feature flags checking.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

feature: disable systemreserved when autosizednodes enabled

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Avoid AdminUpdate panic when Nodes are down (#1972)

* Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call
* Refactor Cluster Manager code to make ensureAROOperator code testable
* Add unit test for ensureAROOperator code

Co-authored-by: Ulrich Schlueter <uschlueter@redhat.com>

update go-cosmosdb version to incorporate the latest change (#2006)

Filter out unwanted data from azure list geneva action (#1969)

* filter our Microsoft.Compute/snapshots from azure list geneva action

* change filter input for test

Doc to create & push ARO Operator image to ACR/Quay (#1888)

* Doc to create/push AROOperator image ACR/Quay

A document on How to create & publish ARO Operator image to ACR/Quay.

Added alternative to go get command (#2015)

Update Makefile (#2020)

The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests

Update node-selector on muo namespace

Dockerfile for MUO image (#1993)

Update OB Build Pipeline to Pass Build Tag as Var (#2011)

* adding release_tag functionality to support releasing by tag or commit

add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists

add muo config yaml

add openshift-azure-logging to the ignored namespaces

run go generate

Fix VM Redeploy Test Flake

- Removing test to check k8s Events for Node readiness
- Adding test for Azure VM readiness (power state)
- Adding test for Linux Kernel uptime to guarantee reboot

disable ipv6 router advertisements on rp/gateway vmss

Install python3 on RP and gateway VMs

make pullspec an optional flag

add enabled and managed by default

add e2e test

Bump minimist from 1.2.5 to 1.2.6 in /portal

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

cleanup: proxy now uses idiomatic waitgroup.

cleanup: removed useless anonymous function definition.

add containers_image_openpgp tag (#2032)

Change secrets-update to allow subsequent updates (#2038)

Co-authored-by: Nont <nthanonchai@microsoft.com>

add containers_image_openpgp everywhere

add controller into operator for machine health check (#1950)

* add worker only controller with operator for machine health check

* align mhc node selector pattern with osd

Create 2022-04-01 API (#1876)

check for default ingressIP when ingressProfiles > 1 (#2021)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Skip Linux AZ Sec Pack policies from running on VMSS creation (#2041)

Admin Portal v2 (#2019)

Add in sre portal v2, still default to v1

Co-authored-by: Amber Brown <ambrown@redhat.com>
Co-authored-by: Brett Embery <bembery@redhat.com>
Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (#2043)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

added changes to make local e2e test work/ update doc (#2036)

* added changes to make local e2e test work/ update doc

updated operator README to include instructions for running the ARO operator locally for a private cluster (#2045)

Fix off by one error when truncating name

Now it truncates to 14 instead of 15. the corresponding arm templates
truncate to 15.

Refactors createOrUpdateRouterIPFromCluster

Make it reuse isIngressProfileAvailable to check IngressProfile

Adds an extra case into TestAroDeploymentReady

Updates dev env docs

* Removes mention of Python virtualenv as it comes by default with Python 3
* Updates macOS docs to make sure that steps work for Intel and ARM macs
* Markdown formatting fixes

give /tmp a bit more room for when the CI VM gets busy

refactor+test: refactored some functions to test

refactored tests

added license to test file

added err check on validateProxyResquest

made the errors more explicit

fixed typo in function name

removed useless test case

renamed oddly named metrics.Interface to Emitter

update codeowners

renamed github username

updated path to quota file (#2058)

refactor/add-test : refactored linkid and gateway to add tests (#2013)

Enable first basic linters in ARO (#2060)

* Enable first basic linters in ARO

* Remove modules-download-mode from the linter run config

Commit to allow password auth for VMSS jit access (#2027)

* Commit to allow password auth for VMSS jit access

fix: now uses renamed interface metricsEmitter

fix issues with linting new test files

added doc.go for imgconfig controller (#2064)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Revert 2027: Commit to allow password auth for VMSS jit access

Add logic to reconcile failed Nic on az aro delete

Co-authored-by: Ben Vesel <bennerv@users.noreply.github.com>

Update pull secret references from cloud.redhat.com to cloud.openshift.com (#2084)

Enables go fmt simplify (#2081)

update reference to cloud.redhat.com in README file (#2085)

ensure apiserverready check

redesigned the quota computation to something understandable (#2059)

Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue

Fail MUO test if we expect an error but don't get one

Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s

Bump async from 2.6.3 to 2.6.4 in /portal/v2

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Update the secret rotate time to 7 days during RP deploy (#2051)

Remove dead mirror code referencing 4.3 version which isn't mirrored (#2092)

add MTU to the internal OCP Document

make generate

before mock

added unit tests for two new functions

fix import order

remove trailing spaces

make validate-go wants to add trailing lines again

found/fixed trailing new line

add new line at end of test file

added admin update method to adminupdate tests

newlinw

fixed unit test issue

add helper method

Improve comment

gofmt

Remove ACR Image Override (#2090)

added stylecheck and moved golangci-lint to a github action (#2083)

* enabled github action instead of running from ADO

* fixed style

* fixed some style

fixed styling

fixed failing tests because of case on errs

Small updates to shared rp docs (#2079)

"note" syntax adjustments

Small updates to shared rp docs from working sessions

added note related to gwy keyvault not being in dev

Update docs/prepare-a-shared-rp-development-environment.md

Language adjustment.

Committing syntax change per Caden's suggestion.

Co-Authored-By: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Co-authored-by: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Additional gateway tests (#2062)

* Add coverage for pkg/gateway. Gateway creation now fails fast when env
properties are missing.

* refactor large test into multiple test cases

Move gateway fluentbit to container

Bump async from 2.6.3 to 2.6.4 in /portal/v1

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (#2095)

Remove mwoodson from codeowners (#2106)

Updated FIPs e2e test for 2022-04-01 API

Development subscription migration

prepare for dns migration

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Update az cli extension to use api v2022_04_01 (#2042)

* Bumping az aro extenion api version to v2022_04_01

* Adding new command flags and data structures to az aro create

* linting

Update cluster

Update pkg/util/cluster/cluster.go

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Better err handling to customer

remove installconfig dependency from deploystorage

Remove unnecessary to.StringPtr usages

Fixing exception handling for missing subnet (#2117)

* Fixing exception handling for missing subnet

* use isinstance

* Another err.message fix

Added a new function for a hardcoded filter of namespaces (#1994)

Added unit test for the makeURLSegments function of dynamichelper (#2031)

add minor version

Master resize (#1889)

* master resize GA

move arm template deploy to util

use the ARM deploytemplate code directly in pkg/cluster

Add David Newman to CODEOWNERS

il5 series support, vm.go improvements and tests (#2086)

Add improvements to `deploy-full-rp-service-in-dev.md` doc (#2048)

* Add improvements to full rp service doc

* Update docs/deploy-full-rp-service-in-dev.md

Co-authored-by: Spencer Amann <samann@redhat.com>

NSG controller - reconcile nil NSG (#2116)

* adding test case for NSGs = nil

* Adding handling of empty NSG

Fix deleteNic when the nic is in failed provisioning state

Add documentation outlining our keyvaults, certificates, and secrets

Provide clearer error for a particular type of PUCM failure

Instead of "subnet ID "" has incorrect length", catch the error
earlier and provide a clearer "lastAdminUpdateError" message.

This particular PUCM failure occurs when a machineset object fails
to decode during cluster document enriching.

increase the timeout to 10 minutes, since a rebuild can trigger the timeout

Vendor installer release 4.10

Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules.

Automated updates from "make generate"

Set default InstallStream to OCP 4.10.15

Automated updates from "make discoverycache".

pipelines: Require agents with go-1.17 capability for CI/E2E

Update documentation for Go 1.17 and installer 4.10

Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API

* Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing
  clusters machine provider spec into the new struct.
* Switches tests to use the new machine API struct.

Ref: f9725ddd94

Switch to building with golang 1.17

Switch maoclient -> machineclient and maofake -> machinefake

gofmt: add "go:build e2e"

Switch to using the ubi8 go-toolset for building.

Add additional values to CloudError and Cluster Operation Logs (#2094)

* Added additional values to CloudError

* Update pkg/api/error.go

Co-authored-by: Weinong Wang <weinong@outlook.com>

* Add details for cluster logs in terminal state

* Fixed issue with logging clusterResult

* Changed to generic name, add String() func

* Update logging comments

Co-authored-by: Weinong Wang <weinong@outlook.com>

* Add prefix to cloudErrorMessage String()

* Add additional json monikers

* Fix bug with resultType output

* Defined CloudErrorCategory string type

* Empty-Commit to retrigger test

* Shift logs, remove code for next PR

* Added log fields, removed category

* Shift resultType to Logs

* Empty-Commit to retrigger test

* Remove all error changes

* Update openshiftcluster.go

change logs to lowercase

Co-authored-by: BCarvalheira <bcarvalheira@microsoft.com>
Co-authored-by: Weinong Wang <weinong@outlook.com>

Improved the unit test coverage for the merge function of dynamichelper

Fixed the validate golang code errors in the pipeline

Updated the code based on Mikalai's feedback

Fixed a go validation error

added yaml lint (#2132)

* added yaml lint

* updated the doc

Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17.

Bump to the latest Microsoft Golang FIPS release.

Updated bindata.

Switch back to the vanilla ci vmss names.

Revert the address prefix and keyvault name changes necessary to deploy to CI.

Switch back to using the RHEL go-toolset now that 8.6 is available on Azure.

Double the OS Disk size.

Increase the disk size of the CI vmss to 200GB.

Updated bindata and move disk size to the correct vmss spec.

Add an option to send metrics via UDP instead of Unix Domain Sockets (#2074)

replace allowOCM flag with a forceLocalOnly flag

upgrade image to b4

when mhc is managed create an alert for frequent remediation (#2123)

allow overriding the operator version in the admin API (#2134)

Update pipelines to demand go 1.17 and update OB container to go 1.17 (#2146)

update mdm/mdsd

Add new ARO regions to pipelines

- australiacentral
- australiacentral2
- swedencentral

test for infra ID generation

this does not need installconfig, and so can be moved upwards in the install

replace it with a vendored version, so that we don't need to utilise the installer portion

validate apimachinery rand as utilrand

split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently.

refactored muo to extract deployer (#2122)

removed go-bindata from pkg/operator (#2119)

add: Getpodlogs kubeaction api (#1885)

Migrate from AD to MS Graph

Also changed the AADManager so that it only returns values
instead of the data structure.  This hides the implementation
details so that in the future if MSAL changes the internal
representation, any required changes will be contained within
the class (vs. right now custom.py has to be changed accordingly).

fixed conflict created when moving to the new library (#2150)

Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

clean up of validate import, now uses a yaml file for maintainability  (#2136)

create lint-go script and call it from Makefile (#2118)

Co-authored-by: Jeremy Facchetti <facchettos@gmail.com>

Add name length validation on ARO clusters for non-zonal regions

Truncate cluster names to 19 char in e2e pipelines

Typo in pipeline script

Minor change in deploy-dev-rp.md

move validate-go to github action (#2153)

include openshift-operator-lifecycle-manager in monitoring

for gateway change arm deployment template name from storage to gatewayprivateendpoint

fix bug where mhc wouldn't kick in after CR change

RP support for 2-zone regions, centraluseuap

Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0

Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/coreos/ignition/releases)
- [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md)
- [Commits](https://github.com/coreos/ignition/compare/v2.13.0...v2.14.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/ignition/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

reduce the use of bindata by using embed for machinehealthcheck controller

Add the development AKS ARM template.

New deploy_aks_dev function for the AKS ARM template.

Script to SSH into AKS node pool VM instances for prototyping and debugging.

Add 'make aks.kubeconfig' for use in development environments.

Documentation on accessing the private AKS cluster via the VPN for oc or direct SSH access.

Display list of clusters when a search returns 0 or >1 AKS clusters.

Filter for the system node pool for cases when there are more than one deployed.

Updates to ARM template for AKS keyvault access, node resource group, and various AAD changes.

add managed identity

Format JSON.

Wire up the user assigned MSI, peer with rp-vnet, and add the AKS keyvault back in.

Minor tweaks to naming, max agent VMs, and variables.

Add a podSubnet, autoscaling, and orchestratorVersion for nodepool upgrades.

Add aks.kubeconfig to Makefile .PHONY

Output an error if the AKS kubeconfig generation fails

Delegate pod subnet and wire up the AzureSecrets identity for keyvault access.

Remove any previous AKS config.

Limit MSI role assignment to subnet collaborator, bump max pods, and parameterize availabilityZones.

improve Python unit testing and refactor _validators.py (#2120)

* refactor: apply Guard clauses in _validators.py to simplify code
* fix _validators.py trailing whitespace
* improve python test tructure, include execution of unit tests in make test-python
* crate make directive to run python unit tests, add unit tests for azext_aro._validators.validate_cidr
* add tests for test_validate_client_id and include test cases description
* add unit tests for validate_client_secret from azext_aro._validators
* add explicit fields to named tuple in test cases in test_validators.py
* add two test scenarios for validate_cluster_resource_group
* simplify mocks
* add test case for test_validate_cluster_resource_group
* improve test descriptions
* add test_validate_disk_encryption_set test to test validate_disk_encryption_set
* add test cases to test_validate_disk_encryption_set()
* refactor test_validator.py to use classes instead of namedtuples. Use mocks instead of specific defined classes
* refactor (simplify code): remove explicit assignemnt to None when it is the default value
* create test_validate_domain() with 1st test case
* add test case, domain with '_'
* explicit import of unittest.TestCase
* fix test message in test_validate_domain
* finish test_validate_domain()
* finish test_validate_sdn() and test_validate_pull_secret()
* create test_validate_subnet() with first test case
* finish test_validate_subnet() and minor refactor in _validators.py
* create test_validate_subnets() and add first test case
* finish validate_vnet_resource_group_name()
* finish test_validate_worker_count() of test_validators.py and simple refactor in _validators.py
* finish test_validate_worker_vm_disk_size_gb()
* refactor _validators.py
* add test_validate_refresh_cluster_credentials() and minor refactor of test_validators()
* refactor _test_validators.py to use pytest, create script and invoke it from Makefile
* simplify test_validate_cidr() using pytest.mark.parametrize
* simplify some tests using pytest.mark.parametrize
* finish applying pytest.mark.parametrize
* clean up Makefile test-python
* add blank line to hack/unit-test-python.sh
* fix typo in test case
* fix mega-linter error, blank space
* fix test case to fail due to invalid range
* fix typo in beeing to be being
* remove redundant test case
* reformat code for better readability
* add missing license to __init__.py files

Panic on AdminUpdate with MaintenanceTaskEverything

Fixed formatting issues and made the changes suggested in PR 2152

Panic on AdminUpdate PR changes.

error message updated as per PR comments

move installtime set to startInstallation rather than in the middle of kubeconfig generation

Fix azureproviderspec regression (#2167)

* Fix AzureMachineProviderSpec regression in 4.10

* refactor to reduce branches and clean up

Co-authored-by: bennerv <10840174+bennerv@users.noreply.github.com>

Removed temporary timestamp update code (#2172)

mirror MUO and Hive images to ACR

attempt to make this e2e test a bit more reliable

Add pull secret to allow mirroring from pd -> int

Pass NIC on CreateOrUpdate call

add required build images to mirror

add a listen to the cluster pull secret

move deploystorage portions to pkg/installer

manager for installer code, call the installer code from the cluster/install.go code

move some steps earlier in the installer

we haven't loaded the kubeconfig files into oc yet, so use the ones from the graph directly

Hive AKS development environment deploy (#2171)

* Add hive config generation script

* Script to install hive into the AKS dev environments

* Add note about semi-scientific container image search

* Vanilla hive config gleaned from app-sre config

* Initial OCP 4.10.15 image set

* Ignore the generated hive config files

* Check for crds folder and ask to re-running install

* Add docs

* Add newline to yaml EOF

* Spelling is clearly hard at this hour...

* Fix typo, grammer, and spelling

* Use the shell var instead

* Use the expanded output variable syntax. No lazy typing :)

* Use 1's for all error exit's

* Fix make aks.kubeconfig in docs/hive.md

Co-authored-by: Spencer Amann <samann@redhat.com>

* Fix hive docs kubeconfig typo

* Use HIVE_IMAGE_COMMIT_HASH in the HIVE image and comments for popd/pushd

* Update docs to reflect the use of the HIVE_IMAGE_COMMIT_HASH define

Co-authored-by: Spencer Amann <samann@redhat.com>

Go vet with tags
2022-10-06 15:15:37 +11:00
Ellis Johnson 71febeb26c Moved cookie generation back out to hack file and refactored test
Fixed linting of dot imports

Initial files + dependencies for the react-fluent portal

Initial POC for portal UI

Finished front end API for cluster information

Co-authored-by: Brett Embery <bembery@redhat.com>

Adding cluster detail pane

Co-authored-by: Ellis Johnson <elljohns@redhat.com>

Format tsx source

Add cluster detail nav + tweaks

Co-authored-by: Ellis Johnson <elljohns@redhat.com>

Cluster detail MVP

Co-authored-by: Brett Embery <bembery@redhat.com>

bump deps

fixes

update deps

cleanups and style improvements for the portal, as well as a new copy resource ID button

update package deps

Added base eslint config

Fixed linter errors in SRE Portal

Added linter step for e2e pipeline

Reverting package-lock json to appease PR testing

Another attempt to test admin portal linting in e2e pipeline

Another fix for e2e admin portal linting

Yet another attempt

Reordered e2e jobs

Added fix to commands

Modifying linting settings to try and working e2e pipeline

More config changes

More changes

Modified eslintrc

Modified eslintrc

Perform npm install before running container

Debugging

Trying npm install as a seperate task

Moved admin portal lint from e2e pipeline to ci pipeline

Fixed formatting

Fixed formatting

Fixed formatting

Fixed image name

Added dockerfile for SRE Portal linting

Using new docker image in ADO CI pipeline

Removed old dockerfile and modified package.json

Split portal into v1 and v2

Modified portal backend to allow v1 and v2 portals to run at the same time

Modified makefile to make both v1 and v2 portal

Added option to change portal hostname locally whether wanting to run dev server or compiled build code

Created initial selenium script

Fixed linter

Added documentation for new admin portal

Added makefile command for linting admin portal

Remove accident commit

Refactored portal backend code

Renamed temp to template in portal code

Modified documentation to explain NO_NPM env var

Renamed portal v1 compilation directory from dist to build and fixed TODOs in typescript

Fixed SSHModal indexing

Fixed SSHModal indexing

Commit generated bindata code

Added vscode folders to gitignore

Made minor changes based on review feedback

Added conditional statements for linting

Fixed booleans

Added vm image to first stage

Modified powershell to bash

Made small changes based on review feedback

Update Makefile

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Update docs/admin-portal.md

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Update docs/admin-portal.md

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Small documentation change

Small ci fix

Small ci fix

Small ci fix

Small ci fix

Still fixing CI

Still fixing CI

Still fixing CI

Still fixing CI

Fix CI again

Fix CI again

Fix CI again

Fix CI again

Fix CI again

Removing conditional linting and moving to future PR

Remove stage from CI yaml to pass github check

Fixed off by one error with SSH in admin portal

First 3 e2e test cases complete

Test image pull

Rewrote first test in golang on e2e pipeline

Added second test

Fixed tests for CT

Added 2 more tests

Added 1 more test and fixed others

Finished initial e2e tests

Fixed linting errors

Fixed validation and linting

Still trying to fix linting issues

Moved cookie generation back out to hack file and refactored test

Fixed linting of dot imports

Remove test focus for e2e

Fixed potential infinite for loop

Removed test command from makefile

Removed test pipeline step

Fixed vendoring removals

Update az cli extension to use api v2022_04_01 (#2042)

* Bumping az aro extenion api version to v2022_04_01

* Adding new command flags and data structures to az aro create

* linting

Update cluster

Update pkg/util/cluster/cluster.go

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Better err handling to customer

remove installconfig dependency from deploystorage

Remove unnecessary to.StringPtr usages

Fixing exception handling for missing subnet (#2117)

* Fixing exception handling for missing subnet

* use isinstance

* Another err.message fix

Added a new function for a hardcoded filter of namespaces (#1994)

Added unit test for the makeURLSegments function of dynamichelper (#2031)

add minor version

Master resize (#1889)

* master resize GA

move arm template deploy to util

use the ARM deploytemplate code directly in pkg/cluster

Add David Newman to CODEOWNERS

il5 series support, vm.go improvements and tests (#2086)

Add improvements to `deploy-full-rp-service-in-dev.md` doc (#2048)

* Add improvements to full rp service doc

* Update docs/deploy-full-rp-service-in-dev.md

Co-authored-by: Spencer Amann <samann@redhat.com>

NSG controller - reconcile nil NSG (#2116)

* adding test case for NSGs = nil

* Adding handling of empty NSG

Fix deleteNic when the nic is in failed provisioning state

Add documentation outlining our keyvaults, certificates, and secrets

Provide clearer error for a particular type of PUCM failure

Instead of "subnet ID "" has incorrect length", catch the error
earlier and provide a clearer "lastAdminUpdateError" message.

This particular PUCM failure occurs when a machineset object fails
to decode during cluster document enriching.

increase the timeout to 10 minutes, since a rebuild can trigger the timeout

Fixed dodgy e2e test

Vendor installer release 4.10

Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules.

Automated updates from "make generate"

Set default InstallStream to OCP 4.10.15

Automated updates from "make discoverycache".

pipelines: Require agents with go-1.17 capability for CI/E2E

Update documentation for Go 1.17 and installer 4.10

Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API

* Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing
  clusters machine provider spec into the new struct.
* Switches tests to use the new machine API struct.

Ref: f9725ddd94

Switch to building with golang 1.17

Switch maoclient -> machineclient and maofake -> machinefake

gofmt: add "go:build e2e"

Switch to using the ubi8 go-toolset for building.

Add additional values to CloudError and Cluster Operation Logs (#2094)

* Added additional values to CloudError

* Update pkg/api/error.go

Co-authored-by: Weinong Wang <weinong@outlook.com>

* Add details for cluster logs in terminal state

* Fixed issue with logging clusterResult

* Changed to generic name, add String() func

* Update logging comments

Co-authored-by: Weinong Wang <weinong@outlook.com>

* Add prefix to cloudErrorMessage String()

* Add additional json monikers

* Fix bug with resultType output

* Defined CloudErrorCategory string type

* Empty-Commit to retrigger test

* Shift logs, remove code for next PR

* Added log fields, removed category

* Shift resultType to Logs

* Empty-Commit to retrigger test

* Remove all error changes

* Update openshiftcluster.go

change logs to lowercase

Co-authored-by: BCarvalheira <bcarvalheira@microsoft.com>
Co-authored-by: Weinong Wang <weinong@outlook.com>

Improved the unit test coverage for the merge function of dynamichelper

Fixed the validate golang code errors in the pipeline

Updated the code based on Mikalai's feedback

Fixed a go validation error

added yaml lint (#2132)

* added yaml lint

* updated the doc

Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17.

Bump to the latest Microsoft Golang FIPS release.

Updated bindata.

Switch back to the vanilla ci vmss names.

Revert the address prefix and keyvault name changes necessary to deploy to CI.

Switch back to using the RHEL go-toolset now that 8.6 is available on Azure.

Double the OS Disk size.

Increase the disk size of the CI vmss to 200GB.

Updated bindata and move disk size to the correct vmss spec.

Add an option to send metrics via UDP instead of Unix Domain Sockets (#2074)

replace allowOCM flag with a forceLocalOnly flag

upgrade image to b4

when mhc is managed create an alert for frequent remediation (#2123)

allow overriding the operator version in the admin API (#2134)

Update pipelines to demand go 1.17 and update OB container to go 1.17 (#2146)

update mdm/mdsd

Add new ARO regions to pipelines

- australiacentral
- australiacentral2
- swedencentral

test for infra ID generation

this does not need installconfig, and so can be moved upwards in the install

replace it with a vendored version, so that we don't need to utilise the installer portion

validate apimachinery rand as utilrand

split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently.

Testing test in isolation

refactored muo to extract deployer (#2122)

removed go-bindata from pkg/operator (#2119)

add: Getpodlogs kubeaction api (#1885)

Migrate from AD to MS Graph

Also changed the AADManager so that it only returns values
instead of the data structure.  This hides the implementation
details so that in the future if MSAL changes the internal
representation, any required changes will be contained within
the class (vs. right now custom.py has to be changed accordingly).

fixed conflict created when moving to the new library (#2150)

Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

clean up of validate import, now uses a yaml file for maintainability  (#2136)

Added more checks for cluster panel test to figure out test failure

enable reconciling azuresubnets/NSGs by default

refector e2e for removing dependency.

Update 2

removed old code.

make test to fail on getting error.

Expect(err).NotTo(HaveOccurred())

Formating done

White-spaces removed.

handle the use of the AddressPrefixes field alongside AddressPrefix

improved ValidateCIDRRanges test

add vnet names to help with debugging if needed in the future

comment improvement

Bump follow-redirects from 1.14.0 to 1.14.7 in /portal

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.0...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Store downloaded cert only when it differs

When systemd downloader downloads fresh certificate
check whether it differs from the stored one.

Replace old one with fresh when there is a difference.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Restart mdm service on cert change

Forces MDM container to pick up changed certificate.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

doc: Document fp cert rotation

Add doc file with information how the first party certificate is
rotated in the RP and on the host VM.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Replace artifacts with direct code checkout

Replaces configuration fetching via build pipeline with
direct code checkout.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update .pipelines/int-release.yml

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

provide the ability to specify an overridden fluentbit image in operator feature flags

Download aro deployer from tagged image

Pull aro deployer from tagged container instead of pipeline artifact.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Add deploy pipelines using tag

Add new pipelines using tagged deployment

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Set XDG_RUNTIME_DIR explicitly on CI VMs

Add tagged aro image

Add annotated tag build and push into makefile.
Without annotation, the TAG is empty and
action is not performed.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Build and push tagged aro image into ACR

When annotated TAG is not set the new step fails.
Otherwise it builds the tagged image and pushes it
to the ACR.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Build release on tag

When CI started from tag build image and push to registry.
Extract annotation from the tag and use it as summary
for changelog. Automated summary is extracted from commits
titles.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

mdm/mdsd++

make generate

Revert "[PIPELINES 4] Create release based on annotated git tag"

Fix: Broken pull path

The original path is not working as it is blocked for writing,
Using the pipeline default instead

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Fix: Broken checkout code path

The checkout behaves differently when checking out single repository.
It checkout to /s

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update prod pipeline params to be consistent

Enable SBOM on all OneBranch pipelines

Fixing typo in paths

Add Documentation and Scripts for ARO Monitor Metric testing

Fix typo

Co-authored-by: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Handle cleanup of spawned processes.

Clarify a few things in the procdure.

Add example script to directly inject test data

Revert "Revert "[PIPELINES 4] Create release based on annotated git tag""

Fix: Remove build to run after e2e

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Bump nanoid from 3.1.22 to 3.2.0 in /portal

Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.1.22...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Add uaenorth to non-zonal regions

imageconfig controller

Fixing bug where incorrect ACR domain name was being generated

added doc for cert rotation

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Vendor installer release 4.9

This also forces the RP from Go 1.14 to Go 1.16.

Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the
other go.mod changes are all manual workarounds from failed
"make vendor" runs.

Automated updates from "make vendor"

Alter client-gen command to stay within repo

The way this is written seems to assume the ARO-RP repo is cloned
under the user's $GOPATH tree.  That's not where I typically clone
git repos for development.

Use relative paths in the client-gen command and arguments to stay
within the ARO-RP git repo.

Automated updates from "make generate"

Set InstallStream to OCP 4.9.8

Automated updates from "make discoverycache"

pipelines: Demand agents with go-1.16 capability for CI/E2E

Update documentation for Go 1.16 and installer 4.9

Fix: Remove the wrong git pull path

Removes the wrong git pull path for ADO RP-config
Removes unused parameter

Signed-off-by: Petr Kotas <pkotas@redhat.com>

fix: Add go1.16 requirement to run pipelines

With addition of 4.9 release, the go build
have to run with go1.16

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Add geneva action to reconcile a failed NIC

Suppress stderr within Makefile command

Do not overwrite FIPs environment variable in CI VMs

fix: fix service connection to the github

existing service connection does not meet requirement
for the github release

Signed-off-by: Petr Kotas <pkotas@redhat.com>

ADO Pipelines make no sense

Ensure TAG environment var is consistent case

Incorrect quoting on variables in pipeline

Clean up debug print statement in pipelines

Add INT/Prod variable group requirements

Update correct directory path for pipeline template files

Update release tag pipeline parameters

Vendor updated autorest adal to fix nil pointer exception in MSI

add fl to owners :-)

Fix: use the correct variable syntax for updated variables in pipelines

Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success

Vendor openshift installer carry patch

Bump golang version to 1.16 in CI VMs

Fix wrongly updated parameters and variables in prod release

Feedback follow up on image config controller

Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub

clean temporary gomock folders (#1912)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

fix 2 cred scan findings by adding suppression settings (#1960)

add tsaoptions json file, enable tsa in build rp official pipeline (#1959)

chore: removed logging onebranch pipelines files from aro-rp repo (#1942)

quick fixes in docs (#1956)

Removes unneeded field (#1962)

Updated linux container image for build (#1964)

Updating go-toolset tag to 1.16.12 (#1965)

Bump follow-redirects from 1.14.7 to 1.14.8 in /portal

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

add fips validation scripts and ci step

drop net_raw and make generate

Adding norwaywest to deploy from tag ALL regions Pipeline. (#1968)

Include variable groups for prod single region release (#1957)

Add Central US EUAP to nonZonalRegions (#1927)

remove network acceleration due to issues discovered

reapply the primary tag

make generate

Add metric gauge for nohost present on request to gateway

Fix net_raw caps, make generate (#1971)

Refactors operator requeues

* Adds the clarifying comment on requeues into the checker controller
* Removes `Requeue: true` in places where we use `RequeueAfter`
  as it is has no effect.

add a field to indicate spotInstances in node.conditions metric (#1928)

Bump url-parse from 1.5.3 to 1.5.7 in /portal

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.3...1.5.7)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

docs: add cleaner info to shared env docs

add westus3 to pipeline manifests

add additional logging to redeploy to help understand state when this job fails in e2e

Re-enable Egress Lockdown

Enable egress lockdown feature by default on new clusters while also
allowing current clusters to be admin-upgraded with the new feature

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

fix: use the tag/commit as the aro version

ARO uses both tags and commits as its version.
The commits are used for the development scenario,
tags are used when building and deploing to
production.

add: copy ARO iamge to integration

Signed-off-by: Petr Kotas <petr@kotas.tech>

add: release pipeline documentation

Signed-off-by: Petr Kotas <petr@kotas.tech>

fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (#1978)

* If don't have an apiVersion defined for a resource, then skip over it instead of returning an error.

* Reword the comment.

* Double quote the resource type in the log warning message.

Co-authored-by: Mikalai Radchuk <509198+m1kola@users.noreply.github.com>

add operator storage acc and endpoints reconcilers

operator tests

storageacc handling for install/update

generate

vendor

review feedback

Add dev env rules exception

Comply with the Authorizer changes

Fix tests

Fix merge conflicts

Add operator flags

Fix tests

Change operator flags

Addressing feedback

generate

Operator flag tests

Addressing feedback

FIx

update cluster spec

Add an Operator controller for Managed Upgrade Operator

add MUO deployment manifests

run go generate

add a mocks directory in the operator

make dynamichelper produce less spurious changes for MUO

fix: move int mirroring to separate pipelines

integration requires it own set of credentials,
this can only by provided in a separate pipeline

Signed-off-by: Petr Kotas <pkotas@redhat.com>

fix: provide the correct dependent pipeline (#1982)

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update mirror-aro-to-int.yml for Azure Pipelines

Remove unused parameter

fix: replace parameter with variable (#1984)

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update mirror-aro-to-int.yml for Azure Pipelines

Fix typo

Cleans up unused args in `muo.NewReconciler`

Bump url-parse from 1.5.7 to 1.5.10 in /portal

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.7...1.5.10)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Removes a explicit `gomock.Eq()` matcher calls (#1983)

`gomock.Eq()` is a default matcher in gomock
so it doesn't have to be explicitly called in these cases

Docs: Set GOPATH (#1987)

- A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix.

Adds extra fields to the PreviewFeature CRD

Adds the controller implementation

It currently implements only one feature: NSG flow logs

preview feature controller and NSG flow log feature implementation

L series support - RP changes (#1751)

* add L-series SKUs to internal, admin, validate api

* make client

Add SKU availability and restriction checks to dynamic validation (#1790)

* add sku filtering and restriction checks

* add install-time instance validation

Minor ARO operator refactoring

* Gets rid of exported constants like `ENABLED` where exported constants are not required
* Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier
* Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable.
  Introduces `DefaultOperatorFlags()` instead.

Removing call to listByResourceGroup due to flakyness in the Azure API

add validate-fips step into onebranch build rp template

exclude vuln protobuf

exclude vulnerable containerd versions

Changed CloudErrorCodes from vars to consts. (#1997)

Co-authored-by: Jeremy Facchetti <jfacchet@jfacchet.remote.csb>

Add sourcebranchname to build_tag (#1996)

adding a way to pass additional flags to E2E tests (#1998)

Fix typo in deploy-development-rp doc (#2005)

Better documentation support for multiple envs (#1932)

- Now there are two env files: standard, and int-like files
  - Instructions modified for int envs to create the new file and source it
  - Fixed a small typo in the instructions that was being masked by indentation

vendor: fake operator client

Signed-off-by: Petr Kotas <pkotas@redhat.com>

feature: add autosizednodes reconciler

Introduce autosizednodes reconciler which watches aro cluster object
feature flags for ReconcileAutoSizedNodes.

When feature flag is present new KubeletConfig is created enabling the
AutoSizingReserver feature which auto computes the system reserved
for nodes.

feature: add aro cluster to workaround

Adds aro cluster instance to IsRequires check
to allow for feature flags checking.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

feature: disable systemreserved when autosizednodes enabled

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Avoid AdminUpdate panic when Nodes are down (#1972)

* Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call
* Refactor Cluster Manager code to make ensureAROOperator code testable
* Add unit test for ensureAROOperator code

Co-authored-by: Ulrich Schlueter <uschlueter@redhat.com>

update go-cosmosdb version to incorporate the latest change (#2006)

Filter out unwanted data from azure list geneva action (#1969)

* filter our Microsoft.Compute/snapshots from azure list geneva action

* change filter input for test

Doc to create & push ARO Operator image to ACR/Quay (#1888)

* Doc to create/push AROOperator image ACR/Quay

A document on How to create & publish ARO Operator image to ACR/Quay.

Added alternative to go get command (#2015)

Update Makefile (#2020)

The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests

Update node-selector on muo namespace

Dockerfile for MUO image (#1993)

Update OB Build Pipeline to Pass Build Tag as Var (#2011)

* adding release_tag functionality to support releasing by tag or commit

add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists

add muo config yaml

add openshift-azure-logging to the ignored namespaces

run go generate

Fix VM Redeploy Test Flake

- Removing test to check k8s Events for Node readiness
- Adding test for Azure VM readiness (power state)
- Adding test for Linux Kernel uptime to guarantee reboot

disable ipv6 router advertisements on rp/gateway vmss

Install python3 on RP and gateway VMs

make pullspec an optional flag

add enabled and managed by default

add e2e test

Bump minimist from 1.2.5 to 1.2.6 in /portal

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

cleanup: proxy now uses idiomatic waitgroup.

cleanup: removed useless anonymous function definition.

add containers_image_openpgp tag (#2032)

Change secrets-update to allow subsequent updates (#2038)

Co-authored-by: Nont <nthanonchai@microsoft.com>

add containers_image_openpgp everywhere

add controller into operator for machine health check (#1950)

* add worker only controller with operator for machine health check

* align mhc node selector pattern with osd

Create 2022-04-01 API (#1876)

check for default ingressIP when ingressProfiles > 1 (#2021)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Skip Linux AZ Sec Pack policies from running on VMSS creation (#2041)

Admin Portal v2 (#2019)

Add in sre portal v2, still default to v1

Co-authored-by: Amber Brown <ambrown@redhat.com>
Co-authored-by: Brett Embery <bembery@redhat.com>
Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Bump minimist from 1.2.5 to 1.2.6 in /portal/v2 (#2043)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

added changes to make local e2e test work/ update doc (#2036)

* added changes to make local e2e test work/ update doc

updated operator README to include instructions for running the ARO operator locally for a private cluster (#2045)

Fix off by one error when truncating name

Now it truncates to 14 instead of 15. the corresponding arm templates
truncate to 15.

Refactors createOrUpdateRouterIPFromCluster

Make it reuse isIngressProfileAvailable to check IngressProfile

Adds an extra case into TestAroDeploymentReady

Updates dev env docs

* Removes mention of Python virtualenv as it comes by default with Python 3
* Updates macOS docs to make sure that steps work for Intel and ARM macs
* Markdown formatting fixes

give /tmp a bit more room for when the CI VM gets busy

refactor+test: refactored some functions to test

refactored tests

added license to test file

added err check on validateProxyResquest

made the errors more explicit

fixed typo in function name

removed useless test case

renamed oddly named metrics.Interface to Emitter

update codeowners

renamed github username

updated path to quota file (#2058)

refactor/add-test : refactored linkid and gateway to add tests (#2013)

Enable first basic linters in ARO (#2060)

* Enable first basic linters in ARO

* Remove modules-download-mode from the linter run config

Commit to allow password auth for VMSS jit access (#2027)

* Commit to allow password auth for VMSS jit access

fix: now uses renamed interface metricsEmitter

fix issues with linting new test files

added doc.go for imgconfig controller (#2064)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Revert 2027: Commit to allow password auth for VMSS jit access

Add logic to reconcile failed Nic on az aro delete

Co-authored-by: Ben Vesel <bennerv@users.noreply.github.com>

Update pull secret references from cloud.redhat.com to cloud.openshift.com (#2084)

Enables go fmt simplify (#2081)

update reference to cloud.redhat.com in README file (#2085)

ensure apiserverready check

redesigned the quota computation to something understandable (#2059)

Bump 4.9 install image to latest stable 4.9.28 to address etcd split brain issue

Fail MUO test if we expect an error but don't get one

Bump fluentbit, mdm, and mdsd images to mitigate P0/P1s

Bump async from 2.6.3 to 2.6.4 in /portal/v2

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Update the secret rotate time to 7 days during RP deploy (#2051)

Remove dead mirror code referencing 4.3 version which isn't mirrored (#2092)

add MTU to the internal OCP Document

make generate

before mock

added unit tests for two new functions

fix import order

remove trailing spaces

make validate-go wants to add trailing lines again

found/fixed trailing new line

add new line at end of test file

added admin update method to adminupdate tests

newlinw

fixed unit test issue

add helper method

Improve comment

gofmt

Remove ACR Image Override (#2090)

added stylecheck and moved golangci-lint to a github action (#2083)

* enabled github action instead of running from ADO

* fixed style

* fixed some style

fixed styling

fixed failing tests because of case on errs

Small updates to shared rp docs (#2079)

"note" syntax adjustments

Small updates to shared rp docs from working sessions

added note related to gwy keyvault not being in dev

Update docs/prepare-a-shared-rp-development-environment.md

Language adjustment.

Committing syntax change per Caden's suggestion.

Co-Authored-By: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Co-authored-by: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Additional gateway tests (#2062)

* Add coverage for pkg/gateway. Gateway creation now fails fast when env
properties are missing.

* refactor large test into multiple test cases

Move gateway fluentbit to container

Bump async from 2.6.3 to 2.6.4 in /portal/v1

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

set MDSD_MSGPACK_SORT_COLUMNS to perf column sorting on MDSD side and try to avoid hitting max schema count (#2095)

Remove mwoodson from codeowners (#2106)

Updated FIPs e2e test for 2022-04-01 API

Development subscription migration

prepare for dns migration

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Update az cli extension to use api v2022_04_01 (#2042)

* Bumping az aro extenion api version to v2022_04_01

* Adding new command flags and data structures to az aro create

* linting

Update cluster

Update pkg/util/cluster/cluster.go

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

Better err handling to customer

remove installconfig dependency from deploystorage

Remove unnecessary to.StringPtr usages

Fixing exception handling for missing subnet (#2117)

* Fixing exception handling for missing subnet

* use isinstance

* Another err.message fix

Added a new function for a hardcoded filter of namespaces (#1994)

Added unit test for the makeURLSegments function of dynamichelper (#2031)

add minor version

Master resize (#1889)

* master resize GA

move arm template deploy to util

use the ARM deploytemplate code directly in pkg/cluster

Add David Newman to CODEOWNERS

il5 series support, vm.go improvements and tests (#2086)

Add improvements to `deploy-full-rp-service-in-dev.md` doc (#2048)

* Add improvements to full rp service doc

* Update docs/deploy-full-rp-service-in-dev.md

Co-authored-by: Spencer Amann <samann@redhat.com>

NSG controller - reconcile nil NSG (#2116)

* adding test case for NSGs = nil

* Adding handling of empty NSG

Fix deleteNic when the nic is in failed provisioning state

Add documentation outlining our keyvaults, certificates, and secrets

Provide clearer error for a particular type of PUCM failure

Instead of "subnet ID "" has incorrect length", catch the error
earlier and provide a clearer "lastAdminUpdateError" message.

This particular PUCM failure occurs when a machineset object fails
to decode during cluster document enriching.

increase the timeout to 10 minutes, since a rebuild can trigger the timeout

Vendor installer release 4.10

Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules.

Automated updates from "make generate"

Set default InstallStream to OCP 4.10.15

Automated updates from "make discoverycache".

pipelines: Require agents with go-1.17 capability for CI/E2E

Update documentation for Go 1.17 and installer 4.10

Switch from the azureprovider to the new machinev1.AzureMachineProviderSpec machine API

* Due to the move of the AzureMachineProviderSpec into the openshift/api we need to marshal the existing
  clusters machine provider spec into the new struct.
* Switches tests to use the new machine API struct.

Ref: f9725ddd94

Switch to building with golang 1.17

Switch maoclient -> machineclient and maofake -> machinefake

gofmt: add "go:build e2e"

Switch to using the ubi8 go-toolset for building.

Add additional values to CloudError and Cluster Operation Logs (#2094)

* Added additional values to CloudError

* Update pkg/api/error.go

Co-authored-by: Weinong Wang <weinong@outlook.com>

* Add details for cluster logs in terminal state

* Fixed issue with logging clusterResult

* Changed to generic name, add String() func

* Update logging comments

Co-authored-by: Weinong Wang <weinong@outlook.com>

* Add prefix to cloudErrorMessage String()

* Add additional json monikers

* Fix bug with resultType output

* Defined CloudErrorCategory string type

* Empty-Commit to retrigger test

* Shift logs, remove code for next PR

* Added log fields, removed category

* Shift resultType to Logs

* Empty-Commit to retrigger test

* Remove all error changes

* Update openshiftcluster.go

change logs to lowercase

Co-authored-by: BCarvalheira <bcarvalheira@microsoft.com>
Co-authored-by: Weinong Wang <weinong@outlook.com>

Improved the unit test coverage for the merge function of dynamichelper

Fixed the validate golang code errors in the pipeline

Updated the code based on Mikalai's feedback

Fixed a go validation error

added yaml lint (#2132)

* added yaml lint

* updated the doc

Build the MSFT Go fips enabled code and tag the CI Agent as having Go 1.17.

Bump to the latest Microsoft Golang FIPS release.

Updated bindata.

Switch back to the vanilla ci vmss names.

Revert the address prefix and keyvault name changes necessary to deploy to CI.

Switch back to using the RHEL go-toolset now that 8.6 is available on Azure.

Double the OS Disk size.

Increase the disk size of the CI vmss to 200GB.

Updated bindata and move disk size to the correct vmss spec.

Add an option to send metrics via UDP instead of Unix Domain Sockets (#2074)

replace allowOCM flag with a forceLocalOnly flag

upgrade image to b4

when mhc is managed create an alert for frequent remediation (#2123)

allow overriding the operator version in the admin API (#2134)

Update pipelines to demand go 1.17 and update OB container to go 1.17 (#2146)

update mdm/mdsd

Add new ARO regions to pipelines

- australiacentral
- australiacentral2
- swedencentral

test for infra ID generation

this does not need installconfig, and so can be moved upwards in the install

replace it with a vendored version, so that we don't need to utilise the installer portion

validate apimachinery rand as utilrand

split ensuregraph into applying customisations and then saving it to the storage account. if we use the vanilla installer, we will likely still need to save the graph (after fetching it from hive) but we will not change things inside of it like currently.

refactored muo to extract deployer (#2122)

removed go-bindata from pkg/operator (#2119)

add: Getpodlogs kubeaction api (#1885)

Migrate from AD to MS Graph

Also changed the AADManager so that it only returns values
instead of the data structure.  This hides the implementation
details so that in the future if MSAL changes the internal
representation, any required changes will be contained within
the class (vs. right now custom.py has to be changed accordingly).

fixed conflict created when moving to the new library (#2150)

Bump eventsource from 1.1.0 to 1.1.1 in /portal/v2

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Bump eventsource from 1.1.0 to 1.1.1 in /portal/v1

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

clean up of validate import, now uses a yaml file for maintainability  (#2136)

Updated portal bindata

create lint-go script and call it from Makefile (#2118)

Co-authored-by: Jeremy Facchetti <facchettos@gmail.com>

Add name length validation on ARO clusters for non-zonal regions

Truncate cluster names to 19 char in e2e pipelines

Typo in pipeline script

Added cookie as part of test and added extra error output

Seperated image pull and container start for selenium

Fixing up docker command
2022-10-06 15:15:25 +11:00
Ellis Johnson 27a079da9b Rewrote first test in golang on e2e pipeline
Syncing up vendoring

Added second test
2022-10-06 15:15:16 +11:00
Amber Brown 08e48b51b6 Removed old portal JS
enable reconciling azuresubnets/NSGs by default

refector e2e for removing dependency.

Update 2

removed old code.

make test to fail on getting error.

Expect(err).NotTo(HaveOccurred())

Formating done

White-spaces removed.

handle the use of the AddressPrefixes field alongside AddressPrefix

improved ValidateCIDRRanges test

add vnet names to help with debugging if needed in the future

comment improvement

Bump follow-redirects from 1.14.0 to 1.14.7 in /portal

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.0 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.0...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Store downloaded cert only when it differs

When systemd downloader downloads fresh certificate
check whether it differs from the stored one.

Replace old one with fresh when there is a difference.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Restart mdm service on cert change

Forces MDM container to pick up changed certificate.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

doc: Document fp cert rotation

Add doc file with information how the first party certificate is
rotated in the RP and on the host VM.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Replace artifacts with direct code checkout

Replaces configuration fetching via build pipeline with
direct code checkout.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update .pipelines/int-release.yml

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

provide the ability to specify an overridden fluentbit image in operator feature flags

Download aro deployer from tagged image

Pull aro deployer from tagged container instead of pipeline artifact.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Add deploy pipelines using tag

Add new pipelines using tagged deployment

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Set XDG_RUNTIME_DIR explicitly on CI VMs

Add tagged aro image

Add annotated tag build and push into makefile.
Without annotation, the TAG is empty and
action is not performed.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Build and push tagged aro image into ACR

When annotated TAG is not set the new step fails.
Otherwise it builds the tagged image and pushes it
to the ACR.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Build release on tag

When CI started from tag build image and push to registry.
Extract annotation from the tag and use it as summary
for changelog. Automated summary is extracted from commits
titles.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

mdm/mdsd++

make generate

Revert "[PIPELINES 4] Create release based on annotated git tag"

Fix: Broken pull path

The original path is not working as it is blocked for writing,
Using the pipeline default instead

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Fix: Broken checkout code path

The checkout behaves differently when checking out single repository.
It checkout to /s

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update prod pipeline params to be consistent

Enable SBOM on all OneBranch pipelines

Fixing typo in paths

Add Documentation and Scripts for ARO Monitor Metric testing

Fix typo

Co-authored-by: Caden Marchese <56140267+cadenmarchese@users.noreply.github.com>

Handle cleanup of spawned processes.

Clarify a few things in the procdure.

Add example script to directly inject test data

Revert "Revert "[PIPELINES 4] Create release based on annotated git tag""

Fix: Remove build to run after e2e

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Bump nanoid from 3.1.22 to 3.2.0 in /portal

Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.1.22...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Add uaenorth to non-zonal regions

imageconfig controller

Fixing bug where incorrect ACR domain name was being generated

added doc for cert rotation

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

Vendor installer release 4.9

This also forces the RP from Go 1.14 to Go 1.16.

Aside from requiring OCP 4.9 / Kubernetes 1.22 modules, the
other go.mod changes are all manual workarounds from failed
"make vendor" runs.

Automated updates from "make vendor"

Alter client-gen command to stay within repo

The way this is written seems to assume the ARO-RP repo is cloned
under the user's $GOPATH tree.  That's not where I typically clone
git repos for development.

Use relative paths in the client-gen command and arguments to stay
within the ARO-RP git repo.

Automated updates from "make generate"

Set InstallStream to OCP 4.9.8

Automated updates from "make discoverycache"

pipelines: Demand agents with go-1.16 capability for CI/E2E

Update documentation for Go 1.16 and installer 4.9

Fix: Remove the wrong git pull path

Removes the wrong git pull path for ADO RP-config
Removes unused parameter

Signed-off-by: Petr Kotas <pkotas@redhat.com>

fix: Add go1.16 requirement to run pipelines

With addition of 4.9 release, the go build
have to run with go1.16

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Add geneva action to reconcile a failed NIC

Suppress stderr within Makefile command

Do not overwrite FIPs environment variable in CI VMs

fix: fix service connection to the github

existing service connection does not meet requirement
for the github release

Signed-off-by: Petr Kotas <pkotas@redhat.com>

ADO Pipelines make no sense

Ensure TAG environment var is consistent case

Incorrect quoting on variables in pipeline

Clean up debug print statement in pipelines

Add INT/Prod variable group requirements

Update correct directory path for pipeline template files

Update release tag pipeline parameters

Vendor updated autorest adal to fix nil pointer exception in MSI

add fl to owners :-)

Fix: use the correct variable syntax for updated variables in pipelines

Bump 4.9.8 to 4.9.9 as it contains a bugfix that prevents cluster creation success

Vendor openshift installer carry patch

Bump golang version to 1.16 in CI VMs

Fix wrongly updated parameters and variables in prod release

Feedback follow up on image config controller

Use INT E2E Creds in Prod pipeline as we pull from the INT image registry and spin up our resources in our INT sub

clean temporary gomock folders (#1912)

Signed-off-by: Karan.Magdani <kmagdani@redhat.com>

fix 2 cred scan findings by adding suppression settings (#1960)

add tsaoptions json file, enable tsa in build rp official pipeline (#1959)

chore: removed logging onebranch pipelines files from aro-rp repo (#1942)

quick fixes in docs (#1956)

Removes unneeded field (#1962)

Updated linux container image for build (#1964)

Updating go-toolset tag to 1.16.12 (#1965)

Bump follow-redirects from 1.14.7 to 1.14.8 in /portal

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

add fips validation scripts and ci step

drop net_raw and make generate

Adding norwaywest to deploy from tag ALL regions Pipeline. (#1968)

Include variable groups for prod single region release (#1957)

Add Central US EUAP to nonZonalRegions (#1927)

remove network acceleration due to issues discovered

reapply the primary tag

make generate

Add metric gauge for nohost present on request to gateway

Fix net_raw caps, make generate (#1971)

Refactors operator requeues

* Adds the clarifying comment on requeues into the checker controller
* Removes `Requeue: true` in places where we use `RequeueAfter`
  as it is has no effect.

add a field to indicate spotInstances in node.conditions metric (#1928)

Bump url-parse from 1.5.3 to 1.5.7 in /portal

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.7.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.3...1.5.7)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

docs: add cleaner info to shared env docs

add westus3 to pipeline manifests

add additional logging to redeploy to help understand state when this job fails in e2e

Re-enable Egress Lockdown

Enable egress lockdown feature by default on new clusters while also
allowing current clusters to be admin-upgraded with the new feature

Co-authored-by: Ben Vesel <10840174+bennerv@users.noreply.github.com>

fix: use the tag/commit as the aro version

ARO uses both tags and commits as its version.
The commits are used for the development scenario,
tags are used when building and deploing to
production.

add: copy ARO iamge to integration

Signed-off-by: Petr Kotas <petr@kotas.tech>

add: release pipeline documentation

Signed-off-by: Petr Kotas <petr@kotas.tech>

fix: HTTP 500 from "List cluster Azure resource" Geneva Action for unknown resource types (#1978)

* If don't have an apiVersion defined for a resource, then skip over it instead of returning an error.

* Reword the comment.

* Double quote the resource type in the log warning message.

Co-authored-by: Mikalai Radchuk <509198+m1kola@users.noreply.github.com>

add operator storage acc and endpoints reconcilers

operator tests

storageacc handling for install/update

generate

vendor

review feedback

Add dev env rules exception

Comply with the Authorizer changes

Fix tests

Fix merge conflicts

Add operator flags

Fix tests

Change operator flags

Addressing feedback

generate

Operator flag tests

Addressing feedback

FIx

update cluster spec

Add an Operator controller for Managed Upgrade Operator

add MUO deployment manifests

run go generate

add a mocks directory in the operator

make dynamichelper produce less spurious changes for MUO

fix: move int mirroring to separate pipelines

integration requires it own set of credentials,
this can only by provided in a separate pipeline

Signed-off-by: Petr Kotas <pkotas@redhat.com>

fix: provide the correct dependent pipeline (#1982)

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update mirror-aro-to-int.yml for Azure Pipelines

Remove unused parameter

fix: replace parameter with variable (#1984)

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Update mirror-aro-to-int.yml for Azure Pipelines

Fix typo

Cleans up unused args in `muo.NewReconciler`

Bump url-parse from 1.5.7 to 1.5.10 in /portal

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.7 to 1.5.10.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.7...1.5.10)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Removes a explicit `gomock.Eq()` matcher calls (#1983)

`gomock.Eq()` is a default matcher in gomock
so it doesn't have to be explicitly called in these cases

Docs: Set GOPATH (#1987)

- A few developers on various OS flavors have seen make generate fail after the upgrade to golang 1.16 due to client-gen updates. This appears to fix.

Adds extra fields to the PreviewFeature CRD

Adds the controller implementation

It currently implements only one feature: NSG flow logs

preview feature controller and NSG flow log feature implementation

L series support - RP changes (#1751)

* add L-series SKUs to internal, admin, validate api

* make client

Add SKU availability and restriction checks to dynamic validation (#1790)

* add sku filtering and restriction checks

* add install-time instance validation

Minor ARO operator refactoring

* Gets rid of exported constants like `ENABLED` where exported constants are not required
* Gets rid of constant concatenations like `CONFIG_NAMESPACE + ".enabled"` to make search easier
* Removes unnecessary `Copy` method of `OperatorFlags` stuct as well as package level `DefaultOperatorFlags` variable.
  Introduces `DefaultOperatorFlags()` instead.

Removing call to listByResourceGroup due to flakyness in the Azure API

add validate-fips step into onebranch build rp template

exclude vuln protobuf

exclude vulnerable containerd versions

Changed CloudErrorCodes from vars to consts. (#1997)

Co-authored-by: Jeremy Facchetti <jfacchet@jfacchet.remote.csb>

Add sourcebranchname to build_tag (#1996)

adding a way to pass additional flags to E2E tests (#1998)

Fix typo in deploy-development-rp doc (#2005)

Better documentation support for multiple envs (#1932)

- Now there are two env files: standard, and int-like files
  - Instructions modified for int envs to create the new file and source it
  - Fixed a small typo in the instructions that was being masked by indentation

vendor: fake operator client

Signed-off-by: Petr Kotas <pkotas@redhat.com>

feature: add autosizednodes reconciler

Introduce autosizednodes reconciler which watches aro cluster object
feature flags for ReconcileAutoSizedNodes.

When feature flag is present new KubeletConfig is created enabling the
AutoSizingReserver feature which auto computes the system reserved
for nodes.

feature: add aro cluster to workaround

Adds aro cluster instance to IsRequires check
to allow for feature flags checking.

Signed-off-by: Petr Kotas <pkotas@redhat.com>

feature: disable systemreserved when autosizednodes enabled

Signed-off-by: Petr Kotas <pkotas@redhat.com>

Avoid AdminUpdate panic when Nodes are down (#1972)

* Skip ensureAROOperator and aroDeploymentReady when the IngressProfiles data is missing, esp after cluster VM restarts as part of the update call
* Refactor Cluster Manager code to make ensureAROOperator code testable
* Add unit test for ensureAROOperator code

Co-authored-by: Ulrich Schlueter <uschlueter@redhat.com>

update go-cosmosdb version to incorporate the latest change (#2006)

Filter out unwanted data from azure list geneva action (#1969)

* filter our Microsoft.Compute/snapshots from azure list geneva action

* change filter input for test

Doc to create & push ARO Operator image to ACR/Quay (#1888)

* Doc to create/push AROOperator image ACR/Quay

A document on How to create & publish ARO Operator image to ACR/Quay.

Added alternative to go get command (#2015)

Update Makefile (#2020)

The ARO-RP returns special characters in color encoding special character, which is not decoded as of now. This change removes the color encoding characters by default in e2e tests

Update node-selector on muo namespace

Dockerfile for MUO image (#1993)

Update OB Build Pipeline to Pass Build Tag as Var (#2011)

* adding release_tag functionality to support releasing by tag or commit

add managed upgrade operator configuration settings and connected MUO if allowed and a pullsecret exists

add muo config yaml

add openshift-azure-logging to the ignored namespaces

run go generate

Fix VM Redeploy Test Flake

- Removing test to check k8s Events for Node readiness
- Adding test for Azure VM readiness (power state)
- Adding test for Linux Kernel uptime to guarantee reboot

disable ipv6 router advertisements on rp/gateway vmss

Install python3 on RP and gateway VMs

make pullspec an optional flag

add enabled and managed by default
2022-10-06 15:13:23 +11:00
Amber Brown 9e842a962d Vendoring
go mod tidy -compat=1.17 && go mod vendor
2022-09-27 15:16:30 +01:00
Amber Brown 26ef9684eb update to ginkgo v2 in the e2e tests 2022-09-27 15:16:30 +01:00
Brendan Bergen b17f992af5 Replace strings.Title with caser 2022-08-22 15:31:52 -06:00
Amber Brown 2b58d89e3e
Fix some drift from multiple merges (#2317) 2022-08-09 08:53:57 +02:00
Mikalai Radchuk 5ab9a3e095
Vendoring: update Hive to the latest version (#2263)
* Updates vendoring docs and scripts

* Makes use of `go mod tidy -compat=1.17`:
  we do not have to be compatible with prior versions.
  Saves a bit of headache when dealing with dependencies.
* Makes `hack/update-go-module-dependencies.sh` ignore `github.com/openshift/hive`:
  it is not part of OCP dependencies and is not following `release-4.Y` branching.
  We want to update it separately.

* Vendoring: update Hive to the latest version

* make generate
2022-07-19 13:44:23 -04:00
Ulrich Schlueter 3d8654a1a7 Register cluster with hive at install time 2022-07-05 16:16:56 +01:00
Amber Brown 07108b5a7b update deps 2022-07-04 13:13:56 +01:00
dependabot[bot] 6990ae3470 Bump github.com/coreos/ignition/v2 from 2.13.0 to 2.14.0
Bumps [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/coreos/ignition/releases)
- [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md)
- [Commits](https://github.com/coreos/ignition/compare/v2.13.0...v2.14.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/ignition/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-08 11:26:41 +02:00
Spencer Amann 7bba674b3a
when mhc is managed create an alert for frequent remediation (#2123) 2022-05-31 09:34:48 -04:00
darthhexx 1c4e98933e Vendor installer release 4.10
Switches to go.1.17, OCP 4.10, and Kubernetes 1.23 modules.
2022-05-25 14:49:12 +10:00
Jeff Yuan 6b2f23d02c
update go-cosmosdb version to incorporate the latest change (#2006) 2022-03-16 19:54:04 -05:00