# 4.14.0-0.ci-2025-10-21-190507 Created: 2025-10-21 19:05:19 +0000 UTC Image Digest: `sha256:eaddbe46c951f937e4ea7feda85d5c7e26a162672f7e5b3a839bfe0e0ed970de` ## Changes from 4.13.61 ### Components * Kubernetes upgraded from 1.26.15 to 1.27.16 * Red Hat Enterprise Linux CoreOS upgraded from 413.92.202510150118-0 to 414.92.202510210117-0 ### New images * [agent-installer-utils](https://github.com/openshift/agent-installer-utils) git [b3fa10c2](https://github.com/openshift/agent-installer-utils/commit/b3fa10c2f6a890f982a983510e8315b084867782) `sha256:d6b05b3df636de65b8bb1d990fe1a3fd0310a8c5c9622ce207fed3e7e9a379ac` * [azure-workload-identity-webhook](https://github.com/openshift/azure-workload-identity) git [2cb82019](https://github.com/openshift/azure-workload-identity/commit/2cb82019194364a2f7ba1a9aa318fa6e5b4a7346) `sha256:542606cbb49e7c348d08bb6d8366feb82cef5ba1dc04d3a7e9d035ff89642247` * [cli-manager](https://github.com/openshift/cli-manager) git [ff674b67](https://github.com/openshift/cli-manager/commit/ff674b67fa3e979ce85793c591636dd53ea98445) `sha256:17cc8c71b2c7c1678567cffb265a4b093f6fb53eec9cce02ec6a74fbf3f95579` * [cluster-olm-operator](https://github.com/openshift/cluster-olm-operator) git [0dbbb613](https://github.com/openshift/cluster-olm-operator/commit/0dbbb6132ced379602040731ff889eebb4202e73) `sha256:754ca5a779e8ec7592e34cfa67216f24713255552468a26af29e39b6ad053769` * [contour](https://github.com/openshift/contour) git [45e9b621](https://github.com/openshift/contour/commit/45e9b621adb42ea25f65157964381e838b598c5c) `sha256:670ea96e56d324551a7bc17d10c7fc763933b58b43bd4221bec85706951ecadb` * [contour-operator](https://github.com/openshift/contour-operator) git [e07f7060](https://github.com/openshift/contour-operator/commit/e07f70604310311dc0547567b3b0be0fe90c3d82) `sha256:7749234f09796ea537fb80ecb6c8798ec6e11e330c0db02a9d3aebfcb8bf0575` * [local-storage-static-provisioner](https://github.com/openshift/sig-storage-local-static-provisioner) git [2b7b9e18](https://github.com/openshift/sig-storage-local-static-provisioner/commit/2b7b9e18cf2f62d265248150b0dfbc508e91f3f9) `sha256:9355120d62f3e2596a14db8c85b1b7e6c8606a020fbc24e2134e3326b28f0100` * [monitoring-plugin](https://github.com/openshift/monitoring-plugin) git [4fa70433](https://github.com/openshift/monitoring-plugin/commit/4fa70433b2249d44cbe74c6f4ee48625babb2cf1) `sha256:f3ca3c8f46c62430bebc821c527ea8488e217e505ef5a95a7b9e026c1aeb043f` * [olm-catalogd](https://github.com/openshift/operator-framework-catalogd) git [a333cb0b](https://github.com/openshift/operator-framework-catalogd/commit/a333cb0b558abf8d9f8da0eccd5618d767629050) `sha256:483f3b1d89ce314115b54ad3e2743157d82da5d68b2c52e0361b354c0f3e3277` * [olm-operator-controller](https://github.com/openshift/operator-framework-operator-controller) git [fb6fb278](https://github.com/openshift/operator-framework-operator-controller/commit/fb6fb278d987faacb4da17b96a109da261fbb962) `sha256:58e45acf090a1ae8889bac12977d1e79159564cc04301d224d41d13775bd4f00` * [ovirt-installer](https://github.com/openshift/installer) git [bf1b6c1c](https://github.com/openshift/installer/commit/bf1b6c1c1bc1b825a54af62e0f8e587be984b89b) `sha256:4e9e9bd31a6d5ec7d3f2526031475ca5277b40d0081a19957b1e76d6004e7575` * [ovn-kubernetes](https://github.com/openshift/ovn-kubernetes) git [beb3430c](https://github.com/openshift/ovn-kubernetes/commit/beb3430c5fc2b3c37eeb90b816dd925ed4065fe6) `sha256:d98e01a3512123ed2020b1243a5f5d4c09108063fbf766a84bb7fa5c8c362f48` * [ovn-kubernetes-microshift](https://github.com/openshift/ovn-kubernetes) git [beb3430c](https://github.com/openshift/ovn-kubernetes/commit/beb3430c5fc2b3c37eeb90b816dd925ed4065fe6) `sha256:0e98c455ba4c0e63b214fb8182c3824fb9dfba107ced44f4ba05812800e914dd` ### Removed images * ovn-kubernetes-microshift-rhel-9 * ovn-kubernetes-rhel-9 ### Rebuilt images without code change * [apiserver-network-proxy](https://github.com/openshift/apiserver-network-proxy) git [f56c606a](https://github.com/openshift/apiserver-network-proxy/commit/f56c606ae15041b0c981e654ab577d2b0a3a0a8f) `sha256:f4ec5042af3a5e88926c1cb7a3e00e25b8cd1f4748e6affeed371aa984d20702` * machine-os-content `sha256:b101c8e958668501726f5f81fe60808b2811a625800c6a3f7fda2ae5a22e478f` * rhel-coreos `sha256:2fdf8da8da8c363197262e1df38c2f096de7933521e86f53d306f99248312c35` * rhel-coreos-extensions `sha256:cd2830998eaf956a8579089b4073bc294cd16d24309c639e5004aaa2b560b9a7` ### [agent-installer-api-server](https://github.com/openshift/assisted-service/tree/6df4bf1f0f2b26e32346ae81f1291ce151780b58) * [OCPBUGS-58632](https://issues.redhat.com/browse/OCPBUGS-58632), [OCPBUGS-58637](https://issues.redhat.com/browse/OCPBUGS-58637): Bump glog to v1.2.5 in release-4.14 (#7906) [#7906](https://github.com/openshift/assisted-service/pull/7906) * [OCPBUGS-53691](https://issues.redhat.com/browse/OCPBUGS-53691): Bump jwt to 4.5.2 in release-4.14 (#7499) [#7499](https://github.com/openshift/assisted-service/pull/7499) * [OCPBUGS-46941](https://issues.redhat.com/browse/OCPBUGS-46941): OCPBUGS-46184: Bump golang.org/x/net to 0.33.0 (#7200) [#7200](https://github.com/openshift/assisted-service/pull/7200) * [OCPBUGS-15346](https://issues.redhat.com/browse/OCPBUGS-15346), [OCPBUGS-15347](https://issues.redhat.com/browse/OCPBUGS-15347): Update version go-http-metrics and gin-gonic/gin (#6899) [#6899](https://github.com/openshift/assisted-service/pull/6899) * [OCPBUGS-34641](https://issues.redhat.com/browse/OCPBUGS-34641): Invalid Pull-Secret when using password which contains a colon character (#6416) [#6416](https://github.com/openshift/assisted-service/pull/6416) * [OCPBUGS-31631](https://issues.redhat.com/browse/OCPBUGS-31631): Deploy dual stack with IPv6 on top of bond/vlan fails (#6322) [#6322](https://github.com/openshift/assisted-service/pull/6322) * [MGMT-17594](https://issues.redhat.com/browse/MGMT-17594): Bump x/net to v0.24.0 to mitigate CVE-2023-45288 (#6216) [#6216](https://github.com/openshift/assisted-service/pull/6216) * [MGMT-17549](https://issues.redhat.com/browse/MGMT-17549): Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#6203) [#6203](https://github.com/openshift/assisted-service/pull/6203) * [MGMT-17541](https://issues.redhat.com/browse/MGMT-17541): Replace broken golangci reference (#6197) [#6197](https://github.com/openshift/assisted-service/pull/6197) * NO-ISSUE: replace postgres images as current one disappeared from quay (#6134) [#6134](https://github.com/openshift/assisted-service/pull/6134) * [MGMT-16950](https://issues.redhat.com/browse/MGMT-16950): changing dnsmasq configuration for sno in order to meet single ip installation flow for ibu (#5973) [#5973](https://github.com/openshift/assisted-service/pull/5973) * [MGMT-16494](https://issues.redhat.com/browse/MGMT-16494): Move ip hint file creation to ignition in order to change it in IBI process (#5974) [#5974](https://github.com/openshift/assisted-service/pull/5974) * [MGMT-16517](https://issues.redhat.com/browse/MGMT-16517): Add Env Var Deployment Type & Set ABI (#5987) [#5987](https://github.com/openshift/assisted-service/pull/5987) * [MGMT-15796](https://issues.redhat.com/browse/MGMT-15796): set CloudControllerManager to External for OCI (#5877) [#5877](https://github.com/openshift/assisted-service/pull/5877) * [OCPBUGS-23069](https://issues.redhat.com/browse/OCPBUGS-23069): Ignore hostPrefix validation for plugins other than OVN/SDN (#5676) [#5676](https://github.com/openshift/assisted-service/pull/5676) * [MGMT-15704](https://issues.redhat.com/browse/MGMT-15704): One typo and one missing piece of config, discovered after MGMT-15704 merged (#5465) [#5465](https://github.com/openshift/assisted-service/pull/5465) * Bump OCP versions: 4.12 (#5467) [#5467](https://github.com/openshift/assisted-service/pull/5467) * [MGMT-15653](https://issues.redhat.com/browse/MGMT-15653): Validate domain in one place (#5451) [#5451](https://github.com/openshift/assisted-service/pull/5451) * [MGMT-15704](https://issues.redhat.com/browse/MGMT-15704): Assisted service should create Day2 import CR for hub cluster. (#5459) [#5459](https://github.com/openshift/assisted-service/pull/5459) * [MGMT-15340](https://issues.redhat.com/browse/MGMT-15340): Ensure vlan interface names will be <= 15 characters (#5389) [#5389](https://github.com/openshift/assisted-service/pull/5389) * NO-ISSUE: Add subsystem tests to platform support level (#5460) [#5460](https://github.com/openshift/assisted-service/pull/5460) * Bump OCP versions: 4.10 (#5463) [#5463](https://github.com/openshift/assisted-service/pull/5463) * Bump OCP versions: 4.13 (#5457) [#5457](https://github.com/openshift/assisted-service/pull/5457) * Bump OCP versions: 4.13, 4.11, 4.12 (#5454) [#5454](https://github.com/openshift/assisted-service/pull/5454) * [MGMT-11456](https://issues.redhat.com/browse/MGMT-11456): Bugfix - remove redundant code (#5372) [#5372](https://github.com/openshift/assisted-service/pull/5372) * Bump OCP versions: 4.11, 4.12, 4.13 (#5452) [#5452](https://github.com/openshift/assisted-service/pull/5452) * [AGENT-694](https://issues.redhat.com/browse/AGENT-694): Support external platform type for agent installer (#5438) [#5438](https://github.com/openshift/assisted-service/pull/5438) * [MGMT-15100](https://issues.redhat.com/browse/MGMT-15100): Remove unused feature-support-levels API endpoint (#5450) [#5450](https://github.com/openshift/assisted-service/pull/5450) * Update RHTAP references (#5410) [#5410](https://github.com/openshift/assisted-service/pull/5410) * Fix setup_env.sh failure handling (#5442) [#5442](https://github.com/openshift/assisted-service/pull/5442) * Add BMH annotation keys to docs (#5444) [#5444](https://github.com/openshift/assisted-service/pull/5444) * OCPBUGS-17992 day2 skip install config overrides (#5439) [#5439](https://github.com/openshift/assisted-service/pull/5439) * Bump OCP versions: 4.12, 4.10 (#5441) [#5441](https://github.com/openshift/assisted-service/pull/5441) * [MGMT-14881](https://issues.redhat.com/browse/MGMT-14881): return a valid error when no disks has been found (#5430) [#5430](https://github.com/openshift/assisted-service/pull/5430) * [MGMT-15595](https://issues.redhat.com/browse/MGMT-15595): Make client a separate go module (#5434) [#5434](https://github.com/openshift/assisted-service/pull/5434) * [MGMT-15177](https://issues.redhat.com/browse/MGMT-15177): Align feature support level to support platform as filterable feature (#5424) [#5424](https://github.com/openshift/assisted-service/pull/5424) * Bump OCP versions: 4.12 (#5432) [#5432](https://github.com/openshift/assisted-service/pull/5432) * Bump OCP versions: 4.11, 4.13 (#5431) [#5431](https://github.com/openshift/assisted-service/pull/5431) * Use go 1.18 when setting up environment (#5422) [#5422](https://github.com/openshift/assisted-service/pull/5422) * NO-ISSUE: Bump k8s.io/klog/v2 from 2.70.1 to 2.100.1 (#5428) [#5428](https://github.com/openshift/assisted-service/pull/5428) * [MGMT-15356](https://issues.redhat.com/browse/MGMT-15356): Ensure filenames are distinct between openshift and manifest (#5382) [#5382](https://github.com/openshift/assisted-service/pull/5382) * [MGMT-15491](https://issues.redhat.com/browse/MGMT-15491): Validate vSphere disk.EnableUUID ignoring cluster platform (#5416) [#5416](https://github.com/openshift/assisted-service/pull/5416) * NO-ISSUE: Extend waiting time to test DB container to be ready (#5425) [#5425](https://github.com/openshift/assisted-service/pull/5425) * Bump OCP versions: 4.10 (#5423) [#5423](https://github.com/openshift/assisted-service/pull/5423) * Bump OCP versions: 4.13, 4.12 (#5421) [#5421](https://github.com/openshift/assisted-service/pull/5421) * [OCPBUGS-17415](https://issues.redhat.com/browse/OCPBUGS-17415): Bump golang.org/x/net (#5417) [#5417](https://github.com/openshift/assisted-service/pull/5417) * [MGMT-14933](https://issues.redhat.com/browse/MGMT-14933): Validate hosts running in OCI (#5413) [#5413](https://github.com/openshift/assisted-service/pull/5413) * Ensure inspection is disabled on day-2 spoke node BMHs (#5406) [#5406](https://github.com/openshift/assisted-service/pull/5406) * [MGMT-15423](https://issues.redhat.com/browse/MGMT-15423): Change the user message from: 'Host is not compatible with cluster platform %s; either disable this host or choose a compatible cluster platform (%v)' to 'Host is not compatible with cluster platform %s; either disable this host or discover a new, compatible host.' (#5412) [#5412](https://github.com/openshift/assisted-service/pull/5412) * Don't set detached for BMHs without infraenv label (#5414) [#5414](https://github.com/openshift/assisted-service/pull/5414) * [RHTAPBUGS-318](https://issues.redhat.com/browse/RHTAPBUGS-318): Fetch tag in RHTAP build (#5333) [#5333](https://github.com/openshift/assisted-service/pull/5333) * [MGMT-15424](https://issues.redhat.com/browse/MGMT-15424): parametrize envoy configmap name (#5411) [#5411](https://github.com/openshift/assisted-service/pull/5411) * Bump OCP versions: 4.12 (#5409) [#5409](https://github.com/openshift/assisted-service/pull/5409) * Bump OCP versions: 4.11 (#5407) [#5407](https://github.com/openshift/assisted-service/pull/5407) * [MGMT-15335](https://issues.redhat.com/browse/MGMT-15335): Fix missing state when trying to update to not supported platform (#5399) [#5399](https://github.com/openshift/assisted-service/pull/5399) * Bump OCP versions: 4.14 (#5403) [#5403](https://github.com/openshift/assisted-service/pull/5403) * Update RHTAP references (#5387) [#5387](https://github.com/openshift/assisted-service/pull/5387) * [MGMT-15389](https://issues.redhat.com/browse/MGMT-15389): add feature flag to enable/disable OKD support (#5400) [#5400](https://github.com/openshift/assisted-service/pull/5400) * [MGMT-11949](https://issues.redhat.com/browse/MGMT-11949): MGMT-12278: Update libksba and libxml2 (#5398) [#5398](https://github.com/openshift/assisted-service/pull/5398) * [MGMT-15388](https://issues.redhat.com/browse/MGMT-15388): Remove unsupported platforms from the supported-platforms endpoint (#5394) [#5394](https://github.com/openshift/assisted-service/pull/5394) * [AGENT-557](https://issues.redhat.com/browse/AGENT-557): Split register into registerCluster and registerInfraEnv (#5376) [#5376](https://github.com/openshift/assisted-service/pull/5376) * [MGMT-15339](https://issues.redhat.com/browse/MGMT-15339): Run network config before NetworkManager (#5375) [#5375](https://github.com/openshift/assisted-service/pull/5375) * [MGMT-15128](https://issues.redhat.com/browse/MGMT-15128): Remove control plane machine set so that control-plane-machine-set operator would not go degraded due to placeholder credentials on installation. (#5378) [#5378](https://github.com/openshift/assisted-service/pull/5378) * [MGMT-15047](https://issues.redhat.com/browse/MGMT-15047): use installer to deploy on external platform (#5381) [#5381](https://github.com/openshift/assisted-service/pull/5381) * [MGMT-15343](https://issues.redhat.com/browse/MGMT-15343): dependabot remove docker (#5392) [#5392](https://github.com/openshift/assisted-service/pull/5392) * Bump OCP versions: 4.13, 4.10 (#5391) [#5391](https://github.com/openshift/assisted-service/pull/5391) * Don't attempt to contact spoke while unbinding a day2 host (#5383) [#5383](https://github.com/openshift/assisted-service/pull/5383) * Update RHTAP references (#5374) [#5374](https://github.com/openshift/assisted-service/pull/5374) * [MGMT-15128](https://issues.redhat.com/browse/MGMT-15128): Remove control plane machine set so that control-plane-machine-set operator would not go degraded due to placeholder credentials on installation. (#5364) [#5364](https://github.com/openshift/assisted-service/pull/5364) * Bump OCP versions: 4.12 (#5384) [#5384](https://github.com/openshift/assisted-service/pull/5384) * [MGMT-14793](https://issues.redhat.com/browse/MGMT-14793): Assisted discovery core and root user shell should have (#5373) [#5373](https://github.com/openshift/assisted-service/pull/5373) * [MGMT-15215](https://issues.redhat.com/browse/MGMT-15215): Allow setting of UI specific data for a cluster (#5358) [#5358](https://github.com/openshift/assisted-service/pull/5358) * [MGMT-15343](https://issues.redhat.com/browse/MGMT-15343): dependabot group updates (#5379) [#5379](https://github.com/openshift/assisted-service/pull/5379) * [MGMT-14923](https://issues.redhat.com/browse/MGMT-14923): add OSImageVersion to InfraEnvSpec (#5365) [#5365](https://github.com/openshift/assisted-service/pull/5365) * Bump OCP versions: 4.13 (#5377) [#5377](https://github.com/openshift/assisted-service/pull/5377) * Update RHTAP references (#5370) [#5370](https://github.com/openshift/assisted-service/pull/5370) * [OCPBUGS-16077](https://issues.redhat.com/browse/OCPBUGS-16077): Fix DNS validation (#5371) [#5371](https://github.com/openshift/assisted-service/pull/5371) * [MGMT-11456](https://issues.redhat.com/browse/MGMT-11456): kube-api should allow user to specify infraenv additional trust bundle (#5357) [#5357](https://github.com/openshift/assisted-service/pull/5357) * Bump OCP versions: 4.11, 4.12 (#5369) [#5369](https://github.com/openshift/assisted-service/pull/5369) * [MGMT-15295](https://issues.redhat.com/browse/MGMT-15295): Fixc bug in list manifests (#5366) [#5366](https://github.com/openshift/assisted-service/pull/5366) * [MGMT-14015](https://issues.redhat.com/browse/MGMT-14015): Custom manifest feature usage is never turning off (#5363) [#5363](https://github.com/openshift/assisted-service/pull/5363) * [MGMT-14491](https://issues.redhat.com/browse/MGMT-14491): Invalid node label returns error 500 instead of 400 (#5362) [#5362](https://github.com/openshift/assisted-service/pull/5362) * Update RHTAP references (#5328) [#5328](https://github.com/openshift/assisted-service/pull/5328) * Bump OCP versions: 4.14 (#5360) [#5360](https://github.com/openshift/assisted-service/pull/5360) * [MGMT-15243](https://issues.redhat.com/browse/MGMT-15243): Skip any zero size manifests when applying (#5355) [#5355](https://github.com/openshift/assisted-service/pull/5355) * Bump OCP versions: 4.12 (#5356) [#5356](https://github.com/openshift/assisted-service/pull/5356) * [MGMT-14656](https://issues.redhat.com/browse/MGMT-14656): Sort disks by HCTL after the other options (#5354) [#5354](https://github.com/openshift/assisted-service/pull/5354) * No-ISSUE: Revert "MGMT-14634: Ensure that empty manifest may not be added. (#5348)" (#5353) [#5348](https://github.com/openshift/assisted-service/pull/5348) * [MGMT-15213](https://issues.redhat.com/browse/MGMT-15213): temporary disable release-domain-name-resolved-correctly validation (#5351) [#5351](https://github.com/openshift/assisted-service/pull/5351) * [MGMT-15073](https://issues.redhat.com/browse/MGMT-15073): Cluster reset - only system generated manifests to be deleted (#5338) [#5338](https://github.com/openshift/assisted-service/pull/5338) * [MGMT-15070](https://issues.redhat.com/browse/MGMT-15070): Unable to change machine-network with dual stack (#5349) [#5349](https://github.com/openshift/assisted-service/pull/5349) * [MGMT-14634](https://issues.redhat.com/browse/MGMT-14634): Ensure that empty manifest may not be added. (#5348) [#5348](https://github.com/openshift/assisted-service/pull/5348) * [MGMT-15150](https://issues.redhat.com/browse/MGMT-15150): Use same installer binary for all platform types (#5334) [#5334](https://github.com/openshift/assisted-service/pull/5334) * [MGMT-14851](https://issues.redhat.com/browse/MGMT-14851): Update docs for allowing automatedCleaningMode (#5343) [#5343](https://github.com/openshift/assisted-service/pull/5343) * Bump OCP versions: 4.14, 4.12 (#5345) [#5345](https://github.com/openshift/assisted-service/pull/5345) * [MGMT-14726](https://issues.redhat.com/browse/MGMT-14726): Ensure that manifest filename does not contain spaces. (#5342) [#5342](https://github.com/openshift/assisted-service/pull/5342) * [MGMT-15064](https://issues.redhat.com/browse/MGMT-15064): Update is_external API description (#5336) [#5336](https://github.com/openshift/assisted-service/pull/5336) * Bump OCP versions: 4.10, 4.11 (#5339) [#5339](https://github.com/openshift/assisted-service/pull/5339) * [MGMT-14852](https://issues.redhat.com/browse/MGMT-14852): Allow AutomatedCleaningMode to be set by user (#5319) [#5319](https://github.com/openshift/assisted-service/pull/5319) * [MGMT-14374](https://issues.redhat.com/browse/MGMT-14374): update day2 master docs (#5335) [#5335](https://github.com/openshift/assisted-service/pull/5335) * MGMT-14620 Only emit succesful host creation message for pre install hosts (#5296) [#5296](https://github.com/openshift/assisted-service/pull/5296) * [MGMT-14704](https://issues.redhat.com/browse/MGMT-14704): Provide info on custom/vs non custom manifest in manifest endpoint. (#5278) [#5278](https://github.com/openshift/assisted-service/pull/5278) * [MGMT-15114](https://issues.redhat.com/browse/MGMT-15114): remove event for cluster registration failed (#5330) [#5330](https://github.com/openshift/assisted-service/pull/5330) * [MGMT-15126](https://issues.redhat.com/browse/MGMT-15126): Add missing incompatible features in some of the feature-support feature (#5327) [#5327](https://github.com/openshift/assisted-service/pull/5327) * [MGMT-15107](https://issues.redhat.com/browse/MGMT-15107): Bump version for hacking LSO catalog (#5323) [#5323](https://github.com/openshift/assisted-service/pull/5323) * Create an override annotation for the ironic agent image (#5310) [#5310](https://github.com/openshift/assisted-service/pull/5310) * [OCPBUGS-13621](https://issues.redhat.com/browse/OCPBUGS-13621): Fix singular Ingress and API cluster VIPs removal (#5216) [#5216](https://github.com/openshift/assisted-service/pull/5216) * Don't require key encipherment usage for approving CSRs (#5322) [#5322](https://github.com/openshift/assisted-service/pull/5322) * [MGMT-13284](https://issues.redhat.com/browse/MGMT-13284): Check for BMH CRD before creating controller (#5284) [#5284](https://github.com/openshift/assisted-service/pull/5284) * [MGMT-14937](https://issues.redhat.com/browse/MGMT-14937): Deprecate user_managed_networking attribute (#5317) [#5317](https://github.com/openshift/assisted-service/pull/5317) * Bump OCP versions: 4.14 (#5320) [#5320](https://github.com/openshift/assisted-service/pull/5320) * Bump OCP versions: 4.13, 4.10, 4.12 (#5316) [#5316](https://github.com/openshift/assisted-service/pull/5316) * NO-ISSUE: parametrize template to enable switching secrets (#5313) [#5313](https://github.com/openshift/assisted-service/pull/5313) * [MGMT-14240](https://issues.redhat.com/browse/MGMT-14240): Specify connect-timeout on curl (#5314) [#5314](https://github.com/openshift/assisted-service/pull/5314) * [MGMT-15034](https://issues.redhat.com/browse/MGMT-15034): Fix patch of infrastructure CR with external platform (#5312) [#5312](https://github.com/openshift/assisted-service/pull/5312) * [MGMT-14979](https://issues.redhat.com/browse/MGMT-14979): add sasl/scraml auth method for kafka notifications (#5299) [#5299](https://github.com/openshift/assisted-service/pull/5299) * [MGMT-15025](https://issues.redhat.com/browse/MGMT-15025): Forbid register Z architecture cluster with OCI platform (#5309) [#5309](https://github.com/openshift/assisted-service/pull/5309) * MGMT-15015 Provider IsHostSupported panic if platform is not found (#5306) [#5306](https://github.com/openshift/assisted-service/pull/5306) * OCPBUGS-13738 enforce additional ntp sources added into chrony (#5295) [#5295](https://github.com/openshift/assisted-service/pull/5295) * [MGMT-14992](https://issues.redhat.com/browse/MGMT-14992): Fix Minimal ISO set as default in s390x (#5302) [#5302](https://github.com/openshift/assisted-service/pull/5302) * [MGMT-14631](https://issues.redhat.com/browse/MGMT-14631): Removing leftover of support for openshift 4.8 (#5301) [#5301](https://github.com/openshift/assisted-service/pull/5301) * Bump OCP versions: 4.14, 4.11 (#5300) [#5300](https://github.com/openshift/assisted-service/pull/5300) * [MGMT-14973](https://issues.redhat.com/browse/MGMT-14973): Fix misleading logs showing wrong platform and user_managed_networking combination (#5298) [#5298](https://github.com/openshift/assisted-service/pull/5298) * [MGMT-14975](https://issues.redhat.com/browse/MGMT-14975): Update MCE operator installation to use stable-2.3 channel (#5297) [#5297](https://github.com/openshift/assisted-service/pull/5297) * [MGMT-14769](https://issues.redhat.com/browse/MGMT-14769): Enable upgrade agent by default (#5276) [#5276](https://github.com/openshift/assisted-service/pull/5276) * [MGMT-14165](https://issues.redhat.com/browse/MGMT-14165): AgentClusterInstall Webhooks improvements and fixes (#5275) [#5275](https://github.com/openshift/assisted-service/pull/5275) * Bump OCP versions: 4.13, 4.12 (#5293) [#5293](https://github.com/openshift/assisted-service/pull/5293) * [MGMT-14730](https://issues.redhat.com/browse/MGMT-14730): Validate that manifest file size does not exceed 1MB (#5281) [#5281](https://github.com/openshift/assisted-service/pull/5281) * [MGMT-14883](https://issues.redhat.com/browse/MGMT-14883): Fix feature-support validation fail to validate openshift version (#5290) [#5290](https://github.com/openshift/assisted-service/pull/5290) * [MGMT-14904](https://issues.redhat.com/browse/MGMT-14904): fix error code for ignition size validation (#5291) [#5291](https://github.com/openshift/assisted-service/pull/5291) * [MGMT-14631](https://issues.redhat.com/browse/MGMT-14631): Remove support for openshift 4.8 (#5221) [#5221](https://github.com/openshift/assisted-service/pull/5221) * Add tls config for the service monitor (#5282) [#5282](https://github.com/openshift/assisted-service/pull/5282) * Bump OCP versions: 4.12, 4.10 (#5288) [#5288](https://github.com/openshift/assisted-service/pull/5288) * Red Hat Trusted App Pipeline update assisted-service-q2vh (#5270) [#5270](https://github.com/openshift/assisted-service/pull/5270) * Bump OCP versions: 4.13 (#5280) [#5280](https://github.com/openshift/assisted-service/pull/5280) * [OCPBUGS-7076](https://issues.redhat.com/browse/OCPBUGS-7076): Copy Day2 BMH if Agent is installing (#5250) [#5250](https://github.com/openshift/assisted-service/pull/5250) * [OCPBUGS-14405](https://issues.redhat.com/browse/OCPBUGS-14405): Avoid panic if pull secret contains non-string (#5267) [#5267](https://github.com/openshift/assisted-service/pull/5267) * [MGMT-13746](https://issues.redhat.com/browse/MGMT-13746): validate discovery ignition size (#5273) [#5273](https://github.com/openshift/assisted-service/pull/5273) * [MGMT-14830](https://issues.redhat.com/browse/MGMT-14830): Enable TechPreviewNoUpgrade when platform is external (#5279) [#5279](https://github.com/openshift/assisted-service/pull/5279) * [MGMT-13431](https://issues.redhat.com/browse/MGMT-13431): patching bug - ODF storage class not recognizing all device sets (#5268) [#5268](https://github.com/openshift/assisted-service/pull/5268) * [MGMT-14803](https://issues.redhat.com/browse/MGMT-14803): Fix cluster update won't fail on incompatible OLM operator dependency (#5264) [#5264](https://github.com/openshift/assisted-service/pull/5264) * [MGMT-14600](https://issues.redhat.com/browse/MGMT-14600): Prevent installing dual-stack vSphere on OCP version smaller than 4.13 (#5271) [#5271](https://github.com/openshift/assisted-service/pull/5271) * [MGMT-14750](https://issues.redhat.com/browse/MGMT-14750): Allow FC, ECKD, FBA drive types on s390x (#5269) [#5269](https://github.com/openshift/assisted-service/pull/5269) * [MGMT-12186](https://issues.redhat.com/browse/MGMT-12186): Add MCE operator plugin (#5203) [#5203](https://github.com/openshift/assisted-service/pull/5203) * Bump OCP versions: 4.11, 4.12 (#5265) [#5265](https://github.com/openshift/assisted-service/pull/5265) * [MGMT-14781](https://issues.redhat.com/browse/MGMT-14781): Make LSO operator to support all CPU architectures (#5262) [#5262](https://github.com/openshift/assisted-service/pull/5262) * Bump OCP versions: 4.13 (#5261) [#5261](https://github.com/openshift/assisted-service/pull/5261) * [MGMT-14582](https://issues.redhat.com/browse/MGMT-14582): Set OCI platform behind a capability (#5249) [#5249](https://github.com/openshift/assisted-service/pull/5249) * [MGMT-13997](https://issues.redhat.com/browse/MGMT-13997): Issues when using multiple bonds with CIM Assisted Installer (#5233) [#5233](https://github.com/openshift/assisted-service/pull/5233) * [MGMT-13685](https://issues.redhat.com/browse/MGMT-13685): Make sure ingress and api vip are not broadcast address. (#5256) [#5256](https://github.com/openshift/assisted-service/pull/5256) * [MGMT-14723](https://issues.redhat.com/browse/MGMT-14723): Fix randomly failing subsystem test (#5259) [#5259](https://github.com/openshift/assisted-service/pull/5259) * [MGMT-14649](https://issues.redhat.com/browse/MGMT-14649): Add feature support for OCI platform (#5244) [#5244](https://github.com/openshift/assisted-service/pull/5244) * NO-ISSUE: fixed misleading error message, the order of the host status was reverse (#5257) [#5257](https://github.com/openshift/assisted-service/pull/5257) * [MGMT-14306](https://issues.redhat.com/browse/MGMT-14306): Update host role validation to accept AutoAssign in Day2 (#5247) [#5247](https://github.com/openshift/assisted-service/pull/5247) * Delete the spoke BMH before removing the finalizer (#5239) [#5239](https://github.com/openshift/assisted-service/pull/5239) * [MGMT-14723](https://issues.redhat.com/browse/MGMT-14723): Remove duplicate operator cpu architecture validation (#5254) [#5254](https://github.com/openshift/assisted-service/pull/5254) * [MGMT-14734](https://issues.redhat.com/browse/MGMT-14734): Fix failed to update Nutanix provider cluster when on multi architecture (#5253) [#5253](https://github.com/openshift/assisted-service/pull/5253) * [MGMT-14728](https://issues.redhat.com/browse/MGMT-14728): Escape the escape char (\) (#5252) [#5252](https://github.com/openshift/assisted-service/pull/5252) * Bump OCP versions: 4.14 (#5251) [#5251](https://github.com/openshift/assisted-service/pull/5251) * [MGMT-14721](https://issues.redhat.com/browse/MGMT-14721): Get icsp-file from registries.conf for oc extract command (#5245) [#5245](https://github.com/openshift/assisted-service/pull/5245) * Bump OCP versions: 4.10 (#5248) [#5248](https://github.com/openshift/assisted-service/pull/5248) * Docs fix: ensure kubeconfig secret is created with a kubeconfig key. (#5246) [#5246](https://github.com/openshift/assisted-service/pull/5246) * [MGMT-13938](https://issues.redhat.com/browse/MGMT-13938): support external platform (#5143) [#5143](https://github.com/openshift/assisted-service/pull/5143) * Bump OCP versions: 4.11, 4.12 (#5243) [#5243](https://github.com/openshift/assisted-service/pull/5243) * [MGMT-8097](https://issues.redhat.com/browse/MGMT-8097): masters schedulable kube-api (#5240) [#5240](https://github.com/openshift/assisted-service/pull/5240) * Remove the detached annotation when BMH is being deleted (#5228) [#5228](https://github.com/openshift/assisted-service/pull/5228) * [MGMT-13643](https://issues.redhat.com/browse/MGMT-13643): added MaxLength to additional_trust_bundle (#5226) [#5226](https://github.com/openshift/assisted-service/pull/5226) * Bump OCP versions: 4.11, 4.12 (#5232) [#5232](https://github.com/openshift/assisted-service/pull/5232) * [MGMT-14356](https://issues.redhat.com/browse/MGMT-14356): Set 4.13 to default (#5230) [#5230](https://github.com/openshift/assisted-service/pull/5230) * Fix cpu partitioning struct tag/field (#5227) [#5227](https://github.com/openshift/assisted-service/pull/5227) * Force a BMH reboot when the infraenv image changes (#5212) [#5212](https://github.com/openshift/assisted-service/pull/5212) * [MGMT-14416](https://issues.redhat.com/browse/MGMT-14416): VipDhcpAllocation from update params should take precedence (#5209) [#5209](https://github.com/openshift/assisted-service/pull/5209) * Bump OCP versions: 4.13 (#5225) [#5225](https://github.com/openshift/assisted-service/pull/5225) * [MGMT-14526](https://issues.redhat.com/browse/MGMT-14526): Possible issue with validateNoWildcardDNS resolution validation (#5198) [#5198](https://github.com/openshift/assisted-service/pull/5198) * [MGMT-14648](https://issues.redhat.com/browse/MGMT-14648): Make "sufficient-masters-count - failed" subsystem test tolerate extra event. (#5223) [#5223](https://github.com/openshift/assisted-service/pull/5223) * Don't panic on BMH delete when agents are unbound (#5219) [#5219](https://github.com/openshift/assisted-service/pull/5219) * NO-ISSUE: Wait for hostedcontrolplane to be created (#5218) [#5218](https://github.com/openshift/assisted-service/pull/5218) * NO-ISSUE: Fix install customization doc (#5217) [#5217](https://github.com/openshift/assisted-service/pull/5217) * [MGMT-14610](https://issues.redhat.com/browse/MGMT-14610): Wait for the hostedcontrolplane CR ready status instead of watching the ready status of all pods in the namespace (#5215) [#5215](https://github.com/openshift/assisted-service/pull/5215) * [OCPBUGS-13081](https://issues.redhat.com/browse/OCPBUGS-13081): Support by-path root device hints (#5185) [#5185](https://github.com/openshift/assisted-service/pull/5185) * [MGMT-14526](https://issues.redhat.com/browse/MGMT-14526): Allow trailing dot (.) to be appended to domain name (#5208) [#5208](https://github.com/openshift/assisted-service/pull/5208) * OCPBUGS-13310 support setting CPUPartitioningMode with install config overrides (#5207) [#5207](https://github.com/openshift/assisted-service/pull/5207) * Bump OCP versions: 4.12, 4.13 (#5205) [#5205](https://github.com/openshift/assisted-service/pull/5205) * Deprovision when using converged and unbinding (#5199) [#5199](https://github.com/openshift/assisted-service/pull/5199) * [OCPBUGS-13356](https://issues.redhat.com/browse/OCPBUGS-13356): Fix 'vendor' root device hint evaluation (#5197) [#5197](https://github.com/openshift/assisted-service/pull/5197) * [MGMT-13977](https://issues.redhat.com/browse/MGMT-13977): Disallow single character base domain (#5196) [#5196](https://github.com/openshift/assisted-service/pull/5196) * Updating ose-agent-installer-api-server images to be consistent with ART (#5026) [#5026](https://github.com/openshift/assisted-service/pull/5026) * [MGMT-14530](https://issues.redhat.com/browse/MGMT-14530): Changing event message filtering to escape wildcards %,_ and not be case sensetive (#5194) [#5194](https://github.com/openshift/assisted-service/pull/5194) * [OCPBUGS-13250](https://issues.redhat.com/browse/OCPBUGS-13250): Fix disk name in generated HardwareDetails (#5193) [#5193](https://github.com/openshift/assisted-service/pull/5193) * [MGMT-14370](https://issues.redhat.com/browse/MGMT-14370): add OCP 4.14.0-ec.0 images (#5190) [#5190](https://github.com/openshift/assisted-service/pull/5190) * Podman README-disconnected requires 4.2 and not 3.3 (#5191) [#5191](https://github.com/openshift/assisted-service/pull/5191) * Bump OCP versions: 4.13 (#5189) [#5189](https://github.com/openshift/assisted-service/pull/5189) * [MGMT-14425](https://issues.redhat.com/browse/MGMT-14425): Changing event counts behavior (#5186) [#5186](https://github.com/openshift/assisted-service/pull/5186) * [MGMT-14226](https://issues.redhat.com/browse/MGMT-14226): Upgrade moby to 20.10.24 (#5153) [#5153](https://github.com/openshift/assisted-service/pull/5153) * Remove all spoke resources when deleting the node (#5161) [#5161](https://github.com/openshift/assisted-service/pull/5161) * Bump OCP versions: 4.12, 4.10 (#5182) [#5182](https://github.com/openshift/assisted-service/pull/5182) * [MGMT-14507](https://issues.redhat.com/browse/MGMT-14507): Exposing event headers for scripts (#5179) [#5179](https://github.com/openshift/assisted-service/pull/5179) * MGMT-14509 return 404 if cluster not found when host try to register (#5180) [#5180](https://github.com/openshift/assisted-service/pull/5180) * NO-ISSUE: Check whether is defined (#5178) [#5178](https://github.com/openshift/assisted-service/pull/5178) * NO-ISSUE: Override the control plane operator image only if explicitly asked to (#5176) [#5176](https://github.com/openshift/assisted-service/pull/5176) * [MGMT-11424](https://issues.redhat.com/browse/MGMT-11424): added validations for ignition cert (#5145) [#5145](https://github.com/openshift/assisted-service/pull/5145) * Bump OCP versions: 4.11 (#5173) [#5173](https://github.com/openshift/assisted-service/pull/5173) * Bump OCP versions: 4.13 (#5170) [#5170](https://github.com/openshift/assisted-service/pull/5170) * NO-ISSUE: Fixes the UI deployment (#5169) [#5169](https://github.com/openshift/assisted-service/pull/5169) * Update state machine graphs (#5168) [#5168](https://github.com/openshift/assisted-service/pull/5168) * [MGMT-14462](https://issues.redhat.com/browse/MGMT-14462): Allow to deploy assisted-service with all available images (#5167) [#5167](https://github.com/openshift/assisted-service/pull/5167) * NO-ISSUE Remove Approvers that are not longer in the group (#5166) [#5166](https://github.com/openshift/assisted-service/pull/5166) * Handle ironic URLs in dual stack hub and IPv6 spoke (#5163) [#5163](https://github.com/openshift/assisted-service/pull/5163) * [MGMT-14449](https://issues.redhat.com/browse/MGMT-14449): change creation time for hosts to one minute ago instead of now, to avoid race conditions in tests (#5160) [#5160](https://github.com/openshift/assisted-service/pull/5160) * [MGMT-13890](https://issues.redhat.com/browse/MGMT-13890): Drain before deprovisioning spoke nodes (#5110) [#5110](https://github.com/openshift/assisted-service/pull/5110) * Bump OCP versions: 4.10, 4.11 (#5157) [#5157](https://github.com/openshift/assisted-service/pull/5157) * [MGMT-13955](https://issues.redhat.com/browse/MGMT-13955): Add known issue regarding ignoring disk size validations (#5158) [#5158](https://github.com/openshift/assisted-service/pull/5158) * [MGMT-14315](https://issues.redhat.com/browse/MGMT-14315): Allow to install P and Z architectures with Single Node Openshift on 4.13 (#5147) [#5147](https://github.com/openshift/assisted-service/pull/5147) * NO ISSUE: use literal for cpu limits, to enable nulliable value (#5155) [#5155](https://github.com/openshift/assisted-service/pull/5155) * Bump OCP versions: 4.12 (#5151) [#5151](https://github.com/openshift/assisted-service/pull/5151) * [MGMT-14389](https://issues.redhat.com/browse/MGMT-14389): Update operator bundle channel (#5148) [#5148](https://github.com/openshift/assisted-service/pull/5148) * [MGMT-14108](https://issues.redhat.com/browse/MGMT-14108): add readiness probe initialDelaySeconds for assisted-service and assisted-image-service (#5150) [#5150](https://github.com/openshift/assisted-service/pull/5150) * [MGMT-14137](https://issues.redhat.com/browse/MGMT-14137): Create test flow for ZTP for node labeling and avoiding reboot for custom role (#5086) [#5086](https://github.com/openshift/assisted-service/pull/5086) * Bump OCP versions: 4.13 (#5149) [#5149](https://github.com/openshift/assisted-service/pull/5149) * [MGMT-14396](https://issues.redhat.com/browse/MGMT-14396): Get correct path for binary from mirror (#5141) [#5141](https://github.com/openshift/assisted-service/pull/5141) * NO-ISSUE: Fix grammar mistakes (#5146) [#5146](https://github.com/openshift/assisted-service/pull/5146) * [MGMT-14395](https://issues.redhat.com/browse/MGMT-14395): Day-2 domain name resolution step shouldn't include release image domain (#5139) [#5139](https://github.com/openshift/assisted-service/pull/5139) * Cache must-gather images by architecture (#5140) [#5140](https://github.com/openshift/assisted-service/pull/5140) * [MGMT-14298](https://issues.redhat.com/browse/MGMT-14298): Set full ISO as default for Z architecture (#5136) [#5136](https://github.com/openshift/assisted-service/pull/5136) * Improve inaccurate ODF validation message (#5137) [#5137](https://github.com/openshift/assisted-service/pull/5137) * [MGMT-14338](https://issues.redhat.com/browse/MGMT-14338): add missing stream notifications (#5132) [#5132](https://github.com/openshift/assisted-service/pull/5132) * Bump OCP versions: 4.11 (#5135) [#5135](https://github.com/openshift/assisted-service/pull/5135) * Bump OCP versions: 4.10, 4.12 (#5131) [#5131](https://github.com/openshift/assisted-service/pull/5131) * Use contexts in spoke client (#5130) [#5130](https://github.com/openshift/assisted-service/pull/5130) * [MGMT-13083](https://issues.redhat.com/browse/MGMT-13083): limit the size of release binaries (#5120) [#5120](https://github.com/openshift/assisted-service/pull/5120) * NO-ISSUE: Currently, while trying to fetch events using `cluster_id`, `host_ids` and `severities` we don't get severity filtered correctly because of the precedence of AND, OR in `SQL`. (#5123) [#5123](https://github.com/openshift/assisted-service/pull/5123) * [MGMT-14239](https://issues.redhat.com/browse/MGMT-14239): Enable UMN as default for Power arch (ppc64le) (#5127) [#5127](https://github.com/openshift/assisted-service/pull/5127) * [MGMT-14266](https://issues.redhat.com/browse/MGMT-14266): Fix unclear message when creating a P/Z cluster with OCP ver 4.10 (#5122) [#5122](https://github.com/openshift/assisted-service/pull/5122) * [MGMT-10977](https://issues.redhat.com/browse/MGMT-10977): Validate DNS server connection (#5102) [#5102](https://github.com/openshift/assisted-service/pull/5102) * [MGMT-14242](https://issues.redhat.com/browse/MGMT-14242): MGMT-14017: MGMT-14239: MGMT-14300: Fix multiple bugs (feature support and feature usage) (#5119) [#5119](https://github.com/openshift/assisted-service/pull/5119) * Add private SELinux label for volume mount content (#5109) [#5109](https://github.com/openshift/assisted-service/pull/5109) * Bump OCP versions: 4.11, 4.12, 4.13 (#5118) [#5118](https://github.com/openshift/assisted-service/pull/5118) * [MGMT-14283](https://issues.redhat.com/browse/MGMT-14283): Ignored validations - validation id "all" does not work (#5117) [#5117](https://github.com/openshift/assisted-service/pull/5117) * [MGMT-14125](https://issues.redhat.com/browse/MGMT-14125): Use systemd unit instead of dracut hook to configure network (#5107) [#5107](https://github.com/openshift/assisted-service/pull/5107) * [MGMT-12301](https://issues.redhat.com/browse/MGMT-12301): refator the progress bar to use state machine (#5103) [#5103](https://github.com/openshift/assisted-service/pull/5103) * Bump OCP versions: 4.13, 4.9, 4.12, 4.11, 4.10 (#5115) [#5115](https://github.com/openshift/assisted-service/pull/5115) * [MGMT-13178](https://issues.redhat.com/browse/MGMT-13178): As part of events pagination epic, this commit is about adding 'order' parameter so the client can request the events in the desired order, and changing the counting of events by severity to apply after the filtering (#5106) [#5106](https://github.com/openshift/assisted-service/pull/5106) * Bump OCP versions: 4.12, 4.13 (#5105) [#5105](https://github.com/openshift/assisted-service/pull/5105) * [MGMT-14195](https://issues.redhat.com/browse/MGMT-14195): Use clusterIdMatcher instead of gomock.Any() in inventory_test (#5104) [#5104](https://github.com/openshift/assisted-service/pull/5104) * [MGMT-14161](https://issues.redhat.com/browse/MGMT-14161): removing multi cpu architecture for infra envs (#5098) [#5098](https://github.com/openshift/assisted-service/pull/5098) * [MGMT-13846](https://issues.redhat.com/browse/MGMT-13846): Reject UserManagedNetworking true when cluster VIPs are set (#5071) [#5071](https://github.com/openshift/assisted-service/pull/5071) * [MGMT-13888](https://issues.redhat.com/browse/MGMT-13888): Remove spoke node on BMH delete (#5028) [#5028](https://github.com/openshift/assisted-service/pull/5028) * [MGMT-14190](https://issues.redhat.com/browse/MGMT-14190): Allow installing Power architecture with CMN and MinimalISO (#5101) [#5101](https://github.com/openshift/assisted-service/pull/5101) * [MGMT-14026](https://issues.redhat.com/browse/MGMT-14026): Add validation to ensure ignored validation ID exists (#5074) [#5074](https://github.com/openshift/assisted-service/pull/5074) * [MGMT-13918](https://issues.redhat.com/browse/MGMT-13918): Modify ignored validation should not be possible post-install (#5077) [#5077](https://github.com/openshift/assisted-service/pull/5077) * NO-ISSUE: Make DB transaction terminate function only when error (#4946) [#4946](https://github.com/openshift/assisted-service/pull/4946) * NO-ISSUE: Wrap VIP update in the DB around transaction (#4943) [#4943](https://github.com/openshift/assisted-service/pull/4943) * [MGMT-13916](https://issues.redhat.com/browse/MGMT-13916): Update enhancement doc for ignoring validations feature (#5095) [#5095](https://github.com/openshift/assisted-service/pull/5095) * Bump OCP versions: 4.10, 4.11, 4.13 (#5100) [#5100](https://github.com/openshift/assisted-service/pull/5100) * Add a function for setting annotations (#5099) [#5099](https://github.com/openshift/assisted-service/pull/5099) * Presently, in the PreNetworkConfig script, we are removing the default network manager configuration for a host in every case. This should be altered so that the default configuration is deleted only if custom nmstate configuration has been provided for the host. (#5044) [#5044](https://github.com/openshift/assisted-service/pull/5044) * [MGMT-14078](https://issues.redhat.com/browse/MGMT-14078): Add "unavailable" option to the support-level enum (#5062) [#5062](https://github.com/openshift/assisted-service/pull/5062) * [MGMT-14150](https://issues.redhat.com/browse/MGMT-14150): Update install-config to support multi vSphere data-centers (#5090) [#5090](https://github.com/openshift/assisted-service/pull/5090) * [MGMT-14133](https://issues.redhat.com/browse/MGMT-14133): Fix P/Z support level allows cluster with OLM operators. (#5088) [#5088](https://github.com/openshift/assisted-service/pull/5088) * [MGMT-14017](https://issues.redhat.com/browse/MGMT-14017): report accurate P/Z feature usage if multi (#5079) [#5079](https://github.com/openshift/assisted-service/pull/5079) * [MGMT-14074](https://issues.redhat.com/browse/MGMT-14074): Don't run `nmcli` if not available (#5087) [#5087](https://github.com/openshift/assisted-service/pull/5087) * Bump OCP versions: 4.12, 4.9 (#5080) [#5080](https://github.com/openshift/assisted-service/pull/5080) * [MGMT-13925](https://issues.redhat.com/browse/MGMT-13925): Get the ironic URLs in reconcile rather than at startup (#5041) [#5041](https://github.com/openshift/assisted-service/pull/5041) * [MGMT-14074](https://issues.redhat.com/browse/MGMT-14074): Reload NM config after creation (#5066) [#5066](https://github.com/openshift/assisted-service/pull/5066) * Update cluster-baremetal-operator to 4.13 branch (#5078) [#5078](https://github.com/openshift/assisted-service/pull/5078) * NO-ISSUE: add release tag to notified events versions (#5068) [#5068](https://github.com/openshift/assisted-service/pull/5068) * [MGMT-14109](https://issues.redhat.com/browse/MGMT-14109): Set P and Z architectures support label as tech-preview on 4.12 (#5072) [#5072](https://github.com/openshift/assisted-service/pull/5072) * [MGMT-13308](https://issues.redhat.com/browse/MGMT-13308): Adding events pagination - Currently events are retrieved by the service as a list of events which match the query. This commit is implementing events pagination. (#4987) [#4987](https://github.com/openshift/assisted-service/pull/4987) * [MGMT-14073](https://issues.redhat.com/browse/MGMT-14073): Fix logging for event uploader (#5070) [#5070](https://github.com/openshift/assisted-service/pull/5070) * Remove README section about the assisted-service live iso (#5069) [#5069](https://github.com/openshift/assisted-service/pull/5069) * [MGMT-14040](https://issues.redhat.com/browse/MGMT-14040): Add log that shows event upload is running (#5054) [#5054](https://github.com/openshift/assisted-service/pull/5054) * Bump OCP versions: 4.11 (#5060) [#5060](https://github.com/openshift/assisted-service/pull/5060) * actually use the ENABLE_DATA_COLLECTION parameter (#5063) [#5063](https://github.com/openshift/assisted-service/pull/5063) * [MGMT-14075](https://issues.redhat.com/browse/MGMT-14075): Fix register cluster won't fail when creating cluster with P or Z architectures on 4.12 (#5061) [#5061](https://github.com/openshift/assisted-service/pull/5061) * [MGMT-14000](https://issues.redhat.com/browse/MGMT-14000): Document support-level new API (#5053) [#5053](https://github.com/openshift/assisted-service/pull/5053) * Cleanup BMAC logging (#5055) [#5055](https://github.com/openshift/assisted-service/pull/5055) * Bump OCP versions: 4.12 (#5057) [#5057](https://github.com/openshift/assisted-service/pull/5057) * [MGMT-13550](https://issues.redhat.com/browse/MGMT-13550): Create day2 support for node labeling (#5042) [#5042](https://github.com/openshift/assisted-service/pull/5042) * OKD: bump to latest stable release (#5020) [#5020](https://github.com/openshift/assisted-service/pull/5020) * [MGMT-14042](https://issues.redhat.com/browse/MGMT-14042): Disable data collection for SaaS by default (#5056) [#5056](https://github.com/openshift/assisted-service/pull/5056) * Bump OCP versions: 4.13 (#5051) [#5051](https://github.com/openshift/assisted-service/pull/5051) * manifests: Add a shebang to NM dispatcher script (#5050) [#5050](https://github.com/openshift/assisted-service/pull/5050) * [MGMT-12486](https://issues.redhat.com/browse/MGMT-12486): Add ENABLE_DATA_COLLECTION environment variable to template.yaml (#5048) [#5048](https://github.com/openshift/assisted-service/pull/5048) * [MGMT-13520](https://issues.redhat.com/browse/MGMT-13520): filter out unnecessary validations for unbound host (#5023) [#5023](https://github.com/openshift/assisted-service/pull/5023) * [MGMT-13862](https://issues.redhat.com/browse/MGMT-13862): Return bed request on wrong feature-feature or feature-architecture combination. (#5039) [#5039](https://github.com/openshift/assisted-service/pull/5039) * [MGMT-13947](https://issues.redhat.com/browse/MGMT-13947): Revert assisted boot reporter service (#5035) [#5035](https://github.com/openshift/assisted-service/pull/5035) * Sparing the redirect for official k8s registry (#5033) [#5033](https://github.com/openshift/assisted-service/pull/5033) * [MGMT-13596](https://issues.redhat.com/browse/MGMT-13596): Add PATCH to the Manifests API (#5015) [#5015](https://github.com/openshift/assisted-service/pull/5015) * Bump OCP versions: 4.12, 4.13, 4.9, 4.8, 4.11, 4.10 (#5043) [#5043](https://github.com/openshift/assisted-service/pull/5043) * NO-ISSUE: remove the full ignition from log (#5032) [#5032](https://github.com/openshift/assisted-service/pull/5032) * [OCPBUGS-8335](https://issues.redhat.com/browse/OCPBUGS-8335): Don't wait for console if disabled (#5022) [#5022](https://github.com/openshift/assisted-service/pull/5022) * Update multi image names (#5016) [#5016](https://github.com/openshift/assisted-service/pull/5016) * [ACM-4127](https://issues.redhat.com/browse/ACM-4127): Cache release images even if there is no matching OS image (#5027) [#5027](https://github.com/openshift/assisted-service/pull/5027) * [MGMT-13957](https://issues.redhat.com/browse/MGMT-13957): deny requests with query parameters matching node-boot. Directed at upload files (#5037) [#5037](https://github.com/openshift/assisted-service/pull/5037) * In case the converged flow is enabled and the assisted-service fails to get a valid ironic inspection URL it's using the Ironic URL as default. (#5031) [#5031](https://github.com/openshift/assisted-service/pull/5031) * [MGMT-13903](https://issues.redhat.com/browse/MGMT-13903): Select inside machine CIDR for BMH (#5024) [#5024](https://github.com/openshift/assisted-service/pull/5024) * MGMT-13904 Add missing feature IDs. (#5030) [#5030](https://github.com/openshift/assisted-service/pull/5030) * [MGMT-13913](https://issues.redhat.com/browse/MGMT-13913): Fix empty features list when calling GET v2/support-levels/features (#5029) [#5029](https://github.com/openshift/assisted-service/pull/5029) * [MGMT-13859](https://issues.redhat.com/browse/MGMT-13859): notify when creating cluster and resources (#5013) [#5013](https://github.com/openshift/assisted-service/pull/5013) * Allow removing the agent when BMH is deleted (#4948) [#4948](https://github.com/openshift/assisted-service/pull/4948) * [MGMT-13659](https://issues.redhat.com/browse/MGMT-13659): Design a feature support mechanism that supports different feature-support criteria (#4989) [#4989](https://github.com/openshift/assisted-service/pull/4989) * [MGMT-12486](https://issues.redhat.com/browse/MGMT-12486): Implement data sending for on-prem deployments (#4880) [#4880](https://github.com/openshift/assisted-service/pull/4880) * Fix invalid character in feature-support enhancement (#5021) [#5021](https://github.com/openshift/assisted-service/pull/5021) * [MGMT-13780](https://issues.redhat.com/browse/MGMT-13780): Write a feature-support-level enhancement doc (#5000) [#5000](https://github.com/openshift/assisted-service/pull/5000) * MGMT-13398 omit BMH secret from day2 spoke worker (#5009) [#5009](https://github.com/openshift/assisted-service/pull/5009) * NO-ISSUE: display code coverage locally without mocks (#5011) [#5011](https://github.com/openshift/assisted-service/pull/5011) * [Full changelog](https://github.com/openshift/assisted-service/compare/f8f78392c30c58862f230f368086e9108580b0a8...6df4bf1f0f2b26e32346ae81f1291ce151780b58) ### [agent-installer-csr-approver, agent-installer-orchestrator](https://github.com/openshift/assisted-installer/tree/54aa57eb81d052a36ae8b78f2905d870ee0718ad) * [OCPBUGS-58642](https://issues.redhat.com/browse/OCPBUGS-58642): CVE-2024-45339: Bump glog pkg version to 1.2.4 (#1194) [#1194](https://github.com/openshift/assisted-installer/pull/1194) * [OCPBUGS-53715](https://issues.redhat.com/browse/OCPBUGS-53715): Bump jwt to 4.5.2 in release-4.14 (#1093) [#1093](https://github.com/openshift/assisted-installer/pull/1093) * Bump golang.org/x/net to v0.33.0 (#1012) [#1012](https://github.com/openshift/assisted-installer/pull/1012) * [OCPBUGS-15347](https://issues.redhat.com/browse/OCPBUGS-15347): Update version go-http-metrics/gin (#933) [#933](https://github.com/openshift/assisted-installer/pull/933) * [MGMT-17594](https://issues.redhat.com/browse/MGMT-17594): Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#834) [#834](https://github.com/openshift/assisted-installer/pull/834) * [MGMT-17591](https://issues.redhat.com/browse/MGMT-17591): Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#830) [#830](https://github.com/openshift/assisted-installer/pull/830) * [MGMT-16843](https://issues.redhat.com/browse/MGMT-16843): Ensure valid hostname during install (#794) [#794](https://github.com/openshift/assisted-installer/pull/794) * [OCPBUGS-20049](https://issues.redhat.com/browse/OCPBUGS-20049): Remove uninitialized taint for agent-based installs (#753) [#753](https://github.com/openshift/assisted-installer/pull/753) * NO-ISSUE: dependabot exclude k8s (#706) [#706](https://github.com/openshift/assisted-installer/pull/706) * [OCPBUGS-16482](https://issues.redhat.com/browse/OCPBUGS-16482): bump golangci-lint to 1.53.1 (#702) [#702](https://github.com/openshift/assisted-installer/pull/702) * [OCPBUGS-4240](https://issues.redhat.com/browse/OCPBUGS-4240): allow controller to complete for agent-based installs (#700) [#700](https://github.com/openshift/assisted-installer/pull/700) * [MGMT-15235](https://issues.redhat.com/browse/MGMT-15235): Compile with CGO_ENABLED=1 for amd64 (#699) [#699](https://github.com/openshift/assisted-installer/pull/699) * Revert "MGMT-15235: Compile with CGO_ENABLED=1 for FIPS (#683)" (#693) [#683](https://github.com/openshift/assisted-installer/pull/683) * [OCPBUGS-17252](https://issues.redhat.com/browse/OCPBUGS-17252): Bump golang.org/x/net/html (#695) [#695](https://github.com/openshift/assisted-installer/pull/695) * Updating ose-agent-installer-orchestrator images to be consistent with ART (#652) [#652](https://github.com/openshift/assisted-installer/pull/652) * [MGMT-15343](https://issues.redhat.com/browse/MGMT-15343): dependabot group updates (#692) [#692](https://github.com/openshift/assisted-installer/pull/692) * [MGMT-15344](https://issues.redhat.com/browse/MGMT-15344): Assisted-controller should not timeout on waiting cvo by itself (#688) [#688](https://github.com/openshift/assisted-installer/pull/688) * [MGMT-15235](https://issues.redhat.com/browse/MGMT-15235): Compile with CGO_ENABLED=1 for FIPS (#683) [#683](https://github.com/openshift/assisted-installer/pull/683) * [MGMT-13586](https://issues.redhat.com/browse/MGMT-13586): Wait for ETCD Bootstrap to complete (#670) [#670](https://github.com/openshift/assisted-installer/pull/670) * NO-ISSUE: Remove slaviered from project OWNERS (#669) [#669](https://github.com/openshift/assisted-installer/pull/669) * NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.7 (#663) [#663](https://github.com/openshift/assisted-installer/pull/663) * Updating ose-agent-installer-csr-approver images to be consistent with ART (#651) [#651](https://github.com/openshift/assisted-installer/pull/651) * [MGMT-14299](https://issues.redhat.com/browse/MGMT-14299): Limit untaint nodes to vsphere/nutanix (#660) [#660](https://github.com/openshift/assisted-installer/pull/660) * NO-ISSUE: Add javipolo to approvers (#659) [#659](https://github.com/openshift/assisted-installer/pull/659) * [MGMT-12967](https://issues.redhat.com/browse/MGMT-12967): Create network policy in assisted-installer namespace (#658) [#658](https://github.com/openshift/assisted-installer/pull/658) * NO-ISSUE: Bump github.com/onsi/gomega from 1.24.2 to 1.27.5 (#656) [#656](https://github.com/openshift/assisted-installer/pull/656) * [MGMT-14114](https://issues.redhat.com/browse/MGMT-14114): Nutanix - uninitialized set on nodes (#653) [#653](https://github.com/openshift/assisted-installer/pull/653) * [Full changelog](https://github.com/openshift/assisted-installer/compare/46c4e76ac9a7af1002a06f8bc8302c956e6893e2...54aa57eb81d052a36ae8b78f2905d870ee0718ad) ### [agent-installer-node-agent](https://github.com/openshift/assisted-installer-agent/tree/91a728121bc65eae12af93ae003695d879a8f019) * [OCPBUGS-58652](https://issues.redhat.com/browse/OCPBUGS-58652), [OCPBUGS-58657](https://issues.redhat.com/browse/OCPBUGS-58657): Bump glog to v1.2.5 in release-4.14 (#1073) [#1073](https://github.com/openshift/assisted-installer-agent/pull/1073) * [OCPBUGS-53707](https://issues.redhat.com/browse/OCPBUGS-53707): Bump golang-jwt/jwt/v4 to 4.5.2 in release-4.14 (#973) [#973](https://github.com/openshift/assisted-installer-agent/pull/973) * [OCPBUGS-46955](https://issues.redhat.com/browse/OCPBUGS-46955): Bump golang.org/x/net to 0.33.0 (#885) [#885](https://github.com/openshift/assisted-installer-agent/pull/885) * [OCPBUGS-16483](https://issues.redhat.com/browse/OCPBUGS-16483): Update apimachinery dependency to remove goproxy dep (#709) [#709](https://github.com/openshift/assisted-installer-agent/pull/709) * [OCPBUGS-33404](https://issues.redhat.com/browse/OCPBUGS-33404): Make removable disks eligible (#725) [#725](https://github.com/openshift/assisted-installer-agent/pull/725) * [MGMT-17594](https://issues.redhat.com/browse/MGMT-17594): Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#705) [#705](https://github.com/openshift/assisted-installer-agent/pull/705) * [MGMT-17591](https://issues.redhat.com/browse/MGMT-17591): Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#703) [#703](https://github.com/openshift/assisted-installer-agent/pull/703) * [MGMT-17541](https://issues.redhat.com/browse/MGMT-17541): Replace broken golangci reference (#698) [#698](https://github.com/openshift/assisted-installer-agent/pull/698) * NO-ISSUE: Bump the go-dependencies group with 1 update (#597) [#597](https://github.com/openshift/assisted-installer-agent/pull/597) * NO-ISSUE: Bump the go-dependencies group with 5 updates (#595) [#595](https://github.com/openshift/assisted-installer-agent/pull/595) * [MGMT-15661](https://issues.redhat.com/browse/MGMT-15661): Update to latest ghw version (#594) [#594](https://github.com/openshift/assisted-installer-agent/pull/594) * [MGMT-15235](https://issues.redhat.com/browse/MGMT-15235): Allow setting CGO_ENABLED flag (#589) [#589](https://github.com/openshift/assisted-installer-agent/pull/589) * [MGMT-15235](https://issues.redhat.com/browse/MGMT-15235): Compile with CGO_ENABLED=1 for amd64 (#588) [#588](https://github.com/openshift/assisted-installer-agent/pull/588) * Revert "MGMT-15235: Compile with CGO_ENABLED=1 for FIPS (#569)" (#582) [#569](https://github.com/openshift/assisted-installer-agent/pull/569) * [OCPBUGS-17251](https://issues.redhat.com/browse/OCPBUGS-17251): Bumping golang.org/x/net (#586) [#586](https://github.com/openshift/assisted-installer-agent/pull/586) * [MGMT-14933](https://issues.redhat.com/browse/MGMT-14933): Detect if the host in running in OCI (#585) [#585](https://github.com/openshift/assisted-installer-agent/pull/585) * [MGMT-15359](https://issues.redhat.com/browse/MGMT-15359): support appliance multipath virtual device (#584) [#584](https://github.com/openshift/assisted-installer-agent/pull/584) * [MGMT-13111](https://issues.redhat.com/browse/MGMT-13111): Freeze on `404 Not Found` (#583) [#583](https://github.com/openshift/assisted-installer-agent/pull/583) * [MGMT-15343](https://issues.redhat.com/browse/MGMT-15343): dependabot remove docker (#581) [#581](https://github.com/openshift/assisted-installer-agent/pull/581) * [MGMT-15343](https://issues.redhat.com/browse/MGMT-15343): dependabot group updates (#579) [#579](https://github.com/openshift/assisted-installer-agent/pull/579) * Updating ose-agent-installer-node-agent images to be consistent with ART (#575) [#575](https://github.com/openshift/assisted-installer-agent/pull/575) * [OCPBUGS-16373](https://issues.redhat.com/browse/OCPBUGS-16373): Ignore arping errors on RHEL 9 (#576) [#576](https://github.com/openshift/assisted-installer-agent/pull/576) * NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.16.0 to 2.16.2 (#574) [#574](https://github.com/openshift/assisted-installer-agent/pull/574) * NO-ISSUE: Bump github.com/PuerkitoBio/rehttp from 1.1.0 to 1.2.0 (#568) [#568](https://github.com/openshift/assisted-installer-agent/pull/568) * [MGMT-15235](https://issues.redhat.com/browse/MGMT-15235): Compile with CGO_ENABLED=1 for FIPS (#569) [#569](https://github.com/openshift/assisted-installer-agent/pull/569) * NO-ISSUE: Bump golang.org/x/sys from 0.9.0 to 0.10.0 (#566) [#566](https://github.com/openshift/assisted-installer-agent/pull/566) * NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.15.0 to 2.16.0 (#564) [#564](https://github.com/openshift/assisted-installer-agent/pull/564) * [AGENT-594](https://issues.redhat.com/browse/AGENT-594): remove agent based installer code (#563) [#563](https://github.com/openshift/assisted-installer-agent/pull/563) * NO-ISSUE: Bump golang.org/x/sync from 0.2.0 to 0.3.0 (#561) [#561](https://github.com/openshift/assisted-installer-agent/pull/561) * [MGMT-14540](https://issues.redhat.com/browse/MGMT-14540): Mark Appliance disk(s) with a partition name prefix 'agent' as eligible (#554) [#554](https://github.com/openshift/assisted-installer-agent/pull/554) * [OCPBUGS-14848](https://issues.redhat.com/browse/OCPBUGS-14848): Filter out hidden devices (#558) [#558](https://github.com/openshift/assisted-installer-agent/pull/558) * NO-ISSUE: Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#555) [#555](https://github.com/openshift/assisted-installer-agent/pull/555) * NO-ISSUE: Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#556) [#556](https://github.com/openshift/assisted-installer-agent/pull/556) * [MGMT-13009](https://issues.redhat.com/browse/MGMT-13009): Auto rename host with VLAN (#553) [#553](https://github.com/openshift/assisted-installer-agent/pull/553) * NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.12 to 0.12.13 (#552) [#552](https://github.com/openshift/assisted-installer-agent/pull/552) * NO-ISSUE: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#550) [#550](https://github.com/openshift/assisted-installer-agent/pull/550) * [MGMT-14751](https://issues.redhat.com/browse/MGMT-14751): Detect DASD disks (s390x) (#549) [#549](https://github.com/openshift/assisted-installer-agent/pull/549) * NO-ISSUE: Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#545) [#545](https://github.com/openshift/assisted-installer-agent/pull/545) * NO-ISSUE: Bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#543) [#543](https://github.com/openshift/assisted-installer-agent/pull/543) * NO-ISSUE: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#544) [#544](https://github.com/openshift/assisted-installer-agent/pull/544) * [MGMT-14526](https://issues.redhat.com/browse/MGMT-14526): Refernce latest assisted service to reflect domain name pattern change (#542) [#542](https://github.com/openshift/assisted-installer-agent/pull/542) * Updating ose-agent-installer-node-agent images to be consistent with ART (#516) [#516](https://github.com/openshift/assisted-installer-agent/pull/516) * NO-ISSUE: Bump golang.org/x/sync (#541) [#541](https://github.com/openshift/assisted-installer-agent/pull/541) * NO-ISSUE: Remove slaviered from project OWNERS (#539) [#539](https://github.com/openshift/assisted-installer-agent/pull/539) * [MGMT-14481](https://issues.redhat.com/browse/MGMT-14481): journal logs are empty during installation on rhel9.2 (#538) [#538](https://github.com/openshift/assisted-installer-agent/pull/538) * NO-ISSUE: Bump github.com/go-openapi/runtime from 0.25.0 to 0.26.0 (#537) [#537](https://github.com/openshift/assisted-installer-agent/pull/537) * MGMT-14319 chronyc segfaulting (#534) [#534](https://github.com/openshift/assisted-installer-agent/pull/534) * NO-ISSUE: Bump golang.org/x/sys from 0.6.0 to 0.7.0 (#533) [#533](https://github.com/openshift/assisted-installer-agent/pull/533) * NO-ISSUE: Bump github.com/cenkalti/backoff/v4 from 4.1.3 to 4.2.1 (#532) [#532](https://github.com/openshift/assisted-installer-agent/pull/532) * NO-ISSUE: Bump github.com/onsi/gomega from 1.27.5 to 1.27.6 (#530) [#530](https://github.com/openshift/assisted-installer-agent/pull/530) * NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.5 to 0.21.7 (#529) [#529](https://github.com/openshift/assisted-installer-agent/pull/529) * Force update to pick up latest libs (#531) [#531](https://github.com/openshift/assisted-installer-agent/pull/531) * NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.5 (#525) [#525](https://github.com/openshift/assisted-installer-agent/pull/525) * NO-ISSUE: Bump github.com/onsi/gomega from 1.27.3 to 1.27.5 (#528) [#528](https://github.com/openshift/assisted-installer-agent/pull/528) * [MGMT-13946](https://issues.redhat.com/browse/MGMT-13946): Ignore Proliant Gen 11 serial (#522) [#522](https://github.com/openshift/assisted-installer-agent/pull/522) * NO-ISSUE: Bump github.com/onsi/gomega from 1.27.1 to 1.27.3 (#520) [#520](https://github.com/openshift/assisted-installer-agent/pull/520) * NO-ISSUE: Bump golang.org/x/sys from 0.5.0 to 0.6.0 (#519) [#519](https://github.com/openshift/assisted-installer-agent/pull/519) * [OCPBUGS-8695](https://issues.redhat.com/browse/OCPBUGS-8695): vendor agent-installer-utils to v0.0.0-20230310220517-8506fbb6a346 (#517) [#517](https://github.com/openshift/assisted-installer-agent/pull/517) * [OCPBUGS-8677](https://issues.redhat.com/browse/OCPBUGS-8677): vendor agent-installer-utils to v0.0.0-20230308101916-306b7995977e (#514) [#514](https://github.com/openshift/assisted-installer-agent/pull/514) * [OCPBUGS-8390](https://issues.redhat.com/browse/OCPBUGS-8390): vendor agent-installer-utils to v0.0.0-20230307094740-57807526b660 (#512) [#512](https://github.com/openshift/assisted-installer-agent/pull/512) * NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.11 to 0.12.12 (#511) [#511](https://github.com/openshift/assisted-installer-agent/pull/511) * NO-ISSUE: Bump github.com/spf13/afero from 1.9.3 to 1.9.5 (#510) [#510](https://github.com/openshift/assisted-installer-agent/pull/510) * [Full changelog](https://github.com/openshift/assisted-installer-agent/compare/dad2cd4be76c0797fab8918c896b97c2e31a1375...91a728121bc65eae12af93ae003695d879a8f019) ### [alibaba-cloud-controller-manager](https://github.com/openshift/cloud-provider-alibaba-cloud/tree/8ba0b37a45510404a842d6dbd84d40a18008e81d) * [OCPBUGS-21255](https://issues.redhat.com/browse/OCPBUGS-21255): Bump golang.org/x/net to v0.18.0 [#38](https://github.com/openshift/cloud-provider-alibaba-cloud/pull/38) * [OCPBUGS-10120](https://issues.redhat.com/browse/OCPBUGS-10120): Updating ose-alibaba-cloud-controller-manager images to be consistent with ART [#30](https://github.com/openshift/cloud-provider-alibaba-cloud/pull/30) * [Full changelog](https://github.com/openshift/cloud-provider-alibaba-cloud/compare/e41e11ccf25fa74e4cfb4ace124f35cffc0191a7...8ba0b37a45510404a842d6dbd84d40a18008e81d) ### [alibaba-cloud-csi-driver](https://github.com/openshift/alibaba-cloud-csi-driver/tree/3dc363d364c43c1fb03e223147e25d9057273428) * [OCPBUGS-21350](https://issues.redhat.com/browse/OCPBUGS-21350): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#36](https://github.com/openshift/alibaba-cloud-csi-driver/pull/36) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#32](https://github.com/openshift/alibaba-cloud-csi-driver/pull/32) * [OCPBUGS-12544](https://issues.redhat.com/browse/OCPBUGS-12544): 4.14: UPSTREAM: 763: Bump (golang.org/x/net): to address CVE-2022-41723 [#30](https://github.com/openshift/alibaba-cloud-csi-driver/pull/30) * [STOR-1159](https://issues.redhat.com/browse/STOR-1159): Rebase to v1.1.7 [#29](https://github.com/openshift/alibaba-cloud-csi-driver/pull/29) * Updating ose-alibaba-cloud-csi-driver images to be consistent with ART [#28](https://github.com/openshift/alibaba-cloud-csi-driver/pull/28) * Updating ose-alibaba-cloud-csi-driver images to be consistent with ART [#27](https://github.com/openshift/alibaba-cloud-csi-driver/pull/27) * Updating ose-alibaba-cloud-csi-driver images to be consistent with ART [#26](https://github.com/openshift/alibaba-cloud-csi-driver/pull/26) * Updating ose-alibaba-cloud-csi-driver images to be consistent with ART [#25](https://github.com/openshift/alibaba-cloud-csi-driver/pull/25) * [Full changelog](https://github.com/openshift/alibaba-cloud-csi-driver/compare/6384f904d041b761670532ac183271b8110707f2...3dc363d364c43c1fb03e223147e25d9057273428) ### [alibaba-disk-csi-driver-operator](https://github.com/openshift/alibaba-disk-csi-driver-operator/tree/8853e6ef4966018b96f9d8bfbf99df3a984bb454) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#81](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/81) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#71](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/71) * [OCPBUGS-21443](https://issues.redhat.com/browse/OCPBUGS-21443): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#64](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/64) * [STOR-1439](https://issues.redhat.com/browse/STOR-1439): Restart controller Pods if metrics-serving-cert changed [#56](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/56) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#54](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/54) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump alibaba-disk-csi-driver-operator library-go [#53](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/53) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#51](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/51) * [OCPBUGS-12545](https://issues.redhat.com/browse/OCPBUGS-12545): Bump golang.org/x/net@v0.9.0 [#50](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/50) * Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART [#49](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/49) * Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART [#48](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/48) * Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART [#47](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/47) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#46](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/46) * Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART [#45](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/45) * [Full changelog](https://github.com/openshift/alibaba-disk-csi-driver-operator/compare/7e415973dda671d82ae58d0107af274ff053db5c...8853e6ef4966018b96f9d8bfbf99df3a984bb454) ### [alibaba-machine-controllers](https://github.com/openshift/cluster-api-provider-alibaba/tree/27f105d3b722e19f76b72588d36eeae9dac0a444) * Updating ose-alibaba-machine-controllers images to be consistent with ART [#42](https://github.com/openshift/cluster-api-provider-alibaba/pull/42) * [OCPBUGS-10134](https://issues.redhat.com/browse/OCPBUGS-10134): Updating ose-alibaba-machine-controllers images to be consistent with ART [#41](https://github.com/openshift/cluster-api-provider-alibaba/pull/41) * [Full changelog](https://github.com/openshift/cluster-api-provider-alibaba/compare/4c0f96a692dee91100d7085c05a68f3efb7e281d...27f105d3b722e19f76b72588d36eeae9dac0a444) ### [aws-cloud-controller-manager](https://github.com/openshift/cloud-provider-aws/tree/9a7820e81baa6ba8885b47a71416026036d53d79) * [OCPBUGS-38786](https://issues.redhat.com/browse/OCPBUGS-38786): Ensure that addresses are added in network device index order [#93](https://github.com/openshift/cloud-provider-aws/pull/93) * [OCPBUGS-32066](https://issues.redhat.com/browse/OCPBUGS-32066): update for CVE-2023-45288 [release-4.14] [#83](https://github.com/openshift/cloud-provider-aws/pull/83) * [OCPBUGS-23826](https://issues.redhat.com/browse/OCPBUGS-23826): bump go.opentelemetry.io [#67](https://github.com/openshift/cloud-provider-aws/pull/67) * [OCPBUGS-27759](https://issues.redhat.com/browse/OCPBUGS-27759): Adds ecr-credential-plugin .spec [#71](https://github.com/openshift/cloud-provider-aws/pull/71) * [OCPBUGS-20755](https://issues.redhat.com/browse/OCPBUGS-20755): Upgrade x/net to v0.17.0 [#50](https://github.com/openshift/cloud-provider-aws/pull/50) * Merge https://github.com/kubernetes/cloud-provider-aws:master (d055109) into master [#44](https://github.com/openshift/cloud-provider-aws/pull/44) * [OCPBUGS-14696](https://issues.redhat.com/browse/OCPBUGS-14696): Merge https://github.com/kubernetes/cloud-provider-aws:master (cab0100) into master [#45](https://github.com/openshift/cloud-provider-aws/pull/45) * Revert "OCPCLOUD-2051: Merge https://github.com/kubernetes/cloud-provider-aws:master (cab0100) into master" [#43](https://github.com/openshift/cloud-provider-aws/pull/43) * [OCPCLOUD-2051](https://issues.redhat.com/browse/OCPCLOUD-2051): Merge https://github.com/kubernetes/cloud-provider-aws:master (cab0100) into master [#41](https://github.com/openshift/cloud-provider-aws/pull/41) * Updating ose-aws-cloud-controller-manager images to be consistent with ART [#38](https://github.com/openshift/cloud-provider-aws/pull/38) * Merge https://github.com/kubernetes/cloud-provider-aws:master (f33bf21) into master [#36](https://github.com/openshift/cloud-provider-aws/pull/36) * [OCPBUGS-10147](https://issues.redhat.com/browse/OCPBUGS-10147): Updating ose-aws-cloud-controller-manager images to be consistent with ART [#37](https://github.com/openshift/cloud-provider-aws/pull/37) * [Full changelog](https://github.com/openshift/cloud-provider-aws/compare/95c03b7b838f7c78efe8957b50c50a22cd625be7...9a7820e81baa6ba8885b47a71416026036d53d79) ### [aws-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-aws/tree/e398c4d231e031066b488f8afffe69338220c30d) * [OCPBUGS-61944](https://issues.redhat.com/browse/OCPBUGS-61944): UPSTREAM <carry>: revert: Only tag NetworkInterfaces in RunInstances if IAM Allows It [#574](https://github.com/openshift/cluster-api-provider-aws/pull/574) * [OCPBUGS-58667](https://issues.redhat.com/browse/OCPBUGS-58667), [OCPBUGS-58672](https://issues.redhat.com/browse/OCPBUGS-58672): bump github.com/golang/glog to v1.2.5 [#563](https://github.com/openshift/cluster-api-provider-aws/pull/563) * [OCPBUGS-44295](https://issues.redhat.com/browse/OCPBUGS-44295): [release-4.14] OSD-25934: Only tag NetworkInterfaces in RunInstances if IAM Allows It [#533](https://github.com/openshift/cluster-api-provider-aws/pull/533) * [OCPBUGS-34856](https://issues.redhat.com/browse/OCPBUGS-34856): UPSTREAM: <carry>: Fix instance PrivateDNSName when domain-name is set in dhcpOpts [#516](https://github.com/openshift/cluster-api-provider-aws/pull/516) * [OCPBUGS-31332](https://issues.redhat.com/browse/OCPBUGS-31332): UPSTREAM: 4670:Update awsmachine providerID and instanceID immediately after ec2:RunInstances is called [#506](https://github.com/openshift/cluster-api-provider-aws/pull/506) * [OCPBUGS-31251](https://issues.redhat.com/browse/OCPBUGS-31251): fix e2e tests on release branches [#505](https://github.com/openshift/cluster-api-provider-aws/pull/505) * [OCPBUGS-20857](https://issues.redhat.com/browse/OCPBUGS-20857): bump golang.org/x/net to v0.17.0 [#481](https://github.com/openshift/cluster-api-provider-aws/pull/481) * Fix version in metadata.yaml [#474](https://github.com/openshift/cluster-api-provider-aws/pull/474) * Merge https://github.com/kubernetes-sigs/cluster-api-provider-aws:v2.2.0 (2475f2f) into master [#472](https://github.com/openshift/cluster-api-provider-aws/pull/472) * [OCPBUGS-14969](https://issues.redhat.com/browse/OCPBUGS-14969): Pass right SGs for IsExternallyManaged on creation [#467](https://github.com/openshift/cluster-api-provider-aws/pull/467) * [OCPCLOUD-2121](https://issues.redhat.com/browse/OCPCLOUD-2121): Add openshift/e2e-tests for CAPI E2E testing [#465](https://github.com/openshift/cluster-api-provider-aws/pull/465) * Updating ose-aws-cluster-api-controllers images to be consistent with ART [#461](https://github.com/openshift/cluster-api-provider-aws/pull/461) * [OCPBUGS-10122](https://issues.redhat.com/browse/OCPBUGS-10122): Updating ose-aws-cluster-api-controllers images to be consistent with ART [#459](https://github.com/openshift/cluster-api-provider-aws/pull/459) * Add enxebre to owners [#460](https://github.com/openshift/cluster-api-provider-aws/pull/460) * Merge https://github.com/kubernetes-sigs/cluster-api-provider-aws:release-2.0 (28bc9b8) into master [#456](https://github.com/openshift/cluster-api-provider-aws/pull/456) * [Full changelog](https://github.com/openshift/cluster-api-provider-aws/compare/27360a3967ed742a9eb1b0c2ed539d99ec6b9424...e398c4d231e031066b488f8afffe69338220c30d) ### [aws-ebs-csi-driver](https://github.com/openshift/aws-ebs-csi-driver/tree/4622deecace538b375edc782a19cb5da977ae458) * [OCPBUGS-35123](https://issues.redhat.com/browse/OCPBUGS-35123): CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 [#271](https://github.com/openshift/aws-ebs-csi-driver/pull/271) * [OCPBUGS-33078](https://issues.redhat.com/browse/OCPBUGS-33078): UPSTREAM: 1919: Add reserved-volume-attachments [#264](https://github.com/openshift/aws-ebs-csi-driver/pull/264) * [OCPBUGS-20957](https://issues.redhat.com/browse/OCPBUGS-20957): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#239](https://github.com/openshift/aws-ebs-csi-driver/pull/239) * [OCPBUGS-16491](https://issues.redhat.com/browse/OCPBUGS-16491): UPSTREAM: <drop>: Bump goproxy to resolve CVE-2023-37788 [#233](https://github.com/openshift/aws-ebs-csi-driver/pull/233) * [OCPBUGS-17280](https://issues.redhat.com/browse/OCPBUGS-17280): UPSTREAM: 1711: Bump golang.org/x/net/html to fix CVE-2023-3978 [#229](https://github.com/openshift/aws-ebs-csi-driver/pull/229) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS and OWNERS_ALIASES [#228](https://github.com/openshift/aws-ebs-csi-driver/pull/228) * [STOR-1167](https://issues.redhat.com/browse/STOR-1167): Rebase to v1.18.0 for OCP 4.14 [#222](https://github.com/openshift/aws-ebs-csi-driver/pull/222) * [OCPBUGS-10816](https://issues.redhat.com/browse/OCPBUGS-10816): Volume unmount repeats after successful unmount, preventing pod delete [#224](https://github.com/openshift/aws-ebs-csi-driver/pull/224) * Updating ose-aws-ebs-csi-driver images to be consistent with ART [#220](https://github.com/openshift/aws-ebs-csi-driver/pull/220) * [OCPBUGS-12297](https://issues.redhat.com/browse/OCPBUGS-12297): UPSTREAM: 1505: bump go + golangci-lint [#223](https://github.com/openshift/aws-ebs-csi-driver/pull/223) * Updating ose-aws-ebs-csi-driver images to be consistent with ART [#218](https://github.com/openshift/aws-ebs-csi-driver/pull/218) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver/compare/8205d51c798f8fea91eb6c1702fb63e7d6c17005...4622deecace538b375edc782a19cb5da977ae458) ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/609879c3f1b9a65936e385f798398a2d1673aacd) * [OCPBUGS-33078](https://issues.redhat.com/browse/OCPBUGS-33078): Explicitly reserve 1 attachment for the root disk [#306](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/306) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#302](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/302) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#296](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/296) * [OCPBUGS-21057](https://issues.redhat.com/browse/OCPBUGS-21057): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#280](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/280) * [STOR-1432](https://issues.redhat.com/browse/STOR-1432): hypershift: deploy controller with control plane release images [#252](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/252) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#251](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/251) * Bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.4 [#250](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/250) * Bump k8s.io/component-base from 0.26.3 to 0.27.3 [#240](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/240) * [OCPBUGS-15823](https://issues.redhat.com/browse/OCPBUGS-15823): Change CSI RPC call timeouts [#248](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/248) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#244](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/244) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump efs-ebs-driver-operator library-go [#247](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/247) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#222](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/222) * Bump Kubernetes libs to v0.27.1 [#243](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/243) * [STOR-1167](https://issues.redhat.com/browse/STOR-1167): Enable extra-create-metadata to tag snapshots [#223](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/223) * [STOR-1300](https://issues.redhat.com/browse/STOR-1300): Restart controller Pods if metrics-serving-cert changed [#216](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/216) * [OCPBUGS-11882](https://issues.redhat.com/browse/OCPBUGS-11882): Added safe-to-evict-local-volume annotation from bound-sa-token to ebs-controller [#232](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/232) * [OCPBUGS-11882](https://issues.redhat.com/browse/OCPBUGS-11882): Added safe-to-evict annotation to aws-ebs-csi-driver-controller pods [#231](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/231) * [OCPBUGS-13017](https://issues.redhat.com/browse/OCPBUGS-13017): assets/hypershift/controller_sa: Set controller ServiceAccount imagePullSecrets [#219](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/219) * Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART [#217](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/217) * Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART [#215](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/215) * Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART [#214](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/214) * Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 [#207](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/207) * [OCPBUGS-8691](https://issues.redhat.com/browse/OCPBUGS-8691): Hypershift: set control plane operand properties [#205](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/205) * Bump k8s.io/apiextensions-apiserver from 0.26.2 to 0.26.3 [#203](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/203) * [OCPBUGS-8752](https://issues.redhat.com/browse/OCPBUGS-8752): fix: typo [#198](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/198) * [OCPBUGS-8752](https://issues.redhat.com/browse/OCPBUGS-8752): feat: add workload annotation to deployment and daemonset [#194](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/194) * Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART [#195](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/195) * Bump k8s.io/apiextensions-apiserver from 0.26.1 to 0.26.2 [#189](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/189) * Bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 [#190](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/190) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/8f05d9cd9f35c40ab0929577a9650a02c88a2be0...609879c3f1b9a65936e385f798398a2d1673aacd) ### [aws-machine-controllers](https://github.com/openshift/machine-api-provider-aws/tree/d072717e5bfbefa6f7bc22e4e6c52bde0fd59859) * [OCPBUGS-63142](https://issues.redhat.com/browse/OCPBUGS-63142): revert: client: re-use a single file for building the session instead of randomly named files [#151](https://github.com/openshift/machine-api-provider-aws/pull/151) * [OCPBUGS-63142](https://issues.redhat.com/browse/OCPBUGS-63142): client: re-use a single file for building the session instead of randomly named files [#142](https://github.com/openshift/machine-api-provider-aws/pull/142) * [OCPBUGS-17298](https://issues.redhat.com/browse/OCPBUGS-17298), [OCPBUGS-21571](https://issues.redhat.com/browse/OCPBUGS-21571): Update golang.org/x/net to v0.17.0 [#88](https://github.com/openshift/machine-api-provider-aws/pull/88) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#81](https://github.com/openshift/machine-api-provider-aws/pull/81) * [OCPBUGS-11524](https://issues.redhat.com/browse/OCPBUGS-11524): Add test for multi security groups per machine [#80](https://github.com/openshift/machine-api-provider-aws/pull/80) * [OCPCLOUD-2113](https://issues.redhat.com/browse/OCPCLOUD-2113): Add support for PlacementGroupName in instances [#77](https://github.com/openshift/machine-api-provider-aws/pull/77) * Fixes for the labels capacity annotation [#76](https://github.com/openshift/machine-api-provider-aws/pull/76) * [MIXEDARCH-256](https://issues.redhat.com/browse/MIXEDARCH-256): Handle the kubernetes.io/architecture label based on the AWS instance type [#71](https://github.com/openshift/machine-api-provider-aws/pull/71) * [OCPCLOUD-2058](https://issues.redhat.com/browse/OCPCLOUD-2058): Update k8s to 1.27 [#72](https://github.com/openshift/machine-api-provider-aws/pull/72) * [OCPBUGS-6882](https://issues.redhat.com/browse/OCPBUGS-6882): Fix getting AZ from subnet id to check mismatch [#73](https://github.com/openshift/machine-api-provider-aws/pull/73) * [OCPBUGS-12082](https://issues.redhat.com/browse/OCPBUGS-12082): Updating ose-machine-api-provider-aws images to be consistent with ART [#67](https://github.com/openshift/machine-api-provider-aws/pull/67) * [OCPBUGS-12554](https://issues.redhat.com/browse/OCPBUGS-12554): Bump x/net package to v0.9.0 [#69](https://github.com/openshift/machine-api-provider-aws/pull/69) * [OCPBUGS-6882](https://issues.redhat.com/browse/OCPBUGS-6882): Log to user that the subnet id and zone fields are mismatched [#63](https://github.com/openshift/machine-api-provider-aws/pull/63) * [OCPBUGS-11223](https://issues.redhat.com/browse/OCPBUGS-11223): Reduce metrics cardinality [#65](https://github.com/openshift/machine-api-provider-aws/pull/65) * [OCPBUGS-10127](https://issues.redhat.com/browse/OCPBUGS-10127): Updating ose-machine-api-provider-aws images to be consistent with ART [#62](https://github.com/openshift/machine-api-provider-aws/pull/62) * [Full changelog](https://github.com/openshift/machine-api-provider-aws/compare/e1a57b5e4ce731e8f90cd2c0d4ded81e40fa7a37...d072717e5bfbefa6f7bc22e4e6c52bde0fd59859) ### [aws-pod-identity-webhook](https://github.com/openshift/aws-pod-identity-webhook/tree/2c864ca0f09e038c4b0c82215ef1a6f60fb54e63) * [OCPBUGS-32884](https://issues.redhat.com/browse/OCPBUGS-32884): Upgrade go-jose module to 2.6.3 [#189](https://github.com/openshift/aws-pod-identity-webhook/pull/189) * [OCPBUGS-21761](https://issues.redhat.com/browse/OCPBUGS-21761): Backport the recent rebase to 4.14 [#168](https://github.com/openshift/aws-pod-identity-webhook/pull/168) * NO-ISSUE: Sync OWNERS with team members [#176](https://github.com/openshift/aws-pod-identity-webhook/pull/176) * snyk: exclude vendor/ [#171](https://github.com/openshift/aws-pod-identity-webhook/pull/171) * Bump to go 1.20 in go.mod [#163](https://github.com/openshift/aws-pod-identity-webhook/pull/163) * Updating ose-aws-pod-identity-webhook images to be consistent with ART [#162](https://github.com/openshift/aws-pod-identity-webhook/pull/162) * Updating ose-aws-pod-identity-webhook images to be consistent with ART [#159](https://github.com/openshift/aws-pod-identity-webhook/pull/159) * [Full changelog](https://github.com/openshift/aws-pod-identity-webhook/compare/ae01a272aff73b1390ee4c3934cc2382370a1660...2c864ca0f09e038c4b0c82215ef1a6f60fb54e63) ### [azure-cloud-controller-manager, azure-cloud-node-manager](https://github.com/openshift/cloud-provider-azure/tree/9ee3b74412f076928e05388af38b0372f484f3a9) * [OCPBUGS-57111](https://issues.redhat.com/browse/OCPBUGS-57111): Adds acr-credential-provider spec file and build script [#144](https://github.com/openshift/cloud-provider-azure/pull/144) * [OCPBUGS-23829](https://issues.redhat.com/browse/OCPBUGS-23829): Bump otelgrpc to v0.49.0 [#124](https://github.com/openshift/cloud-provider-azure/pull/124) * [OCPBUGS-21439](https://issues.redhat.com/browse/OCPBUGS-21439): Bump golang.org/x/net to v0.18.0 [#93](https://github.com/openshift/cloud-provider-azure/pull/93) * [OCPBUGS-18026](https://issues.redhat.com/browse/OCPBUGS-18026): Merge https://github.com/kubernetes-sigs/cloud-provider-azure:master (ff9e8d8) into master [#75](https://github.com/openshift/cloud-provider-azure/pull/75) * [RFE-4144](https://issues.redhat.com/browse/RFE-4144): Increase service idle max timeout to 100 minutes [#80](https://github.com/openshift/cloud-provider-azure/pull/80) * Updating ose-azure-cloud-controller-manager images to be consistent with ART [#74](https://github.com/openshift/cloud-provider-azure/pull/74) * Updating ose-azure-cloud-node-manager images to be consistent with ART [#73](https://github.com/openshift/cloud-provider-azure/pull/73) * [OCPBUGS-14762](https://issues.redhat.com/browse/OCPBUGS-14762): remove readiness check for cache exclusion [#77](https://github.com/openshift/cloud-provider-azure/pull/77) * [OCPBUGS-14368](https://issues.redhat.com/browse/OCPBUGS-14368): Do not detach masters from LB when unready [#76](https://github.com/openshift/cloud-provider-azure/pull/76) * [OCPBUGS-14368](https://issues.redhat.com/browse/OCPBUGS-14368): Default to kube-proxy health probes for Service type=LoadBalancer [#72](https://github.com/openshift/cloud-provider-azure/pull/72) * [OCPCLOUD-2050](https://issues.redhat.com/browse/OCPCLOUD-2050): Merge https://github.com/kubernetes-sigs/cloud-provider-azure:master (11f66ee) into master [#61](https://github.com/openshift/cloud-provider-azure/pull/61) * Prevent PRs not build on top of base branch from merging [#70](https://github.com/openshift/cloud-provider-azure/pull/70) * Fix downstream commit detection [#69](https://github.com/openshift/cloud-provider-azure/pull/69) * Updating ose-azure-cloud-node-manager images to be consistent with ART [#63](https://github.com/openshift/cloud-provider-azure/pull/63) * [OCPBUGS-11284](https://issues.redhat.com/browse/OCPBUGS-11284): Allow deprecated beta topology labels to be applied for those not ready to migrate [#62](https://github.com/openshift/cloud-provider-azure/pull/62) * Updating ose-azure-cloud-controller-manager images to be consistent with ART [#64](https://github.com/openshift/cloud-provider-azure/pull/64) * Merge https://github.com/kubernetes-sigs/cloud-provider-azure:master (8ac60cd) into master [#55](https://github.com/openshift/cloud-provider-azure/pull/55) * [OCPBUGS-10188](https://issues.redhat.com/browse/OCPBUGS-10188): Updating ose-gcp-cloud-controller-manager images to be consistent with ART [#59](https://github.com/openshift/cloud-provider-azure/pull/59) * Updating ose-azure-cloud-node-manager images to be consistent with ART [#58](https://github.com/openshift/cloud-provider-azure/pull/58) * [OCPBUGS-8474](https://issues.redhat.com/browse/OCPBUGS-8474): CCM should not panic when losing leader election lease [#57](https://github.com/openshift/cloud-provider-azure/pull/57) * [Full changelog](https://github.com/openshift/cloud-provider-azure/compare/bf9bd02236e13c426d58c9828685dd6c598ff15f...9ee3b74412f076928e05388af38b0372f484f3a9) ### [azure-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-azure/tree/8c2203f9d13e91a3a7e4825067b01a9f7fe0fd4f) * [OCPBUGS-36023](https://issues.redhat.com/browse/OCPBUGS-36023): Update go-retryablehttp to v0.7.7 [#313](https://github.com/openshift/cluster-api-provider-azure/pull/313) * [OCPBUGS-35125](https://issues.redhat.com/browse/OCPBUGS-35125): Bump x/crypto to v0.24.0 [#307](https://github.com/openshift/cluster-api-provider-azure/pull/307) * [OCPBUGS-17283](https://issues.redhat.com/browse/OCPBUGS-17283), [OCPBUGS-21516](https://issues.redhat.com/browse/OCPBUGS-21516): [release-4.14] Bump golang.org/x/net to v0.17.0 [#286](https://github.com/openshift/cluster-api-provider-azure/pull/286) * [CCO-320](https://issues.redhat.com/browse/CCO-320): Add support for Azure workload identity tokens [#274](https://github.com/openshift/cluster-api-provider-azure/pull/274) * Merge https://github.com/kubernetes-sigs/cluster-api-provider-azure:v1.9.5 (a020dae) into master [#281](https://github.com/openshift/cluster-api-provider-azure/pull/281) * [OCPBUGS-7675](https://issues.redhat.com/browse/OCPBUGS-7675), [OCPCLOUD-1873](https://issues.redhat.com/browse/OCPCLOUD-1873): Merge https://github.com/kubernetes-sigs/cluster-api-provider-azure:v1.9.2 (efaae42) into master [#277](https://github.com/openshift/cluster-api-provider-azure/pull/277) * Add verify-history [#275](https://github.com/openshift/cluster-api-provider-azure/pull/275) * Updating ose-azure-cluster-api-controllers images to be consistent with ART [#272](https://github.com/openshift/cluster-api-provider-azure/pull/272) * Updating ose-azure-cluster-api-controllers images to be consistent with ART [#271](https://github.com/openshift/cluster-api-provider-azure/pull/271) * Merge https://github.com/kubernetes-sigs/cluster-api-provider-azure:release-1.7 (741a29d) into master [#269](https://github.com/openshift/cluster-api-provider-azure/pull/269) * [Full changelog](https://github.com/openshift/cluster-api-provider-azure/compare/3f757a8f2ada44c7124f5d0205feb29b0fff1977...8c2203f9d13e91a3a7e4825067b01a9f7fe0fd4f) ### [azure-disk-csi-driver](https://github.com/openshift/azure-disk-csi-driver/tree/6d3558a3b5ae9d383988495cc64dc05b4bba0382) * [OCPBUGS-35126](https://issues.redhat.com/browse/OCPBUGS-35126): CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 [#82](https://github.com/openshift/azure-disk-csi-driver/pull/82) * [OCPBUGS-20701](https://issues.redhat.com/browse/OCPBUGS-20701): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#54](https://github.com/openshift/azure-disk-csi-driver/pull/54) * [OCPBUGS-17284](https://issues.redhat.com/browse/OCPBUGS-17284): UPSTREAM: 1927: chore(deps): bump golang.org/x/net from 0.10.0 to 0.14.0 [#48](https://github.com/openshift/azure-disk-csi-driver/pull/48) * [OCPBUGS-15658](https://issues.redhat.com/browse/OCPBUGS-15658): Update to v1.28.1 [#45](https://github.com/openshift/azure-disk-csi-driver/pull/45) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#46](https://github.com/openshift/azure-disk-csi-driver/pull/46) * [STOR-1164](https://issues.redhat.com/browse/STOR-1164): Rebase to v1.28.0 for OCP 4.14 [#43](https://github.com/openshift/azure-disk-csi-driver/pull/43) * Updating ose-azure-disk-csi-driver images to be consistent with ART [#41](https://github.com/openshift/azure-disk-csi-driver/pull/41) * Updating ose-azure-disk-csi-driver images to be consistent with ART [#39](https://github.com/openshift/azure-disk-csi-driver/pull/39) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver/compare/b6d3fbcbf312f03247092323a88a43873b693f22...6d3558a3b5ae9d383988495cc64dc05b4bba0382) ### [azure-disk-csi-driver-operator](https://github.com/openshift/azure-disk-csi-driver-operator/tree/918935767350f9f330b9d6a9c3ee03e9869e7828) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#120](https://github.com/openshift/azure-disk-csi-driver-operator/pull/120) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#109](https://github.com/openshift/azure-disk-csi-driver-operator/pull/109) * [OCPBUGS-20784](https://issues.redhat.com/browse/OCPBUGS-20784): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#101](https://github.com/openshift/azure-disk-csi-driver-operator/pull/101) * [OCPBUGS-16654](https://issues.redhat.com/browse/OCPBUGS-16654): Revert revert "STOR-1065: Rework sidecar bindings to b… [#88](https://github.com/openshift/azure-disk-csi-driver-operator/pull/88) * [OCPBUGS-16496](https://issues.redhat.com/browse/OCPBUGS-16496): Bump library-go to remove dependency on goproxy [#90](https://github.com/openshift/azure-disk-csi-driver-operator/pull/90) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#89](https://github.com/openshift/azure-disk-csi-driver-operator/pull/89) * Revert "STOR-1065: Rework sidecar bindings to bind common ClusterRoles" [#87](https://github.com/openshift/azure-disk-csi-driver-operator/pull/87) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#84](https://github.com/openshift/azure-disk-csi-driver-operator/pull/84) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump azure-disk-csi-driver-operator library-go [#85](https://github.com/openshift/azure-disk-csi-driver-operator/pull/85) * [CCO-324](https://issues.redhat.com/browse/CCO-324): Unrevert "CCO-324: add support for workload identity" [#83](https://github.com/openshift/azure-disk-csi-driver-operator/pull/83) * Revert "CCO-324: add support for workload identity" [#82](https://github.com/openshift/azure-disk-csi-driver-operator/pull/82) * [CCO-324](https://issues.redhat.com/browse/CCO-324): add support for workload identity [#78](https://github.com/openshift/azure-disk-csi-driver-operator/pull/78) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#81](https://github.com/openshift/azure-disk-csi-driver-operator/pull/81) * [OCPBUGS-12559](https://issues.redhat.com/browse/OCPBUGS-12559): Bump golang.org/x/net@v0.9.0 [#80](https://github.com/openshift/azure-disk-csi-driver-operator/pull/80) * Updating ose-azure-disk-csi-driver-operator images to be consistent with ART [#79](https://github.com/openshift/azure-disk-csi-driver-operator/pull/79) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#74](https://github.com/openshift/azure-disk-csi-driver-operator/pull/74) * [OCPBUGS-10842](https://issues.redhat.com/browse/OCPBUGS-10842): Reorder static resources to create RBAC first [#75](https://github.com/openshift/azure-disk-csi-driver-operator/pull/75) * Updating ose-azure-disk-csi-driver-operator images to be consistent with ART [#73](https://github.com/openshift/azure-disk-csi-driver-operator/pull/73) * And 1 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver-operator/compare/8534d7563e209e12eec38a2027cd1d9efd530071...918935767350f9f330b9d6a9c3ee03e9869e7828) ### [azure-file-csi-driver](https://github.com/openshift/azure-file-csi-driver/tree/a737d1c4366b11757ca20478208f1e1275047418) * [OCPBUGS-41164](https://issues.redhat.com/browse/OCPBUGS-41164): bump mount-utils to treat ENODEV error as corrupted mount [#79](https://github.com/openshift/azure-file-csi-driver/pull/79) * [OCPBUGS-33039](https://issues.redhat.com/browse/OCPBUGS-33039): Rebase v1.29.5 for OCP 4.14 [#66](https://github.com/openshift/azure-file-csi-driver/pull/66) * [OCPBUGS-20884](https://issues.redhat.com/browse/OCPBUGS-20884): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#37](https://github.com/openshift/azure-file-csi-driver/pull/37) * [OCPBUGS-17285](https://issues.redhat.com/browse/OCPBUGS-17285): UPSTREAM: 1355: build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 [#33](https://github.com/openshift/azure-file-csi-driver/pull/33) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#32](https://github.com/openshift/azure-file-csi-driver/pull/32) * [OCPBUGS-15657](https://issues.redhat.com/browse/OCPBUGS-15657): Update to 1.28.1 [#31](https://github.com/openshift/azure-file-csi-driver/pull/31) * [STOR-1160](https://issues.redhat.com/browse/STOR-1160): Rebase to v1.28.0 for OCP 4.14 [#29](https://github.com/openshift/azure-file-csi-driver/pull/29) * Updating azure-file-csi-driver images to be consistent with ART [#28](https://github.com/openshift/azure-file-csi-driver/pull/28) * Updating azure-file-csi-driver images to be consistent with ART [#27](https://github.com/openshift/azure-file-csi-driver/pull/27) * Updating azure-file-csi-driver images to be consistent with ART [#26](https://github.com/openshift/azure-file-csi-driver/pull/26) * Updating azure-file-csi-driver images to be consistent with ART [#25](https://github.com/openshift/azure-file-csi-driver/pull/25) * [Full changelog](https://github.com/openshift/azure-file-csi-driver/compare/15e6f80ec4be826cd5d03ef4126be0dd171b506e...a737d1c4366b11757ca20478208f1e1275047418) ### [azure-file-csi-driver-operator](https://github.com/openshift/azure-file-csi-driver-operator/tree/4469d80589595dd5d05f0f0f296505800e3ad527) * [OCPBUGS-33039](https://issues.redhat.com/browse/OCPBUGS-33039): add token audience for Azure File [#104](https://github.com/openshift/azure-file-csi-driver-operator/pull/104) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#94](https://github.com/openshift/azure-file-csi-driver-operator/pull/94) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#83](https://github.com/openshift/azure-file-csi-driver-operator/pull/83) * [OCPBUGS-20983](https://issues.redhat.com/browse/OCPBUGS-20983): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#76](https://github.com/openshift/azure-file-csi-driver-operator/pull/76) * [STOR-1434](https://issues.redhat.com/browse/STOR-1434): Restart controller Pods if metrics-serving-cert changed [#68](https://github.com/openshift/azure-file-csi-driver-operator/pull/68) * [OCPBUGS-16654](https://issues.redhat.com/browse/OCPBUGS-16654): Revert revert "STOR-1065: Rework sidecar bindings to b… [#64](https://github.com/openshift/azure-file-csi-driver-operator/pull/64) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#65](https://github.com/openshift/azure-file-csi-driver-operator/pull/65) * [OCPBUGS-16498](https://issues.redhat.com/browse/OCPBUGS-16498): Bump library-go to remove dependency on goproxy [#66](https://github.com/openshift/azure-file-csi-driver-operator/pull/66) * Revert "STOR-1065: Rework sidecar bindings to bind common ClusterRoles" [#63](https://github.com/openshift/azure-file-csi-driver-operator/pull/63) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#60](https://github.com/openshift/azure-file-csi-driver-operator/pull/60) * [CCO-325](https://issues.redhat.com/browse/CCO-325): Unrevert "CCO-325: add support for workload identity" [#62](https://github.com/openshift/azure-file-csi-driver-operator/pull/62) * [STOR-989](https://issues.redhat.com/browse/STOR-989): Remove SC and manifest file for NFS backend [#58](https://github.com/openshift/azure-file-csi-driver-operator/pull/58) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump azure-file-csi-driver-operator library-go [#61](https://github.com/openshift/azure-file-csi-driver-operator/pull/61) * Revert "CCO-325: add support for workload identity" [#59](https://github.com/openshift/azure-file-csi-driver-operator/pull/59) * [CCO-325](https://issues.redhat.com/browse/CCO-325): add support for workload identity [#54](https://github.com/openshift/azure-file-csi-driver-operator/pull/54) * [CCO-325](https://issues.redhat.com/browse/CCO-325): Mount serviceaccount token into csi-driver container [#53](https://github.com/openshift/azure-file-csi-driver-operator/pull/53) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#57](https://github.com/openshift/azure-file-csi-driver-operator/pull/57) * [OCPBUGS-12561](https://issues.redhat.com/browse/OCPBUGS-12561): Bump golang.org/x/net@v0.9.0 [#56](https://github.com/openshift/azure-file-csi-driver-operator/pull/56) * Updating azure-file-csi-driver-operator images to be consistent with ART [#55](https://github.com/openshift/azure-file-csi-driver-operator/pull/55) * Updating azure-file-csi-driver-operator images to be consistent with ART [#52](https://github.com/openshift/azure-file-csi-driver-operator/pull/52) * Updating azure-file-csi-driver-operator images to be consistent with ART [#51](https://github.com/openshift/azure-file-csi-driver-operator/pull/51) * [OCPBUGS-10842](https://issues.redhat.com/browse/OCPBUGS-10842): Reorder static resources to create RBAC first [#50](https://github.com/openshift/azure-file-csi-driver-operator/pull/50) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#49](https://github.com/openshift/azure-file-csi-driver-operator/pull/49) * Updating azure-file-csi-driver-operator images to be consistent with ART [#48](https://github.com/openshift/azure-file-csi-driver-operator/pull/48) * [Full changelog](https://github.com/openshift/azure-file-csi-driver-operator/compare/70e0530255150e513061730f7624c9c235ee7c38...4469d80589595dd5d05f0f0f296505800e3ad527) ### [azure-machine-controllers](https://github.com/openshift/machine-api-provider-azure/tree/d526284e26f37f36f9d5297faa801ea117d81f48) * [CFE-1050](https://issues.redhat.com/browse/CFE-1050): Added support of capacity reservation group [#109](https://github.com/openshift/machine-api-provider-azure/pull/109) * [OCPBUGS-35133](https://issues.redhat.com/browse/OCPBUGS-35133): Bump x/crypto to v0.24.0 [#112](https://github.com/openshift/machine-api-provider-azure/pull/112) * [OCPBUGS-30898](https://issues.redhat.com/browse/OCPBUGS-30898): Remove startupScript vmextension lookup [#106](https://github.com/openshift/machine-api-provider-azure/pull/106) * [OCPBUGS-29152](https://issues.redhat.com/browse/OCPBUGS-29152): Don't create availability set when using spot instances [#98](https://github.com/openshift/machine-api-provider-azure/pull/98) * [OCPBUGS-28745](https://issues.redhat.com/browse/OCPBUGS-28745): Improving performance of VMs created in Azure [#96](https://github.com/openshift/machine-api-provider-azure/pull/96) * [OCPBUGS-17299](https://issues.redhat.com/browse/OCPBUGS-17299), [OCPBUGS-20773](https://issues.redhat.com/browse/OCPBUGS-20773): Bump x/net package to v0.17.0 [#80](https://github.com/openshift/machine-api-provider-azure/pull/80) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#74](https://github.com/openshift/machine-api-provider-azure/pull/74) * Revert "Merge pull request #72 from RadekManak/azure-zone-no-pointer" [#73](https://github.com/openshift/machine-api-provider-azure/pull/73) * [OCPBUGS-17851](https://issues.redhat.com/browse/OCPBUGS-17851): Update zone usage to use non-pointer [#72](https://github.com/openshift/machine-api-provider-azure/pull/72) * [MGMT-13713](https://issues.redhat.com/browse/MGMT-13713): Add confidential VM support [#54](https://github.com/openshift/machine-api-provider-azure/pull/54) * Fix termination tests randomly timing out [#68](https://github.com/openshift/machine-api-provider-azure/pull/68) * Set upstream labels and fix capability for the arch-aware scale from 0 in Azure [#66](https://github.com/openshift/machine-api-provider-azure/pull/66) * [CCO-346](https://issues.redhat.com/browse/CCO-346): Add support for Azure workload identity tokens [#55](https://github.com/openshift/machine-api-provider-azure/pull/55) * [MIXEDARCH-257](https://issues.redhat.com/browse/MIXEDARCH-257): Handle the kubernetes.io/architecture label based on the Azure VM Size [#65](https://github.com/openshift/machine-api-provider-azure/pull/65) * [OCPBUGS-10762](https://issues.redhat.com/browse/OCPBUGS-10762): Machine should be Failed if Machine has a Failed state on Azure [#56](https://github.com/openshift/machine-api-provider-azure/pull/56) * [OCPCLOUD-2057](https://issues.redhat.com/browse/OCPCLOUD-2057): Bump to Kubernetes 1.27 deps [#62](https://github.com/openshift/machine-api-provider-azure/pull/62) * [OCPBUGS-12628](https://issues.redhat.com/browse/OCPBUGS-12628): Bump x/net to v.0.7.0 [#60](https://github.com/openshift/machine-api-provider-azure/pull/60) * [OCPBUGS-11223](https://issues.redhat.com/browse/OCPBUGS-11223): Reduce metrics cardinality [#58](https://github.com/openshift/machine-api-provider-azure/pull/58) * Updating ose-machine-api-provider-azure images to be consistent with ART [#59](https://github.com/openshift/machine-api-provider-azure/pull/59) * [OCPBUGS-10190](https://issues.redhat.com/browse/OCPBUGS-10190): Updating ose-machine-api-provider-azure images to be consistent with ART [#53](https://github.com/openshift/machine-api-provider-azure/pull/53) * [Full changelog](https://github.com/openshift/machine-api-provider-azure/compare/62f6e0f3091262a84e1d6240e2086f35635b5b5b...d526284e26f37f36f9d5297faa801ea117d81f48) ### [baremetal-installer, installer, installer-artifacts](https://github.com/openshift/installer/tree/bf1b6c1c1bc1b825a54af62e0f8e587be984b89b) * [OCPBUGS-62814](https://issues.redhat.com/browse/OCPBUGS-62814): Release 4.14 bump terraform provider azurerm [#10001](https://github.com/openshift/installer/pull/10001) * [OCPBUGS-55193](https://issues.redhat.com/browse/OCPBUGS-55193): data/manifests/bootkube/cvo-overrides: Default to eus-4.14 [#9643](https://github.com/openshift/installer/pull/9643) * [OCPBUGS-54323](https://issues.redhat.com/browse/OCPBUGS-54323): Update upi references to api-internal [#9609](https://github.com/openshift/installer/pull/9609) * [OCPBUGS-54264](https://issues.redhat.com/browse/OCPBUGS-54264): IBMCloud: Move to IBM TF openshift fork [#9605](https://github.com/openshift/installer/pull/9605) * [OCPBUGS-54260](https://issues.redhat.com/browse/OCPBUGS-54260): vsphere-fix convert if only provided name [#9602](https://github.com/openshift/installer/pull/9602) * [OCPBUGS-52996](https://issues.redhat.com/browse/OCPBUGS-52996): Bump terraform-provider-google version to v5.37.0 to fix consistent issues during cluster creation [#9587](https://github.com/openshift/installer/pull/9587) * [OCPBUGS-53210](https://issues.redhat.com/browse/OCPBUGS-53210): PowerVS: remove system pools [#9572](https://github.com/openshift/installer/pull/9572) * [OCPBUGS-46606](https://issues.redhat.com/browse/OCPBUGS-46606): Power VS: Create region-zone-sysType hierarchy [#9331](https://github.com/openshift/installer/pull/9331) * [OCPBUGS-48196](https://issues.redhat.com/browse/OCPBUGS-48196): IBMCloud: Ignore failed VPC regions [#9350](https://github.com/openshift/installer/pull/9350) * [OCPBUGS-45464](https://issues.redhat.com/browse/OCPBUGS-45464): add chrony.conf file when additional NTP sources are configured [#9269](https://github.com/openshift/installer/pull/9269) * [OCPBUGS-43505](https://issues.redhat.com/browse/OCPBUGS-43505): Stop rendering networks.config CRD [#9105](https://github.com/openshift/installer/pull/9105) * [OCPBUGS-42285](https://issues.redhat.com/browse/OCPBUGS-42285): Add AWS r8g to arm tested instance types [#9050](https://github.com/openshift/installer/pull/9050) * [OCPBUGS-42848](https://issues.redhat.com/browse/OCPBUGS-42848): add tested instance type for IBMCloud [#9082](https://github.com/openshift/installer/pull/9082) * [OCPBUGS-25508](https://issues.redhat.com/browse/OCPBUGS-25508): Update Golang SSH package version update to 0.17.0 [#8992](https://github.com/openshift/installer/pull/8992) * [OCPBUGS-39411](https://issues.redhat.com/browse/OCPBUGS-39411): Added yq to ci image [#8943](https://github.com/openshift/installer/pull/8943) * [OCPBUGS-36180](https://issues.redhat.com/browse/OCPBUGS-36180): baremetal IPI without provisioning network failing on provisioning-interface.service [#8712](https://github.com/openshift/installer/pull/8712) * [OCPBUGS-36089](https://issues.redhat.com/browse/OCPBUGS-36089): [release-4.14] bump go-retryablehttp for CVE fix [#8658](https://github.com/openshift/installer/pull/8658) * [OCPBUGS-37183](https://issues.redhat.com/browse/OCPBUGS-37183): ic: fix typo in warning message [#8771](https://github.com/openshift/installer/pull/8771) * [OCPBUGS-37068](https://issues.redhat.com/browse/OCPBUGS-37068): update RHCOS 4.14 bootimage metadata to 414.92.202407091253-0 [#8748](https://github.com/openshift/installer/pull/8748) * [OCPBUGS-36748](https://issues.redhat.com/browse/OCPBUGS-36748): Add yq-v4 to the upi-installer image for CI [#8684](https://github.com/openshift/installer/pull/8684) * [OCPBUGS-35827](https://issues.redhat.com/browse/OCPBUGS-35827): If host is offline or disconnected don't check ver [#8634](https://github.com/openshift/installer/pull/8634) * [OCPBUGS-35826](https://issues.redhat.com/browse/OCPBUGS-35826): [release-4.14] bump github.com/containers/image for CVE fix [#8633](https://github.com/openshift/installer/pull/8633) * [OCPBUGS-35485](https://issues.redhat.com/browse/OCPBUGS-35485): [release-4.14] aws: terraform: add spot instance support for masters [#8605](https://github.com/openshift/installer/pull/8605) * [OCPBUGS-34024](https://issues.redhat.com/browse/OCPBUGS-34024): go.mod: bump aws-sdk-go for ca-west-1 support [#8440](https://github.com/openshift/installer/pull/8440) * [OCPBUGS-33401](https://issues.redhat.com/browse/OCPBUGS-33401): PowerVS: Add composite_instance to listServiceInstances [#8479](https://github.com/openshift/installer/pull/8479) * [CORS-2951](https://issues.redhat.com/browse/CORS-2951): Add deprecation notice for OpenShiftSDN for 4.14 users [#8518](https://github.com/openshift/installer/pull/8518) * [OCPBUGS-28611](https://issues.redhat.com/browse/OCPBUGS-28611): remove retired serial NCv2 from azure tested instance type list on x86 [#7960](https://github.com/openshift/installer/pull/7960) * [OCPBUGS-27394](https://issues.redhat.com/browse/OCPBUGS-27394): preserve category name when trying to find tag category [#7926](https://github.com/openshift/installer/pull/7926) * [OCPBUGS-33010](https://issues.redhat.com/browse/OCPBUGS-33010): escape '%' in proxy settings [#8318](https://github.com/openshift/installer/pull/8318) * [OCPBUGS-31756](https://issues.redhat.com/browse/OCPBUGS-31756): openstack: Honour worker server group policy [#8231](https://github.com/openshift/installer/pull/8231) * NO-ISSUE: test fix to support slightly different nmstate error messages [#8286](https://github.com/openshift/installer/pull/8286) * [OCPBUGS-32358](https://issues.redhat.com/browse/OCPBUGS-32358): Updated libvirt installer to include multi-arch yq and symlink for backwards compatibility [#8281](https://github.com/openshift/installer/pull/8281) * [OCPBUGS-31885](https://issues.redhat.com/browse/OCPBUGS-31885): Validate control plane replicas [#8241](https://github.com/openshift/installer/pull/8241) * [OCPBUGS-31677](https://issues.redhat.com/browse/OCPBUGS-31677): coreos-installer iso kargs show broken on Agent ISO [#8228](https://github.com/openshift/installer/pull/8228) * [OCPBUGS-31338](https://issues.redhat.com/browse/OCPBUGS-31338): upi: aws: fix typo in worker templates [#8203](https://github.com/openshift/installer/pull/8203) * Bug OCPBUGS-30187: OpenStack: fix controlPlanePort validation [#8095](https://github.com/openshift/installer/pull/8095) * [OCPBUGS-30027](https://issues.redhat.com/browse/OCPBUGS-30027): gcp: better error msg when service accnt missing [#8078](https://github.com/openshift/installer/pull/8078) * [OCPBUGS-30259](https://issues.redhat.com/browse/OCPBUGS-30259): PowerVS remove ibm cloud/bluemix go 4.14 [#8103](https://github.com/openshift/installer/pull/8103) * [OCPBUGS-29123](https://issues.redhat.com/browse/OCPBUGS-29123): IBMCloud: Handle disk delete errors [#7988](https://github.com/openshift/installer/pull/7988) * [OCPBUGS-29626](https://issues.redhat.com/browse/OCPBUGS-29626): update RHCOS 4.14 bootimage metadata to 414.92.202402130420-0 [#8037](https://github.com/openshift/installer/pull/8037) * [OCPBUGS-28929](https://issues.redhat.com/browse/OCPBUGS-28929): [release-4.14] Bump containerd for vulnerability fix [#7981](https://github.com/openshift/installer/pull/7981) * [OCPBUGS-27419](https://issues.redhat.com/browse/OCPBUGS-27419): Fix depreciated typo [#7929](https://github.com/openshift/installer/pull/7929) * [OCPBUGS-24521](https://issues.redhat.com/browse/OCPBUGS-24521): set vmType in azure cloud config [release-4.14] [#7804](https://github.com/openshift/installer/pull/7804) * [OCPBUGS-23738](https://issues.redhat.com/browse/OCPBUGS-23738): vSphere - when using RP network path is incorrect [#7759](https://github.com/openshift/installer/pull/7759) * [OCPBUGS-27241](https://issues.redhat.com/browse/OCPBUGS-27241): baremetal: correct external_http_url for v6-only BMCs [#7914](https://github.com/openshift/installer/pull/7914) * [OCPBUGS-22315](https://issues.redhat.com/browse/OCPBUGS-22315): bootstrap: Enable gatewayd units only on RHCOS [#7628](https://github.com/openshift/installer/pull/7628) * [OCPBUGS-23498](https://issues.redhat.com/browse/OCPBUGS-23498): update RHCOS 4.14 bootimage metadata to 414.92.202401110948-0 [#7919](https://github.com/openshift/installer/pull/7919) * [OCPBUGS-20860](https://issues.redhat.com/browse/OCPBUGS-20860): Bump versions for golang modules to accommodate fixes for CVE-2023-39325 & CVE-2023-44487 [#7887](https://github.com/openshift/installer/pull/7887) * [OCPBUGS-22895](https://issues.redhat.com/browse/OCPBUGS-22895): Do not generate azure-cloud-provider in manual mode for aro builds [#7670](https://github.com/openshift/installer/pull/7670) * [OCPBUGS-22771](https://issues.redhat.com/browse/OCPBUGS-22771): aws: use security groups from defaultMachinePlatform [#7658](https://github.com/openshift/installer/pull/7658) * [OCPBUGS-24489](https://issues.redhat.com/browse/OCPBUGS-24489): baremetal: populate customDeploy in advance [#7802](https://github.com/openshift/installer/pull/7802) * [OCPBUGS-22770](https://issues.redhat.com/browse/OCPBUGS-22770): destroy: gcp: fix destroying regional disks [#7657](https://github.com/openshift/installer/pull/7657) * Bug OCPBUGS-22776: OpenStack: Fix IPv6 address configuration for bootstrap [#7660](https://github.com/openshift/installer/pull/7660) * [OCPBUGS-22978](https://issues.redhat.com/browse/OCPBUGS-22978): IBMCloud: Add eu-es region [#7684](https://github.com/openshift/installer/pull/7684) * [OCPBUGS-23399](https://issues.redhat.com/browse/OCPBUGS-23399): Check if PER is enabled in the target PowerVS workspace [#7736](https://github.com/openshift/installer/pull/7736) * [OCPBUGS-22688](https://issues.redhat.com/browse/OCPBUGS-22688): Bump Fedora CoreOS to latest stable [#7647](https://github.com/openshift/installer/pull/7647) * [OCPBUGS-22774](https://issues.redhat.com/browse/OCPBUGS-22774): Add KMS encryption keys if provided [#7659](https://github.com/openshift/installer/pull/7659) * [OCPBUGS-21868](https://issues.redhat.com/browse/OCPBUGS-21868): vSphere,segfault on version check [#7605](https://github.com/openshift/installer/pull/7605) * [OCPBUGS-22945](https://issues.redhat.com/browse/OCPBUGS-22945): Update gcloud version to 447.0.0 [#7681](https://github.com/openshift/installer/pull/7681) * [OCPBUGS-22187](https://issues.redhat.com/browse/OCPBUGS-22187): azure: validation: validate defaultMachinePlatform [#7615](https://github.com/openshift/installer/pull/7615) * [OCPBUGS-22758](https://issues.redhat.com/browse/OCPBUGS-22758): update RHCOS 4.14 bootimage metadata to 414.92.202310210434-0 [#7655](https://github.com/openshift/installer/pull/7655) * [OCPBUGS-19922](https://issues.redhat.com/browse/OCPBUGS-19922): Release 4.14 skip agent tui on external oci platform [#7599](https://github.com/openshift/installer/pull/7599) * [OCPBUGS-21653](https://issues.redhat.com/browse/OCPBUGS-21653): Rectify GCP label key validation check [#7606](https://github.com/openshift/installer/pull/7606) * [OCPBUGS-20357](https://issues.redhat.com/browse/OCPBUGS-20357): update RHCOS 4.14 bootimage metadata to 414.92.202310170514-0 [#7618](https://github.com/openshift/installer/pull/7618) * [OCPBUGS-20396](https://issues.redhat.com/browse/OCPBUGS-20396): Unable to disable external CCM for platform external [#7594](https://github.com/openshift/installer/pull/7594) * [OCPBUGS-20522](https://issues.redhat.com/browse/OCPBUGS-20522): Use changes to AgentClusterInstall during loading [#7588](https://github.com/openshift/installer/pull/7588) * Enforcing the serial execution of the integration tests [#7598](https://github.com/openshift/installer/pull/7598) * [OCPBUGS-20581](https://issues.redhat.com/browse/OCPBUGS-20581): enable cloud controller manager type to be defined [#7581](https://github.com/openshift/installer/pull/7581) * [OCPBUGS-20441](https://issues.redhat.com/browse/OCPBUGS-20441): Warn about host and target compatibility [#7583](https://github.com/openshift/installer/pull/7583) * [OCPBUGS-20345](https://issues.redhat.com/browse/OCPBUGS-20345): Enable serial console for external OCI platform [#7569](https://github.com/openshift/installer/pull/7569) * [OCPBUGS-20401](https://issues.redhat.com/browse/OCPBUGS-20401): always write AWS cloud.conf [#7578](https://github.com/openshift/installer/pull/7578) * [OCPBUGS-19922](https://issues.redhat.com/browse/OCPBUGS-19922): Do not start agent-tui if no graphical console available [#7539](https://github.com/openshift/installer/pull/7539) * [OCPBUGS-20103](https://issues.redhat.com/browse/OCPBUGS-20103): GCP default value for service account [#7553](https://github.com/openshift/installer/pull/7553) * [OCPBUGS-19953](https://issues.redhat.com/browse/OCPBUGS-19953): AWS terraform bootstrap destroy will not refresh state [#7543](https://github.com/openshift/installer/pull/7543) * [OCPBUGS-20066](https://issues.redhat.com/browse/OCPBUGS-20066): Use updated ansible-core for Openstack image [#7551](https://github.com/openshift/installer/pull/7551) * [OCPBUGS-19835](https://issues.redhat.com/browse/OCPBUGS-19835): Enable FIPS in agent ISO [#7541](https://github.com/openshift/installer/pull/7541) * [OCPBUGS-19846](https://issues.redhat.com/browse/OCPBUGS-19846): Graceful fail for AWS getUser on destroy [#7532](https://github.com/openshift/installer/pull/7532) * [OCPBUGS-19033](https://issues.redhat.com/browse/OCPBUGS-19033): Add Net capabilities to dnsmasq container [#7489](https://github.com/openshift/installer/pull/7489) * [OCPBUGS-19319](https://issues.redhat.com/browse/OCPBUGS-19319): Handle agent tui failure gracefully [#7497](https://github.com/openshift/installer/pull/7497) * [OCPBUGS-19738](https://issues.redhat.com/browse/OCPBUGS-19738): Remove warning about CPUPartitioning [#7529](https://github.com/openshift/installer/pull/7529) * [OCPBUGS-19300](https://issues.redhat.com/browse/OCPBUGS-19300): Implement workaround to allow SNO installations for OKD/FCOS [#7479](https://github.com/openshift/installer/pull/7479) * [OCPBUGS-19702](https://issues.redhat.com/browse/OCPBUGS-19702): Increase bootstrap timeout for vSphere platform by 30 mins [#7528](https://github.com/openshift/installer/pull/7528) * [OCPBUGS-19636](https://issues.redhat.com/browse/OCPBUGS-19636): Pass CPUPartitioning via install-config overrides if set [#7521](https://github.com/openshift/installer/pull/7521) * [OCPBUGS-18181](https://issues.redhat.com/browse/OCPBUGS-18181): update RHCOS 4.14 bootimage metadata to 414.92.202309201615-0 [#7517](https://github.com/openshift/installer/pull/7517) * [OCPBUGS-18719](https://issues.redhat.com/browse/OCPBUGS-18719): for vsphere ipi add cluster domain to the uploaded vm configs so that… [#7477](https://github.com/openshift/installer/pull/7477) * [OCPBUGS-18883](https://issues.redhat.com/browse/OCPBUGS-18883): Do not set FailureDomains on CPMS when in a single zone Azure region [#7483](https://github.com/openshift/installer/pull/7483) * [AGENT-702](https://issues.redhat.com/browse/AGENT-702): Generate minimal ISO for external platform [#7478](https://github.com/openshift/installer/pull/7478) * [OCPBUGS-18428](https://issues.redhat.com/browse/OCPBUGS-18428): Add ip=dhcp,dhcp6 kernel param for vSphere dual-stack [#7467](https://github.com/openshift/installer/pull/7467) * [OSDOCS-6999](https://issues.redhat.com/browse/OSDOCS-6999): tested machine series 'C3', 'C2D' [#7381](https://github.com/openshift/installer/pull/7381) * [OCPBUGS-18450](https://issues.redhat.com/browse/OCPBUGS-18450): AWS permission missing for security group viewing. [#7460](https://github.com/openshift/installer/pull/7460) * [OCPBUGS-18365](https://issues.redhat.com/browse/OCPBUGS-18365): Fix defaulting of userManagedNetworking value [#7458](https://github.com/openshift/installer/pull/7458) * integration tests: Swap order of diff arguments [#7462](https://github.com/openshift/installer/pull/7462) * [AGENT-693](https://issues.redhat.com/browse/AGENT-693): Support external platform [#7442](https://github.com/openshift/installer/pull/7442) * [OCPBUGS-18457](https://issues.redhat.com/browse/OCPBUGS-18457): Make extracting ISO kargs more robust [#7463](https://github.com/openshift/installer/pull/7463) * [OCPBUGS-18457](https://issues.redhat.com/browse/OCPBUGS-18457): Fix PXE integration tests [#7461](https://github.com/openshift/installer/pull/7461) * [OCPBUGS-17806](https://issues.redhat.com/browse/OCPBUGS-17806): gomod: bump openshift/api version [#7421](https://github.com/openshift/installer/pull/7421) * [OCPBUGS-17770](https://issues.redhat.com/browse/OCPBUGS-17770): azure: use marketplace image plan's publisher [#7426](https://github.com/openshift/installer/pull/7426) * [OCPBUGS-7690](https://issues.redhat.com/browse/OCPBUGS-7690): azure: destroy: dns records leak if permissions missing [#7433](https://github.com/openshift/installer/pull/7433) * [OCPBUGS-17869](https://issues.redhat.com/browse/OCPBUGS-17869): azure: fix setting outboundType [#7455](https://github.com/openshift/installer/pull/7455) * [OSDOCS-6880](https://issues.redhat.com/browse/OSDOCS-6880): Adding 64-bit ARM GCP instance types to documentation [#7320](https://github.com/openshift/installer/pull/7320) * [OCPBUGS-16204](https://issues.redhat.com/browse/OCPBUGS-16204): aws: attach additional security groups to controlPlane [#7352](https://github.com/openshift/installer/pull/7352) * [OCPBUGS-18046](https://issues.redhat.com/browse/OCPBUGS-18046): update govc version to v0.30.7 [#7425](https://github.com/openshift/installer/pull/7425) * [OCPBUGS-15659](https://issues.redhat.com/browse/OCPBUGS-15659): IPI pre-check for MachineAPI capability [#7414](https://github.com/openshift/installer/pull/7414) * [OCPBUGS-17860](https://issues.redhat.com/browse/OCPBUGS-17860): OpenStack: Remove NodePorts range 0.0.0.0/0 rules [#7405](https://github.com/openshift/installer/pull/7405) * [OCPBUGS-17073](https://issues.redhat.com/browse/OCPBUGS-17073): Revert "Merge pull request #7205 from rna-afk/azure_managed_by_tag" [#7412](https://github.com/openshift/installer/pull/7412) * [OCPBUGS-17940](https://issues.redhat.com/browse/OCPBUGS-17940): Add COS endpoint to proxy server (Power VS) [#7430](https://github.com/openshift/installer/pull/7430) * [AGENT-692](https://issues.redhat.com/browse/AGENT-692), [OCPBUGS-3860](https://issues.redhat.com/browse/OCPBUGS-3860): Update assisted-service dependencies [#7439](https://github.com/openshift/installer/pull/7439) * [OCPBUGS-17227](https://issues.redhat.com/browse/OCPBUGS-17227): gcp: fix validation of custom instance types [#7388](https://github.com/openshift/installer/pull/7388) * [OCPBUGS-17869](https://issues.redhat.com/browse/OCPBUGS-17869): azure: put NAT gateway behind TechPreviewNoUpgrade [#7434](https://github.com/openshift/installer/pull/7434) * Destroy startironic.sh forever [#7250](https://github.com/openshift/installer/pull/7250) * [CORS-2660](https://issues.redhat.com/browse/CORS-2660): GCP: deprecate the licenses field [#7397](https://github.com/openshift/installer/pull/7397) * [CFE-858](https://issues.redhat.com/browse/CFE-858): Update google terraform provider to latest version [#7201](https://github.com/openshift/installer/pull/7201) * [MULTIARCH-3676](https://issues.redhat.com/browse/MULTIARCH-3676): PowerVS TG terraform changes [#7389](https://github.com/openshift/installer/pull/7389) * [CFE-686](https://issues.redhat.com/browse/CFE-686): Generate Infrastructure CR with the GCP user defined tags & labels [#7138](https://github.com/openshift/installer/pull/7138) * [CFE-687](https://issues.redhat.com/browse/CFE-687): Apply user defined labels on created gcp resources [#7153](https://github.com/openshift/installer/pull/7153) * [OCPBUGS-11999](https://issues.redhat.com/browse/OCPBUGS-11999): upkeep: updated description to remove techpreview [#7313](https://github.com/openshift/installer/pull/7313) * [CORS-2700](https://issues.redhat.com/browse/CORS-2700): Make bootstrap S3 bucket optional during bootstrap destroy [#7288](https://github.com/openshift/installer/pull/7288) * [CFE-688](https://issues.redhat.com/browse/CFE-688): Update install-config CRD to support gcp labels and tags [#7126](https://github.com/openshift/installer/pull/7126) * [OCPBUGS-16776](https://issues.redhat.com/browse/OCPBUGS-16776): update RHCOS 4.14 bootimage metadata to 414.92.202308032115-0 [#7409](https://github.com/openshift/installer/pull/7409) * Add baremetal capability validation [#7394](https://github.com/openshift/installer/pull/7394) * azure: validation: machinepool: sort slice before comparing [#7407](https://github.com/openshift/installer/pull/7407) * [OCPBUGS-13408](https://issues.redhat.com/browse/OCPBUGS-13408): Log message and add integration test [#7408](https://github.com/openshift/installer/pull/7408) * PowerVS: Update listCOSInstances to continue querying [#7404](https://github.com/openshift/installer/pull/7404) * maintenance: update openshift/api [#7401](https://github.com/openshift/installer/pull/7401) * [MGMT-13628](https://issues.redhat.com/browse/MGMT-13628): add support for confidential VMs on Azure [#7312](https://github.com/openshift/installer/pull/7312) * openstack: Test zero replicas in worker machine-pool [#7400](https://github.com/openshift/installer/pull/7400) * OpenStack: Fix user docs for additional network with IPv6 [#7395](https://github.com/openshift/installer/pull/7395) * gather: Use `journalctl -o with-unit` [#7371](https://github.com/openshift/installer/pull/7371) * [SPLAT-1123](https://issues.redhat.com/browse/SPLAT-1123): Revert Alibaba deprecation warning [#7396](https://github.com/openshift/installer/pull/7396) * [OCPBUGS-15994](https://issues.redhat.com/browse/OCPBUGS-15994): Update core password after loading config-image [#7338](https://github.com/openshift/installer/pull/7338) * OpenStack: Remove SGS created by CPO on destroy [#7378](https://github.com/openshift/installer/pull/7378) * data/data/coreos: bump FCOS to F38 stable [#7311](https://github.com/openshift/installer/pull/7311) * [OCPBUGS-16912](https://issues.redhat.com/browse/OCPBUGS-16912): Ensure DHCPv6 client sends Solicit with mac address [#7384](https://github.com/openshift/installer/pull/7384) * Bug OCPBUGS-16249: Add ip=dhcp,dhcp6 option to Kernel args [#7367](https://github.com/openshift/installer/pull/7367) * PowerVS: Check whether Machine pool CIDR is /24 [#6903](https://github.com/openshift/installer/pull/6903) * [OCPBUGS-16292](https://issues.redhat.com/browse/OCPBUGS-16292): GCP XPN: clarify service account support [#7347](https://github.com/openshift/installer/pull/7347) * [OCPBUGS-6759](https://issues.redhat.com/browse/OCPBUGS-6759): Fix discrepancy with disk size master [#7100](https://github.com/openshift/installer/pull/7100) * [OCPBUGS-16959](https://issues.redhat.com/browse/OCPBUGS-16959): openstack/upi: add missing modules namespaces + doc [#7373](https://github.com/openshift/installer/pull/7373) * [CORS-2719](https://issues.redhat.com/browse/CORS-2719): Remove service account user permission [#7291](https://github.com/openshift/installer/pull/7291) * [OCPBUGS-17064](https://issues.redhat.com/browse/OCPBUGS-17064): always create a MachineSet [#7380](https://github.com/openshift/installer/pull/7380) * OpenStack: Fix default for openstack_worker_server_group_names [#7359](https://github.com/openshift/installer/pull/7359) * [OCPBUGS-16692](https://issues.redhat.com/browse/OCPBUGS-16692): OpenStack: fix crash with empty platform in machinepool [#7363](https://github.com/openshift/installer/pull/7363) * [CORS-2445](https://issues.redhat.com/browse/CORS-2445): GCP add bootimage override in install-config [#7215](https://github.com/openshift/installer/pull/7215) * [CORS-2503](https://issues.redhat.com/browse/CORS-2503): azure: use marketplace images for all nodes [#6890](https://github.com/openshift/installer/pull/6890) * [MULTIARCH-3676](https://issues.redhat.com/browse/MULTIARCH-3676): PowerVS add transit gateway destroy [#7294](https://github.com/openshift/installer/pull/7294) * [CORS-1770](https://issues.redhat.com/browse/CORS-1770): Support pd-balanced disk types for GCP deployments [#7337](https://github.com/openshift/installer/pull/7337) * [OCPBUGS-15989](https://issues.redhat.com/browse/OCPBUGS-15989): vSphere - bump terraform provider [#7354](https://github.com/openshift/installer/pull/7354) * OWNERS_ALIASES: Add new user to owners_aliases [#7348](https://github.com/openshift/installer/pull/7348) * [OCPBUGS-16515](https://issues.redhat.com/browse/OCPBUGS-16515): gcp: use zones available for both instance and project [#7317](https://github.com/openshift/installer/pull/7317) * [OCPBUGS-15852](https://issues.redhat.com/browse/OCPBUGS-15852): Single node cannot be installed if etcd appears in the hostname [#7304](https://github.com/openshift/installer/pull/7304) * [OCPBUGS-14877](https://issues.redhat.com/browse/OCPBUGS-14877): Validate that number hosts does not exceed replicas [#7268](https://github.com/openshift/installer/pull/7268) * [CORS-2628](https://issues.redhat.com/browse/CORS-2628): Allow users to set ManagedBy tag to resource group [#7205](https://github.com/openshift/installer/pull/7205) * [OCPBUGS-16380](https://issues.redhat.com/browse/OCPBUGS-16380): Add /etc/containers volume on create-cluster-and-infraenv [#7332](https://github.com/openshift/installer/pull/7332) * [OCPBUGS-16207](https://issues.redhat.com/browse/OCPBUGS-16207): ic: aws: validate max security groups [#7345](https://github.com/openshift/installer/pull/7345) * OpenStack: Add steps to enable dual-stack clusters [#7269](https://github.com/openshift/installer/pull/7269) * Revert "Merge pull request #7096 from r4f4/gcp-instance-zones" [#7360](https://github.com/openshift/installer/pull/7360) * [SPLAT-657](https://issues.redhat.com/browse/SPLAT-657): AWS Local Zones subnets automation for edge compute pool [#7137](https://github.com/openshift/installer/pull/7137) * [OSASINFRA-3193](https://issues.redhat.com/browse/OSASINFRA-3193): Update openstack/Dockerfile.ci for ansible-core [#7346](https://github.com/openshift/installer/pull/7346) * Include start-cluster.env in agent-gather [#7350](https://github.com/openshift/installer/pull/7350) * Fix the deployment on OpenStack for worker pools with no replicas. [#7356](https://github.com/openshift/installer/pull/7356) * [OCPBUGS-16219](https://issues.redhat.com/browse/OCPBUGS-16219): Fix timing issue between network services [#7355](https://github.com/openshift/installer/pull/7355) * [OCPBUGS-16415](https://issues.redhat.com/browse/OCPBUGS-16415): Sync nmstateconfig script with assisted-service changes [#7353](https://github.com/openshift/installer/pull/7353) * Agent: Allow additional kernel args to be passed to ISO [#7306](https://github.com/openshift/installer/pull/7306) * Remove mentions of use-octavia [#7335](https://github.com/openshift/installer/pull/7335) * [OCPCLOUD-2036](https://issues.redhat.com/browse/OCPCLOUD-2036): introduce External platform type [#7217](https://github.com/openshift/installer/pull/7217) * [OCPBUGS-16395](https://issues.redhat.com/browse/OCPBUGS-16395): openstack/upi: update doc for CCPMSO [#7351](https://github.com/openshift/installer/pull/7351) * [OCPBUGS-16245](https://issues.redhat.com/browse/OCPBUGS-16245): Make nmstateconfig.yaml optional in config-drive [#7333](https://github.com/openshift/installer/pull/7333) * [OSASINFRA-3181](https://issues.redhat.com/browse/OSASINFRA-3181): Volume Types for OpenStack CPMS [#7300](https://github.com/openshift/installer/pull/7300) * [CORS-2445](https://issues.redhat.com/browse/CORS-2445): GCP: Add default values for arm64 [#7258](https://github.com/openshift/installer/pull/7258) * PowerVS: Replace deprecated key_id attribute with name for ibm_pi_key resource [#7256](https://github.com/openshift/installer/pull/7256) * PowerVS: Handle empty serviceInstanceID in metadata.json [#7328](https://github.com/openshift/installer/pull/7328) * OpenStack: Dual stack support with BYON [#6797](https://github.com/openshift/installer/pull/6797) * [MULTIARCH-3667](https://issues.redhat.com/browse/MULTIARCH-3667): Add support for CPMSO for Power VS [#7226](https://github.com/openshift/installer/pull/7226) * [OCPBUGS-15421](https://issues.redhat.com/browse/OCPBUGS-15421): Allow different service account for xpn installs in gcp [#7308](https://github.com/openshift/installer/pull/7308) * [OCPBUGS-15997](https://issues.redhat.com/browse/OCPBUGS-15997): openstack: add root volume AZ validation [#7309](https://github.com/openshift/installer/pull/7309) * aws: drop hostedZoneRole Feature Gate [#7327](https://github.com/openshift/installer/pull/7327) * Agent: clear service status once all services started [#7316](https://github.com/openshift/installer/pull/7316) * AGENT-660 Display insert config image message to console [#7299](https://github.com/openshift/installer/pull/7299) * PowerVS: Create new newAuthenticator function [#7321](https://github.com/openshift/installer/pull/7321) * [OCPBUGS-9404](https://issues.redhat.com/browse/OCPBUGS-9404): azure: skip LB creation when not needed [#7063](https://github.com/openshift/installer/pull/7063) * Revert "Merge pull request #7289 from r4f4/padillon-settle-ops" [#7318](https://github.com/openshift/installer/pull/7318) * Agent: Log kernel params when generating pxe assets [#7314](https://github.com/openshift/installer/pull/7314) * [OCPBUGS-15238](https://issues.redhat.com/browse/OCPBUGS-15238): GCP: ic: client: use a higher context timeout [#7290](https://github.com/openshift/installer/pull/7290) * [AGENT-648](https://issues.redhat.com/browse/AGENT-648): Remove validation check limiting None platform to SNO [#7236](https://github.com/openshift/installer/pull/7236) * Allow destroy for C2S isolated (us-iso and us-isob) partitions. [#7086](https://github.com/openshift/installer/pull/7086) * [OCPBUGS-15999](https://issues.redhat.com/browse/OCPBUGS-15999): update RHCOS 4.14 bootimage metadata to 414.92.202307070025-0 [#7310](https://github.com/openshift/installer/pull/7310) * [OCPBUGS-14900](https://issues.redhat.com/browse/OCPBUGS-14900): Use correct SELinux label. Make rename atomic. [#7307](https://github.com/openshift/installer/pull/7307) * create: add check for cluster operator stability [#7289](https://github.com/openshift/installer/pull/7289) * [SPLAT-827](https://issues.redhat.com/browse/SPLAT-827): support static IP assignments with vSphere IPI [#7179](https://github.com/openshift/installer/pull/7179) * [AGENT-562](https://issues.redhat.com/browse/AGENT-562): Load config from config image [#7200](https://github.com/openshift/installer/pull/7200) * [OCPBUGS-15825](https://issues.redhat.com/browse/OCPBUGS-15825): Fix agent gather tui logs [#7293](https://github.com/openshift/installer/pull/7293) * [OSASINFRA-3155](https://issues.redhat.com/browse/OSASINFRA-3155): OpenStack: Create ControlPlaneMachineSet CRDs [#7280](https://github.com/openshift/installer/pull/7280) * ic: gcp: validate instances against user-configured zones [#7096](https://github.com/openshift/installer/pull/7096) * [AGENT-678](https://issues.redhat.com/browse/AGENT-678): Fix concurrency issue in agent integration tests [#7303](https://github.com/openshift/installer/pull/7303) * [OCPBUGS-14762](https://issues.redhat.com/browse/OCPBUGS-14762): Use the same names for public LB in IPI and UPI Azure [#7292](https://github.com/openshift/installer/pull/7292) * [OCPBUGS-2324](https://issues.redhat.com/browse/OCPBUGS-2324): terraform: aws: bump version to 5.4.0 [#7274](https://github.com/openshift/installer/pull/7274) * tls/root: Document this more and change friendly name [#7232](https://github.com/openshift/installer/pull/7232) * [CORS-2572](https://issues.redhat.com/browse/CORS-2572): azure: implement egress via NAT gateway [#6933](https://github.com/openshift/installer/pull/6933) * docs: Add note about not configuring allowed address pairs for day 2 manila configuration [#7287](https://github.com/openshift/installer/pull/7287) * [OCPBUGS-14932](https://issues.redhat.com/browse/OCPBUGS-14932): specify azure cli version [#7297](https://github.com/openshift/installer/pull/7297) * [OCPBUGS-14932](https://issues.redhat.com/browse/OCPBUGS-14932): Update azure cli to 2.40.0+ [#7216](https://github.com/openshift/installer/pull/7216) * PowerVS Add support for Capped processors [#7286](https://github.com/openshift/installer/pull/7286) * [CORS-2645](https://issues.redhat.com/browse/CORS-2645): AWS Cross-Account Private Hosted Zone: Add Further Validations [#7253](https://github.com/openshift/installer/pull/7253) * [AGENT-624](https://issues.redhat.com/browse/AGENT-624): Allow override of networkType [#7223](https://github.com/openshift/installer/pull/7223) * Update hack/go-test.sh to golang 1.20 [#7270](https://github.com/openshift/installer/pull/7270) * [AGENT-627](https://issues.redhat.com/browse/AGENT-627): Decompress kernel on ARM [#7276](https://github.com/openshift/installer/pull/7276) * OWNERS_ALIASES: offboard ashcrow and bgilbert from CoreOS [#7275](https://github.com/openshift/installer/pull/7275) * AGENT-558 Generate unconfigured agent ignition [#7186](https://github.com/openshift/installer/pull/7186) * OWNERS: merge agent/installer [#7278](https://github.com/openshift/installer/pull/7278) * [OSASINFRA-3182](https://issues.redhat.com/browse/OSASINFRA-3182): openstack: remove portTargets [#7239](https://github.com/openshift/installer/pull/7239) * [AGENT-498](https://issues.redhat.com/browse/AGENT-498): Get iPXE script template kernel parameters from ISO [#7150](https://github.com/openshift/installer/pull/7150) * [OCPBUGS-15238](https://issues.redhat.com/browse/OCPBUGS-15238): GCP: ic: improve project validation [#7267](https://github.com/openshift/installer/pull/7267) * Default dataStore is returned the name instead the inventoryPath [#7261](https://github.com/openshift/installer/pull/7261) * Use the correct image name for agent-tui extraction [#7266](https://github.com/openshift/installer/pull/7266) * [OCPBUGS-13636](https://issues.redhat.com/browse/OCPBUGS-13636): new Aws secret regions support [#6184](https://github.com/openshift/installer/pull/6184) * [CORS-2372](https://issues.redhat.com/browse/CORS-2372): Azure: auth Installer with Managed Identity from VM [#7108](https://github.com/openshift/installer/pull/7108) * [OCPBUGS-11796](https://issues.redhat.com/browse/OCPBUGS-11796): azure: skip NSG creation when BYO vnet [#7094](https://github.com/openshift/installer/pull/7094) * [OCPBUGS-9435](https://issues.redhat.com/browse/OCPBUGS-9435): terraform: aws: secret regions now support ALIAS record [#7184](https://github.com/openshift/installer/pull/7184) * [SPLAT-1094](https://issues.redhat.com/browse/SPLAT-1094): warn users about deprecation of Alibaba Cloud [#7257](https://github.com/openshift/installer/pull/7257) * [OCPBUGS-14869](https://issues.redhat.com/browse/OCPBUGS-14869): Add timezone info in installer logs [#7243](https://github.com/openshift/installer/pull/7243) * [CORS-2656](https://issues.redhat.com/browse/CORS-2656): Remove context from cluster uninstaller struct [#7169](https://github.com/openshift/installer/pull/7169) * openstack: document external LB [#6920](https://github.com/openshift/installer/pull/6920) * bootkube: Drop cruft in MCO bootstrap [#7244](https://github.com/openshift/installer/pull/7244) * Update OWNERS_ALIASES [#7203](https://github.com/openshift/installer/pull/7203) * Agent: run shellcheck on start-cluster-installation.sh [#7062](https://github.com/openshift/installer/pull/7062) * [OSASINFRA-2168](https://issues.redhat.com/browse/OSASINFRA-2168): Docs: update OpenStack requirements [#7015](https://github.com/openshift/installer/pull/7015) * [OCPBUGS-15095](https://issues.redhat.com/browse/OCPBUGS-15095): Add kubevirt digest-ref in RHCOS boot images [#7254](https://github.com/openshift/installer/pull/7254) * [AGENT-563](https://issues.redhat.com/browse/AGENT-563): Create configuration image [#7157](https://github.com/openshift/installer/pull/7157) * [AGENT-510](https://issues.redhat.com/browse/AGENT-510): Support interactive network console when pxe booting [#7185](https://github.com/openshift/installer/pull/7185) * Allow CustomNoUpgrade features via install-config [#7246](https://github.com/openshift/installer/pull/7246) * [MULTIARCH-3664](https://issues.redhat.com/browse/MULTIARCH-3664): enable multipath for powervs [#7222](https://github.com/openshift/installer/pull/7222) * [OCPBUGS-13960](https://issues.redhat.com/browse/OCPBUGS-13960): update RHCOS 4.14 bootimage metadata to 414.92.202306141028-0 [#7247](https://github.com/openshift/installer/pull/7247) * [CFE-829](https://issues.redhat.com/browse/CFE-829): Remove Azure Tags TechPreview only indicators and checks [#7187](https://github.com/openshift/installer/pull/7187) * [CORS-2631](https://issues.redhat.com/browse/CORS-2631): Add additional security group ids in AWS [#7151](https://github.com/openshift/installer/pull/7151) * [AGENT-596](https://issues.redhat.com/browse/AGENT-596): use agent-installer-utils for agent-tui extraction [#7212](https://github.com/openshift/installer/pull/7212) * [AGENT-491](https://issues.redhat.com/browse/AGENT-491): Support pxe base url [#6723](https://github.com/openshift/installer/pull/6723) * [OCPBUGS-14917](https://issues.redhat.com/browse/OCPBUGS-14917): PowerVS: Cleanup service instances for destroy cluster [#7173](https://github.com/openshift/installer/pull/7173) * OpenStack: add support to multiple subnets in the bootstrap [#7111](https://github.com/openshift/installer/pull/7111) * Add ControlPlaneMachineSet for Nutanix [#7119](https://github.com/openshift/installer/pull/7119) * [OPNET-298](https://issues.redhat.com/browse/OPNET-298): Allow primary-v6 dual-stack on vSphere [#7124](https://github.com/openshift/installer/pull/7124) * [CORS-2613](https://issues.redhat.com/browse/CORS-2613): AWS: Cross-account Shared VPC Support [#7225](https://github.com/openshift/installer/pull/7225) * OpenStack: support user provided dual-stack api and ingress Port [#7133](https://github.com/openshift/installer/pull/7133) * OpenStack: configure IPv6 address in the bootstrap node [#7128](https://github.com/openshift/installer/pull/7128) * [SPLAT-995](https://issues.redhat.com/browse/SPLAT-995): vSphere Add new template field [#6995](https://github.com/openshift/installer/pull/6995) * [OCPBUGS-14757](https://issues.redhat.com/browse/OCPBUGS-14757): images: installer: add xz to the container [#7238](https://github.com/openshift/installer/pull/7238) * [OCPBUGS-14818](https://issues.redhat.com/browse/OCPBUGS-14818): disable oVirt provider [#7213](https://github.com/openshift/installer/pull/7213) * [AGENT-556](https://issues.redhat.com/browse/AGENT-556): Wait for rendezvous host configuration [#7068](https://github.com/openshift/installer/pull/7068) * [OCPBUGS-13955](https://issues.redhat.com/browse/OCPBUGS-13955): support OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE [#7211](https://github.com/openshift/installer/pull/7211) * [OCPBUGS-14121](https://issues.redhat.com/browse/OCPBUGS-14121): Convert Rendezvous IPv6 address to canonical format [#7234](https://github.com/openshift/installer/pull/7234) * [OCPBUGS-14416](https://issues.redhat.com/browse/OCPBUGS-14416): Shorten SNO installation duration by releasing CPC lease [#7219](https://github.com/openshift/installer/pull/7219) * [OCPBUGS-14565](https://issues.redhat.com/browse/OCPBUGS-14565): Replace with govc docker image and fix ibmcli folder permission issue [#7231](https://github.com/openshift/installer/pull/7231) * [OCPBUGS-13108](https://issues.redhat.com/browse/OCPBUGS-13108): Log additional host info at warning level [#7209](https://github.com/openshift/installer/pull/7209) * [OCPBUGS-13662](https://issues.redhat.com/browse/OCPBUGS-13662): Ignore CPUPartitioning for ABI [#7218](https://github.com/openshift/installer/pull/7218) * [OCPBUGS-11736](https://issues.redhat.com/browse/OCPBUGS-11736): gcp use preconfigured private zone for installation [#7155](https://github.com/openshift/installer/pull/7155) * Bump & vendor k8s 1.27 dependencies [#7220](https://github.com/openshift/installer/pull/7220) * [OCPBUGS-10342](https://issues.redhat.com/browse/OCPBUGS-10342): Check that number of replicas matches hosts [#7059](https://github.com/openshift/installer/pull/7059) * [OSASINFRA-3153](https://issues.redhat.com/browse/OSASINFRA-3153): move `loadBalancer` API to GA for OpenStack [#7127](https://github.com/openshift/installer/pull/7127) * [OCPBUGS-10306](https://issues.redhat.com/browse/OCPBUGS-10306): [vSphere] Upi installation failed due to VMs for master and worker node creation failed [#6999](https://github.com/openshift/installer/pull/6999) * [AGENT-567](https://issues.redhat.com/browse/AGENT-567): Re-enable 'create pxe-files' command [#7102](https://github.com/openshift/installer/pull/7102) * [AGENT-555](https://issues.redhat.com/browse/AGENT-555): Move Rendezvous Host config to separate file [#7061](https://github.com/openshift/installer/pull/7061) * [OCPBUGS-13764](https://issues.redhat.com/browse/OCPBUGS-13764): Support /dev/disk/by-path root device hints [#7192](https://github.com/openshift/installer/pull/7192) * [OCPBUGS-1769](https://issues.redhat.com/browse/OCPBUGS-1769): Ignore IAM Roles that the Installer is not authorized to access [#7180](https://github.com/openshift/installer/pull/7180) * [OCPBUGS-14077](https://issues.redhat.com/browse/OCPBUGS-14077): MULTIARCH-3492: Avoid conflicting subnets [#7145](https://github.com/openshift/installer/pull/7145) * [OCPBUGS-14076](https://issues.redhat.com/browse/OCPBUGS-14076): PowerVS: Remove ClusterOSImage [#6996](https://github.com/openshift/installer/pull/6996) * [OCPBUGS-13094](https://issues.redhat.com/browse/OCPBUGS-13094): Use oc command in bootkube.service in a disconnected env [#7178](https://github.com/openshift/installer/pull/7178) * [OCPBUGS-7410](https://issues.redhat.com/browse/OCPBUGS-7410): Reject active VPC connections before service destroy [#7101](https://github.com/openshift/installer/pull/7101) * [OCPBUGS-7699](https://issues.redhat.com/browse/OCPBUGS-7699): CVE: go-getter vulnerable to denial of service via malicious compressed archive [#6893](https://github.com/openshift/installer/pull/6893) * [OCPBUGS-13552](https://issues.redhat.com/browse/OCPBUGS-13552): vSphere Add ova sha query; additional debugging [#7171](https://github.com/openshift/installer/pull/7171) * [OCPBUGS-13718](https://issues.redhat.com/browse/OCPBUGS-13718): ic: azure: validate diskTypes in AzureStack [#7194](https://github.com/openshift/installer/pull/7194) * [OCPBUGS-9378](https://issues.redhat.com/browse/OCPBUGS-9378): vSphere set bootstrap/master efi [#7154](https://github.com/openshift/installer/pull/7154) * [OCPBUGS-13535](https://issues.redhat.com/browse/OCPBUGS-13535): Set AdditionalTrustBundle in override when mirroring not enabled [#7182](https://github.com/openshift/installer/pull/7182) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Ensure --payload-version is set for MCO on bootstrap [#7160](https://github.com/openshift/installer/pull/7160) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): remove special cases for featureset in rendering [#7189](https://github.com/openshift/installer/pull/7189) * [OCPBUGS-7978](https://issues.redhat.com/browse/OCPBUGS-7978): FCOS: bump to latest stable version [#6902](https://github.com/openshift/installer/pull/6902) * [OCPBUGS-13628](https://issues.redhat.com/browse/OCPBUGS-13628): Revert "remove special cases for featureset in rendering" [#7183](https://github.com/openshift/installer/pull/7183) * [OCPBUGS-13300](https://issues.redhat.com/browse/OCPBUGS-13300): masters on a single compute server group [#7172](https://github.com/openshift/installer/pull/7172) * [OCPBUGS-3542](https://issues.redhat.com/browse/OCPBUGS-3542): Add bootstrapExternalStaticDNS [#6585](https://github.com/openshift/installer/pull/6585) * remove special cases for featureset in rendering [#7158](https://github.com/openshift/installer/pull/7158) * [OCPBUGS-13253](https://issues.redhat.com/browse/OCPBUGS-13253): update RHCOS 4.14 bootimage metadata to 414.92.202305090606-0 [#7176](https://github.com/openshift/installer/pull/7176) * pass payload version and manifests to kas and kcm [#7152](https://github.com/openshift/installer/pull/7152) * [OCPBUGS-9081](https://issues.redhat.com/browse/OCPBUGS-9081): openstack destroy: account for BULK DELETE limits on object-storage [#7168](https://github.com/openshift/installer/pull/7168) * [OCPBUGS-7699](https://issues.redhat.com/browse/OCPBUGS-7699): terraform: google: bump provider for go-getter CVE fix [#7051](https://github.com/openshift/installer/pull/7051) * [OCPBUGS-13107](https://issues.redhat.com/browse/OCPBUGS-13107): openstack destroy: Limit Swift workers to 3 [#7165](https://github.com/openshift/installer/pull/7165) * Updating ose-installer-artifacts images to be consistent with ART [#7122](https://github.com/openshift/installer/pull/7122) * [OCPBUGS-11921](https://issues.redhat.com/browse/OCPBUGS-11921): GCP XPN: Pass instance service acct in manual mode [#7117](https://github.com/openshift/installer/pull/7117) * [OCPBUGS-12964](https://issues.redhat.com/browse/OCPBUGS-12964): Bootstrap on aws should have same metadata service type as on other nodes [#7149](https://github.com/openshift/installer/pull/7149) * [OCPBUGS-11792](https://issues.redhat.com/browse/OCPBUGS-11792): update RHCOS 4.14 bootimage metadata to 414.92.202304252144-0 [#7135](https://github.com/openshift/installer/pull/7135) * pass featuregate args to config-operator to get rendered featuregates [#6990](https://github.com/openshift/installer/pull/6990) * [OCPBUGS-12904](https://issues.redhat.com/browse/OCPBUGS-12904): openstack: Add netcat to the Installer image [#7142](https://github.com/openshift/installer/pull/7142) * [OCPBUGS-12776](https://issues.redhat.com/browse/OCPBUGS-12776): GCP XPN Private Cluster Fails with no Public Zone [#7134](https://github.com/openshift/installer/pull/7134) * [OCPBUGS-12869](https://issues.redhat.com/browse/OCPBUGS-12869): fix nmstate related unit tests [#7089](https://github.com/openshift/installer/pull/7089) * Updating ose-baremetal-installer images to be consistent with ART [#7121](https://github.com/openshift/installer/pull/7121) * Updating ose-installer images to be consistent with ART [#7120](https://github.com/openshift/installer/pull/7120) * [OCPBUGS-12748](https://issues.redhat.com/browse/OCPBUGS-12748): use python3 for cloud sdk [#7118](https://github.com/openshift/installer/pull/7118) * [OCPBUGS-12196](https://issues.redhat.com/browse/OCPBUGS-12196): bump CVO to stable-4.14 [#7114](https://github.com/openshift/installer/pull/7114) * [OCPBUGS-11999](https://issues.redhat.com/browse/OCPBUGS-11999): fix: remove feature flag for cpu partitioning no longer needed [#7110](https://github.com/openshift/installer/pull/7110) * [OCPBUGS-11801](https://issues.redhat.com/browse/OCPBUGS-11801): Fix agent-tui libnmstate dependency name [#7095](https://github.com/openshift/installer/pull/7095) * OpenStack: enable ingress traffic for dual-stack installations [#7099](https://github.com/openshift/installer/pull/7099) * [OCPBUGS-10767](https://issues.redhat.com/browse/OCPBUGS-10767): Fix and improve locking session and AWS Metadata access [#7070](https://github.com/openshift/installer/pull/7070) * OWNERS_ALIASES: offboard Sohan from CoreOS [#7103](https://github.com/openshift/installer/pull/7103) * [OCPBUGS-9081](https://issues.redhat.com/browse/OCPBUGS-9081): openstack: Bump Gophercloud [#7098](https://github.com/openshift/installer/pull/7098) * [OCPBUGS-11100](https://issues.redhat.com/browse/OCPBUGS-11100), [OCPBUGS-11102](https://issues.redhat.com/browse/OCPBUGS-11102), [OCPBUGS-11418](https://issues.redhat.com/browse/OCPBUGS-11418): CVE: bump hashicorp/vault version [#7091](https://github.com/openshift/installer/pull/7091) * [OCPBUGS-11788](https://issues.redhat.com/browse/OCPBUGS-11788): update RHCOS 4.14 bootimage metadata to 414.92.202304131328-0 [#7092](https://github.com/openshift/installer/pull/7092) * [OCPBUGS-8449](https://issues.redhat.com/browse/OCPBUGS-8449): Azure: don't set default subscriptionID for disk encryption sets [#7076](https://github.com/openshift/installer/pull/7076) * pkg: rhcos: use Errorf instead of Error [#7074](https://github.com/openshift/installer/pull/7074) * [OCPBUGS-4998](https://issues.redhat.com/browse/OCPBUGS-4998): Log additional info when status is pending-user-action [#7060](https://github.com/openshift/installer/pull/7060) * [OCPBUGS-10673](https://issues.redhat.com/browse/OCPBUGS-10673): [Alibaba] update the bandwidth value of EIP [#7011](https://github.com/openshift/installer/pull/7011) * [OCPBUGS-11636](https://issues.redhat.com/browse/OCPBUGS-11636): AWS - Remove ACLs from s3 ign [#7081](https://github.com/openshift/installer/pull/7081) * [OCPBUGS-11479](https://issues.redhat.com/browse/OCPBUGS-11479): Upgrade libnmstate version used [#7075](https://github.com/openshift/installer/pull/7075) * [OCPBUGS-10478](https://issues.redhat.com/browse/OCPBUGS-10478): gather: azure: fix collecting VM serial logs [#6992](https://github.com/openshift/installer/pull/6992) * Add imageDigestSources, deprecate imageContentSources [#6235](https://github.com/openshift/installer/pull/6235) * PowerVS: fix human readable group-id [#7073](https://github.com/openshift/installer/pull/7073) * docs: gcp: upi: update obtaining RHCOS source image [#7072](https://github.com/openshift/installer/pull/7072) * gcp: add confidential compute support for boostrap TF [#7002](https://github.com/openshift/installer/pull/7002) * [AGENT-275](https://issues.redhat.com/browse/AGENT-275): Add new agent graph command to output agent internal dependency graph [#7066](https://github.com/openshift/installer/pull/7066) * [OCPBUGS-7954](https://issues.redhat.com/browse/OCPBUGS-7954): openstack: Only check HTTPS certs on public endpoints [#7057](https://github.com/openshift/installer/pull/7057) * [MULTIARCH-2517](https://issues.redhat.com/browse/MULTIARCH-2517): PowerVS: create install-config improvements [#6885](https://github.com/openshift/installer/pull/6885) * [OCPBUGS-10845](https://issues.redhat.com/browse/OCPBUGS-10845): Use 100 GB as minimum disk size in validations [#7025](https://github.com/openshift/installer/pull/7025) * openstack: Bump CI base image to v4.14 [#7052](https://github.com/openshift/installer/pull/7052) * terraform: don't run zip if building provider binary failed [#7047](https://github.com/openshift/installer/pull/7047) * [OCPBUGS-8449](https://issues.redhat.com/browse/OCPBUGS-8449): pkg/asset/installconfig: set subscriptionID [#6975](https://github.com/openshift/installer/pull/6975) * [OCPBUGS-11039](https://issues.redhat.com/browse/OCPBUGS-11039): remove container-runtime flag from kubelet config [#7036](https://github.com/openshift/installer/pull/7036) * rhcos: Bump to 414.92.202303281555-0 [#7038](https://github.com/openshift/installer/pull/7038) * update tested instance type on 4.13 [#7042](https://github.com/openshift/installer/pull/7042) * [OCPBUGS-11038](https://issues.redhat.com/browse/OCPBUGS-11038): GCP: add europe-west12 region to the survey as supported region [#7033](https://github.com/openshift/installer/pull/7033) * [OCPBUGS-7966](https://issues.redhat.com/browse/OCPBUGS-7966): Do not remove host default configuration unless network configuration is provided for it [#6991](https://github.com/openshift/installer/pull/6991) * [OCPBUGS-2130](https://issues.redhat.com/browse/OCPBUGS-2130): vSphere - finding networks use full path cluster [#6973](https://github.com/openshift/installer/pull/6973) * [OCPBUGS-7699](https://issues.redhat.com/browse/OCPBUGS-7699): bump terraform for go-getter CVE fix [#6892](https://github.com/openshift/installer/pull/6892) * [OCPBUGS-8349](https://issues.redhat.com/browse/OCPBUGS-8349): Kubelet Client Cert should include system:serviceaccounts group [#7032](https://github.com/openshift/installer/pull/7032) * OCPBUGS-10728 add project filter to gcp usage api requests [#7018](https://github.com/openshift/installer/pull/7018) * [OCPBUGS-10638](https://issues.redhat.com/browse/OCPBUGS-10638): Properly handle invalid agent command [#7005](https://github.com/openshift/installer/pull/7005) * [OCPGUS-2363](https://issues.redhat.com/browse/OCPGUS-2363): IBMCloud: Use direct COS endpoint [#6952](https://github.com/openshift/installer/pull/6952) * [OCPBUGS-9081](https://issues.redhat.com/browse/OCPBUGS-9081): openstack/destroy: BulkDelete more objects at once [#7017](https://github.com/openshift/installer/pull/7017) * [OCPBUGS-8035](https://issues.redhat.com/browse/OCPBUGS-8035): IBMCloud: Fix SSH Private bootstrap [#6944](https://github.com/openshift/installer/pull/6944) * [OCPBUGS-7973](https://issues.redhat.com/browse/OCPBUGS-7973): IBMCloud set dnsrecords offset [#6924](https://github.com/openshift/installer/pull/6924) * [OCPBUGS-8509](https://issues.redhat.com/browse/OCPBUGS-8509): baremetal: do not use port 80 for httpd [#6945](https://github.com/openshift/installer/pull/6945) * [OCPBUGS-9982](https://issues.redhat.com/browse/OCPBUGS-9982): bootstrap-pivot: skip pivot in SCOS Live ISO [#6965](https://github.com/openshift/installer/pull/6965) * PowerVS: Add capacity checks before installation [#6850](https://github.com/openshift/installer/pull/6850) * [OCPBUGS-8237](https://issues.redhat.com/browse/OCPBUGS-8237): update terraform-provider-ironic to 0.4.0 [#6956](https://github.com/openshift/installer/pull/6956) * [OCPBUGS-6727](https://issues.redhat.com/browse/OCPBUGS-6727): Nutanix Hostname of the VM is not set when using DHCP network config [#6981](https://github.com/openshift/installer/pull/6981) * [AGENT-502](https://issues.redhat.com/browse/AGENT-502): add agent-tui it test [#6978](https://github.com/openshift/installer/pull/6978) * openstack: Remove version info, update lb FIP -> API FIP [#7001](https://github.com/openshift/installer/pull/7001) * [OCPBUGS-10570](https://issues.redhat.com/browse/OCPBUGS-10570): openstack: No master primarySubnet control-plane if portTarget is set [#6994](https://github.com/openshift/installer/pull/6994) * [OSDOCS-5240](https://issues.redhat.com/browse/OSDOCS-5240): doc/fix-aws-localzones: replace jq to aws --query [#6993](https://github.com/openshift/installer/pull/6993) * [OCPBUGS-10207](https://issues.redhat.com/browse/OCPBUGS-10207): Do not always output warning msg when releaseImage is digest [#6971](https://github.com/openshift/installer/pull/6971) * [OCPBUGS-7015](https://issues.redhat.com/browse/OCPBUGS-7015): vsphere, nutanix survey: relax vip in machine cidr [#6967](https://github.com/openshift/installer/pull/6967) * [OCPBUGS-9949](https://issues.redhat.com/browse/OCPBUGS-9949): Verify output file exists when `oc image extract` is run [#6960](https://github.com/openshift/installer/pull/6960) * [OCPBUGS-7954](https://issues.redhat.com/browse/OCPBUGS-7954): openstack: Provide manual instructions for invalid certificates [#6998](https://github.com/openshift/installer/pull/6998) * [OCPBUGS-10313](https://issues.redhat.com/browse/OCPBUGS-10313): fix agent tui showing up multiple times [#6977](https://github.com/openshift/installer/pull/6977) * Bump mongo-driver from 1.10 to 1.11.2 [#6987](https://github.com/openshift/installer/pull/6987) * [OCPBUGS-8540](https://issues.redhat.com/browse/OCPBUGS-8540): CVE: bump mongo-go-driver for fix [#6950](https://github.com/openshift/installer/pull/6950) * [OCPBUGS-10394](https://issues.redhat.com/browse/OCPBUGS-10394): Sort userTags in Machine and Machineset manifests [#6976](https://github.com/openshift/installer/pull/6976) * Shorten SNO installation duration by releasing CVO lease [#6757](https://github.com/openshift/installer/pull/6757) * [OCPBUGS-2968](https://issues.redhat.com/browse/OCPBUGS-2968): bootstrap: Do not needlessly podman pull [#6536](https://github.com/openshift/installer/pull/6536) * terraform: google: bump stringset dependency [#6951](https://github.com/openshift/installer/pull/6951) * openstack-manifests: Export JUnit results [#6966](https://github.com/openshift/installer/pull/6966) * Updating ose-installer-artifacts images to be consistent with ART [#6968](https://github.com/openshift/installer/pull/6968) * quota: gcp: replace deprecated monitoring package and fix linting issues [#6896](https://github.com/openshift/installer/pull/6896) * [OCPBUGS-8119](https://issues.redhat.com/browse/OCPBUGS-8119): CVE-2023-25173: bump containerd [#6949](https://github.com/openshift/installer/pull/6949) * [OCPBUGS-8468](https://issues.redhat.com/browse/OCPBUGS-8468): aws: bump aws-sdk-go version [#6943](https://github.com/openshift/installer/pull/6943) * data: libvirt: increase volume size to 32GB [#6963](https://github.com/openshift/installer/pull/6963) * Updating ose-baremetal-installer images to be consistent with ART [#6954](https://github.com/openshift/installer/pull/6954) * Updating ose-installer images to be consistent with ART [#6953](https://github.com/openshift/installer/pull/6953) * refactor: replace `github.com/ghodss/yaml` with `sigs.k8s.io/yaml` [#6935](https://github.com/openshift/installer/pull/6935) * OpenStack: support multiple API and ingress VIPs [#6940](https://github.com/openshift/installer/pull/6940) * update RHCOS 4.13 bootimage metadata [#6886](https://github.com/openshift/installer/pull/6886) * [OCPBUGS-8094](https://issues.redhat.com/browse/OCPBUGS-8094): In agent 'wait-for bootstrap' command, test ssh to Node0 [#6919](https://github.com/openshift/installer/pull/6919) * openstack-manifest: Show assets dir if persisted [#6929](https://github.com/openshift/installer/pull/6929) * [OCPBUGS-7262](https://issues.redhat.com/browse/OCPBUGS-7262): Disable systemd status while TUI showing [#6925](https://github.com/openshift/installer/pull/6925) * OpenStack Failure domains [#6917](https://github.com/openshift/installer/pull/6917) * [OCPBUGS-8203](https://issues.redhat.com/browse/OCPBUGS-8203): Don't log password values [#6922](https://github.com/openshift/installer/pull/6922) * [OCPBUGS-5129](https://issues.redhat.com/browse/OCPBUGS-5129): Pass Capabilites from install-config to cluster [#6923](https://github.com/openshift/installer/pull/6923) * [OCPBUGS-8305](https://issues.redhat.com/browse/OCPBUGS-8305): Power VS: Add resourceGroup to infrastructure manifest [#6928](https://github.com/openshift/installer/pull/6928) * [AGENT-356](https://issues.redhat.com/browse/AGENT-356): Disable 'create pxe-files' command [#6927](https://github.com/openshift/installer/pull/6927) * [OCPBUGS-8258](https://issues.redhat.com/browse/OCPBUGS-8258): Specify filename for default registries.conf [#6926](https://github.com/openshift/installer/pull/6926) * openstack: consistent TechPreview-only feature validation [#6916](https://github.com/openshift/installer/pull/6916) * [RFE-2782](https://issues.redhat.com/browse/RFE-2782): Create edge compute pool to support AWS Local Zones [#6371](https://github.com/openshift/installer/pull/6371) * And 2 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/installer/compare/f9f4b9c0624d32db9fe77f8573ed4ea53c6ed169...bf1b6c1c1bc1b825a54af62e0f8e587be984b89b) ### [baremetal-machine-controllers](https://github.com/openshift/cluster-api-provider-baremetal/tree/c7b46efd3d6ab77c094fa6ede36499fb7be5858f) * [OCPBUGS-46643](https://issues.redhat.com/browse/OCPBUGS-46643): Bump x/net to 0.33.0 [#228](https://github.com/openshift/cluster-api-provider-baremetal/pull/228) * [OCPBUGS-31435](https://issues.redhat.com/browse/OCPBUGS-31435): Bump golang-protobuf version [#215](https://github.com/openshift/cluster-api-provider-baremetal/pull/215) * [OCPBUGS-29177](https://issues.redhat.com/browse/OCPBUGS-29177): Extend metal3remediation aggregation role [#211](https://github.com/openshift/cluster-api-provider-baremetal/pull/211) * [OCPBUGS-21702](https://issues.redhat.com/browse/OCPBUGS-21702): Uplift x/net to v0.17.0 [#198](https://github.com/openshift/cluster-api-provider-baremetal/pull/198) * [OCPBUGS-17255](https://issues.redhat.com/browse/OCPBUGS-17255): Use go 1.20 and uplift x/net to v0.13.0 [#195](https://github.com/openshift/cluster-api-provider-baremetal/pull/195) * [OCPBUGS-15992](https://issues.redhat.com/browse/OCPBUGS-15992): Fix Metal3Remediation CRD install order [#193](https://github.com/openshift/cluster-api-provider-baremetal/pull/193) * Updating baremetal-machine-controller images to be consistent with ART [#190](https://github.com/openshift/cluster-api-provider-baremetal/pull/190) * [OCPBUGS-12483](https://issues.redhat.com/browse/OCPBUGS-12483): Use go 1.19 and uplift x/net to 0.7.0 [#191](https://github.com/openshift/cluster-api-provider-baremetal/pull/191) * Updating baremetal-machine-controller images to be consistent with ART [#187](https://github.com/openshift/cluster-api-provider-baremetal/pull/187) * [Full changelog](https://github.com/openshift/cluster-api-provider-baremetal/compare/a2c6ca64501e5a4b251ab7873adb2bbe31b1320d...c7b46efd3d6ab77c094fa6ede36499fb7be5858f) ### [baremetal-operator](https://github.com/openshift/baremetal-operator/tree/483d019146b8495b9299c08c57461747e727f3f7) * [OCPBUGS-53337](https://issues.redhat.com/browse/OCPBUGS-53337): BMO can expose any secret via BMCEventSubscription CRD [#409](https://github.com/openshift/baremetal-operator/pull/409) * [OCPBUGS-38940](https://issues.redhat.com/browse/OCPBUGS-38940): [OCP] Ability to disable agent power off after deployment [#374](https://github.com/openshift/baremetal-operator/pull/374) * [OCPBUGS-34814](https://issues.redhat.com/browse/OCPBUGS-34814): PreprovisioningImage should not be created on poweroff [#359](https://github.com/openshift/baremetal-operator/pull/359) * [OCPBUGS-23324](https://issues.redhat.com/browse/OCPBUGS-23324): Backport node poweroff fixes [#318](https://github.com/openshift/baremetal-operator/pull/318) * [OCPBUGS-24409](https://issues.redhat.com/browse/OCPBUGS-24409): Don't munge timestamp in structured logs, again [#324](https://github.com/openshift/baremetal-operator/pull/324) * [OCPBUGS-24489](https://issues.redhat.com/browse/OCPBUGS-24489): Do not update instance_info and deploy_interface for active nodes [#325](https://github.com/openshift/baremetal-operator/pull/325) * [OCPBUGS-21190](https://issues.redhat.com/browse/OCPBUGS-21190): Uplift x/net to v0.17.0 [#307](https://github.com/openshift/baremetal-operator/pull/307) * [OCPBUGS-20315](https://issues.redhat.com/browse/OCPBUGS-20315): Add an explicit Architecture field [#304](https://github.com/openshift/baremetal-operator/pull/304) * Stop linting when building the image [#285](https://github.com/openshift/baremetal-operator/pull/285) * [OCPBUGS-17363](https://issues.redhat.com/browse/OCPBUGS-17363): Trigger reconcile on Secret change [#296](https://github.com/openshift/baremetal-operator/pull/296) * [OCPBUGS-17038](https://issues.redhat.com/browse/OCPBUGS-17038): Merge upstream [#293](https://github.com/openshift/baremetal-operator/pull/293) * Merge upstream [#288](https://github.com/openshift/baremetal-operator/pull/288) * Merge upstream [#286](https://github.com/openshift/baremetal-operator/pull/286) * Upstream Rebase [#284](https://github.com/openshift/baremetal-operator/pull/284) * [OCPBUGS-7581](https://issues.redhat.com/browse/OCPBUGS-7581): Merge upstream [#280](https://github.com/openshift/baremetal-operator/pull/280) * [OCPBUGS-13080](https://issues.redhat.com/browse/OCPBUGS-13080), [OCPBUGS-13124](https://issues.redhat.com/browse/OCPBUGS-13124): Merge upstream [#276](https://github.com/openshift/baremetal-operator/pull/276) * [OCPBUGS-12362](https://issues.redhat.com/browse/OCPBUGS-12362): Merge upstream [#274](https://github.com/openshift/baremetal-operator/pull/274) * [OCPBUGS-5833](https://issues.redhat.com/browse/OCPBUGS-5833): Merge upstream [#270](https://github.com/openshift/baremetal-operator/pull/270) * Updating ose-baremetal-operator images to be consistent with ART [#271](https://github.com/openshift/baremetal-operator/pull/271) * [OCPBUGS-11310](https://issues.redhat.com/browse/OCPBUGS-11310): Revert live-iso validation [#266](https://github.com/openshift/baremetal-operator/pull/266) * [OCPBUGS-11036](https://issues.redhat.com/browse/OCPBUGS-11036): Merge upstream [#264](https://github.com/openshift/baremetal-operator/pull/264) * Merge upstream [#260](https://github.com/openshift/baremetal-operator/pull/260) * [OCPBUGS-1147](https://issues.redhat.com/browse/OCPBUGS-1147): Merge upstream [#259](https://github.com/openshift/baremetal-operator/pull/259) * Updating ose-baremetal-operator images to be consistent with ART [#257](https://github.com/openshift/baremetal-operator/pull/257) * [Full changelog](https://github.com/openshift/baremetal-operator/compare/3f56e498ce77b472070c804fca0522eb234ed99f...483d019146b8495b9299c08c57461747e727f3f7) ### [baremetal-runtimecfg](https://github.com/openshift/baremetal-runtimecfg/tree/0ba9e555eeb173d42e5adf6f65e982e17acfdb9d) * [OCPBUGS-37502](https://issues.redhat.com/browse/OCPBUGS-37502): Fix handling of ELB Node IP detection [#324](https://github.com/openshift/baremetal-runtimecfg/pull/324) * [OCPBUGS-35846](https://issues.redhat.com/browse/OCPBUGS-35846): Add support for OVN HostCidrs annotation [#321](https://github.com/openshift/baremetal-runtimecfg/pull/321) * [OCPBUGS-32524](https://issues.redhat.com/browse/OCPBUGS-32524): Decrease log level when detecting node IP [#306](https://github.com/openshift/baremetal-runtimecfg/pull/306) * [OCPBUGS-26928](https://issues.redhat.com/browse/OCPBUGS-26928): Add .snyk file to ignore vendor and test files [#294](https://github.com/openshift/baremetal-runtimecfg/pull/294) * [OCPBUGS-23474](https://issues.redhat.com/browse/OCPBUGS-23474): Use shorter IP label for keepalived VIP [#288](https://github.com/openshift/baremetal-runtimecfg/pull/288) * [OCPBUGS-22206](https://issues.redhat.com/browse/OCPBUGS-22206): deps: upgrade x/sys [#281](https://github.com/openshift/baremetal-runtimecfg/pull/281) * [OCPBUGS-20080](https://issues.redhat.com/browse/OCPBUGS-20080): Increase timeout for bootstrap kubeapi [#277](https://github.com/openshift/baremetal-runtimecfg/pull/277) * [OCPBUGS-18257](https://issues.redhat.com/browse/OCPBUGS-18257): Move haproxy firewall rule check earlier in loop [#270](https://github.com/openshift/baremetal-runtimecfg/pull/270) * [OCPBUGS-15947](https://issues.redhat.com/browse/OCPBUGS-15947): Don't render config with incomplete unicast peer list [#266](https://github.com/openshift/baremetal-runtimecfg/pull/266) * Remove old scripts [#251](https://github.com/openshift/baremetal-runtimecfg/pull/251) * [OCPBUGS-14403](https://issues.redhat.com/browse/OCPBUGS-14403): Use machine-config state instead of comparing roles [#257](https://github.com/openshift/baremetal-runtimecfg/pull/257) * [OCPBUGS-14936](https://issues.redhat.com/browse/OCPBUGS-14936): node: remove duplicate [#260](https://github.com/openshift/baremetal-runtimecfg/pull/260) * [OCPBUGS-12739](https://issues.redhat.com/browse/OCPBUGS-12739): Fix bug with IP conversion using net.IP [#258](https://github.com/openshift/baremetal-runtimecfg/pull/258) * [OCPBUGS-12739](https://issues.redhat.com/browse/OCPBUGS-12739): Use NonVirtualIP as a hint for selecting Peers [#256](https://github.com/openshift/baremetal-runtimecfg/pull/256) * [OCPBUGS-12739](https://issues.redhat.com/browse/OCPBUGS-12739): Use lazy match when getting IP from OVN [#254](https://github.com/openshift/baremetal-runtimecfg/pull/254) * [OCPBUGS-12739](https://issues.redhat.com/browse/OCPBUGS-12739): Dump whole Node object when failing to get node IP [#253](https://github.com/openshift/baremetal-runtimecfg/pull/253) * [OCPBUGS-12739](https://issues.redhat.com/browse/OCPBUGS-12739): Print error message when node annotation doesn't parse [#252](https://github.com/openshift/baremetal-runtimecfg/pull/252) * [OCPBUGS-11691](https://issues.redhat.com/browse/OCPBUGS-11691): Verify kubelet version in upgrade check [#247](https://github.com/openshift/baremetal-runtimecfg/pull/247) * [OCPBUGS-12564](https://issues.redhat.com/browse/OCPBUGS-12564): Update x/net and parent dependencies [#245](https://github.com/openshift/baremetal-runtimecfg/pull/245) * [OCPBUGS-4370](https://issues.redhat.com/browse/OCPBUGS-4370): Add label to VIP via keepalived [#236](https://github.com/openshift/baremetal-runtimecfg/pull/236) * [OCPBUGS-12739](https://issues.redhat.com/browse/OCPBUGS-12739): In keepalived config print structs instead of pointers [#241](https://github.com/openshift/baremetal-runtimecfg/pull/241) * [OCPBUGS-12729](https://issues.redhat.com/browse/OCPBUGS-12729): Make nested dual stack VIP configs respect EnableUnicast [#237](https://github.com/openshift/baremetal-runtimecfg/pull/237) * Updating baremetal-runtimecfg images to be consistent with ART [#234](https://github.com/openshift/baremetal-runtimecfg/pull/234) * [OCPBUGS-10695](https://issues.redhat.com/browse/OCPBUGS-10695): Use subnet mask to detect IP stack [#227](https://github.com/openshift/baremetal-runtimecfg/pull/227) * [OCPBUGS-5816](https://issues.redhat.com/browse/OCPBUGS-5816): Fixup isUpgradeStillRunning logic [#230](https://github.com/openshift/baremetal-runtimecfg/pull/230) * node.go: remove no required check [#228](https://github.com/openshift/baremetal-runtimecfg/pull/228) * Updating baremetal-runtimecfg images to be consistent with ART [#225](https://github.com/openshift/baremetal-runtimecfg/pull/225) * [Full changelog](https://github.com/openshift/baremetal-runtimecfg/compare/1280cf541c220af73b9886379dad2dfa4921f73b...0ba9e555eeb173d42e5adf6f65e982e17acfdb9d) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/44b3ac26e654777e0283759d45a2b3351823fc5e) * [OCPBUGS-35475](https://issues.redhat.com/browse/OCPBUGS-35475): Remove some of newapp unit tests relying on external deprecated images [#1802](https://github.com/openshift/oc/pull/1802) * [OCPBUGS-35447](https://issues.redhat.com/browse/OCPBUGS-35447): bump go-git to 5.11.0 [#1799](https://github.com/openshift/oc/pull/1799) * [OCPBUGS-30287](https://issues.redhat.com/browse/OCPBUGS-30287): oc adm catalog mirror: use ToSlash and FromSlash to unify the path separators [#1699](https://github.com/openshift/oc/pull/1699) * [OCPBUGS-25983](https://issues.redhat.com/browse/OCPBUGS-25983): Remove deprecated password defaulting in default config flag [#1646](https://github.com/openshift/oc/pull/1646) * [OCPBUGS-24197](https://issues.redhat.com/browse/OCPBUGS-24197): Add client version in must-gather summary [#1607](https://github.com/openshift/oc/pull/1607) * [OCPBUGS-24460](https://issues.redhat.com/browse/OCPBUGS-24460): Overwrite template's namespace with the explicit one [#1616](https://github.com/openshift/oc/pull/1616) * [OCPBUGS-22702](https://issues.redhat.com/browse/OCPBUGS-22702): Reflect container's exit code for long running tasks not attached to terminal [#1592](https://github.com/openshift/oc/pull/1592) * [OCPBUGS-20508](https://issues.redhat.com/browse/OCPBUGS-20508): regeneratemco: explicitly check for PlatformStatus field [#1573](https://github.com/openshift/oc/pull/1573) * [OCPBUGS-20527](https://issues.redhat.com/browse/OCPBUGS-20527): Set ImportPolicy to PreserveOriginal to honor --keep-manifest-list when mirroring a payload to an image stream [#1574](https://github.com/openshift/oc/pull/1574) * [OCPBUGS-21611](https://issues.redhat.com/browse/OCPBUGS-21611): Bump golang.org/x/net to v0.17.0 [#1579](https://github.com/openshift/oc/pull/1579) * [OCPBUGS-20258](https://issues.redhat.com/browse/OCPBUGS-20258): Updating excluded list of unsupported oc adm commands in MicroShift [#1561](https://github.com/openshift/oc/pull/1561) * [OCPBUGS-20269](https://issues.redhat.com/browse/OCPBUGS-20269): Use quay redis image instead docker mysql [#1562](https://github.com/openshift/oc/pull/1562) * [OCPBUGS-17925](https://issues.redhat.com/browse/OCPBUGS-17925): pkg/cli/admin/prune/images: omit not found error for deployment configs [#1530](https://github.com/openshift/oc/pull/1530) * [OCPBUGS-17253](https://issues.redhat.com/browse/OCPBUGS-17253): Bump go x/net library to 0.13.0 [#1529](https://github.com/openshift/oc/pull/1529) * [OTA-559](https://issues.redhat.com/browse/OTA-559): Revert "Revert "pkg/cli/admin/release/extract: Add --included and --install-config"" [#1528](https://github.com/openshift/oc/pull/1528) * [OCPBUGS-17711](https://issues.redhat.com/browse/OCPBUGS-17711): Revert "pkg/cli/admin/release/extract: Add --included and --install-config" [#1527](https://github.com/openshift/oc/pull/1527) * Update openshift/api [#1525](https://github.com/openshift/oc/pull/1525) * [OTA-559](https://issues.redhat.com/browse/OTA-559): pkg/cli/admin/release/extract: Add --included and --install-config [#1521](https://github.com/openshift/oc/pull/1521) * Stop using deprecated github.com/docker/docker go APIs [#1514](https://github.com/openshift/oc/pull/1514) * [OCPBUGS-16735](https://issues.redhat.com/browse/OCPBUGS-16735): Truncate existing files when writing from inspect [#1520](https://github.com/openshift/oc/pull/1520) * introduce plugin and plugin shadowing tests for oc [#1424](https://github.com/openshift/oc/pull/1424) * pkg/cli/admin/upgrade: Newlines after --allow-upgrade-with-warnings errors [#1519](https://github.com/openshift/oc/pull/1519) * Add profiling functionality and flags in oc [#1516](https://github.com/openshift/oc/pull/1516) * Fix typo in /var/log folder [#1517](https://github.com/openshift/oc/pull/1517) * login: improve usage message for --web option [#1513](https://github.com/openshift/oc/pull/1513) * Bump k8s packages to 1.27.4 [#1515](https://github.com/openshift/oc/pull/1515) * [OTA-994](https://issues.redhat.com/browse/OTA-994): pkg/cli/admin/release/extract: Centralize manifest extraction [#1404](https://github.com/openshift/oc/pull/1404) * [OCPBUGS-16009](https://issues.redhat.com/browse/OCPBUGS-16009): reboot: set ignition version to 3.1 [#1499](https://github.com/openshift/oc/pull/1499) * Add tls-server-name when property exists in kubeconfig [#1456](https://github.com/openshift/oc/pull/1456) * [OCPBUGS-15776](https://issues.redhat.com/browse/OCPBUGS-15776): mcs cert: account for environments that use IP directly [#1497](https://github.com/openshift/oc/pull/1497) * [OCPNODE-1656](https://issues.redhat.com/browse/OCPNODE-1656): oc release info: Introduce --idms-file and deprecate --icsp-file [#1465](https://github.com/openshift/oc/pull/1465) * [AUTH-355](https://issues.redhat.com/browse/AUTH-355): Add OAuth2 Authorization Code Grant Flow for login [#1402](https://github.com/openshift/oc/pull/1402) * upgrade distribution No 2 [#1495](https://github.com/openshift/oc/pull/1495) * [WRKLDS-700](https://issues.redhat.com/browse/WRKLDS-700): bump(k8s) to v1.27.2 [#1420](https://github.com/openshift/oc/pull/1420) * [OCPBUGS-15012](https://issues.redhat.com/browse/OCPBUGS-15012): oc image extract: idms-file flag map to IDMSFile field [#1464](https://github.com/openshift/oc/pull/1464) * Correct incorrect command in observe command [#1419](https://github.com/openshift/oc/pull/1419) * Clarify the use of the filter without keep-manifest-list [#1414](https://github.com/openshift/oc/pull/1414) * [OCPBUGS-10612](https://issues.redhat.com/browse/OCPBUGS-10612): make registry auth prefence default to podman config locations [#1376](https://github.com/openshift/oc/pull/1376) * handle the error case of node retrieval while waiting for reboot [#1482](https://github.com/openshift/oc/pull/1482) * Fix the output of error prompt [#1433](https://github.com/openshift/oc/pull/1433) * pkg/cli/admin/upgrade: Surface Recommended=Unknown more prominently [#1442](https://github.com/openshift/oc/pull/1442) * pkg/cli/admin/upgrade: Add post-period to space to some error messages [#1330](https://github.com/openshift/oc/pull/1330) * Wait for reboot [#1473](https://github.com/openshift/oc/pull/1473) * tweak output format [#1471](https://github.com/openshift/oc/pull/1471) * [OCPNODE-1580](https://issues.redhat.com/browse/OCPNODE-1580): Add --print-mirror-instructions to oc adm release mirror to allow idms instructions [#1341](https://github.com/openshift/oc/pull/1341) * add reboot-nodes [#1468](https://github.com/openshift/oc/pull/1468) * Trust check [#1469](https://github.com/openshift/oc/pull/1469) * fix directories for consistency [#1467](https://github.com/openshift/oc/pull/1467) * ocpcertificates: add ability to rotate MCS CA/cert [#1450](https://github.com/openshift/oc/pull/1450) * [OCPNODE-1656](https://issues.redhat.com/browse/OCPNODE-1656): oc image extract: Introduce IDMS as alternative source [#1426](https://github.com/openshift/oc/pull/1426) * pernodepod: percent works like this [#1463](https://github.com/openshift/oc/pull/1463) * ocpcertificates: don't make assumptions on resources not to bring pip… [#1462](https://github.com/openshift/oc/pull/1462) * allow running a command while the kubelet is off [#1459](https://github.com/openshift/oc/pull/1459) * add command to create new bootstrap kubeconfig for kubelet [#1458](https://github.com/openshift/oc/pull/1458) * ocpcertificates: fix handling resources by names explicitly + other cosmetic fixes [#1460](https://github.com/openshift/oc/pull/1460) * tweaks needed for wait [#1455](https://github.com/openshift/oc/pull/1455) * Add a command to remove older trust [#1447](https://github.com/openshift/oc/pull/1447) * create command to create new adminkubeconfig [#1452](https://github.com/openshift/oc/pull/1452) * add a command to copy content to every node [#1454](https://github.com/openshift/oc/pull/1454) * Minor updates to CLI help text [#1453](https://github.com/openshift/oc/pull/1453) * add command for regenerating OCP leaf certs [#1443](https://github.com/openshift/oc/pull/1443) * add a new command to wait for all clusteroperators to go stable [#1444](https://github.com/openshift/oc/pull/1444) * add command to produce an updated CA bundle for trusting the kube-apiserver [#1446](https://github.com/openshift/oc/pull/1446) * add printing for new revisions [#1445](https://github.com/openshift/oc/pull/1445) * add oc adm ocp-certificates regenerate-top-level [#1439](https://github.com/openshift/oc/pull/1439) * [OCPBUGS-11652](https://issues.redhat.com/browse/OCPBUGS-11652): Extend adm node-logs to new API [#1403](https://github.com/openshift/oc/pull/1403) * [OCPBUGS-12793](https://issues.redhat.com/browse/OCPBUGS-12793): adds a mapping for exposed ports to DockerConfig when manifest listed [#1415](https://github.com/openshift/oc/pull/1415) * [OCPBUGS-14340](https://issues.redhat.com/browse/OCPBUGS-14340): Name containers w/'multi' when mirroring a multi release image [#1423](https://github.com/openshift/oc/pull/1423) * [OCPBUGS-11123](https://issues.redhat.com/browse/OCPBUGS-11123): oc adm groups sync: all groups: print warning before caching [#1436](https://github.com/openshift/oc/pull/1436) * [OCPBUGS-11632](https://issues.redhat.com/browse/OCPBUGS-11632): Skip invalid events yamls and continue [#1429](https://github.com/openshift/oc/pull/1429) * [OCPBUGS-14082](https://issues.redhat.com/browse/OCPBUGS-14082): Remove closed centos7 registry from newapp unit tests [#1430](https://github.com/openshift/oc/pull/1430) * [OCPBUGS-12901](https://issues.redhat.com/browse/OCPBUGS-12901): preserve explicit release image in ClusterVersion [#1416](https://github.com/openshift/oc/pull/1416) * [OCPBUGS-11123](https://issues.redhat.com/browse/OCPBUGS-11123): oc adm groups sync: fix the annotation key [#1427](https://github.com/openshift/oc/pull/1427) * [OCPBUGS-11123](https://issues.redhat.com/browse/OCPBUGS-11123): oc adm groups sync: print a warning when two or more groups are mapped to the same ldap uid [#1425](https://github.com/openshift/oc/pull/1425) * [OCPBUGS-13355](https://issues.redhat.com/browse/OCPBUGS-13355): Use RequestToken functions from library-go [#991](https://github.com/openshift/oc/pull/991) * [OCPBUGS-11632](https://issues.redhat.com/browse/OCPBUGS-11632): Improve error log messages in event filtering [#1417](https://github.com/openshift/oc/pull/1417) * [OCPBUGS-12143](https://issues.redhat.com/browse/OCPBUGS-12143): oc login: unwrap tls.CertificateVerificationError to use x509 errors [#1406](https://github.com/openshift/oc/pull/1406) * pkg/cli/admin/upgrade: Clarify client-side vs. server-side docs [#1181](https://github.com/openshift/oc/pull/1181) * replace trimLeft with trimPrefix [#1400](https://github.com/openshift/oc/pull/1400) * Support OCI manifest lists in image mirror [#1362](https://github.com/openshift/oc/pull/1362) * [OCPBUGS-8004](https://issues.redhat.com/browse/OCPBUGS-8004): Fix bug when recreating an index with fewer images [#1335](https://github.com/openshift/oc/pull/1335) * adm catalog mirror update example to idms [#1401](https://github.com/openshift/oc/pull/1401) * [OCPBUGS-10843](https://issues.redhat.com/browse/OCPBUGS-10843): oc debug unique pod name [#1393](https://github.com/openshift/oc/pull/1393) * adm catalog mirror generates idms manifest [#1389](https://github.com/openshift/oc/pull/1389) * [OCPBUGS-1115](https://issues.redhat.com/browse/OCPBUGS-1115): Use linux/arch when user's OS isn't in manifests [#1311](https://github.com/openshift/oc/pull/1311) * Remove already deprecated adm create-kubeconfig command [#1367](https://github.com/openshift/oc/pull/1367) * append: expose keep-manifest-list option and preserve manifestlist when appending to specific arch images [#1361](https://github.com/openshift/oc/pull/1361) * Updating ose-tools images to be consistent with ART [#1369](https://github.com/openshift/oc/pull/1369) * [OCPBUGS-8048](https://issues.redhat.com/browse/OCPBUGS-8048): pkg/cli/admin/upgrade: Client-side checks for --to-multi-arch [#1359](https://github.com/openshift/oc/pull/1359) * [IR-300](https://issues.redhat.com/browse/IR-300), [IR-301](https://issues.redhat.com/browse/IR-301): generates ImageStreamTags with import-mode when using oc new-build and oc-new-app [#1353](https://github.com/openshift/oc/pull/1353) * [OCPBUGS-10879](https://issues.redhat.com/browse/OCPBUGS-10879): Fix deprecated oc command suggestion [#1390](https://github.com/openshift/oc/pull/1390) * Exclude irrelevant commands from MicroShift documentation [#1375](https://github.com/openshift/oc/pull/1375) * Test Fix: Allow submodule using file transport with newer git [#1378](https://github.com/openshift/oc/pull/1378) * Updating openshift-enterprise-deployer images to be consistent with ART [#1368](https://github.com/openshift/oc/pull/1368) * Updating openshift-enterprise-cli images to be consistent with ART [#1364](https://github.com/openshift/oc/pull/1364) * [OCPBUGS-3393](https://issues.redhat.com/browse/OCPBUGS-3393): Always copy the blobs if the target isn't a registry [#1355](https://github.com/openshift/oc/pull/1355) * Updating ose-cli-artifacts images to be consistent with ART [#1370](https://github.com/openshift/oc/pull/1370) * [OCPBUGS-1117](https://issues.redhat.com/browse/OCPBUGS-1117): The architecture of oc in the cli-artifacts' /usr/bin folder should to the one of the built image [#1374](https://github.com/openshift/oc/pull/1374) * [OCPBUGS-10622](https://issues.redhat.com/browse/OCPBUGS-10622): bump repo sclorg/s2i-ruby-container location for newapp test [#1377](https://github.com/openshift/oc/pull/1377) * Add microshift into generate-docs [#1365](https://github.com/openshift/oc/pull/1365) * [OCPBUGS-5949](https://issues.redhat.com/browse/OCPBUGS-5949): Add subrepository support for ICSP [#1350](https://github.com/openshift/oc/pull/1350) * And 1 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/oc/compare/d192e901ece237d9ae1580d73e78f423ec2ef322...44b3ac26e654777e0283759d45a2b3351823fc5e) ### [cloud-credential-operator](https://github.com/openshift/cloud-credential-operator/tree/c5e14121427366636459051b3a9a5a980131c42c) * [OCPBUGS-58677](https://issues.redhat.com/browse/OCPBUGS-58677): github.com/golang/glog v1.2.5 [#895](https://github.com/openshift/cloud-credential-operator/pull/895) * [OCPBUGS-53418](https://issues.redhat.com/browse/OCPBUGS-53418): github.com/golang/glog v1.2.4 [#845](https://github.com/openshift/cloud-credential-operator/pull/845) * [OCPBUGS-53819](https://issues.redhat.com/browse/OCPBUGS-53819): update github.com/golang-jwt/jwt [#841](https://github.com/openshift/cloud-credential-operator/pull/841) * [OCPBUGS-51542](https://issues.redhat.com/browse/OCPBUGS-51542): Ignore SNYK-GOLANG-GOLANGORGXOAUTH2JWS-8749594 due to not being affected [#830](https://github.com/openshift/cloud-credential-operator/pull/830) * [OCPBUGS-47069](https://issues.redhat.com/browse/OCPBUGS-47069): golang.org/x/net v0.33.0 [#810](https://github.com/openshift/cloud-credential-operator/pull/810) * [OCPBUGS-46487](https://issues.redhat.com/browse/OCPBUGS-46487): Add AWS region to aws-pod-identity-webhook [#801](https://github.com/openshift/cloud-credential-operator/pull/801) * [OCPBUGS-45009](https://issues.redhat.com/browse/OCPBUGS-45009): Add retry to ccoctl gcp create functions [#791](https://github.com/openshift/cloud-credential-operator/pull/791) * [OCPBUGS-45004](https://issues.redhat.com/browse/OCPBUGS-45004): github.com/golang-jwt/jwt/v4 v4.5.1 [#785](https://github.com/openshift/cloud-credential-operator/pull/785) * [OCPBUGS-43647](https://issues.redhat.com/browse/OCPBUGS-43647): Only attempt timed token credentials on supported platforms. [#775](https://github.com/openshift/cloud-credential-operator/pull/775) * [OCPBUGS-43339](https://issues.redhat.com/browse/OCPBUGS-43339): Update github.com/sirupsen/logrus v1.9.3 [#769](https://github.com/openshift/cloud-credential-operator/pull/769) * [OCPBUGS-41236](https://issues.redhat.com/browse/OCPBUGS-41236): List secrets in batches to avoid api timeout [#755](https://github.com/openshift/cloud-credential-operator/pull/755) * [OCPBUGS-38378](https://issues.redhat.com/browse/OCPBUGS-38378): Update google.golang.org/grpc v1.65.0 [#750](https://github.com/openshift/cloud-credential-operator/pull/750) * [OCPBUGS-37823](https://issues.redhat.com/browse/OCPBUGS-37823): GCP passthrough permissions check to ignore problematic permissions. [#741](https://github.com/openshift/cloud-credential-operator/pull/741) * [OCPBUGS-37062](https://issues.redhat.com/browse/OCPBUGS-37062): Update cloud.google.com/go/storage v1.43.0 [#742](https://github.com/openshift/cloud-credential-operator/pull/742) * [OCPBUGS-37420](https://issues.redhat.com/browse/OCPBUGS-37420): SNYK ignore go-client misreporting [#739](https://github.com/openshift/cloud-credential-operator/pull/739) * [OCPBUGS-37276](https://issues.redhat.com/browse/OCPBUGS-37276): Update to azidentity v1.7.0 [#732](https://github.com/openshift/cloud-credential-operator/pull/732) * [OCPBUGS-36029](https://issues.redhat.com/browse/OCPBUGS-36029): IBM/go-sdk-core update to v5.17.4 [#721](https://github.com/openshift/cloud-credential-operator/pull/721) * [OCPBUGS-36716](https://issues.redhat.com/browse/OCPBUGS-36716): AWS STS should not error when a credentailsRequest does not have awsSTSIAMRoleARN [#713](https://github.com/openshift/cloud-credential-operator/pull/713) * [OCPBUGS-32899](https://issues.redhat.com/browse/OCPBUGS-32899): Upgrade go-jose module to 2.6.3 [#697](https://github.com/openshift/cloud-credential-operator/pull/697) * [OCPBUGS-29156](https://issues.redhat.com/browse/OCPBUGS-29156): Fix the ClusterOperator watch of the status controller [#676](https://github.com/openshift/cloud-credential-operator/pull/676) * [OCPBUGS-28231](https://issues.redhat.com/browse/OCPBUGS-28231): Guard upgrading GCP from 4.14 to 4.15 without RoleAdmin permissions [#670](https://github.com/openshift/cloud-credential-operator/pull/670) * [OCPBUGS-29199](https://issues.redhat.com/browse/OCPBUGS-29199): ccoctl - use proxy when validating CloudFront URL [#678](https://github.com/openshift/cloud-credential-operator/pull/678) * [OCPBUGS-27911](https://issues.redhat.com/browse/OCPBUGS-27911): Resolve all outstanding snyk vulnerabilities [#650](https://github.com/openshift/cloud-credential-operator/pull/650) * [OCPBUGS-28382](https://issues.redhat.com/browse/OCPBUGS-28382): Use cached clients to avoid client side throttling [#666](https://github.com/openshift/cloud-credential-operator/pull/666) * [OCPBUGS-27515](https://issues.redhat.com/browse/OCPBUGS-27515): Write manifests when AWS IAM roles already exist. [#659](https://github.com/openshift/cloud-credential-operator/pull/659) * [OCPBUGS-26512](https://issues.redhat.com/browse/OCPBUGS-26512): Use live client for metrics [#647](https://github.com/openshift/cloud-credential-operator/pull/647) * [OCPBUGS-25275](https://issues.redhat.com/browse/OCPBUGS-25275): Azure Workload Identity info in CredsRequests creates a Secret [#643](https://github.com/openshift/cloud-credential-operator/pull/643) * [OCPBUGS-24346](https://issues.redhat.com/browse/OCPBUGS-24346): Discover AWS dns suffix from partition and region. [#635](https://github.com/openshift/cloud-credential-operator/pull/635) * [OCPBUGS-23986](https://issues.redhat.com/browse/OCPBUGS-23986): Use per-project custom roles instead of per-cluster custom roles [#631](https://github.com/openshift/cloud-credential-operator/pull/631) * [OCPBUGS-23426](https://issues.redhat.com/browse/OCPBUGS-23426): Explicitly set the vsphere secret credential data on sync. [#629](https://github.com/openshift/cloud-credential-operator/pull/629) * [OCPBUGS-21388](https://issues.redhat.com/browse/OCPBUGS-21388): Upgrade golang/x/net for CVE-2023-39325 [#622](https://github.com/openshift/cloud-credential-operator/pull/622) * NO-ISSUE: Removing andrew from OWNERS [#617](https://github.com/openshift/cloud-credential-operator/pull/617) * snyk: exclude vendor/ [#615](https://github.com/openshift/cloud-credential-operator/pull/615) * [OCPBUGS-22651](https://issues.redhat.com/browse/OCPBUGS-22651): explicitly set azure oidc bucket to allow public blob access [#612](https://github.com/openshift/cloud-credential-operator/pull/612) * [OCPBUGS-21926](https://issues.redhat.com/browse/OCPBUGS-21926): azure create-managed-identites to add cloud controller manager to network resource group [#608](https://github.com/openshift/cloud-credential-operator/pull/608) * [OCPBUGS-19865](https://issues.redhat.com/browse/OCPBUGS-19865): Add networkResourceGroupName parameter for Azure [#602](https://github.com/openshift/cloud-credential-operator/pull/602) * [OCPBUGS-17719](https://issues.redhat.com/browse/OCPBUGS-17719): Double timeout delays for managed identity creation and role assignment from 2 to 4 minutes. [#591](https://github.com/openshift/cloud-credential-operator/pull/591) * pkg/aws/actuator: Drop comment which suggested passthrough permission verification [#590](https://github.com/openshift/cloud-credential-operator/pull/590) * [CCO-363](https://issues.redhat.com/browse/CCO-363): Adding azure identity webhook [#559](https://github.com/openshift/cloud-credential-operator/pull/559) * [OCPBUGS-16684](https://issues.redhat.com/browse/OCPBUGS-16684): Set cr.status.provisioned=false on syncErr path [#583](https://github.com/openshift/cloud-credential-operator/pull/583) * [OCPBUGS-17049](https://issues.redhat.com/browse/OCPBUGS-17049): update lastSyncGeneration in STS flow sync success [#585](https://github.com/openshift/cloud-credential-operator/pull/585) * Revert "CCO-401: Add azure-workload-identity-webhook to image references." [#588](https://github.com/openshift/cloud-credential-operator/pull/588) * [CCO-401](https://issues.redhat.com/browse/CCO-401): Add azure-workload-identity-webhook to image references. [#586](https://github.com/openshift/cloud-credential-operator/pull/586) * [CCO-413](https://issues.redhat.com/browse/CCO-413): Add dataPermissions to Azure credentials request. [#584](https://github.com/openshift/cloud-credential-operator/pull/584) * [CCO-402](https://issues.redhat.com/browse/CCO-402): Create Azure AD pod identity webhook config secret manifest in create-all,create-oidc-issuer [#573](https://github.com/openshift/cloud-credential-operator/pull/573) * [OCPCLOUD-2012](https://issues.redhat.com/browse/OCPCLOUD-2012): ccoctl: Plumb credreq.spec.cloudTokenPath override into Azure secret creation [#580](https://github.com/openshift/cloud-credential-operator/pull/580) * [OCPBUGS-16807](https://issues.redhat.com/browse/OCPBUGS-16807): ccoctl azure exit with error when OIDC and installation resource group names are the same [#582](https://github.com/openshift/cloud-credential-operator/pull/582) * [OCPCLOUD-2012](https://issues.redhat.com/browse/OCPCLOUD-2012): ccoctl: Add --enable-tech-preview arg to azure create-all subcommand. [#581](https://github.com/openshift/cloud-credential-operator/pull/581) * [OCPBUGS-16614](https://issues.redhat.com/browse/OCPBUGS-16614): *: stop checking for the STS feature gate [#579](https://github.com/openshift/cloud-credential-operator/pull/579) * Add DOCKER_CMD Makefile var to use podman when found. [#577](https://github.com/openshift/cloud-credential-operator/pull/577) * [OCPBUGS-16614](https://issues.redhat.com/browse/OCPBUGS-16614): go.mod: re-vendor openshift/api [#578](https://github.com/openshift/cloud-credential-operator/pull/578) * [CCO-233](https://issues.redhat.com/browse/CCO-233): Add Azure AD Workload Identity doc. [#566](https://github.com/openshift/cloud-credential-operator/pull/566) * *: use a global codec [#576](https://github.com/openshift/cloud-credential-operator/pull/576) * [OCPBUGS-16313](https://issues.redhat.com/browse/OCPBUGS-16313): pkg/operator: correctly fetch CA for AWS minter [#575](https://github.com/openshift/cloud-credential-operator/pull/575) * [OCPBUGS-16334](https://issues.redhat.com/browse/OCPBUGS-16334): Clarify updateActuatorConditions & update lastSync [#568](https://github.com/openshift/cloud-credential-operator/pull/568) * [OCPBUGS-16313](https://issues.redhat.com/browse/OCPBUGS-16313): manifests: allow list/watch globally on our config configmap [#572](https://github.com/openshift/cloud-credential-operator/pull/572) * [CCO-388](https://issues.redhat.com/browse/CCO-388): manifests: add cloudcredentials.operator.openshift.io to HCP [#571](https://github.com/openshift/cloud-credential-operator/pull/571) * Revert "manifests: manually amend resources that get laid down by CVO in HCP" [#570](https://github.com/openshift/cloud-credential-operator/pull/570) * [OCPBUGS-15365](https://issues.redhat.com/browse/OCPBUGS-15365): manifests: fix rbac [#567](https://github.com/openshift/cloud-credential-operator/pull/567) * [OCPBUGS-15906](https://issues.redhat.com/browse/OCPBUGS-15906): ccoctl azure delete to also delete role assignments [#564](https://github.com/openshift/cloud-credential-operator/pull/564) * [OCPBUGS-16088](https://issues.redhat.com/browse/OCPBUGS-16088): Adds [default] section header to STS Secrets [#565](https://github.com/openshift/cloud-credential-operator/pull/565) * [OCPBUGS-16036](https://issues.redhat.com/browse/OCPBUGS-16036): Set status on CR properly when STS provisioned [#562](https://github.com/openshift/cloud-credential-operator/pull/562) * Revert "Merge pull request #398 from csrwng/exclude_config_ibmcloud" [#561](https://github.com/openshift/cloud-credential-operator/pull/561) * [OCPBUGS-15365](https://issues.redhat.com/browse/OCPBUGS-15365): *: use correct clients in the secretannotator [#563](https://github.com/openshift/cloud-credential-operator/pull/563) * [OCPBUGS-15365](https://issues.redhat.com/browse/OCPBUGS-15365): *: use a filtered LIST + WATCH on Secrets for AWS STS [#545](https://github.com/openshift/cloud-credential-operator/pull/545) * reconcile status when the clusteroperator changes [#560](https://github.com/openshift/cloud-credential-operator/pull/560) * [CCO-353](https://issues.redhat.com/browse/CCO-353): ccoctl to create azure custom roles [#556](https://github.com/openshift/cloud-credential-operator/pull/556) * [CCO-394](https://issues.redhat.com/browse/CCO-394): Do not Add PodIdentityWebhook controller when InfraStatus.ControlPlaneToplogy is External. [#547](https://github.com/openshift/cloud-credential-operator/pull/547) * CCO-366 Add ability to detect AWS STS and behave accordingly [#542](https://github.com/openshift/cloud-credential-operator/pull/542) * Implement ccoctl command to create infrastructure required for Azure workload identity [#523](https://github.com/openshift/cloud-credential-operator/pull/523) * [PORTENABLE-526](https://issues.redhat.com/browse/PORTENABLE-526): operator: use a partial metadata watch for Namespaces [#546](https://github.com/openshift/cloud-credential-operator/pull/546) * manager: filter the cache of configmaps [#544](https://github.com/openshift/cloud-credential-operator/pull/544) * Bump to go 1.20 in go.mod [#536](https://github.com/openshift/cloud-credential-operator/pull/536) * [OCPBUGS-13549](https://issues.redhat.com/browse/OCPBUGS-13549): Determine AWS partition based on region for readOnlyAnonUserPolicyTemplate bucket ARN. [#537](https://github.com/openshift/cloud-credential-operator/pull/537) * Add a make target and stub for actuator e2e tests [#535](https://github.com/openshift/cloud-credential-operator/pull/535) * Updating ose-cloud-credential-operator images to be consistent with ART [#534](https://github.com/openshift/cloud-credential-operator/pull/534) * Updating ose-cloud-credential-operator images to be consistent with ART [#533](https://github.com/openshift/cloud-credential-operator/pull/533) * Updating ose-cloud-credential-operator images to be consistent with ART [#532](https://github.com/openshift/cloud-credential-operator/pull/532) * [OCPBUGS-11671](https://issues.redhat.com/browse/OCPBUGS-11671): ccoctl: Enable public anon read access to default OIDC S3 bucket [#526](https://github.com/openshift/cloud-credential-operator/pull/526) * Updating ose-cloud-credential-operator images to be consistent with ART [#521](https://github.com/openshift/cloud-credential-operator/pull/521) * [OCPBUGS-8666](https://issues.redhat.com/browse/OCPBUGS-8666): Correct pod-identity-webhook annotations for PreferredDuringScheduling. [#522](https://github.com/openshift/cloud-credential-operator/pull/522) * [SPLAT-950](https://issues.redhat.com/browse/SPLAT-950): doc/aws-sts : steps to migrate from public bucket to private issuer URL [#515](https://github.com/openshift/cloud-credential-operator/pull/515) * [OCPBUGS-8666](https://issues.redhat.com/browse/OCPBUGS-8666): feat: add workload annotation to pod identity webhook deployment [#520](https://github.com/openshift/cloud-credential-operator/pull/520) * Upgrade build-machinery-go: `make vulncheck` [#519](https://github.com/openshift/cloud-credential-operator/pull/519) * Bump golang.org/x/net from v0.5.0 to v0.7.0 [#517](https://github.com/openshift/cloud-credential-operator/pull/517) * [Full changelog](https://github.com/openshift/cloud-credential-operator/compare/134ade41c3293d81d0966e4d4644d18f0e7368e6...c5e14121427366636459051b3a9a5a980131c42c) ### [cloud-network-config-controller](https://github.com/openshift/cloud-network-config-controller/tree/1bd04641f210d19370f782086949f827bfb7a264) * [OCPBUGS-34197](https://issues.redhat.com/browse/OCPBUGS-34197): Avoid panic when looking up attachedOutboundRule.ID in azure [#147](https://github.com/openshift/cloud-network-config-controller/pull/147) * [OCPBUGS-32112](https://issues.redhat.com/browse/OCPBUGS-32112): Avoid nil pointer panic while assigning private IP on Azure [#138](https://github.com/openshift/cloud-network-config-controller/pull/138) * [OCPBUGS-21785](https://issues.redhat.com/browse/OCPBUGS-21785): Azure: skip backend pool if attached to an outbound rule [#125](https://github.com/openshift/cloud-network-config-controller/pull/125) * [OCPBUGS-17151](https://issues.redhat.com/browse/OCPBUGS-17151): AWS: Skipping Unusable Network Interfaces [#120](https://github.com/openshift/cloud-network-config-controller/pull/120) * [OCPBUGS-15805](https://issues.redhat.com/browse/OCPBUGS-15805): Azure: Handle already existing IP configurations [#115](https://github.com/openshift/cloud-network-config-controller/pull/115) * [CCO-356](https://issues.redhat.com/browse/CCO-356): Add support for Azure workload identity tokens [#102](https://github.com/openshift/cloud-network-config-controller/pull/102) * [SDN-3902](https://issues.redhat.com/browse/SDN-3902): Maintenance [#111](https://github.com/openshift/cloud-network-config-controller/pull/111) * [OCPBUGS-13140](https://issues.redhat.com/browse/OCPBUGS-13140): increase GCP egress ip capacity to 100 from 10 [#110](https://github.com/openshift/cloud-network-config-controller/pull/110) * [OCPBUGS-12566](https://issues.redhat.com/browse/OCPBUGS-12566): CVE-2022-41723 golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [#107](https://github.com/openshift/cloud-network-config-controller/pull/107) * Updating ose-cloud-network-config-controller images to be consistent with ART [#104](https://github.com/openshift/cloud-network-config-controller/pull/104) * [OCPBUGS-11187](https://issues.redhat.com/browse/OCPBUGS-11187): sync CloudPrivateIpConfig when node is missing [#103](https://github.com/openshift/cloud-network-config-controller/pull/103) * Updating ose-cloud-network-config-controller images to be consistent with ART [#98](https://github.com/openshift/cloud-network-config-controller/pull/98) * [OCPBUGS-10526](https://issues.redhat.com/browse/OCPBUGS-10526): pull project name from subnet uri [#100](https://github.com/openshift/cloud-network-config-controller/pull/100) * Bump CI image [#99](https://github.com/openshift/cloud-network-config-controller/pull/99) * [Full changelog](https://github.com/openshift/cloud-network-config-controller/compare/d377281c10ab68ea3faf4775f015c1651004b0ff...1bd04641f210d19370f782086949f827bfb7a264) ### [cluster-authentication-operator](https://github.com/openshift/cluster-authentication-operator/tree/9203d4d5a83c86d4c51050a2c58e5ffe6e8d137e) * [OCPBUGS-28247](https://issues.redhat.com/browse/OCPBUGS-28247): Remove "include.release.openshift.io/ibm-cloud-managed:" annotation [#649](https://github.com/openshift/cluster-authentication-operator/pull/649) * [OCPBUGS-20705](https://issues.redhat.com/browse/OCPBUGS-20705): go.mod: bump golang.org/x/net to v0.17.0 [#637](https://github.com/openshift/cluster-authentication-operator/pull/637) * [OCPBUGS-8093](https://issues.redhat.com/browse/OCPBUGS-8093): properly set the pod name and namespace in graceful termination lifecycle events [#628](https://github.com/openshift/cluster-authentication-operator/pull/628) * Add openshift-cli-client in NamesFilter [#625](https://github.com/openshift/cluster-authentication-operator/pull/625) * [OCPBUGS-16501](https://issues.redhat.com/browse/OCPBUGS-16501): bump PSa, lib-go and storage-version-migrator to get rid of goproxy dep [#624](https://github.com/openshift/cluster-authentication-operator/pull/624) * [AUTH-356](https://issues.redhat.com/browse/AUTH-356): Add openshift-cli-client OAuth Client [#606](https://github.com/openshift/cluster-authentication-operator/pull/606) * Correctly link oauth apiserver ServiceMonitor with its Service [#616](https://github.com/openshift/cluster-authentication-operator/pull/616) * [OCPBUGS-2765](https://issues.redhat.com/browse/OCPBUGS-2765): Library go bump [#613](https://github.com/openshift/cluster-authentication-operator/pull/613) * [OCPBUGS-14010](https://issues.redhat.com/browse/OCPBUGS-14010): increase timeout for probes [#612](https://github.com/openshift/cluster-authentication-operator/pull/612) * [AUTH-363](https://issues.redhat.com/browse/AUTH-363): make proxy config check less obtrusive [#608](https://github.com/openshift/cluster-authentication-operator/pull/608) * [OCPBUGS-10577](https://issues.redhat.com/browse/OCPBUGS-10577): update apf configuration to use v1beta3 [#594](https://github.com/openshift/cluster-authentication-operator/pull/594) * [OCPBUGS-10041](https://issues.redhat.com/browse/OCPBUGS-10041): update openshift/api to include aesgcm provider in the default apiserver schema [#601](https://github.com/openshift/cluster-authentication-operator/pull/601) * [Full changelog](https://github.com/openshift/cluster-authentication-operator/compare/1801056c175da7d1e8d5507fa4558564740c7f4d...9203d4d5a83c86d4c51050a2c58e5ffe6e8d137e) ### [cluster-autoscaler](https://github.com/openshift/kubernetes-autoscaler/tree/d030dbaade38e116d27d5039a3597f694f73ea2b) * [OCPBUGS-45150](https://issues.redhat.com/browse/OCPBUGS-45150): [release-4.14] VPA: Update OWNERS file [#327](https://github.com/openshift/kubernetes-autoscaler/pull/327) * [OCPBUGS-40925](https://issues.redhat.com/browse/OCPBUGS-40925): update VPA golang.org/x/net for http rapid reset for CVE-2024-8421 [#316](https://github.com/openshift/kubernetes-autoscaler/pull/316) * [OCPBUGS-31621](https://issues.redhat.com/browse/OCPBUGS-31621): add check for taint.value == nil [#294](https://github.com/openshift/kubernetes-autoscaler/pull/294) * [OCPBUGS-30628](https://issues.redhat.com/browse/OCPBUGS-30628): Fix unstructured taint parsing in Cluster API provider [#288](https://github.com/openshift/kubernetes-autoscaler/pull/288) * [OCPBUGS-19697](https://issues.redhat.com/browse/OCPBUGS-19697): UPSTREAM: 6066: Allow overriding the kubernetes.io/arch label set by the scale from zero methods via a new cmdline arg [#263](https://github.com/openshift/kubernetes-autoscaler/pull/263) * Updating vertical-pod-autoscaler images to be consistent with ART [#253](https://github.com/openshift/kubernetes-autoscaler/pull/253) * OCPCLOUD-2060 Merge https://github.com/kubernetes/autoscaler:master (d3ec0c4) into master [#256](https://github.com/openshift/kubernetes-autoscaler/pull/256) * [OCPBUGS-13228](https://issues.redhat.com/browse/OCPBUGS-13228): Updating atomic-openshift-cluster-autoscaler images to be consistent with ART [#255](https://github.com/openshift/kubernetes-autoscaler/pull/255) * Updating atomic-openshift-cluster-autoscaler images to be consistent with ART [#252](https://github.com/openshift/kubernetes-autoscaler/pull/252) * [Full changelog](https://github.com/openshift/kubernetes-autoscaler/compare/3ce55c7137713427df9f9fe163b1cb9c775290b6...d030dbaade38e116d27d5039a3597f694f73ea2b) ### [cluster-autoscaler-operator](https://github.com/openshift/cluster-autoscaler-operator/tree/32854baae386c4d6854d7fd8658fdff75588e919) * [OCPBUGS-31976](https://issues.redhat.com/browse/OCPBUGS-31976): Update x/net to v0.25.0 [#322](https://github.com/openshift/cluster-autoscaler-operator/pull/322) * [OCPBUGS-25749](https://issues.redhat.com/browse/OCPBUGS-25749): Add Snyk file to exclude vendor directory on scan [#308](https://github.com/openshift/cluster-autoscaler-operator/pull/308) * [OCPBUGS-20789](https://issues.redhat.com/browse/OCPBUGS-20789): Bump x/net package to v0.17.0 [#298](https://github.com/openshift/cluster-autoscaler-operator/pull/298) * [OCPBUGS-20038](https://issues.redhat.com/browse/OCPBUGS-20038): Ensure status reporter caches exit if they don't sync [#292](https://github.com/openshift/cluster-autoscaler-operator/pull/292) * [OCPBUGS-19496](https://issues.redhat.com/browse/OCPBUGS-19496): cluster-autoscaler-operator: clusterrole add clusteroperators watch [#288](https://github.com/openshift/cluster-autoscaler-operator/pull/288) * [OCPBUGS-19697](https://issues.redhat.com/browse/OCPBUGS-19697): Provide the architecture of the control plane as argument to --scale-up-from-zero-default-arch [#290](https://github.com/openshift/cluster-autoscaler-operator/pull/290) * [OCPBUGS-18278](https://issues.redhat.com/browse/OCPBUGS-18278): Address long acquire times during upgrade [#281](https://github.com/openshift/cluster-autoscaler-operator/pull/281) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#282](https://github.com/openshift/cluster-autoscaler-operator/pull/282) * Reconcile when external process change the clusteroperator status [#279](https://github.com/openshift/cluster-autoscaler-operator/pull/279) * [OCPBUGS-14356](https://issues.redhat.com/browse/OCPBUGS-14356): add nutanix labels that should be ignored [#275](https://github.com/openshift/cluster-autoscaler-operator/pull/275) * CNF-5642 make operator optional [#269](https://github.com/openshift/cluster-autoscaler-operator/pull/269) * [OCPCLOUD-2061](https://issues.redhat.com/browse/OCPCLOUD-2061): Rebase dependencies to k8s 1.27 [#274](https://github.com/openshift/cluster-autoscaler-operator/pull/274) * Updating ose-cluster-autoscaler-operator images to be consistent with ART [#273](https://github.com/openshift/cluster-autoscaler-operator/pull/273) * [OCPBUGS-10105](https://issues.redhat.com/browse/OCPBUGS-10105): Updating ose-cluster-autoscaler-operator images to be consistent with ART [#271](https://github.com/openshift/cluster-autoscaler-operator/pull/271) * [Full changelog](https://github.com/openshift/cluster-autoscaler-operator/compare/0007e9081f1d7aecd652c0843815be4844f67453...32854baae386c4d6854d7fd8658fdff75588e919) ### [cluster-baremetal-operator](https://github.com/openshift/cluster-baremetal-operator/tree/affcfb54666c47e569d1ba4f2e44aeaf9ef28bf7) * [OCPBUGS-31977](https://issues.redhat.com/browse/OCPBUGS-31977): bump x/net to 0.23.0 [#438](https://github.com/openshift/cluster-baremetal-operator/pull/438) * [OCPBUGS-22943](https://issues.redhat.com/browse/OCPBUGS-22943): Add tls-cipher-suites to baremetal-kube-rbac-proxy [#379](https://github.com/openshift/cluster-baremetal-operator/pull/379) * [OCPBUGS-23392](https://issues.redhat.com/browse/OCPBUGS-23392), [OCPBUGS-23393](https://issues.redhat.com/browse/OCPBUGS-23393): fix IRONIC_EXTERNAL_URL_V6 [#384](https://github.com/openshift/cluster-baremetal-operator/pull/384) * Jira OCPBUGS-22208: Trigger reconcile if Secret openshift-config/pull-secret changes [#376](https://github.com/openshift/cluster-baremetal-operator/pull/376) * [OCPBUGS-20887](https://issues.redhat.com/browse/OCPBUGS-20887): Uplift x/net to v0.17.0 [#369](https://github.com/openshift/cluster-baremetal-operator/pull/369) * [OCPBUGS-19545](https://issues.redhat.com/browse/OCPBUGS-19545): Remove metrics port from baremetal-operator [#366](https://github.com/openshift/cluster-baremetal-operator/pull/366) * [OCPBUGS-18934](https://issues.redhat.com/browse/OCPBUGS-18934): Guard against nil PlatformStatus [#360](https://github.com/openshift/cluster-baremetal-operator/pull/360) * [OCPBUGS-18059](https://issues.redhat.com/browse/OCPBUGS-18059): Inject OpenShift CA and proxy information to BMO [#358](https://github.com/openshift/cluster-baremetal-operator/pull/358) * [OCPBUGS-17693](https://issues.redhat.com/browse/OCPBUGS-17693): adjust meta3-state service ports when proxy is on [#354](https://github.com/openshift/cluster-baremetal-operator/pull/354) * [OCPBUGS-17693](https://issues.redhat.com/browse/OCPBUGS-17693): Use private ports for Ironic from BMO when proxy is on [#353](https://github.com/openshift/cluster-baremetal-operator/pull/353) * reconcile status when clusteroperator changes [#351](https://github.com/openshift/cluster-baremetal-operator/pull/351) * [OCPBUGS-15232](https://issues.redhat.com/browse/OCPBUGS-15232): Use Service instead of provisioning IP for BMO to talk to Ironic [#348](https://github.com/openshift/cluster-baremetal-operator/pull/348) * [OCPBUGS-15155](https://issues.redhat.com/browse/OCPBUGS-15155): Limit role binding to openshift-machine-api namespace [#345](https://github.com/openshift/cluster-baremetal-operator/pull/345) * [OCPBUGS-14064](https://issues.redhat.com/browse/OCPBUGS-14064): Split baremetal-operator into a separate pod [#342](https://github.com/openshift/cluster-baremetal-operator/pull/342) * [OCPBUGS-4248](https://issues.redhat.com/browse/OCPBUGS-4248): Avoid ironic-proxy when setting external url [#341](https://github.com/openshift/cluster-baremetal-operator/pull/341) * Updating ose-cluster-baremetal-operator images to be consistent with ART [#339](https://github.com/openshift/cluster-baremetal-operator/pull/339) * Upgrade golangci-lint to v1.52.2 for go 1.20 support [#337](https://github.com/openshift/cluster-baremetal-operator/pull/337) * Use a file URL for passing kernel to Ironic [#334](https://github.com/openshift/cluster-baremetal-operator/pull/334) * [OCPBUGS-10343](https://issues.redhat.com/browse/OCPBUGS-10343): use proxying for inspector in addition to ironic [#333](https://github.com/openshift/cluster-baremetal-operator/pull/333) * Revert "proxy: pass ipv6 address to container" [#335](https://github.com/openshift/cluster-baremetal-operator/pull/335) * [OCPBUGS-4248](https://issues.redhat.com/browse/OCPBUGS-4248): Set external Ironic URL to ironic-proxy IP [#324](https://github.com/openshift/cluster-baremetal-operator/pull/324) * Updating ose-cluster-baremetal-operator images to be consistent with ART [#328](https://github.com/openshift/cluster-baremetal-operator/pull/328) * [OCPBUGS-5461](https://issues.redhat.com/browse/OCPBUGS-5461): Add ironic IP to no_proxy [#322](https://github.com/openshift/cluster-baremetal-operator/pull/322) * [OCPBUGS-781](https://issues.redhat.com/browse/OCPBUGS-781): Update the deprecated field APIServerInternalIP to APIServerInternalIPs [#295](https://github.com/openshift/cluster-baremetal-operator/pull/295) * [Full changelog](https://github.com/openshift/cluster-baremetal-operator/compare/cc237f106bbe804c1e16c2781c8a2a73fb5a1099...affcfb54666c47e569d1ba4f2e44aeaf9ef28bf7) ### [cluster-bootstrap](https://github.com/openshift/cluster-bootstrap/tree/93fba13f576831ba0953190663ab26aaf5766984) * [OCPBUGS-16504](https://issues.redhat.com/browse/OCPBUGS-16504): bump(*): vendor update [#99](https://github.com/openshift/cluster-bootstrap/pull/99) * Updating ose-cluster-bootstrap images to be consistent with ART [#88](https://github.com/openshift/cluster-bootstrap/pull/88) * Updating ose-cluster-bootstrap images to be consistent with ART [#82](https://github.com/openshift/cluster-bootstrap/pull/82) * [OCPBUGS-3505](https://issues.redhat.com/browse/OCPBUGS-3505): Waiting for 2 masters in HA mode case [#71](https://github.com/openshift/cluster-bootstrap/pull/71) * [Full changelog](https://github.com/openshift/cluster-bootstrap/compare/ee908b6bb91dee3e61aface46d53a00b4e9288a2...93fba13f576831ba0953190663ab26aaf5766984) ### [cluster-capi-controllers](https://github.com/openshift/cluster-api/tree/ae83c5533706d539dc492229eebd67533468e48b) * [OCPBUGS-21544](https://issues.redhat.com/browse/OCPBUGS-21544): Bump golang.org/x/net to v0.17.0 [#184](https://github.com/openshift/cluster-api/pull/184) * [OCPBUGS-6354](https://issues.redhat.com/browse/OCPBUGS-6354), [OCPBUGS-6372](https://issues.redhat.com/browse/OCPBUGS-6372): Merge https://github.com/kubernetes-sigs/cluster-api:v1.4.2 (7b92ce4) into master [#175](https://github.com/openshift/cluster-api/pull/175) * Make openshift/e2e-tests.sh executable [#178](https://github.com/openshift/cluster-api/pull/178) * [OCPCLOUD-2121](https://issues.redhat.com/browse/OCPCLOUD-2121): Add openshift/e2e-tests for CAPI E2E testing [#177](https://github.com/openshift/cluster-api/pull/177) * Updating ose-cluster-api images to be consistent with ART [#174](https://github.com/openshift/cluster-api/pull/174) * Updating ose-cluster-api images to be consistent with ART [#170](https://github.com/openshift/cluster-api/pull/170) * Add enxebre approvers [#171](https://github.com/openshift/cluster-api/pull/171) * Merge https://github.com/kubernetes-sigs/cluster-api:release-1.3 (eb18352) into master [#167](https://github.com/openshift/cluster-api/pull/167) * [Full changelog](https://github.com/openshift/cluster-api/compare/12f767b2bd5de1a2641962f5d86d8564333afc65...ae83c5533706d539dc492229eebd67533468e48b) ### [cluster-capi-operator](https://github.com/openshift/cluster-capi-operator/tree/60cc3e65ff4817e43fe3114bccbbdb14374bac2c) * [OCPBUGS-37974](https://issues.redhat.com/browse/OCPBUGS-37974): fix: sort CredentialsRequest manifests after namespace [#194](https://github.com/openshift/cluster-capi-operator/pull/194) * [OCPBUGS-36369](https://issues.redhat.com/browse/OCPBUGS-36369): Revert cluster-api-operator go.sum hash [#184](https://github.com/openshift/cluster-capi-operator/pull/184) * [OCPBUGS-35128](https://issues.redhat.com/browse/OCPBUGS-35128): Bump x/crypto to v0.24.0 [#177](https://github.com/openshift/cluster-capi-operator/pull/177) * [OCPBUGS-35957](https://issues.redhat.com/browse/OCPBUGS-35957): Fix gcp providers-list.yaml branch [#178](https://github.com/openshift/cluster-capi-operator/pull/178) * [OCPBUGS-22314](https://issues.redhat.com/browse/OCPBUGS-22314): fix: add missing azure identity diff [#136](https://github.com/openshift/cluster-capi-operator/pull/136) * [OCPBUGS-21092](https://issues.redhat.com/browse/OCPBUGS-21092): Bump golang.org/x/net to v0.17.0 [#134](https://github.com/openshift/cluster-capi-operator/pull/134) * [OCPCLOUD-1874](https://issues.redhat.com/browse/OCPCLOUD-1874): Bump CAPG to v1.4.0 [#123](https://github.com/openshift/cluster-capi-operator/pull/123) * Bump CAPZ to v1.9.5 [#122](https://github.com/openshift/cluster-capi-operator/pull/122) * [OCPCLOUD-1870](https://issues.redhat.com/browse/OCPCLOUD-1870): bump go 1.20, 1.26 deps for k8s/capi/capi providers [#118](https://github.com/openshift/cluster-capi-operator/pull/118) * [SPLAT-1084](https://issues.redhat.com/browse/SPLAT-1084): Remove IPAM CRD installation filter [#117](https://github.com/openshift/cluster-capi-operator/pull/117) * [OCPBUGS-9970](https://issues.redhat.com/browse/OCPBUGS-9970): Make infrastructureRef field required [#116](https://github.com/openshift/cluster-capi-operator/pull/116) * [OCPBUGS-13131](https://issues.redhat.com/browse/OCPBUGS-13131): Updating ose-cluster-capi-operator images to be consistent with ART [#112](https://github.com/openshift/cluster-capi-operator/pull/112) * [OCPBUGS-12572](https://issues.redhat.com/browse/OCPBUGS-12572): Bump x/net package to v0.9.0 [#113](https://github.com/openshift/cluster-capi-operator/pull/113) * [OCPBUGS-4147](https://issues.redhat.com/browse/OCPBUGS-4147): Enforce single Cluster in openshift-cluster-api namespace [#106](https://github.com/openshift/cluster-capi-operator/pull/106) * small sentence correction [#100](https://github.com/openshift/cluster-capi-operator/pull/100) * [OCPBUGS-10809](https://issues.redhat.com/browse/OCPBUGS-10809): feat: add workload annotations [#107](https://github.com/openshift/cluster-capi-operator/pull/107) * [OCPBUGS-10164](https://issues.redhat.com/browse/OCPBUGS-10164): Updating ose-cluster-capi-operator images to be consistent with ART [#104](https://github.com/openshift/cluster-capi-operator/pull/104) * Power VS version udpate [#105](https://github.com/openshift/cluster-capi-operator/pull/105) * [OCPCLOUD-1816](https://issues.redhat.com/browse/OCPCLOUD-1816): Bump CAPI, CAPI providers, go 1.19 [#101](https://github.com/openshift/cluster-capi-operator/pull/101) * [Full changelog](https://github.com/openshift/cluster-capi-operator/compare/b247793dd364f280ad097f5266b4164740e43a44...60cc3e65ff4817e43fe3114bccbbdb14374bac2c) ### [cluster-cloud-controller-manager-operator](https://github.com/openshift/cluster-cloud-controller-manager-operator/tree/a0b9c0d70748ff24de5a40874207de3ea5bfa91e) * [OCPBUGS-34556](https://issues.redhat.com/browse/OCPBUGS-34556): update azure and ash tolerations on node manager [#347](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/347) * [OCPBUGS-26548](https://issues.redhat.com/browse/OCPBUGS-26548): Adds CloudConfigTransformer for Azure [#321](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/321) * [OCPBUGS-21189](https://issues.redhat.com/browse/OCPBUGS-21189): Bump golang.org/x/net to v0.18.0 [#295](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/295) * [OCPBUGS-20552](https://issues.redhat.com/browse/OCPBUGS-20552): apply necessary RBAC for the alibaba cloud controller manager [#289](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/289) * [OCPBUGS-19790](https://issues.redhat.com/browse/OCPBUGS-19790): Additional permissions for internal load balancer on STS [#288](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/288) * [OCPBUGS-19849](https://issues.redhat.com/browse/OCPBUGS-19849): Set dual-stack IPFamilyPriority for vSphere [#283](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/283) * [OCPBUGS-19790](https://issues.redhat.com/browse/OCPBUGS-19790): Ensure subnets read permission for granular roles [#282](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/282) * [OCPCLOUD-2013](https://issues.redhat.com/browse/OCPCLOUD-2013): Move Azure Credentials Request to custom role [#274](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/274) * [OCPCLOUD-2149](https://issues.redhat.com/browse/OCPCLOUD-2149): Azure: CCM and node manager to use provided credentials instead of MSI. [#268](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/268) * [OCPBUGS-15154](https://issues.redhat.com/browse/OCPBUGS-15154): Prune provider permissions post move to use-service-account-credentials [#259](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/259) * OpenStack: Enable manage-security-groups by default [#264](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/264) * OpenStack: Extend owners [#266](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/266) * OpenStack: Set max-shared-lb to disable the feature [#263](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/263) * [OCPBUGS-16690](https://issues.redhat.com/browse/OCPBUGS-16690): Allow all NoSchedule taints for Azure CNM DaemonSet [#267](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/267) * OpenStack: Remove `use-octavia` from config [#262](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/262) * [OPNET-319](https://issues.redhat.com/browse/OPNET-319): Pass feature gates to vSphere and OpenStack providers [#256](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/256) * [OCPBUGS-14425](https://issues.redhat.com/browse/OCPBUGS-14425): Alibaba platforms should not be upgreadable [#257](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/257) * [CCO-324](https://issues.redhat.com/browse/CCO-324), [CCO-325](https://issues.redhat.com/browse/CCO-325): add support for workload identity [#245](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/245) * [OCPCLOUD-2010](https://issues.redhat.com/browse/OCPCLOUD-2010): Re-vendor api and library-go for external platform support [#253](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/253) * [OCPCLOUD-2052](https://issues.redhat.com/browse/OCPCLOUD-2052): Rebase to 1.27 [#252](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/252) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): [OCPCLOUD-2034] Update feature gate observation to use featuregateaccess [#249](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/249) * [OCPBUGS-12635](https://issues.redhat.com/browse/OCPBUGS-12635): fix: add workload annotation to deployments [#248](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/248) * [OCPBUGS-11284](https://issues.redhat.com/browse/OCPBUGS-11284): Add beta topology labels flag to Azure cloud node manager [#240](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/240) * Updating ose-cluster-cloud-controller-manager-operator images to be consistent with ART [#244](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/244) * Update golangci-lint package to 1.52.2 [#246](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/246) * Revert azure out of tree provider change [#242](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/242) * [OCPBUGS-8694](https://issues.redhat.com/browse/OCPBUGS-8694), [OCPCLOUD-1779](https://issues.redhat.com/browse/OCPCLOUD-1779): Set missed operator status in case of the 'External' platform type encountered [#233](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/233) * Reset library-go to openshift fork [#234](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/234) * [OCPBUGS-10138](https://issues.redhat.com/browse/OCPBUGS-10138): Updating ose-cluster-cloud-controller-manager-operator images to be consistent with ART [#235](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/235) * [OCPBUGS-8530](https://issues.redhat.com/browse/OCPBUGS-8530): add rbac permission for Nutanix CCM manager [#236](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/236) * Update library-go dependency to move Azure to out of tree [#231](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/231) * Update library-go dependency to move AWS to out of tree [#232](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/232) * [OCPCLOUD-1779](https://issues.redhat.com/browse/OCPCLOUD-1779): Prevent operator to provision operands if platform is set to 'External' [#230](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/230) * [Full changelog](https://github.com/openshift/cluster-cloud-controller-manager-operator/compare/38f638f020ff1e34d33fd44c42b0351912a74486...a0b9c0d70748ff24de5a40874207de3ea5bfa91e) ### [cluster-config-operator](https://github.com/openshift/cluster-config-operator/tree/2378670aee1858db6b1ff425a1d208eb7d73afec) * [OCPBUGS-44095](https://issues.redhat.com/browse/OCPBUGS-44095): Backport SDN live migration [#425](https://github.com/openshift/cluster-config-operator/pull/425) * [OCPBUGS-28649](https://issues.redhat.com/browse/OCPBUGS-28649): Add required PSa labels [#403](https://github.com/openshift/cluster-config-operator/pull/403) * NO-JIRA: add inert featuregate files to allow diff against later releases [#398](https://github.com/openshift/cluster-config-operator/pull/398) * [OCPBUGS-21653](https://issues.redhat.com/browse/OCPBUGS-21653): Update openshift/api package to latest version [#371](https://github.com/openshift/cluster-config-operator/pull/371) * : OCPBUGS-21286: bump library-go to include switch to HTTP/1.1 [#369](https://github.com/openshift/cluster-config-operator/pull/369) * [OCPBUGS-20439](https://issues.redhat.com/browse/OCPBUGS-20439): Remove Build CRD [#363](https://github.com/openshift/cluster-config-operator/pull/363) * [OCPBUGS-16726](https://issues.redhat.com/browse/OCPBUGS-16726): psa - move into tech preview for 4.14 [#354](https://github.com/openshift/cluster-config-operator/pull/354) * Revert "Bump to enable ValidatingAdmissionPolicy in tech preview." [#346](https://github.com/openshift/cluster-config-operator/pull/346) * Bump to enable ValidatingAdmissionPolicy in tech preview. [#343](https://github.com/openshift/cluster-config-operator/pull/343) * Bump openshift/api to add ValidatingAdmissionPolicy feature gate. [#340](https://github.com/openshift/cluster-config-operator/pull/340) * [OCPVE-626](https://issues.redhat.com/browse/OCPVE-626): bump(openshift/api@master) [#341](https://github.com/openshift/cluster-config-operator/pull/341) * [CFE-689](https://issues.redhat.com/browse/CFE-689): Update openshift/api package to latest version [#335](https://github.com/openshift/cluster-config-operator/pull/335) * [OCPBUGS-16614](https://issues.redhat.com/browse/OCPBUGS-16614): go.mod: bump openshift/api [#338](https://github.com/openshift/cluster-config-operator/pull/338) * [OCPBUGS-16614](https://issues.redhat.com/browse/OCPBUGS-16614): go.mod: update openshift/api [#334](https://github.com/openshift/cluster-config-operator/pull/334) * [OCPBUGS-16507](https://issues.redhat.com/browse/OCPBUGS-16507): bump sigs.k8s.io/kube-storage-version-migrator [#333](https://github.com/openshift/cluster-config-operator/pull/333) * [OCPCLOUD-2010](https://issues.redhat.com/browse/OCPCLOUD-2010): Remove feature gate for external platform [#331](https://github.com/openshift/cluster-config-operator/pull/331) * [SDN-4024](https://issues.redhat.com/browse/SDN-4024): Vendor openshift/api to get ANP feature-gate changes [#330](https://github.com/openshift/cluster-config-operator/pull/330) * Promote privateHostedZoneAWS from Tech Preview to Default [#328](https://github.com/openshift/cluster-config-operator/pull/328) * Update openshift/api [#327](https://github.com/openshift/cluster-config-operator/pull/327) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Promote Azure CCM from TPNU to default [#307](https://github.com/openshift/cluster-config-operator/pull/307) * [OCPBUGS-15877](https://issues.redhat.com/browse/OCPBUGS-15877): go upgradeable=false when latencysensitive is used and not corrected [#325](https://github.com/openshift/cluster-config-operator/pull/325) * Enable feature gate for externalCertificate on Route API [#326](https://github.com/openshift/cluster-config-operator/pull/326) * stomp the latencysensitive featureset for equivalent default [#324](https://github.com/openshift/cluster-config-operator/pull/324) * [WRKLDS-757](https://issues.redhat.com/browse/WRKLDS-757): Sync with openshift/api to drop MatchLabelKeysInPodTopologySpread from TechPreviewNoUpgrade [#322](https://github.com/openshift/cluster-config-operator/pull/322) * [SPLAT-1099](https://issues.redhat.com/browse/SPLAT-1099): bump openshift/api for vSphere static IP feature gate and platform spec [#323](https://github.com/openshift/cluster-config-operator/pull/323) * remove dead flag for file [#309](https://github.com/openshift/cluster-config-operator/pull/309) * Changes to move to api@2d36f53 [#321](https://github.com/openshift/cluster-config-operator/pull/321) * [OCPBUGS-12767](https://issues.redhat.com/browse/OCPBUGS-12767): Add CustomNoUpgrade CRD versions to payload [#320](https://github.com/openshift/cluster-config-operator/pull/320) * [OCPCLOUD-2010](https://issues.redhat.com/browse/OCPCLOUD-2010): Re-vendor api to support external platform [#306](https://github.com/openshift/cluster-config-operator/pull/306) * Update openshift/api to disable EventedPLEG featuregate in techpreview [#317](https://github.com/openshift/cluster-config-operator/pull/317) * update openshift/api for types and gates [#316](https://github.com/openshift/cluster-config-operator/pull/316) * Update github.com/openshift/api to pull in evented pleg and sigstore feature flags [#312](https://github.com/openshift/cluster-config-operator/pull/312) * Update github.com/openshift/api to pull in feature gates [#311](https://github.com/openshift/cluster-config-operator/pull/311) * [OCPBUGS-6266](https://issues.redhat.com/browse/OCPBUGS-6266): Rename config-operator_00_namespace run level to 00 [#303](https://github.com/openshift/cluster-config-operator/pull/303) * Update library-go dependency [#305](https://github.com/openshift/cluster-config-operator/pull/305) * Add JoelSpeed to owners [#302](https://github.com/openshift/cluster-config-operator/pull/302) * Update API and library-go [#301](https://github.com/openshift/cluster-config-operator/pull/301) * Require consistency in rendered artifacts [#299](https://github.com/openshift/cluster-config-operator/pull/299) * specify all known featureGates in disabled [#297](https://github.com/openshift/cluster-config-operator/pull/297) * update render to handle directories of manifests [#295](https://github.com/openshift/cluster-config-operator/pull/295) * adjust to refined openshift/api types [#296](https://github.com/openshift/cluster-config-operator/pull/296) * update ordering and featuregates [#294](https://github.com/openshift/cluster-config-operator/pull/294) * add featuregate status [#288](https://github.com/openshift/cluster-config-operator/pull/288) * Updating ose-cluster-config-operator images to be consistent with ART [#287](https://github.com/openshift/cluster-config-operator/pull/287) * [OCPBUGS-10037](https://issues.redhat.com/browse/OCPBUGS-10037): update openshift/api to get new apiserver schema [#289](https://github.com/openshift/cluster-config-operator/pull/289) * [Full changelog](https://github.com/openshift/cluster-config-operator/compare/a6d56530c7156bef726005d640c3ded3565104ec...2378670aee1858db6b1ff425a1d208eb7d73afec) ### [cluster-control-plane-machine-set-operator](https://github.com/openshift/cluster-control-plane-machine-set-operator/tree/783d9dd134451c12f0c1abf7e53c30b61ddd74bf) * [OCPBUGS-48211](https://issues.redhat.com/browse/OCPBUGS-48211): Add unreadyNodeGracePeriod for allowing brief node hiccups [#340](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/340) * [CFE-1087](https://issues.redhat.com/browse/CFE-1087): API Bump for capacity Reservation [#319](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/319) * [OCPBUGS-35520](https://issues.redhat.com/browse/OCPBUGS-35520): Wait for ControlPlaneMachineSet to be created when waiting for it to be updated [#309](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/309) * [OCPBUGS-35338](https://issues.redhat.com/browse/OCPBUGS-35338): Improved debugging of API listing errors [#303](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/303) * [OCPBUGS-30014](https://issues.redhat.com/browse/OCPBUGS-30014): Never delete a Machine when there's a single Machine in an index [#283](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/283) * [OCPBUGS-20566](https://issues.redhat.com/browse/OCPBUGS-20566): webhooks: set min version TLS 1.2 + exclude weak ciphersuites [#254](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/254) * [OCPBUGS-21384](https://issues.redhat.com/browse/OCPBUGS-21384): Bump golang.org/x/net to v0.17.0 [#256](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/256) * [OCPBUGS-20408](https://issues.redhat.com/browse/OCPBUGS-20408): fix: e2e: add gcp custom type to test framework [#247](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/247) * [OCPBUGS-18056](https://issues.redhat.com/browse/OCPBUGS-18056): Address long acquire times during upgrade [#237](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/237) * [OCPBUGS-18013](https://issues.redhat.com/browse/OCPBUGS-18013): Enhance wehbooks to dry run machine creation to validate provider spec [#230](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/230) * Revert "OCPCLOUD-2130: Add subnet to Azure FD, fix for optional fields in FD" [#233](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/233) * [OCPCLOUD-2130](https://issues.redhat.com/browse/OCPCLOUD-2130): Add subnet to Azure FD, fix for optional fields in FD [#229](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/229) * test/e2e: override `RootVolume.VolumeType` to "" [#232](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/232) * openstack: volumeType is now required [#231](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/231) * manifests: Shift from run level 31 to 30 [#227](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/227) * vendoring: update openshift/api [#226](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/226) * e2e: OpenStack CPMS created automatically [#224](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/224) * [OSASINFRA-3180](https://issues.redhat.com/browse/OSASINFRA-3180): openstack: volume type in failure domain [#217](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/217) * Bump openshift/api package [#223](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/223) * [OSASINFRA-3133](https://issues.redhat.com/browse/OSASINFRA-3133): OpenStack support [#195](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/195) * [OCPBUGS-15338](https://issues.redhat.com/browse/OCPBUGS-15338): Fix flaking machine mapping testing [#220](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/220) * add capability annotation [#205](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/205) * [OCPBUGS-15308](https://issues.redhat.com/browse/OCPBUGS-15308): Fix lint issue [#221](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/221) * docs: Off-by-one error [#201](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/201) * [OCPCLOUD-2016](https://issues.redhat.com/browse/OCPCLOUD-2016): Surface cpms vs machine diff [#180](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/180) * [OCPBUGS-13205](https://issues.redhat.com/browse/OCPBUGS-13205): Check for unknown fields in the provider spec [#214](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/214) * Add Nutanix support for CPMSO [#200](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/200) * [OCPCLOUD-2042](https://issues.redhat.com/browse/OCPCLOUD-2042): Update dependencies to K8s v1.27, go v1.20 [#213](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/213) * [OCPBUGS-7516](https://issues.redhat.com/browse/OCPBUGS-7516): fix double machine creation on stale cache [#207](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/207) * [OCPBUGS-12110](https://issues.redhat.com/browse/OCPBUGS-12110): Updating ose-cluster-control-plane-machine-set-operator images to be consistent with ART [#202](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/202) * [OCPBUGS-12769](https://issues.redhat.com/browse/OCPBUGS-12769): Update golangci-lint package to 1.52.2 [#203](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/203) * [OCPBUGS-12240](https://issues.redhat.com/browse/OCPBUGS-12240): Run `make crds-sync` [#199](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/199) * [OCPBUGS-7921](https://issues.redhat.com/browse/OCPBUGS-7921): Prioritise machine mapping over alphabetical mapping [#196](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/196) * Inject a failure domain into a dry-run created machine [#191](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/191) * [OCPBUGS-11369](https://issues.redhat.com/browse/OCPBUGS-11369): E2E periodics test timeout failures improvement [#179](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/179) * [OCPBUGS-11389](https://issues.redhat.com/browse/OCPBUGS-11389): Use PlatformStatus instead of PlatformSpec to determine platform [#185](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/185) * [OCPBUGS-2960](https://issues.redhat.com/browse/OCPBUGS-2960): Check ProviderSpec before generating MachineInfo [#175](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/175) * [OCPBUGS-11142](https://issues.redhat.com/browse/OCPBUGS-11142): controlplanemachineset: start watching control plane nodes [#182](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/182) * Updating ose-cluster-control-plane-machine-set-operator images to be consistent with ART [#176](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/176) * [OCPBUGS-10032](https://issues.redhat.com/browse/OCPBUGS-10032): updates: manually requeue when waiting for replicas being ready [#177](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/177) * [OCPBUGS-7989](https://issues.redhat.com/browse/OCPBUGS-7989): machine's node must be ready for CPMS machine to be ready [#171](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/171) * [OCPCLOUD-1990](https://issues.redhat.com/browse/OCPCLOUD-1990): Update supported platforms in docs [#172](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/172) * [Full changelog](https://github.com/openshift/cluster-control-plane-machine-set-operator/compare/c5fb62818751e8372d1febd631d9671d83f62962...783d9dd134451c12f0c1abf7e53c30b61ddd74bf) ### [cluster-csi-snapshot-controller-operator](https://github.com/openshift/cluster-csi-snapshot-controller-operator/tree/d4a1162514ecbf248b04e6e8625d17bc2b775ccd) * [OCPBUGS-31886](https://issues.redhat.com/browse/OCPBUGS-31886): create suitable role and roleBinding for csi-snapshot-webhook [#205](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/205) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#174](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/174) * [OCPBUGS-21477](https://issues.redhat.com/browse/OCPBUGS-21477): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#167](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/167) * [OCPBUGS-18801](https://issues.redhat.com/browse/OCPBUGS-18801): Move readonlyRootFilesystem to the right place - 4.14 [#162](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/162) * [HOSTEDCP-1063](https://issues.redhat.com/browse/HOSTEDCP-1063): allow webhooks in hosted clusters to reach csi-snapshot-webhook service [#155](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/155) * [OCPBUGS-3680](https://issues.redhat.com/browse/OCPBUGS-3680): Set readOnlyRootFilesystem to false [#154](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/154) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#152](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/152) * [OCPBUGS-16508](https://issues.redhat.com/browse/OCPBUGS-16508): Bump library-go to remove dependency on goproxy [#153](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/153) * [OCPBUGS-12576](https://issues.redhat.com/browse/OCPBUGS-12576), [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#151](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/151) * Updating ose-cluster-csi-snapshot-controller-operator images to be consistent with ART [#150](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/150) * [OCPBUGS-8691](https://issues.redhat.com/browse/OCPBUGS-8691): Hypershift: set Deployment properties [#146](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/146) * Updating ose-cluster-csi-snapshot-controller-operator images to be consistent with ART [#144](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/144) * [OCPBUGS-8330](https://issues.redhat.com/browse/OCPBUGS-8330): Add imagePullSecret to all Pods in a hosted control plane [#142](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/142) * [Full changelog](https://github.com/openshift/cluster-csi-snapshot-controller-operator/compare/c068540d9976ba0fd272e2848de9b0d31a2b7a17...d4a1162514ecbf248b04e6e8625d17bc2b775ccd) ### [cluster-dns-operator](https://github.com/openshift/cluster-dns-operator/tree/0164e3c4464f03d5ddbbba5d426f4bf02822753d) * [OCPBUGS-52500](https://issues.redhat.com/browse/OCPBUGS-52500): [release-4.14] Add runbook_url for CoreDNSErrorsHigh [#433](https://github.com/openshift/cluster-dns-operator/pull/433) * [OCPBUGS-5943](https://issues.redhat.com/browse/OCPBUGS-5943): Enable topology-aware hints iff nodes in >=2 zones [#416](https://github.com/openshift/cluster-dns-operator/pull/416) * [OCPBUGS-5943](https://issues.redhat.com/browse/OCPBUGS-5943): Ignore max unavailable for status [#400](https://github.com/openshift/cluster-dns-operator/pull/400) * [OCPBUGS-21541](https://issues.redhat.com/browse/OCPBUGS-21541): Bump golang.org/x/net/http2 to v0.17.0 for CVE-2023-39325 in cluster-dns-operator [#389](https://github.com/openshift/cluster-dns-operator/pull/389) * [OCPBUGS-18034](https://issues.redhat.com/browse/OCPBUGS-18034): Only bump lastTransitionTime on 'status' changes [#375](https://github.com/openshift/cluster-dns-operator/pull/375) * [OCPBUGS-15605](https://issues.redhat.com/browse/OCPBUGS-15605): Update bufsize to 1232 bytes [#370](https://github.com/openshift/cluster-dns-operator/pull/370) * [OCPBUGS-13209](https://issues.redhat.com/browse/OCPBUGS-13209): Revert "Set DNS DaemonSet's maxSurge value to 10%" [#379](https://github.com/openshift/cluster-dns-operator/pull/379) * [NE-1268](https://issues.redhat.com/browse/NE-1268): Replace bindata using embed [#361](https://github.com/openshift/cluster-dns-operator/pull/361) * [OCPBUGS-12863](https://issues.redhat.com/browse/OCPBUGS-12863): Replace Bugzilla link with Red Hat Issue Tracker [#374](https://github.com/openshift/cluster-dns-operator/pull/374) * [OCPBUGS-14395](https://issues.redhat.com/browse/OCPBUGS-14395): Set controller-runtime logger to a null logger [#369](https://github.com/openshift/cluster-dns-operator/pull/369) * [OCPBUGS-6829](https://issues.redhat.com/browse/OCPBUGS-6829): Add support for protocolStrategy API field to enable force_tcp configuration [#359](https://github.com/openshift/cluster-dns-operator/pull/359) * [OCPBUGS-13965](https://issues.redhat.com/browse/OCPBUGS-13965): Bump vendors k8s libraries to 0.27.2 [#368](https://github.com/openshift/cluster-dns-operator/pull/368) * [OCPBUGS-13099](https://issues.redhat.com/browse/OCPBUGS-13099): Updating ose-cluster-dns-operator images to be consistent with ART [#363](https://github.com/openshift/cluster-dns-operator/pull/363) * [OCPBUGS-12859](https://issues.redhat.com/browse/OCPBUGS-12859): deflake TestDNSLogging [#365](https://github.com/openshift/cluster-dns-operator/pull/365) * [OCPBUGS-5943](https://issues.redhat.com/browse/OCPBUGS-5943): Enable topology-aware hints if, and only if, nodes have zones [#364](https://github.com/openshift/cluster-dns-operator/pull/364) * [OCPBUGS-5943](https://issues.redhat.com/browse/OCPBUGS-5943): Set DNS DaemonSet's maxSurge value to 10% [#358](https://github.com/openshift/cluster-dns-operator/pull/358) * [OCPBUGS-10080](https://issues.redhat.com/browse/OCPBUGS-10080): Updating ose-cluster-dns-operator images to be consistent with ART [#357](https://github.com/openshift/cluster-dns-operator/pull/357) * [Full changelog](https://github.com/openshift/cluster-dns-operator/compare/65a8fdac5800978f535260997def3e58245f814b...0164e3c4464f03d5ddbbba5d426f4bf02822753d) ### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/9abf7d22b5fda0e06fb1f9a2fa90caaa09d5a932) * [OCPBUGS-53507](https://issues.redhat.com/browse/OCPBUGS-53507): fix CVE-2025-30204 [#1405](https://github.com/openshift/cluster-etcd-operator/pull/1405) * [OCPBUGS-34495](https://issues.redhat.com/browse/OCPBUGS-34495): return errors in wait-for-ceo [#1266](https://github.com/openshift/cluster-etcd-operator/pull/1266) * [OCPBUGS-31392](https://issues.redhat.com/browse/OCPBUGS-31392): remove etcd-health-probe log [#1258](https://github.com/openshift/cluster-etcd-operator/pull/1258) * [OCPBUGS-31972](https://issues.redhat.com/browse/OCPBUGS-31972): update golang x net [#1254](https://github.com/openshift/cluster-etcd-operator/pull/1254) * [OCPBUGS-31428](https://issues.redhat.com/browse/OCPBUGS-31428): CEO aliveness check should only detect deadlocks [#1231](https://github.com/openshift/cluster-etcd-operator/pull/1231) * [OCPBUGS-30067](https://issues.redhat.com/browse/OCPBUGS-30067): fix panic in health check timeouts [#1213](https://github.com/openshift/cluster-etcd-operator/pull/1213) * [OCPBUGS-30012](https://issues.redhat.com/browse/OCPBUGS-30012): Replace nodelister with master nodelister everywhere [#1211](https://github.com/openshift/cluster-etcd-operator/pull/1211) * [OCPBUGS-23571](https://issues.redhat.com/browse/OCPBUGS-23571): Add annotation in the etcd-guard static pod for worklo… [#1162](https://github.com/openshift/cluster-etcd-operator/pull/1162) * [OCPBUGS-26214](https://issues.redhat.com/browse/OCPBUGS-26214): fix device busy errors [#1176](https://github.com/openshift/cluster-etcd-operator/pull/1176) * Revert "[release-4.14] OCPBUGS-21802: remove revision stability check from bootstrap complet…" [#1168](https://github.com/openshift/cluster-etcd-operator/pull/1168) * [OCPBUGS-22477](https://issues.redhat.com/browse/OCPBUGS-22477): Remove z-upgrades from UpgradeBackupController [#1140](https://github.com/openshift/cluster-etcd-operator/pull/1140) * [OCPBUGS-21802](https://issues.redhat.com/browse/OCPBUGS-21802): remove revision stability check from bootstrap complet… [#1138](https://github.com/openshift/cluster-etcd-operator/pull/1138) * [OCPBUGS-21175](https://issues.redhat.com/browse/OCPBUGS-21175): fixing CVE-2023-39325 by updating dependencies [#1142](https://github.com/openshift/cluster-etcd-operator/pull/1142) * [OCPBUGS-19499](https://issues.redhat.com/browse/OCPBUGS-19499): prioritize podman pull in etcdctl dl [#1133](https://github.com/openshift/cluster-etcd-operator/pull/1133) * [OCPBUGS-20245](https://issues.redhat.com/browse/OCPBUGS-20245): relax readiness to local serializable requests [#1135](https://github.com/openshift/cluster-etcd-operator/pull/1135) * [OCPBUGS-19499](https://issues.redhat.com/browse/OCPBUGS-19499): Avoid caching etcdctl on cluster-backup.sh [#1120](https://github.com/openshift/cluster-etcd-operator/pull/1120) * [OCPBUGS-19910](https://issues.redhat.com/browse/OCPBUGS-19910): introduce backup removal controller [#1127](https://github.com/openshift/cluster-etcd-operator/pull/1127) * [OCPBUGS-19553](https://issues.redhat.com/browse/OCPBUGS-19553): Update static pod manifests perms [#1122](https://github.com/openshift/cluster-etcd-operator/pull/1122) * [OCPBUGS-19002](https://issues.redhat.com/browse/OCPBUGS-19002): restore the correct static pod list [#1112](https://github.com/openshift/cluster-etcd-operator/pull/1112) * [OCPBUGS-18781](https://issues.redhat.com/browse/OCPBUGS-18781): prepend authfile to podman create [#1106](https://github.com/openshift/cluster-etcd-operator/pull/1106) * [ETCD-458](https://issues.redhat.com/browse/ETCD-458): Add etcd pod tuning configuration from api [#1086](https://github.com/openshift/cluster-etcd-operator/pull/1086) * add e2e test for cronjob reconciliation failures [#1098](https://github.com/openshift/cluster-etcd-operator/pull/1098) * add pvc validation and e2e tests [#1096](https://github.com/openshift/cluster-etcd-operator/pull/1096) * add backup skip e2e test [#1095](https://github.com/openshift/cluster-etcd-operator/pull/1095) * e2e test for size retention [#1093](https://github.com/openshift/cluster-etcd-operator/pull/1093) * [OCPBUGS-16889](https://issues.redhat.com/browse/OCPBUGS-16889): machine api check: rely on status more than baseline [#1094](https://github.com/openshift/cluster-etcd-operator/pull/1094) * add processed label to skipped backups [#1092](https://github.com/openshift/cluster-etcd-operator/pull/1092) * update overview slides [#1091](https://github.com/openshift/cluster-etcd-operator/pull/1091) * [ETCD-460](https://issues.redhat.com/browse/ETCD-460): add basic backup e2e tests [#1089](https://github.com/openshift/cluster-etcd-operator/pull/1089) * add backup pv pvc yaml [#1090](https://github.com/openshift/cluster-etcd-operator/pull/1090) * [ETCD-448](https://issues.redhat.com/browse/ETCD-448): add init container [#1088](https://github.com/openshift/cluster-etcd-operator/pull/1088) * Add cmd for creating EtcdBackup CR and use in CronJob [#1084](https://github.com/openshift/cluster-etcd-operator/pull/1084) * [OCPBUGS-16889](https://issues.redhat.com/browse/OCPBUGS-16889): handle optional machineAPI [#1083](https://github.com/openshift/cluster-etcd-operator/pull/1083) * [ETCD-448](https://issues.redhat.com/browse/ETCD-448): add backup pruning cmd [#1081](https://github.com/openshift/cluster-etcd-operator/pull/1081) * add informers to new backup controllers (gate by restart) [#1082](https://github.com/openshift/cluster-etcd-operator/pull/1082) * dump all goroutines, not the current stack [#1079](https://github.com/openshift/cluster-etcd-operator/pull/1079) * [OCPBUGS-16445](https://issues.redhat.com/browse/OCPBUGS-16445): bump library-go [#1077](https://github.com/openshift/cluster-etcd-operator/pull/1077) * [OCPBUGS-16688](https://issues.redhat.com/browse/OCPBUGS-16688): update golang.org/x/net/http2 [#1076](https://github.com/openshift/cluster-etcd-operator/pull/1076) * [ETCD-446](https://issues.redhat.com/browse/ETCD-446): add periodic backup controller [#1074](https://github.com/openshift/cluster-etcd-operator/pull/1074) * [OCPBUGS-15327](https://issues.redhat.com/browse/OCPBUGS-15327): reset snapshot default counts to avoid file already lo… [#1067](https://github.com/openshift/cluster-etcd-operator/pull/1067) * [ETCD-436](https://issues.redhat.com/browse/ETCD-436): backup controller [#1066](https://github.com/openshift/cluster-etcd-operator/pull/1066) * add rev bumps and etcdutl [#1072](https://github.com/openshift/cluster-etcd-operator/pull/1072) * [MON-669](https://issues.redhat.com/browse/MON-669): Add etcd ServiceMonitor, before that was managed by cluster-… [#1070](https://github.com/openshift/cluster-etcd-operator/pull/1070) * Integrate feature flags in CEO (revised) [#1071](https://github.com/openshift/cluster-etcd-operator/pull/1071) * Revert "Integrate feature flags in CEO" [#1069](https://github.com/openshift/cluster-etcd-operator/pull/1069) * Integrate feature flags in CEO [#1062](https://github.com/openshift/cluster-etcd-operator/pull/1062) * [OCPBUGS-15256](https://issues.redhat.com/browse/OCPBUGS-15256): Sync openshift/api to reduce installerpod configmap based file permissions to 0600 [#1065](https://github.com/openshift/cluster-etcd-operator/pull/1065) * Limit etcdDatabaseHighFragmentationRatio to 100MB+ [#1063](https://github.com/openshift/cluster-etcd-operator/pull/1063) * manifests: bump loglevel of operator to normal [#1060](https://github.com/openshift/cluster-etcd-operator/pull/1060) * Remove unused cli docker image [#1053](https://github.com/openshift/cluster-etcd-operator/pull/1053) * [OCPBUGS-14255](https://issues.redhat.com/browse/OCPBUGS-14255): Add Controller health to CEO liveness probe [#1049](https://github.com/openshift/cluster-etcd-operator/pull/1049) * [OCPBUGS-14296](https://issues.redhat.com/browse/OCPBUGS-14296): skip unstartedEtcdMember event [#1059](https://github.com/openshift/cluster-etcd-operator/pull/1059) * [OCPBUGS-14323](https://issues.redhat.com/browse/OCPBUGS-14323): Change manifest directory permissions [#1058](https://github.com/openshift/cluster-etcd-operator/pull/1058) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Remove featureset flag and use only the manifest [#1054](https://github.com/openshift/cluster-etcd-operator/pull/1054) * [OCPBUGS-14254](https://issues.redhat.com/browse/OCPBUGS-14254): Restore script improvements [#1057](https://github.com/openshift/cluster-etcd-operator/pull/1057) * [OCPBUGS-12044](https://issues.redhat.com/browse/OCPBUGS-12044): Update 4.14 cluster-etcd-operator image to be consiste… [#1047](https://github.com/openshift/cluster-etcd-operator/pull/1047) * [OCPBUGS-10899](https://issues.redhat.com/browse/OCPBUGS-10899): BIP: use hostname in bootstrap pod name [#1035](https://github.com/openshift/cluster-etcd-operator/pull/1035) * [OCPBUGS-10568](https://issues.redhat.com/browse/OCPBUGS-10568): migrate to using lease objects for leader election [#1030](https://github.com/openshift/cluster-etcd-operator/pull/1030) * fix TestAttemptToScaleDown/scale_down_only_by_one_machine_at_a_time f… [#1029](https://github.com/openshift/cluster-etcd-operator/pull/1029) * Updating cluster-etcd-operator images to be consistent with ART [#1021](https://github.com/openshift/cluster-etcd-operator/pull/1021) * add resource removal by CVO [#1017](https://github.com/openshift/cluster-etcd-operator/pull/1017) * And 5 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/c46a23ef3c5724b51a8bbae4174eb34f4437882b...9abf7d22b5fda0e06fb1f9a2fa90caaa09d5a932) ### [cluster-image-registry-operator](https://github.com/openshift/cluster-image-registry-operator/tree/e858d0e42c044d0dc43e292219a5713c5b713e25) * [OCPBUGS-53867](https://issues.redhat.com/browse/OCPBUGS-53867): Bump github.com/golang-jwt/jwt [#1229](https://github.com/openshift/cluster-image-registry-operator/pull/1229) * [OCPBUGS-53867](https://issues.redhat.com/browse/OCPBUGS-53867): Bump github.com/golang-jwt/jwt [#1224](https://github.com/openshift/cluster-image-registry-operator/pull/1224) * [OCPBUGS-51598](https://issues.redhat.com/browse/OCPBUGS-51598): bump golang.org/x/oauth2 [#1213](https://github.com/openshift/cluster-image-registry-operator/pull/1213) * [OCPBUGS-51312](https://issues.redhat.com/browse/OCPBUGS-51312): ensure that storage names don't end in dashes [#1185](https://github.com/openshift/cluster-image-registry-operator/pull/1185) * [OCPBUGS-44048](https://issues.redhat.com/browse/OCPBUGS-44048): fix proxy config and leader election test flakes [#1153](https://github.com/openshift/cluster-image-registry-operator/pull/1153) * [OCPBUGS-44002](https://issues.redhat.com/browse/OCPBUGS-44002): Continuous pull-secret updates / slow initialization on build01 (test platform infrastructure) [#1152](https://github.com/openshift/cluster-image-registry-operator/pull/1152) * [OCPBUGS-42935](https://issues.redhat.com/browse/OCPBUGS-42935): azureclient: stop validating credentials when creating the client [#1137](https://github.com/openshift/cluster-image-registry-operator/pull/1137) * [OCPBUGS-39100](https://issues.redhat.com/browse/OCPBUGS-39100): Avoid Shared Access Key usage for Azure Storage Account when using Managed Identity based auth [#1114](https://github.com/openshift/cluster-image-registry-operator/pull/1114) * [OCPBUGS-36035](https://issues.redhat.com/browse/OCPBUGS-36035): go.*,vendor: bump go-retryablehttp [#1069](https://github.com/openshift/cluster-image-registry-operator/pull/1069) * [OCPBUGS-33147](https://issues.redhat.com/browse/OCPBUGS-33147): azure-path-fix: get client secret from k8s secret [#1058](https://github.com/openshift/cluster-image-registry-operator/pull/1058) * [OCPBUGS-34668](https://issues.redhat.com/browse/OCPBUGS-34668): pkg/storage/s3: use force path style in favour of virtual hosted style config [#1051](https://github.com/openshift/cluster-image-registry-operator/pull/1051) * [OCPBUGS-33409](https://issues.redhat.com/browse/OCPBUGS-33409): azurepathfix: check if platform status is nil before accessing it [#1033](https://github.com/openshift/cluster-image-registry-operator/pull/1033) * [OCPBUGS-32450](https://issues.redhat.com/browse/OCPBUGS-32450): azure-path-fix: support auth via account key (without clientID) [#1023](https://github.com/openshift/cluster-image-registry-operator/pull/1023) * [OCPBUGS-31857](https://issues.redhat.com/browse/OCPBUGS-31857): bump aws-sdk-go from v1.44 to v1.50 [#1018](https://github.com/openshift/cluster-image-registry-operator/pull/1018) * [OCPBUGS-28989](https://issues.redhat.com/browse/OCPBUGS-28989): pkg/storage/s3: enable bucket key on encryption settings [#995](https://github.com/openshift/cluster-image-registry-operator/pull/995) * [OCPBUGS-29755](https://issues.redhat.com/browse/OCPBUGS-29755): azurepathfix: fix stack hub, government and workload identity setup [#1005](https://github.com/openshift/cluster-image-registry-operator/pull/1005) * [OCPBUGS-29604](https://issues.redhat.com/browse/OCPBUGS-29604): move azure storage blobs from `docker` back into `/docker` [#1001](https://github.com/openshift/cluster-image-registry-operator/pull/1001) * [OCPBUGS-22127](https://issues.redhat.com/browse/OCPBUGS-22127): increase storage account key cache expiration [#941](https://github.com/openshift/cluster-image-registry-operator/pull/941) * [OCPBUGS-20710](https://issues.redhat.com/browse/OCPBUGS-20710): mitigate effects of rapid reset [#942](https://github.com/openshift/cluster-image-registry-operator/pull/942) * [OCPBUGS-18794](https://issues.redhat.com/browse/OCPBUGS-18794): check if response is nil before using it [#917](https://github.com/openshift/cluster-image-registry-operator/pull/917) * [OCPVE-632](https://issues.redhat.com/browse/OCPVE-632): add capability annotations to manifests [#856](https://github.com/openshift/cluster-image-registry-operator/pull/856) * [OCPBUGS-17882](https://issues.redhat.com/browse/OCPBUGS-17882): Add rbac permission IDMS, ITMS [#891](https://github.com/openshift/cluster-image-registry-operator/pull/891) * [TRT-1193](https://issues.redhat.com/browse/TRT-1193): Revert "IR-373: remove node-ca daemon" [#899](https://github.com/openshift/cluster-image-registry-operator/pull/899) * [CFE-846](https://issues.redhat.com/browse/CFE-846): Add user defined tags to the GCP buckets created [#873](https://github.com/openshift/cluster-image-registry-operator/pull/873) * [IR-373](https://issues.redhat.com/browse/IR-373): remove node-ca daemon [#867](https://github.com/openshift/cluster-image-registry-operator/pull/867) * build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.4 [#877](https://github.com/openshift/cluster-image-registry-operator/pull/877) * build(deps): bump the k8s-dependencies group with 1 update [#895](https://github.com/openshift/cluster-image-registry-operator/pull/895) * [IR-363](https://issues.redhat.com/browse/IR-363): Update Azure Credentials Request manifest of the Cluster Image Registry Operator to use new API field for requesting permissions [#890](https://github.com/openshift/cluster-image-registry-operator/pull/890) * build(deps): bump github.com/prometheus/common from 0.37.0 to 0.44.0 [#878](https://github.com/openshift/cluster-image-registry-operator/pull/878) * [CFE-682](https://issues.redhat.com/browse/CFE-682): Add user defined labels to the GCP buckets created [#872](https://github.com/openshift/cluster-image-registry-operator/pull/872) * [CFE-682](https://issues.redhat.com/browse/CFE-682): Update openshift/api package to latest version [#887](https://github.com/openshift/cluster-image-registry-operator/pull/887) * [IR-390](https://issues.redhat.com/browse/IR-390): Make a configmap for MCO to consume CAs [#880](https://github.com/openshift/cluster-image-registry-operator/pull/880) * build(deps): bump github.com/aws/aws-sdk-go from 1.44.291 to 1.44.298 [#879](https://github.com/openshift/cluster-image-registry-operator/pull/879) * build(deps): bump golang.org/x/net from 0.8.0 to 0.11.0 [#871](https://github.com/openshift/cluster-image-registry-operator/pull/871) * build(deps): bump github.com/aliyun/aliyun-oss-go-sdk from 2.1.10+incompatible to 2.2.7+incompatible [#869](https://github.com/openshift/cluster-image-registry-operator/pull/869) * .github/dependabot.yml: group certain dependencies [#865](https://github.com/openshift/cluster-image-registry-operator/pull/865) * [IR-389](https://issues.redhat.com/browse/IR-389): bump aws-sdk-go [#860](https://github.com/openshift/cluster-image-registry-operator/pull/860) * .github: configure dependabot [#861](https://github.com/openshift/cluster-image-registry-operator/pull/861) * [IR-369](https://issues.redhat.com/browse/IR-369), [IR-370](https://issues.redhat.com/browse/IR-370): support Azure workload identity [#857](https://github.com/openshift/cluster-image-registry-operator/pull/857) * [OCPBUGS-12132](https://issues.redhat.com/browse/OCPBUGS-12132): Updating ose-cluster-image-registry-operator images to be consistent with ART [#854](https://github.com/openshift/cluster-image-registry-operator/pull/854) * Updating ose-cluster-image-registry-operator images to be consistent with ART [#849](https://github.com/openshift/cluster-image-registry-operator/pull/849) * [OCPBUGS-8224](https://issues.redhat.com/browse/OCPBUGS-8224): fix storage selection on IBM cloud [#847](https://github.com/openshift/cluster-image-registry-operator/pull/847) * [Full changelog](https://github.com/openshift/cluster-image-registry-operator/compare/6e62a8590840cd2242e198d8d9acfe6afdc7c8b4...e858d0e42c044d0dc43e292219a5713c5b713e25) ### [cluster-ingress-operator](https://github.com/openshift/cluster-ingress-operator/tree/e302d85665274cb299d873eb624867384e5c37b1) * [OCPBUGS-36467](https://issues.redhat.com/browse/OCPBUGS-36467): Allow operator to update Route spec.subdomain [#1101](https://github.com/openshift/cluster-ingress-operator/pull/1101) * [OCPBUGS-36555](https://issues.redhat.com/browse/OCPBUGS-36555): Implement connect timeout tuning option [#1105](https://github.com/openshift/cluster-ingress-operator/pull/1105) * [OCPBUGS-36461](https://issues.redhat.com/browse/OCPBUGS-36461): Add Regexp Anchor to TestAll [#1098](https://github.com/openshift/cluster-ingress-operator/pull/1098) * [OCPBUGS-35399](https://issues.redhat.com/browse/OCPBUGS-35399): Internal service changed: fix target port logic [#1086](https://github.com/openshift/cluster-ingress-operator/pull/1086) * [OCPBUGS-34973](https://issues.redhat.com/browse/OCPBUGS-34973): TestHostNetworkPortBinding: Delete t.Parallel() [#1077](https://github.com/openshift/cluster-ingress-operator/pull/1077) * [OCPBUGS-34410](https://issues.redhat.com/browse/OCPBUGS-34410): Don't add clientca-configmap finalizer if deleting [#1063](https://github.com/openshift/cluster-ingress-operator/pull/1063) * [OCPBUGS-34407](https://issues.redhat.com/browse/OCPBUGS-34407): Use centos7 tag for quay.io/centos7/httpd-24-centos7 image [#1061](https://github.com/openshift/cluster-ingress-operator/pull/1061) * [OCPBUGS-20800](https://issues.redhat.com/browse/OCPBUGS-20800): Bump golang.org/x/net for CVE-2023-44487 [#986](https://github.com/openshift/cluster-ingress-operator/pull/986) * [OCPBUGS-21898](https://issues.redhat.com/browse/OCPBUGS-21898): test/e2e: Add test case for 2000000 maxConnections [#984](https://github.com/openshift/cluster-ingress-operator/pull/984) * [OCPBUGS-15978](https://issues.redhat.com/browse/OCPBUGS-15978): Check public DNS zone when reporting status [#967](https://github.com/openshift/cluster-ingress-operator/pull/967) * [OCPBUGS-17359](https://issues.redhat.com/browse/OCPBUGS-17359): test/e2e: Don't use openshift/origin-node [#970](https://github.com/openshift/cluster-ingress-operator/pull/970) * [NE-1140](https://issues.redhat.com/browse/NE-1140), [NE-1145](https://issues.redhat.com/browse/NE-1145): Set/delete HTTP request/response headers via IngressController API [#872](https://github.com/openshift/cluster-ingress-operator/pull/872) * [OCPBUGS-16089](https://issues.redhat.com/browse/OCPBUGS-16089): Set spec.subdomain on the canary route [#965](https://github.com/openshift/cluster-ingress-operator/pull/965) * [OCPBUGS-14995](https://issues.redhat.com/browse/OCPBUGS-14995): desiredRouterDeployment: Set HostPort if needed [#947](https://github.com/openshift/cluster-ingress-operator/pull/947) * [OCPBUGS-10875](https://issues.redhat.com/browse/OCPBUGS-10875): gateway-service-dns: Set DNS policy appropriately [#934](https://github.com/openshift/cluster-ingress-operator/pull/934) * [NE-1244](https://issues.redhat.com/browse/NE-1244): Use permissions instead of the "Contributor" role in Azure CredentialsRequest [#929](https://github.com/openshift/cluster-ingress-operator/pull/929) * [OCPBUGS-12790](https://issues.redhat.com/browse/OCPBUGS-12790): README: Fix Bugzilla link [#968](https://github.com/openshift/cluster-ingress-operator/pull/968) * [RFE-3007](https://issues.redhat.com/browse/RFE-3007): Expose option-contstats as an unsupported option [#887](https://github.com/openshift/cluster-ingress-operator/pull/887) * [NE-1189](https://issues.redhat.com/browse/NE-1189): Refactor Test_desiredLoadBalancerService [#886](https://github.com/openshift/cluster-ingress-operator/pull/886) * [NE-1187](https://issues.redhat.com/browse/NE-1187): Use t.Run for table-driven tests [#884](https://github.com/openshift/cluster-ingress-operator/pull/884) * [NE-1183](https://issues.redhat.com/browse/NE-1183): Rename unit tests for specific functions [#880](https://github.com/openshift/cluster-ingress-operator/pull/880) * [NE-1269](https://issues.redhat.com/browse/NE-1269): Replace bindata using embed [#905](https://github.com/openshift/cluster-ingress-operator/pull/905) * [RFE-3765](https://issues.redhat.com/browse/RFE-3765): Allow Ingress to Modify the HAProxy Log Length when using a Sidecar [#900](https://github.com/openshift/cluster-ingress-operator/pull/900) * [OCPBUGS-9274](https://issues.redhat.com/browse/OCPBUGS-9274): canary: Tolerate infra node NoExecute taint [#932](https://github.com/openshift/cluster-ingress-operator/pull/932) * [OCPBUGS-7546](https://issues.redhat.com/browse/OCPBUGS-7546): Allow only 1 disruption with 3 replicas [#931](https://github.com/openshift/cluster-ingress-operator/pull/931) * [OCPBUGS-15100](https://issues.redhat.com/browse/OCPBUGS-15100): Fix previous attempt of adding a missing trailing dot to hostname [#956](https://github.com/openshift/cluster-ingress-operator/pull/956) * [OCPBUGS-14396](https://issues.redhat.com/browse/OCPBUGS-14396): Set controller-runtime logger to a null logger for E2E [#946](https://github.com/openshift/cluster-ingress-operator/pull/946) * [OCPBUGS-14998](https://issues.redhat.com/browse/OCPBUGS-14998): Only use RoleARN for Route53 API [#951](https://github.com/openshift/cluster-ingress-operator/pull/951) * [OCPBUGS-15100](https://issues.redhat.com/browse/OCPBUGS-15100): Create valid DNS names for Gateway API on GCP [#949](https://github.com/openshift/cluster-ingress-operator/pull/949) * [OCPBUGS-13106](https://issues.redhat.com/browse/OCPBUGS-13106): Add ingress controller status logging on waitForIngressControllerCondition [#924](https://github.com/openshift/cluster-ingress-operator/pull/924) * [OCPBUGS-13190](https://issues.redhat.com/browse/OCPBUGS-13190): Avoid spurious updates for internalTrafficPolicy [#927](https://github.com/openshift/cluster-ingress-operator/pull/927) * [OCPBUGS-13810](https://issues.redhat.com/browse/OCPBUGS-13810): Update TestAWSELBConnectionIdleTimeout to not use wildcard DNS record [#944](https://github.com/openshift/cluster-ingress-operator/pull/944) * [NE-1294](https://issues.redhat.com/browse/NE-1294): Add support for AWS shared VPC in another account [#928](https://github.com/openshift/cluster-ingress-operator/pull/928) * [CCO-318](https://issues.redhat.com/browse/CCO-318): Enable Azure Workload Identity authentication. [#906](https://github.com/openshift/cluster-ingress-operator/pull/906) * [OCPBUGS-6661](https://issues.redhat.com/browse/OCPBUGS-6661), [OCPBUGS-9464](https://issues.redhat.com/browse/OCPBUGS-9464): Move mTLS CRL handling into the router, and fix accidental duplication of CRLs [#939](https://github.com/openshift/cluster-ingress-operator/pull/939) * [OCPBUGS-13963](https://issues.redhat.com/browse/OCPBUGS-13963): Bump vendors k8s libraries to 0.27.2 [#936](https://github.com/openshift/cluster-ingress-operator/pull/936) * Revert "OCPBUGS-6661, OCPBUGS-9464: Move mTLS CRL handling into the router, and fix accidental duplication of CRLs" [#938](https://github.com/openshift/cluster-ingress-operator/pull/938) * [OCPBUGS-6661](https://issues.redhat.com/browse/OCPBUGS-6661), [OCPBUGS-9464](https://issues.redhat.com/browse/OCPBUGS-9464): Move mTLS CRL handling into the router, and fix accidental duplication of CRLs [#930](https://github.com/openshift/cluster-ingress-operator/pull/930) * [OCPBUGS-5478](https://issues.redhat.com/browse/OCPBUGS-5478): add UBI based Dockerfile [#925](https://github.com/openshift/cluster-ingress-operator/pull/925) * [CCO-318](https://issues.redhat.com/browse/CCO-318): Read feature gates for future usage [#908](https://github.com/openshift/cluster-ingress-operator/pull/908) * [OCPBUGS-12913](https://issues.redhat.com/browse/OCPBUGS-12913): Deflake TestRouterCompressionOperation [#920](https://github.com/openshift/cluster-ingress-operator/pull/920) * [OCPBUGS-6784](https://issues.redhat.com/browse/OCPBUGS-6784): bump controller-runtime to fix the multi namespace cache indexing [#913](https://github.com/openshift/cluster-ingress-operator/pull/913) * [OCPBUGS-12579](https://issues.redhat.com/browse/OCPBUGS-12579): Address CVE-2022-41723 [#915](https://github.com/openshift/cluster-ingress-operator/pull/915) * [OCPBUGS-12790](https://issues.redhat.com/browse/OCPBUGS-12790): Replace Bugzilla link with Red Hat Issue Tracker [#916](https://github.com/openshift/cluster-ingress-operator/pull/916) * [OCPBUGS-10714](https://issues.redhat.com/browse/OCPBUGS-10714): gatewayclass: Update for OSSM 2.4 API change [#901](https://github.com/openshift/cluster-ingress-operator/pull/901) * [OCPBUGS-10189](https://issues.redhat.com/browse/OCPBUGS-10189): Updating ose-cluster-ingress-operator images to be consistent with ART [#898](https://github.com/openshift/cluster-ingress-operator/pull/898) * [OCPBUGS-10846](https://issues.redhat.com/browse/OCPBUGS-10846): Fix TestClientTLS flakes [#904](https://github.com/openshift/cluster-ingress-operator/pull/904) * [NE-1184](https://issues.redhat.com/browse/NE-1184): Test_desiredHttpErrorCodeConfigMap: Kill dead code and fix format [#881](https://github.com/openshift/cluster-ingress-operator/pull/881) * [Full changelog](https://github.com/openshift/cluster-ingress-operator/compare/a45f7a3a44ead85d2e36a57723fc05fc0919c63e...e302d85665274cb299d873eb624867384e5c37b1) ### [cluster-kube-apiserver-operator](https://github.com/openshift/cluster-kube-apiserver-operator/tree/9267f4543589ccb408d3e62fc0e35708d4b783df) * [OCPBUGS-50662](https://issues.redhat.com/browse/OCPBUGS-50662): Increase waitForFallbackDegradedConditionTimeout [#1807](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1807) * [OCPBUGS-31354](https://issues.redhat.com/browse/OCPBUGS-31354): add SNO control plane high cpu usage alert [#1707](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1707) * [OCPBUGS-33930](https://issues.redhat.com/browse/OCPBUGS-33930): add a controller that reconciles SCCs' volumes [#1681](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1681) * [OCPBUGS-31506](https://issues.redhat.com/browse/OCPBUGS-31506): Add sno section to alert description [#1658](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1658) * [OCPBUGS-31316](https://issues.redhat.com/browse/OCPBUGS-31316): add provider name to cluster_infrastructure_provider when external platform [#1657](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1657) * [OCPBUGS-29722](https://issues.redhat.com/browse/OCPBUGS-29722): webhookcontroller: report when a webhook resource is missing a caBundle provided by the service-ca-operator [#1650](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1650) * [OCPBUGS-29722](https://issues.redhat.com/browse/OCPBUGS-29722): webhookcontroller: report when a webhook resource is missing a caBundle provided by the service-ca-operator [#1646](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1646) * [OCPBUGS-25384](https://issues.redhat.com/browse/OCPBUGS-25384): psa cluster fleet evaluation [#1600](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1600) * : OCPBUGS-24022: Add workload partitioning annotation [#1590](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1590) * : OCPBUGS-20898: bump library-go to include switch to HTTP/1.1 [#1569](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1569) * [OCPBUGS-22718](https://issues.redhat.com/browse/OCPBUGS-22718): [release-4.14] OCPBUGS-20331: manifests: rename API performance dashboard [#1570](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1570) * [OCPBUGS-19553](https://issues.redhat.com/browse/OCPBUGS-19553): Update static pod manifests perms [#1556](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1556) * [OCPBUGS-19353](https://issues.redhat.com/browse/OCPBUGS-19353): manifests: don't include recording rules when Console capability is not enabled [#1551](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1551) * [OCPBUGS-10362](https://issues.redhat.com/browse/OCPBUGS-10362): revert dev cert rotation on 4.14 [#1545](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1545) * [OCPBUGS-17436](https://issues.redhat.com/browse/OCPBUGS-17436): Unrevert 1536 and 1538. [#1541](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1541) * Reverts DynamicResourceAllocation enablement on techpreview [#1540](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1540) * [OCPBUGS-17436](https://issues.redhat.com/browse/OCPBUGS-17436): Enable DynamicResourceAllocation API in kube-apiserver [#1538](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1538) * Set runtime-config in lockstep with feature-gates, if needed. [#1536](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1536) * bump(api) [#1535](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1535) * [OCPBUGS-16511](https://issues.redhat.com/browse/OCPBUGS-16511): bump(*): vendor update [#1529](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1529) * [OCPBUGS-16511](https://issues.redhat.com/browse/OCPBUGS-16511): remove dependency on typed prometheus client [#1527](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1527) * [OCPBUGS-13635](https://issues.redhat.com/browse/OCPBUGS-13635): make webhook connection failure a warning in log [#1526](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1526) * [OCPBUGS-15489](https://issues.redhat.com/browse/OCPBUGS-15489): manifests: add new PrometheusRule for recording rules [#1521](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1521) * certrotation: rotate kube-apiserver-to-kubelet-signer when 80% of validity is over [#1523](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1523) * [OCPBUGS-13946](https://issues.redhat.com/browse/OCPBUGS-13946): do not use one second timeout when asserting a webhook connection [#1510](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1510) * [OCPBUGS-14008](https://issues.redhat.com/browse/OCPBUGS-14008): Enable "send-retry-after-while-not-ready-once" on SNO [#1500](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1500) * update probes for best practices and consistency [#1516](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1516) * api_performance_dashboard: show apiserver_longrunning_requests metric [#1518](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1518) * allow greater timeout for etcd health check [#1517](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1517) * api_performance_dashboard: show apiserver_request_total instead of apiserver_dropped_requests [#1520](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1520) * [OCPBUGS-8404](https://issues.redhat.com/browse/OCPBUGS-8404): pkg/operator/configobserver: check that the serving certificate refer… [#1482](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1482) * [OCPBUGS-3986](https://issues.redhat.com/browse/OCPBUGS-3986): dashboard: use recording rules for most metrics [#1484](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1484) * [OCPBUGS-14940](https://issues.redhat.com/browse/OCPBUGS-14940): api_performance_dashboard: show apiserver_longrunning_requests metric [#1511](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1511) * [OCPBUGS-13946](https://issues.redhat.com/browse/OCPBUGS-13946): degraded_webhook.go x509: certificate signed by unknown authority [#1503](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1503) * [OCPBUGS-14323](https://issues.redhat.com/browse/OCPBUGS-14323): Change manifest directory permissions [#1505](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1505) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Remove featureset flag and use only the manifest [#1491](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1491) * [OCPBUGS-13303](https://issues.redhat.com/browse/OCPBUGS-13303): pkg/operator/startupmonitor: skip openshift-apiserver readiness check… [#1492](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1492) * [OCPBUGS-14038](https://issues.redhat.com/browse/OCPBUGS-14038): Update APIRemovedInNextRelease alerts [#1497](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1497) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Bump k8s 1.27 [#1469](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1469) * read featureset from the manifests [#1490](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1490) * Read feature manifest [#1488](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1488) * Cover featuregate access errors in PSA configobserver unit tests. [#1486](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1486) * switch to featuregates via the API [#1485](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1485) * [OCPBUGS-10831](https://issues.redhat.com/browse/OCPBUGS-10831): pod security: use v1 api [#1481](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1481) * [OCPBUGS-11361](https://issues.redhat.com/browse/OCPBUGS-11361): Revert "Merge pull request #1474 from benluddy/oapi-bump" [#1477](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1477) * Bump dependency on openshift/api. [#1474](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1474) * Updating ose-cluster-kube-apiserver-operator images to be consistent with ART [#1460](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1460) * [OCPBUGS-10713](https://issues.redhat.com/browse/OCPBUGS-10713): PSA Violation alert: add ocp_namespace label [#1435](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1435) * [OCPBUGS-10039](https://issues.redhat.com/browse/OCPBUGS-10039): update openshift/api to include aesgcm provider in the default apiserver schema [#1462](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1462) * [OCPBUGS-10577](https://issues.redhat.com/browse/OCPBUGS-10577): update apf configuration to use v1beta3 [#1413](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1413) * [OCPBUGS-8711](https://issues.redhat.com/browse/OCPBUGS-8711): API-1509: Enable AES-GCM encryption [#1449](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1449) * [OCPBUGS-8478](https://issues.redhat.com/browse/OCPBUGS-8478): Disable TestBoundTokenSignerController [#1455](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1455) * [Full changelog](https://github.com/openshift/cluster-kube-apiserver-operator/compare/e9e717254ca8e479db297144d316363467f2f5fe...9267f4543589ccb408d3e62fc0e35708d4b783df) ### [cluster-kube-cluster-api-operator](https://github.com/openshift/cluster-api-operator/tree/b287d08b3dabe6b3b67b87a8a284f19ed12a165e) * [release 4.14] OCPBUGS-20999: Bump golang.org/x/net to v0.17.0 [#27](https://github.com/openshift/cluster-api-operator/pull/27) * [OCPCLOUD-1871](https://issues.redhat.com/browse/OCPCLOUD-1871): Merge https://github.com/kubernetes-sigs/cluster-api-operator:v0.4.0 (667606e) into main [#22](https://github.com/openshift/cluster-api-operator/pull/22) * [OCPBUGS-12581](https://issues.redhat.com/browse/OCPBUGS-12581), [OCPBUGS-13093](https://issues.redhat.com/browse/OCPBUGS-13093): Merge https://github.com/kubernetes-sigs/cluster-api-operator:v0.2.0 (d807992) into main [#17](https://github.com/openshift/cluster-api-operator/pull/17) * Updating ose-cluster-kube-cluster-api-operator images to be consistent with ART [#19](https://github.com/openshift/cluster-api-operator/pull/19) * Updating ose-cluster-kube-cluster-api-operator images to be consistent with ART [#15](https://github.com/openshift/cluster-api-operator/pull/15) * [Full changelog](https://github.com/openshift/cluster-api-operator/compare/18c076b1b56e06086fc3e4ea89d6922cca2d6b4a...b287d08b3dabe6b3b67b87a8a284f19ed12a165e) ### [cluster-kube-controller-manager-operator](https://github.com/openshift/cluster-kube-controller-manager-operator/tree/4e059638c2cbf003551ee699106dc024760eece3) * [OCPBUGS-28247](https://issues.redhat.com/browse/OCPBUGS-28247): Remove "include.release.openshift.io/ibm-cloud-managed:" annotation [#791](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/791) * [OCPBUGS-27063](https://issues.redhat.com/browse/OCPBUGS-27063): bump(library-go)=release-4.14 [#787](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/787) * [OCPBUGS-21088](https://issues.redhat.com/browse/OCPBUGS-21088): Bump deps to address CVE-2023-44487 [4.14] [#764](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/764) * [OCPBUGS-21088](https://issues.redhat.com/browse/OCPBUGS-21088): Bump deps to address CVE-2023-44487 [#756](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/756) * [OCPBUGS-19553](https://issues.redhat.com/browse/OCPBUGS-19553): Update static pod manifests perms [#749](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/749) * add roles for the new privileged namespaces PSa syncer controller [#743](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/743) * [OCPBUGS-15256](https://issues.redhat.com/browse/OCPBUGS-15256): Sync openshift/api to reduce installerpod configmap based file permissions to 0600 [#740](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/740) * [OCPCLOUD-2010](https://issues.redhat.com/browse/OCPCLOUD-2010): Re-vendor api and library-go for external platform support [#736](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/736) * [OCPBUGS-14323](https://issues.redhat.com/browse/OCPBUGS-14323): Change manifest directory permissions [#739](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/739) * [OCPBUGS-13579](https://issues.redhat.com/browse/OCPBUGS-13579): remove RBAC for cluster-policy-controller CM leader election [#738](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/738) * [OCPBUGS-13579](https://issues.redhat.com/browse/OCPBUGS-13579): Drop flags removed in k8s 1.26 [#737](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/737) * Remove featureset flag and use only the manifest [#735](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/735) * Update cloud provider tests with feature gate changes [#731](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/731) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Bump k8s 1.27 [#713](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/713) * Read feature manifest [#733](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/733) * Restricted featuregate reader [#732](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/732) * use new featuregate API [#730](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/730) * [OCPBUGS-12709](https://issues.redhat.com/browse/OCPBUGS-12709): Reset library-go branch after Azure revert [#729](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/729) * [OCPBUGS-12133](https://issues.redhat.com/browse/OCPBUGS-12133): Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART [#727](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/727) * Revert azure out of tree provider change [#724](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/724) * [OCPBUGS-11352](https://issues.redhat.com/browse/OCPBUGS-11352): AWS should not use external-cloud-volume-plugin post CSI migration [#721](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/721) * [OCPBUGS-7440](https://issues.redhat.com/browse/OCPBUGS-7440): do not degrade KCM when when monitoring stack rollout is in progress [#706](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/706) * [OCPBUGS-10568](https://issues.redhat.com/browse/OCPBUGS-10568): migrate to using lease objects for leader election [#715](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/715) * Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART [#709](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/709) * OWNERS: remove ravi from the owners [#714](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/714) * Reset library-go to openshift fork [#708](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/708) * Update library-go dependency to move Azure to out of tree [#705](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/705) * Update library-go dependency to move AWS to out of tree [#707](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/707) * [Full changelog](https://github.com/openshift/cluster-kube-controller-manager-operator/compare/dac7113696160d1170d9b3773afa4a4b7cb2099b...4e059638c2cbf003551ee699106dc024760eece3) ### [cluster-kube-scheduler-operator](https://github.com/openshift/cluster-kube-scheduler-operator/tree/33f630dc1f890ca59c5e57fb5b6cc24a3f22a1d4) * [OCPBUGS-27022](https://issues.redhat.com/browse/OCPBUGS-27022): bump(library-go)=release-4.14 [#527](https://github.com/openshift/cluster-kube-scheduler-operator/pull/527) * [OCPBUGS-21737](https://issues.redhat.com/browse/OCPBUGS-21737): bump(k8s,openshift) to address CVE-2023-44487 [#504](https://github.com/openshift/cluster-kube-scheduler-operator/pull/504) * [OCPBUGS-21737](https://issues.redhat.com/browse/OCPBUGS-21737): Bump deps to address CVE-2023-44487 [#501](https://github.com/openshift/cluster-kube-scheduler-operator/pull/501) * [OCPBUGS-19553](https://issues.redhat.com/browse/OCPBUGS-19553): Update static pod manifests perms [#495](https://github.com/openshift/cluster-kube-scheduler-operator/pull/495) * [OCPBUGS-14052](https://issues.redhat.com/browse/OCPBUGS-14052): KubeSchedulerDown: set runbook_url annotation [#489](https://github.com/openshift/cluster-kube-scheduler-operator/pull/489) * [OCPBUGS-15256](https://issues.redhat.com/browse/OCPBUGS-15256): Sync openshift/api to reduce installerpod configmap based file permissions to 0600 [#488](https://github.com/openshift/cluster-kube-scheduler-operator/pull/488) * remove loglevel in deploy [#487](https://github.com/openshift/cluster-kube-scheduler-operator/pull/487) * [OCPBUGS-14323](https://issues.redhat.com/browse/OCPBUGS-14323): Change manifest directory permissions [#485](https://github.com/openshift/cluster-kube-scheduler-operator/pull/485) * Remove featureset flag and use only the manifest [#484](https://github.com/openshift/cluster-kube-scheduler-operator/pull/484) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Bump k8s 1.27 [#472](https://github.com/openshift/cluster-kube-scheduler-operator/pull/472) * use standard featuregate library from API [#483](https://github.com/openshift/cluster-kube-scheduler-operator/pull/483) * [OCPBUGS-12074](https://issues.redhat.com/browse/OCPBUGS-12074): Updating ose-cluster-kube-scheduler-operator images to be consistent with ART [#479](https://github.com/openshift/cluster-kube-scheduler-operator/pull/479) * Updating ose-cluster-kube-scheduler-operator images to be consistent with ART [#466](https://github.com/openshift/cluster-kube-scheduler-operator/pull/466) * [OCPBUGS-10568](https://issues.redhat.com/browse/OCPBUGS-10568): migrate to using lease objects for leader election [#476](https://github.com/openshift/cluster-kube-scheduler-operator/pull/476) * disable debug pporf with unauthenticated port [#468](https://github.com/openshift/cluster-kube-scheduler-operator/pull/468) * [Full changelog](https://github.com/openshift/cluster-kube-scheduler-operator/compare/2e7c269b358223b89632b35840e6a91cdc7bb9aa...33f630dc1f890ca59c5e57fb5b6cc24a3f22a1d4) ### [cluster-kube-storage-version-migrator-operator](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/tree/9cd9922a42a64fe058718f10e3b4123b943bb55f) * : OCPBUGS-21371: bump library-go to include switch to HTTP/1.1 [#96](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/96) * Revert "specify master node selector on migrator pod" [#93](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/93) * [OCPBUGS-17170](https://issues.redhat.com/browse/OCPBUGS-17170): specify master node selector on migrator pod [#92](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/92) * [OCPBUGS-16513](https://issues.redhat.com/browse/OCPBUGS-16513): bump(*): update to 1.27.1 [#91](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/91) * Fix operator doc in README [#90](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/90) * Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART [#89](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/89) * [Full changelog](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/compare/721de5d64083b17c22f6b784bb2c78af39d7b3b0...9cd9922a42a64fe058718f10e3b4123b943bb55f) ### [cluster-machine-approver](https://github.com/openshift/cluster-machine-approver/tree/38a758d0026346b751774b2459520174b46e39bf) * [OCPBUGS-46057](https://issues.redhat.com/browse/OCPBUGS-46057): Ensure trailing dots on DNS names do not block serving cert auth [#259](https://github.com/openshift/cluster-machine-approver/pull/259) * [OCPBUGS-46057](https://issues.redhat.com/browse/OCPBUGS-46057): Client internal DNS checks should ignore trailing dot [#255](https://github.com/openshift/cluster-machine-approver/pull/255) * [OCPBUGS-44774](https://issues.redhat.com/browse/OCPBUGS-44774): Client internal DNS checks should be case insensitive [#246](https://github.com/openshift/cluster-machine-approver/pull/246) * [OCPBUGS-28745](https://issues.redhat.com/browse/OCPBUGS-28745): Increase concurrent reconciles to 10 [#228](https://github.com/openshift/cluster-machine-approver/pull/228) * [OCPBUGS-23150](https://issues.redhat.com/browse/OCPBUGS-23150): Filter non node CSRs in metrics [#209](https://github.com/openshift/cluster-machine-approver/pull/209) * [OCPBUGS-21468](https://issues.redhat.com/browse/OCPBUGS-21468): Bump x/net package to v0.17.0 [#206](https://github.com/openshift/cluster-machine-approver/pull/206) * [OCPBUGS-19305](https://issues.redhat.com/browse/OCPBUGS-19305): Set logger for controller runtime [#202](https://github.com/openshift/cluster-machine-approver/pull/202) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#199](https://github.com/openshift/cluster-machine-approver/pull/199) * [OCPBUGS-16156](https://issues.redhat.com/browse/OCPBUGS-16156): check if machine api present [#198](https://github.com/openshift/cluster-machine-approver/pull/198) * handle situation when machine CRD is not present [#191](https://github.com/openshift/cluster-machine-approver/pull/191) * [OCPCLOUD-2044](https://issues.redhat.com/browse/OCPCLOUD-2044): Update to Kubernetes 1.27 deps [#195](https://github.com/openshift/cluster-machine-approver/pull/195) * [OCPBUGS-10171](https://issues.redhat.com/browse/OCPBUGS-10171): Go 1.20 bump with fixed unit tests [#194](https://github.com/openshift/cluster-machine-approver/pull/194) * [OCPBUGS-11225](https://issues.redhat.com/browse/OCPBUGS-11225): Update node client allowed usages [#189](https://github.com/openshift/cluster-machine-approver/pull/189) * [OCPBUGS-11225](https://issues.redhat.com/browse/OCPBUGS-11225): Update isNodeClientCert to allow for new key usages [#186](https://github.com/openshift/cluster-machine-approver/pull/186) * [OCPBUGS-11225](https://issues.redhat.com/browse/OCPBUGS-11225): approver: fix ECDSA approvals in 1.27 [#184](https://github.com/openshift/cluster-machine-approver/pull/184) * Update TLS Bootstrapping doc links in README [#182](https://github.com/openshift/cluster-machine-approver/pull/182) * Updating ose-cluster-machine-approver images to be consistent with ART [#180](https://github.com/openshift/cluster-machine-approver/pull/180) * [Full changelog](https://github.com/openshift/cluster-machine-approver/compare/25fe7b4bd96baba2eef8c0c22521fdc8c08f981d...38a758d0026346b751774b2459520174b46e39bf) ### [cluster-monitoring-operator](https://github.com/openshift/cluster-monitoring-operator/tree/e0950380f0281a5da3c2fd51abbdab1155d26b4e) * [OCPBUGS-48368](https://issues.redhat.com/browse/OCPBUGS-48368): Add new metrics for OpenShift logging telemetry [#2556](https://github.com/openshift/cluster-monitoring-operator/pull/2556) * [OCPBUGS-44007](https://issues.redhat.com/browse/OCPBUGS-44007): fix(monitoring-plugin): disable emitting nginx version on error pages [#2520](https://github.com/openshift/cluster-monitoring-operator/pull/2520) * [OCPBUGS-43916](https://issues.redhat.com/browse/OCPBUGS-43916): Add runbook url for TelemeterClientFail… [#2510](https://github.com/openshift/cluster-monitoring-operator/pull/2510) * [OCPBUGS-43678](https://issues.redhat.com/browse/OCPBUGS-43678): Remove temporary no more needed code [#2496](https://github.com/openshift/cluster-monitoring-operator/pull/2496) * [OCPBUGS-42603](https://issues.redhat.com/browse/OCPBUGS-42603): Exclude windows nodes from kubelet servicemonitor [#2489](https://github.com/openshift/cluster-monitoring-operator/pull/2489) * [OCPBUGS-41916](https://issues.redhat.com/browse/OCPBUGS-41916): filter alerts sent to Telemeter [#2473](https://github.com/openshift/cluster-monitoring-operator/pull/2473) * [OCPBUGS-39176](https://issues.redhat.com/browse/OCPBUGS-39176): Backport #2441 for 4.14 [#2449](https://github.com/openshift/cluster-monitoring-operator/pull/2449) * [OCPBUGS-37468](https://issues.redhat.com/browse/OCPBUGS-37468): Backport of PR #2384 [#2433](https://github.com/openshift/cluster-monitoring-operator/pull/2433) * [OCPBUGS-36565](https://issues.redhat.com/browse/OCPBUGS-36565): add runbook_url annotations [#2407](https://github.com/openshift/cluster-monitoring-operator/pull/2407) * [OCPBUGS-37296](https://issues.redhat.com/browse/OCPBUGS-37296): Making sure proxy settings are correctly forwarded in the generated remote write configs [#2415](https://github.com/openshift/cluster-monitoring-operator/pull/2415) * [OCPBUGS-36416](https://issues.redhat.com/browse/OCPBUGS-36416): inject trusted CA bundle into UWM Alertmanager [#2402](https://github.com/openshift/cluster-monitoring-operator/pull/2402) * [OCPBUGS-34023](https://issues.redhat.com/browse/OCPBUGS-34023): fix KRP permissions for Thanos Querier [#2374](https://github.com/openshift/cluster-monitoring-operator/pull/2374) * [OCPBUGS-33585](https://issues.redhat.com/browse/OCPBUGS-33585): fix Thanos ruler alert generator url [#2345](https://github.com/openshift/cluster-monitoring-operator/pull/2345) * [OCPBUGS-28768](https://issues.redhat.com/browse/OCPBUGS-28768): fix generation of telemeter token hash [#2304](https://github.com/openshift/cluster-monitoring-operator/pull/2304) * [OCPBUGS-27471](https://issues.redhat.com/browse/OCPBUGS-27471): prevent plugin entry assets from caching [#2241](https://github.com/openshift/cluster-monitoring-operator/pull/2241) * [OCPBUGS-25800](https://issues.redhat.com/browse/OCPBUGS-25800): Wait for 3 (instead of 2) consecutive failing reconcil… [#2216](https://github.com/openshift/cluster-monitoring-operator/pull/2216) * [OCPBUGS-27418](https://issues.redhat.com/browse/OCPBUGS-27418): go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to 0.44.0 [#2239](https://github.com/openshift/cluster-monitoring-operator/pull/2239) * [OCPBUGS-25799](https://issues.redhat.com/browse/OCPBUGS-25799): Detect ipv4/ipv6 socket in pod ip for nginx conf [#2215](https://github.com/openshift/cluster-monitoring-operator/pull/2215) * [OCPBUGS-25387](https://issues.redhat.com/browse/OCPBUGS-25387): Add RHACM telemetry metric for 4.14 [#2202](https://github.com/openshift/cluster-monitoring-operator/pull/2202) * [OCPBUGS-21473](https://issues.redhat.com/browse/OCPBUGS-21473): Set the new --disable-http2 flag for prometheus-adapter to disable HTTP2 [#2147](https://github.com/openshift/cluster-monitoring-operator/pull/2147) * [OCPBUGS-22917](https://issues.redhat.com/browse/OCPBUGS-22917): jsonnet: pin commits [#2143](https://github.com/openshift/cluster-monitoring-operator/pull/2143) * [OCPBUGS-22734](https://issues.redhat.com/browse/OCPBUGS-22734): [release-4.14] add RHACS telemetry metrics [#2137](https://github.com/openshift/cluster-monitoring-operator/pull/2137) * [OCPBUGS-21264](https://issues.redhat.com/browse/OCPBUGS-21264): [release-4.14] fix: force HTTP/1.1 connections [#2130](https://github.com/openshift/cluster-monitoring-operator/pull/2130) * [OCPBUGS-21264](https://issues.redhat.com/browse/OCPBUGS-21264): upgrade golang.org/x/net to v0.17.0 [#2121](https://github.com/openshift/cluster-monitoring-operator/pull/2121) * [OCPBUGS-19355](https://issues.redhat.com/browse/OCPBUGS-19355): add topologySpreadConstraints to UWM prometheus operator [#2087](https://github.com/openshift/cluster-monitoring-operator/pull/2087) * [OCPBUGS-19397](https://issues.redhat.com/browse/OCPBUGS-19397): Enable ipv6 on monitoring-plugin nginx [#2091](https://github.com/openshift/cluster-monitoring-operator/pull/2091) * [OCPBUGS-19361](https://issues.redhat.com/browse/OCPBUGS-19361): Topology spread constraints admission webhook [#2088](https://github.com/openshift/cluster-monitoring-operator/pull/2088) * [MON-3304](https://issues.redhat.com/browse/MON-3304): Add option to specify resource limits for all components [#2067](https://github.com/openshift/cluster-monitoring-operator/pull/2067) * [OCPBUGS-17690](https://issues.redhat.com/browse/OCPBUGS-17690): remove deprecated argument [#2075](https://github.com/openshift/cluster-monitoring-operator/pull/2075) * [OCPBUGS-17691](https://issues.redhat.com/browse/OCPBUGS-17691): replace outdated repository link [#2074](https://github.com/openshift/cluster-monitoring-operator/pull/2074) * [MON-2641](https://issues.redhat.com/browse/MON-2641): Add e2e tests for AlertingRule controller [#2054](https://github.com/openshift/cluster-monitoring-operator/pull/2054) * Add telemeter client SA to rbac proxy [#2043](https://github.com/openshift/cluster-monitoring-operator/pull/2043) * [OCPBUGS-1062](https://issues.redhat.com/browse/OCPBUGS-1062): update webhook configuration only if required [#2065](https://github.com/openshift/cluster-monitoring-operator/pull/2065) * [MON-988](https://issues.redhat.com/browse/MON-988): remove alert "MultipleContainersOOMKilled" [#2071](https://github.com/openshift/cluster-monitoring-operator/pull/2071) * Remove deprecated visual_web_terminal_sessions metric [#2059](https://github.com/openshift/cluster-monitoring-operator/pull/2059) * [OCPBUGS-17487](https://issues.redhat.com/browse/OCPBUGS-17487): fix typo for ThanosRulerConfig.Resources [#2070](https://github.com/openshift/cluster-monitoring-operator/pull/2070) * Update jsonnet dependencies [#2063](https://github.com/openshift/cluster-monitoring-operator/pull/2063) * [OCPBUGS-17346](https://issues.redhat.com/browse/OCPBUGS-17346): Avoid recreating some resources, created by prometheus-operator, during 4.13->4.14 upgrade [#2066](https://github.com/openshift/cluster-monitoring-operator/pull/2066) * [MON-3291](https://issues.redhat.com/browse/MON-3291): Adjust node-exporter's MaxProcs documentation now that we s… [#2055](https://github.com/openshift/cluster-monitoring-operator/pull/2055) * Synchronize versions of the downstream components [#2061](https://github.com/openshift/cluster-monitoring-operator/pull/2061) * [MON-3093](https://issues.redhat.com/browse/MON-3093): fix single node replica issue [#2060](https://github.com/openshift/cluster-monitoring-operator/pull/2060) * [OCPBUGS-17191](https://issues.redhat.com/browse/OCPBUGS-17191): add namespace label to alerting rules [#2058](https://github.com/openshift/cluster-monitoring-operator/pull/2058) * Synchronize versions of the downstream components [#2056](https://github.com/openshift/cluster-monitoring-operator/pull/2056) * [MON-2645](https://issues.redhat.com/browse/MON-2645): remove unnecessary RBAC permissions [#2051](https://github.com/openshift/cluster-monitoring-operator/pull/2051) * Synchronize versions of the downstream components [#2052](https://github.com/openshift/cluster-monitoring-operator/pull/2052) * [OCPBUGS-10699](https://issues.redhat.com/browse/OCPBUGS-10699): remove Kube*QuotaOvercommit alerts [#2049](https://github.com/openshift/cluster-monitoring-operator/pull/2049) * [MON-2645](https://issues.redhat.com/browse/MON-2645): remove unused rebalancer code [#2048](https://github.com/openshift/cluster-monitoring-operator/pull/2048) * Synchronize versions of the downstream components [#2050](https://github.com/openshift/cluster-monitoring-operator/pull/2050) * Remove OADP metrics from the Telemetry [#2040](https://github.com/openshift/cluster-monitoring-operator/pull/2040) * [MON-669](https://issues.redhat.com/browse/MON-669): Remove etcd ServiceMonitors management code as they'll be no… [#2039](https://github.com/openshift/cluster-monitoring-operator/pull/2039) * [MON-3216](https://issues.redhat.com/browse/MON-3216): Add ownership labels to kube resources [#1986](https://github.com/openshift/cluster-monitoring-operator/pull/1986) * [MON-3177](https://issues.redhat.com/browse/MON-3177): Expose and propagate TopologySpreadConstraints for kube state metrics [#2026](https://github.com/openshift/cluster-monitoring-operator/pull/2026) * [OCPBUGS-16203](https://issues.redhat.com/browse/OCPBUGS-16203): correct docs for metric node_systemd_timer_last_trigger_seconds. [#2045](https://github.com/openshift/cluster-monitoring-operator/pull/2045) * [MON-3178](https://issues.redhat.com/browse/MON-3178): Expose and propagate TopologySpreadConstraints for prometheus-operator [#2033](https://github.com/openshift/cluster-monitoring-operator/pull/2033) * [MON-3274](https://issues.redhat.com/browse/MON-3274): collect the number of LIST and WATCH requests to the apiserver from telemetry [#2044](https://github.com/openshift/cluster-monitoring-operator/pull/2044) * [MON-2903](https://issues.redhat.com/browse/MON-2903): add nodeExporter.collectors.systemd settings. [#1892](https://github.com/openshift/cluster-monitoring-operator/pull/1892) * [MON-3179](https://issues.redhat.com/browse/MON-3179): Expose and propagate TopologySpreadConstraints for openshift state metrics [#2034](https://github.com/openshift/cluster-monitoring-operator/pull/2034) * [MON-3176](https://issues.redhat.com/browse/MON-3176): Expose and propagate TopologySpreadConstraints for prometheus-adapter [#2025](https://github.com/openshift/cluster-monitoring-operator/pull/2025) * [OCPBUGS-9835](https://issues.redhat.com/browse/OCPBUGS-9835): Add Content-Security-Policy headers to prometheus and alertmanager [#2012](https://github.com/openshift/cluster-monitoring-operator/pull/2012) * [MON-3182](https://issues.redhat.com/browse/MON-3182): Expose and propagate TopologySpreadConstraints for UWM alertmanager [#2037](https://github.com/openshift/cluster-monitoring-operator/pull/2037) * [MON-3180](https://issues.redhat.com/browse/MON-3180): Expose and propagate TopologySpreadConstraints for telemeter-client [#2017](https://github.com/openshift/cluster-monitoring-operator/pull/2017) * [MON-3183](https://issues.redhat.com/browse/MON-3183): Expose and propagate TopologySpreadConstraints for UWM prometheus [#2038](https://github.com/openshift/cluster-monitoring-operator/pull/2038) * [MON-3181](https://issues.redhat.com/browse/MON-3181): Expose and propagate TopologySpreadConstraints for thanos-querier [#2035](https://github.com/openshift/cluster-monitoring-operator/pull/2035) * [MON-3231](https://issues.redhat.com/browse/MON-3231): add metric for the configured profile [#2030](https://github.com/openshift/cluster-monitoring-operator/pull/2030) * [MON-3269](https://issues.redhat.com/browse/MON-3269): add nodeExporter.collectors.processes settings. [#2032](https://github.com/openshift/cluster-monitoring-operator/pull/2032) * [MON-3222](https://issues.redhat.com/browse/MON-3222): Make netdev/netclass interfaces configurable [#1963](https://github.com/openshift/cluster-monitoring-operator/pull/1963) * e2e-tests: ensure pod assertions find at least one pod [#2028](https://github.com/openshift/cluster-monitoring-operator/pull/2028) * test/e2e/framework: remove unused function [#2020](https://github.com/openshift/cluster-monitoring-operator/pull/2020) * [OCPBUGS-15440](https://issues.redhat.com/browse/OCPBUGS-15440): fix CMO to apply console-plugin pod.spec config [#2018](https://github.com/openshift/cluster-monitoring-operator/pull/2018) * chore: update dependencies [#2013](https://github.com/openshift/cluster-monitoring-operator/pull/2013) * [OCPBUGS-14922](https://issues.redhat.com/browse/OCPBUGS-14922): skip console-plugin installation if console CO is absent [#2011](https://github.com/openshift/cluster-monitoring-operator/pull/2011) * [OCPBUGS-12714](https://issues.redhat.com/browse/OCPBUGS-12714): turn on netlink mode of netclass collector for node exporter [#2015](https://github.com/openshift/cluster-monitoring-operator/pull/2015) * [MON-3249](https://issues.redhat.com/browse/MON-3249): Update telemeter-client to allow TLS through rbac proxy [#2005](https://github.com/openshift/cluster-monitoring-operator/pull/2005) * Synchronize versions of the downstream components [#2024](https://github.com/openshift/cluster-monitoring-operator/pull/2024) * [OCPBUGS-13153](https://issues.redhat.com/browse/OCPBUGS-13153): Limit the value of GOMAXPROCS on node-exporter. [#1996](https://github.com/openshift/cluster-monitoring-operator/pull/1996) * hack/local-cmo: show the correct logged-in user [#2019](https://github.com/openshift/cluster-monitoring-operator/pull/2019) * [MON-3253](https://issues.redhat.com/browse/MON-3253): refactor local-cmo.sh to use CMO SA by default [#2010](https://github.com/openshift/cluster-monitoring-operator/pull/2010) * test/e2e: validate CMO and UWM configs [#2006](https://github.com/openshift/cluster-monitoring-operator/pull/2006) * pkg/operator: reduce duplication in CSR controllers [#2007](https://github.com/openshift/cluster-monitoring-operator/pull/2007) * Synchronize versions of the downstream components [#2009](https://github.com/openshift/cluster-monitoring-operator/pull/2009) * [OCPBUGS-15210](https://issues.redhat.com/browse/OCPBUGS-15210): manifest: rename TP roleBinding to cluster-monitoring-operator-alert-… [#2008](https://github.com/openshift/cluster-monitoring-operator/pull/2008) * [MON-3127](https://issues.redhat.com/browse/MON-3127): add nodeExporter.collectors.ksmd settings. [#1931](https://github.com/openshift/cluster-monitoring-operator/pull/1931) * Synchronize versions of the downstream components [#2004](https://github.com/openshift/cluster-monitoring-operator/pull/2004) * [MON-3229](https://issues.redhat.com/browse/MON-3229): Remove the dependency on the apiserver auth [#1904](https://github.com/openshift/cluster-monitoring-operator/pull/1904) * Synchronize versions of the downstream components [#2003](https://github.com/openshift/cluster-monitoring-operator/pull/2003) * Fix link metrics [#1999](https://github.com/openshift/cluster-monitoring-operator/pull/1999) * [OCPBUGS-11958](https://issues.redhat.com/browse/OCPBUGS-11958): Add the trusted CA bundle in UWM Prometheus pods [#1970](https://github.com/openshift/cluster-monitoring-operator/pull/1970) * [OCPBUGS-14123](https://issues.redhat.com/browse/OCPBUGS-14123): make TestBodySizeLimit less flaky [#1991](https://github.com/openshift/cluster-monitoring-operator/pull/1991) * Update OWNERS list [#1951](https://github.com/openshift/cluster-monitoring-operator/pull/1951) * [MON-3113](https://issues.redhat.com/browse/MON-3113): add nodeExporter.collectors.mountstats settings. [#1936](https://github.com/openshift/cluster-monitoring-operator/pull/1936) * [OCPBUGS-12903](https://issues.redhat.com/browse/OCPBUGS-12903): Fix console metrics doc typo [#1997](https://github.com/openshift/cluster-monitoring-operator/pull/1997) * [OCPBUGS-14816](https://issues.redhat.com/browse/OCPBUGS-14816): Add misspell target in Makefile [#1994](https://github.com/openshift/cluster-monitoring-operator/pull/1994) * [OCPBUGS-14887](https://issues.redhat.com/browse/OCPBUGS-14887): [bot] Synchronize versions of the downstream components [#1995](https://github.com/openshift/cluster-monitoring-operator/pull/1995) * [MON-2967](https://issues.redhat.com/browse/MON-2967): CMO deploys monitoring console-plugin [#1890](https://github.com/openshift/cluster-monitoring-operator/pull/1890) * [OCPBUGS-14772](https://issues.redhat.com/browse/OCPBUGS-14772): Add federate-client-certs [#1990](https://github.com/openshift/cluster-monitoring-operator/pull/1990) * [OCPBUGS-14072](https://issues.redhat.com/browse/OCPBUGS-14072): test: increase poll wait time for alertmanager [#1973](https://github.com/openshift/cluster-monitoring-operator/pull/1973) * [OCPBUGS-14618](https://issues.redhat.com/browse/OCPBUGS-14618): Synchronize versions of the downstream components [#1988](https://github.com/openshift/cluster-monitoring-operator/pull/1988) * [OCPBUGS-14378](https://issues.redhat.com/browse/OCPBUGS-14378): Skip some errcheck golangci-lint violations [#1983](https://github.com/openshift/cluster-monitoring-operator/pull/1983) * [MON-2981](https://issues.redhat.com/browse/MON-2981): alertingrule and relabel: promote to v1 [#1945](https://github.com/openshift/cluster-monitoring-operator/pull/1945) * [OCPBUGS-11889](https://issues.redhat.com/browse/OCPBUGS-11889): disable CORS headers on Thanos querier [#1950](https://github.com/openshift/cluster-monitoring-operator/pull/1950) * [OCPBUGS-14606](https://issues.redhat.com/browse/OCPBUGS-14606): Remove remaining staticcheck violations [#1989](https://github.com/openshift/cluster-monitoring-operator/pull/1989) * [OCPBUGS-14375](https://issues.redhat.com/browse/OCPBUGS-14375): Fix golangci-lint gosimple violations [#1979](https://github.com/openshift/cluster-monitoring-operator/pull/1979) * [OCPBUGS-14381](https://issues.redhat.com/browse/OCPBUGS-14381): Skip golang-ci lint unused false positives [#1985](https://github.com/openshift/cluster-monitoring-operator/pull/1985) * [OCPBUGS-14561](https://issues.redhat.com/browse/OCPBUGS-14561): Prevent ci/prow/versions from failing on PR against release-xxx [#1969](https://github.com/openshift/cluster-monitoring-operator/pull/1969) * [OCPBUGS-10387](https://issues.redhat.com/browse/OCPBUGS-10387): label for infra nodes for metric cluster:capacity_cpu_cores:sum [#1926](https://github.com/openshift/cluster-monitoring-operator/pull/1926) * [OCPBUGS-14379](https://issues.redhat.com/browse/OCPBUGS-14379): Skip specific govet violation on operator main.go [#1984](https://github.com/openshift/cluster-monitoring-operator/pull/1984) * [OCPBUGS-14371](https://issues.redhat.com/browse/OCPBUGS-14371): Fix golangci-lint misspell violations [#1978](https://github.com/openshift/cluster-monitoring-operator/pull/1978) * [OCPBUGS-14380](https://issues.redhat.com/browse/OCPBUGS-14380): Fix golangcilint whitespace violations [#1977](https://github.com/openshift/cluster-monitoring-operator/pull/1977) * [OCPBUGS-14377](https://issues.redhat.com/browse/OCPBUGS-14377): Fix golangci-int wastedassign violations [#1981](https://github.com/openshift/cluster-monitoring-operator/pull/1981) * [OCPBUGS-14376](https://issues.redhat.com/browse/OCPBUGS-14376): Fix golangci-lint ineffassign violations [#1980](https://github.com/openshift/cluster-monitoring-operator/pull/1980) * [OCPBUGS-14366](https://issues.redhat.com/browse/OCPBUGS-14366): Fix golangci-lint unconvert violations [#1982](https://github.com/openshift/cluster-monitoring-operator/pull/1982) * [OCPBUGS-13147](https://issues.redhat.com/browse/OCPBUGS-13147): Add golangci-lint linters [#1949](https://github.com/openshift/cluster-monitoring-operator/pull/1949) * [OCPBUGS-1626](https://issues.redhat.com/browse/OCPBUGS-1626): update jsonnet dependencies [#1961](https://github.com/openshift/cluster-monitoring-operator/pull/1961) * [OCPBUGS-12903](https://issues.redhat.com/browse/OCPBUGS-12903): Add new web console usage metrics [#1910](https://github.com/openshift/cluster-monitoring-operator/pull/1910) * [OCPBUGS-13939](https://issues.redhat.com/browse/OCPBUGS-13939): Extend remote write test timeout [#1971](https://github.com/openshift/cluster-monitoring-operator/pull/1971) * [OCPBUGS-14007](https://issues.redhat.com/browse/OCPBUGS-14007): test/e2e: don't fail on telemeter remote write failed samples [#1972](https://github.com/openshift/cluster-monitoring-operator/pull/1972) * [OCPBUGS-13095](https://issues.redhat.com/browse/OCPBUGS-13095): Uncomment cluster:vsphere_infrastructure_failure_domains:max [#1960](https://github.com/openshift/cluster-monitoring-operator/pull/1960) * [OCPBUGS-12995](https://issues.redhat.com/browse/OCPBUGS-12995): go.mod: update golang.org/x/net to v0.7.0 [#1958](https://github.com/openshift/cluster-monitoring-operator/pull/1958) * [OCPBUGS-13006](https://issues.redhat.com/browse/OCPBUGS-13006): Add build number to vsphere vcenter information [#1946](https://github.com/openshift/cluster-monitoring-operator/pull/1946) * [OCPBUGS-12343](https://issues.redhat.com/browse/OCPBUGS-12343): Update 4.14 cluster-monitoring-operator image to be consistent with ART [#1952](https://github.com/openshift/cluster-monitoring-operator/pull/1952) * jsonnet: add comment why empty prometheus container needed [#1943](https://github.com/openshift/cluster-monitoring-operator/pull/1943) * [OCPBUGS-11434](https://issues.redhat.com/browse/OCPBUGS-11434): node-exporter: disable btrfs collector [#1937](https://github.com/openshift/cluster-monitoring-operator/pull/1937) * 4.14: OCPBUGS-11269: Add CSI migration for vSphere to telemetry [#1933](https://github.com/openshift/cluster-monitoring-operator/pull/1933) * Speedup jsonnet generation by running in parallel [#1908](https://github.com/openshift/cluster-monitoring-operator/pull/1908) * [OCPBUGS-10690](https://issues.redhat.com/browse/OCPBUGS-10690): jsonnet: Add prometheus container in UWM [#1930](https://github.com/openshift/cluster-monitoring-operator/pull/1930) * [OCPBUGS-7694](https://issues.redhat.com/browse/OCPBUGS-7694): add startup probe for prometheus-adapter [#1917](https://github.com/openshift/cluster-monitoring-operator/pull/1917) * [OCPBUGS-10161](https://issues.redhat.com/browse/OCPBUGS-10161): Updating cluster-monitoring-operator images to be consistent with ART [#1914](https://github.com/openshift/cluster-monitoring-operator/pull/1914) * [OCPBUGS-8215](https://issues.redhat.com/browse/OCPBUGS-8215): bugfix in Node Exporter argument setting [#1909](https://github.com/openshift/cluster-monitoring-operator/pull/1909) * [OCPBUGS-7282](https://issues.redhat.com/browse/OCPBUGS-7282): Node Exporter ignores network interface under name "cali[a-f0-9]*" [#1905](https://github.com/openshift/cluster-monitoring-operator/pull/1905) * Update jsonnet dependencies [#1913](https://github.com/openshift/cluster-monitoring-operator/pull/1913) * [OCPBUGS-8282](https://issues.redhat.com/browse/OCPBUGS-8282): turn off netlink mode of netclass collector in Node Exporter. [#1912](https://github.com/openshift/cluster-monitoring-operator/pull/1912) * [MON-2894](https://issues.redhat.com/browse/MON-2894): add nodeExporter.maxProcs setting. [#1895](https://github.com/openshift/cluster-monitoring-operator/pull/1895) * [Full changelog](https://github.com/openshift/cluster-monitoring-operator/compare/3aa76870066af1d0266ab39201856ba711fd08d7...e0950380f0281a5da3c2fd51abbdab1155d26b4e) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/c7f9fb8f2168ce81250bd588624e58bc2f6f36f8) * [OCPBUGS-51170](https://issues.redhat.com/browse/OCPBUGS-51170): Use applyconfigurations for updating network.oprerator status [#2660](https://github.com/openshift/cluster-network-operator/pull/2660) * [OCPBUGS-48323](https://issues.redhat.com/browse/OCPBUGS-48323): Pass transit_switch_subnet options in ovnkube-node pod for single-zone [#2617](https://github.com/openshift/cluster-network-operator/pull/2617) * [OCPBUGS-42754](https://issues.redhat.com/browse/OCPBUGS-42754): Set mount propagation to HostToContainer for /var/lib/kubelet [#2521](https://github.com/openshift/cluster-network-operator/pull/2521) * [OCPBUGS-47320](https://issues.redhat.com/browse/OCPBUGS-47320): Pass transit_switch_subnet options in ovnkube-node pod [#2607](https://github.com/openshift/cluster-network-operator/pull/2607) * [OCPBUGS-43821](https://issues.redhat.com/browse/OCPBUGS-43821): manifests/02-cncc-credentials: Set skipServiceCheck for GCP [#2546](https://github.com/openshift/cluster-network-operator/pull/2546) * [OCPBUGS-39086](https://issues.redhat.com/browse/OCPBUGS-39086): Fix wait logic for IPsec certificate signing request [#2481](https://github.com/openshift/cluster-network-operator/pull/2481) * [OCPBUGS-41508](https://issues.redhat.com/browse/OCPBUGS-41508): Tighten the permissions on whereabouts.conf [#2493](https://github.com/openshift/cluster-network-operator/pull/2493) * [OCPBUGS-42021](https://issues.redhat.com/browse/OCPBUGS-42021): Add proxy env vars to onvkube-node [#2505](https://github.com/openshift/cluster-network-operator/pull/2505) * [OCPBUGS-38440](https://issues.redhat.com/browse/OCPBUGS-38440): [release-4.14] 4.14 subnet config [#2473](https://github.com/openshift/cluster-network-operator/pull/2473) * [OCPBUGS-37221](https://issues.redhat.com/browse/OCPBUGS-37221): Ensure that the node-identity webhook address contains colons for IPv6 [#2440](https://github.com/openshift/cluster-network-operator/pull/2440) * [OCPBUGS-38073](https://issues.redhat.com/browse/OCPBUGS-38073): Fix IC distributed control plane alerts [#2463](https://github.com/openshift/cluster-network-operator/pull/2463) * [OCPBUGS-37468](https://issues.redhat.com/browse/OCPBUGS-37468): Backport ipsec state metric [#2444](https://github.com/openshift/cluster-network-operator/pull/2444) * [OCPBUGS-32706](https://issues.redhat.com/browse/OCPBUGS-32706): Add conditions for ignored-namespaces [#2380](https://github.com/openshift/cluster-network-operator/pull/2380) * [OCPBUGS-36722](https://issues.redhat.com/browse/OCPBUGS-36722): update whereabouts crd [#2434](https://github.com/openshift/cluster-network-operator/pull/2434) * [OCPBUGS-34885](https://issues.redhat.com/browse/OCPBUGS-34885): [release-4.14] Fix 4.13->4.14 upgrade with ipsec enabled [#2390](https://github.com/openshift/cluster-network-operator/pull/2390) * [OCPBUGS-27925](https://issues.redhat.com/browse/OCPBUGS-27925), [OCPBUGS-30579](https://issues.redhat.com/browse/OCPBUGS-30579): [release-4.14] tighten conditions for the state transitions in IC upgrade [#2207](https://github.com/openshift/cluster-network-operator/pull/2207) * [OCPBUGS-30021](https://issues.redhat.com/browse/OCPBUGS-30021): Fully disable network-node-identity on ROKS [#2315](https://github.com/openshift/cluster-network-operator/pull/2315) * [OCPBUGS-31669](https://issues.redhat.com/browse/OCPBUGS-31669): [release-4.14] ensure local networking deployments within hypershift use the client side load balancer to be resilient to control plane node failures [#2311](https://github.com/openshift/cluster-network-operator/pull/2311) * [OCPBUGS-31360](https://issues.redhat.com/browse/OCPBUGS-31360): Remove egressip write permissions from ovn-kubernetes-node [#2320](https://github.com/openshift/cluster-network-operator/pull/2320) * [OCPBUGS-30021](https://issues.redhat.com/browse/OCPBUGS-30021): [release-4.14] Disable network-node-identity on ROKS [#2286](https://github.com/openshift/cluster-network-operator/pull/2286) * [OCPBUGS-30100](https://issues.redhat.com/browse/OCPBUGS-30100): ipsec: fix openssl typo [#2287](https://github.com/openshift/cluster-network-operator/pull/2287) * [OCPBUGS-29168](https://issues.redhat.com/browse/OCPBUGS-29168): add env var in whereabouts-reconciler daemonset [#2257](https://github.com/openshift/cluster-network-operator/pull/2257) * [OCPBUGS-26573](https://issues.redhat.com/browse/OCPBUGS-26573): Improve troubleshooting IC upgrades [#2076](https://github.com/openshift/cluster-network-operator/pull/2076) * [OCPBUGS-29033](https://issues.redhat.com/browse/OCPBUGS-29033): network node identity: tolarate all taints [#2248](https://github.com/openshift/cluster-network-operator/pull/2248) * [OCPBUGS-18281](https://issues.redhat.com/browse/OCPBUGS-18281): only 2 master nodes are required for ovn-kubernetes [#2154](https://github.com/openshift/cluster-network-operator/pull/2154) * [OCPBUGS-29300](https://issues.redhat.com/browse/OCPBUGS-29300): Update ingressconfig_controller to use field Manager [#2266](https://github.com/openshift/cluster-network-operator/pull/2266) * [OCPBUGS-28608](https://issues.redhat.com/browse/OCPBUGS-28608): fix whereabouts conformance test failures [#2235](https://github.com/openshift/cluster-network-operator/pull/2235) * NO-JIRA: add kyrtapz as reviewer and approver for release 4.14 [#2228](https://github.com/openshift/cluster-network-operator/pull/2228) * [OCPBUGS-27858](https://issues.redhat.com/browse/OCPBUGS-27858): [release-4.14] Add ConfigMap mount to the whereabouts-reconciler DaemonSet [#2219](https://github.com/openshift/cluster-network-operator/pull/2219) * [OCPBUGS-27013](https://issues.redhat.com/browse/OCPBUGS-27013): HyperShift, network-node-identity: Check the deployment in the management cluster [#2195](https://github.com/openshift/cluster-network-operator/pull/2195) * [OCPBUGS-24326](https://issues.redhat.com/browse/OCPBUGS-24326): adminpolicybasedexternalroutes CR accepts an invalid IP address [#2196](https://github.com/openshift/cluster-network-operator/pull/2196) * [OCPBUGS-24037](https://issues.redhat.com/browse/OCPBUGS-24037): remove all managed fields used by old manager [#2112](https://github.com/openshift/cluster-network-operator/pull/2112) * [OCPBUGS-24320](https://issues.redhat.com/browse/OCPBUGS-24320): Add apbroute/status patch rights for ovnkube-node to update status [#2143](https://github.com/openshift/cluster-network-operator/pull/2143) * [OCPBUGS-22787](https://issues.redhat.com/browse/OCPBUGS-22787), [OCPBUGS-22788](https://issues.redhat.com/browse/OCPBUGS-22788), [OCPBUGS-22789](https://issues.redhat.com/browse/OCPBUGS-22789): ovnkube: container scripts cleanup [#2090](https://github.com/openshift/cluster-network-operator/pull/2090) * [OCPBUGS-23371](https://issues.redhat.com/browse/OCPBUGS-23371): hypershift, hosted clusters: enable multi-homing and multi-net features [#2117](https://github.com/openshift/cluster-network-operator/pull/2117) * [OCPBUGS-21717](https://issues.redhat.com/browse/OCPBUGS-21717): Bump golang.org/x/net and github.com/openshift/library-go [#2122](https://github.com/openshift/cluster-network-operator/pull/2122) * [OCPBUGS-24633](https://issues.redhat.com/browse/OCPBUGS-24633): ipsec add pluto restart [#2152](https://github.com/openshift/cluster-network-operator/pull/2152) * [OCPBUGS-22363](https://issues.redhat.com/browse/OCPBUGS-22363): Added HCP label to CNO pods [#2081](https://github.com/openshift/cluster-network-operator/pull/2081) * [OCPBUGS-22286](https://issues.redhat.com/browse/OCPBUGS-22286): hypershift: adjust backoff on infrastructure name retry [#2078](https://github.com/openshift/cluster-network-operator/pull/2078) * [OCPBUGS-23011](https://issues.redhat.com/browse/OCPBUGS-23011): Block upgrades to 4.15 with Kuryr [#2096](https://github.com/openshift/cluster-network-operator/pull/2096) * [OCPBUGS-23315](https://issues.redhat.com/browse/OCPBUGS-23315): set automountServiceAccountToken to false for hypershift managed network-node-identity deploy [#2107](https://github.com/openshift/cluster-network-operator/pull/2107) * [OCPBUGS-19897](https://issues.redhat.com/browse/OCPBUGS-19897): HyperShift: Use the local konnectivity proxy when checking proxy readiness [#2043](https://github.com/openshift/cluster-network-operator/pull/2043) * [OCPBUGS-20472](https://issues.redhat.com/browse/OCPBUGS-20472): hosted cluster upgrade failure from 4.13 stable to 4.14 [#2063](https://github.com/openshift/cluster-network-operator/pull/2063) * [OCPBUGS-20254](https://issues.redhat.com/browse/OCPBUGS-20254): [release-4.14] Revert Kuryr MTU fixes [#2046](https://github.com/openshift/cluster-network-operator/pull/2046) * [OCPBUGS-20184](https://issues.redhat.com/browse/OCPBUGS-20184): [release-4.14]: Don't run network node identity as root [#2054](https://github.com/openshift/cluster-network-operator/pull/2054) * [OCPBUGS-20064](https://issues.redhat.com/browse/OCPBUGS-20064): Multus should determine kubeconfig path [backport 4.14] [#2050](https://github.com/openshift/cluster-network-operator/pull/2050) * [OCPBUGS-19955](https://issues.redhat.com/browse/OCPBUGS-19955): get ipsecStatus from host daemonset [#2045](https://github.com/openshift/cluster-network-operator/pull/2045) * [OCPBUGS-19862](https://issues.redhat.com/browse/OCPBUGS-19862): Multus per-node certificates should have 24h duration [backport 4.14] [#2040](https://github.com/openshift/cluster-network-operator/pull/2040) * [OCPBUGS-19523](https://issues.redhat.com/browse/OCPBUGS-19523): use $CPE_NAME to find the OS major version [#2017](https://github.com/openshift/cluster-network-operator/pull/2017) * [OCPBUGS-19808](https://issues.redhat.com/browse/OCPBUGS-19808): remove prestop hooks for northd, sbdbd and nbdb [#2036](https://github.com/openshift/cluster-network-operator/pull/2036) * [OCPBUGS-19747](https://issues.redhat.com/browse/OCPBUGS-19747): [release-4.14] Use port 9108 for ovnkube-control-plane metrics [#2033](https://github.com/openshift/cluster-network-operator/pull/2033) * [OCPBUGS-19771](https://issues.redhat.com/browse/OCPBUGS-19771): Relax conditions to get IC upgrade started [#2035](https://github.com/openshift/cluster-network-operator/pull/2035) * [OCPBUGS-19748](https://issues.redhat.com/browse/OCPBUGS-19748): Fix config status MTU migration not being updated [#2034](https://github.com/openshift/cluster-network-operator/pull/2034) * [OCPBUGS-19725](https://issues.redhat.com/browse/OCPBUGS-19725): Do not enable node admission webhook if the CNI is not OVN-Kubernetes [#2032](https://github.com/openshift/cluster-network-operator/pull/2032) * [OCPBUGS-19686](https://issues.redhat.com/browse/OCPBUGS-19686): ipsec: remove preStop from host [#2029](https://github.com/openshift/cluster-network-operator/pull/2029) * [OCPBUGS-19627](https://issues.redhat.com/browse/OCPBUGS-19627): Multus per-node certificate request [backport 4.14] [#2023](https://github.com/openshift/cluster-network-operator/pull/2023) * [OCPBUGS-19461](https://issues.redhat.com/browse/OCPBUGS-19461): make ipsec.service required [#2014](https://github.com/openshift/cluster-network-operator/pull/2014) * [OCPBUGS-19649](https://issues.redhat.com/browse/OCPBUGS-19649): Network node identity: node-specific certificate in ovnkube-node, admission webhook [#2011](https://github.com/openshift/cluster-network-operator/pull/2011) * [OCPBUGS-19623](https://issues.redhat.com/browse/OCPBUGS-19623): multus: set MULTUS_NODE_NAME to filter pods to local node [#2022](https://github.com/openshift/cluster-network-operator/pull/2022) * [OCPBUGS-19481](https://issues.redhat.com/browse/OCPBUGS-19481): separate libovsdblogs from main ovnkube-master [#2008](https://github.com/openshift/cluster-network-operator/pull/2008) * [OCPBUGS-18728](https://issues.redhat.com/browse/OCPBUGS-18728): Kuryr: Set MTU on Bootstrap, not Render phase [#1995](https://github.com/openshift/cluster-network-operator/pull/1995) * [OCPBUGS-18871](https://issues.redhat.com/browse/OCPBUGS-18871): ipsec: fix oopsy from 2e3fc8e7a0 [#1997](https://github.com/openshift/cluster-network-operator/pull/1997) * [OCPBUGS-18874](https://issues.redhat.com/browse/OCPBUGS-18874): ovnkube: set northd backoff-interval and use a single thread to save CPU [#1998](https://github.com/openshift/cluster-network-operator/pull/1998) * [OCPBUGS-18135](https://issues.redhat.com/browse/OCPBUGS-18135): IBMCloud specific: patch out management workload for dataplane component thats needed for bootstrapping [#1955](https://github.com/openshift/cluster-network-operator/pull/1955) * move IPsec to host [#1849](https://github.com/openshift/cluster-network-operator/pull/1849) * [OCPBUGS-17916](https://issues.redhat.com/browse/OCPBUGS-17916): Fix IC configmap lookup in pod_status.go [#1954](https://github.com/openshift/cluster-network-operator/pull/1954) * [OCPBUGS-17677](https://issues.redhat.com/browse/OCPBUGS-17677): [Azure]CNCC failed to assign egressIP to NIC for Azure Workload Identity Cluster [#1980](https://github.com/openshift/cluster-network-operator/pull/1980) * [OCPBUGS-18363](https://issues.redhat.com/browse/OCPBUGS-18363): Add '/etc/cni/multus/net.d' into volumemount in multus pod [#1979](https://github.com/openshift/cluster-network-operator/pull/1979) * [OCPBUGS-18175](https://issues.redhat.com/browse/OCPBUGS-18175): Fix bond-cni's default directory in multus manifest [#1953](https://github.com/openshift/cluster-network-operator/pull/1953) * [OCPBUGS-17782](https://issues.redhat.com/browse/OCPBUGS-17782), [SDN-3664](https://issues.redhat.com/browse/SDN-3664): Join ovnkube-controller and ovnkube-node container for multizone setup [#1971](https://github.com/openshift/cluster-network-operator/pull/1971) * [OCPBUGS-16051](https://issues.redhat.com/browse/OCPBUGS-16051), [OCPBUGS-3176](https://issues.redhat.com/browse/OCPBUGS-3176): Enables IP Forwarding config in CNO [#1952](https://github.com/openshift/cluster-network-operator/pull/1952) * [OCPBUGS-17257](https://issues.redhat.com/browse/OCPBUGS-17257): CVE-2023-3978: golang.org/x/net/html: Cross site scripting [#1935](https://github.com/openshift/cluster-network-operator/pull/1935) * [OCPBUGS-17677](https://issues.redhat.com/browse/OCPBUGS-17677): [Azure] Add granular permission for assigning egressIP to NIC to Azure CredentialsRequest for workload identity. [#1949](https://github.com/openshift/cluster-network-operator/pull/1949) * [OCPBUGS-17964](https://issues.redhat.com/browse/OCPBUGS-17964): ovn-k, managed: Align join subnet configuration [#1962](https://github.com/openshift/cluster-network-operator/pull/1962) * [SDN-4024](https://issues.redhat.com/browse/SDN-4024): Add ANP Feature Gate [#1859](https://github.com/openshift/cluster-network-operator/pull/1859) * [SDN-4057](https://issues.redhat.com/browse/SDN-4057): hypershift: Allow ovnkube-master and ovnkube-node to have different images [#1942](https://github.com/openshift/cluster-network-operator/pull/1942) * Remove certificatesigningrequests/update permission from ovnkubenode [#1934](https://github.com/openshift/cluster-network-operator/pull/1934) * Add rolling update for managed ovnkube-control-plane [#1944](https://github.com/openshift/cluster-network-operator/pull/1944) * IC & openshift + hypershift [#1874](https://github.com/openshift/cluster-network-operator/pull/1874) * [OCPBUGS-16019](https://issues.redhat.com/browse/OCPBUGS-16019): prevent creation of multiple cni-sysctl-allowlist-ds pods [#1904](https://github.com/openshift/cluster-network-operator/pull/1904) * [OCPBUGS-10765](https://issues.redhat.com/browse/OCPBUGS-10765): make MAXLOGFILES a real variable and work for self-hosted [#1931](https://github.com/openshift/cluster-network-operator/pull/1931) * Multus thick plugin support [#1915](https://github.com/openshift/cluster-network-operator/pull/1915) * OVN-Kubernetes ipsec: create the CSR with a random name [#1928](https://github.com/openshift/cluster-network-operator/pull/1928) * [CCO-294](https://issues.redhat.com/browse/CCO-294): Switch azure credentials request to use explicit permissions [#1922](https://github.com/openshift/cluster-network-operator/pull/1922) * OVN-Kubernetes: Add status subresource permissions for setting labels and annotations [#1896](https://github.com/openshift/cluster-network-operator/pull/1896) * [SDN-3223](https://issues.redhat.com/browse/SDN-3223): Use encapsulation=true for IBM Cloud [#1800](https://github.com/openshift/cluster-network-operator/pull/1800) * [Bug 16136](https://bugzilla.redhat.com/show_bug.cgi?id=16136): change whereabouts ip reconciler exec [#1890](https://github.com/openshift/cluster-network-operator/pull/1890) * Add OpenStack platform to list of allowed dual-stack clusters [#1697](https://github.com/openshift/cluster-network-operator/pull/1697) * [OCPBUGS-15945](https://issues.redhat.com/browse/OCPBUGS-15945): Stop using utilruntime.PanicHandlers to handle reconciliation panics [#1893](https://github.com/openshift/cluster-network-operator/pull/1893) * [HOSTEDCP-1063](https://issues.redhat.com/browse/HOSTEDCP-1063): allow webhooks in hosted clusters to reach multus-admission-controller service [#1879](https://github.com/openshift/cluster-network-operator/pull/1879) * [OCPBUGS-15961](https://issues.redhat.com/browse/OCPBUGS-15961): FIPS related CNO changes [#1901](https://github.com/openshift/cluster-network-operator/pull/1901) * [OCPBUGS-10765](https://issues.redhat.com/browse/OCPBUGS-10765): Revert "Revert "OCPBUGS-10765: Remove oldest ovn acl log files when f… [#1876](https://github.com/openshift/cluster-network-operator/pull/1876) * ovn-k: Configure dns service namespace and name [#1912](https://github.com/openshift/cluster-network-operator/pull/1912) * [OCPBUGS-15544](https://issues.redhat.com/browse/OCPBUGS-15544): Enable multi-external-gateway feature by default for managed and hosted clusters [#1887](https://github.com/openshift/cluster-network-operator/pull/1887) * [OCPBUGS-15918](https://issues.redhat.com/browse/OCPBUGS-15918): Skip rendering 0.0.0.0/0 for cluster proxy status [#1903](https://github.com/openshift/cluster-network-operator/pull/1903) * Change rhel7/8 to rhel8/9 [#1870](https://github.com/openshift/cluster-network-operator/pull/1870) * Enable EgressService controller [#1848](https://github.com/openshift/cluster-network-operator/pull/1848) * Edited multus-admission-controller deployment config to not add autom… [#1767](https://github.com/openshift/cluster-network-operator/pull/1767) * [OCPBUGS-15794](https://issues.redhat.com/browse/OCPBUGS-15794): fix: add missing annotation for workload partitioning [#1866](https://github.com/openshift/cluster-network-operator/pull/1866) * [OCPBUGS-15544](https://issues.redhat.com/browse/OCPBUGS-15544): Add adminpolicybasedexternalroutes rights for ovnkube-node. [#1867](https://github.com/openshift/cluster-network-operator/pull/1867) * Revert "Remove oldest ovn acl log files when file limit exceeded" #1873 [#1873](https://github.com/openshift/cluster-network-operator/pull/1873) * [OCPBUGS-10765](https://issues.redhat.com/browse/OCPBUGS-10765): Remove oldest ovn acl log files when file limit exceeded [#1868](https://github.com/openshift/cluster-network-operator/pull/1868) * kube-proxy config overriding updates [#1831](https://github.com/openshift/cluster-network-operator/pull/1831) * [OCPBUGS-15282](https://issues.redhat.com/browse/OCPBUGS-15282): Add release version annotation to whereabouts-reconciler [#1851](https://github.com/openshift/cluster-network-operator/pull/1851) * [CCO-356](https://issues.redhat.com/browse/CCO-356): Add Infrastructures permission to CNCC cluster role [#1843](https://github.com/openshift/cluster-network-operator/pull/1843) * Add multi-networkpolicies support for OVN [#1796](https://github.com/openshift/cluster-network-operator/pull/1796) * Add support for AdminPolicyBasedExternalRoute CRD and controller's RBAC [#1765](https://github.com/openshift/cluster-network-operator/pull/1765) * [OCPBUGS-15138](https://issues.redhat.com/browse/OCPBUGS-15138): Add kubernetes.io/os nodeSelector to wherebouts reconciler DS [#1841](https://github.com/openshift/cluster-network-operator/pull/1841) * [OCPBUGS-14988](https://issues.redhat.com/browse/OCPBUGS-14988), [SDN-3901](https://issues.redhat.com/browse/SDN-3901): Rebase to kube 1.27 [#1826](https://github.com/openshift/cluster-network-operator/pull/1826) * [CCO-358](https://issues.redhat.com/browse/CCO-358): Manifest changes necessary to support Azure Workload Identity [#1755](https://github.com/openshift/cluster-network-operator/pull/1755) * [OCPBUGS-14714](https://issues.redhat.com/browse/OCPBUGS-14714): Do not rely on ControlPlaneTopology do determine if running in HyperShift [#1835](https://github.com/openshift/cluster-network-operator/pull/1835) * [OCPBUGS-11882](https://issues.redhat.com/browse/OCPBUGS-11882): Added another volume to safe-to-evict-local-volume annotation [#1830](https://github.com/openshift/cluster-network-operator/pull/1830) * [OCPBUGS-14833](https://issues.redhat.com/browse/OCPBUGS-14833): Fixes lint issues [#1834](https://github.com/openshift/cluster-network-operator/pull/1834) * [OCPBUGS-14384](https://issues.redhat.com/browse/OCPBUGS-14384): Remove nodeSelector for architecture in whereabouts daemonset [#1828](https://github.com/openshift/cluster-network-operator/pull/1828) * [OCPBUGS-11882](https://issues.redhat.com/browse/OCPBUGS-11882): Added safe-to-evict annotation to ovnkube-master and multus admission controller components [#1822](https://github.com/openshift/cluster-network-operator/pull/1822) * [OCPBUGS-13922](https://issues.redhat.com/browse/OCPBUGS-13922): Revert "Do not set the operator as available before updating the network config" [#1818](https://github.com/openshift/cluster-network-operator/pull/1818) * [OCPBUGS-11448](https://issues.redhat.com/browse/OCPBUGS-11448): add Hypershift release-image annotation to multus [#1770](https://github.com/openshift/cluster-network-operator/pull/1770) * [OCPBUGS-10937](https://issues.redhat.com/browse/OCPBUGS-10937): multus-admission-controller mounts secret with mode 0640 [#1752](https://github.com/openshift/cluster-network-operator/pull/1752) * [OCPBUGS-13219](https://issues.redhat.com/browse/OCPBUGS-13219): Use `IfNotPresent` instead of `Always` in OVNK upgrades pre-puller [#1803](https://github.com/openshift/cluster-network-operator/pull/1803) * [OCPBUGS-5027](https://issues.redhat.com/browse/OCPBUGS-5027): Make the operator degraded on panic [#1786](https://github.com/openshift/cluster-network-operator/pull/1786) * [OCPBUGS-12856](https://issues.redhat.com/browse/OCPBUGS-12856): Support Device Plugin Resources For Smart NIC and DPU Hosts [#1721](https://github.com/openshift/cluster-network-operator/pull/1721) * Updating cluster-network-operator images to be consistent with ART [#1790](https://github.com/openshift/cluster-network-operator/pull/1790) * [OCPBUGS-11565](https://issues.redhat.com/browse/OCPBUGS-11565): High API requests due to allowlist and operconfig reconcilers running too often [#1788](https://github.com/openshift/cluster-network-operator/pull/1788) * [OCPBUGS-8070](https://issues.redhat.com/browse/OCPBUGS-8070): Depreciate legacy field manager [#1763](https://github.com/openshift/cluster-network-operator/pull/1763) * [OCPBUGS-11550](https://issues.redhat.com/browse/OCPBUGS-11550): AUTH: update cluster-reader to include k8s.ovn.org [#1791](https://github.com/openshift/cluster-network-operator/pull/1791) * [OCPBUGS-10009](https://issues.redhat.com/browse/OCPBUGS-10009): HyperShift: Support HostedControlPlane node selector [#1736](https://github.com/openshift/cluster-network-operator/pull/1736) * [OCPBUGS-11046](https://issues.redhat.com/browse/OCPBUGS-11046): fix reconciliation process of the allowlist controller [#1792](https://github.com/openshift/cluster-network-operator/pull/1792) * [OCPBUGS-1341](https://issues.redhat.com/browse/OCPBUGS-1341): Enhance check controller to remove old check objects [#1649](https://github.com/openshift/cluster-network-operator/pull/1649) * [OCPBUGS-11046](https://issues.redhat.com/browse/OCPBUGS-11046): Fix allowlist ds template [#1773](https://github.com/openshift/cluster-network-operator/pull/1773) * [OCPBUGS-10647](https://issues.redhat.com/browse/OCPBUGS-10647): multus-admission-controller should not run as root under Hypershift [#1745](https://github.com/openshift/cluster-network-operator/pull/1745) * [OCPBUGS-9174](https://issues.redhat.com/browse/OCPBUGS-9174): The cluster-readers group should be able to get net-attach-defs [#1343](https://github.com/openshift/cluster-network-operator/pull/1343) * Updating cluster-network-operator images to be consistent with ART [#1768](https://github.com/openshift/cluster-network-operator/pull/1768) * [OCPBUGS-9964](https://issues.redhat.com/browse/OCPBUGS-9964): Split out konnectivity certs [#1734](https://github.com/openshift/cluster-network-operator/pull/1734) * [SDN-3444](https://issues.redhat.com/browse/SDN-3444): Add runbook url for SBDB connectivity alert [#1553](https://github.com/openshift/cluster-network-operator/pull/1553) * [OCPBUGS-7777](https://issues.redhat.com/browse/OCPBUGS-7777): use --template instead of -a for 'oc observe' [#1760](https://github.com/openshift/cluster-network-operator/pull/1760) * Fix tier label, privileged, HOSTNAME/NODENAME in whereabouts reconciler [#1735](https://github.com/openshift/cluster-network-operator/pull/1735) * [OCPBUGS-10433](https://issues.redhat.com/browse/OCPBUGS-10433): Hypershift: Add RollingUpdate parameters to multus-admission-controller [#1740](https://github.com/openshift/cluster-network-operator/pull/1740) * ovn-kube: move back to unsuffixed RHEL9 images [#1747](https://github.com/openshift/cluster-network-operator/pull/1747) * Updating cluster-network-operator images to be consistent with ART [#1732](https://github.com/openshift/cluster-network-operator/pull/1732) * [OCPBUGS-10649](https://issues.redhat.com/browse/OCPBUGS-10649): HyperShift: Add POD_NAME env to ovnkube-node [#1748](https://github.com/openshift/cluster-network-operator/pull/1748) * [OCPBUGS-10031](https://issues.redhat.com/browse/OCPBUGS-10031): operConfig reconcile can return nil error on failure [#1744](https://github.com/openshift/cluster-network-operator/pull/1744) * Set OVN-K north/south bound stale alerts severity to critical [#1668](https://github.com/openshift/cluster-network-operator/pull/1668) * [OCPBUGS-8707](https://issues.redhat.com/browse/OCPBUGS-8707): Point libreswan to proper nss location [#1727](https://github.com/openshift/cluster-network-operator/pull/1727) * Whereabouts should implement the reconciliation controller [#1693](https://github.com/openshift/cluster-network-operator/pull/1693) * add/update some UTs around clusternetwork change [#1725](https://github.com/openshift/cluster-network-operator/pull/1725) * [OCPBUGS-9931](https://issues.redhat.com/browse/OCPBUGS-9931): Enable configuration of node healthz server on ovnkube [#1715](https://github.com/openshift/cluster-network-operator/pull/1715) * [OCPBUGS-8692](https://issues.redhat.com/browse/OCPBUGS-8692): HyperShift: Set affinity, tolerations and co-location for all hcp resources created by CNO [#1728](https://github.com/openshift/cluster-network-operator/pull/1728) * Cno 4.13 kubernetes 1.26 [#1708](https://github.com/openshift/cluster-network-operator/pull/1708) * use annotation on the daemonset to update hybrid overlay [#1709](https://github.com/openshift/cluster-network-operator/pull/1709) * Remove the ovn-kind-cno.sh script [#1710](https://github.com/openshift/cluster-network-operator/pull/1710) * [SDN-3597](https://issues.redhat.com/browse/SDN-3597): OVN-K alerts: add OVS overflow alerts [#1630](https://github.com/openshift/cluster-network-operator/pull/1630) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/df5cf2735b29eb5ca630ec89579ab2bb7a7425b2...c7f9fb8f2168ce81250bd588624e58bc2f6f36f8) ### [cluster-node-tuning-operator](https://github.com/openshift/cluster-node-tuning-operator/tree/5511c8df81e608a45bf37cb021707f7b9ede9c9a) * e2e:performance: decode to valid kubeletconfig object (#1276) [#1276](https://github.com/openshift/cluster-node-tuning-operator/pull/1276) * Fix context deadlines in ExecCommandOnPod() (#1272) [#1272](https://github.com/openshift/cluster-node-tuning-operator/pull/1272) * [OCPBUGS-44506](https://issues.redhat.com/browse/OCPBUGS-44506): Drop sched_migration_cost_ns setting (#1215) [#1215](https://github.com/openshift/cluster-node-tuning-operator/pull/1215) * [OCPBUGS-44283](https://issues.redhat.com/browse/OCPBUGS-44283): right-hand-side profile_dirs take precedence (#1210) [#1210](https://github.com/openshift/cluster-node-tuning-operator/pull/1210) * [OCPBUGS-42567](https://issues.redhat.com/browse/OCPBUGS-42567): Add cluster-wide proxy env file (#1176) [#1176](https://github.com/openshift/cluster-node-tuning-operator/pull/1176) * TuneD prior to kubelet in one-shot mode (#1137) [#1137](https://github.com/openshift/cluster-node-tuning-operator/pull/1137) * [OCPBUGS-37754](https://issues.redhat.com/browse/OCPBUGS-37754): Remove tuned/rendered object (#1133) [#1133](https://github.com/openshift/cluster-node-tuning-operator/pull/1133) * [OCPBUGS-37734](https://issues.redhat.com/browse/OCPBUGS-37734): Backport fix for OCPBUGS-36355 (#1126) [#1126](https://github.com/openshift/cluster-node-tuning-operator/pull/1126) * [OCPBUGS-33929](https://issues.redhat.com/browse/OCPBUGS-33929): Negative net interface name does not reduce queues (#1074) [#1074](https://github.com/openshift/cluster-node-tuning-operator/pull/1074) * Add a '.snyk' to silence static code analysis warnings (#1002) [#1002](https://github.com/openshift/cluster-node-tuning-operator/pull/1002) * [OCPBUGS-30153](https://issues.redhat.com/browse/OCPBUGS-30153): fix rendering extra ctrcfgs (#978) [#978](https://github.com/openshift/cluster-node-tuning-operator/pull/978) * fix extra-reboot on upgrade with paused mcp worker (#1053) [#1053](https://github.com/openshift/cluster-node-tuning-operator/pull/1053) * [OCPBUGS-31694](https://issues.redhat.com/browse/OCPBUGS-31694): E2E: Workload hints test cases fixes (#1012) (#1052) [#1012](https://github.com/openshift/cluster-node-tuning-operator/pull/1012) * Systemd processes not being moved to cpuset/systemd.slice fix (#1040) [#1040](https://github.com/openshift/cluster-node-tuning-operator/pull/1040) * Reduce number of reboots in offline tests (#1035) [#1035](https://github.com/openshift/cluster-node-tuning-operator/pull/1035) * [OCPBUGS-30507](https://issues.redhat.com/browse/OCPBUGS-30507): Add performance real time tuned template (#984) (#1025) [#984](https://github.com/openshift/cluster-node-tuning-operator/pull/984) * Report duplicate priority only for multiple matching profiles (#1018) [#1018](https://github.com/openshift/cluster-node-tuning-operator/pull/1018) * Scheduler plugin: ignore IRQs (#1023) [#1023](https://github.com/openshift/cluster-node-tuning-operator/pull/1023) * irqbalance: set banned cpus list to 0 (#994) [#994](https://github.com/openshift/cluster-node-tuning-operator/pull/994) * [OCPBUGS-18640](https://issues.redhat.com/browse/OCPBUGS-18640): [release-4.14][manual] backport performance profile owner reference ehnancements (#989) [#989](https://github.com/openshift/cluster-node-tuning-operator/pull/989) * rps: fail silently when rps application failed (#901) [#901](https://github.com/openshift/cluster-node-tuning-operator/pull/901) * [OCPBUGS-25982](https://issues.redhat.com/browse/OCPBUGS-25982): E2E: Add tests for Dynamic ovs pinning (#904) (#913) [#904](https://github.com/openshift/cluster-node-tuning-operator/pull/904) * [OCPBUGS-26003](https://issues.redhat.com/browse/OCPBUGS-26003): E2E: PPC Test cases (#905) [#905](https://github.com/openshift/cluster-node-tuning-operator/pull/905) * Make MC names deterministic (#903) [#903](https://github.com/openshift/cluster-node-tuning-operator/pull/903) * [OCPBUGS-25671](https://issues.redhat.com/browse/OCPBUGS-25671): rps: fix mask update for SR-IOV devices (#891) [#891](https://github.com/openshift/cluster-node-tuning-operator/pull/891) * [OCPBUGS-18640](https://issues.redhat.com/browse/OCPBUGS-18640): Fix Racing Machine Configs and add Day 0 Support (#854) (#871) [#854](https://github.com/openshift/cluster-node-tuning-operator/pull/854) * [OCPBUGS-24638](https://issues.redhat.com/browse/OCPBUGS-24638): Do not set default RPS sysctl twice (#880) [#880](https://github.com/openshift/cluster-node-tuning-operator/pull/880) * [OCPBUGS-21845](https://issues.redhat.com/browse/OCPBUGS-21845): rps: trigger udev event per queue #832 (#832) [#832](https://github.com/openshift/cluster-node-tuning-operator/pull/832) * [OCPBUGS-21845](https://issues.redhat.com/browse/OCPBUGS-21845): e2e:rps: improve logging (#831) [#831](https://github.com/openshift/cluster-node-tuning-operator/pull/831) * render: change dir path (#826) [#826](https://github.com/openshift/cluster-node-tuning-operator/pull/826) * Disable HTTP/2 for webhook and metrics servers (#841) [#841](https://github.com/openshift/cluster-node-tuning-operator/pull/841) * Remove obsolete protocols and weak ciphers (#835) [#835](https://github.com/openshift/cluster-node-tuning-operator/pull/835) * [OCPBUGS-19459](https://issues.redhat.com/browse/OCPBUGS-19459): check for object being nil (#805) [#805](https://github.com/openshift/cluster-node-tuning-operator/pull/805) * [OCPBUGS-19821](https://issues.redhat.com/browse/OCPBUGS-19821): e2e: perfprof: enhance the scheduling domain tests (#813) [#813](https://github.com/openshift/cluster-node-tuning-operator/pull/813) * nto: avoid timeout when there are too many CSV (#817) [#817](https://github.com/openshift/cluster-node-tuning-operator/pull/817) * Add kubeconfig path for IBM Managed OpenShift (#812) [#812](https://github.com/openshift/cluster-node-tuning-operator/pull/812) * [OCPBUGS-18868](https://issues.redhat.com/browse/OCPBUGS-18868): [release-4.14] e2e: add expected max latancy to hwlatdetec test & rename constant (#788) [#788](https://github.com/openshift/cluster-node-tuning-operator/pull/788) * Sync DaemonSet if operand image changes (#785) [#785](https://github.com/openshift/cluster-node-tuning-operator/pull/785) * [OCPBUGS-18392](https://issues.redhat.com/browse/OCPBUGS-18392): Change the OVN trigger file name to adapt to OVN IC (#777) [#777](https://github.com/openshift/cluster-node-tuning-operator/pull/777) * [OCPBUGS-15044](https://issues.redhat.com/browse/OCPBUGS-15044): e2e:irqloadbalance: wait for profile revert (#768) [#768](https://github.com/openshift/cluster-node-tuning-operator/pull/768) * Add SetLogger() prior to controller-runtime start (#779) [#779](https://github.com/openshift/cluster-node-tuning-operator/pull/779) * [OCPBUGS-18052](https://issues.redhat.com/browse/OCPBUGS-18052): feat: added logic to handle legacy sno install (#778) [#778](https://github.com/openshift/cluster-node-tuning-operator/pull/778) * [OCPBUGS-17943](https://issues.redhat.com/browse/OCPBUGS-17943): Add rtentsk plugin to pp tuned profile (#767) [#767](https://github.com/openshift/cluster-node-tuning-operator/pull/767) * Tighten the rules for modifying Tuned Profiles (#775) [#775](https://github.com/openshift/cluster-node-tuning-operator/pull/775) * Revert "Tighten the rules for modifying Tuned Profiles (#765)" (#771) [#765](https://github.com/openshift/cluster-node-tuning-operator/pull/765) * Tighten the rules for modifying Tuned Profiles (#765) [#765](https://github.com/openshift/cluster-node-tuning-operator/pull/765) * [OCPBUGS-14026](https://issues.redhat.com/browse/OCPBUGS-14026): cgroup: Match the name of the cgroup to what is expected by kubelet (#758) [#758](https://github.com/openshift/cluster-node-tuning-operator/pull/758) * e2e: irqbalance: improve test troubleshooting (#753) [#753](https://github.com/openshift/cluster-node-tuning-operator/pull/753) * [OCPBUGS-16348](https://issues.redhat.com/browse/OCPBUGS-16348): OSLAT latency spikes due to tsc karg setting (#756) [#756](https://github.com/openshift/cluster-node-tuning-operator/pull/756) * Makefile: hack: add helpers to compile testsuites (#751) [#751](https://github.com/openshift/cluster-node-tuning-operator/pull/751) * [OCPBUGS-17219](https://issues.redhat.com/browse/OCPBUGS-17219): Render mode should not segfault w/ no matching MCP (#754) [#754](https://github.com/openshift/cluster-node-tuning-operator/pull/754) * Release leader election on manager exit (#745) [#745](https://github.com/openshift/cluster-node-tuning-operator/pull/745) * generate missing files (#752) [#752](https://github.com/openshift/cluster-node-tuning-operator/pull/752) * vendor: bump OCP dependencies 08082023 (#750) [#750](https://github.com/openshift/cluster-node-tuning-operator/pull/750) * [OCPBUGS-7980](https://issues.redhat.com/browse/OCPBUGS-7980): e2e:ht-aware: exec on the correct worker node (#729) [#729](https://github.com/openshift/cluster-node-tuning-operator/pull/729) * bump k8s to 1.27.4 (#748) [#748](https://github.com/openshift/cluster-node-tuning-operator/pull/748) * e2e: wait for objects deletion (#749) [#749](https://github.com/openshift/cluster-node-tuning-operator/pull/749) * e2e:wait: return updated pod object explicitly (#744) [#744](https://github.com/openshift/cluster-node-tuning-operator/pull/744) * [OCPBUGS-17258](https://issues.redhat.com/browse/OCPBUGS-17258): CVE-2023-3978: golang.org/x/net/html (#747) [#747](https://github.com/openshift/cluster-node-tuning-operator/pull/747) * e2e: remove image parameter from must gather (#743) [#743](https://github.com/openshift/cluster-node-tuning-operator/pull/743) * Update the `config.openshift.io/node` object's `cgroupMode` to "v1" (#737) [#737](https://github.com/openshift/cluster-node-tuning-operator/pull/737) * Fix a race in e2e test rollback.go code (#739) [#739](https://github.com/openshift/cluster-node-tuning-operator/pull/739) * e2e:irqbalance: applied condition exists (#727) [#727](https://github.com/openshift/cluster-node-tuning-operator/pull/727) * Improve render error handling (#724) [#724](https://github.com/openshift/cluster-node-tuning-operator/pull/724) * e2e:irqbalance: wait for tuned profile to be ready (#721) [#721](https://github.com/openshift/cluster-node-tuning-operator/pull/721) * pao:status: do not take address of loop var (#720) [#720](https://github.com/openshift/cluster-node-tuning-operator/pull/720) * nto:tuned: remove sched_min_granularity_ns settings (#722) [#722](https://github.com/openshift/cluster-node-tuning-operator/pull/722) * Align TuneD with the latest shipped FDP version (#716) [#716](https://github.com/openshift/cluster-node-tuning-operator/pull/716) * E2E: update cpu load balancing test for latest cgroup related changes (#712) [#712](https://github.com/openshift/cluster-node-tuning-operator/pull/712) * Build gather-sysinfo (#714) [#714](https://github.com/openshift/cluster-node-tuning-operator/pull/714) * e2e: overhaul Performance-Addon-Operator tests (#590) [#590](https://github.com/openshift/cluster-node-tuning-operator/pull/590) * e2e: latency testing: increase the expected threshold (#706) [#706](https://github.com/openshift/cluster-node-tuning-operator/pull/706) * e2e: perf-prof: disable truncating gomega output (#702) [#702](https://github.com/openshift/cluster-node-tuning-operator/pull/702) * Configure OVS for dynamic cpu pinning (#559) [#559](https://github.com/openshift/cluster-node-tuning-operator/pull/559) * [OCPVE-382](https://issues.redhat.com/browse/OCPVE-382): fix: add default state for crio config (#700) [#700](https://github.com/openshift/cluster-node-tuning-operator/pull/700) * e2e: devmgr: fine tune kubelet restart test (#701) [#701](https://github.com/openshift/cluster-node-tuning-operator/pull/701) * e2e: RPS: fix expected cpu set (#703) [#703](https://github.com/openshift/cluster-node-tuning-operator/pull/703) * Switch to rslave/HostToContainer volume mount propagation (#692) [#692](https://github.com/openshift/cluster-node-tuning-operator/pull/692) * Do not rollback settings on TuneD exit (#699) [#699](https://github.com/openshift/cluster-node-tuning-operator/pull/699) * e2e: reboot: add kubelet restart test (#697) [#697](https://github.com/openshift/cluster-node-tuning-operator/pull/697) * remove conditional skip (#690) [#690](https://github.com/openshift/cluster-node-tuning-operator/pull/690) * e2e: memorymanager fix: check the hugepage size condition (#693) [#693](https://github.com/openshift/cluster-node-tuning-operator/pull/693) * Use RHEL9 as a base (#665) [#665](https://github.com/openshift/cluster-node-tuning-operator/pull/665) * Expose TuneD socket to host. (#651) [#651](https://github.com/openshift/cluster-node-tuning-operator/pull/651) * E2E: Use appropriate device path for rpsmask test (#691) [#691](https://github.com/openshift/cluster-node-tuning-operator/pull/691) * chore: replace `github.com/ghodss/yaml` with `sigs.k8s.io/yaml` (#628) [#628](https://github.com/openshift/cluster-node-tuning-operator/pull/628) * test: perfprof: devices: fix default test image (#672) [#672](https://github.com/openshift/cluster-node-tuning-operator/pull/672) * e2e: verify latency tests run with LATENCY_TEST_DELAY>120 (#662) [#662](https://github.com/openshift/cluster-node-tuning-operator/pull/662) * E2E: Add memory manager sanity test case (#573) [#573](https://github.com/openshift/cluster-node-tuning-operator/pull/573) * modify owners (#634) [#634](https://github.com/openshift/cluster-node-tuning-operator/pull/634) * Add minLength restriction to Tuned CR (#689) [#689](https://github.com/openshift/cluster-node-tuning-operator/pull/689) * [OCPBUGS-14934](https://issues.redhat.com/browse/OCPBUGS-14934): consistent use of ginkgo flags in Makefile (#682) [#682](https://github.com/openshift/cluster-node-tuning-operator/pull/682) * [OCPBUGS-14622](https://issues.redhat.com/browse/OCPBUGS-14622): Do not fail creating cgroups if they exist already (#683) [#683](https://github.com/openshift/cluster-node-tuning-operator/pull/683) * [OCPBUGS-14193](https://issues.redhat.com/browse/OCPBUGS-14193): pao e2e: Split e2e PAO update lane to more lanes (#631) [#631](https://github.com/openshift/cluster-node-tuning-operator/pull/631) * [OCPBUGS-4194](https://issues.redhat.com/browse/OCPBUGS-4194): rps: use default rps mask kernel API (#650) [#650](https://github.com/openshift/cluster-node-tuning-operator/pull/650) * [OCPBUGS-14756](https://issues.redhat.com/browse/OCPBUGS-14756): [test] [e2e] Check ci lanes are executing the right test suites (#679) [#679](https://github.com/openshift/cluster-node-tuning-operator/pull/679) * check ocp version and export CNF_TEST_IMAGE variable with appropriate cluster version (#584) [#584](https://github.com/openshift/cluster-node-tuning-operator/pull/584) * [OCPBUGS-5529](https://issues.redhat.com/browse/OCPBUGS-5529): Fix updating numa core siblings map in GetCpuSiblings function (#564) [#564](https://github.com/openshift/cluster-node-tuning-operator/pull/564) * Remove cpu-quota.crio.io: disable annotation (#663) [#663](https://github.com/openshift/cluster-node-tuning-operator/pull/663) * [OCPBUGS-14137](https://issues.redhat.com/browse/OCPBUGS-14137): e2e: perfprof: add SNO device recovery test (#653) [#653](https://github.com/openshift/cluster-node-tuning-operator/pull/653) * Add PerformanceProfiles to 'oc adm must-gather' (#655) [#655](https://github.com/openshift/cluster-node-tuning-operator/pull/655) * Revert "Add PerformanceProfiles to 'oc adm must-gather' (#582)" (#654) [#582](https://github.com/openshift/cluster-node-tuning-operator/pull/582) * Add PerformanceProfiles to 'oc adm must-gather' (#582) [#582](https://github.com/openshift/cluster-node-tuning-operator/pull/582) * [OCPBUGS-13148](https://issues.redhat.com/browse/OCPBUGS-13148): Configure cpu balancing cpu sets for all clusters (#646) [#646](https://github.com/openshift/cluster-node-tuning-operator/pull/646) * OCPBUGS-12978 use WatchNamespace() when deleting Profiles (#644) [#644](https://github.com/openshift/cluster-node-tuning-operator/pull/644) * Updating cluster-node-tuning-operator images to be consistent with ART (#579) [#579](https://github.com/openshift/cluster-node-tuning-operator/pull/579) * [OCPBUGS-11083](https://issues.redhat.com/browse/OCPBUGS-11083): pao e2e: fix update test suit timeouts (#626) [#626](https://github.com/openshift/cluster-node-tuning-operator/pull/626) * e2e: Fix RPS test for multi-worker cluster (#641) [#641](https://github.com/openshift/cluster-node-tuning-operator/pull/641) * Revert PR558 and PR585 partially (#639) [#639](https://github.com/openshift/cluster-node-tuning-operator/pull/639) * e2e: add missing test id (#622) [#622](https://github.com/openshift/cluster-node-tuning-operator/pull/622) * [OCPNODE-1539](https://issues.redhat.com/browse/OCPNODE-1539): perf profile: add script for preparing cgroups for CPU load balance disabling (#601) [#601](https://github.com/openshift/cluster-node-tuning-operator/pull/601) * Remove subPaths, they are broken (#623) [#623](https://github.com/openshift/cluster-node-tuning-operator/pull/623) * [OCPBUGS-10293](https://issues.redhat.com/browse/OCPBUGS-10293): performance-profile: enable crun for high-performance runtime (#588) [#588](https://github.com/openshift/cluster-node-tuning-operator/pull/588) * Revert #567 and cleanup PPC-generated TuneD config (#611) [#611](https://github.com/openshift/cluster-node-tuning-operator/pull/611) * Backup and revert profile when hugepages test completes (#597) [#597](https://github.com/openshift/cluster-node-tuning-operator/pull/597) * tuned: Handle UserLevelNetworking nil pointer gracefully (#608) [#608](https://github.com/openshift/cluster-node-tuning-operator/pull/608) * A new env var NO_BZ_CHECKS disables Bz and Jira status checks (#607) [#607](https://github.com/openshift/cluster-node-tuning-operator/pull/607) * [OCPBUGS-9959](https://issues.redhat.com/browse/OCPBUGS-9959): check scheduler settings under /sys/kernel/debug/sched/ (#581) [#581](https://github.com/openshift/cluster-node-tuning-operator/pull/581) * workload-hints: disable stalld when rt disabled (#592) [#592](https://github.com/openshift/cluster-node-tuning-operator/pull/592) * render: remove uid from render-sync target (#594) [#594](https://github.com/openshift/cluster-node-tuning-operator/pull/594) * [OCPBUGS-11083](https://issues.redhat.com/browse/OCPBUGS-11083): e2e: profile updates tests revised (#600) [#600](https://github.com/openshift/cluster-node-tuning-operator/pull/600) * Update to the latest k8s and OpenShift deps (#580) [#580](https://github.com/openshift/cluster-node-tuning-operator/pull/580) * Make the enable-leader-election option work (#586) [#586](https://github.com/openshift/cluster-node-tuning-operator/pull/586) * Update NTO-generated MC on MachineCount <= 1 (#585) [#585](https://github.com/openshift/cluster-node-tuning-operator/pull/585) * remove BZ 2181546 from skip list (#602) [#602](https://github.com/openshift/cluster-node-tuning-operator/pull/602) * Fix updating nodeSelector test (#595) [#595](https://github.com/openshift/cluster-node-tuning-operator/pull/595) * Remove the preStop hook for openshift-tuned (#587) [#587](https://github.com/openshift/cluster-node-tuning-operator/pull/587) * Skip tests depending on Jira or Bz issue status (#591) [#591](https://github.com/openshift/cluster-node-tuning-operator/pull/591) * kubectl explain to explicitly state workloadHint default values (#576) [#576](https://github.com/openshift/cluster-node-tuning-operator/pull/576) * [Full changelog](https://github.com/openshift/cluster-node-tuning-operator/compare/978a6c56e163f119f757d7116fa99d6b05f7d7f5...5511c8df81e608a45bf37cb021707f7b9ede9c9a) ### [cluster-openshift-apiserver-operator](https://github.com/openshift/cluster-openshift-apiserver-operator/tree/700dc111fd98c315648a78371b11be34fa4dbba3) * [OCPBUGS-28247](https://issues.redhat.com/browse/OCPBUGS-28247): Remove "include.release.openshift.io/ibm-cloud-managed:" annotation [#570](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/570) * : OCPBUGS-20724: bump library-go to include switch to HTTP/1.1 [#554](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/554) * [WRKLDS-728](https://issues.redhat.com/browse/WRKLDS-728): Capabilities: drop build/apps APIService when capabilities are not enabled [#532](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/532) * switch image-registry cert CM [#545](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/545) * [OCPBUGS-16554](https://issues.redhat.com/browse/OCPBUGS-16554): update dependencies to get rid of goproxy [#546](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/546) * [AUTH-408](https://issues.redhat.com/browse/AUTH-408): bindata: set required-scc [#544](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/544) * Plumb featuregates to the openshift-apiserver [#542](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/542) * allow etcd healthcheck timeout closer to probe timeouts to avoid failing on slower etcd [#540](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/540) * Add AES-GCM encryption tests [#539](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/539) * [OCPBUGS-14010](https://issues.redhat.com/browse/OCPBUGS-14010): increase timeout for probes [#536](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/536) * [OCPBUGS-2765](https://issues.redhat.com/browse/OCPBUGS-2765): Library go bump [#538](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/538) * [OCPBUGS-12813](https://issues.redhat.com/browse/OCPBUGS-12813): Updating ose-cluster-openshift-apiserver-operator images to be consistent with ART [#534](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/534) * Updating ose-cluster-openshift-apiserver-operator images to be consistent with ART [#525](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/525) * [OCPBUGS-10040](https://issues.redhat.com/browse/OCPBUGS-10040): update openshift/api to include aesgcm provider in the default apiserver schema [#526](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/526) * [Full changelog](https://github.com/openshift/cluster-openshift-apiserver-operator/compare/9abb220ac11f370f323f2c248d3ee377394c88b8...700dc111fd98c315648a78371b11be34fa4dbba3) ### [cluster-openshift-controller-manager-operator](https://github.com/openshift/cluster-openshift-controller-manager-operator/tree/09d62091346f86f54938587acfd680f6bd6b7af6) * [OCPBUGS-48841](https://issues.redhat.com/browse/OCPBUGS-48841): Add new team members to the OWNERS file [#380](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/380) * [OCPBUGS-33295](https://issues.redhat.com/browse/OCPBUGS-33295): Update opentelemetry to mitigate CVE-2023-47108 [#344](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/344) * [OCPBUGS-28951](https://issues.redhat.com/browse/OCPBUGS-28951): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#328](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/328) * [OCPBUGS-23490](https://issues.redhat.com/browse/OCPBUGS-23490): Remove blockage of ConfigObserver by build informer has synced flag [#318](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/318) * [OCPBUGS-20818](https://issues.redhat.com/browse/OCPBUGS-20818): bump(k8s,openshift) to address CVE-2023-44487 [4.14] [#309](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/309) * [OCPBUGS-20439](https://issues.redhat.com/browse/OCPBUGS-20439): Include Build CRD in manifests [#307](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/307) * [OCPBUGS-18992](https://issues.redhat.com/browse/OCPBUGS-18992): Always sort disabled controller list [#303](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/303) * [OCPBUGS-18980](https://issues.redhat.com/browse/OCPBUGS-18980): Disable BuildConfigChange controller when Build cap is disabled [#301](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/301) * route-controller-manager deployment updates [#295](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/295) * [OCPBUGS-16072](https://issues.redhat.com/browse/OCPBUGS-16072): Updating Kubernetes and other associated dependencies [#296](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/296) * [OCPBUGS-13926](https://issues.redhat.com/browse/OCPBUGS-13926): change the operator log level to default normal in the deployment [#289](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/289) * [BUILD-582](https://issues.redhat.com/browse/BUILD-582), [OCPBUGS-14638](https://issues.redhat.com/browse/OCPBUGS-14638): bump(k8s): 1.27.1 [#294](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/294) * [OCPBUGS-13926](https://issues.redhat.com/browse/OCPBUGS-13926): add loglevel controller for OCM-o [#292](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/292) * Revert "13895: [WRKLDS-730] route-controller-manager deployment updates" [#293](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/293) * [OCPBUGS-13895](https://issues.redhat.com/browse/OCPBUGS-13895): [WRKLDS-730] route-controller-manager deployment updates [#288](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/288) * Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART [#287](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/287) * Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART [#286](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/286) * Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART [#285](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/285) * Bump golang.org/x/net from 0.5.0 to 0.7.0 [#284](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/284) * Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART [#279](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/279) * [OCPBUGS-10568](https://issues.redhat.com/browse/OCPBUGS-10568): migrate to using lease objects for leader election [#282](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/282) * Add Divyanshu Agrawal as a reviewer [#283](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/283) * And 1 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/cluster-openshift-controller-manager-operator/compare/6e7e7835519d30ea22e4c4954039bab21de19c80...09d62091346f86f54938587acfd680f6bd6b7af6) ### [cluster-platform-operators-manager](https://github.com/openshift/platform-operators/tree/08fb27e72e32ea0a06ab02b3b746114148d96c25) * [OCPBUGS-21759](https://issues.redhat.com/browse/OCPBUGS-21759): switch to bingo for dependency management (and bump golangci-lint@v1.51.0) [#98](https://github.com/openshift/platform-operators/pull/98) * [OCPBUGS-21019](https://issues.redhat.com/browse/OCPBUGS-21019): Bump golang.org/x/net to v0.17.0 [#96](https://github.com/openshift/platform-operators/pull/96) * Merge rukpak updates into main + Required Fixes [#88](https://github.com/openshift/platform-operators/pull/88) * Add ncdc to OWNERS [#89](https://github.com/openshift/platform-operators/pull/89) * Temporarily remove from payload [#90](https://github.com/openshift/platform-operators/pull/90) * Revert "Merge rukpak updates into main" [#87](https://github.com/openshift/platform-operators/pull/87) * Merge rukpak updates into main [#86](https://github.com/openshift/platform-operators/pull/86) * Updating ose-cluster-platform-operators-manager images to be consistent with ART [#83](https://github.com/openshift/platform-operators/pull/83) * [OCPBUGS-10333](https://issues.redhat.com/browse/OCPBUGS-10333): feat: add workload pinning annotations [#82](https://github.com/openshift/platform-operators/pull/82) * [Full changelog](https://github.com/openshift/platform-operators/compare/312c5f24b5711a764350de899b83443a87296983...08fb27e72e32ea0a06ab02b3b746114148d96c25) ### [cluster-policy-controller](https://github.com/openshift/cluster-policy-controller/tree/219f6f6f072d867201d4923d39fd8bcaecbe7c59) * [OCPBUGS-21122](https://issues.redhat.com/browse/OCPBUGS-21122): bump(k8s,openshift) to address CVE-2023-44487 [4.14] [#139](https://github.com/openshift/cluster-policy-controller/pull/139) * [OCPBUGS-21122](https://issues.redhat.com/browse/OCPBUGS-21122): Bump deps to address CVE-2023-44487 [#134](https://github.com/openshift/cluster-policy-controller/pull/134) * [OCPBUGS-17989](https://issues.redhat.com/browse/OCPBUGS-17989): pkg/psalabelsyncer: enforce syncing in case label is set [#129](https://github.com/openshift/cluster-policy-controller/pull/129) * [AUTH-413](https://issues.redhat.com/browse/AUTH-413): ps syncer: only sync labels if noone else is managing them [#127](https://github.com/openshift/cluster-policy-controller/pull/127) * ps syncer: add a controller for run-level 0 namespaces [#128](https://github.com/openshift/cluster-policy-controller/pull/128) * Adjust logs per generic troubleshooting [#126](https://github.com/openshift/cluster-policy-controller/pull/126) * [OCPBUGS-15568](https://issues.redhat.com/browse/OCPBUGS-15568): Add timeout into cache sync wait to prevent hanging forever [#124](https://github.com/openshift/cluster-policy-controller/pull/124) * [OCPBUGS-15568](https://issues.redhat.com/browse/OCPBUGS-15568): Remove debugs logs in workqueuebucket [#125](https://github.com/openshift/cluster-policy-controller/pull/125) * Add more logs for queue operations [#122](https://github.com/openshift/cluster-policy-controller/pull/122) * [OCPBUGS-15568](https://issues.redhat.com/browse/OCPBUGS-15568): Handle error if caches are not synced instead silently exit [#121](https://github.com/openshift/cluster-policy-controller/pull/121) * Add ingvagabund to owners [#120](https://github.com/openshift/cluster-policy-controller/pull/120) * Add logs for quota namespace syncing with verbosity level 2 [#119](https://github.com/openshift/cluster-policy-controller/pull/119) * [OCPBUGS-13649](https://issues.redhat.com/browse/OCPBUGS-13649): fix ClusterResourceQuotas to work for all api resources including custom resources [#115](https://github.com/openshift/cluster-policy-controller/pull/115) * [OCPBUGS-13579](https://issues.redhat.com/browse/OCPBUGS-13579): bump(k8s) to v0.27.1 [#113](https://github.com/openshift/cluster-policy-controller/pull/113) * [OCPBUGS-8271](https://issues.redhat.com/browse/OCPBUGS-8271): external template and route Informer [#100](https://github.com/openshift/cluster-policy-controller/pull/100) * Updating cluster-policy-controller images to be consistent with ART [#110](https://github.com/openshift/cluster-policy-controller/pull/110) * complete controller description [#104](https://github.com/openshift/cluster-policy-controller/pull/104) * [OCPBUGS-160](https://issues.redhat.com/browse/OCPBUGS-160): psalabelsyncer: handle empty namespace of a rolebinding subject [#107](https://github.com/openshift/cluster-policy-controller/pull/107) * Updating cluster-policy-controller images to be consistent with ART [#105](https://github.com/openshift/cluster-policy-controller/pull/105) * [Full changelog](https://github.com/openshift/cluster-policy-controller/compare/3b0d075530fdbfdacdfe574151a3313f5231459c...219f6f6f072d867201d4923d39fd8bcaecbe7c59) ### [cluster-samples-operator](https://github.com/openshift/cluster-samples-operator/tree/0423e87597f92f5d82e030c3a000224abc247df3) * [OCPBUGS-55655](https://issues.redhat.com/browse/OCPBUGS-55655): Adding mutex to func createSamples on handler.go [#635](https://github.com/openshift/cluster-samples-operator/pull/635) * [OCPBUGS-54537](https://issues.redhat.com/browse/OCPBUGS-54537): add rhdmalone to owners [#624](https://github.com/openshift/cluster-samples-operator/pull/624) * [OCPBUGS-49421](https://issues.redhat.com/browse/OCPBUGS-49421): add shannon and aroyoredhat as owners [#598](https://github.com/openshift/cluster-samples-operator/pull/598) * [OCPBUGS-21217](https://issues.redhat.com/browse/OCPBUGS-21217): CVE-2023-39325 ose-cluster-samples-operator-container:golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) [#539](https://github.com/openshift/cluster-samples-operator/pull/539) * [OCPBUGS-22257](https://issues.redhat.com/browse/OCPBUGS-22257): Sync library to remove invalid dockerhub references for OKD [#520](https://github.com/openshift/cluster-samples-operator/pull/520) * manifests: Drop explicit runlevel from CRD manifest [#515](https://github.com/openshift/cluster-samples-operator/pull/515) * [OCPBUGS-16435](https://issues.redhat.com/browse/OCPBUGS-16435): Bump k8 to v0.27.2 for ocp 4.14 [#514](https://github.com/openshift/cluster-samples-operator/pull/514) * [OCPBUGS-16403](https://issues.redhat.com/browse/OCPBUGS-16403): Update Cluster Sample Operator dependencies and libraries for OCP 4.14 [#511](https://github.com/openshift/cluster-samples-operator/pull/511) * reconcile status when clusteroperator changes [#510](https://github.com/openshift/cluster-samples-operator/pull/510) * [OCPBUGS-15754](https://issues.redhat.com/browse/OCPBUGS-15754): Update Jenkins and Jenkins Agent Base image versions [#504](https://github.com/openshift/cluster-samples-operator/pull/504) * [OCPBUGS-14491](https://issues.redhat.com/browse/OCPBUGS-14491): Updating to use Jenkins 4.13 images [#502](https://github.com/openshift/cluster-samples-operator/pull/502) * [OCPBUGS-12775](https://issues.redhat.com/browse/OCPBUGS-12775): Update Cluster Sample Operator dependencies and libraaies for OCP 4.14 [#500](https://github.com/openshift/cluster-samples-operator/pull/500) * Updating ose-cluster-samples-operator images to be consistent with ART [#499](https://github.com/openshift/cluster-samples-operator/pull/499) * [OCPBUGS-10910](https://issues.redhat.com/browse/OCPBUGS-10910): Add network tools imagestreams [#495](https://github.com/openshift/cluster-samples-operator/pull/495) * Updating ose-cluster-samples-operator images to be consistent with ART [#493](https://github.com/openshift/cluster-samples-operator/pull/493) * Fix jira component [#494](https://github.com/openshift/cluster-samples-operator/pull/494) * [Full changelog](https://github.com/openshift/cluster-samples-operator/compare/7e7affad59551611aeb3fb2e5a21f1ec8d99181b...0423e87597f92f5d82e030c3a000224abc247df3) ### [cluster-storage-operator](https://github.com/openshift/cluster-storage-operator/tree/6c652a5e10dd7e6cbf5ec02a2e1afbc794c26192) * [OCPBUGS-33467](https://issues.redhat.com/browse/OCPBUGS-33467): Fix problem-detector proxy setting [#472](https://github.com/openshift/cluster-storage-operator/pull/472) * [OCPBUGS-30054](https://issues.redhat.com/browse/OCPBUGS-30054): Update AWSCSIDriverConfigSpec fields validation to accept all curren [#462](https://github.com/openshift/cluster-storage-operator/pull/462) * [OCPBUGS-28988](https://issues.redhat.com/browse/OCPBUGS-28988): Allow vSphere CSI driver to be disabled [#449](https://github.com/openshift/cluster-storage-operator/pull/449) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#416](https://github.com/openshift/cluster-storage-operator/pull/416) * [OCPBUGS-23210](https://issues.redhat.com/browse/OCPBUGS-23210): [IBM ROKS] cluster-storage-operator does not set upgradeable=True [#419](https://github.com/openshift/cluster-storage-operator/pull/419) * [OCPBUGS-21300](https://issues.redhat.com/browse/OCPBUGS-21300): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#405](https://github.com/openshift/cluster-storage-operator/pull/405) * [STOR-1274](https://issues.redhat.com/browse/STOR-1274): use granular permissons for Azure credential requests [#388](https://github.com/openshift/cluster-storage-operator/pull/388) * [STOR-1432](https://issues.redhat.com/browse/STOR-1432): hypershift: pass through control plane images to AWS EBS CSI driver operator [#393](https://github.com/openshift/cluster-storage-operator/pull/393) * [STOR-1432](https://issues.redhat.com/browse/STOR-1432): hypershift: add independent refs for AWS EBS driver controller images [#392](https://github.com/openshift/cluster-storage-operator/pull/392) * [OCPBUGS-17356](https://issues.redhat.com/browse/OCPBUGS-17356): Fix PodStartupStorageOperationsFailing alert [#391](https://github.com/openshift/cluster-storage-operator/pull/391) * Remove "get" verb from "events" resource of RBAC for provisioner sidecar [#390](https://github.com/openshift/cluster-storage-operator/pull/390) * [OCPBUGS-11359](https://issues.redhat.com/browse/OCPBUGS-11359): Remove unused versions from status [#374](https://github.com/openshift/cluster-storage-operator/pull/374) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#389](https://github.com/openshift/cluster-storage-operator/pull/389) * [OCPBUGS-16265](https://issues.redhat.com/browse/OCPBUGS-16265): Publish csi sidecar clusterroles earlier [#386](https://github.com/openshift/cluster-storage-operator/pull/386) * [OCPBUGS-15940](https://issues.redhat.com/browse/OCPBUGS-15940): Revert revert of hypershift cleanup [#385](https://github.com/openshift/cluster-storage-operator/pull/385) * Revert "STOR-1369: Start hypershift refactor" #384 [#384](https://github.com/openshift/cluster-storage-operator/pull/384) * [STOR-1369](https://issues.redhat.com/browse/STOR-1369): Start hypershift refactor [#381](https://github.com/openshift/cluster-storage-operator/pull/381) * [OCPBUGS-13696](https://issues.redhat.com/browse/OCPBUGS-13696): Warn about CBT enabled VMs via vsphere-problem-detector [#371](https://github.com/openshift/cluster-storage-operator/pull/371) * [OCPBUGS-14053](https://issues.redhat.com/browse/OCPBUGS-14053): decrease severity for MultipleDefaultStorageClasses alert [#382](https://github.com/openshift/cluster-storage-operator/pull/382) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Publish ClusterRoles for csi driver sidecars [#379](https://github.com/openshift/cluster-storage-operator/pull/379) * [STOR-1167](https://issues.redhat.com/browse/STOR-1167): Add permissions needed by fast snapshots to AWS CSI driver [#369](https://github.com/openshift/cluster-storage-operator/pull/369) * [CCO-319](https://issues.redhat.com/browse/CCO-319): Add serviceAccountNames to azure-disk and azure-file credentials [#364](https://github.com/openshift/cluster-storage-operator/pull/364) * [OCPBUGS-13187](https://issues.redhat.com/browse/OCPBUGS-13187): Make vsphere-problem-detector alerts configurable [#380](https://github.com/openshift/cluster-storage-operator/pull/380) * [CCO-324](https://issues.redhat.com/browse/CCO-324), [CCO-325](https://issues.redhat.com/browse/CCO-325): pass version to azure operators [#372](https://github.com/openshift/cluster-storage-operator/pull/372) * [OCPBUGS-13914](https://issues.redhat.com/browse/OCPBUGS-13914): allow removal of vsphereStorageDriver field in 4.14 [#378](https://github.com/openshift/cluster-storage-operator/pull/378) * [STOR-1334](https://issues.redhat.com/browse/STOR-1334): update storage operator to read featuregates from API [#376](https://github.com/openshift/cluster-storage-operator/pull/376) * Revert "update storage operator to read featuregates from API on standalone OCP" [#375](https://github.com/openshift/cluster-storage-operator/pull/375) * [STOR-1334](https://issues.redhat.com/browse/STOR-1334): update storage operator to read featuregates from API on standalone OCP [#368](https://github.com/openshift/cluster-storage-operator/pull/368) * [OCPBUGS-11617](https://issues.redhat.com/browse/OCPBUGS-11617): Bump github.com/prometheus-operator/prometheus-operator [#358](https://github.com/openshift/cluster-storage-operator/pull/358) * Updating cluster-storage-operator images to be consistent with ART [#365](https://github.com/openshift/cluster-storage-operator/pull/365) * [OCPBUGS-11729](https://issues.redhat.com/browse/OCPBUGS-11729): VSphereStorageDriver does not document the platform default [#360](https://github.com/openshift/cluster-storage-operator/pull/360) * [OCPBUGS-11493](https://issues.redhat.com/browse/OCPBUGS-11493): vsphereStorageDriver validation is misleading [#357](https://github.com/openshift/cluster-storage-operator/pull/357) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#350](https://github.com/openshift/cluster-storage-operator/pull/350) * [OCPBUGS-11112](https://issues.redhat.com/browse/OCPBUGS-11112): Add missing workload label to openshift-manila-csi-driver NS [#353](https://github.com/openshift/cluster-storage-operator/pull/353) * [OCPBUGS-8691](https://issues.redhat.com/browse/OCPBUGS-8691): Hypershift: set control plane operand properties [#352](https://github.com/openshift/cluster-storage-operator/pull/352) * Updating cluster-storage-operator images to be consistent with ART [#349](https://github.com/openshift/cluster-storage-operator/pull/349) * [OCPBUGS-8328](https://issues.redhat.com/browse/OCPBUGS-8328): assets: csi: hypershift: add pull-secret to aws-ebs-csi-driver-operator ServiceAccount [#346](https://github.com/openshift/cluster-storage-operator/pull/346) * [Full changelog](https://github.com/openshift/cluster-storage-operator/compare/b38c26ae676c9e775f901a04c072848fd8726b90...6c652a5e10dd7e6cbf5ec02a2e1afbc794c26192) ### [cluster-update-keys](https://github.com/openshift/cluster-update-keys/tree/1a7a6e229dc980540f51b969c4f1d9ef5dbc3ab5) * [OCPBUGS-43628](https://issues.redhat.com/browse/OCPBUGS-43628): keys: Update Red Hat keys to use SHA256 signatures [#66](https://github.com/openshift/cluster-update-keys/pull/66) * [OCPBUGS-10126](https://issues.redhat.com/browse/OCPBUGS-10126): Updating ose-agent-installer-orchestrator images to be consistent with ART [#48](https://github.com/openshift/cluster-update-keys/pull/48) * Adding the new CI Signer public key [#49](https://github.com/openshift/cluster-update-keys/pull/49) * [Full changelog](https://github.com/openshift/cluster-update-keys/compare/7033b4836e4c79a2237c66f31986396d98ac270b...1a7a6e229dc980540f51b969c4f1d9ef5dbc3ab5) ### [cluster-version-operator](https://github.com/openshift/cluster-version-operator/tree/a1bf930103a77b25e99130644504c3fecdcc4c67) * [OCPBUGS-50592](https://issues.redhat.com/browse/OCPBUGS-50592): Set `openshift.io/required-scc`: privileged annotation in `version` pods [#1151](https://github.com/openshift/cluster-version-operator/pull/1151) * [OCPBUGS-45331](https://issues.redhat.com/browse/OCPBUGS-45331): deps: bump golang.org/x/net to 0.31.0 [#1120](https://github.com/openshift/cluster-version-operator/pull/1120) * [OCPBUGS-44704](https://issues.redhat.com/browse/OCPBUGS-44704): Fix desired before sync_worker's work is initialized [#1109](https://github.com/openshift/cluster-version-operator/pull/1109) * [OCPBUGS-30878](https://issues.redhat.com/browse/OCPBUGS-30878): install/0000_90_cluster-version-operator_02_servicemonitor: Drop $ from ${{ [#1040](https://github.com/openshift/cluster-version-operator/pull/1040) * [OCPBUGS-27822](https://issues.redhat.com/browse/OCPBUGS-27822): Revert "[release-4.14] OCPBUGS-27175: clusterOperatorBuilder: Reconcile metadata on COs" [#1028](https://github.com/openshift/cluster-version-operator/pull/1028) * [OCPBUGS-27175](https://issues.redhat.com/browse/OCPBUGS-27175): clusterOperatorBuilder: Reconcile metadata on COs [#1021](https://github.com/openshift/cluster-version-operator/pull/1021) * [OCPBUGS-27048](https://issues.redhat.com/browse/OCPBUGS-27048): pkg/payload/precondition/clusterversion/rollback: Allow previous version within z-stream [#1018](https://github.com/openshift/cluster-version-operator/pull/1018) * [OCPBUGS-26207](https://issues.redhat.com/browse/OCPBUGS-26207): pkg/cvo/availableupdates: Only bump LastAttempt on Cincinnati pulls [#1016](https://github.com/openshift/cluster-version-operator/pull/1016) * [OCPBUGS-20762](https://issues.redhat.com/browse/OCPBUGS-20762): [4.14] Bump http-related deps [#986](https://github.com/openshift/cluster-version-operator/pull/986) * [OCPBUGS-19921](https://issues.redhat.com/browse/OCPBUGS-19921): pkg/clusterconditions/cache: Avoid panic on all-fresh-cache evaluation [#976](https://github.com/openshift/cluster-version-operator/pull/976) * [OCPBUGS-19737](https://issues.redhat.com/browse/OCPBUGS-19737): pkg/clusterconditions/promql: Warm cache with 1s delay [#973](https://github.com/openshift/cluster-version-operator/pull/973) * [OCPBUGS-19465](https://issues.redhat.com/browse/OCPBUGS-19465): Properly reconcile SCC resources [#972](https://github.com/openshift/cluster-version-operator/pull/972) * [OCPBUGS-13308](https://issues.redhat.com/browse/OCPBUGS-13308): Simplify user-facing messages on risk evaluation throttling [#955](https://github.com/openshift/cluster-version-operator/pull/955) * [OCPBUGS-17418](https://issues.redhat.com/browse/OCPBUGS-17418): Really handle DeletedFinalStateUnknown correctly [#954](https://github.com/openshift/cluster-version-operator/pull/954) * [CNF-9385](https://issues.redhat.com/browse/CNF-9385): add ImageRegistry capability [#950](https://github.com/openshift/cluster-version-operator/pull/950) * [OCPBUGS-17418](https://issues.redhat.com/browse/OCPBUGS-17418): Handle cache.DeletedFinalStateUnknown [#952](https://github.com/openshift/cluster-version-operator/pull/952) * docs/user/tasks-*by-number-and-component.svg: Update to 4.13 [#949](https://github.com/openshift/cluster-version-operator/pull/949) * Dockerfile: bump to 1.19 and use public UBI pullspec [#944](https://github.com/openshift/cluster-version-operator/pull/944) * pkg/payload: De-noise 'excluding ...' logs [#945](https://github.com/openshift/cluster-version-operator/pull/945) * bump api version to add new capability [#941](https://github.com/openshift/cluster-version-operator/pull/941) * pkg/cvo/metrics: Doc from_version semantics for cluster_version{type="completed"} [#929](https://github.com/openshift/cluster-version-operator/pull/929) * Code cleanups for golangci-lint failures [#942](https://github.com/openshift/cluster-version-operator/pull/942) * [OTA-559](https://issues.redhat.com/browse/OTA-559): Migrate to (*Manifest).Include(..., overrides) [#934](https://github.com/openshift/cluster-version-operator/pull/934) * [OCPBUGS-9070](https://issues.redhat.com/browse/OCPBUGS-9070): Fix hotlooping on Cronjob resources [#910](https://github.com/openshift/cluster-version-operator/pull/910) * Updating cluster-version-operator images to be consistent with ART [#932](https://github.com/openshift/cluster-version-operator/pull/932) * Updating cluster-version-operator images to be consistent with ART [#930](https://github.com/openshift/cluster-version-operator/pull/930) * Updating cluster-version-operator images to be consistent with ART [#928](https://github.com/openshift/cluster-version-operator/pull/928) * syncStatus: Reduce verbosity when syncing nothing of interest [#922](https://github.com/openshift/cluster-version-operator/pull/922) * Update dnsPolicy to allow consistent resolution of the internal LB [#920](https://github.com/openshift/cluster-version-operator/pull/920) * [OTA-941](https://issues.redhat.com/browse/OTA-941): pkg/payload/precondition/clusterversion/rollback: New precondition [#918](https://github.com/openshift/cluster-version-operator/pull/918) * Updating cluster-version-operator images to be consistent with ART [#911](https://github.com/openshift/cluster-version-operator/pull/911) * [OCPBUGS-5469](https://issues.redhat.com/browse/OCPBUGS-5469): pkg/cvo/availableupdates: Prioritize conditional risks for largest target version [#909](https://github.com/openshift/cluster-version-operator/pull/909) * [Full changelog](https://github.com/openshift/cluster-version-operator/compare/8b3acaebb7de946e86d20bfdf637e7caaaeb1fb3...a1bf930103a77b25e99130644504c3fecdcc4c67) ### [configmap-reloader](https://github.com/openshift/configmap-reload/tree/716a0c33bb693127fba3b3512622710785a59e8e) * Updating configmap-reload images to be consistent with ART [#52](https://github.com/openshift/configmap-reload/pull/52) * [OCPBUGS-10106](https://issues.redhat.com/browse/OCPBUGS-10106): Updating openshift-state-metrics images to be consistent with ART [#51](https://github.com/openshift/configmap-reload/pull/51) * [Full changelog](https://github.com/openshift/configmap-reload/compare/9adad592e7d9bd5a723add16488e68365a64977f...716a0c33bb693127fba3b3512622710785a59e8e) ### [console](https://github.com/openshift/console/tree/06827468f1806ff4a7b90f274a8ac44af3fd517f) * [OCPBUGS-44158](https://issues.redhat.com/browse/OCPBUGS-44158): bump dompurify to latest [#15593](https://github.com/openshift/console/pull/15593) * [OCPBUGS-59998](https://issues.redhat.com/browse/OCPBUGS-59998): Remove the devconsole backend common internet proxy and replace it with dedicated ones [#15464](https://github.com/openshift/console/pull/15464) * [OCPBUGS-58274](https://issues.redhat.com/browse/OCPBUGS-58274): Fix TypeError Cannot read properties of null (reading 'metadata') [#15228](https://github.com/openshift/console/pull/15228) * [OCPBUGS-57099](https://issues.redhat.com/browse/OCPBUGS-57099): Add all files to `vendor` regardless of gitignore [#15135](https://github.com/openshift/console/pull/15135) * [OCPBUGS-55942](https://issues.redhat.com/browse/OCPBUGS-55942): fix bug where operator appears twice [#15033](https://github.com/openshift/console/pull/15033) * [OCPBUGS-55427](https://issues.redhat.com/browse/OCPBUGS-55427): Add missing pipelines plugin name to known plugins [#15005](https://github.com/openshift/console/pull/15005) * [OCPBUGS-39010](https://issues.redhat.com/browse/OCPBUGS-39010): fix crash if helm chart metadata is nil [#14198](https://github.com/openshift/console/pull/14198) * [OCPBUGS-53437](https://issues.redhat.com/browse/OCPBUGS-53437): Show Observe section without PROMETHEUS and MONITORING flags [#14892](https://github.com/openshift/console/pull/14892) * [OCPBUGS-54404](https://issues.redhat.com/browse/OCPBUGS-54404): Update the monitoring topic used by the console team [#14910](https://github.com/openshift/console/pull/14910) * [OCPBUGS-54167](https://issues.redhat.com/browse/OCPBUGS-54167): fix run time error when no completed version exists [#14899](https://github.com/openshift/console/pull/14899) * [OCPBUGS-51118](https://issues.redhat.com/browse/OCPBUGS-51118): redirect to correct alert [#14823](https://github.com/openshift/console/pull/14823) * [OCPBUGS-49753](https://issues.redhat.com/browse/OCPBUGS-49753): ImagePullSecret getting duplicated when editing DeploymentConfig in Form View [#14711](https://github.com/openshift/console/pull/14711) * [OCPBUGS-46603](https://issues.redhat.com/browse/OCPBUGS-46603): Unable to remove finally tasks in pipeline builder mode [#14642](https://github.com/openshift/console/pull/14642) * [OCPBUGS-33145](https://issues.redhat.com/browse/OCPBUGS-33145): Fix "Auto deploy when new image is available" becomes unchecked when editing a deployment from web console [#14370](https://github.com/openshift/console/pull/14370) * [OCPBUGS-45323](https://issues.redhat.com/browse/OCPBUGS-45323): Use vCenterCluster value from CM as primary resource [#14574](https://github.com/openshift/console/pull/14574) * [OCPBUGS-39368](https://issues.redhat.com/browse/OCPBUGS-39368): Remove deprecated resources from spec of the Pipeline [#14230](https://github.com/openshift/console/pull/14230) * [OCPBUGS-45283](https://issues.redhat.com/browse/OCPBUGS-45283): Add IBM Block Storage CSI driver support for RWX [#14569](https://github.com/openshift/console/pull/14569) * [OCPBUGS-44791](https://issues.redhat.com/browse/OCPBUGS-44791): A value submitted in From view is wrapped with single quotation after switching to Yaml view. [#14518](https://github.com/openshift/console/pull/14518) * [OCPBUGS-42962](https://issues.redhat.com/browse/OCPBUGS-42962): Need to allow blank for Project/namespace when setting SA Subject in 'Project access tab' [#14386](https://github.com/openshift/console/pull/14386) * [OCPBUGS-43000](https://issues.redhat.com/browse/OCPBUGS-43000): List of default Camel K event sources disappears when adding a custom event source [#14388](https://github.com/openshift/console/pull/14388) * [OCPBUGS-36558](https://issues.redhat.com/browse/OCPBUGS-36558): Increase login flow state paramater length/entropy [#14439](https://github.com/openshift/console/pull/14439) * [OCPBUGS-10337](https://issues.redhat.com/browse/OCPBUGS-10337): Updating openshift-enterprise-console images to be consistent with ART [#12760](https://github.com/openshift/console/pull/12760) * [OCPBUGS-42518](https://issues.redhat.com/browse/OCPBUGS-42518): The filepath including leading slash makes error during parsing devfile using Gitlab [#14342](https://github.com/openshift/console/pull/14342) * [OCPBUGS-42517](https://issues.redhat.com/browse/OCPBUGS-42517): Values entered into the Instantiate Template form are automatically cleared [#14341](https://github.com/openshift/console/pull/14341) * [OCPBUGS-42757](https://issues.redhat.com/browse/OCPBUGS-42757): Switch to use annotations as labels from PipelineRuns created through Pipelines as Code is deprecated [#14369](https://github.com/openshift/console/pull/14369) * [OCPBUGS-38883](https://issues.redhat.com/browse/OCPBUGS-38883): Fix password set to Secret created through Start Pipeline form [#14184](https://github.com/openshift/console/pull/14184) * [OCPBUGS-37353](https://issues.redhat.com/browse/OCPBUGS-37353): Import from Git allow users to import an app with Build option Pipeline also when no Pipeline is available [#14108](https://github.com/openshift/console/pull/14108) * [OCPBUGS-41836](https://issues.redhat.com/browse/OCPBUGS-41836): DeploymentConfigs deprecation info alert should not present on the Edit deployment page [#14281](https://github.com/openshift/console/pull/14281) * [OCPBUGS-39389](https://issues.redhat.com/browse/OCPBUGS-39389): Edit the secret and add the Chinese in the web-console, garbled characters will be displayed [#14231](https://github.com/openshift/console/pull/14231) * [OCPBUGS-41581](https://issues.redhat.com/browse/OCPBUGS-41581): Increased max nodes limit to 200 in topology page [#14262](https://github.com/openshift/console/pull/14262) * [OCPBUGS-38972](https://issues.redhat.com/browse/OCPBUGS-38972): Redirects to new PipelineRun logs URL from old PipelineRun logs URL [#14234](https://github.com/openshift/console/pull/14234) * [OCPBUGS-38053](https://issues.redhat.com/browse/OCPBUGS-38053): fix BMH restart annotation [#14109](https://github.com/openshift/console/pull/14109) * [OCPBUGS-33748](https://issues.redhat.com/browse/OCPBUGS-33748): Fix Pipeline details page with when expression using CEL expression [#13856](https://github.com/openshift/console/pull/13856) * [OCPBUGS-32499](https://issues.redhat.com/browse/OCPBUGS-32499): Fixed some problems in topology Chinese translation text [#13779](https://github.com/openshift/console/pull/13779) * [OCPBUGS-33942](https://issues.redhat.com/browse/OCPBUGS-33942): make sure folder is encapsulated with quotas [#13869](https://github.com/openshift/console/pull/13869) * [OCPBUGS-35723](https://issues.redhat.com/browse/OCPBUGS-35723): Upgrade Pipeline trigger resources to v1beta1 [#13985](https://github.com/openshift/console/pull/13985) * [OCPBUGS-33558](https://issues.redhat.com/browse/OCPBUGS-33558): Display "With Data upload form" in Create PVC drop down once [#13840](https://github.com/openshift/console/pull/13840) * [OCPBUGS-33064](https://issues.redhat.com/browse/OCPBUGS-33064): Fix PipelineRun Logs tab navigation [#13673](https://github.com/openshift/console/pull/13673) * [OCPBUGS-33321](https://issues.redhat.com/browse/OCPBUGS-33321): Helm Plugin's Catalog incorrectly renders a single index entry into multiple tiles [#13824](https://github.com/openshift/console/pull/13824) * [OCPBUGS-33635](https://issues.redhat.com/browse/OCPBUGS-33635): restrict Masthead logo to max-height to 60px [#13847](https://github.com/openshift/console/pull/13847) * [OCPBUGS-33640](https://issues.redhat.com/browse/OCPBUGS-33640): Add visual connector between VMs and non VMs workloads [#13848](https://github.com/openshift/console/pull/13848) * [OCPBUGS-33462](https://issues.redhat.com/browse/OCPBUGS-33462): fix issues with Edit Route form [#13831](https://github.com/openshift/console/pull/13831) * [OCPBUGS-33110](https://issues.redhat.com/browse/OCPBUGS-33110): change OperatorHub filter FIPS Mode to Designed for FIPS [#13804](https://github.com/openshift/console/pull/13804) * [OCPBUGS-32697](https://issues.redhat.com/browse/OCPBUGS-32697): Routes created by devfiles do not always use HTTPS [#13787](https://github.com/openshift/console/pull/13787) * [OCPBUGS-21799](https://issues.redhat.com/browse/OCPBUGS-21799): Fix empty editor error [#13256](https://github.com/openshift/console/pull/13256) * [OCPBUGS-32168](https://issues.redhat.com/browse/OCPBUGS-32168): fix bug where paused MCPs were incorrectly unpausing w… [#13753](https://github.com/openshift/console/pull/13753) * [OCPBUGS-20173](https://issues.redhat.com/browse/OCPBUGS-20173): Console should not panic when no response is retrieved for plugin assets [#13217](https://github.com/openshift/console/pull/13217) * [OCPBUGS-31388](https://issues.redhat.com/browse/OCPBUGS-31388): Application creation fail when manually entering input scaling value in local setup [#13697](https://github.com/openshift/console/pull/13697) * [OCPBUGS-31394](https://issues.redhat.com/browse/OCPBUGS-31394): PipelineRuns in Console show wrong status or load indefinitely [#13698](https://github.com/openshift/console/pull/13698) * [OCPBUGS-31864](https://issues.redhat.com/browse/OCPBUGS-31864): Fix config ini format [#13738](https://github.com/openshift/console/pull/13738) * [OCPBUGS-25145](https://issues.redhat.com/browse/OCPBUGS-25145): fix vCenter cluster being empty [#13436](https://github.com/openshift/console/pull/13436) * [OCPBUGS-28746](https://issues.redhat.com/browse/OCPBUGS-28746): fix bug where Expand PVC modal assumes pvc.spec.resou… [#13558](https://github.com/openshift/console/pull/13558) * [OCPBUGS-29783](https://issues.redhat.com/browse/OCPBUGS-29783): Fix operands list endpoint [#13625](https://github.com/openshift/console/pull/13625) * [OCPBUGS-29813](https://issues.redhat.com/browse/OCPBUGS-29813): Release 4.14 backports [#13646](https://github.com/openshift/console/pull/13646) * [OCPBUGS-29813](https://issues.redhat.com/browse/OCPBUGS-29813): Addition of optional chaining to prevent yaml crash [#13541](https://github.com/openshift/console/pull/13541) * [OCPBUGS-25274](https://issues.redhat.com/browse/OCPBUGS-25274): Add support for Azure Workload Identity / Federated Identity based in… [#13642](https://github.com/openshift/console/pull/13642) * [OCPBUGS-28972](https://issues.redhat.com/browse/OCPBUGS-28972): Add flags checks to hide Pipeline static plugin List and details pages [#13572](https://github.com/openshift/console/pull/13572) * [OCPBUGS-27898](https://issues.redhat.com/browse/OCPBUGS-27898): Add support for custom segment domains (to load JS and make API calls) [#13540](https://github.com/openshift/console/pull/13540) * [OCPBUGS-29349](https://issues.redhat.com/browse/OCPBUGS-29349): Error in displaying BuildRun logs in Console [#13601](https://github.com/openshift/console/pull/13601) * [OCPBUGS-29100](https://issues.redhat.com/browse/OCPBUGS-29100): Pipeline Name gets changed to "new-pipeline" on the Edit Pipeline YAML/Builder [#13585](https://github.com/openshift/console/pull/13585) * [OCPBUGS-29239](https://issues.redhat.com/browse/OCPBUGS-29239): Add a new allowInsecure option to the internet proxy [#13592](https://github.com/openshift/console/pull/13592) * [OCPBUGS-28990](https://issues.redhat.com/browse/OCPBUGS-28990): update check for the 'provider' label on the PackageMa… [#13573](https://github.com/openshift/console/pull/13573) * [OCPBUGS-27157](https://issues.redhat.com/browse/OCPBUGS-27157): add additional check to determine if file is binary [#13507](https://github.com/openshift/console/pull/13507) * [OCPBUGS-28635](https://issues.redhat.com/browse/OCPBUGS-28635): Bump graphql-go to v1.3.0 [#13553](https://github.com/openshift/console/pull/13553) * [OCPBUGS-27305](https://issues.redhat.com/browse/OCPBUGS-27305): Copy response code from proxied plugin requests [#13517](https://github.com/openshift/console/pull/13517) * [OCPBUGS-27851](https://issues.redhat.com/browse/OCPBUGS-27851): fix bug where Clone PVC modal assumes pvc.spec.resourc… [#13537](https://github.com/openshift/console/pull/13537) * [OCPBUGS-27350](https://issues.redhat.com/browse/OCPBUGS-27350): Add Pipeline metrics tab using plugin [#13520](https://github.com/openshift/console/pull/13520) * [OCPBUGS-26171](https://issues.redhat.com/browse/OCPBUGS-26171): Set unlimited line width in YAML editor [#13482](https://github.com/openshift/console/pull/13482) * [OCPBUGS-24640](https://issues.redhat.com/browse/OCPBUGS-24640): Strip 'Server' header from proxy response [#13423](https://github.com/openshift/console/pull/13423) * [OCPBUGS-25997](https://issues.redhat.com/browse/OCPBUGS-25997): change Alertmanager form to create using matchers inst… [#13478](https://github.com/openshift/console/pull/13478) * [OCPBUGS-24349](https://issues.redhat.com/browse/OCPBUGS-24349): Fix crash when ArtifactHub Task has no version [#13399](https://github.com/openshift/console/pull/13399) * [OCPBUGS-25397](https://issues.redhat.com/browse/OCPBUGS-25397): fix runtime error on Node details Overview when Machin… [#13446](https://github.com/openshift/console/pull/13446) * [OCPBUGS-23771](https://issues.redhat.com/browse/OCPBUGS-23771): Fix for yaml editor that crashes with MCE and ACM plugins enabled [#13360](https://github.com/openshift/console/pull/13360) * [OCPBUGS-24667](https://issues.redhat.com/browse/OCPBUGS-24667): Fix plugin proxy handler [#13425](https://github.com/openshift/console/pull/13425) * [OCPBUGS-24474](https://issues.redhat.com/browse/OCPBUGS-24474): S2I Build Wizard should check for Containerfile in addition to Dockerfile [#13415](https://github.com/openshift/console/pull/13415) * [OCPBUGS-24432](https://issues.redhat.com/browse/OCPBUGS-24432): fix filtering issues on Events [#13413](https://github.com/openshift/console/pull/13413) * [OCPBUGS-24352](https://issues.redhat.com/browse/OCPBUGS-24352): add access review for impersonate [#13400](https://github.com/openshift/console/pull/13400) * [OCPBUGS-22240](https://issues.redhat.com/browse/OCPBUGS-22240): Save also the location.search and .hash values in localStorage to restore them after login [#13270](https://github.com/openshift/console/pull/13270) * [OCPBUGS-24293](https://issues.redhat.com/browse/OCPBUGS-24293): ConsolePlugin metrics must no longer be grouped by the vendor [#13391](https://github.com/openshift/console/pull/13391) * [OCPBUGS-24423](https://issues.redhat.com/browse/OCPBUGS-24423): Searching for items in quick search is confusing [#13412](https://github.com/openshift/console/pull/13412) * [OCPBUGS-22375](https://issues.redhat.com/browse/OCPBUGS-22375): Delete results.tekton.dev annotations before rerun the pipelineRun [#13278](https://github.com/openshift/console/pull/13278) * [OCPBUGS-22478](https://issues.redhat.com/browse/OCPBUGS-22478): Extra space is in the translation text(Chinese) of 'Create rolebinding' and 'replicate rolebinding' [#13290](https://github.com/openshift/console/pull/13290) * [OCPBUGS-24196](https://issues.redhat.com/browse/OCPBUGS-24196): ApiVersion displayed on console is v1alpha1 whereas we support v1beta1 [#13402](https://github.com/openshift/console/pull/13402) * [OCPBUGS-23423](https://issues.redhat.com/browse/OCPBUGS-23423): Cannot Edit Shipwright Build [#13343](https://github.com/openshift/console/pull/13343) * [OCPBUGS-22980](https://issues.redhat.com/browse/OCPBUGS-22980): remove expandable toggle for conditional update risk d… [#13308](https://github.com/openshift/console/pull/13308) * [OCPBUGS-22374](https://issues.redhat.com/browse/OCPBUGS-22374): Telemetry- Current page was sometimes not tracked when reloading the current page [#13277](https://github.com/openshift/console/pull/13277) * [OCPBUGS-22177](https://issues.redhat.com/browse/OCPBUGS-22177): Channel page shows "Required" message for the default name when navigate to create channel page [#13262](https://github.com/openshift/console/pull/13262) * [OCPBUGS-19371](https://issues.redhat.com/browse/OCPBUGS-19371): Upgrade DomainMapping apiVersion to v1beta1 [#13165](https://github.com/openshift/console/pull/13165) * [OCPBUGS-19416](https://issues.redhat.com/browse/OCPBUGS-19416): Correct logout process [#13173](https://github.com/openshift/console/pull/13173) * [OCPBUGS-22285](https://issues.redhat.com/browse/OCPBUGS-22285): updating doc links for 4.14 GA [#13273](https://github.com/openshift/console/pull/13273) * [OCPBUGS-19845](https://issues.redhat.com/browse/OCPBUGS-19845): mock apis for git repo in test serverless function tests [#13199](https://github.com/openshift/console/pull/13199) * [OCPBUGS-22460](https://issues.redhat.com/browse/OCPBUGS-22460): Fix the forms when BC is not installed in the cluster [#13288](https://github.com/openshift/console/pull/13288) * [OCPBUGS-21877](https://issues.redhat.com/browse/OCPBUGS-21877): add support for new features annotations while preserv… [#13258](https://github.com/openshift/console/pull/13258) * [OCPBUGS-22377](https://issues.redhat.com/browse/OCPBUGS-22377): Fixed Edit Application form for Knative Services [#13279](https://github.com/openshift/console/pull/13279) * [OCPBUGS-21784](https://issues.redhat.com/browse/OCPBUGS-21784): hide page-specific doc links for ROSA and OSD [#13254](https://github.com/openshift/console/pull/13254) * [OCPBUGS-19898](https://issues.redhat.com/browse/OCPBUGS-19898): fix ResourceLog permissions when impersonating [#13203](https://github.com/openshift/console/pull/13203) * [OCPBUGS-19899](https://issues.redhat.com/browse/OCPBUGS-19899): change resource icon for FenceAgentRemediationTemplate… [#13204](https://github.com/openshift/console/pull/13204) * [OCPBUGS-19878](https://issues.redhat.com/browse/OCPBUGS-19878): show all the legends for Pipeline metrics in PipelineRun TaskRun Duration chart [#13202](https://github.com/openshift/console/pull/13202) * [OCPBUGS-19776](https://issues.redhat.com/browse/OCPBUGS-19776): 404 - not found will show on Knative-serving Details page [#13193](https://github.com/openshift/console/pull/13193) * [OCPBUGS-19526](https://issues.redhat.com/browse/OCPBUGS-19526): fetch TaskRuns without selector and reduces the get TaskRuns requests [#13178](https://github.com/openshift/console/pull/13178) * [OCPBUGS-18997](https://issues.redhat.com/browse/OCPBUGS-18997): fix issues with refactored "Create StorageClass" form [#13170](https://github.com/openshift/console/pull/13170) * [OCPBUGS-19664](https://issues.redhat.com/browse/OCPBUGS-19664): Check if filtered object contains name property [#13187](https://github.com/openshift/console/pull/13187) * [OCPBUGS-19380](https://issues.redhat.com/browse/OCPBUGS-19380): Hide the Builds NavItem if BuildConfig is not installed in the cluster [#13167](https://github.com/openshift/console/pull/13167) * [OCPBUGS-19337](https://issues.redhat.com/browse/OCPBUGS-19337): Unhide the Import From Git Tab on the Add page if Pipelines Operator is installed and BuildConfig is not installed in the cluster [#13160](https://github.com/openshift/console/pull/13160) * [OCPBUGS-19336](https://issues.redhat.com/browse/OCPBUGS-19336): Added React Icon [#13159](https://github.com/openshift/console/pull/13159) * [OCPBUGS-18881](https://issues.redhat.com/browse/OCPBUGS-18881): use active namespace in Create cta href of create action for operator backed [#13150](https://github.com/openshift/console/pull/13150) * [OCPBUGS-19362](https://issues.redhat.com/browse/OCPBUGS-19362): Hide the DeploymentConfig option in the User Preferences if that resource type isn't available [#13164](https://github.com/openshift/console/pull/13164) * [OCPBUGS-19338](https://issues.redhat.com/browse/OCPBUGS-19338): Hide DeploymentConfig option from forms when it's not installed in the cluster [#13161](https://github.com/openshift/console/pull/13161) * [OCPBUGS-18987](https://issues.redhat.com/browse/OCPBUGS-18987): Monitoring: Fix display of silenced alerts in dev console [#13152](https://github.com/openshift/console/pull/13152) * [OCPBUGS-18727](https://issues.redhat.com/browse/OCPBUGS-18727): bump @patternfly/react-core to v4.276.11 to pick up Sele… [#13146](https://github.com/openshift/console/pull/13146) * [OCPBUGS-18686](https://issues.redhat.com/browse/OCPBUGS-18686): Fix incorrect export of useLabelsModal in dynamic plug… [#13142](https://github.com/openshift/console/pull/13142) * [OCPBUGS-18604](https://issues.redhat.com/browse/OCPBUGS-18604): [knative] Don't rely on openshift/hello-openshift as a sample image [#13134](https://github.com/openshift/console/pull/13134) * [OCPBUGS-18094](https://issues.redhat.com/browse/OCPBUGS-18094): Remove cluster filter and menu group title [#13137](https://github.com/openshift/console/pull/13137) * [OCPBUGS-18348](https://issues.redhat.com/browse/OCPBUGS-18348): Add deprecation alert for DeploymentConfig [#12968](https://github.com/openshift/console/pull/12968) * [OCPBUGS-13359](https://issues.redhat.com/browse/OCPBUGS-13359): Fix crash when filtering the quick start catalog [#13126](https://github.com/openshift/console/pull/13126) * [OCPBUGS-18306](https://issues.redhat.com/browse/OCPBUGS-18306): fix useDeleteModal Example formatting [#13117](https://github.com/openshift/console/pull/13117) * [OCPBUGS-18406](https://issues.redhat.com/browse/OCPBUGS-18406): Builds navigation item is missing in Developer perspective [#13124](https://github.com/openshift/console/pull/13124) * [OCPBUGS-17341](https://issues.redhat.com/browse/OCPBUGS-17341): OCP console mandate secret for repository creation [#13084](https://github.com/openshift/console/pull/13084) * [OCPBUGS-16108](https://issues.redhat.com/browse/OCPBUGS-16108): Fix DeploymentConfig list performance issues by lazy loading their ReplicationControllers [#13118](https://github.com/openshift/console/pull/13118) * [CONSOLE-3126](https://issues.redhat.com/browse/CONSOLE-3126): Update cluster paused alert message [#13106](https://github.com/openshift/console/pull/13106) * [OCPBUGS-17864](https://issues.redhat.com/browse/OCPBUGS-17864): Web console slowness on Project>Project access page [#13099](https://github.com/openshift/console/pull/13099) * [OCPBUGS-17981](https://issues.redhat.com/browse/OCPBUGS-17981): Remove DeploymentConfig, Build and BuildConfig sections from navigation and use flags so they can be enabled by cluster admins [#13089](https://github.com/openshift/console/pull/13089) * [OCPBUGS-9182](https://issues.redhat.com/browse/OCPBUGS-9182): Enable default-container annotation to specify the default container for logs and terminal. [#13098](https://github.com/openshift/console/pull/13098) * [OCPBUGS-17913](https://issues.redhat.com/browse/OCPBUGS-17913): Typo in the OCP console menu [#13096](https://github.com/openshift/console/pull/13096) * [OCPBUGS-17948](https://issues.redhat.com/browse/OCPBUGS-17948): Fix that Devconsole plugin show essential features like add page and topology also when Builds and DeploymentConfigs capabilities are disabled [#13097](https://github.com/openshift/console/pull/13097) * [OCPBUGS-13892](https://issues.redhat.com/browse/OCPBUGS-13892): Remove spaces from prometheus queries [#13043](https://github.com/openshift/console/pull/13043) * [OCPBUGS-15927](https://issues.redhat.com/browse/OCPBUGS-15927): Error page when fresh normal user visiting BuildConfigs page of 'default' project [#13091](https://github.com/openshift/console/pull/13091) * [OCPBUGS-16374](https://issues.redhat.com/browse/OCPBUGS-16374): Fix topology crash when a console.topology/data/factory extension tries to resolve a resource with version from the CRDs which doesn't exists [#13093](https://github.com/openshift/console/pull/13093) * [CONSOLE-3327](https://issues.redhat.com/browse/CONSOLE-3327): Expose useActiveNamespace within dynamic-core-api [#13033](https://github.com/openshift/console/pull/13033) * [OCPBUGS-17595](https://issues.redhat.com/browse/OCPBUGS-17595): Updating YAML from console shows error [#13090](https://github.com/openshift/console/pull/13090) * [OU-206](https://issues.redhat.com/browse/OU-206): Merge monitoring alerts with alerts from other sources in the dev console [#12940](https://github.com/openshift/console/pull/12940) * [CONSOLE-3681](https://issues.redhat.com/browse/CONSOLE-3681): Convert storage-class-form.tsx from class component to … [#13036](https://github.com/openshift/console/pull/13036) * [OCPBUGS-17496](https://issues.redhat.com/browse/OCPBUGS-17496): Bridge NAD should set "preserveDefaultVlan": false [#13076](https://github.com/openshift/console/pull/13076) * [CONSOLE-3126](https://issues.redhat.com/browse/CONSOLE-3126): Remove paused state since its no longer relevant due to 4.14 changes … [#13072](https://github.com/openshift/console/pull/13072) * [OCPBUGS-17515](https://issues.redhat.com/browse/OCPBUGS-17515): Console UI is broken due to patternfly/react-core version change [#13086](https://github.com/openshift/console/pull/13086) * [OCPBUGS-17504](https://issues.redhat.com/browse/OCPBUGS-17504): Dev console: Remove checkboxes on Alert Details page Silenced By list [#13085](https://github.com/openshift/console/pull/13085) * [OCPBUGS-16717](https://issues.redhat.com/browse/OCPBUGS-16717): Fix name validation regex [#13075](https://github.com/openshift/console/pull/13075) * [OCPBUGS-17410](https://issues.redhat.com/browse/OCPBUGS-17410): Fix that "Delete application" doesn't work in topology when Pipelines operator is not installed [#13074](https://github.com/openshift/console/pull/13074) * [OCPBUGS-14138](https://issues.redhat.com/browse/OCPBUGS-14138): Console fix [#13078](https://github.com/openshift/console/pull/13078) * [OCPBUGS-15458](https://issues.redhat.com/browse/OCPBUGS-15458): Links for console-dynamic-plugin-sdk markdown docs are not working [#13062](https://github.com/openshift/console/pull/13062) * [OCPBUGS-129](https://issues.redhat.com/browse/OCPBUGS-129): bump @patternfly/react-core to v4.276.11 to pick up Sel… [#13052](https://github.com/openshift/console/pull/13052) * [OCPBUGS-17234](https://issues.redhat.com/browse/OCPBUGS-17234): change Command Line Tools text [#13068](https://github.com/openshift/console/pull/13068) * [OCPBUGS-17347](https://issues.redhat.com/browse/OCPBUGS-17347): Fix "View alerting rule" action URL [#13058](https://github.com/openshift/console/pull/13058) * [OCPBUGS-15419](https://issues.redhat.com/browse/OCPBUGS-15419): Title on Overview page has changed to "Cluster · Red Hat OpenShift" [#12951](https://github.com/openshift/console/pull/12951) * [OCPBUGS-13387](https://issues.redhat.com/browse/OCPBUGS-13387), [OCPBUGS-16693](https://issues.redhat.com/browse/OCPBUGS-16693): Import page create button is disabled due to PAC validation [#13046](https://github.com/openshift/console/pull/13046) * [CONSOLE-3683](https://issues.redhat.com/browse/CONSOLE-3683): Convert FireMan component in list-page.tsx from class c… [#13024](https://github.com/openshift/console/pull/13024) * [OU-231](https://issues.redhat.com/browse/OU-231): Add jgbernalp and zhuje to OWNERS for monitoring [#13069](https://github.com/openshift/console/pull/13069) * [OCPBUGS-17196](https://issues.redhat.com/browse/OCPBUGS-17196): Fix nad ovn type - annotation and netAttachName [#13053](https://github.com/openshift/console/pull/13053) * [OCPBUGS-16844](https://issues.redhat.com/browse/OCPBUGS-16844): external link icon in `resource added` toast notification not linked [#13057](https://github.com/openshift/console/pull/13057) * [OCPBUGS-15310](https://issues.redhat.com/browse/OCPBUGS-15310): Helm Chart installation modal "Documentation" field is always N/A [#13032](https://github.com/openshift/console/pull/13032) * [CONSOLE-3686](https://issues.redhat.com/browse/CONSOLE-3686): Convert SecretFormWrapper component in create-secret.ts… [#13017](https://github.com/openshift/console/pull/13017) * [OCPBUGS-15008](https://issues.redhat.com/browse/OCPBUGS-15008): update the KnativeServing API version to v1beta1 for global-config extension [#13059](https://github.com/openshift/console/pull/13059) * [CONSOLE-3679](https://issues.redhat.com/browse/CONSOLE-3679): Convert instantiate-template.tsx from class component t… [#12947](https://github.com/openshift/console/pull/12947) * [CONSOLE-3568](https://issues.redhat.com/browse/CONSOLE-3568): expose DeleteModal via useDeleteModal hook in @console/shared [#12974](https://github.com/openshift/console/pull/12974) * [CONSOLE-3677](https://issues.redhat.com/browse/CONSOLE-3677): Convert edit-yaml.jsx from class component to functiona… [#12973](https://github.com/openshift/console/pull/12973) * [CONSOLE-3678](https://issues.redhat.com/browse/CONSOLE-3678): Convert EventStream component in events.jsx from class … [#12989](https://github.com/openshift/console/pull/12989) * [OCPBUGS-16093](https://issues.redhat.com/browse/OCPBUGS-16093), [OCPBUGS-16270](https://issues.redhat.com/browse/OCPBUGS-16270), [OCPBUGS-9409](https://issues.redhat.com/browse/OCPBUGS-9409): Creation of GH webhook and attaching it to repo while importing from git using PAC [#13021](https://github.com/openshift/console/pull/13021) * [CONSOLE-3682](https://issues.redhat.com/browse/CONSOLE-3682): Convert components in cluster-settings folder from clas… [#13011](https://github.com/openshift/console/pull/13011) * [CONSOLE-3676](https://issues.redhat.com/browse/CONSOLE-3676): Convert app.jsx from class component to functional comp… [#12952](https://github.com/openshift/console/pull/12952) * [OU-175](https://issues.redhat.com/browse/OU-175): Monitoring: Add "Silences" tab to Developer console [#12900](https://github.com/openshift/console/pull/12900) * [OCPBUGS-10884](https://issues.redhat.com/browse/OCPBUGS-10884): propagate mpath device type to request data [#13022](https://github.com/openshift/console/pull/13022) * [OCPBUGS-16656](https://issues.redhat.com/browse/OCPBUGS-16656): Devfile import fails on master branch [#13050](https://github.com/openshift/console/pull/13050) * [OCPBUGS-9355](https://issues.redhat.com/browse/OCPBUGS-9355): Fix translation bug [#13049](https://github.com/openshift/console/pull/13049) * [OCPBUGS-3495](https://issues.redhat.com/browse/OCPBUGS-3495): Add cacheBuster query string when requesting plugin entry scripts [#13035](https://github.com/openshift/console/pull/13035) * [OCPBUGS-16599](https://issues.redhat.com/browse/OCPBUGS-16599): allow creation of v1beta1 APIversion Pipeline in Pipeline builder YAML view [#13034](https://github.com/openshift/console/pull/13034) * [OCPBUGS-9285](https://issues.redhat.com/browse/OCPBUGS-9285): Add note to the console.page/route extension regarding its usage [#13044](https://github.com/openshift/console/pull/13044) * [OCPBUGS-14341](https://issues.redhat.com/browse/OCPBUGS-14341): Check operands deletionTimestamp to disable kebab action menu [#13042](https://github.com/openshift/console/pull/13042) * [ODC-7336](https://issues.redhat.com/browse/ODC-7336): automation for customization-of-catalog-add-page-form feature file [#12934](https://github.com/openshift/console/pull/12934) * [OCPBUGS-11285](https://issues.redhat.com/browse/OCPBUGS-11285): Dynamic plugin translation support for plurals broken [#13028](https://github.com/openshift/console/pull/13028) * chore(i18n): update translations: Completed Master Branch - Sprint 238 [#12999](https://github.com/openshift/console/pull/12999) * [OCPBUGS-16433](https://issues.redhat.com/browse/OCPBUGS-16433): Fixes location update issues [#13023](https://github.com/openshift/console/pull/13023) * [CONSOLE-3591](https://issues.redhat.com/browse/CONSOLE-3591): Remove directory listing for /static/* [#13001](https://github.com/openshift/console/pull/13001) * [CONSOLE-3694](https://issues.redhat.com/browse/CONSOLE-3694): Convert tile-view-page.jsx from class component to func… [#12942](https://github.com/openshift/console/pull/12942) * [ODC-7334](https://issues.redhat.com/browse/ODC-7334): Show ConsoleSamples resources in the samples catalog [#12970](https://github.com/openshift/console/pull/12970) * [CONSOLE-3666](https://issues.redhat.com/browse/CONSOLE-3666): Validate shared modules of dynamic plugins [#12881](https://github.com/openshift/console/pull/12881) * [OCPBUGS-11971](https://issues.redhat.com/browse/OCPBUGS-11971): When removing the project owner from the project in GUI, instead of that user, the group (the default group added as project admin through the project template) will be removed. [#13016](https://github.com/openshift/console/pull/13016) * [OCPBUGS-13808](https://issues.redhat.com/browse/OCPBUGS-13808): Console SDK components should be using GroupVersionKin… [#13029](https://github.com/openshift/console/pull/13029) * [OCPBUGS-14837](https://issues.redhat.com/browse/OCPBUGS-14837), [OCPBUGS-16025](https://issues.redhat.com/browse/OCPBUGS-16025): Hide the Duplicate Pipelines Card in the DevConsole Add Page [#13007](https://github.com/openshift/console/pull/13007) * [OCPBUGS-8274](https://issues.redhat.com/browse/OCPBUGS-8274): Fix copy login command regression [#13003](https://github.com/openshift/console/pull/13003) * [CONSOLE-3687](https://issues.redhat.com/browse/CONSOLE-3687): Convert components in utils folder from class component… [#12925](https://github.com/openshift/console/pull/12925) * [OCPBUGS-11219](https://issues.redhat.com/browse/OCPBUGS-11219): Fix incorrectly nested css rule for print styles [#12991](https://github.com/openshift/console/pull/12991) * [OCPBUGS-11620](https://issues.redhat.com/browse/OCPBUGS-11620): Fix stop PLR option [#13020](https://github.com/openshift/console/pull/13020) * [CONSOLE-3706](https://issues.redhat.com/browse/CONSOLE-3706): Remove custom history.pushPath alias function [#12873](https://github.com/openshift/console/pull/12873) * [CONSOLE-3431](https://issues.redhat.com/browse/CONSOLE-3431): Allow building dynamic plugins without any exposed modules [#12530](https://github.com/openshift/console/pull/12530) * [HELM-502](https://issues.redhat.com/browse/HELM-502): Bump Helm to 3.12.1 [#13014](https://github.com/openshift/console/pull/13014) * [OCPBUGS-15359](https://issues.redhat.com/browse/OCPBUGS-15359): Enable namespace dropdown selection when all namespace installation mode selected by default and... [#12975](https://github.com/openshift/console/pull/12975) * [OCPBUGS-16174](https://issues.redhat.com/browse/OCPBUGS-16174): Update the VSCode extension link and descriptions on Create Serverless function form [#13015](https://github.com/openshift/console/pull/13015) * [OCPBUGS-13142](https://issues.redhat.com/browse/OCPBUGS-13142): InstallPlan info cannot shown on Subscription tab for … [#13012](https://github.com/openshift/console/pull/13012) * [OCPBUGS-14907](https://issues.redhat.com/browse/OCPBUGS-14907): Fix operator backed catalog page when copied CSVs disabled [#12932](https://github.com/openshift/console/pull/12932) * [CONSOLE-3684](https://issues.redhat.com/browse/CONSOLE-3684): Convert components in modals folder from class componen… [#12941](https://github.com/openshift/console/pull/12941) * [OCPBUGS-16148](https://issues.redhat.com/browse/OCPBUGS-16148): disable Save if Use existing claim is active and no … [#13010](https://github.com/openshift/console/pull/13010) * [OCPBUGS-16150](https://issues.redhat.com/browse/OCPBUGS-16150): Fix Start last run action in Topology sidepanel [#13009](https://github.com/openshift/console/pull/13009) * [OCPBUGS-15458](https://issues.redhat.com/browse/OCPBUGS-15458): Links for console-dynamic-plugin-sdk markdown docs are not working [#12993](https://github.com/openshift/console/pull/12993) * [OU-218](https://issues.redhat.com/browse/OU-218): Monitoring: Use `useResolvedExtensions` instead of `useExtensions` [#12987](https://github.com/openshift/console/pull/12987) * [CONSOLE-3680](https://issues.redhat.com/browse/CONSOLE-3680): Convert row-filter.jsx from class component to function… [#12957](https://github.com/openshift/console/pull/12957) * [OCPBUGS-13808](https://issues.redhat.com/browse/OCPBUGS-13808): Console SDK components should be using GroupVersionKin… [#12946](https://github.com/openshift/console/pull/12946) * [CONSOLE-3685](https://issues.redhat.com/browse/CONSOLE-3685): Convert components in RBAC folder from class component … [#12933](https://github.com/openshift/console/pull/12933) * [CONSOLE-3611](https://issues.redhat.com/browse/CONSOLE-3611): User can configure the install of Operators that authenticate using STS [#12779](https://github.com/openshift/console/pull/12779) * [OCPBUGS-9991](https://issues.redhat.com/browse/OCPBUGS-9991): Most of contents are lack of i18n on "Command Line Tools" page [#12995](https://github.com/openshift/console/pull/12995) * [OCPBUGS-15021](https://issues.redhat.com/browse/OCPBUGS-15021): Use FLAGS.CAN_GET_NS to decide whether to show Route details > Metrics tab [#12944](https://github.com/openshift/console/pull/12944) * [ODC-7341](https://issues.redhat.com/browse/ODC-7341): Show Build output in Shipwright Build list and details page [#12972](https://github.com/openshift/console/pull/12972) * [OCPBUGS-8005](https://issues.redhat.com/browse/OCPBUGS-8005): Fix broken upstream doc link for cluster channel upgrades [#12998](https://github.com/openshift/console/pull/12998) * [OCPBUGS-10884](https://issues.redhat.com/browse/OCPBUGS-10884): add multipath device type to LocalVolumeSet [#12723](https://github.com/openshift/console/pull/12723) * [OCPBUGS-14434](https://issues.redhat.com/browse/OCPBUGS-14434): Running `yarn dev` results in the build running on a loop [#12990](https://github.com/openshift/console/pull/12990) * [OCPBUGS-10844](https://issues.redhat.com/browse/OCPBUGS-10844): fix bug where binary secret values are corrupted on edit and add test coverage [#12986](https://github.com/openshift/console/pull/12986) * [OCPBUGS-15011](https://issues.redhat.com/browse/OCPBUGS-15011): Upload JAR file does not work if the Cluster Samples Operator is disabled [#12917](https://github.com/openshift/console/pull/12917) * [OCPBUGS-12891](https://issues.redhat.com/browse/OCPBUGS-12891): check for valid OLM selector in K8sResourceWidget to p… [#12887](https://github.com/openshift/console/pull/12887) * [OCPBUGS-15896](https://issues.redhat.com/browse/OCPBUGS-15896): STS label not valid according to kube [#12980](https://github.com/openshift/console/pull/12980) * [RHSTOR-4533](https://issues.redhat.com/browse/RHSTOR-4533): added a mutator property for the storage class extension [#12886](https://github.com/openshift/console/pull/12886) * [OCPBUGS-7416](https://issues.redhat.com/browse/OCPBUGS-7416): get Kamelets from the camel-k-operator namespace as well [#12710](https://github.com/openshift/console/pull/12710) * [OCPBUGS-14548](https://issues.redhat.com/browse/OCPBUGS-14548): only show pipelines doc link for downstream [#12979](https://github.com/openshift/console/pull/12979) * [CONSOLE-3565](https://issues.redhat.com/browse/CONSOLE-3565): Expose annotations modal in dynamic plugins sdk [#12843](https://github.com/openshift/console/pull/12843) * [CONSOLE-3610](https://issues.redhat.com/browse/CONSOLE-3610): User can filter on STS enabled clusters for Operators that claim support for STS [#12778](https://github.com/openshift/console/pull/12778) * [OCPBUGS-15773](https://issues.redhat.com/browse/OCPBUGS-15773): The upgrade Helm Release tab in OpenShift GUI Developer console is not refreshing with updated values. [#12966](https://github.com/openshift/console/pull/12966) * [ODC-7319](https://issues.redhat.com/browse/ODC-7319): correcting - missing package tag across gherkin files [#12847](https://github.com/openshift/console/pull/12847) * [ODC-7313](https://issues.redhat.com/browse/ODC-7313): Run CI tests with non-admin user [#12814](https://github.com/openshift/console/pull/12814) * [OCPBUGS-15427](https://issues.redhat.com/browse/OCPBUGS-15427): Remove access review check for PipelineResource from Pipeline section [#12964](https://github.com/openshift/console/pull/12964) * [ODC-7325](https://issues.redhat.com/browse/ODC-7325): Improve BuildConfig and Shipwright Build list pages [#12910](https://github.com/openshift/console/pull/12910) * [ODC-7340](https://issues.redhat.com/browse/ODC-7340): Remove Shipwright Tech Preview badges [#12960](https://github.com/openshift/console/pull/12960) * [OCPBUGS-14548](https://issues.redhat.com/browse/OCPBUGS-14548): update pipelines doc links [#12890](https://github.com/openshift/console/pull/12890) * [OCPBUGS-15572](https://issues.redhat.com/browse/OCPBUGS-15572): Fix bug where the install operator update approval radio button does … [#12959](https://github.com/openshift/console/pull/12959) * [OCPBUGS-14959](https://issues.redhat.com/browse/OCPBUGS-14959): Error for DuplicateClusterRoleBinding and Edit ClusterRoleBinding subject in RHOCP4 Web Console [#12939](https://github.com/openshift/console/pull/12939) * [OCPBUGS-14665](https://issues.redhat.com/browse/OCPBUGS-14665), [OCPBUGS-14874](https://issues.redhat.com/browse/OCPBUGS-14874), [OCPBUGS-14875](https://issues.redhat.com/browse/OCPBUGS-14875): Helm Chart installation form hangs on create if JSON-schema is using 2019-09 or 2020-20 standard revisions [#12929](https://github.com/openshift/console/pull/12929) * [OU-198](https://issues.redhat.com/browse/OU-198): Revert "Disable broken monitoring-tests" [#12943](https://github.com/openshift/console/pull/12943) * [ODC-7337](https://issues.redhat.com/browse/ODC-7337): Skip wait for authentication operator to start progressing when the secret already exists [#12884](https://github.com/openshift/console/pull/12884) * [OCPBUGS-497](https://issues.redhat.com/browse/OCPBUGS-497): frontend: fix kube-apiserver availability query [#12928](https://github.com/openshift/console/pull/12928) * [OCPBUGS-15060](https://issues.redhat.com/browse/OCPBUGS-15060): "Duplicate RoleBinding" leads to "Unsupported value" error [#12921](https://github.com/openshift/console/pull/12921) * [OCPBUGS-7794](https://issues.redhat.com/browse/OCPBUGS-7794): Image pull secret creation form doesn't re-enable Create button once it is disabled [#12609](https://github.com/openshift/console/pull/12609) * [CONSOLE-3616](https://issues.redhat.com/browse/CONSOLE-3616): Revert multicluster server flags [#12782](https://github.com/openshift/console/pull/12782) * [OCPBUGS-15299](https://issues.redhat.com/browse/OCPBUGS-15299): Create Serverless Function Form is Broken [#12926](https://github.com/openshift/console/pull/12926) * [OCPBUGS-13120](https://issues.redhat.com/browse/OCPBUGS-13120): Serverless functions UI warning is misleading [#12923](https://github.com/openshift/console/pull/12923) * [ODC-7329](https://issues.redhat.com/browse/ODC-7329): Subsequent PipelineRuns take initial PipelineRun name into account [#12913](https://github.com/openshift/console/pull/12913) * [CONSOLE-3612](https://issues.redhat.com/browse/CONSOLE-3612): User is warned when cluster is in STS mode [#12777](https://github.com/openshift/console/pull/12777) * [ODC-7322](https://issues.redhat.com/browse/ODC-7322): Implement a proxy to hit the Artifacthub.io API end point [#12905](https://github.com/openshift/console/pull/12905) * [MGMT-15023](https://issues.redhat.com/browse/MGMT-15023): Add help text to vCenter cluster field [#12912](https://github.com/openshift/console/pull/12912) * [OCPBUGS-11464](https://issues.redhat.com/browse/OCPBUGS-11464): Availability requirement update is initially disabled … [#12918](https://github.com/openshift/console/pull/12918) * [OCPBUGS-15135](https://issues.redhat.com/browse/OCPBUGS-15135): Make knative routes copyable similar to openshift routes [#12908](https://github.com/openshift/console/pull/12908) * [OCPBUGS-14909](https://issues.redhat.com/browse/OCPBUGS-14909): Disabling web-terminal tests in CI [#12892](https://github.com/openshift/console/pull/12892) * [OCPBUGS-14015](https://issues.redhat.com/browse/OCPBUGS-14015): Create helm release page doesn't show a YAML editor when schema isn't available (httpd-imagestreams chart) [#12914](https://github.com/openshift/console/pull/12914) * [CONSOLE-3372](https://issues.redhat.com/browse/CONSOLE-3372), [OCPBUGS-13648](https://issues.redhat.com/browse/OCPBUGS-13648), [OCPBUGS-13833](https://issues.redhat.com/browse/OCPBUGS-13833): Console supports installing non-latest Operator versions [#12743](https://github.com/openshift/console/pull/12743) * [OCPBUGS-7036](https://issues.redhat.com/browse/OCPBUGS-7036): Add Git Repository (PAC) doesn't setup GitLab and Bitbucket configuration correct [#12593](https://github.com/openshift/console/pull/12593) * chore(i18n): update translations: Completed-7034-OCP 4.13/Master Branch UI Localization- Sprint 231 [#12695](https://github.com/openshift/console/pull/12695) * [OCPBUGS-14354](https://issues.redhat.com/browse/OCPBUGS-14354): e2e: Enable Pipeline tests [#12911](https://github.com/openshift/console/pull/12911) * [OCPBUGS-14915](https://issues.redhat.com/browse/OCPBUGS-14915): Remove entries from the menu that are now added by `monitoring-plugin` [#12893](https://github.com/openshift/console/pull/12893) * [ODC-7316](https://issues.redhat.com/browse/ODC-7316): Add discoverability of the IDE extensions from Create Serverless form [#12846](https://github.com/openshift/console/pull/12846) * [OCPBUGS-14419](https://issues.redhat.com/browse/OCPBUGS-14419): Remove tech preview badge from Pipeline repository pages [#12888](https://github.com/openshift/console/pull/12888) * [ODC-7326](https://issues.redhat.com/browse/ODC-7326): Align Build, BuildRun and PipelineRun details page [#12898](https://github.com/openshift/console/pull/12898) * [OCPBUGS-14836](https://issues.redhat.com/browse/OCPBUGS-14836): Updated BuildConfig and Shipwright Build lists shows runs from another namespace [#12896](https://github.com/openshift/console/pull/12896) * [OCPBUGS-14890](https://issues.redhat.com/browse/OCPBUGS-14890): Missing 'View details' link for several servicemonitors.spec.endpoints fields in YAML sidebar [#12895](https://github.com/openshift/console/pull/12895) * [OCPBUGS-14002](https://issues.redhat.com/browse/OCPBUGS-14002): Correct the alignment of yaml toolbar links [#12894](https://github.com/openshift/console/pull/12894) * [OCPBUGS-14660](https://issues.redhat.com/browse/OCPBUGS-14660): Helm Repository "Edit" button results in 404 [#12891](https://github.com/openshift/console/pull/12891) * [OCPBUGS-14716](https://issues.redhat.com/browse/OCPBUGS-14716): add ROSA branding option [#12889](https://github.com/openshift/console/pull/12889) * [OCPBUGS-13208](https://issues.redhat.com/browse/OCPBUGS-13208): Fix PVC metrics query [#12867](https://github.com/openshift/console/pull/12867) * [OCPBUGS-12897](https://issues.redhat.com/browse/OCPBUGS-12897): Knative Route Details Page should show the URL of the route as it is shown in the Openshift Routes Details page [#12853](https://github.com/openshift/console/pull/12853) * [OCPBUGS-8682](https://issues.redhat.com/browse/OCPBUGS-8682): Fix empty create dropdown on provided APIs page [#12819](https://github.com/openshift/console/pull/12819) * [OCPBUGS-9214](https://issues.redhat.com/browse/OCPBUGS-9214): Create button is disabled in Git Import form when git repo url has hyphens in owner part of the url [#12652](https://github.com/openshift/console/pull/12652) * [OCPBUGS-4496](https://issues.redhat.com/browse/OCPBUGS-4496): Fix Samples/Snippets tab [#12642](https://github.com/openshift/console/pull/12642) * [OCPBUGS-7361](https://issues.redhat.com/browse/OCPBUGS-7361): support JSON schema 06 in the helm install/upgrade form [#12644](https://github.com/openshift/console/pull/12644) * [OU-138](https://issues.redhat.com/browse/OU-138): Move QueryBrowser component to dynamic SDK [#12841](https://github.com/openshift/console/pull/12841) * [OCPBUGS-9063](https://issues.redhat.com/browse/OCPBUGS-9063): Remove frontend validation from legacy operand form gen… [#12788](https://github.com/openshift/console/pull/12788) * [ODC-7275](https://issues.redhat.com/browse/ODC-7275): Implement invoke serverless functions [#12755](https://github.com/openshift/console/pull/12755) * [OCPBUGS-14964](https://issues.redhat.com/browse/OCPBUGS-14964): Disable broken monitoring-tests [#12902](https://github.com/openshift/console/pull/12902) * [OCPBUGS-11219](https://issues.redhat.com/browse/OCPBUGS-11219): Include print styles to allow printout of full screen and ... [#12849](https://github.com/openshift/console/pull/12849) * [ODC-7306](https://issues.redhat.com/browse/ODC-7306): Show the latest Build status in the Build list view [#12809](https://github.com/openshift/console/pull/12809) * [ODC-7277](https://issues.redhat.com/browse/ODC-7277): added v1 support for Pipeline [#12729](https://github.com/openshift/console/pull/12729) * [CONSOLE-3660](https://issues.redhat.com/browse/CONSOLE-3660): Introduce react-router v6 compatibility [#12861](https://github.com/openshift/console/pull/12861) * [OCPBUGS-8274](https://issues.redhat.com/browse/OCPBUGS-8274): Do not request token URL if auth is disabled [#12818](https://github.com/openshift/console/pull/12818) * [OCPBUGS-14668](https://issues.redhat.com/browse/OCPBUGS-14668): visiting Configurations page returns error Cannot read… [#12882](https://github.com/openshift/console/pull/12882) * [OCPBUGS-14602](https://issues.redhat.com/browse/OCPBUGS-14602): selected project was not taking effect when searching … [#12880](https://github.com/openshift/console/pull/12880) * [OCPBUGS-14550](https://issues.redhat.com/browse/OCPBUGS-14550): Use proxy with web socket connection and monitoring d… [#12877](https://github.com/openshift/console/pull/12877) * [CONSOLE-3392](https://issues.redhat.com/browse/CONSOLE-3392): Implement exact search for more precise result sets and add user prefs setting [#12838](https://github.com/openshift/console/pull/12838) * [ODC-7288](https://issues.redhat.com/browse/ODC-7288): Add proxy to invoke knative services with a public route [#12789](https://github.com/openshift/console/pull/12789) * [ODC-7320](https://issues.redhat.com/browse/ODC-7320): Gherkin for customisation of add page and developer catalog through customisation form view [#12855](https://github.com/openshift/console/pull/12855) * [OCPBUGS-14424](https://issues.redhat.com/browse/OCPBUGS-14424): OVN Kubernetes multi-homing [#12869](https://github.com/openshift/console/pull/12869) * [OCPBUGS-14262](https://issues.redhat.com/browse/OCPBUGS-14262): Fix Pipeline metrics page [#12863](https://github.com/openshift/console/pull/12863) * [OCPBUGS-10411](https://issues.redhat.com/browse/OCPBUGS-10411): Edit deployment don't enable save button if image stream is added [#12673](https://github.com/openshift/console/pull/12673) * [OCPBUGS-14149](https://issues.redhat.com/browse/OCPBUGS-14149): account for single object in status.conditions instead… [#12866](https://github.com/openshift/console/pull/12866) * [OCPBUGS-14352](https://issues.redhat.com/browse/OCPBUGS-14352): E2e tests fails because OpenShift Pipelines operator could not be found [#12872](https://github.com/openshift/console/pull/12872) * [OCPBUGS-9909](https://issues.redhat.com/browse/OCPBUGS-9909): Could not import multiple resources via JSON (while YAML supports this) [#12721](https://github.com/openshift/console/pull/12721) * [ODC-7317](https://issues.redhat.com/browse/ODC-7317): Update Terminal step of the Guided Tour to indicate that odo CLI is accessible [#12848](https://github.com/openshift/console/pull/12848) * [ODC-7308](https://issues.redhat.com/browse/ODC-7308): Update test cases of web terminal configuration page [#12825](https://github.com/openshift/console/pull/12825) * [ODC-7283](https://issues.redhat.com/browse/ODC-7283): Add Web Terminal tab in cluster configuration page [#12718](https://github.com/openshift/console/pull/12718) * [OCPBUGS-6767](https://issues.redhat.com/browse/OCPBUGS-6767): Regression: OpenShift Console no-longer filters SecretList when displaying ServiceAccount [#12679](https://github.com/openshift/console/pull/12679) * [OCPBUGS-13782](https://issues.redhat.com/browse/OCPBUGS-13782): Surface the message from Operator developer [#12840](https://github.com/openshift/console/pull/12840) * [OCPBUGS-12896](https://issues.redhat.com/browse/OCPBUGS-12896): Corrected Labels for resolving the bug related to the Create Route Checkbox [#12834](https://github.com/openshift/console/pull/12834) * [ODC-7315](https://issues.redhat.com/browse/ODC-7315): Change help texts in initialize Terminal page [#12824](https://github.com/openshift/console/pull/12824) * [OCPBUGS-11668](https://issues.redhat.com/browse/OCPBUGS-11668): Fix kebab actions on Installed Operators page [#12822](https://github.com/openshift/console/pull/12822) * [OCPBUGS-13693](https://issues.redhat.com/browse/OCPBUGS-13693): Fix RTE in bridge. [#12817](https://github.com/openshift/console/pull/12817) * [OCPBUGS-11256](https://issues.redhat.com/browse/OCPBUGS-11256): Topology UI doesn't recognize Serverless Rust function for proper UI icon [#12816](https://github.com/openshift/console/pull/12816) * [OCPBUGS-11996](https://issues.redhat.com/browse/OCPBUGS-11996): Fixed Make Serverless Form Error [#12815](https://github.com/openshift/console/pull/12815) * [OCPBUGS-13257](https://issues.redhat.com/browse/OCPBUGS-13257): propagate labels to pipeline resources [#12808](https://github.com/openshift/console/pull/12808) * [MGMT-14527](https://issues.redhat.com/browse/MGMT-14527): Add vSphere cluster field. [#12806](https://github.com/openshift/console/pull/12806) * [OCPBUGS-12783](https://issues.redhat.com/browse/OCPBUGS-12783): Remove "Action" type from OLM descriptor readme [#12800](https://github.com/openshift/console/pull/12800) * [CONSOLE-3623](https://issues.redhat.com/browse/CONSOLE-3623): Add X-CSRF token to console request headers [#12719](https://github.com/openshift/console/pull/12719) * [OCPBUGS-5453](https://issues.redhat.com/browse/OCPBUGS-5453): Add Pipeline metrics unsupported empty page [#12435](https://github.com/openshift/console/pull/12435) * [OCPBUGS-1829](https://issues.redhat.com/browse/OCPBUGS-1829): use service port name instead targetPort in the Pipeline Event listener route [#12148](https://github.com/openshift/console/pull/12148) * [CONSOLE-2501](https://issues.redhat.com/browse/CONSOLE-2501): Upgrade TypeScript version to 4.5 [#12821](https://github.com/openshift/console/pull/12821) * [ODC-7318](https://issues.redhat.com/browse/ODC-7318): Update ODC owners, May 2023 edition [#12839](https://github.com/openshift/console/pull/12839) * [CONSOLE-2501](https://issues.redhat.com/browse/CONSOLE-2501): Update builder image [#12828](https://github.com/openshift/console/pull/12828) * [OCPBUGS-13361](https://issues.redhat.com/browse/OCPBUGS-13361): Update plural string dynamic demo plugin locales [#12799](https://github.com/openshift/console/pull/12799) * [ODC-7309](https://issues.redhat.com/browse/ODC-7309): Remove dev console integration-tests reviewers [#12802](https://github.com/openshift/console/pull/12802) * [OCPBUGS-12244](https://issues.redhat.com/browse/OCPBUGS-12244): only copy workload annotations to debug pod [#12794](https://github.com/openshift/console/pull/12794) * [ODC-7279](https://issues.redhat.com/browse/ODC-7279): Correcting CI failures of ODC Packages [#12700](https://github.com/openshift/console/pull/12700) * [HELM-484](https://issues.redhat.com/browse/HELM-484): Basic authentication documentation update [#12768](https://github.com/openshift/console/pull/12768) * [CONSOLE-3615](https://issues.redhat.com/browse/CONSOLE-3615): Mark multicluster code for removal [#12754](https://github.com/openshift/console/pull/12754) * [ODC-7300](https://issues.redhat.com/browse/ODC-7300): Change method name for labelKeyForNodeKind to getTitleForNodeKind [#12733](https://github.com/openshift/console/pull/12733) * [ODC-7296](https://issues.redhat.com/browse/ODC-7296): Rename all instances of YAMLEditor to CodeEditor [#12708](https://github.com/openshift/console/pull/12708) * [Bug 2176216](https://bugzilla.redhat.com/show_bug.cgi?id=2176216): VMs are listed twice in cluster inventory [#12795](https://github.com/openshift/console/pull/12795) * [OCPBUGS-12267](https://issues.redhat.com/browse/OCPBUGS-12267): Fix OLM k8sResourcePrefix descriptor dropdown behavior [#12758](https://github.com/openshift/console/pull/12758) * [OCPBUGS-11099](https://issues.redhat.com/browse/OCPBUGS-11099): add support for minimal status of tekton [#12724](https://github.com/openshift/console/pull/12724) * [OCPBUGS-12732](https://issues.redhat.com/browse/OCPBUGS-12732): fix buildconfig form ns [#12771](https://github.com/openshift/console/pull/12771) * [OCPBUGS-12637](https://issues.redhat.com/browse/OCPBUGS-12637): update helm release empty state text [#12767](https://github.com/openshift/console/pull/12767) * [OCPBUGS-12286](https://issues.redhat.com/browse/OCPBUGS-12286): Fix missing console plugin control on CSV details page. [#12766](https://github.com/openshift/console/pull/12766) * [OCPBUGS-7692](https://issues.redhat.com/browse/OCPBUGS-7692): Fix that helm details page shows an inf. loading indicator when api call fails [#12578](https://github.com/openshift/console/pull/12578) * [OCPBUGS-11057](https://issues.redhat.com/browse/OCPBUGS-11057): Importing a kn Service shows a non-working Open URL decorator also when the Add Route checkbox was unselected [#12726](https://github.com/openshift/console/pull/12726) * [OCPBUGS-6581](https://issues.redhat.com/browse/OCPBUGS-6581): Serverless - Eventing - Channels: Conditions column i18n misses [#12641](https://github.com/openshift/console/pull/12641) * [OCPBUGS-7485](https://issues.redhat.com/browse/OCPBUGS-7485): When Creating Sample Devfile from the Samples Page, Topology Icon is not set [#12725](https://github.com/openshift/console/pull/12725) * [OCPBUGS-11596](https://issues.redhat.com/browse/OCPBUGS-11596): Do not fetch catalog sources on CSV or Subscription details pages. [#12717](https://github.com/openshift/console/pull/12717) * [OCPBUGS-10224](https://issues.redhat.com/browse/OCPBUGS-10224): Multiple instances of tabs under ODF dashboard [#12635](https://github.com/openshift/console/pull/12635) * [OCPBUGS-6770](https://issues.redhat.com/browse/OCPBUGS-6770): Pipeline doesn't render correctly when displayed but looks fine in edit mode [#12722](https://github.com/openshift/console/pull/12722) * [OCPBUGS-11869](https://issues.redhat.com/browse/OCPBUGS-11869): Pod Status Overlapping in Sidebar [#12732](https://github.com/openshift/console/pull/12732) * [CONSOLE-3600](https://issues.redhat.com/browse/CONSOLE-3600): Filter operators based on nodes OS type [#12707](https://github.com/openshift/console/pull/12707) * [OCPBUGS-9329](https://issues.redhat.com/browse/OCPBUGS-9329): update dynamic plugin info for development mode [#12666](https://github.com/openshift/console/pull/12666) * [OCPBUGS-10562](https://issues.redhat.com/browse/OCPBUGS-10562): disable operator-uninstall.ts as the uninstall test is… [#12731](https://github.com/openshift/console/pull/12731) * [OCPBUGS-3036](https://issues.redhat.com/browse/OCPBUGS-3036): Do not list subscriptions in all namespaces on CSV details page. [#12716](https://github.com/openshift/console/pull/12716) * [OCPBUGS-5548](https://issues.redhat.com/browse/OCPBUGS-5548): delete associated pipeline, triggertemplate and eventlistener when deleting app [#12587](https://github.com/openshift/console/pull/12587) * Add the possibility login with different IDP and user credentials [#12709](https://github.com/openshift/console/pull/12709) * [ODC-7270](https://issues.redhat.com/browse/ODC-7270), [ODC-7272](https://issues.redhat.com/browse/ODC-7272): Improve telemetry: Add resource and tab name to the page title [#12669](https://github.com/openshift/console/pull/12669) * Improve useModal docs example [#12115](https://github.com/openshift/console/pull/12115) * Improvements on Web Terminal Operator Installation functionality [#12713](https://github.com/openshift/console/pull/12713) * [OCPBUGS-10956](https://issues.redhat.com/browse/OCPBUGS-10956): Reduce metrics cardinality by grouping well-known and other perspectives and plugins [#12684](https://github.com/openshift/console/pull/12684) * [OCPBUGS-9305](https://issues.redhat.com/browse/OCPBUGS-9305): add missing readOnly conditions [#12685](https://github.com/openshift/console/pull/12685) * [ODC-7280](https://issues.redhat.com/browse/ODC-7280): Add PipelineRun tab to Dev perspective Pipeline page [#12672](https://github.com/openshift/console/pull/12672) * [OCPBUGS-10562](https://issues.redhat.com/browse/OCPBUGS-10562): re-enable and fix operator-uninstall.spec.ts [#12678](https://github.com/openshift/console/pull/12678) * [ODC-7282](https://issues.redhat.com/browse/ODC-7282): Add webhook informations on Repository details and summary page [#12690](https://github.com/openshift/console/pull/12690) * [OCPBUGS-11382](https://issues.redhat.com/browse/OCPBUGS-11382): Update Dockerfile to use latest builder images [#12655](https://github.com/openshift/console/pull/12655) * [ODC-7274](https://issues.redhat.com/browse/ODC-7274): Prepare a page and modal to invoke a Serverless function [#12686](https://github.com/openshift/console/pull/12686) * [OCPBUGS-103](https://issues.redhat.com/browse/OCPBUGS-103): Move operator install status to it's own route/page [#12704](https://github.com/openshift/console/pull/12704) * [OCPBUGS-11020](https://issues.redhat.com/browse/OCPBUGS-11020): fix runtime error on OperatorHub details pages [#12702](https://github.com/openshift/console/pull/12702) * [ODC-7281](https://issues.redhat.com/browse/ODC-7281): Provide Column management option for the TaskRuns list page [#12689](https://github.com/openshift/console/pull/12689) * Remove andybraren as dashboard reviewer [#11807](https://github.com/openshift/console/pull/11807) * [OCPBUGS-11197](https://issues.redhat.com/browse/OCPBUGS-11197): Rephrase vCenter connection tooltips [#12694](https://github.com/openshift/console/pull/12694) * [OCPBUGS-10961](https://issues.redhat.com/browse/OCPBUGS-10961): Fix description for BuildAdapter SDK extension [#12683](https://github.com/openshift/console/pull/12683) * [CONSOLE-3577](https://issues.redhat.com/browse/CONSOLE-3577): Remove deprecated metering endpoint from backend [#12692](https://github.com/openshift/console/pull/12692) * [OCPBUGS-5940](https://issues.redhat.com/browse/OCPBUGS-5940): Wait with CRD/model translation until i18n bundles are loaded [#12697](https://github.com/openshift/console/pull/12697) * [OCPBUGS-10916](https://issues.redhat.com/browse/OCPBUGS-10916): fix translation string for Image pull secret created alert [#12681](https://github.com/openshift/console/pull/12681) * [OCPBUGS-10836](https://issues.redhat.com/browse/OCPBUGS-10836): fix All projects selection on Pipelines page in dev perspective [#12676](https://github.com/openshift/console/pull/12676) * [OCPBUGS-10950](https://issues.redhat.com/browse/OCPBUGS-10950): use PipelineRun template from 'pipelines-as-code-pipelinerun-go' configMap for Go runtime [#12682](https://github.com/openshift/console/pull/12682) * [ODC-7271](https://issues.redhat.com/browse/ODC-7271): add duration for PipelineRun and TaskRun on details page [#12659](https://github.com/openshift/console/pull/12659) * [ODC-7276](https://issues.redhat.com/browse/ODC-7276): Add cancelled status color in Pipeline metrics page [#12662](https://github.com/openshift/console/pull/12662) * automation of edit build config feature file [#12622](https://github.com/openshift/console/pull/12622) * [OCPBUGS-10619](https://issues.redhat.com/browse/OCPBUGS-10619): Enable modal scroll for uninstall operator instances [#12680](https://github.com/openshift/console/pull/12680) * [OCPBUGS-10562](https://issues.redhat.com/browse/OCPBUGS-10562): disable operator-uninstall.spec.ts as the previous fix… [#12677](https://github.com/openshift/console/pull/12677) * PF Update 2023-2 [#12664](https://github.com/openshift/console/pull/12664) * [OCPBUGS-10562](https://issues.redhat.com/browse/OCPBUGS-10562): re-enable and fix operator-uninstall.spec.ts [#12661](https://github.com/openshift/console/pull/12661) * [OCPBUGS-10655](https://issues.redhat.com/browse/OCPBUGS-10655): Do not show builder ImageStreams without `sampleRepo` as samples [#12667](https://github.com/openshift/console/pull/12667) * [OCPBUGS-10509](https://issues.redhat.com/browse/OCPBUGS-10509): Sync Debug in Terminal feature availability with 3.x pods in web console [#12657](https://github.com/openshift/console/pull/12657) * [OCPBUGS-9956](https://issues.redhat.com/browse/OCPBUGS-9956): update the default pipelineRun template name [#12660](https://github.com/openshift/console/pull/12660) * [OCPBUGS-7620](https://issues.redhat.com/browse/OCPBUGS-7620): Edit Deployment (and DC) form doesn't enable Save button when changing strategy type [#12608](https://github.com/openshift/console/pull/12608) * [OCPBUGS-8086](https://issues.redhat.com/browse/OCPBUGS-8086): Visual fixes for list items [#12619](https://github.com/openshift/console/pull/12619) * [OCPBUGS-9907](https://issues.redhat.com/browse/OCPBUGS-9907): Fix alerts source display values [#12632](https://github.com/openshift/console/pull/12632) * [OU-110](https://issues.redhat.com/browse/OU-110): Observe > Dashboards : Code Consolidation Fixes [#12588](https://github.com/openshift/console/pull/12588) * [OCPBUGS-7484](https://issues.redhat.com/browse/OCPBUGS-7484): When there are 2 pipelines displayed in the dropdown menu, selecting one, unchecks the Add Pipeline checkbox [#12650](https://github.com/openshift/console/pull/12650) * [OCPBUGS-8268](https://issues.redhat.com/browse/OCPBUGS-8268): OpenShift pipeline TaskRun(s) column Duration is not present as column in UI [#12633](https://github.com/openshift/console/pull/12633) * [OCPBUGS-7632](https://issues.redhat.com/browse/OCPBUGS-7632): comment out suspected problematic test [#12647](https://github.com/openshift/console/pull/12647) * [OCPBUGS-10345](https://issues.redhat.com/browse/OCPBUGS-10345): Fix backend runtime error [#12654](https://github.com/openshift/console/pull/12654) * [OCPBUGS-10269](https://issues.redhat.com/browse/OCPBUGS-10269): Fix grammatical error in feedback modal [#12634](https://github.com/openshift/console/pull/12634) * [OCPBUGS-8299](https://issues.redhat.com/browse/OCPBUGS-8299): CronJobs table/details UI doesn't have Suspend indication [#12638](https://github.com/openshift/console/pull/12638) * [OCPBUGS-7801](https://issues.redhat.com/browse/OCPBUGS-7801): taskrun ui fails when using object type results [#12626](https://github.com/openshift/console/pull/12626) * [OCPBUGS-10230](https://issues.redhat.com/browse/OCPBUGS-10230): Fixes card sizes not even issue when commit info is not available on Environments page [#12550](https://github.com/openshift/console/pull/12550) * [OCPBUGS-5360](https://issues.redhat.com/browse/OCPBUGS-5360): re-enable operator-install-single-namespace.spec.ts test [#12424](https://github.com/openshift/console/pull/12424) * [OCPBUGS-10232](https://issues.redhat.com/browse/OCPBUGS-10232): Fixes argocd link for non-KAM added application envs [#12558](https://github.com/openshift/console/pull/12558) * [OCPBUGS-7232](https://issues.redhat.com/browse/OCPBUGS-7232): Fixes resource status alignment issue [#12429](https://github.com/openshift/console/pull/12429) * [CONSOLE-3393](https://issues.redhat.com/browse/CONSOLE-3393): Proxy managed cluster monitoring requests through MCE c… [#12360](https://github.com/openshift/console/pull/12360) * [CONSOLE-3425](https://issues.redhat.com/browse/CONSOLE-3425): Expose 'nameFilter' prop to 'ListPageFilter' component [#12438](https://github.com/openshift/console/pull/12438) * [OU-117](https://issues.redhat.com/browse/OU-117): No response for duplicate query with default disabled status when click 'Hide all queries' [#12621](https://github.com/openshift/console/pull/12621) * Update dockerignore. [#12538](https://github.com/openshift/console/pull/12538) * [CONSOLE-3452](https://issues.redhat.com/browse/CONSOLE-3452): Add patternfly customer feedback extension mechanism to console [#12611](https://github.com/openshift/console/pull/12611) * [OCPBUGS-7446](https://issues.redhat.com/browse/OCPBUGS-7446): Show type of sample on the samples view [#12548](https://github.com/openshift/console/pull/12548) * [OCPBUGS-7395](https://issues.redhat.com/browse/OCPBUGS-7395): Users don't know what type of resource is being created by Import from Git or Deploy Image flows [#12615](https://github.com/openshift/console/pull/12615) * [OCPBUGS-7178](https://issues.redhat.com/browse/OCPBUGS-7178): Add page title to Devconsole pages [#12591](https://github.com/openshift/console/pull/12591) * And 7 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/console/compare/b6b545cf6f39181f2c8548035aa7fc71204adec3...06827468f1806ff4a7b90f274a8ac44af3fd517f) ### [console-operator](https://github.com/openshift/console-operator/tree/855f3fcebb968880eca12713f01157aedee98d64) * [OCPBUGS-21029](https://issues.redhat.com/browse/OCPBUGS-21029): Bump library-go and golang.org/x/net [#850](https://github.com/openshift/console-operator/pull/850) * [OCPBUGS-23968](https://issues.redhat.com/browse/OCPBUGS-23968): Disable route controller health check for NLB setup [#817](https://github.com/openshift/console-operator/pull/817) * [OCPBUGS-24293](https://issues.redhat.com/browse/OCPBUGS-24293): ConsolePlugin metrics must no longer be grouped by the vendor [#820](https://github.com/openshift/console-operator/pull/820) * [OCPBUGS-22274](https://issues.redhat.com/browse/OCPBUGS-22274): Disable HTTP/2 for webhook [#803](https://github.com/openshift/console-operator/pull/803) * [OCPBUGS-20480](https://issues.redhat.com/browse/OCPBUGS-20480): Reset console operator's conditions [#797](https://github.com/openshift/console-operator/pull/797) * [CONSOLE-3438](https://issues.redhat.com/browse/CONSOLE-3438): Switch to using assets [#783](https://github.com/openshift/console-operator/pull/783) * [OCPBUGS-17424](https://issues.redhat.com/browse/OCPBUGS-17424): Really handle DeletedFinalStateUnknown correctly [#786](https://github.com/openshift/console-operator/pull/786) * [OCPBUGS-17424](https://issues.redhat.com/browse/OCPBUGS-17424): Handle cache.DeletedFinalStateUnknown correctly [#785](https://github.com/openshift/console-operator/pull/785) * chore: manifests/09-console-link-*: Drop obsolete deletion manifests [#784](https://github.com/openshift/console-operator/pull/784) * [CONSOLE-3624](https://issues.redhat.com/browse/CONSOLE-3624): Add haproxy timeout annotation to console routes [#777](https://github.com/openshift/console-operator/pull/777) * [ODC-7333](https://issues.redhat.com/browse/ODC-7333): Bump openshift/api to include ConsoleSample CRD [#771](https://github.com/openshift/console-operator/pull/771) * [OCPBUGS-15893](https://issues.redhat.com/browse/OCPBUGS-15893): Add missing watch permission for helm-chartrepos-viewers [#775](https://github.com/openshift/console-operator/pull/775) * [ODC-7333](https://issues.redhat.com/browse/ODC-7333): Add consolesamples to ClusterRole console-extensions-reader to give all users readonly access [#776](https://github.com/openshift/console-operator/pull/776) * [OCPBUGS-14716](https://issues.redhat.com/browse/OCPBUGS-14716): Handle branding based on API changes [#769](https://github.com/openshift/console-operator/pull/769) * [ODC-7339](https://issues.redhat.com/browse/ODC-7339): Follow up ticket for ODC-7292 [#773](https://github.com/openshift/console-operator/pull/773) * [OCPBUGS-15499](https://issues.redhat.com/browse/OCPBUGS-15499): Remove managed cluster logic from the operator's controller [#774](https://github.com/openshift/console-operator/pull/774) * [ODC-7292](https://issues.redhat.com/browse/ODC-7292): Add new quickstart for installing Cryostat [#770](https://github.com/openshift/console-operator/pull/770) * [ODC-7312](https://issues.redhat.com/browse/ODC-7312): Add OpenShift Quickstart for JBoss EAP 7 [#760](https://github.com/openshift/console-operator/pull/760) * [ODC-7262](https://issues.redhat.com/browse/ODC-7262): Add QuickStart approvers and reviewers [#772](https://github.com/openshift/console-operator/pull/772) * [CONSOLE-3278](https://issues.redhat.com/browse/CONSOLE-3278): Add client certificate and key to service monitor [#668](https://github.com/openshift/console-operator/pull/668) * [OCPBUGS-11751](https://issues.redhat.com/browse/OCPBUGS-11751): Remove multicluster conditions from console operator [#763](https://github.com/openshift/console-operator/pull/763) * [OCPBUGS-12990](https://issues.redhat.com/browse/OCPBUGS-12990): Update command line tools URL with custom downloads route [#761](https://github.com/openshift/console-operator/pull/761) * Updating openshift-enterprise-console-operator images to be consistent with ART [#756](https://github.com/openshift/console-operator/pull/756) * [OCPBUGS-5059](https://issues.redhat.com/browse/OCPBUGS-5059): Make enabled plugins unique [#710](https://github.com/openshift/console-operator/pull/710) * [OCPBUGS-12165](https://issues.redhat.com/browse/OCPBUGS-12165): Proper cleanup of route sync conditions [#757](https://github.com/openshift/console-operator/pull/757) * [OCPBUGS-12439](https://issues.redhat.com/browse/OCPBUGS-12439): Add new PrometheusRule to collect metrics for cluster-monitoring-operator [#755](https://github.com/openshift/console-operator/pull/755) * [OCPBUGS-11298](https://issues.redhat.com/browse/OCPBUGS-11298): Disable multicluster tech preview [#751](https://github.com/openshift/console-operator/pull/751) * [OCPBUGS-11531](https://issues.redhat.com/browse/OCPBUGS-11531): Bump documentationBaseURL to 4.14 [#750](https://github.com/openshift/console-operator/pull/750) * [CONSOLE-3279](https://issues.redhat.com/browse/CONSOLE-3279): Add node operating systems to console config [#742](https://github.com/openshift/console-operator/pull/742) * Revert "OCPBUGS-11164: Disable multicluster tech preview" [#749](https://github.com/openshift/console-operator/pull/749) * [OCPBUGS-11164](https://issues.redhat.com/browse/OCPBUGS-11164): Disable multicluster tech preview [#743](https://github.com/openshift/console-operator/pull/743) * [OCPBUGS-4009](https://issues.redhat.com/browse/OCPBUGS-4009): Console operator should report ConsolePlugins as relate… [#706](https://github.com/openshift/console-operator/pull/706) * [OCPBUGS-7111](https://issues.redhat.com/browse/OCPBUGS-7111): Filter out managed clusters that are not available [#724](https://github.com/openshift/console-operator/pull/724) * [OCPBUGS-10108](https://issues.redhat.com/browse/OCPBUGS-10108): ART image update [#738](https://github.com/openshift/console-operator/pull/738) * And 1 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/console-operator/compare/cb4657d2d8cc94b611bc9b1f4260f2776c30c0f0...855f3fcebb968880eca12713f01157aedee98d64) ### [container-networking-plugins](https://github.com/openshift/containernetworking-plugins/tree/a1b773076bd1a8ac10e622e58a36259a7a6e596a) * [OCPBUGS-56046](https://issues.redhat.com/browse/OCPBUGS-56046): Check error returned by ipv6 SettleAddresses [#193](https://github.com/openshift/containernetworking-plugins/pull/193) * [OCPBUGS-46121](https://issues.redhat.com/browse/OCPBUGS-46121): [4.14] cherry-pick containernetworking/plugins#997 [#168](https://github.com/openshift/containernetworking-plugins/pull/168) * [OCPBUGS-33066](https://issues.redhat.com/browse/OCPBUGS-33066): macvlan enable ipv6 ndisc_notify [#160](https://github.com/openshift/containernetworking-plugins/pull/160) * [OCPBUGS-20374](https://issues.redhat.com/browse/OCPBUGS-20374): build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.14] [#129](https://github.com/openshift/containernetworking-plugins/pull/129) * [OCPBUGS-17681](https://issues.redhat.com/browse/OCPBUGS-17681): Default CNI binaries to RHEL 8 [#116](https://github.com/openshift/containernetworking-plugins/pull/116) * Updating ose-containernetworking-plugins images to be consistent with ART [#108](https://github.com/openshift/containernetworking-plugins/pull/108) * Updating ose-containernetworking-plugins images to be consistent with ART [#107](https://github.com/openshift/containernetworking-plugins/pull/107) * Add rhel9 binary [#106](https://github.com/openshift/containernetworking-plugins/pull/106) * [OCPBUGS-14095](https://issues.redhat.com/browse/OCPBUGS-14095): Sync with upstream version v1.3.0 [#98](https://github.com/openshift/containernetworking-plugins/pull/98) * Updating ose-containernetworking-plugins images to be consistent with ART [#94](https://github.com/openshift/containernetworking-plugins/pull/94) * Updating ose-containernetworking-plugins images to be consistent with ART [#93](https://github.com/openshift/containernetworking-plugins/pull/93) * Updating ose-containernetworking-plugins images to be consistent with ART [#92](https://github.com/openshift/containernetworking-plugins/pull/92) * Updating ose-containernetworking-plugins images to be consistent with ART [#80](https://github.com/openshift/containernetworking-plugins/pull/80) * [Full changelog](https://github.com/openshift/containernetworking-plugins/compare/3086cf651514b87cc891b3dfbb65a645bd0b100e...a1b773076bd1a8ac10e622e58a36259a7a6e596a) ### [coredns](https://github.com/openshift/coredns/tree/fdd6037bf7380a48358b269d78bc8c61c311342c) * [OCPBUGS-37467](https://issues.redhat.com/browse/OCPBUGS-37467): UPSTREAM: 6354: openshift: key cache on Checking Disabled (CD) bit [#126](https://github.com/openshift/coredns/pull/126) * [OCPBUGS-28200](https://issues.redhat.com/browse/OCPBUGS-28200): UPSTREAM: 6277: openshift: Fix OCPBUGS-28200 [#114](https://github.com/openshift/coredns/pull/114) * [OCPBUGS-21067](https://issues.redhat.com/browse/OCPBUGS-21067): UPSTREAM: <carry>: openshift: address CVE-2023-39325 [#100](https://github.com/openshift/coredns/pull/100) * [OCPBUGS-19805](https://issues.redhat.com/browse/OCPBUGS-19805): UPSTREAM: <carry>: openshift: Fix OCPBUGS-19805 [#96](https://github.com/openshift/coredns/pull/96) * [OCPBUGS-12494](https://issues.redhat.com/browse/OCPBUGS-12494): Address CVE-2022-41723 [#92](https://github.com/openshift/coredns/pull/92) * Updating coredns images to be consistent with ART [#91](https://github.com/openshift/coredns/pull/91) * [OCPBUGS-10146](https://issues.redhat.com/browse/OCPBUGS-10146): Updating coredns images to be consistent with ART [#89](https://github.com/openshift/coredns/pull/89) * [Full changelog](https://github.com/openshift/coredns/compare/d3037cb9c6c13078d0ea2a7c6e7a4b6c21b29362...fdd6037bf7380a48358b269d78bc8c61c311342c) ### [csi-driver-manila, openstack-cinder-csi-driver, openstack-cloud-controller-manager](https://github.com/openshift/cloud-provider-openstack/tree/6957b24475043718e946ec2e0b5e373c96a1f03e) * [OCPBUGS-58887](https://issues.redhat.com/browse/OCPBUGS-58887): CARRY: don't ignore json files [#343](https://github.com/openshift/cloud-provider-openstack/pull/343) * [OCPBUGS-52413](https://issues.redhat.com/browse/OCPBUGS-52413): Merge https://github.com/kubernetes/cloud-provider-openstack:release-1.27 into release-4.14 [#315](https://github.com/openshift/cloud-provider-openstack/pull/315) * update tags [#2203](https://github.com/openshift/cloud-provider-openstack/pull/2203) * tests: Remove support for preinstalled images [#2199](https://github.com/openshift/cloud-provider-openstack/pull/2199) * And 113 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/cloud-provider-openstack/compare/ba00838c583d1fdc9c235ebfc0a28193d932cf41...6957b24475043718e946ec2e0b5e373c96a1f03e) ### [csi-driver-manila-operator](https://github.com/openshift/csi-driver-manila-operator/tree/d93a218ff323960eb1dea529f0173f069ccfab42) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#219](https://github.com/openshift/csi-driver-manila-operator/pull/219) * [OCPBUGS-23443](https://issues.redhat.com/browse/OCPBUGS-23443): Fix selector for manila-csi-driver-controller-metrics service [#211](https://github.com/openshift/csi-driver-manila-operator/pull/211) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#209](https://github.com/openshift/csi-driver-manila-operator/pull/209) * Configure User Agent [#191](https://github.com/openshift/csi-driver-manila-operator/pull/191) * [STOR-1440](https://issues.redhat.com/browse/STOR-1440): Restart controller Pods if metrics-serving-cert changed [#198](https://github.com/openshift/csi-driver-manila-operator/pull/198) * [OCPBUGS-12499](https://issues.redhat.com/browse/OCPBUGS-12499): Bump dependencies [#197](https://github.com/openshift/csi-driver-manila-operator/pull/197) * Remove unused Dockerfile.openshift.ci file [#193](https://github.com/openshift/csi-driver-manila-operator/pull/193) * Rework how we build the container image [#194](https://github.com/openshift/csi-driver-manila-operator/pull/194) * [OCPBUGS-14049](https://issues.redhat.com/browse/OCPBUGS-14049): Don't cache OpenStack client [#184](https://github.com/openshift/csi-driver-manila-operator/pull/184) * Revert "OCPBUGS-14049: Add secret informer" [#192](https://github.com/openshift/csi-driver-manila-operator/pull/192) * [OCPBUGS-16453](https://issues.redhat.com/browse/OCPBUGS-16453): Bump library-go [#190](https://github.com/openshift/csi-driver-manila-operator/pull/190) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#189](https://github.com/openshift/csi-driver-manila-operator/pull/189) * [OCPBUGS-14049](https://issues.redhat.com/browse/OCPBUGS-14049): Add secret informer [#187](https://github.com/openshift/csi-driver-manila-operator/pull/187) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#186](https://github.com/openshift/csi-driver-manila-operator/pull/186) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump csi-driver-manila-operator library-go [#183](https://github.com/openshift/csi-driver-manila-operator/pull/183) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#182](https://github.com/openshift/csi-driver-manila-operator/pull/182) * Updating csi-driver-manila-operator images to be consistent with ART [#181](https://github.com/openshift/csi-driver-manila-operator/pull/181) * Updating csi-driver-manila-operator images to be consistent with ART [#180](https://github.com/openshift/csi-driver-manila-operator/pull/180) * Updating csi-driver-manila-operator images to be consistent with ART [#179](https://github.com/openshift/csi-driver-manila-operator/pull/179) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#175](https://github.com/openshift/csi-driver-manila-operator/pull/175) * [OCPBUGS-8628](https://issues.redhat.com/browse/OCPBUGS-8628): Bump go.mongodb.org/mongo-driver to v1.5.1 [#173](https://github.com/openshift/csi-driver-manila-operator/pull/173) * Updating csi-driver-manila-operator images to be consistent with ART [#172](https://github.com/openshift/csi-driver-manila-operator/pull/172) * [Full changelog](https://github.com/openshift/csi-driver-manila-operator/compare/596a53c8fb79eddf85bad8deb504536adf228128...d93a218ff323960eb1dea529f0173f069ccfab42) ### [csi-driver-nfs](https://github.com/openshift/csi-driver-nfs/tree/e1dd45373456cf8e47a58d6764212317fb2f8a97) * Remove unused Dockerfile.openshift.ci file [#127](https://github.com/openshift/csi-driver-nfs/pull/127) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#126](https://github.com/openshift/csi-driver-nfs/pull/126) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#125](https://github.com/openshift/csi-driver-nfs/pull/125) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#124](https://github.com/openshift/csi-driver-nfs/pull/124) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#123](https://github.com/openshift/csi-driver-nfs/pull/123) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#122](https://github.com/openshift/csi-driver-nfs/pull/122) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#118](https://github.com/openshift/csi-driver-nfs/pull/118) * Updating csi-driver-nfs images to be consistent with ART [#121](https://github.com/openshift/csi-driver-nfs/pull/121) * Updating csi-driver-nfs images to be consistent with ART [#120](https://github.com/openshift/csi-driver-nfs/pull/120) * Updating csi-driver-nfs images to be consistent with ART [#119](https://github.com/openshift/csi-driver-nfs/pull/119) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#117](https://github.com/openshift/csi-driver-nfs/pull/117) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#116](https://github.com/openshift/csi-driver-nfs/pull/116) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#113](https://github.com/openshift/csi-driver-nfs/pull/113) * Updating csi-driver-nfs images to be consistent with ART [#112](https://github.com/openshift/csi-driver-nfs/pull/112) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#111](https://github.com/openshift/csi-driver-nfs/pull/111) * Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master [#110](https://github.com/openshift/csi-driver-nfs/pull/110) * [Full changelog](https://github.com/openshift/csi-driver-nfs/compare/2b914c2161722ebf11f9275fa29e00a0b1306da1...e1dd45373456cf8e47a58d6764212317fb2f8a97) ### [csi-driver-shared-resource, csi-driver-shared-resource-webhook](https://github.com/openshift/csi-driver-shared-resource/tree/9232c1ff48df333dadc9f7dc275649866e55ced0) * [OCPBUGS-28952](https://issues.redhat.com/browse/OCPBUGS-28952): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#167](https://github.com/openshift/csi-driver-shared-resource/pull/167) * [OCPBUGS-25069](https://issues.redhat.com/browse/OCPBUGS-25069), [OCPBUGS-26309](https://issues.redhat.com/browse/OCPBUGS-26309), [OCPBUGS-26323](https://issues.redhat.com/browse/OCPBUGS-26323): add snyk config file for SAST scan [#163](https://github.com/openshift/csi-driver-shared-resource/pull/163) * [OCPBUGS-23111](https://issues.redhat.com/browse/OCPBUGS-23111): Should reference configmaps instead of secrets [#152](https://github.com/openshift/csi-driver-shared-resource/pull/152) * [OCPBUGS-20734](https://issues.redhat.com/browse/OCPBUGS-20734): bump golang.org/x/net to v0.17.0 [#146](https://github.com/openshift/csi-driver-shared-resource/pull/146) * [OCPBUGS-16074](https://issues.redhat.com/browse/OCPBUGS-16074): Updating Kubernetes and other associated dependencies [#141](https://github.com/openshift/csi-driver-shared-resource/pull/141) * [OCPBUGS-14489](https://issues.redhat.com/browse/OCPBUGS-14489): Kubernetes 0.27 [#139](https://github.com/openshift/csi-driver-shared-resource/pull/139) * [OCPBUGS-12597](https://issues.redhat.com/browse/OCPBUGS-12597): bump(*): golang.org/x/net [#138](https://github.com/openshift/csi-driver-shared-resource/pull/138) * Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART [#136](https://github.com/openshift/csi-driver-shared-resource/pull/136) * Updating ose-csi-driver-shared-resource images to be consistent with ART [#137](https://github.com/openshift/csi-driver-shared-resource/pull/137) * Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART [#135](https://github.com/openshift/csi-driver-shared-resource/pull/135) * Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART [#133](https://github.com/openshift/csi-driver-shared-resource/pull/133) * Add go-imports-organizer/goio to organize imports [#132](https://github.com/openshift/csi-driver-shared-resource/pull/132) * [OCPBUGS-10022](https://issues.redhat.com/browse/OCPBUGS-10022): add 'system:serviceaccounts' to SAR to allow group based RBAC [#130](https://github.com/openshift/csi-driver-shared-resource/pull/130) * Updating ose-csi-driver-shared-resource-mustgather images to be consistent with ART [#131](https://github.com/openshift/csi-driver-shared-resource/pull/131) * Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART [#128](https://github.com/openshift/csi-driver-shared-resource/pull/128) * Updating ose-csi-driver-shared-resource images to be consistent with ART [#129](https://github.com/openshift/csi-driver-shared-resource/pull/129) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource/compare/01bbb23b627835354f6177b4b44cfc50bd6d9a2e...9232c1ff48df333dadc9f7dc275649866e55ced0) ### [csi-driver-shared-resource-operator](https://github.com/openshift/csi-driver-shared-resource-operator/tree/c273cd52b791e69da41ac23fafb6d926c0530276) * [OCPBUGS-28957](https://issues.redhat.com/browse/OCPBUGS-28957): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#103](https://github.com/openshift/csi-driver-shared-resource-operator/pull/103) * [OCPBUGS-26312](https://issues.redhat.com/browse/OCPBUGS-26312): add snyk config file for SAST scank [#97](https://github.com/openshift/csi-driver-shared-resource-operator/pull/97) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#91](https://github.com/openshift/csi-driver-shared-resource-operator/pull/91) * [OCPBUGS-20825](https://issues.redhat.com/browse/OCPBUGS-20825): bump golang.org/x/net to v0.17.0 [#86](https://github.com/openshift/csi-driver-shared-resource-operator/pull/86) * [STOR-1442](https://issues.redhat.com/browse/STOR-1442): Restart webhook Pods if webhook-serving-cert changed [#83](https://github.com/openshift/csi-driver-shared-resource-operator/pull/83) * [STOR-1441](https://issues.redhat.com/browse/STOR-1441): Restart node Pods if metrics-serving-cert changed [#82](https://github.com/openshift/csi-driver-shared-resource-operator/pull/82) * [OCPBUGS-16073](https://issues.redhat.com/browse/OCPBUGS-16073): Updating Kubernetes and other associated dependencies [#81](https://github.com/openshift/csi-driver-shared-resource-operator/pull/81) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump csi-driver-shared-resource-operator library-go [#80](https://github.com/openshift/csi-driver-shared-resource-operator/pull/80) * [OCPBUGS-14488](https://issues.redhat.com/browse/OCPBUGS-14488): bumping kubernetes to 0.27.1 [#79](https://github.com/openshift/csi-driver-shared-resource-operator/pull/79) * Updating ose-csi-driver-shared-resource-operator images to be consistent with ART [#77](https://github.com/openshift/csi-driver-shared-resource-operator/pull/77) * Updating ose-csi-driver-shared-resource-operator images to be consistent with ART [#76](https://github.com/openshift/csi-driver-shared-resource-operator/pull/76) * Updating ose-csi-driver-shared-resource-operator images to be consistent with ART [#75](https://github.com/openshift/csi-driver-shared-resource-operator/pull/75) * Updating ose-csi-driver-shared-resource-operator images to be consistent with ART [#73](https://github.com/openshift/csi-driver-shared-resource-operator/pull/73) * [OCPBUGS-7906](https://issues.redhat.com/browse/OCPBUGS-7906): add openshift workload annotation to driver daemonset [#72](https://github.com/openshift/csi-driver-shared-resource-operator/pull/72) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource-operator/compare/bc169d2d8d1cd128770d2202c6cc00e5328e4e73...c273cd52b791e69da41ac23fafb6d926c0530276) ### [csi-external-attacher](https://github.com/openshift/csi-external-attacher/tree/06e8ce0d36f7c23f0906327cd66ec6bd15165366) * [OCPBUGS-21177](https://issues.redhat.com/browse/OCPBUGS-21177): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#60](https://github.com/openshift/csi-external-attacher/pull/60) * [STOR-1169](https://issues.redhat.com/browse/STOR-1169): Rebase `external-attacher` to v4.3.0 for OCP 4.14 [#54](https://github.com/openshift/csi-external-attacher/pull/54) * [OCPBUGS-14815](https://issues.redhat.com/browse/OCPBUGS-14815): Chore: Update OWNERS and OWNERS_ALIASES [#55](https://github.com/openshift/csi-external-attacher/pull/55) * Updating csi-attacher images to be consistent with ART [#53](https://github.com/openshift/csi-external-attacher/pull/53) * Updating csi-attacher images to be consistent with ART [#52](https://github.com/openshift/csi-external-attacher/pull/52) * Updating csi-attacher images to be consistent with ART [#51](https://github.com/openshift/csi-external-attacher/pull/51) * Updating csi-attacher images to be consistent with ART [#50](https://github.com/openshift/csi-external-attacher/pull/50) * [Full changelog](https://github.com/openshift/csi-external-attacher/compare/d92908438817984fc47558fdaa03805d8c3b256c...06e8ce0d36f7c23f0906327cd66ec6bd15165366) ### [csi-external-provisioner](https://github.com/openshift/csi-external-provisioner/tree/e18ed7f00d8c80564a8dd5827013cd49f33ff0d7) * [OCPBUGS-35112](https://issues.redhat.com/browse/OCPBUGS-35112): CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 [#99](https://github.com/openshift/csi-external-provisioner/pull/99) * [OCPBUGS-20775](https://issues.redhat.com/browse/OCPBUGS-20775): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#72](https://github.com/openshift/csi-external-provisioner/pull/72) * [OCPBUGS-17264](https://issues.redhat.com/browse/OCPBUGS-17264): USPTREAM: 969: build(deps): bump golang.org/x/tools from 0.9.3 to 0.12.0 [#68](https://github.com/openshift/csi-external-provisioner/pull/68) * [OCPBUGS-14811](https://issues.redhat.com/browse/OCPBUGS-14811): Chore: Update OWNERS and OWNERS_ALIASES [#66](https://github.com/openshift/csi-external-provisioner/pull/66) * [STOR-1169](https://issues.redhat.com/browse/STOR-1169): Rebase `external-provisioner` to v3.5.0 for OCP 4.14 [#65](https://github.com/openshift/csi-external-provisioner/pull/65) * Updating csi-provisioner images to be consistent with ART [#64](https://github.com/openshift/csi-external-provisioner/pull/64) * Updating csi-provisioner images to be consistent with ART [#63](https://github.com/openshift/csi-external-provisioner/pull/63) * Updating csi-provisioner images to be consistent with ART [#62](https://github.com/openshift/csi-external-provisioner/pull/62) * Updating csi-provisioner images to be consistent with ART [#61](https://github.com/openshift/csi-external-provisioner/pull/61) * [Full changelog](https://github.com/openshift/csi-external-provisioner/compare/0bf126b77a721ddaa4706fcb41f8b7be8d292492...e18ed7f00d8c80564a8dd5827013cd49f33ff0d7) ### [csi-external-resizer](https://github.com/openshift/csi-external-resizer/tree/59a701a4c8cd3105e272b12afdb1e62e411b2772) * [OCPBUGS-20929](https://issues.redhat.com/browse/OCPBUGS-20929): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#147](https://github.com/openshift/csi-external-resizer/pull/147) * [STOR-1169](https://issues.redhat.com/browse/STOR-1169): Rebase `external-resizer` to v1.8.0 for OCP 4.14 [#141](https://github.com/openshift/csi-external-resizer/pull/141) * [OCPBUGS-14812](https://issues.redhat.com/browse/OCPBUGS-14812): Chore: Update OWNERS and OWNERS_ALIASES [#142](https://github.com/openshift/csi-external-resizer/pull/142) * Updating ose-csi-external-resizer images to be consistent with ART [#140](https://github.com/openshift/csi-external-resizer/pull/140) * Updating ose-csi-external-resizer images to be consistent with ART [#139](https://github.com/openshift/csi-external-resizer/pull/139) * Updating ose-csi-external-resizer images to be consistent with ART [#138](https://github.com/openshift/csi-external-resizer/pull/138) * Updating ose-csi-external-resizer images to be consistent with ART [#137](https://github.com/openshift/csi-external-resizer/pull/137) * [Full changelog](https://github.com/openshift/csi-external-resizer/compare/e8036caff2482648a18c1ac776cf9d2474569d10...59a701a4c8cd3105e272b12afdb1e62e411b2772) ### [csi-external-snapshotter, csi-snapshot-controller, csi-snapshot-validation-webhook](https://github.com/openshift/csi-external-snapshotter/tree/a6834536936b16dcd9ee81a8753a2ef6dc208541) * [OCPBUGS-29433](https://issues.redhat.com/browse/OCPBUGS-29433): cherry-pick:release-4.14: OCPBUGS-29244 Update VolumeSnapshot and VolumeSnapshotContent using JSON patch [#142](https://github.com/openshift/csi-external-snapshotter/pull/142) * [OCPBUGS-21032](https://issues.redhat.com/browse/OCPBUGS-21032): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#109](https://github.com/openshift/csi-external-snapshotter/pull/109) * [STOR-1169](https://issues.redhat.com/browse/STOR-1169): Rebase `external-snapshotter` to v6.2.2 for OCP 4.14 [#101](https://github.com/openshift/csi-external-snapshotter/pull/101) * [OCPBUGS-14813](https://issues.redhat.com/browse/OCPBUGS-14813): Chore: Update OWNERS and OWNERS_ALIASES [#102](https://github.com/openshift/csi-external-snapshotter/pull/102) * Updating csi-snapshot-validation-webhook images to be consistent with ART [#100](https://github.com/openshift/csi-external-snapshotter/pull/100) * Updating ose-csi-external-snapshotter images to be consistent with ART [#99](https://github.com/openshift/csi-external-snapshotter/pull/99) * Updating ose-csi-snapshot-controller images to be consistent with ART [#98](https://github.com/openshift/csi-external-snapshotter/pull/98) * Updating csi-snapshot-validation-webhook images to be consistent with ART [#97](https://github.com/openshift/csi-external-snapshotter/pull/97) * Updating ose-csi-external-snapshotter images to be consistent with ART [#96](https://github.com/openshift/csi-external-snapshotter/pull/96) * Updating ose-csi-snapshot-controller images to be consistent with ART [#95](https://github.com/openshift/csi-external-snapshotter/pull/95) * Updating csi-snapshot-validation-webhook images to be consistent with ART [#94](https://github.com/openshift/csi-external-snapshotter/pull/94) * Updating ose-csi-external-snapshotter images to be consistent with ART [#93](https://github.com/openshift/csi-external-snapshotter/pull/93) * Updating ose-csi-snapshot-controller images to be consistent with ART [#92](https://github.com/openshift/csi-external-snapshotter/pull/92) * Updating csi-snapshot-validation-webhook images to be consistent with ART [#91](https://github.com/openshift/csi-external-snapshotter/pull/91) * Updating ose-csi-snapshot-controller images to be consistent with ART [#89](https://github.com/openshift/csi-external-snapshotter/pull/89) * Updating ose-csi-external-snapshotter images to be consistent with ART [#90](https://github.com/openshift/csi-external-snapshotter/pull/90) * [Full changelog](https://github.com/openshift/csi-external-snapshotter/compare/c8a7a097f68b37ad06a87a4b5c480daeab45be85...a6834536936b16dcd9ee81a8753a2ef6dc208541) ### [csi-livenessprobe](https://github.com/openshift/csi-livenessprobe/tree/a9bcbde134a17d3335f68a49aaad4befa8d7cc08) * [OCPBUGS-20640](https://issues.redhat.com/browse/OCPBUGS-20640): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#50](https://github.com/openshift/csi-livenessprobe/pull/50) * [STOR-1169](https://issues.redhat.com/browse/STOR-1169): Rebase `livenessprobe` to v2.10.0 for OCP 4.14 [#44](https://github.com/openshift/csi-livenessprobe/pull/44) * [OCPBUGS-14810](https://issues.redhat.com/browse/OCPBUGS-14810): Chore: Update OWNERS and OWNERS_ALIASES [#45](https://github.com/openshift/csi-livenessprobe/pull/45) * Updating csi-livenessprobe images to be consistent with ART [#40](https://github.com/openshift/csi-livenessprobe/pull/40) * Updating csi-livenessprobe images to be consistent with ART [#38](https://github.com/openshift/csi-livenessprobe/pull/38) * [Full changelog](https://github.com/openshift/csi-livenessprobe/compare/3587db51b8a672a2d3be2ac48ea107e474f33402...a9bcbde134a17d3335f68a49aaad4befa8d7cc08) ### [csi-node-driver-registrar](https://github.com/openshift/csi-node-driver-registrar/tree/9dcaa7f5b7573e7ef9dbec1439abc32171003799) * [OCPBUGS-20697](https://issues.redhat.com/browse/OCPBUGS-20697): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#52](https://github.com/openshift/csi-node-driver-registrar/pull/52) * [STOR-1169](https://issues.redhat.com/browse/STOR-1169): Rebase `node-driver-registrar` to v2.8.0 for OCP 4.14 [#46](https://github.com/openshift/csi-node-driver-registrar/pull/46) * [OCPBUGS-14814](https://issues.redhat.com/browse/OCPBUGS-14814): Chore: Update OWNERS and OWNERS_ALIASES [#47](https://github.com/openshift/csi-node-driver-registrar/pull/47) * Updating csi-node-driver-registrar images to be consistent with ART [#45](https://github.com/openshift/csi-node-driver-registrar/pull/45) * Updating csi-node-driver-registrar images to be consistent with ART [#44](https://github.com/openshift/csi-node-driver-registrar/pull/44) * Updating csi-node-driver-registrar images to be consistent with ART [#43](https://github.com/openshift/csi-node-driver-registrar/pull/43) * Updating csi-node-driver-registrar images to be consistent with ART [#42](https://github.com/openshift/csi-node-driver-registrar/pull/42) * [Full changelog](https://github.com/openshift/csi-node-driver-registrar/compare/9ea90f34485500a525fcaad3d79ee82a41402d47...9dcaa7f5b7573e7ef9dbec1439abc32171003799) ### [docker-builder](https://github.com/openshift/builder/tree/cdeff52978c86241874a807cf88b37bfe80c4cb6) * [OCPBUGS-58140](https://issues.redhat.com/browse/OCPBUGS-58140): S2I build cpu limits observed by assemble are limited to 1 cpu [#476](https://github.com/openshift/builder/pull/476) * [OCPBUGS-42915](https://issues.redhat.com/browse/OCPBUGS-42915), [OCPBUGS-43297](https://issues.redhat.com/browse/OCPBUGS-43297): Bump buildah to 1.33.12 [#447](https://github.com/openshift/builder/pull/447) * [OCPBUGS-43190](https://issues.redhat.com/browse/OCPBUGS-43190): runc library bump to 1.1.12 [#438](https://github.com/openshift/builder/pull/438) * [OCPBUGS-48495](https://issues.redhat.com/browse/OCPBUGS-48495): skipping some unit tests to avoid failures as they are duplicate [#430](https://github.com/openshift/builder/pull/430) * [OCPBUGS-48477](https://issues.redhat.com/browse/OCPBUGS-48477): Add team members to the OWNERS file [#429](https://github.com/openshift/builder/pull/429) * [BUILD-854](https://issues.redhat.com/browse/BUILD-854): Add adambkaplan as approver [#404](https://github.com/openshift/builder/pull/404) * [OCPBUGS-28949](https://issues.redhat.com/browse/OCPBUGS-28949): Replace 'coreydaley' with 'sayan-biswas' [#379](https://github.com/openshift/builder/pull/379) * [OCPBUGS-23006](https://issues.redhat.com/browse/OCPBUGS-23006): Add -p flag to cp command to preserve timestamps [#370](https://github.com/openshift/builder/pull/370) * [OCPBUGS-20726](https://issues.redhat.com/browse/OCPBUGS-20726): [release-4.14] Bumping golang.org/x/net [#362](https://github.com/openshift/builder/pull/362) * [OCPBUGS-20409](https://issues.redhat.com/browse/OCPBUGS-20409): drop the Overlay setting from transient mounts [#360](https://github.com/openshift/builder/pull/360) * [BUILD-432](https://issues.redhat.com/browse/BUILD-432): mount secrets as "overlay" mounts [#349](https://github.com/openshift/builder/pull/349) * [OCPBUGS-16070](https://issues.redhat.com/browse/OCPBUGS-16070): Updating Kubernetes and other associated dependencies [#356](https://github.com/openshift/builder/pull/356) * [OCPBUGS-15497](https://issues.redhat.com/browse/OCPBUGS-15497): Add the git-lfs package [#350](https://github.com/openshift/builder/pull/350) * [OCPBUGS-14798](https://issues.redhat.com/browse/OCPBUGS-14798): Adds reference to contributing.md [#346](https://github.com/openshift/builder/pull/346) * [OCPBUGS-14484](https://issues.redhat.com/browse/OCPBUGS-14484): Kubernetes 0.27 [#347](https://github.com/openshift/builder/pull/347) * [OCPBUGS-1973](https://issues.redhat.com/browse/OCPBUGS-1973): pass CPU limits for Docker strategy builds [#341](https://github.com/openshift/builder/pull/341) * Updating openshift-enterprise-builder images to be consistent with ART [#345](https://github.com/openshift/builder/pull/345) * Updating openshift-enterprise-builder images to be consistent with ART [#344](https://github.com/openshift/builder/pull/344) * Updating openshift-enterprise-builder images to be consistent with ART [#343](https://github.com/openshift/builder/pull/343) * [OCPBUGS-3064](https://issues.redhat.com/browse/OCPBUGS-3064): normalize locations in pull/push secrets which might look like URLs [#330](https://github.com/openshift/builder/pull/330) * Bump golang.org/x/net from 0.5.0 to 0.7.0 [#338](https://github.com/openshift/builder/pull/338) * Bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 [#337](https://github.com/openshift/builder/pull/337) * [OCPBUGS-7782](https://issues.redhat.com/browse/OCPBUGS-7782): bump(github.com/containers/common) to v0.51.2 [#335](https://github.com/openshift/builder/pull/335) * Adding Divyanshu Agrawal as a reviewer [#334](https://github.com/openshift/builder/pull/334) * Replacing openshift-goimports with goio [#333](https://github.com/openshift/builder/pull/333) * Updating development setup steps [#331](https://github.com/openshift/builder/pull/331) * Updating openshift-enterprise-builder images to be consistent with ART [#332](https://github.com/openshift/builder/pull/332) * [Full changelog](https://github.com/openshift/builder/compare/b379980d6f626dc45a91f0a715bc94e75fb4b309...cdeff52978c86241874a807cf88b37bfe80c4cb6) ### [docker-registry](https://github.com/openshift/image-registry/tree/ce0483f140c5065a1b4aafbbbb94b1b9ca5f29e1) * [OCPBUGS-53651](https://issues.redhat.com/browse/OCPBUGS-53651): bump jwt and oauth dependencies [#434](https://github.com/openshift/image-registry/pull/434) * [OCPBUGS-31857](https://issues.redhat.com/browse/OCPBUGS-31857): vendor: bump aws-sdk-go to support ca-west-1 [#397](https://github.com/openshift/image-registry/pull/397) * [OCPBUGS-29604](https://issues.redhat.com/browse/OCPBUGS-29604): vendor: bump distribution to fix azure storage path bug [#394](https://github.com/openshift/image-registry/pull/394) * [OCPBUGS-22826](https://issues.redhat.com/browse/OCPBUGS-22826): Allow ICSP IDMS coexisting [#385](https://github.com/openshift/image-registry/pull/385) * [OCPBUGS-19379](https://issues.redhat.com/browse/OCPBUGS-19379): increase rest.Config QPS and Burst [#381](https://github.com/openshift/image-registry/pull/381) * [OCPBUGS-17975](https://issues.redhat.com/browse/OCPBUGS-17975): Support both icsp and idms [#375](https://github.com/openshift/image-registry/pull/375) * Revert "[OCPNODE-1258] Support both icsp and idms" [#374](https://github.com/openshift/image-registry/pull/374) * Support both icsp and idms [#346](https://github.com/openshift/image-registry/pull/346) * [IR-371](https://issues.redhat.com/browse/IR-371): Bump docker distribution (again) [#372](https://github.com/openshift/image-registry/pull/372) * [TRT-1092](https://issues.redhat.com/browse/TRT-1092): Revert "Merge pull request #370 from flavianmissi/bump-docker-distrib… [#371](https://github.com/openshift/image-registry/pull/371) * [IR-371](https://issues.redhat.com/browse/IR-371): upgrade docker distribution [#370](https://github.com/openshift/image-registry/pull/370) * Updating openshift-enterprise-registry images to be consistent with ART [#369](https://github.com/openshift/image-registry/pull/369) * Updating openshift-enterprise-registry images to be consistent with ART [#363](https://github.com/openshift/image-registry/pull/363) * [Full changelog](https://github.com/openshift/image-registry/compare/d00c2694d7ccfe28536fad6ac9b9dd3967d01107...ce0483f140c5065a1b4aafbbbb94b1b9ca5f29e1) ### [driver-toolkit](https://github.com/openshift/driver-toolkit/tree/cafed17b0c2b4cf8d8310304888787ed7adf7474) * Removing `kernel[-rt]-core` packages from the image. (#132) [#132](https://github.com/openshift/driver-toolkit/pull/132) * Upgrade glibc, use dnf (#131) [#131](https://github.com/openshift/driver-toolkit/pull/131) * Fixing the regexp used to get the correct GCC version. (#127) [#127](https://github.com/openshift/driver-toolkit/pull/127) * Updating the docs to use `ubi9` instead of `ubi8`. (#126) [#126](https://github.com/openshift/driver-toolkit/pull/126) * Updating driver-toolkit images to be consistent with ART (#120) [#120](https://github.com/openshift/driver-toolkit/pull/120) * Remove abi since it was not in 9.2 rpms (#121) [#121](https://github.com/openshift/driver-toolkit/pull/121) * [Full changelog](https://github.com/openshift/driver-toolkit/compare/d719bdcfa49bc18b729117ee513a86a1ddecb63a...cafed17b0c2b4cf8d8310304888787ed7adf7474) ### [egress-router-cni](https://github.com/openshift/egress-router-cni/tree/96f2f54fec843fc9e8dec826d7b3fa25cdf38d7f) * [OCPBUGS-35143](https://issues.redhat.com/browse/OCPBUGS-35143): update to go 1.19 and k8s.io mods to v0.27.4 [#87](https://github.com/openshift/egress-router-cni/pull/87) * [OCPBUGS-19850](https://issues.redhat.com/browse/OCPBUGS-19850): Ensure that IP forwarding is enabled [#78](https://github.com/openshift/egress-router-cni/pull/78) * rework PR #74 to switch Dockerfile to use rhel9 [#75](https://github.com/openshift/egress-router-cni/pull/75) * Updating egress-router-cni images to be consistent with ART [#70](https://github.com/openshift/egress-router-cni/pull/70) * [OCPBUGS-6553](https://issues.redhat.com/browse/OCPBUGS-6553): update go-yaml to v2.4.0 [#67](https://github.com/openshift/egress-router-cni/pull/67) * Updating egress-router-cni images to be consistent with ART [#66](https://github.com/openshift/egress-router-cni/pull/66) * [Full changelog](https://github.com/openshift/egress-router-cni/compare/dfe03737f1562e81aa09101e4a48f039245bd339...96f2f54fec843fc9e8dec826d7b3fa25cdf38d7f) ### [etcd](https://github.com/openshift/etcd/tree/5ed5044c5661c55d297ab0348056b50969af9627) * [OCPBUGS-32813](https://issues.redhat.com/browse/OCPBUGS-32813): Revert "Merge pull request #261 from Elbehery/rebase-etcd-3.5.13-open… [#265](https://github.com/openshift/etcd/pull/265) * [OCPBUGS-31650](https://issues.redhat.com/browse/OCPBUGS-31650): Rebase etcd 3.5.13 openshift 4.14 [#261](https://github.com/openshift/etcd/pull/261) * [OCPBUGS-28733](https://issues.redhat.com/browse/OCPBUGS-28733): Rebase etcd 3.5.12 openshift 4.14 [#244](https://github.com/openshift/etcd/pull/244) * [OCPBUGS-24939](https://issues.redhat.com/browse/OCPBUGS-24939): Rebase etcd 3.5.11 openshift 4.14 [#235](https://github.com/openshift/etcd/pull/235) * [OCPBUGS-22727](https://issues.redhat.com/browse/OCPBUGS-22727): [4.14] Rebase openshift/etcd to 3.5.10 [#226](https://github.com/openshift/etcd/pull/226) * [OCPBUGS-21221](https://issues.redhat.com/browse/OCPBUGS-21221): Carrying fixes for CVE-2023-44487 [#222](https://github.com/openshift/etcd/pull/222) * [OCPBUGS-18415](https://issues.redhat.com/browse/OCPBUGS-18415): Updating ose-etcd images to be consistent with ART [#208](https://github.com/openshift/etcd/pull/208) * [OCPBUGS-18179](https://issues.redhat.com/browse/OCPBUGS-18179): UPSTREAM <carry>: update build images to rhel9 [#211](https://github.com/openshift/etcd/pull/211) * [OCPBUGS-11850](https://issues.redhat.com/browse/OCPBUGS-11850): Rebase etcd-3.5.9 into openshift-4.14 [#203](https://github.com/openshift/etcd/pull/203) * [OCPBUGS-11850](https://issues.redhat.com/browse/OCPBUGS-11850): Rebase etcd-3.5.8 into openshift-4.14 [#201](https://github.com/openshift/etcd/pull/201) * Update owners [#184](https://github.com/openshift/etcd/pull/184) * Updating ose-etcd images to be consistent with ART [#182](https://github.com/openshift/etcd/pull/182) * [Full changelog](https://github.com/openshift/etcd/compare/a6b7ad436ea8139436c6e9a456fdacd09ec7f054...5ed5044c5661c55d297ab0348056b50969af9627) ### [gcp-cloud-controller-manager](https://github.com/openshift/cloud-provider-gcp/tree/09e96a91c4c95e4f8a3d77bae81875c570dd9e3c) * [OCPBUGS-21321](https://issues.redhat.com/browse/OCPBUGS-21321): Bump golang.org/x/net to v0.18.0 [#42](https://github.com/openshift/cloud-provider-gcp/pull/42) * Merge https://github.com/kubernetes/cloud-provider-gcp:master (49c9a25) into master [#34](https://github.com/openshift/cloud-provider-gcp/pull/34) * Updating ose-gcp-cloud-controller-manager images to be consistent with ART [#33](https://github.com/openshift/cloud-provider-gcp/pull/33) * [OCPCLOUD-2049](https://issues.redhat.com/browse/OCPCLOUD-2049): Merge https://github.com/kubernetes/cloud-provider-gcp:master (87cd065) into master [#28](https://github.com/openshift/cloud-provider-gcp/pull/28) * Updating ose-gcp-cloud-controller-manager images to be consistent with ART [#31](https://github.com/openshift/cloud-provider-gcp/pull/31) * [OCPBUGS-10167](https://issues.redhat.com/browse/OCPBUGS-10167): Updating ose-gcp-cloud-controller-manager images to be consistent with ART [#29](https://github.com/openshift/cloud-provider-gcp/pull/29) * [Full changelog](https://github.com/openshift/cloud-provider-gcp/compare/507fea9800dc63da95ce551d2fb03219d0b0597a...09e96a91c4c95e4f8a3d77bae81875c570dd9e3c) ### [gcp-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-gcp/tree/d99fb31aa7280f6b5da00880a64b4774600817a2) * [OCPBUGS-17290](https://issues.redhat.com/browse/OCPBUGS-17290), [OCPBUGS-21417](https://issues.redhat.com/browse/OCPBUGS-21417): Bump golang.org/x/net to v0.17.0 [#203](https://github.com/openshift/cluster-api-provider-gcp/pull/203) * [OCPCLOUD-1874](https://issues.redhat.com/browse/OCPCLOUD-1874): Merge https://github.com/kubernetes-sigs/cluster-api-provider-gcp:v1.4.0 (2131458) into master [#198](https://github.com/openshift/cluster-api-provider-gcp/pull/198) * [OCPBUGS-6407](https://issues.redhat.com/browse/OCPBUGS-6407): Merge https://github.com/kubernetes-sigs/cluster-api-provider-gcp:v1.3.0 (fa642b2) into master [#195](https://github.com/openshift/cluster-api-provider-gcp/pull/195) * Add openshift/e2e-tests for CAPI E2E testing [#197](https://github.com/openshift/cluster-api-provider-gcp/pull/197) * [OCPBUGS-10073](https://issues.redhat.com/browse/OCPBUGS-10073): Updating ose-gcp-cluster-api-controllers images to be consistent with ART [#193](https://github.com/openshift/cluster-api-provider-gcp/pull/193) * Merge https://github.com/kubernetes-sigs/cluster-api-provider-gcp:release-1.2 (1d8cf4c) into master [#189](https://github.com/openshift/cluster-api-provider-gcp/pull/189) * [Full changelog](https://github.com/openshift/cluster-api-provider-gcp/compare/b8a2772574aacf16a998ff7c7ba24000eff60d07...d99fb31aa7280f6b5da00880a64b4774600817a2) ### [gcp-machine-controllers](https://github.com/openshift/machine-api-provider-gcp/tree/7bf14fb2d7eabbb2e22d39d203b43dc6a5443a21) * [OCPBUGS-56194](https://issues.redhat.com/browse/OCPBUGS-56194): Disable shielded VMs for non-UEFI disks [#118](https://github.com/openshift/machine-api-provider-gcp/pull/118) * [OCPBUGS-20870](https://issues.redhat.com/browse/OCPBUGS-20870): Bump x/net package to v0.17.0 [#65](https://github.com/openshift/machine-api-provider-gcp/pull/65) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#57](https://github.com/openshift/machine-api-provider-gcp/pull/57) * [CFE-683](https://issues.redhat.com/browse/CFE-683): Add user defined labels to the created gcp resource [#53](https://github.com/openshift/machine-api-provider-gcp/pull/53) * [CFE-683](https://issues.redhat.com/browse/CFE-683): Update openshift/api package to latest version [#56](https://github.com/openshift/machine-api-provider-gcp/pull/56) * [OCPCLOUD-2056](https://issues.redhat.com/browse/OCPCLOUD-2056): Update dependencies to K8s 1.27 [#51](https://github.com/openshift/machine-api-provider-gcp/pull/51) * [OCPBUGS-11223](https://issues.redhat.com/browse/OCPBUGS-11223): Reduce metrics cardinality. [#46](https://github.com/openshift/machine-api-provider-gcp/pull/46) * [OCPBUGS-12629](https://issues.redhat.com/browse/OCPBUGS-12629): Bump x/net to v0.7.0 [#48](https://github.com/openshift/machine-api-provider-gcp/pull/48) * Updating ose-machine-api-provider-gcp images to be consistent with ART [#47](https://github.com/openshift/machine-api-provider-gcp/pull/47) * [OCPBUGS-10154](https://issues.redhat.com/browse/OCPBUGS-10154): Updating ose-machine-api-provider-gcp images to be consistent with ART [#44](https://github.com/openshift/machine-api-provider-gcp/pull/44) * [Full changelog](https://github.com/openshift/machine-api-provider-gcp/compare/ad18bf13488c04f34d3daff4b1b6370543aab74b...7bf14fb2d7eabbb2e22d39d203b43dc6a5443a21) ### [gcp-pd-csi-driver](https://github.com/openshift/gcp-pd-csi-driver/tree/8a626fe5354a7cb28e31034dc8afe9c00d4b5a03) * [OCPBUGS-20752](https://issues.redhat.com/browse/OCPBUGS-20752): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#45](https://github.com/openshift/gcp-pd-csi-driver/pull/45) * [OCPBUGS-17367](https://issues.redhat.com/browse/OCPBUGS-17367): UPSTREAM: <carry>: Remove the static library linking flag [#41](https://github.com/openshift/gcp-pd-csi-driver/pull/41) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#39](https://github.com/openshift/gcp-pd-csi-driver/pull/39) * UPSTREAM: <carry>: Fix OWNERS_ALIASES [#40](https://github.com/openshift/gcp-pd-csi-driver/pull/40) * [STOR-1163](https://issues.redhat.com/browse/STOR-1163): Rebase to upstream v1.10.1 [#37](https://github.com/openshift/gcp-pd-csi-driver/pull/37) * Updating ose-gcp-pd-csi-driver images to be consistent with ART [#36](https://github.com/openshift/gcp-pd-csi-driver/pull/36) * Updating ose-gcp-pd-csi-driver images to be consistent with ART [#33](https://github.com/openshift/gcp-pd-csi-driver/pull/33) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver/compare/81e6074605854246cdab8425a7289ad83169571a...8a626fe5354a7cb28e31034dc8afe9c00d4b5a03) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/95d55a043a60b584a9fe28d37825761282305840) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#107](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/107) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#96](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/96) * [OCPBUGS-20847](https://issues.redhat.com/browse/OCPBUGS-20847): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#87](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/87) * [CFE-878](https://issues.redhat.com/browse/CFE-878): Add userLabels in Infrastructure to driver args list [#74](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/74) * [OCPBUGS-16654](https://issues.redhat.com/browse/OCPBUGS-16654): Revert revert "STOR-1065: Rework sidecar bindings to b… [#76](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/76) * [OCPBUGS-16569](https://issues.redhat.com/browse/OCPBUGS-16569): Bump library-go to remove dependency on goproxy [#78](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/78) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#77](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/77) * Revert "STOR-1065: Rework sidecar bindings to bind common ClusterRoles" [#75](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/75) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#71](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/71) * [OCPBUGS-15823](https://issues.redhat.com/browse/OCPBUGS-15823): Change timeout of CSI sidecar [#73](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/73) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump gcp-pd-csi-driver-operator library-go [#72](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/72) * [STOR-1301](https://issues.redhat.com/browse/STOR-1301): Restart controller Pods if metrics-serving-cert changed [#68](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/68) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#70](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/70) * [OCPBUGS-12609](https://issues.redhat.com/browse/OCPBUGS-12609): Bump golang.org/x/net@v0.9.0 [#69](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/69) * Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART [#67](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/67) * Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART [#66](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/66) * Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART [#65](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/65) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#64](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/64) * Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART [#63](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/63) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/08c561b8292b4a5de3d5bc553a3e463b1f93ec0c...95d55a043a60b584a9fe28d37825761282305840) ### [haproxy-router](https://github.com/openshift/router/tree/c3a2430c09ccea623bb8a599ce56a6e267009620) * [OCPBUGS-32634](https://issues.redhat.com/browse/OCPBUGS-32634): Properly handle rewrite-target annotation [#583](https://github.com/openshift/router/pull/583) * [OCPBUGS-33797](https://issues.redhat.com/browse/OCPBUGS-33797): Reject routes with MD5 certs [#598](https://github.com/openshift/router/pull/598) * [OCPBUGS-33389](https://issues.redhat.com/browse/OCPBUGS-33389): Count active services before setting weight to 1 [#592](https://github.com/openshift/router/pull/592) * [OCPBUGS-30773](https://issues.redhat.com/browse/OCPBUGS-30773): OCPBUGS 6958 backport to 4.14 [#568](https://github.com/openshift/router/pull/568) * [OCPBUGS-32437](https://issues.redhat.com/browse/OCPBUGS-32437): Introduce 'idle-close-on-response' option for frontends [#580](https://github.com/openshift/router/pull/580) * [OCPBUGS-21134](https://issues.redhat.com/browse/OCPBUGS-21134): Bump golang.org/x/net to v0.17.0 to address CVE-2023-39325 [#530](https://github.com/openshift/router/pull/530) * [OCPBUGS-21898](https://issues.redhat.com/browse/OCPBUGS-21898): haproxy-template: Add 'no strict-limits' to address HAProxy 2.6 issue [#528](https://github.com/openshift/router/pull/528) * [OCPBUGS-17653](https://issues.redhat.com/browse/OCPBUGS-17653): haproxy/template: mitigate CVE-2023-40225 [#505](https://github.com/openshift/router/pull/505) * [NE-1141](https://issues.redhat.com/browse/NE-1141): Adds logic for setting and deleting headers via Ingress Operator CR and Route Object. [#438](https://github.com/openshift/router/pull/438) * [OCPBUGS-16623](https://issues.redhat.com/browse/OCPBUGS-16623): properly handle weight=0 [#499](https://github.com/openshift/router/pull/499) * [RFE-3007](https://issues.redhat.com/browse/RFE-3007): Add the ability to enabled option contstats [#449](https://github.com/openshift/router/pull/449) * [OCPBUGS-3356](https://issues.redhat.com/browse/OCPBUGS-3356): Add support for tuning tune.http.cookielen [#436](https://github.com/openshift/router/pull/436) * [NE-1304](https://issues.redhat.com/browse/NE-1304): container builds: switch to haproxy26 package [#487](https://github.com/openshift/router/pull/487) * [OCPBUGS-13969](https://issues.redhat.com/browse/OCPBUGS-13969): Bump vendors k8s libraries to 0.27.2 [#486](https://github.com/openshift/router/pull/486) * [OCPBUGS-6661](https://issues.redhat.com/browse/OCPBUGS-6661), [OCPBUGS-9464](https://issues.redhat.com/browse/OCPBUGS-9464): Handle mTLS CRLs, and fix accidental CRL duplication [#472](https://github.com/openshift/router/pull/472) * [OCPBUGS-12610](https://issues.redhat.com/browse/OCPBUGS-12610): Address CVE-2022-41723 [#475](https://github.com/openshift/router/pull/475) * [OCPBUGS-12346](https://issues.redhat.com/browse/OCPBUGS-12346): Update 4.14 ose-haproxy-router-base image to be consistent with ART [#473](https://github.com/openshift/router/pull/473) * [OCPBUGS-10200](https://issues.redhat.com/browse/OCPBUGS-10200): Updating openshift-enterprise-haproxy-router images to be consistent with ART [#455](https://github.com/openshift/router/pull/455) * [OCPBUGS-8646](https://issues.redhat.com/browse/OCPBUGS-8646): bump openshift/library-go to drop mongo-driver references [#462](https://github.com/openshift/router/pull/462) * [OCPBUGS-11595](https://issues.redhat.com/browse/OCPBUGS-11595): Revert "[NE-1267] container builds: switch to haproxy26 package" [#467](https://github.com/openshift/router/pull/467) * [OCPBUGS-10170](https://issues.redhat.com/browse/OCPBUGS-10170): Updating ose-haproxy-router-base images to be consistent with ART [#453](https://github.com/openshift/router/pull/453) * container builds: switch to haproxy26 package [#466](https://github.com/openshift/router/pull/466) * [OCPBUGS-10003](https://issues.redhat.com/browse/OCPBUGS-10003): Revert "NE-1115: Update haproxy container builds to use haproxy 2.6" [#458](https://github.com/openshift/router/pull/458) * [Full changelog](https://github.com/openshift/router/compare/8b39926371f49a623ad814851533ab4d87f3af1a...c3a2430c09ccea623bb8a599ce56a6e267009620) ### [hyperkube, pod](https://github.com/openshift/kubernetes/tree/03a907c6d182353a0e9b83a224a6f0398406f6d5) * [OCPBUGS-39413](https://issues.redhat.com/browse/OCPBUGS-39413): Return from EnsureHostInPool on all NIC errors [#2073](https://github.com/openshift/kubernetes/pull/2073) * : OCPBUGS-38959: Upstream: 115702 kubelet: output log even file is rotated [#2060](https://github.com/openshift/kubernetes/pull/2060) * NO-JIRA: update downstream owners [#2051](https://github.com/openshift/kubernetes/pull/2051) * [OCPBUGS-37623](https://issues.redhat.com/browse/OCPBUGS-37623): Bump to Kubernetes v1.27.16 [#2043](https://github.com/openshift/kubernetes/pull/2043) * [OCPBUGS-35553](https://issues.redhat.com/browse/OCPBUGS-35553): Disable vulncheck [#2010](https://github.com/openshift/kubernetes/pull/2010) * [OCPBUGS-35553](https://issues.redhat.com/browse/OCPBUGS-35553): Bump k8s 1.27.15 [#1992](https://github.com/openshift/kubernetes/pull/1992) * [OCPBUGS-33964](https://issues.redhat.com/browse/OCPBUGS-33964): UPSTREAM: 123055: Fix race condition between resizer and kubelet [#1973](https://github.com/openshift/kubernetes/pull/1973) * UPSTREAM: <carry>: OCPBUGS-32473: fix cpu manager cpuset check [#1951](https://github.com/openshift/kubernetes/pull/1951) * [OCPBUGS-33712](https://issues.redhat.com/browse/OCPBUGS-33712): Bump to Kubernetes v1.27.14 [#1970](https://github.com/openshift/kubernetes/pull/1970) * [OCPBUGS-33417](https://issues.redhat.com/browse/OCPBUGS-33417): Provide SCC access via RBAC [#1965](https://github.com/openshift/kubernetes/pull/1965) * [OCPBUGS-14373](https://issues.redhat.com/browse/OCPBUGS-14373): Fix flaky HPA e2e tests by not failing on context cancelled (#117669) [#1958](https://github.com/openshift/kubernetes/pull/1958) * [OCPBUGS-32580](https://issues.redhat.com/browse/OCPBUGS-32580): allow override of NewVolumeManagerReconstruction [#1956](https://github.com/openshift/kubernetes/pull/1956) * [OCPBUGS-32309](https://issues.redhat.com/browse/OCPBUGS-32309): Bump K8s api to 1.27.13 [#1950](https://github.com/openshift/kubernetes/pull/1950) * [OCPBUGS-29924](https://issues.redhat.com/browse/OCPBUGS-29924): UPSTREAM: <carry>: openshift-kube-apiserver: add kube-apiserver patches [#1898](https://github.com/openshift/kubernetes/pull/1898) * [OCPBUGS-31504](https://issues.redhat.com/browse/OCPBUGS-31504): Bump to 1.27.12 [#1927](https://github.com/openshift/kubernetes/pull/1927) * [OCPBUGS-31741](https://issues.redhat.com/browse/OCPBUGS-31741): 4.14: UPSTREAM: 124048: Use the right feature gate when updating uncertain volumes [#1936](https://github.com/openshift/kubernetes/pull/1936) * Address CVE [#12](https://github.com/openshift/kubernetes/pull/12) * [OCPBUGS-30964](https://issues.redhat.com/browse/OCPBUGS-30964): Set up CEL IP/CIDR library from 4.14 onwards [#1913](https://github.com/openshift/kubernetes/pull/1913) * [OCPBUGS-29662](https://issues.redhat.com/browse/OCPBUGS-29662): Update to kubernetes 1.27.11 [#1890](https://github.com/openshift/kubernetes/pull/1890) * [OCPBUGS-27347](https://issues.redhat.com/browse/OCPBUGS-27347): UPSTREAM: <carry>: Update management webhook pod admission logic [#1855](https://github.com/openshift/kubernetes/pull/1855) * [OCPBUGS-27369](https://issues.redhat.com/browse/OCPBUGS-27369): Update to kubernetes 1.27.10 [#1860](https://github.com/openshift/kubernetes/pull/1860) * [OCPBUGS-25813](https://issues.redhat.com/browse/OCPBUGS-25813): Fix uncertain device in 4.14 [#1830](https://github.com/openshift/kubernetes/pull/1830) * UPSTREAM: 117349: OCPBUGS-19431: Bump lumberjack.v2 v2.0.0 -> v2.2.1 [#1552](https://github.com/openshift/kubernetes/pull/1552) * [OCPBUGS-26006](https://issues.redhat.com/browse/OCPBUGS-26006): Update to Kubernetes 1.27.9 [#1838](https://github.com/openshift/kubernetes/pull/1838) * [OCPBUGS-23566](https://issues.redhat.com/browse/OCPBUGS-23566): followup to #1808 [#1813](https://github.com/openshift/kubernetes/pull/1813) * [OCPBUGS-23566](https://issues.redhat.com/browse/OCPBUGS-23566): Update to kubernetes 1.27.8 [#1808](https://github.com/openshift/kubernetes/pull/1808) * [OCPBUGS-23286](https://issues.redhat.com/browse/OCPBUGS-23286): UPSTREAM: 121881: Use golang library instead of mklink [#1801](https://github.com/openshift/kubernetes/pull/1801) * [OCPBUGS-22861](https://issues.redhat.com/browse/OCPBUGS-22861): UPSTREAM: <carry>: support for both icsp and idms objects [#1780](https://github.com/openshift/kubernetes/pull/1780) * openshift-hack: Fix sporadic 141 errors in build-rpms [#1772](https://github.com/openshift/kubernetes/pull/1772) * [OCPBUGS-20380](https://issues.redhat.com/browse/OCPBUGS-20380): [release-4.14] UPSTREAM: 121127: [1.27][CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 [#1758](https://github.com/openshift/kubernetes/pull/1758) * [OCPBUGS-18249](https://issues.redhat.com/browse/OCPBUGS-18249): <carry>: Export cpu stats of ovs.slice via prometheus [#1699](https://github.com/openshift/kubernetes/pull/1699) * [OCPBUGS-20115](https://issues.redhat.com/browse/OCPBUGS-20115): Do not allow nodes to set forbidden openshift labels [#1736](https://github.com/openshift/kubernetes/pull/1736) * Update builder & base hyperkube image to RHEL 9 [#1727](https://github.com/openshift/kubernetes/pull/1727) * [OCPBUGS-19401](https://issues.redhat.com/browse/OCPBUGS-19401): UPSTREAM: <carry>: vendor: bump cadvisor and runc to 1.1.9 [#1713](https://github.com/openshift/kubernetes/pull/1713) * [OCPBUGS-19952](https://issues.redhat.com/browse/OCPBUGS-19952): UPSTREAM: <carry>: kubelet/cm: use MkdirAll when creating cpuset to ignore file exists error [#1728](https://github.com/openshift/kubernetes/pull/1728) * [OCPBUGS-15531](https://issues.redhat.com/browse/OCPBUGS-15531): UPSTREAM: 120786: change rolling update logic to exclude sunsetting nodes [#1717](https://github.com/openshift/kubernetes/pull/1717) * [OCPBUGS-18285](https://issues.redhat.com/browse/OCPBUGS-18285), [OCPBUGS-19479](https://issues.redhat.com/browse/OCPBUGS-19479): Update to Kubernetes 1.27.6 [#1709](https://github.com/openshift/kubernetes/pull/1709) * [OCPBUGS-18724](https://issues.redhat.com/browse/OCPBUGS-18724): cm: reorder setting of sched_load_balance for sandbox slice [#1693](https://github.com/openshift/kubernetes/pull/1693) * [OCPBUGS-18608](https://issues.redhat.com/browse/OCPBUGS-18608): UPSTREAM: <carry>: Force using host go always and use host libriaries [#1688](https://github.com/openshift/kubernetes/pull/1688) * [OCPBUGS-18149](https://issues.redhat.com/browse/OCPBUGS-18149): UPSTREAM: <carry>: retry etcd Unavailable errors [#1681](https://github.com/openshift/kubernetes/pull/1681) * [OCPBUGS-18149](https://issues.redhat.com/browse/OCPBUGS-18149): UPSTREAM: <carry>: retry etcd Unavailable errors [#1676](https://github.com/openshift/kubernetes/pull/1676) * [OCPBUGS-14301](https://issues.redhat.com/browse/OCPBUGS-14301): UPSTREAM: 117245: Fix TopologyAwareHint not working when zone label is added after Node creation [#1673](https://github.com/openshift/kubernetes/pull/1673) * [OCPBUGS-14301](https://issues.redhat.com/browse/OCPBUGS-14301): UPSTREAM: 117249,118189: fix TopologyCache crashes [#1668](https://github.com/openshift/kubernetes/pull/1668) * [OCPBUGS-7415](https://issues.redhat.com/browse/OCPBUGS-7415): grant user:full scope to self-SARs [#1493](https://github.com/openshift/kubernetes/pull/1493) * UPSTREAM: 118280: Set all PSa labels in tests [#1663](https://github.com/openshift/kubernetes/pull/1663) * [OCPBUGS-17119](https://issues.redhat.com/browse/OCPBUGS-17119): UPSTREAM: <drop>: bump apiserver-library-go for updated required-scc errors [#1661](https://github.com/openshift/kubernetes/pull/1661) * [OCPBUGS-15726](https://issues.redhat.com/browse/OCPBUGS-15726): UPSTREAM: <carry>: merge v3 openapi discovery and specs for special groups [#1654](https://github.com/openshift/kubernetes/pull/1654) * [OCPBUGS-16166](https://issues.redhat.com/browse/OCPBUGS-16166): Update to Kubernetes 1.27.4 [#1660](https://github.com/openshift/kubernetes/pull/1660) * Update to Kubernetes 1.27.4 [#1653](https://github.com/openshift/kubernetes/pull/1653) * [OCPBUGS-15726](https://issues.redhat.com/browse/OCPBUGS-15726): UPSTREAM: 118879: make apiservices.apiregistration.k8s.io discoverabl… [#1630](https://github.com/openshift/kubernetes/pull/1630) * [OCPBUGS-16166](https://issues.redhat.com/browse/OCPBUGS-16166): Update to Kubernetes 1.27.4 [#1645](https://github.com/openshift/kubernetes/pull/1645) * [OCPBUGS-15726](https://issues.redhat.com/browse/OCPBUGS-15726): UPSTREAM: 118881: fix openapi/v3 non local apiservices aggregation [#1629](https://github.com/openshift/kubernetes/pull/1629) * UPSTREAM: <drop>: hack/update-vendor.sh [#1634](https://github.com/openshift/kubernetes/pull/1634) * UPSTREAM: 119107: Stop using deprecated API [#1624](https://github.com/openshift/kubernetes/pull/1624) * [OCPBUGS-13392](https://issues.redhat.com/browse/OCPBUGS-13392): UPSTREAM: 118915: remove legacy NetworkPolicy tests [#1623](https://github.com/openshift/kubernetes/pull/1623) * UPSTREAM: <drop>: update openshift/api,openshift/apiserver-library-go [#1621](https://github.com/openshift/kubernetes/pull/1621) * UPSTREAM: <carry>: when only this kube-apiserver can fulfill the kube… [#1616](https://github.com/openshift/kubernetes/pull/1616) * Update to Kubernetes 1.27.3 [#1609](https://github.com/openshift/kubernetes/pull/1609) * UPSTREAM: <carry>: STOR-1270: Admission plugin to deny deletion of storages.operator.openshift.io [#1550](https://github.com/openshift/kubernetes/pull/1550) * [OCPBUGS-7181](https://issues.redhat.com/browse/OCPBUGS-7181): UPSTREAM: <drop>: bump apiserver-library-go [#1605](https://github.com/openshift/kubernetes/pull/1605) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Add csimock tests [#1595](https://github.com/openshift/kubernetes/pull/1595) * [OCPBUGS-4053](https://issues.redhat.com/browse/OCPBUGS-4053): UPSTREAM: 118383: bump cadvisor for upstream patch 3301 [#1594](https://github.com/openshift/kubernetes/pull/1594) * Update test wrapper to match new k8s [#1584](https://github.com/openshift/kubernetes/pull/1584) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Bump to k8s 1.27.2 [#1583](https://github.com/openshift/kubernetes/pull/1583) * `cherry-pick`: #117785 from `k/k` - disable external IPs on e2e net tests [#1581](https://github.com/openshift/kubernetes/pull/1581) * UPSTREAM: 117893: When expecting pods count only active ones [#1577](https://github.com/openshift/kubernetes/pull/1577) * [OCPBUGS-13854](https://issues.redhat.com/browse/OCPBUGS-13854): UPSTREAM: 117371: kubelet: Don't reference the pod manager interface directly from components [#1578](https://github.com/openshift/kubernetes/pull/1578) * [OCPBUGS-11652](https://issues.redhat.com/browse/OCPBUGS-11652): UPSTREAM: <carry>: Extend NodeLogQuery feature [#1579](https://github.com/openshift/kubernetes/pull/1579) * [OCPBUGS-13148](https://issues.redhat.com/browse/OCPBUGS-13148): kubelet/cm: disable cpu load balancing on slices when using static cpu manager policy [#1573](https://github.com/openshift/kubernetes/pull/1573) * UPSTREAM: <carry>: move test rules from origin [#1574](https://github.com/openshift/kubernetes/pull/1574) * [OCPBUGS-11143](https://issues.redhat.com/browse/OCPBUGS-11143): Azure: move to kube-proxy LB probes, don't detach masters when unready [#1569](https://github.com/openshift/kubernetes/pull/1569) * [OCPBUGS-10048](https://issues.redhat.com/browse/OCPBUGS-10048): UPSTREAM: <carry>: add conditional shutdown response header [#1555](https://github.com/openshift/kubernetes/pull/1555) * [OCPBUGS-2474](https://issues.redhat.com/browse/OCPBUGS-2474): UPSTREAM: 116995: kubelet: Ensure pods that have not started track pendingUpdate [#1561](https://github.com/openshift/kubernetes/pull/1561) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Update to Kubernetes 1.27.1 [#1558](https://github.com/openshift/kubernetes/pull/1558) * [OCPBUGS-10829](https://issues.redhat.com/browse/OCPBUGS-10829): UPSTREAM: 117310: kube-aggregator: correctly use client-go TLS cache with custom dialer [#1548](https://github.com/openshift/kubernetes/pull/1548) * UPSTREAM: <carry>: add shutdown annotation to response header [#1537](https://github.com/openshift/kubernetes/pull/1537) * UPSTREAM: <carry>: OCPNODE-1548,OCPNODE-1584: disable load balancing on created cgroups when managed is enabled [#1518](https://github.com/openshift/kubernetes/pull/1518) * Add wrapper which will allow running o/k tests as external binary in origin [#1485](https://github.com/openshift/kubernetes/pull/1485) * [OCPBUGS-7267](https://issues.redhat.com/browse/OCPBUGS-7267): More fixes to SCC PSa extractor [#1482](https://github.com/openshift/kubernetes/pull/1482) * [OCPBUGS-10048](https://issues.redhat.com/browse/OCPBUGS-10048): UPSTREAM: 115328: apiserver: annotate early (server not ready) and late (during shutdown) requests [#1456](https://github.com/openshift/kubernetes/pull/1456) * [OCPBUGS-8220](https://issues.redhat.com/browse/OCPBUGS-8220): CSI Inline Volume admission plugin does not log object name correctly [#1499](https://github.com/openshift/kubernetes/pull/1499) * [OCPBUGS-8092](https://issues.redhat.com/browse/OCPBUGS-8092): Fix mounted volume expansion tests [#1498](https://github.com/openshift/kubernetes/pull/1498) * UPSTREAM: <carry>: update rebase doc [#1464](https://github.com/openshift/kubernetes/pull/1464) * Bump to k8s 1.26.2 [#1494](https://github.com/openshift/kubernetes/pull/1494) * [Full changelog](https://github.com/openshift/kubernetes/compare/53fd427d5826f19785655e0f8c33642009e0a12b...03a907c6d182353a0e9b83a224a6f0398406f6d5) ### [hypershift](https://github.com/openshift/hypershift/tree/b11c804b44516f34e50344eeb94901936018d9d1) * [OCPBUGS-61176](https://issues.redhat.com/browse/OCPBUGS-61176): Add missing service network DNS entries to KAS cert [#6742](https://github.com/openshift/hypershift/pull/6742) * [OCPBUGS-57321](https://issues.redhat.com/browse/OCPBUGS-57321): Add validation to avoid conflicts between KubeAPIServer and NamedCertificates SANs #6231 [#6252](https://github.com/openshift/hypershift/pull/6252) * [OCPBUGS-55936](https://issues.redhat.com/browse/OCPBUGS-55936): [release-4.14] Add konnectivity-proxy sidecar to openshift-oauth… [#6129](https://github.com/openshift/hypershift/pull/6129) * [CNTRLPLANE-921](https://issues.redhat.com/browse/CNTRLPLANE-921): Konflux build pipeline service account migration [#6080](https://github.com/openshift/hypershift/pull/6080) * [CNTRLPLANE-921](https://issues.redhat.com/browse/CNTRLPLANE-921): Konflux build pipeline service account migration [#6085](https://github.com/openshift/hypershift/pull/6085) * [OCPBUGS-51802](https://issues.redhat.com/browse/OCPBUGS-51802): Fix golang crypto dependency go.mod replacement [#5996](https://github.com/openshift/hypershift/pull/5996) * [OCPBUGS-53899](https://issues.redhat.com/browse/OCPBUGS-53899): bump golang-jwt v4 [#5909](https://github.com/openshift/hypershift/pull/5909) * [OCPBUGS-53433](https://issues.redhat.com/browse/OCPBUGS-53433): Prevent IgnitionServer from flooding the API server with patch requests [#5878](https://github.com/openshift/hypershift/pull/5878) * [OCPBUGS-51731](https://issues.redhat.com/browse/OCPBUGS-51731), [OCPBUGS-51802](https://issues.redhat.com/browse/OCPBUGS-51802): Bump dependencies to OCP fork in backports [#5899](https://github.com/openshift/hypershift/pull/5899) * Red Hat Konflux update control-plane-operator-4-14 [#5953](https://github.com/openshift/hypershift/pull/5953) * [ART-11792](https://issues.redhat.com/browse/ART-11792): update go mod dependency for konflux [#5921](https://github.com/openshift/hypershift/pull/5921) * [OCPBUGS-53314](https://issues.redhat.com/browse/OCPBUGS-53314): Fix IsIPv4 function identifying also addresses instead of CIDRs [#5867](https://github.com/openshift/hypershift/pull/5867) * [OCPBUGS-45559](https://issues.redhat.com/browse/OCPBUGS-45559): Add Network Policies for Konnectivity server and Ignition server proxy [#5816](https://github.com/openshift/hypershift/pull/5816) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.6 [#5730](https://github.com/openshift/hypershift/pull/5730) * NO-JIRA: chore(deps): update dependency mkdocs-material to v9.6.6 [#5725](https://github.com/openshift/hypershift/pull/5725) * chore(deps): update dependency mkdocs-mermaid2-plugin to v0.6.0 [#5687](https://github.com/openshift/hypershift/pull/5687) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.5 [#5681](https://github.com/openshift/hypershift/pull/5681) * NO-JIRA: chore(deps): update dependency mkdocs-material to v9 [#5688](https://github.com/openshift/hypershift/pull/5688) * [OCPBUGS-50700](https://issues.redhat.com/browse/OCPBUGS-50700): add region to AWS creds passed to operators managed by CPO [#5668](https://github.com/openshift/hypershift/pull/5668) * NO-JIRA: Red Hat Konflux update control-plane-operator-4-14 [#5339](https://github.com/openshift/hypershift/pull/5339) * [OCPBUGS-47630](https://issues.redhat.com/browse/OCPBUGS-47630): Separate CPO containerfiles [#5619](https://github.com/openshift/hypershift/pull/5619) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.4 [#5538](https://github.com/openshift/hypershift/pull/5538) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.1 [#5537](https://github.com/openshift/hypershift/pull/5537) * [OCPBUGS-49405](https://issues.redhat.com/browse/OCPBUGS-49405): add ValidIDPConfiguration condition to report IDP config issues [#5520](https://github.com/openshift/hypershift/pull/5520) * NO-JIRA: chore: update konflux references & bump up go version to 1.20 [#5517](https://github.com/openshift/hypershift/pull/5517) * NO-JIRA: Update squidfunk/mkdocs-material Docker tag to v9.5.50 (release-4.14) [#5444](https://github.com/openshift/hypershift/pull/5444) * NO-JIRA: Update dependency mkdocs-material to v8.5.11 (release-4.14) [#5430](https://github.com/openshift/hypershift/pull/5430) * NO-JIRA: [release-4.14] Bump golang.org/x/crypto and golang.org/x/net [#5372](https://github.com/openshift/hypershift/pull/5372) * NO-JIRA: Update dependency mkdocs-glightbox to v0.4.0 (release-4.14) [#5331](https://github.com/openshift/hypershift/pull/5331) * NO-JIRA: Update dependency mkdocs to v1.6.1 (release-4.14) [#5330](https://github.com/openshift/hypershift/pull/5330) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.49 (release-4.14) - abandoned [#5308](https://github.com/openshift/hypershift/pull/5308) * [OCPBUGS-44279](https://issues.redhat.com/browse/OCPBUGS-44279): Configure OAuth https proxy to dial cloud endpoints directly [#5067](https://github.com/openshift/hypershift/pull/5067) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.45 (release-4.14) [#5162](https://github.com/openshift/hypershift/pull/5162) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#5145](https://github.com/openshift/hypershift/pull/5145) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#5121](https://github.com/openshift/hypershift/pull/5121) * NO-JIRA: chore(deps): update registry.access.redhat.com/ubi9-minimal docker tag to v9.5-1731518200 (release-4.14) [#5105](https://github.com/openshift/hypershift/pull/5105) * NO-JIRA: Update Konflux references (release-4.14) [#5100](https://github.com/openshift/hypershift/pull/5100) * chore(deps): update konflux references (release-4.14) [#5076](https://github.com/openshift/hypershift/pull/5076) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#5055](https://github.com/openshift/hypershift/pull/5055) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.44 (release-4.14) [#5056](https://github.com/openshift/hypershift/pull/5056) * NO-JIRA: Update Konflux references to fedcfe0 (release-4.14) [#5043](https://github.com/openshift/hypershift/pull/5043) * chore(deps): update konflux references (release-4.14) [#5026](https://github.com/openshift/hypershift/pull/5026) * chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.43 (release-4.14) [#5021](https://github.com/openshift/hypershift/pull/5021) * chore(deps): update konflux references to f53fe54 (release-4.14) [#5020](https://github.com/openshift/hypershift/pull/5020) * NO-JIRA: Update Konflux references (release-4.14) [#5011](https://github.com/openshift/hypershift/pull/5011) * [OCPBUGS-41701](https://issues.redhat.com/browse/OCPBUGS-41701): cmd: report server version, supported OCP [#4718](https://github.com/openshift/hypershift/pull/4718) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4975](https://github.com/openshift/hypershift/pull/4975) * [OCPBUGS-43688](https://issues.redhat.com/browse/OCPBUGS-43688): Use guest DNS resolution in Konnectivity HTTPS proxy by default [#4964](https://github.com/openshift/hypershift/pull/4964) * chore(deps): update konflux references (release-4.14) [#4953](https://github.com/openshift/hypershift/pull/4953) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.42 (release-4.14) [#4948](https://github.com/openshift/hypershift/pull/4948) * [OCPBUGS-43368](https://issues.redhat.com/browse/OCPBUGS-43368): Let payload generation pick the release for the NodePool [#4913](https://github.com/openshift/hypershift/pull/4913) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4934](https://github.com/openshift/hypershift/pull/4934) * NO-JIRA: chore(deps): update konflux references to 66f551f (release-4.14) [#4924](https://github.com/openshift/hypershift/pull/4924) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.41 (release-4.14) [#4917](https://github.com/openshift/hypershift/pull/4917) * NO-JIRA: chore(deps): update konflux references to 674e70f (release-4.14) [#4910](https://github.com/openshift/hypershift/pull/4910) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4898](https://github.com/openshift/hypershift/pull/4898) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.40 (release-4.14) [#4879](https://github.com/openshift/hypershift/pull/4879) * NO-JIRA: chore(deps): update konflux references to 37b9187 (release-4.14 [#4851](https://github.com/openshift/hypershift/pull/4851) * [OCPBUGS-42533](https://issues.redhat.com/browse/OCPBUGS-42533): enable audit log for oauth-openshift [#4822](https://github.com/openshift/hypershift/pull/4822) * chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker tag to v1.21.13 (release-4.14) [#4794](https://github.com/openshift/hypershift/pull/4794) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.39 (release-4.14) [#4828](https://github.com/openshift/hypershift/pull/4828) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4813](https://github.com/openshift/hypershift/pull/4813) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.38 (release-4.14) [#4805](https://github.com/openshift/hypershift/pull/4805) * NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9 (release-4.14) [#4788](https://github.com/openshift/hypershift/pull/4788) * chore(deps): update registry.access.redhat.com/ubi9-minimal docker tag to v9.4-1227.1726694542 (release-4.14) [#4758](https://github.com/openshift/hypershift/pull/4758) * chore(deps): update squidfunk/mkdocs-material docker tag to v8.5.11 (release-4.14) [#4784](https://github.com/openshift/hypershift/pull/4784) * [OCPBUGS-41374](https://issues.redhat.com/browse/OCPBUGS-41374): CPO oauth idp converter: resolve names before dialing [#4763](https://github.com/openshift/hypershift/pull/4763) * NO-JIRA: chore(deps): update konflux references to 5ac9b24 (release-4.14) [#4783](https://github.com/openshift/hypershift/pull/4783) * chore(deps): update konflux references to 2c3426a (release-4.14) [#4773](https://github.com/openshift/hypershift/pull/4773) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4757](https://github.com/openshift/hypershift/pull/4757) * [OCPBUGS-42221](https://issues.redhat.com/browse/OCPBUGS-42221): Make guest cluster components use the correct KAS port [#4753](https://github.com/openshift/hypershift/pull/4753) * [OCPBUGS-38060](https://issues.redhat.com/browse/OCPBUGS-38060): Add HTTP konnectivity proxy to OAuth server [#4498](https://github.com/openshift/hypershift/pull/4498) * [OCPBUGS-38066](https://issues.redhat.com/browse/OCPBUGS-38066): [release-4.14] Use HTTP proxy for ingress controller [#4724](https://github.com/openshift/hypershift/pull/4724) * NO-JIRA: Security fixes for openshift-ci-security job [#4752](https://github.com/openshift/hypershift/pull/4752) * [OCPBUGS-42184](https://issues.redhat.com/browse/OCPBUGS-42184): copy image-registry AdditionalTrustedCA configmap into HC openshift-config [#4747](https://github.com/openshift/hypershift/pull/4747) * [OCPBUGS-41506](https://issues.redhat.com/browse/OCPBUGS-41506): fix: bump google.golang.org/protobuf [#4687](https://github.com/openshift/hypershift/pull/4687) * [HOSTEDCP-1957](https://issues.redhat.com/browse/HOSTEDCP-1957): bump go-jose version [#4698](https://github.com/openshift/hypershift/pull/4698) * [OCPBUGS-39378](https://issues.redhat.com/browse/OCPBUGS-39378): Set KCM node monitor grace period [#4659](https://github.com/openshift/hypershift/pull/4659) * chore(deps): update konflux references (release-4.14) [#4683](https://github.com/openshift/hypershift/pull/4683) * [OCPBUGS-39183](https://issues.redhat.com/browse/OCPBUGS-39183): fix: bump github.com/IBM/go-sdk-core/v5 [#4626](https://github.com/openshift/hypershift/pull/4626) * NO-JIRA: Add PodDisruptionBudget for router deployment [#4692](https://github.com/openshift/hypershift/pull/4692) * NO-JIRA: Revert "Merge pull request #4661 from jparrill/bp-4.14/OCPBUGS-24308" [#4667](https://github.com/openshift/hypershift/pull/4667) * NO-JIRA: PDB backports [#4661](https://github.com/openshift/hypershift/pull/4661) * NO-JIRA: Konflux migration 4.14 [#4648](https://github.com/openshift/hypershift/pull/4648) * [OCPBUGS-39230](https://issues.redhat.com/browse/OCPBUGS-39230): set proxy envvars on aws CCM [#4638](https://github.com/openshift/hypershift/pull/4638) * [OCPBUGS-38791](https://issues.redhat.com/browse/OCPBUGS-38791): Let the CPO oidc check resolve through data plane [#4617](https://github.com/openshift/hypershift/pull/4617) * NO-JIRA: Flaky cert validation test [#4633](https://github.com/openshift/hypershift/pull/4633) * [HOSTEDCP-1897](https://issues.redhat.com/browse/HOSTEDCP-1897): [release-4.14] Allow setting Kube APIServer maximum requests in flight [#4553](https://github.com/openshift/hypershift/pull/4553) * [OCPBUGS-37076](https://issues.redhat.com/browse/OCPBUGS-37076): Fixed audit-logs sigterm failing to terminate gracefully [#4369](https://github.com/openshift/hypershift/pull/4369) * [OCPBUGS-38624](https://issues.redhat.com/browse/OCPBUGS-38624): remove weak ciphers from security profile [#4575](https://github.com/openshift/hypershift/pull/4575) * [OCPBUGS-37173](https://issues.redhat.com/browse/OCPBUGS-37173): Add newline after TLS certs referenced by image.config [#4471](https://github.com/openshift/hypershift/pull/4471) * [OCPBUGS-37172](https://issues.redhat.com/browse/OCPBUGS-37172): OCPBUGS-35899: Doubled machineHealthCheck timeout on Agent and None [#4490](https://github.com/openshift/hypershift/pull/4490) * [OCPBUGS-36944](https://issues.redhat.com/browse/OCPBUGS-36944): [release-4.14] Add HTTP(s) konnectivity proxy and use it with OpenShift APIServer [#4360](https://github.com/openshift/hypershift/pull/4360) * [HOSTEDCP-1795](https://issues.redhat.com/browse/HOSTEDCP-1795), [HOSTEDCP-1796](https://issues.redhat.com/browse/HOSTEDCP-1796): Customize the self-generated cert validity and rotation [#4473](https://github.com/openshift/hypershift/pull/4473) * [OCPBUGS-37175](https://issues.redhat.com/browse/OCPBUGS-37175): Delete IDMS in dataplane once HCP ICS field is removed [#4472](https://github.com/openshift/hypershift/pull/4472) * NO-JIRA: Konflux mce-2.4 pipeline fixes [#4464](https://github.com/openshift/hypershift/pull/4464) * NO-JIRA: [release-4.14] OCPBUGS-36297: kubevirt-csi-driver: Pass infra kubeconfig in case of external infra [#4288](https://github.com/openshift/hypershift/pull/4288) * NO-JIRA: [release-4.14] test/e2e: remove api budget checks [#4438](https://github.com/openshift/hypershift/pull/4438) * NO-JIRA: chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker tag to v1.21.11-2 (release-4.14) - abandoned [#4363](https://github.com/openshift/hypershift/pull/4363) * NO-JIRA: Update registry.access.redhat.com/ubi9/go-toolset Docker tag to v1.21.10-1.1719562237 (release-4.14) - abandoned [#4326](https://github.com/openshift/hypershift/pull/4326) * NO-JIRA: Update registry.access.redhat.com/ubi9-minimal Docker tag to v9.4-1134 (release-4.14) - abandoned [#4325](https://github.com/openshift/hypershift/pull/4325) * [OCPBUGS-36518](https://issues.redhat.com/browse/OCPBUGS-36518): Run haproxy to connect to kas from data plane if noproxy settings contain kas [#4315](https://github.com/openshift/hypershift/pull/4315) * [OCPBUGS-36159](https://issues.redhat.com/browse/OCPBUGS-36159): Generate default worker security group rules based on machineCIDR [#4270](https://github.com/openshift/hypershift/pull/4270) * [OCPBUGS-35549](https://issues.redhat.com/browse/OCPBUGS-35549): Restrict image registry overrides to control plane component [#4223](https://github.com/openshift/hypershift/pull/4223) * [OCPBUGS-35365](https://issues.redhat.com/browse/OCPBUGS-35365): fix router on 4.14 y-stream upgrade [#4205](https://github.com/openshift/hypershift/pull/4205) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4257](https://github.com/openshift/hypershift/pull/4257) * [OCPBUGS-35401](https://issues.redhat.com/browse/OCPBUGS-35401): Fix disconnected metadata inspection for nodepool [#4208](https://github.com/openshift/hypershift/pull/4208) * [OCPBUGS-35482](https://issues.redhat.com/browse/OCPBUGS-35482): Add TrustedBundles to OAS container [#4216](https://github.com/openshift/hypershift/pull/4216) * [OCPBUGS-35290](https://issues.redhat.com/browse/OCPBUGS-35290): [release-4.14] Backport etcd defrag [#4189](https://github.com/openshift/hypershift/pull/4189) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4248](https://github.com/openshift/hypershift/pull/4248) * [OCPBUGS-35183](https://issues.redhat.com/browse/OCPBUGS-35183): add AWS STS URL to OIDC provider audiences [#4179](https://github.com/openshift/hypershift/pull/4179) * NO-JIRA: hack: make the e2e script generic [#4201](https://github.com/openshift/hypershift/pull/4201) * chore(deps): update konflux references to 2be7c9c (release-4.14) [#4225](https://github.com/openshift/hypershift/pull/4225) * NO-JIRA: Update Konflux references to 1025001 (release-4.14) [#4181](https://github.com/openshift/hypershift/pull/4181) * NO-JIRA: chore(deps): update konflux references (release-4.14) [#4168](https://github.com/openshift/hypershift/pull/4168) * [OCPBUGS-34856](https://issues.redhat.com/browse/OCPBUGS-34856): [release-4.14] OCPBUGS-34855: Add new permission required in CAPA [#4149](https://github.com/openshift/hypershift/pull/4149) * NO-JIRA: test/e2e: fix prometheus serviceaccount handling against 4.16+ [#4159](https://github.com/openshift/hypershift/pull/4159) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#4112](https://github.com/openshift/hypershift/pull/4112) * NO-JIRA: chore(deps): update rhtap references to 9aec3ae (release-4.14) [#4073](https://github.com/openshift/hypershift/pull/4073) * NO-JIRA: Remove CLI inspection of release image [#4061](https://github.com/openshift/hypershift/pull/4061) * [OCPBUGS-33713](https://issues.redhat.com/browse/OCPBUGS-33713): Reconcile over ICSP/IDMS [#4059](https://github.com/openshift/hypershift/pull/4059) * NO-JIRA: chore(deps): update rhtap references to 7cd8020 (release-4.14) [#4065](https://github.com/openshift/hypershift/pull/4065) * [OCPBUGS-33844](https://issues.redhat.com/browse/OCPBUGS-33844): Fix disconnected metadata inspection [#4049](https://github.com/openshift/hypershift/pull/4049) * [OCPBUGS-33843](https://issues.redhat.com/browse/OCPBUGS-33843): Recycler-pod image now points to the OCP Payload reference [#4048](https://github.com/openshift/hypershift/pull/4048) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#4040](https://github.com/openshift/hypershift/pull/4040) * [HOSTEDCP-1480](https://issues.redhat.com/browse/HOSTEDCP-1480): Update TLS cert hash creation with sha512 [#4025](https://github.com/openshift/hypershift/pull/4025) * NO-JIRA: Update RHTAP references (release-4.14) [#3995](https://github.com/openshift/hypershift/pull/3995) * [HOSTEDCP-1552](https://issues.redhat.com/browse/HOSTEDCP-1552): Update RHTAP tekton files for 0.3 -> 0.4 migration [#3958](https://github.com/openshift/hypershift/pull/3958) * [OCPBUGS-33105](https://issues.redhat.com/browse/OCPBUGS-33105): [release-4.14] remove PrivateIngressController cleanup [#3960](https://github.com/openshift/hypershift/pull/3960) * [OCPBUGS-32471](https://issues.redhat.com/browse/OCPBUGS-32471): Fix ICSP and IDMS inclusion as registriesOverrides [#3912](https://github.com/openshift/hypershift/pull/3912) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3920](https://github.com/openshift/hypershift/pull/3920) * [OCPBUGS-32221](https://issues.redhat.com/browse/OCPBUGS-32221): Added support for OLM Disable default sources on HC creation [#3882](https://github.com/openshift/hypershift/pull/3882) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3903](https://github.com/openshift/hypershift/pull/3903) * NO-JIRA: [4.14] [e2e test framework] Add a flag to add an annotation to Hosted Cluster [#3905](https://github.com/openshift/hypershift/pull/3905) * [HOSTEDCP-1526](https://issues.redhat.com/browse/HOSTEDCP-1526): [release-4.14] Support additional node selectors for request serving nodes [#3898](https://github.com/openshift/hypershift/pull/3898) * chore(deps): update rhtap references (release-4.14) [#3888](https://github.com/openshift/hypershift/pull/3888) * NO-JIRA: Update RHTAP references (release-4.14) [#3874](https://github.com/openshift/hypershift/pull/3874) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3869](https://github.com/openshift/hypershift/pull/3869) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3858](https://github.com/openshift/hypershift/pull/3858) * NO-JIRA: Update RHTAP references (release-4.14) [#3836](https://github.com/openshift/hypershift/pull/3836) * [OCPBUGS-31657](https://issues.redhat.com/browse/OCPBUGS-31657): disable http2 for ignition server and proxy [#3831](https://github.com/openshift/hypershift/pull/3831) * [OCPBUGS-31605](https://issues.redhat.com/browse/OCPBUGS-31605): inject built-in MCP selector for KubeletConfigs and ContainerRuntimeConfigs [#3826](https://github.com/openshift/hypershift/pull/3826) * [HOSTEDCP-1322](https://issues.redhat.com/browse/HOSTEDCP-1322): NodeUpgradeType defaulted by provider [#3822](https://github.com/openshift/hypershift/pull/3822) * NO-JIRA: Update RHTAP references (release-4.14) [#3813](https://github.com/openshift/hypershift/pull/3813) * [OCPBUGS-31417](https://issues.redhat.com/browse/OCPBUGS-31417): honor HC image configuration [#3806](https://github.com/openshift/hypershift/pull/3806) * [OCPBUGS-23914](https://issues.redhat.com/browse/OCPBUGS-23914): Added OLMCatalogPlacement option to the CLI [#3229](https://github.com/openshift/hypershift/pull/3229) * [OCPBUGS-30211](https://issues.redhat.com/browse/OCPBUGS-30211): set Konnectivity cipher suites [#3679](https://github.com/openshift/hypershift/pull/3679) * chore(deps): update rhtap references (release-4.14) [#3792](https://github.com/openshift/hypershift/pull/3792) * [OCPBUGS-31048](https://issues.redhat.com/browse/OCPBUGS-31048): [4.15] HCP deletion can get stuck if CPO is unable to delete the default worker security group [#3771](https://github.com/openshift/hypershift/pull/3771) * [HOSTEDCP-1488](https://issues.redhat.com/browse/HOSTEDCP-1488): Use regionalized STS endpoints in AWS [#3756](https://github.com/openshift/hypershift/pull/3756) * NO-JIRA: Update RHTAP references (release-4.14) [#3755](https://github.com/openshift/hypershift/pull/3755) * chore(deps): update rhtap references (release-4.14) [#3739](https://github.com/openshift/hypershift/pull/3739) * [OCPBUGS-30596](https://issues.redhat.com/browse/OCPBUGS-30596): Bump golang.org/x/net to version v0.17.0 [#3711](https://github.com/openshift/hypershift/pull/3711) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3706](https://github.com/openshift/hypershift/pull/3706) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3676](https://github.com/openshift/hypershift/pull/3676) * NO-JIRA: Update RHTAP references (release-4.14) [#3672](https://github.com/openshift/hypershift/pull/3672) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3651](https://github.com/openshift/hypershift/pull/3651) * [OCPBUGS-29782](https://issues.redhat.com/browse/OCPBUGS-29782): use 2040 for apiserver svc in IBM provider [#3594](https://github.com/openshift/hypershift/pull/3594) * "[release-4.14] OCPBUGS-29259: Fix default release image lookup" [#3550](https://github.com/openshift/hypershift/pull/3550) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3620](https://github.com/openshift/hypershift/pull/3620) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3625](https://github.com/openshift/hypershift/pull/3625) * [OCPBUGS-29094](https://issues.redhat.com/browse/OCPBUGS-29094): Make ControllerAvailabilityPolicy immutable [#3534](https://github.com/openshift/hypershift/pull/3534) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3604](https://github.com/openshift/hypershift/pull/3604) * NO-JIRA: Update RHTAP references (release-4.14) [#3591](https://github.com/openshift/hypershift/pull/3591) * NO-JIRA: Update RHTAP references (release-4.14) [#3519](https://github.com/openshift/hypershift/pull/3519) * NO-JIRA: Approvers update [#3580](https://github.com/openshift/hypershift/pull/3580) * [MULTIARCH-4084](https://issues.redhat.com/browse/MULTIARCH-4084): Reduce the policy access scope to specific instance [#3530](https://github.com/openshift/hypershift/pull/3530) * [OCPBUGS-29206](https://issues.redhat.com/browse/OCPBUGS-29206): Add GC knobs for KAS [#3543](https://github.com/openshift/hypershift/pull/3543) * [OCPBUGS-29187](https://issues.redhat.com/browse/OCPBUGS-29187): node spread anti-affinity for HA HCP [#3541](https://github.com/openshift/hypershift/pull/3541) * [OCPBUGS-19956](https://issues.redhat.com/browse/OCPBUGS-19956), [OCPBUGS-28984](https://issues.redhat.com/browse/OCPBUGS-28984), [OCPBUGS-28985](https://issues.redhat.com/browse/OCPBUGS-28985), [OCPBUGS-28986](https://issues.redhat.com/browse/OCPBUGS-28986), [OCPBUGS-29000](https://issues.redhat.com/browse/OCPBUGS-29000): Support Disconnected HCP [#3520](https://github.com/openshift/hypershift/pull/3520) * [OCPBUGS-29030](https://issues.redhat.com/browse/OCPBUGS-29030): Add ValidatingAdmissionPolicy to KAS config [#3524](https://github.com/openshift/hypershift/pull/3524) * [HOSTEDCP-1272](https://issues.redhat.com/browse/HOSTEDCP-1272): Added CLI support to create DualStack clusters using default values [#3514](https://github.com/openshift/hypershift/pull/3514) * [OCPBUGS-28238](https://issues.redhat.com/browse/OCPBUGS-28238): consider HCP upgradeable if CVO has no upgradable condition [#3468](https://github.com/openshift/hypershift/pull/3468) * [OCPBUGS-26526](https://issues.redhat.com/browse/OCPBUGS-26526): Documented to disable UWM telemetry writer in disconnected envs [#3389](https://github.com/openshift/hypershift/pull/3389) * [OCPBUGS-26526](https://issues.redhat.com/browse/OCPBUGS-26526): Disable UWM Telemetry writer when telemeter-client cm not exists [#3388](https://github.com/openshift/hypershift/pull/3388) * [OCPBUGS-27072](https://issues.redhat.com/browse/OCPBUGS-27072): Apply Scheduling Configuration for kCCM [#3418](https://github.com/openshift/hypershift/pull/3418) * NO-JIRA: Update RHTAP references (release-4.14) [#3509](https://github.com/openshift/hypershift/pull/3509) * [OCPBUGS-20180](https://issues.redhat.com/browse/OCPBUGS-20180), [OCPBUGS-20547](https://issues.redhat.com/browse/OCPBUGS-20547): Added network validations [#3096](https://github.com/openshift/hypershift/pull/3096) * [OCPBUGS-23997](https://issues.redhat.com/browse/OCPBUGS-23997): add watch for HCP pullsecret to HCCO [#3265](https://github.com/openshift/hypershift/pull/3265) * [OCPBUGS-28249](https://issues.redhat.com/browse/OCPBUGS-28249): Required RBAC for network-node-identity is not created when hosted cluster networkType is set to Other. [#3485](https://github.com/openshift/hypershift/pull/3485) * NO-JIRA: Update RHTAP references (release-4.14) [#3447](https://github.com/openshift/hypershift/pull/3447) * [OCPBUGS-24315](https://issues.redhat.com/browse/OCPBUGS-24315): Add prestop to konnectiviy server [#3268](https://github.com/openshift/hypershift/pull/3268) * [OCPBUGS-24307](https://issues.redhat.com/browse/OCPBUGS-24307): Set shutdown-delay-duration to 15s [#3264](https://github.com/openshift/hypershift/pull/3264) * [OCPBUGS-21795](https://issues.redhat.com/browse/OCPBUGS-21795): change trusted bundle volume mount for CPO [#3102](https://github.com/openshift/hypershift/pull/3102) * [OCPBUGS-25217](https://issues.redhat.com/browse/OCPBUGS-25217): Konnectivity agent update strategy [#3308](https://github.com/openshift/hypershift/pull/3308) * [OCPBUGS-26574](https://issues.redhat.com/browse/OCPBUGS-26574): Set new condition on SG deletion. [#3398](https://github.com/openshift/hypershift/pull/3398) * Update RHTAP references (release-4.14) [#3402](https://github.com/openshift/hypershift/pull/3402) * Update RHTAP references (release-4.14) [#3383](https://github.com/openshift/hypershift/pull/3383) * [OCPBUGS-22360](https://issues.redhat.com/browse/OCPBUGS-22360): Validate accessTokenInactivityTimeout >= 300s [#3175](https://github.com/openshift/hypershift/pull/3175) * [OCPBUGS-23936](https://issues.redhat.com/browse/OCPBUGS-23936): Use correct kubeconfig in CCM and remove CCMs access t… [#3232](https://github.com/openshift/hypershift/pull/3232) * [OCPBUGS-12720](https://issues.redhat.com/browse/OCPBUGS-12720): Updating hypershift images to be consistent with ART [#2467](https://github.com/openshift/hypershift/pull/2467) * [OCPBUGS-24627](https://issues.redhat.com/browse/OCPBUGS-24627): unset ServiceAccount on ignition-server-proxy [#3295](https://github.com/openshift/hypershift/pull/3295) * [Release 4.14] OCPBUGS-24556: Fix a bug on deletion of a hostedcluster [#3290](https://github.com/openshift/hypershift/pull/3290) * [OCPBUGS-24269](https://issues.redhat.com/browse/OCPBUGS-24269): add CLI oauthclient [#3272](https://github.com/openshift/hypershift/pull/3272) * [OCPBUGS-23569](https://issues.redhat.com/browse/OCPBUGS-23569): Added IPFamilyPolicy to services exposed at the HCP in DualStack mode [#3224](https://github.com/openshift/hypershift/pull/3224) * [HOSTEDCP-1318](https://issues.redhat.com/browse/HOSTEDCP-1318): external OIDC enablement [#3261](https://github.com/openshift/hypershift/pull/3261) * [OCPBUGS-23747](https://issues.redhat.com/browse/OCPBUGS-23747): Added brackets to IPv6 KAS address on kubeconfig [#3228](https://github.com/openshift/hypershift/pull/3228) * [OCPBUGS-24063](https://issues.redhat.com/browse/OCPBUGS-24063): fix(cpo): Set restart annotation on network-node-identity [#3248](https://github.com/openshift/hypershift/pull/3248) * release-4.14, HOSTEDCP-1315: Improve NodePool CPU arch & platform check [#3236](https://github.com/openshift/hypershift/pull/3236) * [OCPBUGS-22676](https://issues.redhat.com/browse/OCPBUGS-22676): Make the OLMCatalogPlacement field immutable [#3143](https://github.com/openshift/hypershift/pull/3143) * [OCPBUGS-23558](https://issues.redhat.com/browse/OCPBUGS-23558): Let router use svc ips 4.14 [#3221](https://github.com/openshift/hypershift/pull/3221) * [OCPBUGS-19678](https://issues.redhat.com/browse/OCPBUGS-19678): Remove cluster name validation from HCC [#3040](https://github.com/openshift/hypershift/pull/3040) * "[release-4.14] CNV-35326: unsupported escape hatch mechanism custom HS/KV vms" [#3202](https://github.com/openshift/hypershift/pull/3202) * [OCPBUGS-23027](https://issues.redhat.com/browse/OCPBUGS-23027): Configure HSTS for kube-apiserver [#3169](https://github.com/openshift/hypershift/pull/3169) * NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3085](https://github.com/openshift/hypershift/pull/3085) * [OCPBUGS-23142](https://issues.redhat.com/browse/OCPBUGS-23142): adding permission to CNO RBAC Calico path for network-node-identity deploy [#3182](https://github.com/openshift/hypershift/pull/3182) * [OCPBUGS-22295](https://issues.redhat.com/browse/OCPBUGS-22295): Added brackets to the kubeconfig server address when IPv6 [#3117](https://github.com/openshift/hypershift/pull/3117) * [OCPBUGS-22690](https://issues.redhat.com/browse/OCPBUGS-22690): Use the same etcd snapshot for all replicas during etcd restore [#3146](https://github.com/openshift/hypershift/pull/3146) * [OCPBUGS-22959](https://issues.redhat.com/browse/OCPBUGS-22959): Update regex validation for nodepool.spec.taints.value [#3165](https://github.com/openshift/hypershift/pull/3165) * [HOSTEDCP-1280](https://issues.redhat.com/browse/HOSTEDCP-1280): Adjustment cluster-cidr,service-cidr to support dualstack [#3162](https://github.com/openshift/hypershift/pull/3162) * [OCPBUGS-22898](https://issues.redhat.com/browse/OCPBUGS-22898): Stop exposing kas on 6443 private route service load balancer [#3159](https://github.com/openshift/hypershift/pull/3159) * [OCPBUGS-22898](https://issues.redhat.com/browse/OCPBUGS-22898): Stop defaulting aws private haproxy external port to 6443 [#3160](https://github.com/openshift/hypershift/pull/3160) * [OCPBUGS-19897](https://issues.redhat.com/browse/OCPBUGS-19897): Add konnectivity-proxy container to CNO [#3058](https://github.com/openshift/hypershift/pull/3058) * [OCPBUGS-22379](https://issues.redhat.com/browse/OCPBUGS-22379): Cluster-policy-controller: add missing RBAC for privileged namespaces PSA syncer controller [#3131](https://github.com/openshift/hypershift/pull/3131) * [OCPBUGS-20526](https://issues.redhat.com/browse/OCPBUGS-20526): Align PSA labels on guest cluster namespaces with standalone OCP [#3111](https://github.com/openshift/hypershift/pull/3111) * [OCPBUGS-21869](https://issues.redhat.com/browse/OCPBUGS-21869): Remove EnsurePSANotPrivileged [#3107](https://github.com/openshift/hypershift/pull/3107) * [OCPBUGS-21822](https://issues.redhat.com/browse/OCPBUGS-21822): Add ign proxy label selector for LabelTopologyZone PodAntiAffinity [#3105](https://github.com/openshift/hypershift/pull/3105) * [OCPBUGS-21587](https://issues.redhat.com/browse/OCPBUGS-21587): change required pod anti-affinity rule to preferred rule [#3098](https://github.com/openshift/hypershift/pull/3098) * [OCPBUGS-19794](https://issues.redhat.com/browse/OCPBUGS-19794): Upgrade Agent APIs to v1beta1 [#3059](https://github.com/openshift/hypershift/pull/3059) * [OCPBUGS-19797](https://issues.redhat.com/browse/OCPBUGS-19797): reconcile Authentication global config [#3053](https://github.com/openshift/hypershift/pull/3053) * [OCPBUGS-19794](https://issues.redhat.com/browse/OCPBUGS-19794): Upgrade agent APIs to v1beta1 [#3051](https://github.com/openshift/hypershift/pull/3051) * [OCPBUGS-20249](https://issues.redhat.com/browse/OCPBUGS-20249): Set KAS config pod security Enforce to privileged [#3083](https://github.com/openshift/hypershift/pull/3083) * [OCPBUGS-20163](https://issues.redhat.com/browse/OCPBUGS-20163): Report correct port when API exposed via route [#3078](https://github.com/openshift/hypershift/pull/3078) * [OCPBUGS-19796](https://issues.redhat.com/browse/OCPBUGS-19796): set accesstoken-inactivity-timeout flag to openshift-oauth-apiserver [#3052](https://github.com/openshift/hypershift/pull/3052) * Update RHTAP references (release-4.14) [#3060](https://github.com/openshift/hypershift/pull/3060) * Migrate deprecated-base-image-check pipeline [#3057](https://github.com/openshift/hypershift/pull/3057) * chore(deps): update rhtap references (release-4.14) [#2752](https://github.com/openshift/hypershift/pull/2752) * Update kubevirt csi driver deployment with proper timeouts [#3046](https://github.com/openshift/hypershift/pull/3046) * [OCPBUGS-19463](https://issues.redhat.com/browse/OCPBUGS-19463): set default deploymentconfig params on AWS CCM [#3029](https://github.com/openshift/hypershift/pull/3029) * [ACM-7278](https://issues.redhat.com/browse/ACM-7278): Remove marking pull secret as required in hcp cli [#3023](https://github.com/openshift/hypershift/pull/3023) * [OCPBUGS-18978](https://issues.redhat.com/browse/OCPBUGS-18978): add KAS endpoints to Except in router egress rule [#3010](https://github.com/openshift/hypershift/pull/3010) * [CNV-31919](https://issues.redhat.com/browse/CNV-31919): Validate KubeVirt platform required versioning [#3026](https://github.com/openshift/hypershift/pull/3026) * [OCPBUGS-19063](https://issues.redhat.com/browse/OCPBUGS-19063): amend OLM catalogs ImageStream according to annotation [#3016](https://github.com/openshift/hypershift/pull/3016) * enable CGO_ENABLED for building FIPS compliant images [#3006](https://github.com/openshift/hypershift/pull/3006) * [OCPBUGS-18828](https://issues.redhat.com/browse/OCPBUGS-18828): tuned DS should not use controlPlaneReleaseImage [#3005](https://github.com/openshift/hypershift/pull/3005) * Red Hat Trusted App Pipeline update hypershift-release-414 [#2639](https://github.com/openshift/hypershift/pull/2639) * [HOSTEDCP-1185](https://issues.redhat.com/browse/HOSTEDCP-1185): Add flag to create a single NAT gateway [#2984](https://github.com/openshift/hypershift/pull/2984) * Dump kubevirt external infra clusters [#2992](https://github.com/openshift/hypershift/pull/2992) * [OCPBUGS-18568](https://issues.redhat.com/browse/OCPBUGS-18568): Use MCO and CCO image references when looking up mappings [#2985](https://github.com/openshift/hypershift/pull/2985) * [HOSTEDCP-591](https://issues.redhat.com/browse/HOSTEDCP-591): Amend OLM catalog IS according to OpenShiftImageRegistryOverrides [#2947](https://github.com/openshift/hypershift/pull/2947) * e2e: skip CNO pod restart check [#2986](https://github.com/openshift/hypershift/pull/2986) * [HOSTEDCP-1133](https://issues.redhat.com/browse/HOSTEDCP-1133): Signal NodePool rolling upgrade because of platform changes [#2973](https://github.com/openshift/hypershift/pull/2973) * [OCPBUGS-18127](https://issues.redhat.com/browse/OCPBUGS-18127): Enable caching of Unstructured Objects in HO [#2988](https://github.com/openshift/hypershift/pull/2988) * e2e: run Ensure functions after Main part of test [#2983](https://github.com/openshift/hypershift/pull/2983) * [OCPBUGS-18127](https://issues.redhat.com/browse/OCPBUGS-18127): Ensure machineTemplate name length respects RFC1123 spec [#2975](https://github.com/openshift/hypershift/pull/2975) * [ACM-6435](https://issues.redhat.com/browse/ACM-6435): add pausedUntil create cluster option in CLI [#2965](https://github.com/openshift/hypershift/pull/2965) * [OCPBUGS-7840](https://issues.redhat.com/browse/OCPBUGS-7840): Untangle kas port [#2964](https://github.com/openshift/hypershift/pull/2964) * [OCPBUGS-18399](https://issues.redhat.com/browse/OCPBUGS-18399): Preserve mirror order when serializing ICSP to env [#2977](https://github.com/openshift/hypershift/pull/2977) * [OCPBUGS-18336](https://issues.redhat.com/browse/OCPBUGS-18336): make konnectivity routes roundrobin [#2971](https://github.com/openshift/hypershift/pull/2971) * Use the correct pull secret for HCP KubeVirt components [#2919](https://github.com/openshift/hypershift/pull/2919) * Disable nto inplace test for kubevirt [#2980](https://github.com/openshift/hypershift/pull/2980) * [OCPBUGS-18438](https://issues.redhat.com/browse/OCPBUGS-18438): Properly format IPv6 address when proxying it through Konnectivity [#2969](https://github.com/openshift/hypershift/pull/2969) * [OCPBUGS-18127](https://issues.redhat.com/browse/OCPBUGS-18127): Trigger a rolling upgrade on NodePool .spec.platfrom changes [#2956](https://github.com/openshift/hypershift/pull/2956) * [HOSTEDCP-1156](https://issues.redhat.com/browse/HOSTEDCP-1156): Add defaulting webhook to installation and notes [#2922](https://github.com/openshift/hypershift/pull/2922) * [HOSTEDCP-979](https://issues.redhat.com/browse/HOSTEDCP-979): Re-enable nodepool in-place upgrade tests [#2960](https://github.com/openshift/hypershift/pull/2960) * Add a default value (32Gi) for nodepool in `create nodepool kubevirt` command [#2940](https://github.com/openshift/hypershift/pull/2940) * [OCPBUGS-16221](https://issues.redhat.com/browse/OCPBUGS-16221): Adds trust bundle to ignition-server when configured in HC [#2819](https://github.com/openshift/hypershift/pull/2819) * Avoid creating tar archive if --archive-dump=false [#2963](https://github.com/openshift/hypershift/pull/2963) * OCPBUGS-3873 adding rbac for UserOAuthAccessToken [#2962](https://github.com/openshift/hypershift/pull/2962) * HOSTEDCP-1178 fix limited support label key [#2958](https://github.com/openshift/hypershift/pull/2958) * [OCPBUGS-18065](https://issues.redhat.com/browse/OCPBUGS-18065): enable aws-pod-identity-webhook on AWS [#2957](https://github.com/openshift/hypershift/pull/2957) * [OCPBUGS-18308](https://issues.redhat.com/browse/OCPBUGS-18308): Do not use mgmt cluster ICSP to mutate CCO image in KAS pod [#2966](https://github.com/openshift/hypershift/pull/2966) * [OCPBUGS-18266](https://issues.redhat.com/browse/OCPBUGS-18266): fix Progressing condition when ControlPlaneRelease is set [#2959](https://github.com/openshift/hypershift/pull/2959) * fix(ho): Restore match label selector behavior [#2951](https://github.com/openshift/hypershift/pull/2951) * [OCPBUGS-18072](https://issues.redhat.com/browse/OCPBUGS-18072): Set emptyDir storage for the image registry only on initial time for None and Kubevirt platform [#2895](https://github.com/openshift/hypershift/pull/2895) * [OCPBUGS-18024](https://issues.redhat.com/browse/OCPBUGS-18024): Set Arch to amd64 for HCP NodePool Create [#2941](https://github.com/openshift/hypershift/pull/2941) * chore(deps): update rhtap references (main) [#2920](https://github.com/openshift/hypershift/pull/2920) * [OCPBUGS-16813](https://issues.redhat.com/browse/OCPBUGS-16813): switch konnectivity-server to additional container in KAS pods [#2942](https://github.com/openshift/hypershift/pull/2942) * Updating hostedcluster controller to stop using deprecated flags [#2946](https://github.com/openshift/hypershift/pull/2946) * [OCPBUGS-17827](https://issues.redhat.com/browse/OCPBUGS-17827): e2e: remove private-router from NeedManagementKASAccessLabel allowlist [#2939](https://github.com/openshift/hypershift/pull/2939) * [MULTIARCH-3709](https://issues.redhat.com/browse/MULTIARCH-3709): PowerVS - Add reuse resource flags to e2e test [#2902](https://github.com/openshift/hypershift/pull/2902) * [MULTIARCH-3478](https://issues.redhat.com/browse/MULTIARCH-3478): Minor bug fix on PowerVS infra [#2451](https://github.com/openshift/hypershift/pull/2451) * [OCPBUGS-18069](https://issues.redhat.com/browse/OCPBUGS-18069): Ensure load balancers are not exist before declaring load balancers are cleaned up [#2887](https://github.com/openshift/hypershift/pull/2887) * [MULTIARCH-3708](https://issues.redhat.com/browse/MULTIARCH-3708): PowerVS - Fix cluster deletion when existing resources passed [#2867](https://github.com/openshift/hypershift/pull/2867) * [MGMT-15368](https://issues.redhat.com/browse/MGMT-15368): Document scaling down NodePools [#2944](https://github.com/openshift/hypershift/pull/2944) * [OCPBUGS-13348](https://issues.redhat.com/browse/OCPBUGS-13348): Hypershift Audit configuration not working. [#2945](https://github.com/openshift/hypershift/pull/2945) * [TRT-1202](https://issues.redhat.com/browse/TRT-1202): set SkipReleaseImageValidation annotation properly on e2e clusters [#2943](https://github.com/openshift/hypershift/pull/2943) * [OCPBUGS-17678](https://issues.redhat.com/browse/OCPBUGS-17678): Reconcile cloud credentials configuration to hosted cluster [#2937](https://github.com/openshift/hypershift/pull/2937) * Add e2e test for etcd member recovery [#2930](https://github.com/openshift/hypershift/pull/2930) * [OCPBUGS-17827](https://issues.redhat.com/browse/OCPBUGS-17827): remove NeedManagementKASAccessLabel from router pods [#2934](https://github.com/openshift/hypershift/pull/2934) * [OCPBUGS-17985](https://issues.redhat.com/browse/OCPBUGS-17985): Handle empty mirrorImage result for ignition disconnected registry [#2935](https://github.com/openshift/hypershift/pull/2935) * [OCPBUGS-17827](https://issues.redhat.com/browse/OCPBUGS-17827): e2e: refactor checkPodsHaveLabel to be allowlist rather than exact match [#2928](https://github.com/openshift/hypershift/pull/2928) * [OCPBUGS-16813](https://issues.redhat.com/browse/OCPBUGS-16813): do not hardcode ignition-server-proxy replicas [#2933](https://github.com/openshift/hypershift/pull/2933) * fix(ho): Restore match label selector behavior [#2893](https://github.com/openshift/hypershift/pull/2893) * [TRT-1202](https://issues.redhat.com/browse/TRT-1202): add annotation to skip release image validation [#2929](https://github.com/openshift/hypershift/pull/2929) * [OCPBUGS-17812](https://issues.redhat.com/browse/OCPBUGS-17812): Update Etcd health check to mirror standalone etcd [#2918](https://github.com/openshift/hypershift/pull/2918) * [STOR-1443](https://issues.redhat.com/browse/STOR-1443): Sync `05_operator_role-hypershift.yaml` manifest from cluster-csi-snapsht-controller-operator [#2915](https://github.com/openshift/hypershift/pull/2915) * [HOSTEDCP-1065](https://issues.redhat.com/browse/HOSTEDCP-1065): CNO deployed hosted-cluster-kubecfg-setup initContainers use CPR image [#2917](https://github.com/openshift/hypershift/pull/2917) * [HOSTEDCP-1001](https://issues.redhat.com/browse/HOSTEDCP-1001): Image registryOverride included in the image metadata extraction flow [#2909](https://github.com/openshift/hypershift/pull/2909) * [OCPBUGS-17669](https://issues.redhat.com/browse/OCPBUGS-17669): Validate HostedCluster name against RFC1123 [#2914](https://github.com/openshift/hypershift/pull/2914) * [HOSTEDCP-1075](https://issues.redhat.com/browse/HOSTEDCP-1075): Document how to recover single etcd member [#2916](https://github.com/openshift/hypershift/pull/2916) * [HOSTEDCP-1085](https://issues.redhat.com/browse/HOSTEDCP-1085): Create a monitoring dashboard per HostedCluster [#2907](https://github.com/openshift/hypershift/pull/2907) * chore(deps): update rhtap references (main) [#2903](https://github.com/openshift/hypershift/pull/2903) * [HOSTEDCP-1063](https://issues.redhat.com/browse/HOSTEDCP-1063): Account for guest webhook URLs without a port [#2898](https://github.com/openshift/hypershift/pull/2898) * [OCPBUGS-17680](https://issues.redhat.com/browse/OCPBUGS-17680): Remove immutable note from PullSecret [#2910](https://github.com/openshift/hypershift/pull/2910) * Revert "HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow" [#2908](https://github.com/openshift/hypershift/pull/2908) * [OCPBUGS-16076](https://issues.redhat.com/browse/OCPBUGS-16076): Validate HostedCluster name against RFC1123 in CLI [#2906](https://github.com/openshift/hypershift/pull/2906) * [OCPBUGS-15331](https://issues.redhat.com/browse/OCPBUGS-15331), [OCPBUGS-16049](https://issues.redhat.com/browse/OCPBUGS-16049): Enable AdvertiseAddress dual stack and IPv6 support and added the changes to be included in the certificates [#2779](https://github.com/openshift/hypershift/pull/2779) * [HOSTEDCP-1081](https://issues.redhat.com/browse/HOSTEDCP-1081): Perform etcd recovery when etcd member data is lost [#2900](https://github.com/openshift/hypershift/pull/2900) * [SDN-4057](https://issues.redhat.com/browse/SDN-4057): Pass ControlPlane image to OVN [#2896](https://github.com/openshift/hypershift/pull/2896) * test: e2e: remove SingleReplica etcd chaos test [#2901](https://github.com/openshift/hypershift/pull/2901) * Allow overriding pod security admission label [#2886](https://github.com/openshift/hypershift/pull/2886) * [HOSTEDCP-1146](https://issues.redhat.com/browse/HOSTEDCP-1146): cpo: use CPO spec container image if it is a sha256 reference [#2899](https://github.com/openshift/hypershift/pull/2899) * [HOSTEDCP-1022](https://issues.redhat.com/browse/HOSTEDCP-1022): Set Arch to amd64 [#2897](https://github.com/openshift/hypershift/pull/2897) * Re-introducing defaulting webhook for self managed HCP [#2892](https://github.com/openshift/hypershift/pull/2892) * fix-CNV-30260: KubeVirt: fix failed conformance test [#2891](https://github.com/openshift/hypershift/pull/2891) * [OCPBUGS-16298](https://issues.redhat.com/browse/OCPBUGS-16298): Prevent the kube-apiserver from connecting to the managment kas [#2888](https://github.com/openshift/hypershift/pull/2888) * [HOSTEDCP-1001](https://issues.redhat.com/browse/HOSTEDCP-1001): Image registryOverride included in the image metadata extraction flow [#2820](https://github.com/openshift/hypershift/pull/2820) * [HOSTEDCP-1046](https://issues.redhat.com/browse/HOSTEDCP-1046), [HOSTEDCP-1102](https://issues.redhat.com/browse/HOSTEDCP-1102): Follow-on Items [#2847](https://github.com/openshift/hypershift/pull/2847) * Revert "[HOSTEDCP-1041] Defaulting webhook for self managed HCP" [#2889](https://github.com/openshift/hypershift/pull/2889) * [OCPBUGS-17446](https://issues.redhat.com/browse/OCPBUGS-17446): Set advertise-address in HCP etcd to resolvable name [#2884](https://github.com/openshift/hypershift/pull/2884) * Defaulting webhook for self managed HCP [#2864](https://github.com/openshift/hypershift/pull/2864) * [STOR-1432](https://issues.redhat.com/browse/STOR-1432): cso: add envvars for CSI driver controller images [#2882](https://github.com/openshift/hypershift/pull/2882) * [HOSTEDCP-1025](https://issues.redhat.com/browse/HOSTEDCP-1025): Add HCP CLI Command to Create a NodePool on AWS [#2852](https://github.com/openshift/hypershift/pull/2852) * [SDN-4042](https://issues.redhat.com/browse/SDN-4042): Increase upgrade rollout timers [#2881](https://github.com/openshift/hypershift/pull/2881) * skip olm-collect-profiles in EnsureComponentsHaveNeedManagementKASAccessLabel [#2874](https://github.com/openshift/hypershift/pull/2874) * [HOSTEDCP-1064](https://issues.redhat.com/browse/HOSTEDCP-1064): Add egress policy for private-router [#2792](https://github.com/openshift/hypershift/pull/2792) * [HOSTEDCP-1121](https://issues.redhat.com/browse/HOSTEDCP-1121): Ensure SG reconciliation for aws endpoint [#2872](https://github.com/openshift/hypershift/pull/2872) * chore(deps): update rhtap references [#2865](https://github.com/openshift/hypershift/pull/2865) * [HOSTEDCP-1065](https://issues.redhat.com/browse/HOSTEDCP-1065): add ControlPlaneImage API for provider-side HCP updates [#2848](https://github.com/openshift/hypershift/pull/2848) * [HOSTEDCP-1063](https://issues.redhat.com/browse/HOSTEDCP-1063): Disallow webhooks URLs targeting control plane services [#2775](https://github.com/openshift/hypershift/pull/2775) * [OCPBUGS-17374](https://issues.redhat.com/browse/OCPBUGS-17374): Fast specific dockerignore [#2879](https://github.com/openshift/hypershift/pull/2879) * Kubevirt how-to docs updates [#2875](https://github.com/openshift/hypershift/pull/2875) * Fix nodepool upgrade docs link [#2880](https://github.com/openshift/hypershift/pull/2880) * [OCPBUGS-17171](https://issues.redhat.com/browse/OCPBUGS-17171): Update OLM catalog image tags [#2877](https://github.com/openshift/hypershift/pull/2877) * [HOSTEDCP-1029](https://issues.redhat.com/browse/HOSTEDCP-1029): Add HCP CLI Command to Destroy a Cluster on AWS [#2853](https://github.com/openshift/hypershift/pull/2853) * Add workload management annotation to kubevirt-csi daemonset [#2840](https://github.com/openshift/hypershift/pull/2840) * [WRKLDS-730](https://issues.redhat.com/browse/WRKLDS-730): use default /healthz path for readiness probe in OCM and RCM [#2873](https://github.com/openshift/hypershift/pull/2873) * Add api and cli validation for kubevirt volume mode [#2862](https://github.com/openshift/hypershift/pull/2862) * [HOSTEDCP-1079](https://issues.redhat.com/browse/HOSTEDCP-1079): RHTAP HO Containerfile [#2857](https://github.com/openshift/hypershift/pull/2857) * [OCPBUGS-16770](https://issues.redhat.com/browse/OCPBUGS-16770): add need-management-kas-access label to olm-collect-profiles pods [#2854](https://github.com/openshift/hypershift/pull/2854) * [MULTIARCH-3684](https://issues.redhat.com/browse/MULTIARCH-3684): PowerVS - Upgrade capi to use v1beta2 APIs [#2831](https://github.com/openshift/hypershift/pull/2831) * [HOSTEDCP-1046](https://issues.redhat.com/browse/HOSTEDCP-1046): Add ImageDigestMirrorSet to Config API comment [#2868](https://github.com/openshift/hypershift/pull/2868) * [MULTIARCH-3683](https://issues.redhat.com/browse/MULTIARCH-3683): Add dev flags in destroy cluster powervs command [#2764](https://github.com/openshift/hypershift/pull/2764) * kubevirt: Reconcile EgressFirewall only for ovn-k [#2849](https://github.com/openshift/hypershift/pull/2849) * [HOSTEDCP-1046](https://issues.redhat.com/browse/HOSTEDCP-1046): Add IDMS to the list of valid config manifests [#2837](https://github.com/openshift/hypershift/pull/2837) * [OCPBUGS-17059](https://issues.redhat.com/browse/OCPBUGS-17059): Add volume mode to kubevirt root volume api [#2860](https://github.com/openshift/hypershift/pull/2860) * Update RHTAP references (main) [#2832](https://github.com/openshift/hypershift/pull/2832) * [OCPBUGS-16809](https://issues.redhat.com/browse/OCPBUGS-16809): Configured IgnitionProxy to support IPv4 and IPv6 [#2850](https://github.com/openshift/hypershift/pull/2850) * [OCPBUGS-14163](https://issues.redhat.com/browse/OCPBUGS-14163): Fixed ETCD to work in Ipv6 and Dual stack envs [#2846](https://github.com/openshift/hypershift/pull/2846) * [HOSTEDCP-1112](https://issues.redhat.com/browse/HOSTEDCP-1112): Add config to set creation frequency of RHTAP PRs [#2838](https://github.com/openshift/hypershift/pull/2838) * [HOSTEDCP-1020](https://issues.redhat.com/browse/HOSTEDCP-1020): Remove name as a persistent flag required field [#2836](https://github.com/openshift/hypershift/pull/2836) * [OCPBUGS-16232](https://issues.redhat.com/browse/OCPBUGS-16232): skip z-stream version check when upgrade is forced [#2823](https://github.com/openshift/hypershift/pull/2823) * [OCPBUGS-16033](https://issues.redhat.com/browse/OCPBUGS-16033): ClusterNetwork's HostPrefix validation for dual stack [#2795](https://github.com/openshift/hypershift/pull/2795) * [OCPBUGS-14783](https://issues.redhat.com/browse/OCPBUGS-14783): Fix NetworkPolicy to work over IPv4 and IPv6 [#2704](https://github.com/openshift/hypershift/pull/2704) * Revert "HOSTEDCP-710: Make ImageContentSource immutable" [#2829](https://github.com/openshift/hypershift/pull/2829) * Update RHTAP references (main) [#2814](https://github.com/openshift/hypershift/pull/2814) * [HOSTEDCP-1062](https://issues.redhat.com/browse/HOSTEDCP-1062): Make CAPI pod selector backward compatible [#2825](https://github.com/openshift/hypershift/pull/2825) * [HOSTEDCP-1093](https://issues.redhat.com/browse/HOSTEDCP-1093): Add default flags to HCP create cluster CLI cmd [#2802](https://github.com/openshift/hypershift/pull/2802) * Revert "HOSTEDCP-1094: e2e autoscaler balancing similar node groups" [#2828](https://github.com/openshift/hypershift/pull/2828) * [HOSTEDCP-1090](https://issues.redhat.com/browse/HOSTEDCP-1090): Use statically configured haproxy for router [#2778](https://github.com/openshift/hypershift/pull/2778) * [HOSTEDCP-1046](https://issues.redhat.com/browse/HOSTEDCP-1046): Allow HCP Specification to Support ICSP & IDMS [#2720](https://github.com/openshift/hypershift/pull/2720) * [HOSTEDCP-710](https://issues.redhat.com/browse/HOSTEDCP-710): Make ImageContentSource immutable [#2815](https://github.com/openshift/hypershift/pull/2815) * [OCPBUGS-11835](https://issues.redhat.com/browse/OCPBUGS-11835): Add missing probes to two services [#2430](https://github.com/openshift/hypershift/pull/2430) * [HOSTEDCP-1094](https://issues.redhat.com/browse/HOSTEDCP-1094): e2e autoscaler balancing similar node groups [#2808](https://github.com/openshift/hypershift/pull/2808) * [OCPBUGS-16113](https://issues.redhat.com/browse/OCPBUGS-16113): unshare ignition-server reconciliation between HO and CPO [#2817](https://github.com/openshift/hypershift/pull/2817) * [OCPBUGS-11939](https://issues.redhat.com/browse/OCPBUGS-11939): Fix additional issues with OCPBUGS-11939 [#2804](https://github.com/openshift/hypershift/pull/2804) * [OCPBUGS-16135](https://issues.redhat.com/browse/OCPBUGS-16135): fix deletion bug when hostedzone is already deleted [#2811](https://github.com/openshift/hypershift/pull/2811) * OCPBUGS-14862 Improve clarity around hypershift operator permissions [#2782](https://github.com/openshift/hypershift/pull/2782) * [HOSTEDCP-1062](https://issues.redhat.com/browse/HOSTEDCP-1062): Management kas policy [#2796](https://github.com/openshift/hypershift/pull/2796) * Revert "HOSTEDCP-1062: Add management cluster KAS network policy" [#2793](https://github.com/openshift/hypershift/pull/2793) * [HOSTEDCP-1020](https://issues.redhat.com/browse/HOSTEDCP-1020): Add pullSecret & NodePool replica flags to HCP CLI [#2774](https://github.com/openshift/hypershift/pull/2774) * [HOSTEDCP-1101](https://issues.redhat.com/browse/HOSTEDCP-1101): Add snyk-secret HO RHTAP scripts [#2788](https://github.com/openshift/hypershift/pull/2788) * [OCPBUGS-15991](https://issues.redhat.com/browse/OCPBUGS-15991): use ignition-proxy Service to populate ignitionEndpoint with strategy NodePort [#2787](https://github.com/openshift/hypershift/pull/2787) * [OCPBUGS-15769](https://issues.redhat.com/browse/OCPBUGS-15769): Include hypershift specific labels to be ignored by similar autoscaler groups [#2784](https://github.com/openshift/hypershift/pull/2784) * Add management cluster KAS network policy [#2717](https://github.com/openshift/hypershift/pull/2717) * [HOSTEDCP-1019](https://issues.redhat.com/browse/HOSTEDCP-1019): Add create cluster for Agent for HCP CLI [#2754](https://github.com/openshift/hypershift/pull/2754) * [CNV-30407](https://issues.redhat.com/browse/CNV-30407): KubeVirt Platform: Support NetworkInterfaceMultiQueue [#2760](https://github.com/openshift/hypershift/pull/2760) * [HOSTEDCP-1030](https://issues.redhat.com/browse/HOSTEDCP-1030): Add destroy cluster for Agent for HCP CLI [#2756](https://github.com/openshift/hypershift/pull/2756) * [OCPBUGS-15594](https://issues.redhat.com/browse/OCPBUGS-15594): Get valid arch image for cluster-config-operator [#2753](https://github.com/openshift/hypershift/pull/2753) * kubevirt: Annotate VMs to be live migratable [#2772](https://github.com/openshift/hypershift/pull/2772) * Revert "Merge pull request #2770 from dharaneeshvrd/upgrade-capi-ibmcloud [#2776](https://github.com/openshift/hypershift/pull/2776) * [MULTIARCH-3684](https://issues.redhat.com/browse/MULTIARCH-3684): PowerVS - Upgrade capi to use v1beta2 APIs [#2770](https://github.com/openshift/hypershift/pull/2770) * [OCPBUGS-14862](https://issues.redhat.com/browse/OCPBUGS-14862): Reject VPCE Connections during VPCE Service cleanup [#2700](https://github.com/openshift/hypershift/pull/2700) * Update RHTAP references [#2768](https://github.com/openshift/hypershift/pull/2768) * [HOSTEDCP-1023](https://issues.redhat.com/browse/HOSTEDCP-1023): Add create NodePool for Agent for HCP CLI [#2755](https://github.com/openshift/hypershift/pull/2755) * [HOSTEDCP-1061](https://issues.redhat.com/browse/HOSTEDCP-1061): Implement dedicated request serving nodes for HostedClusters [#2722](https://github.com/openshift/hypershift/pull/2722) * [OCPBUGS-15769](https://issues.redhat.com/browse/OCPBUGS-15769): Set --balance-similar-node-groups for autoscaler [#2769](https://github.com/openshift/hypershift/pull/2769) * Leader election config update. [#2282](https://github.com/openshift/hypershift/pull/2282) * [OCPBUGS-15723](https://issues.redhat.com/browse/OCPBUGS-15723): Let getMachinesForNodePool return machines ordered by creation Timestamp [#2766](https://github.com/openshift/hypershift/pull/2766) * Fix KAS HealthCheck for non DNS-Based ingress points in LB service [#2765](https://github.com/openshift/hypershift/pull/2765) * Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible [#2741](https://github.com/openshift/hypershift/pull/2741) * Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /hack/tools [#2740](https://github.com/openshift/hypershift/pull/2740) * Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 in /hack/tools [#2737](https://github.com/openshift/hypershift/pull/2737) * OCPBUGS-12208 ensureExists pullSecret resource reconciliation strategy [#2732](https://github.com/openshift/hypershift/pull/2732) * Bump github.com/coreos/ignition/v2 from 2.10.1 to 2.14.0 [#2739](https://github.com/openshift/hypershift/pull/2739) * Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /hack/tools [#2738](https://github.com/openshift/hypershift/pull/2738) * Remove hardcoded AWS CI References [#2742](https://github.com/openshift/hypershift/pull/2742) * [TRT-1118](https://issues.redhat.com/browse/TRT-1118): Remove DisableStrictZoneCheck from AWS CCM config [#2757](https://github.com/openshift/hypershift/pull/2757) * Update RHTAP references [#2750](https://github.com/openshift/hypershift/pull/2750) * add OWNERS for new ci-tooling area label [#2743](https://github.com/openshift/hypershift/pull/2743) * Add production cli (hcp) to dockerfile [#2747](https://github.com/openshift/hypershift/pull/2747) * feat: Enable priority class override [#2661](https://github.com/openshift/hypershift/pull/2661) * test/e2e: retry configmap create in etcd chaos tests [#2746](https://github.com/openshift/hypershift/pull/2746) * [OCPBUGS-14578](https://issues.redhat.com/browse/OCPBUGS-14578): Set allocate-node-cidrs to false in the cluster-kube-controller-manager [#2731](https://github.com/openshift/hypershift/pull/2731) * Revert "HOSTEDCP-1016: Validate publishing strategies" [#2733](https://github.com/openshift/hypershift/pull/2733) * [HOSTEDCP-1027](https://issues.redhat.com/browse/HOSTEDCP-1027): Add Create kubeconfig for HCP CLI [#2719](https://github.com/openshift/hypershift/pull/2719) * [HOSTEDCP-1016](https://issues.redhat.com/browse/HOSTEDCP-1016): Validate publishing strategies [#2651](https://github.com/openshift/hypershift/pull/2651) * KubeVirt Platform documentation for Advanced Storage Configurations and External Infrastructure [#2712](https://github.com/openshift/hypershift/pull/2712) * Follow up to PR comments on #2642 [#2690](https://github.com/openshift/hypershift/pull/2690) * [HOSTEDCP-1067](https://issues.redhat.com/browse/HOSTEDCP-1067): Add dependabot dependency management [#2708](https://github.com/openshift/hypershift/pull/2708) * [HOSTEDCP-1073](https://issues.redhat.com/browse/HOSTEDCP-1073): enforce blocked rollout of HCP [#2726](https://github.com/openshift/hypershift/pull/2726) * Revert "HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default" [#2705](https://github.com/openshift/hypershift/pull/2705) * Remove --service-publishing-strategy from production cli [#2721](https://github.com/openshift/hypershift/pull/2721) * [HOSTEDCP-1024](https://issues.redhat.com/browse/HOSTEDCP-1024): Add Create NodePool for KubeVirt for HCP CLI [#2718](https://github.com/openshift/hypershift/pull/2718) * [HOSTEDCP-1032](https://issues.redhat.com/browse/HOSTEDCP-1032): e2e: ensure default PSA policy is not privileged [#2714](https://github.com/openshift/hypershift/pull/2714) * [HOSTEDCP-1031](https://issues.redhat.com/browse/HOSTEDCP-1031): Add Destroy Cluster Cmd for KubeVirt for HCP CLI [#2673](https://github.com/openshift/hypershift/pull/2673) * Expose annotation to allow release image overrides [#2595](https://github.com/openshift/hypershift/pull/2595) * [HOSTEDCP-1060](https://issues.redhat.com/browse/HOSTEDCP-1060): add ignition-server proxy [#2668](https://github.com/openshift/hypershift/pull/2668) * [OCPBUGS-14637](https://issues.redhat.com/browse/OCPBUGS-14637): Check OwningIngressController also in Labels [#2706](https://github.com/openshift/hypershift/pull/2706) * [HOSTEDCP-1020](https://issues.redhat.com/browse/HOSTEDCP-1020): Add Create Cluster for KubeVirt for HCP CLI [#2672](https://github.com/openshift/hypershift/pull/2672) * properly handle user CA bundle not existing [#2703](https://github.com/openshift/hypershift/pull/2703) * [OCPBUGS-15168](https://issues.redhat.com/browse/OCPBUGS-15168): fix(oauth): Do not proxy IBM Cloud IAM endpoints [#2699](https://github.com/openshift/hypershift/pull/2699) * [OCPBUGS-14859](https://issues.redhat.com/browse/OCPBUGS-14859): Skip AWS resource deletion for 'Unknown' OIDC state [#2691](https://github.com/openshift/hypershift/pull/2691) * Whitelist access from virt-launchers to NodeIP if NodePort ServicePublishingStrategy is used [#2688](https://github.com/openshift/hypershift/pull/2688) * [OCPBUGS-13829](https://issues.redhat.com/browse/OCPBUGS-13829): cpo: oauth: honor AccessTokenInactivityTimeout [#2693](https://github.com/openshift/hypershift/pull/2693) * Update NodePool docs to include data propagation [#2687](https://github.com/openshift/hypershift/pull/2687) * [HOSTEDCP-1008](https://issues.redhat.com/browse/HOSTEDCP-1008): Add NodePoolTransitionSeconds metric [#2631](https://github.com/openshift/hypershift/pull/2631) * [HOSTEDCP-967](https://issues.redhat.com/browse/HOSTEDCP-967): [Re-revert] Disable v1alpha1 and conversion webhook by default [#2685](https://github.com/openshift/hypershift/pull/2685) * Make NodePool arch input immutable [#2689](https://github.com/openshift/hypershift/pull/2689) * Update autocaler RBAC to accomodate machinepools support added upstream [#2663](https://github.com/openshift/hypershift/pull/2663) * Enforce Immutability of some KubeVirt Platform Values [#2654](https://github.com/openshift/hypershift/pull/2654) * [CNV-24818](https://issues.redhat.com/browse/CNV-24818): Add fsGroup support to kubevirt-csi-driver [#2563](https://github.com/openshift/hypershift/pull/2563) * Let payload provider render feature gate yaml [#2664](https://github.com/openshift/hypershift/pull/2664) * [OCPBUGS-14633](https://issues.redhat.com/browse/OCPBUGS-14633): Check for OPENSHIFT_IMG_OVERRIDES before using [#2660](https://github.com/openshift/hypershift/pull/2660) * [HOSTEDCP-965](https://issues.redhat.com/browse/HOSTEDCP-965): Add impersonate feature to the CLI and document HC dump procedure [#2653](https://github.com/openshift/hypershift/pull/2653) * [OCPBUGS-11882](https://issues.redhat.com/browse/OCPBUGS-11882): Annotate HCP pods with the safe-to-evict-local-volume CA annotation [#2647](https://github.com/openshift/hypershift/pull/2647) * Update RHTAP references [#2657](https://github.com/openshift/hypershift/pull/2657) * Disable nodepool replace upgrade test [#2665](https://github.com/openshift/hypershift/pull/2665) * [OCPBUGS-14784](https://issues.redhat.com/browse/OCPBUGS-14784): Honor global ingress configuration LoadBalancer type on AWS [#2669](https://github.com/openshift/hypershift/pull/2669) * [OCPBUGS-14620](https://issues.redhat.com/browse/OCPBUGS-14620): Set `DisableStrictZoneCheck = true` in the AWS Cloud Provider config [#2659](https://github.com/openshift/hypershift/pull/2659) * [HOSTEDCP-992](https://issues.redhat.com/browse/HOSTEDCP-992): refactor ignition-server reconcilation [#2662](https://github.com/openshift/hypershift/pull/2662) * Minor fix in KAS LB HealthCheck [#2656](https://github.com/openshift/hypershift/pull/2656) * [HOSTEDCP-1036](https://issues.redhat.com/browse/HOSTEDCP-1036): Create Makefile path to create productized CLI [#2633](https://github.com/openshift/hypershift/pull/2633) * Extend np test timeout for KubeVirt platform [#2655](https://github.com/openshift/hypershift/pull/2655) * [HOSTEDCP-1003](https://issues.redhat.com/browse/HOSTEDCP-1003): Set AWS conditions only for AWS platform [#2604](https://github.com/openshift/hypershift/pull/2604) * Remove alsologtostderr flag form CAP* [#2648](https://github.com/openshift/hypershift/pull/2648) * [OCPBUGS-14575](https://issues.redhat.com/browse/OCPBUGS-14575): Check for IDMS only if mgmt cluster has req API [#2650](https://github.com/openshift/hypershift/pull/2650) * Network isolation of VirtualMachines for KubeVirt provider [#2622](https://github.com/openshift/hypershift/pull/2622) * [OCPBUGS-14428](https://issues.redhat.com/browse/OCPBUGS-14428): remove OLM alerts from the HCCO [#2636](https://github.com/openshift/hypershift/pull/2636) * KubeVirt Openstack image annotation override [#2629](https://github.com/openshift/hypershift/pull/2629) * Red Hat Trusted App Pipeline update hypershift-operator-main [#2638](https://github.com/openshift/hypershift/pull/2638) * Red Hat Trusted App Pipeline purge hypershift-azjx [#2635](https://github.com/openshift/hypershift/pull/2635) * cli: Add release-stream flag [#2644](https://github.com/openshift/hypershift/pull/2644) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Pass payload-version to MCS and MCC [#2643](https://github.com/openshift/hypershift/pull/2643) * KubeVirt: Handle deletion of the cache DV on an edge case [#2620](https://github.com/openshift/hypershift/pull/2620) * [OCPBUGS-14087](https://issues.redhat.com/browse/OCPBUGS-14087): Enable HCCO to reconcile over the OperatorHub's disableAllDefaultSources object [#2632](https://github.com/openshift/hypershift/pull/2632) * [HOSTEDCP-1009](https://issues.redhat.com/browse/HOSTEDCP-1009): Allow external-dns image to be set in install cli [#2623](https://github.com/openshift/hypershift/pull/2623) * Ensure FeatureGate is copied from cluster to MCO render source [#2581](https://github.com/openshift/hypershift/pull/2581) * [OCPBUGS-12972](https://issues.redhat.com/browse/OCPBUGS-12972): Use different ports for MCS in the ignition provider [#2628](https://github.com/openshift/hypershift/pull/2628) * hypershift dump: use random local port for kas port-forwarding [#2625](https://github.com/openshift/hypershift/pull/2625) * [OCPBUGS-11939](https://issues.redhat.com/browse/OCPBUGS-11939): Initialize RegistryOverrides w/ mgmt cluster ICSP [#2437](https://github.com/openshift/hypershift/pull/2437) * Revert "Merge pull request #2596 from muraee/disable-valpha1" [#2627](https://github.com/openshift/hypershift/pull/2627) * Add 'Creating Arm NodePools Through the API' Section [#2587](https://github.com/openshift/hypershift/pull/2587) * [HOSTEDCP-967](https://issues.redhat.com/browse/HOSTEDCP-967): Disable v1alpha1 and conversion webhook by default [#2596](https://github.com/openshift/hypershift/pull/2596) * [OCPBUGS-13113](https://issues.redhat.com/browse/OCPBUGS-13113): Add ClusterUpgradeDuration metric [#2566](https://github.com/openshift/hypershift/pull/2566) * chore(deps): update rhtap references [#2612](https://github.com/openshift/hypershift/pull/2612) * [OCPBU-609](https://issues.redhat.com/browse/OCPBU-609): agent infrastructure docs [#2618](https://github.com/openshift/hypershift/pull/2618) * [OCPBUGS-14169](https://issues.redhat.com/browse/OCPBUGS-14169): Remove external-dns --events flag [#2616](https://github.com/openshift/hypershift/pull/2616) * [OCPBUGS-13970](https://issues.redhat.com/browse/OCPBUGS-13970): Reconcile oauthDeployment annotations even if kubeadmin secret is not found [#2593](https://github.com/openshift/hypershift/pull/2593) * cmd: infra: aws: retry on AuthorizeSecurityGroup failure [#2605](https://github.com/openshift/hypershift/pull/2605) * Fix dump for Kubevirt [#2589](https://github.com/openshift/hypershift/pull/2589) * Kubevirt CSI StorageClass mapping API [#2528](https://github.com/openshift/hypershift/pull/2528) * Remove Arm e2e test [#2591](https://github.com/openshift/hypershift/pull/2591) * [HOSTEDCP-947](https://issues.redhat.com/browse/HOSTEDCP-947): Set ETCD Storage Size as immutable field and equalised the default size among both api versions [#2588](https://github.com/openshift/hypershift/pull/2588) * [OCPBUGS-13735](https://issues.redhat.com/browse/OCPBUGS-13735): Fixed revoking some permissions to CAPI Manager Clusterrole [#2586](https://github.com/openshift/hypershift/pull/2586) * [HOSTEDCP-445](https://issues.redhat.com/browse/HOSTEDCP-445): Add script to migrate hosted control plane [#2598](https://github.com/openshift/hypershift/pull/2598) * Use newly introduced KubeVirt Platform rhcos Image [#2576](https://github.com/openshift/hypershift/pull/2576) * [OCPBUGS-13168](https://issues.redhat.com/browse/OCPBUGS-13168): Include default ingress CA in root CA bundle [#2584](https://github.com/openshift/hypershift/pull/2584) * [HOSTEDCP-975](https://issues.redhat.com/browse/HOSTEDCP-975): Add new grafana panels for nodepools SLOs [#2592](https://github.com/openshift/hypershift/pull/2592) * [HOSTEDCP-926](https://issues.redhat.com/browse/HOSTEDCP-926): Send metric when HO/CPO decide to skip cloud resource deletion [#2531](https://github.com/openshift/hypershift/pull/2531) * Update RHTAP references [#2420](https://github.com/openshift/hypershift/pull/2420) * [OCPBUGS-13897](https://issues.redhat.com/browse/OCPBUGS-13897): Use cluster-config-operator to render featuregate status on KAS bootstrap [#2585](https://github.com/openshift/hypershift/pull/2585) * [HOSTEDCP-975](https://issues.redhat.com/browse/HOSTEDCP-975): Add cluster_name label to nodepools metrics [#2580](https://github.com/openshift/hypershift/pull/2580) * Fix broken tests for non-aws platforms [#2577](https://github.com/openshift/hypershift/pull/2577) * Updated secret permissions for openshift-route-controller-manager [#2575](https://github.com/openshift/hypershift/pull/2575) * [HOSTEDCP-987](https://issues.redhat.com/browse/HOSTEDCP-987): Update go version and dependencies in /hack/tools/go.mod [#2551](https://github.com/openshift/hypershift/pull/2551) * remove flags set by CI env var [#2521](https://github.com/openshift/hypershift/pull/2521) * [HOSTEDCP-975](https://issues.redhat.com/browse/HOSTEDCP-975): Add NodePool DeletionDuration and InitialRolloutDuration metrics [#2558](https://github.com/openshift/hypershift/pull/2558) * [ARMOCP-412](https://issues.redhat.com/browse/ARMOCP-412): Add ARM nodepool to AWS x86 Hosted Cluster [#1594](https://github.com/openshift/hypershift/pull/1594) * [OCPBUGS-11939](https://issues.redhat.com/browse/OCPBUGS-11939): Fix minor codebase nits [#2502](https://github.com/openshift/hypershift/pull/2502) * control-plane-operator/controllers/hostedcontrolplane: Align reconcileCloudControllerManager error strings [#2500](https://github.com/openshift/hypershift/pull/2500) * [HOSTEDCP-960](https://issues.redhat.com/browse/HOSTEDCP-960): Add e2e to validate HC/NP conditions expected status [#2482](https://github.com/openshift/hypershift/pull/2482) * [HOSTEDCP-830](https://issues.redhat.com/browse/HOSTEDCP-830): Update auto scaler role to get and list agentmachinetemplates [#2564](https://github.com/openshift/hypershift/pull/2564) * [HOSTEDCP-445](https://issues.redhat.com/browse/HOSTEDCP-445): Included how to fix image-registry clusteroperator after a disaster recovery migration [#2481](https://github.com/openshift/hypershift/pull/2481) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Pass release image version to MCO bootstrap via --payload-version [#2572](https://github.com/openshift/hypershift/pull/2572) * Cache KubeVirt Boot Image [#1918](https://github.com/openshift/hypershift/pull/1918) * contrib: ci: increase HC quota in clusters namespace [#2547](https://github.com/openshift/hypershift/pull/2547) * [HOSTEDCP-996](https://issues.redhat.com/browse/HOSTEDCP-996): CLI: enable guest cluster dump for private clusters [#2571](https://github.com/openshift/hypershift/pull/2571) * [MULTIARCH-3205](https://issues.redhat.com/browse/MULTIARCH-3205): Support IBM COS as storage for PowerVS in image registry operator [#2207](https://github.com/openshift/hypershift/pull/2207) * fix nil deref in DefaultWorkerSecurityGroupID check [#2573](https://github.com/openshift/hypershift/pull/2573) * remove unused OLM catalog rollout code [#2568](https://github.com/openshift/hypershift/pull/2568) * [OCPBUGS-13034](https://issues.redhat.com/browse/OCPBUGS-13034): Cluster-api SA can't create events [#2565](https://github.com/openshift/hypershift/pull/2565) * [ACM-4277](https://issues.redhat.com/browse/ACM-4277): docs: Add L2Advertisement CR to the Handling Ingress section in the agent docs [#2470](https://github.com/openshift/hypershift/pull/2470) * [HOSTEDCP-947](https://issues.redhat.com/browse/HOSTEDCP-947): Increases default etcd PV size to 8Gi [#2549](https://github.com/openshift/hypershift/pull/2549) * Add a new e2e option for the ETCD storage class [#2560](https://github.com/openshift/hypershift/pull/2560) * Red Hat Trusted App Pipeline update hypershift-azjx [#2555](https://github.com/openshift/hypershift/pull/2555) * [HOSTEDCP-975](https://issues.redhat.com/browse/HOSTEDCP-975): Revised nodePoolSize metric and added AvailableReplicasMetric [#2532](https://github.com/openshift/hypershift/pull/2532) * [OCPBUGS-11383](https://issues.redhat.com/browse/OCPBUGS-11383): Sync proxy TrustedCA to guest cluster [#2550](https://github.com/openshift/hypershift/pull/2550) * Removed unused KMS permissions for nodePool role [#2456](https://github.com/openshift/hypershift/pull/2456) * Lock down kubevirt csi storageclass mappings [#2534](https://github.com/openshift/hypershift/pull/2534) * [OCPBUGS-13021](https://issues.redhat.com/browse/OCPBUGS-13021): Add internal/external elb tags to subnets [#2541](https://github.com/openshift/hypershift/pull/2541) * [HOSTEDCP-918](https://issues.redhat.com/browse/HOSTEDCP-918): Add validation for NodePool security Group condition when using default SG [#2498](https://github.com/openshift/hypershift/pull/2498) * [HOSTEDCP-981](https://issues.redhat.com/browse/HOSTEDCP-981): Minor updates to Getting Started & Contribute pages [#2527](https://github.com/openshift/hypershift/pull/2527) * [OCPBUGS-13111](https://issues.redhat.com/browse/OCPBUGS-13111): Fix errors from HCP controller removeServiceCAAnnotationAndSecret() [#2513](https://github.com/openshift/hypershift/pull/2513) * Stop triggering rollout on labels/taint change [#2533](https://github.com/openshift/hypershift/pull/2533) * Validate HO private platform input [#2536](https://github.com/openshift/hypershift/pull/2536) * [OCPBUGS-13021](https://issues.redhat.com/browse/OCPBUGS-13021): Health check load balancers only on public clusters [#2535](https://github.com/openshift/hypershift/pull/2535) * [OCPBUGS-13309](https://issues.redhat.com/browse/OCPBUGS-13309): set FeatureGate global config [#2543](https://github.com/openshift/hypershift/pull/2543) * Add audit-log-maxbackup setting for openshift-api-server [#2509](https://github.com/openshift/hypershift/pull/2509) * [OCPBUGS-11894](https://issues.redhat.com/browse/OCPBUGS-11894): Let the aws endpoint to use the hypershift owned SG [#2475](https://github.com/openshift/hypershift/pull/2475) * [HOSTEDCP-980](https://issues.redhat.com/browse/HOSTEDCP-980): Include HostedClusterDegraded in hypershift_hostedclusters_failure_conditions metric [#2523](https://github.com/openshift/hypershift/pull/2523) * [HOSTEDCP-788](https://issues.redhat.com/browse/HOSTEDCP-788): Configurable SRE MetricsSet [#2505](https://github.com/openshift/hypershift/pull/2505) * [OCPBUGS-13112](https://issues.redhat.com/browse/OCPBUGS-13112): Add timeout to KAS health check client [#2522](https://github.com/openshift/hypershift/pull/2522) * [HOSTEDCP-978](https://issues.redhat.com/browse/HOSTEDCP-978): Bump openshift/api version and fixed KCM flags (k8s 1.27) [#2519](https://github.com/openshift/hypershift/pull/2519) * [OCPBUGS-7841](https://issues.redhat.com/browse/OCPBUGS-7841): Account for expectedState == false when capturing hostedClustersWithFailureCondition [#2507](https://github.com/openshift/hypershift/pull/2507) * [OCPBUGS-11719](https://issues.redhat.com/browse/OCPBUGS-11719): Ensure ingress controllers are removed before load balancers [#2444](https://github.com/openshift/hypershift/pull/2444) * Fixed assignment to entry in nil map [#2508](https://github.com/openshift/hypershift/pull/2508) * Add new --featuregate-manifest to /usr/bin/cluster-config-operator render [#2506](https://github.com/openshift/hypershift/pull/2506) * [ACM-5116](https://issues.redhat.com/browse/ACM-5116): Increase KubeVirt default Mem and Root Volume Sizes [#2471](https://github.com/openshift/hypershift/pull/2471) * [HOSTEDCP-937](https://issues.redhat.com/browse/HOSTEDCP-937): New metric to expose Hypershift operator info [#2443](https://github.com/openshift/hypershift/pull/2443) * [HOSTEDCP-969](https://issues.redhat.com/browse/HOSTEDCP-969): Consolidate labels for metrics [#2494](https://github.com/openshift/hypershift/pull/2494) * [HOSTEDCP-969](https://issues.redhat.com/browse/HOSTEDCP-969): Move proxy, silence alerts and limited support metrics into HC controller [#2489](https://github.com/openshift/hypershift/pull/2489) * [HOSTEDCP-969](https://issues.redhat.com/browse/HOSTEDCP-969): Only track available metric once [#2479](https://github.com/openshift/hypershift/pull/2479) * [OCPBUGS-11738](https://issues.redhat.com/browse/OCPBUGS-11738): Delete kubeadmin secret when an idp is defined [#2452](https://github.com/openshift/hypershift/pull/2452) * Add PollImmediate for e2e metrics to avoid race with prom scrape interval [#2483](https://github.com/openshift/hypershift/pull/2483) * [HOSTEDCP-969](https://issues.redhat.com/browse/HOSTEDCP-969): Move HC creation metrics [#2477](https://github.com/openshift/hypershift/pull/2477) * [OCPBUGS-12153](https://issues.redhat.com/browse/OCPBUGS-12153): fix(hcco): Get OLM CatalogSource images from defined map [#2454](https://github.com/openshift/hypershift/pull/2454) * [HOSTEDCP-917](https://issues.redhat.com/browse/HOSTEDCP-917): Add publicAndPrivate <-> Private e2e test [#2383](https://github.com/openshift/hypershift/pull/2383) * add hyperv1.SilenceClusterAlertsLabel to HostedCluster on deletion [#2476](https://github.com/openshift/hypershift/pull/2476) * [HOSTEDCP-969](https://issues.redhat.com/browse/HOSTEDCP-969): Move guest cluster resource deletion metric [#2463](https://github.com/openshift/hypershift/pull/2463) * [OCPBUGS-11450](https://issues.redhat.com/browse/OCPBUGS-11450): Pass OPENSHIFT_RELEASE_IMAGE env variable to CNO [#2384](https://github.com/openshift/hypershift/pull/2384) * [HOSTEDCP-972](https://issues.redhat.com/browse/HOSTEDCP-972): Add pre-commit command to Make file [#2465](https://github.com/openshift/hypershift/pull/2465) * [HOSTEDCP-969](https://issues.redhat.com/browse/HOSTEDCP-969): Move cluster deletion duration metric into controller [#2459](https://github.com/openshift/hypershift/pull/2459) * Fix kubevirt csi daemonset reconcile loop [#2466](https://github.com/openshift/hypershift/pull/2466) * Fixes loop between HC controller and pod security label syncer [#2460](https://github.com/openshift/hypershift/pull/2460) * docs: update OIDC bucket create with bucket policy [#2461](https://github.com/openshift/hypershift/pull/2461) * [OCPBUGS-11946](https://issues.redhat.com/browse/OCPBUGS-11946): Add new OCP 4.13 storage admission plugin [#2445](https://github.com/openshift/hypershift/pull/2445) * [OCPBUGS-11773](https://issues.redhat.com/browse/OCPBUGS-11773): remove ACL for aws bucket [#2423](https://github.com/openshift/hypershift/pull/2423) * [OCPBUGS-7841](https://issues.redhat.com/browse/OCPBUGS-7841): Set metrics to 0 when needed to keep time series honest [#2440](https://github.com/openshift/hypershift/pull/2440) * [OCPBUGS-11930](https://issues.redhat.com/browse/OCPBUGS-11930): Clean up existing VPC endpoint connections [#2438](https://github.com/openshift/hypershift/pull/2438) * Revert "Add validation for default Security Group conditions during N… [#2453](https://github.com/openshift/hypershift/pull/2453) * [HOSTEDCP-918](https://issues.redhat.com/browse/HOSTEDCP-918): Add validation for default Security Group conditions during NodePool upgrade test [#2342](https://github.com/openshift/hypershift/pull/2342) * [OCPBUGS-11649](https://issues.redhat.com/browse/OCPBUGS-11649): Always requeue AWSEndpointService controllers [#2424](https://github.com/openshift/hypershift/pull/2424) * Add IBMers as reviewers [#2436](https://github.com/openshift/hypershift/pull/2436) * e2e: Cleanup shared OIDC provider on SIGTERM [#2435](https://github.com/openshift/hypershift/pull/2435) * [HOSTEDCP-950](https://issues.redhat.com/browse/HOSTEDCP-950): Fix haproxy image name in ignition server [#2441](https://github.com/openshift/hypershift/pull/2441) * [OCPBUGS-7091](https://issues.redhat.com/browse/OCPBUGS-7091): Restart kube-scheduler when its configuration changes [#2421](https://github.com/openshift/hypershift/pull/2421) * [OCPBUGS-11749](https://issues.redhat.com/browse/OCPBUGS-11749): Add pod security labels to hcp namespace [#2415](https://github.com/openshift/hypershift/pull/2415) * [HOSTEDCP-950](https://issues.redhat.com/browse/HOSTEDCP-950): Validate release payload images [#2368](https://github.com/openshift/hypershift/pull/2368) * kubevirt: Block metadata server egress [#2399](https://github.com/openshift/hypershift/pull/2399) * Bring latest MCO API [#2434](https://github.com/openshift/hypershift/pull/2434) * Relax MCO API strict decoding [#2433](https://github.com/openshift/hypershift/pull/2433) * docs: update OIDC s3 bucket creation procedure [#2425](https://github.com/openshift/hypershift/pull/2425) * json export for a common grafana dashboard for SLOs [#2422](https://github.com/openshift/hypershift/pull/2422) * Enable monitoring for hypershift namespace [#2419](https://github.com/openshift/hypershift/pull/2419) * [MULTIARCH-3449](https://issues.redhat.com/browse/MULTIARCH-3449): set priority class for cloud controller manager pod for PowerVS [#2390](https://github.com/openshift/hypershift/pull/2390) * Fixes HCCO reconcile error for kubevirt csi driver [#2259](https://github.com/openshift/hypershift/pull/2259) * Add monitoring label to HCP namespace [#2393](https://github.com/openshift/hypershift/pull/2393) * Update tekton references [#2308](https://github.com/openshift/hypershift/pull/2308) * add OWNERS for new area labels [#2414](https://github.com/openshift/hypershift/pull/2414) * fix typo [#2411](https://github.com/openshift/hypershift/pull/2411) * [HOSTEDCP-807](https://issues.redhat.com/browse/HOSTEDCP-807): Requeue HCP always [#2408](https://github.com/openshift/hypershift/pull/2408) * [OCPBUGS-11640](https://issues.redhat.com/browse/OCPBUGS-11640): Update HostedCluster oauthCallbackURLTemplate [#2400](https://github.com/openshift/hypershift/pull/2400) * e2e: Fixed idp test conflict error on HosterCluster update [#2389](https://github.com/openshift/hypershift/pull/2389) * dump: Store guest worker node logs and increase kubevirt logs verbosity [#2317](https://github.com/openshift/hypershift/pull/2317) * [HOSTEDCP-568](https://issues.redhat.com/browse/HOSTEDCP-568): Update Konnectiviy socks5 proxy for IBM exception [#2366](https://github.com/openshift/hypershift/pull/2366) * [OCPBUGS-11442](https://issues.redhat.com/browse/OCPBUGS-11442): properly reconcile with user specified changes for in proxy configuration [#2382](https://github.com/openshift/hypershift/pull/2382) * Updated kubevirt docs [#2318](https://github.com/openshift/hypershift/pull/2318) * [OCPBUGS-11439](https://issues.redhat.com/browse/OCPBUGS-11439): allow z-stream upgrade even if CVO Upgradeable is false [#2381](https://github.com/openshift/hypershift/pull/2381) * [HOSTEDCP-954](https://issues.redhat.com/browse/HOSTEDCP-954): Remove ec2:ReleaseAddress [#2379](https://github.com/openshift/hypershift/pull/2379) * [HOSTEDCP-802](https://issues.redhat.com/browse/HOSTEDCP-802): add cli flag to enable upgrade type [#2367](https://github.com/openshift/hypershift/pull/2367) * e2e: Fix oauth idp e2e test [#2377](https://github.com/openshift/hypershift/pull/2377) * [HOSTEDCP-951](https://issues.redhat.com/browse/HOSTEDCP-951): Let install apply to aggregate errors [#2372](https://github.com/openshift/hypershift/pull/2372) * Revert "Create a second scheme that always registers prometheusoperatorv1 GVKs" [#2374](https://github.com/openshift/hypershift/pull/2374) * [HOSTEDCP-807](https://issues.redhat.com/browse/HOSTEDCP-807): Check KAS loadbalancer health [#2264](https://github.com/openshift/hypershift/pull/2264) * e2e: fix for non-AWS platform [#2360](https://github.com/openshift/hypershift/pull/2360) * [HOSTEDCP-445](https://issues.redhat.com/browse/HOSTEDCP-445): Fix the storage ClusterOperator during a DR migration [#2358](https://github.com/openshift/hypershift/pull/2358) * [HOSTEDCP-850](https://issues.redhat.com/browse/HOSTEDCP-850): Fix nodepool autoscaler logic [#2354](https://github.com/openshift/hypershift/pull/2354) * support/releaseinfo/pod_provider: Drop unused legacy PodProvider [#2341](https://github.com/openshift/hypershift/pull/2341) * Fix nodepool upgrade e2e test [#2359](https://github.com/openshift/hypershift/pull/2359) * [HOSTEDCP-806](https://issues.redhat.com/browse/HOSTEDCP-806): Fix ValidAWSKMSConfig condition [#2322](https://github.com/openshift/hypershift/pull/2322) * [HOSTEDCP-939](https://issues.redhat.com/browse/HOSTEDCP-939): Setup shared OIDC provider for e2e clusters [#2335](https://github.com/openshift/hypershift/pull/2335) * [OCPBUGS-10227](https://issues.redhat.com/browse/OCPBUGS-10227): Preserve false status of ValidAWSIdentityProvider condition [#2344](https://github.com/openshift/hypershift/pull/2344) * ACM-4615 get pull secret instead of dockerconfigjson from mce credentials [#2338](https://github.com/openshift/hypershift/pull/2338) * Slo alerts [#2049](https://github.com/openshift/hypershift/pull/2049) * [HOSTEDCP-943](https://issues.redhat.com/browse/HOSTEDCP-943): Add hypershift_hosted_cluster_transition_seconds histogram [#2348](https://github.com/openshift/hypershift/pull/2348) * [HOSTEDCP-944](https://issues.redhat.com/browse/HOSTEDCP-944): Add more expectedHCConditionStates metrics [#2347](https://github.com/openshift/hypershift/pull/2347) * [OCPBUGS-10227](https://issues.redhat.com/browse/OCPBUGS-10227): Create new EC2 client for AWS identity provider health check [#2346](https://github.com/openshift/hypershift/pull/2346) * OCPBUGS-10823 ensure well known public domains do not get proxied on image imports [#2321](https://github.com/openshift/hypershift/pull/2321) * [SDA-8609](https://issues.redhat.com/browse/SDA-8609): No more specifying the scrape interval at servicemonitors & podmonitors level [#2327](https://github.com/openshift/hypershift/pull/2327) * [OCPBUGS-10807](https://issues.redhat.com/browse/OCPBUGS-10807): Pass runAsUser to CNO so it can run its managed services with proper security context [#2319](https://github.com/openshift/hypershift/pull/2319) * Appstudio update hypershift-azjx [#2332](https://github.com/openshift/hypershift/pull/2332) * Revert "cpo: cno: follow image name change in release payload" [#2345](https://github.com/openshift/hypershift/pull/2345) * support/supportedversion: Include the problematic version strings in error messages [#2334](https://github.com/openshift/hypershift/pull/2334) * [OCPBUGS-10864](https://issues.redhat.com/browse/OCPBUGS-10864): fix external APIServer address selection based on endpointAccess [#2328](https://github.com/openshift/hypershift/pull/2328) * [OCPBUGS-8073](https://issues.redhat.com/browse/OCPBUGS-8073): Do not proxy when guest cluster resolution fails [#2261](https://github.com/openshift/hypershift/pull/2261) * [MULTIARCH-3028](https://issues.redhat.com/browse/MULTIARCH-3028): handle PowerVS instance which goes to failed state during infra create and destroy process. [#2088](https://github.com/openshift/hypershift/pull/2088) * [HOSTEDCP-938](https://issues.redhat.com/browse/HOSTEDCP-938): Added PSA default profile to RunTimeDefault in operator deployment [#2333](https://github.com/openshift/hypershift/pull/2333) * [HOSTEDCP-934](https://issues.redhat.com/browse/HOSTEDCP-934): Validate PublishingStrategyMapping [#2324](https://github.com/openshift/hypershift/pull/2324) * [OCPBUGS-7091](https://issues.redhat.com/browse/OCPBUGS-7091): Honor scheduler profile in HostedCluster configuration [#2330](https://github.com/openshift/hypershift/pull/2330) * [HOSTEDCP-736](https://issues.redhat.com/browse/HOSTEDCP-736): Docs on how we handle aws permissions [#2311](https://github.com/openshift/hypershift/pull/2311) * Add support for external infra clusters in KubeVirt platform [#2017](https://github.com/openshift/hypershift/pull/2017) * Create a second scheme that always registers `prometheusoperatorv1` GVKs [#2292](https://github.com/openshift/hypershift/pull/2292) * [OCPBUGS-10504](https://issues.redhat.com/browse/OCPBUGS-10504): Deletion of the VPCEnpoint on conflicting service names [#2290](https://github.com/openshift/hypershift/pull/2290) * [HOSTEDCP-801](https://issues.redhat.com/browse/HOSTEDCP-801): Expose external DNS for private cluster endpoints [#2286](https://github.com/openshift/hypershift/pull/2286) * [HOSTEDCP-903](https://issues.redhat.com/browse/HOSTEDCP-903): Propagate AWSEndpointService conditions [#2278](https://github.com/openshift/hypershift/pull/2278) * Appstudio update hypershift-azjx [#2287](https://github.com/openshift/hypershift/pull/2287) * [OCPBUGS-8691](https://issues.redhat.com/browse/OCPBUGS-8691): Add storage operators perms. to watch HostedControlPlane [#2301](https://github.com/openshift/hypershift/pull/2301) * [OCPBUGS-10423](https://issues.redhat.com/browse/OCPBUGS-10423): Add validation for taint.value in nodePool [#2298](https://github.com/openshift/hypershift/pull/2298) * [HOSTEDCP-839](https://issues.redhat.com/browse/HOSTEDCP-839): Audit log sidecars for openshift-apiserver and openshift-oauth-apiserver [#2232](https://github.com/openshift/hypershift/pull/2232) * Route to kubevirt VMs using infra id as service label selector [#2092](https://github.com/openshift/hypershift/pull/2092) * Force controleplane upgrade always [#2288](https://github.com/openshift/hypershift/pull/2288) * [HOSTEDCP-900](https://issues.redhat.com/browse/HOSTEDCP-900): Modified AWSPrivateLinkController and AWSEndpointServiceController to respect PausedUntil spec field [#2265](https://github.com/openshift/hypershift/pull/2265) * [HOSTEDCP-919](https://issues.redhat.com/browse/HOSTEDCP-919): Clean up and API doc [#2280](https://github.com/openshift/hypershift/pull/2280) * [HOSTEDCP-688](https://issues.redhat.com/browse/HOSTEDCP-688): E2E Test NodePool Upgrade [#2256](https://github.com/openshift/hypershift/pull/2256) * [HOSTEDCP-445](https://issues.redhat.com/browse/HOSTEDCP-445): Documented the possible issues found during a HostedCluster migration [#2276](https://github.com/openshift/hypershift/pull/2276) * [OCPBUGS-10227](https://issues.redhat.com/browse/OCPBUGS-10227): Ensure identity provider health check condition is persisted and remove awsendpoint control plane finalizer if invalid aws creds [#2281](https://github.com/openshift/hypershift/pull/2281) * [OCPBUGS-8040](https://issues.redhat.com/browse/OCPBUGS-8040): Switch NTO metrics auth to certs generated by HCP controller [#2050](https://github.com/openshift/hypershift/pull/2050) * [OCPBUGS-8381](https://issues.redhat.com/browse/OCPBUGS-8381): Use appropriate serving certificate for OAuth [#2279](https://github.com/openshift/hypershift/pull/2279) * [HOSTEDCP-501](https://issues.redhat.com/browse/HOSTEDCP-501): Added detailed documentation about Hypershift release process [#2272](https://github.com/openshift/hypershift/pull/2272) * [HOSTEDCP-919](https://issues.redhat.com/browse/HOSTEDCP-919): Add AWS cloud controller manager [#2271](https://github.com/openshift/hypershift/pull/2271) * Update PowerVS prereq doc with install and authorization details [#2172](https://github.com/openshift/hypershift/pull/2172) * Remove webhook validation [#2217](https://github.com/openshift/hypershift/pull/2217) * [HOSTEDCP-809](https://issues.redhat.com/browse/HOSTEDCP-809): Clone CA key/cert to TLS key/cert [#2246](https://github.com/openshift/hypershift/pull/2246) * Refactor e2e nodepool tests [#2228](https://github.com/openshift/hypershift/pull/2228) * Update HCP version in capi cluster ref [#2119](https://github.com/openshift/hypershift/pull/2119) * Validate etcd KMS config [#2174](https://github.com/openshift/hypershift/pull/2174) * [OCPBUGS-8421](https://issues.redhat.com/browse/OCPBUGS-8421): fix API documentation for audit webhook field [#2258](https://github.com/openshift/hypershift/pull/2258) * Add a debug section to the Node Tuning docs [#2254](https://github.com/openshift/hypershift/pull/2254) * Destroy cloud resources by default [#2224](https://github.com/openshift/hypershift/pull/2224) * Add e2e test for identity providers [#2166](https://github.com/openshift/hypershift/pull/2166) * [HOSTEDCP-638](https://issues.redhat.com/browse/HOSTEDCP-638): Add latest ocp supported info to -v command for cli and operator [#2233](https://github.com/openshift/hypershift/pull/2233) * [OCPBUGS-8231](https://issues.redhat.com/browse/OCPBUGS-8231): Fix cleanup of volumes on cluster deletion [#2243](https://github.com/openshift/hypershift/pull/2243) * fix(cpo): Delete multus validatingwebhookconfiguration on CNO init [#2231](https://github.com/openshift/hypershift/pull/2231) * add pull-secret to imagePullSecrets for NTO, CNO, and olm-collect-profiles [#2248](https://github.com/openshift/hypershift/pull/2248) * Update images and hypershift operator to 4.14 [#2249](https://github.com/openshift/hypershift/pull/2249) * And 5 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/hypershift/compare/e548ac784e78cbcada7558444908a177d5e7abdb...b11c804b44516f34e50344eeb94901936018d9d1) ### [ibm-cloud-controller-manager](https://github.com/openshift/cloud-provider-ibm/tree/f39488c53ab5151cebf11e8f82510a255a8005d3) * [OCPBUGS-23861](https://issues.redhat.com/browse/OCPBUGS-23861): Bump otelgrpc to v0.49.0 [#73](https://github.com/openshift/cloud-provider-ibm/pull/73) * [OCPBUGS-24665](https://issues.redhat.com/browse/OCPBUGS-24665): Add Snyk file to exclude vendor directory on scan [#65](https://github.com/openshift/cloud-provider-ibm/pull/65) * [OCPBUGS-21149](https://issues.redhat.com/browse/OCPBUGS-21149): Bump golang.org/x/net to v0.18.0 [#55](https://github.com/openshift/cloud-provider-ibm/pull/55) * [OCPCLOUD-2046](https://issues.redhat.com/browse/OCPCLOUD-2046): Manual rebase kubernetes 1.27 and go 1.20 [#51](https://github.com/openshift/cloud-provider-ibm/pull/51) * [OCPBUGS-10116](https://issues.redhat.com/browse/OCPBUGS-10116): Updating ose-ibm-cloud-controller-manager images to be consistent with ART [#48](https://github.com/openshift/cloud-provider-ibm/pull/48) * [Full changelog](https://github.com/openshift/cloud-provider-ibm/compare/b5bcaf9caa96561a32ec5e7b79ca41e173ecfe25...f39488c53ab5151cebf11e8f82510a255a8005d3) ### [ibm-vpc-block-csi-driver](https://github.com/openshift/ibm-vpc-block-csi-driver/tree/4b4154380e9e4f5551a7681b9a440dc22e075b03) * [OCPBUGS-58738](https://issues.redhat.com/browse/OCPBUGS-58738): bump github.com/golang/glog to v1.2.4 [#109](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/109) * [OCPBUGS-56065](https://issues.redhat.com/browse/OCPBUGS-56065): tech debt: rework vendor patches [#93](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/93) * [OCPBUGS-53907](https://issues.redhat.com/browse/OCPBUGS-53907): bump github.com/golang-jwt/jwt/v4 to v4.5.2 [#86](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/86) * [OCPBUGS-36065](https://issues.redhat.com/browse/OCPBUGS-36065): CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 [#73](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/73) * [OCPBUGS-21246](https://issues.redhat.com/browse/OCPBUGS-21246): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#50](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/50) * [OCPBUGS-18142](https://issues.redhat.com/browse/OCPBUGS-18142): [IBM VPC] failed provisioning volume in proxy cluster [#46](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/46) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS and OWNERS_ALIASES [#41](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/41) * [OCPBUGS-12613](https://issues.redhat.com/browse/OCPBUGS-12613): 4.14: UPSTREAM: 157: K8S and grpc package upgrade [#39](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/39) * [STOR-1158](https://issues.redhat.com/browse/STOR-1158): Merge v5.1.5 for OCP 4.14 [#38](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/38) * [OCPBUGS-12325](https://issues.redhat.com/browse/OCPBUGS-12325): UPSTREAM: 118: Update golangci-lint [#37](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/37) * Updating ose-ibm-vpc-block-csi-driver images to be consistent with ART [#36](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/36) * Updating ose-ibm-vpc-block-csi-driver images to be consistent with ART [#33](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/33) * [OCPBUGS-10125](https://issues.redhat.com/browse/OCPBUGS-10125): UPSTREAM: 121: Add missing Kubernetes deps [#34](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/34) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver/compare/f4ded0e923b8f7ad4ed23c64fa97f444520c94e1...4b4154380e9e4f5551a7681b9a440dc22e075b03) ### [ibm-vpc-block-csi-driver-operator](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/tree/6258347568415eb6187a9fd988806e3212fa4f5e) * [OCPBUGS-59791](https://issues.redhat.com/browse/OCPBUGS-59791): [IBM VPC] set offlineExpansion to false in e2e test manifest [#151](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/151) * [OCPBUGS-36071](https://issues.redhat.com/browse/OCPBUGS-36071): CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 [#122](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/122) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#104](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/104) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#91](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/91) * [OCPBUGS-21339](https://issues.redhat.com/browse/OCPBUGS-21339): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#81](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/81) * [OCPBUGS-18105](https://issues.redhat.com/browse/OCPBUGS-18105): [IBM VPC] failed provisioning volume in proxy cluster [#74](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/74) * [OCPBUGS-16654](https://issues.redhat.com/browse/OCPBUGS-16654): Revert revert "STOR-1065: Rename node-driver-registrar… [#69](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/69) * [OCPBUGS-16571](https://issues.redhat.com/browse/OCPBUGS-16571): Bump library-go to remove dependency on goproxy [#71](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/71) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#70](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/70) * Revert "STOR-1065: Rename node-driver-registrar RBAC and Rework sidecar bindings to bind common ClusterRoles" [#68](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/68) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rename node-driver-registrar RBAC and Rework sidecar bindings to bind common ClusterRoles [#64](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/64) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump ibm-vpc-block-csi-driver-operator library-go [#65](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/65) * [OCPBUGS-12614](https://issues.redhat.com/browse/OCPBUGS-12614), [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#57](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/57) * Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART [#56](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/56) * Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART [#55](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/55) * Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART [#54](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/54) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#53](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/53) * Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART [#52](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/52) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/compare/40786cd2e559a71bf6c8abe922fc2e5b580115cc...6258347568415eb6187a9fd988806e3212fa4f5e) ### [ibm-vpc-node-label-updater](https://github.com/openshift/ibm-vpc-node-label-updater/tree/01349bbdf3c459146c5e58b0a96526a2ba78391c) * [OCPBUGS-56065](https://issues.redhat.com/browse/OCPBUGS-56065): tech debt: rework vendor patches [#50](https://github.com/openshift/ibm-vpc-node-label-updater/pull/50) * [OCPBUGS-53539](https://issues.redhat.com/browse/OCPBUGS-53539): bump github.com/golang-jwt/jwt/v4 to v4.5.2 [#46](https://github.com/openshift/ibm-vpc-node-label-updater/pull/46) * [OCPBUGS-36011](https://issues.redhat.com/browse/OCPBUGS-36011): CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 [#42](https://github.com/openshift/ibm-vpc-node-label-updater/pull/42) * [OCPBUGS-21451](https://issues.redhat.com/browse/OCPBUGS-21451): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#27](https://github.com/openshift/ibm-vpc-node-label-updater/pull/27) * [OCPBUGS-12510](https://issues.redhat.com/browse/OCPBUGS-12510): UPSTREAM: 20: Bump (golang.org/x/net): to address CVE-2022-41723 [#23](https://github.com/openshift/ibm-vpc-node-label-updater/pull/23) * Updating ibm-vpc-node-label-updater images to be consistent with ART [#22](https://github.com/openshift/ibm-vpc-node-label-updater/pull/22) * Updating ibm-vpc-node-label-updater images to be consistent with ART [#21](https://github.com/openshift/ibm-vpc-node-label-updater/pull/21) * Updating ibm-vpc-node-label-updater images to be consistent with ART [#20](https://github.com/openshift/ibm-vpc-node-label-updater/pull/20) * Updating ibm-vpc-node-label-updater images to be consistent with ART [#19](https://github.com/openshift/ibm-vpc-node-label-updater/pull/19) * [Full changelog](https://github.com/openshift/ibm-vpc-node-label-updater/compare/6d619f62a27ba0ac0cab05e035f07aef9095d9c9...01349bbdf3c459146c5e58b0a96526a2ba78391c) ### [ibmcloud-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-ibmcloud/tree/8607d6c56beac5fd43079b66f941115aa8fa4e4f) * [OCPBUGS-51816](https://issues.redhat.com/browse/OCPBUGS-51816): CVE-2025-22869 Update golang.org/x/crypto to patched OpenShift fork [#123](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/123) * [OCPBUGS-36077](https://issues.redhat.com/browse/OCPBUGS-36077): UPSTREAM: <carry>: Fix go-retryablehttp CVE - 4.14 [#88](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/88) * [OCPBUGS-27279](https://issues.redhat.com/browse/OCPBUGS-27279): Add Snyk file to exclude vendor directory on scan [#76](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/76) * [OCPBUGS-21436](https://issues.redhat.com/browse/OCPBUGS-21436): Bump golang.org/x/net to v0.18.0 [#63](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/63) * Merge https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud:v0.5.1 (d1ced87) into main [#56](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/56) * [OCPCLOUD-2121](https://issues.redhat.com/browse/OCPCLOUD-2121): Add openshift/e2e-tests for CAPI E2E testing [#57](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/57) * [OCPBUGS-12895](https://issues.redhat.com/browse/OCPBUGS-12895): Update IBM Packages [#54](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/54) * Updating ose-ibmcloud-cluster-api-controllers images to be consistent with ART [#52](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/52) * Updating ose-ibmcloud-cluster-api-controllers images to be consistent with ART [#51](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/51) * [OCPBUGS-6418](https://issues.redhat.com/browse/OCPBUGS-6418): Merge https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud:v0.4.0 (7399387) into main [#48](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/48) * [Full changelog](https://github.com/openshift/cluster-api-provider-ibmcloud/compare/f2694417d53b759212fdb3e0c905f26aae09b838...8607d6c56beac5fd43079b66f941115aa8fa4e4f) ### [ibmcloud-machine-controllers](https://github.com/openshift/machine-api-provider-ibmcloud/tree/a63c6aabeb484cf8d7f976edc80622de959abde4) * [OCPBUGS-36083](https://issues.redhat.com/browse/OCPBUGS-36083): Bump dependency for CVE [#57](https://github.com/openshift/machine-api-provider-ibmcloud/pull/57) * Update dependencies to match machine-api-operator [#22](https://github.com/openshift/machine-api-provider-ibmcloud/pull/22) * [OCPCLOUD-2054](https://issues.redhat.com/browse/OCPCLOUD-2054): Update k8s to 1.27 [#21](https://github.com/openshift/machine-api-provider-ibmcloud/pull/21) * Updating ose-ibmcloud-machine-controllers images to be consistent with ART [#19](https://github.com/openshift/machine-api-provider-ibmcloud/pull/19) * [OCPBUGS-10149](https://issues.redhat.com/browse/OCPBUGS-10149): Updating ose-ibmcloud-machine-controllers images to be consistent with ART [#18](https://github.com/openshift/machine-api-provider-ibmcloud/pull/18) * [Full changelog](https://github.com/openshift/machine-api-provider-ibmcloud/compare/4698265e2146188ede16036bf1193b33d7668930...a63c6aabeb484cf8d7f976edc80622de959abde4) ### [insights-operator](https://github.com/openshift/insights-operator/tree/acc99f557871cbf137f57a540f26989c27bb1301) * Update documentation [#783](https://github.com/openshift/insights-operator/pull/783) * update DVO metrics example in the sample archive [#777](https://github.com/openshift/insights-operator/pull/777) * [OCPBUGS-14270](https://issues.redhat.com/browse/OCPBUGS-14270): Revert "Implement periodic gathering as a job in tech … [#785](https://github.com/openshift/insights-operator/pull/785) * And 67 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/insights-operator/compare/162554e15ece3653649c9a61567d332a462f079a...acc99f557871cbf137f57a540f26989c27bb1301) ### [ironic](https://github.com/openshift/ironic-image/tree/0b1212c6acca609cdc751ce5652b8f91987c8b71) * [OCPBUGS-39019](https://issues.redhat.com/browse/OCPBUGS-39019): Bump ironic-lib to fix utf8 decoding issue [#571](https://github.com/openshift/ironic-image/pull/571) * [OCPBUGS-32266](https://issues.redhat.com/browse/OCPBUGS-32266): redfish-virtualmedia fails on XFusion nodes [#548](https://github.com/openshift/ironic-image/pull/548) * [OCPBUGS-37762](https://issues.redhat.com/browse/OCPBUGS-37762), [OCPBUGS-39382](https://issues.redhat.com/browse/OCPBUGS-39382): Include fixes for CVE-2024-44082 [#584](https://github.com/openshift/ironic-image/pull/584) * [OCPBUGS-38508](https://issues.redhat.com/browse/OCPBUGS-38508): set min version for python3-webob [#555](https://github.com/openshift/ironic-image/pull/555) * [OCPBUGS-33375](https://issues.redhat.com/browse/OCPBUGS-33375): bump werkzeug [#537](https://github.com/openshift/ironic-image/pull/537) * [OCPBUGS-37410](https://issues.redhat.com/browse/OCPBUGS-37410): bump jinja2 [#530](https://github.com/openshift/ironic-image/pull/530) * [OCPBUGS-37115](https://issues.redhat.com/browse/OCPBUGS-37115): Update eventlet version [#524](https://github.com/openshift/ironic-image/pull/524) * Bug OCPBUGS-34657: Disable installation of .pyc files through pip [#512](https://github.com/openshift/ironic-image/pull/512) * [METAL-1004](https://issues.redhat.com/browse/METAL-1004): Update ironic-lib to latest release-4.14 commit [#492](https://github.com/openshift/ironic-image/pull/492) * [OCPBUGS-32364](https://issues.redhat.com/browse/OCPBUGS-32364): [4.14] remove unused prometheus-exporter [#487](https://github.com/openshift/ironic-image/pull/487) * [OCPBUGS-32169](https://issues.redhat.com/browse/OCPBUGS-32169): [4.14] Add hybrid configuration for cachito [#482](https://github.com/openshift/ironic-image/pull/482) * [OCPBUGS-32388](https://issues.redhat.com/browse/OCPBUGS-32388): Use unix sockets by default for reverse proxy communication [#475](https://github.com/openshift/ironic-image/pull/475) * [OCPBUGS-32169](https://issues.redhat.com/browse/OCPBUGS-32169): [4.14] Add requirements placeholders for cachito [#469](https://github.com/openshift/ironic-image/pull/469) * [OCPBUGS-27773](https://issues.redhat.com/browse/OCPBUGS-27773): Update inspector package to fix LLDP unicode error [#452](https://github.com/openshift/ironic-image/pull/452) * [OCPBUGS-27193](https://issues.redhat.com/browse/OCPBUGS-27193): Fix Inspector iPXE config for IPv6 addresses [#448](https://github.com/openshift/ironic-image/pull/448) * [OCPBUGS-19884](https://issues.redhat.com/browse/OCPBUGS-19884): update Ironic to include secure boot fixes [#445](https://github.com/openshift/ironic-image/pull/445) * [OCPBUGS-23903](https://issues.redhat.com/browse/OCPBUGS-23903): Ironic side of external_http_url (METAL-163) is not wired in correctly [#429](https://github.com/openshift/ironic-image/pull/429) * [OCPBUGS-23505](https://issues.redhat.com/browse/OCPBUGS-23505): Uplift eventlet version [#426](https://github.com/openshift/ironic-image/pull/426) * [OCPBUGS-23354](https://issues.redhat.com/browse/OCPBUGS-23354): Upgrade markupsafe and werkzeug dependencies [#421](https://github.com/openshift/ironic-image/pull/421) * [OCPBUGS-14926](https://issues.redhat.com/browse/OCPBUGS-14926): Handle Eject DVD 4.14 [#415](https://github.com/openshift/ironic-image/pull/415) * [OCPBUGS-22253](https://issues.redhat.com/browse/OCPBUGS-22253): Use bash process substitution instead of pipe [#411](https://github.com/openshift/ironic-image/pull/411) * [OCPBUGS-19884](https://issues.redhat.com/browse/OCPBUGS-19884): update Ironic to include secure boot fixes [#404](https://github.com/openshift/ironic-image/pull/404) * [OCPBUGS-19333](https://issues.redhat.com/browse/OCPBUGS-19333): update ironic to include SQLite fixes [#402](https://github.com/openshift/ironic-image/pull/402) * [OCPBUGS-19083](https://issues.redhat.com/browse/OCPBUGS-19083): Switch from current-tripleo to puppet-passed-ci [#399](https://github.com/openshift/ironic-image/pull/399) * [OCPBUGS-18297](https://issues.redhat.com/browse/OCPBUGS-18297): Revert "Bumping versions to include packages synced on… [#396](https://github.com/openshift/ironic-image/pull/396) * [OCPBUGS-14926](https://issues.redhat.com/browse/OCPBUGS-14926): Bumping versions to include packages synced on 180823. [#394](https://github.com/openshift/ironic-image/pull/394) * [OCPBUGS-14795](https://issues.redhat.com/browse/OCPBUGS-14795): Bumping package versions to include 100823 upstream sync. [#391](https://github.com/openshift/ironic-image/pull/391) * [OCPBUGS-17472](https://issues.redhat.com/browse/OCPBUGS-17472): Expand regex for fcos/okd packages list [#389](https://github.com/openshift/ironic-image/pull/389) * [OCPBUGS-17142](https://issues.redhat.com/browse/OCPBUGS-17142): [4.14] Update packages with latest bugfix [#387](https://github.com/openshift/ironic-image/pull/387) * Ironic package upgrade [#386](https://github.com/openshift/ironic-image/pull/386) * [OCPBUGS-14785](https://issues.redhat.com/browse/OCPBUGS-14785): Update ironic container dependencies [#382](https://github.com/openshift/ironic-image/pull/382) * [OCPBUGS-13564](https://issues.redhat.com/browse/OCPBUGS-13564): Sync with latest ironic bug fixes [#379](https://github.com/openshift/ironic-image/pull/379) * [OCPBUGS-13699](https://issues.redhat.com/browse/OCPBUGS-13699): Add python-flask dependency [#371](https://github.com/openshift/ironic-image/pull/371) * [OCPBUGS-14132](https://issues.redhat.com/browse/OCPBUGS-14132): ironic.conf.j2: Bump min_command_interval to 30 on SCOS [#377](https://github.com/openshift/ironic-image/pull/377) * [OCPBUGS-13533](https://issues.redhat.com/browse/OCPBUGS-13533): Sync upstream 20230511 [#368](https://github.com/openshift/ironic-image/pull/368) * Bug OCPBUGS-11753: Include Ironic code synced from upstream on 090523 in ironic-image. [#364](https://github.com/openshift/ironic-image/pull/364) * Sync with latest packages available [#360](https://github.com/openshift/ironic-image/pull/360) * [OCPBUGS-10343](https://issues.redhat.com/browse/OCPBUGS-10343): allow inspector to also be proxied [#355](https://github.com/openshift/ironic-image/pull/355) * Update sushy with latest changes [#359](https://github.com/openshift/ironic-image/pull/359) * [OCPBUGS-10701](https://issues.redhat.com/browse/OCPBUGS-10701): Update sushy to 4.5.0 to handle ZT servers [#357](https://github.com/openshift/ironic-image/pull/357) * [OCPBUGS-8068](https://issues.redhat.com/browse/OCPBUGS-8068): Fix for node's last_error disappears briefly on cleaning failure [#353](https://github.com/openshift/ironic-image/pull/353) * Merge from upstream metal3-io/ironic-image [#354](https://github.com/openshift/ironic-image/pull/354) * Updating ironic images to be consistent with ART [#351](https://github.com/openshift/ironic-image/pull/351) * [Full changelog](https://github.com/openshift/ironic-image/compare/fe91b38ace1a3a6bdf4c6f42346344bdffe2bb21...0b1212c6acca609cdc751ce5652b8f91987c8b71) ### [ironic-agent](https://github.com/openshift/ironic-agent-image/tree/e839a4e87eb09b78e562a3bab8f23f1c767742a4) * [OCPBUGS-39019](https://issues.redhat.com/browse/OCPBUGS-39019): Bump ironic-lib to fix utf8 decoding issue [#158](https://github.com/openshift/ironic-agent-image/pull/158) * [OCPBUGS-39382](https://issues.redhat.com/browse/OCPBUGS-39382): Include fixes for CVE-2024-44082 [#163](https://github.com/openshift/ironic-agent-image/pull/163) * [OCPBUGS-33375](https://issues.redhat.com/browse/OCPBUGS-33375): set webob and bump werkzeug [#151](https://github.com/openshift/ironic-agent-image/pull/151) * [OCPBUGS-33452](https://issues.redhat.com/browse/OCPBUGS-33452): update ironic-lib with latest fixes [#133](https://github.com/openshift/ironic-agent-image/pull/133) * [METAL-1004](https://issues.redhat.com/browse/METAL-1004): Update ironic-lib to latest release-4.14 commit [#130](https://github.com/openshift/ironic-agent-image/pull/130) * [OCPBUGS-32170](https://issues.redhat.com/browse/OCPBUGS-32170): [4.14] Add hybrid configuration for cachito [#127](https://github.com/openshift/ironic-agent-image/pull/127) * [OCPBUGS-32170](https://issues.redhat.com/browse/OCPBUGS-32170): [4.14] Add placeholders for cachito [#124](https://github.com/openshift/ironic-agent-image/pull/124) * [OCPBUGS-29454](https://issues.redhat.com/browse/OCPBUGS-29454): Always add ignition to set hostname on /etc/hostname [#109](https://github.com/openshift/ironic-agent-image/pull/109) * [OCPBUGS-28554](https://issues.redhat.com/browse/OCPBUGS-28554): Update to latest ironic-python-agent for bugfixes [#107](https://github.com/openshift/ironic-agent-image/pull/107) * [OCPBUGS-25685](https://issues.redhat.com/browse/OCPBUGS-25685): Relax packages requirements [#103](https://github.com/openshift/ironic-agent-image/pull/103) * [OCPBUGS-23751](https://issues.redhat.com/browse/OCPBUGS-23751): Update packages with latest fixes [#96](https://github.com/openshift/ironic-agent-image/pull/96) * [OCPBUGS-14585](https://issues.redhat.com/browse/OCPBUGS-14585): rework detection of the assisted agent [#87](https://github.com/openshift/ironic-agent-image/pull/87) * [OCPBUGS-17372](https://issues.redhat.com/browse/OCPBUGS-17372): fallback to /etc/hostname of hostnamectl fails [#86](https://github.com/openshift/ironic-agent-image/pull/86) * [OCPBUGS-9072](https://issues.redhat.com/browse/OCPBUGS-9072): Pass hostname within the ignition to coreos-installer [#76](https://github.com/openshift/ironic-agent-image/pull/76) * Switch to udevadm command install instead of package [OKD] [#84](https://github.com/openshift/ironic-agent-image/pull/84) * [OCPBUGS-14906](https://issues.redhat.com/browse/OCPBUGS-14906): Update ipa for OCP 4.14 [#77](https://github.com/openshift/ironic-agent-image/pull/77) * "Bug OCPBUGS-15447: Switch to udevadm command install instead of package" [#80](https://github.com/openshift/ironic-agent-image/pull/80) * Sync latest ipa and python-hardware [#75](https://github.com/openshift/ironic-agent-image/pull/75) * Updating ironic-agent images to be consistent with ART [#71](https://github.com/openshift/ironic-agent-image/pull/71) * [OCPBUGS-8379](https://issues.redhat.com/browse/OCPBUGS-8379): Adding dep on python3-werkzeug >= 2.0.3-4 [#69](https://github.com/openshift/ironic-agent-image/pull/69) * [Full changelog](https://github.com/openshift/ironic-agent-image/compare/92e3efb4c38dba903316d7cb88afa4bbaa04d259...e839a4e87eb09b78e562a3bab8f23f1c767742a4) ### [ironic-machine-os-downloader](https://github.com/openshift/ironic-rhcos-downloader/tree/7b56c30661e39b212fc632e8e184c70b14dcf3a2) * Binary should be compiled on rhel9 [#89](https://github.com/openshift/ironic-rhcos-downloader/pull/89) * Updating ironic-rhcos-downloader images to be consistent with ART [#88](https://github.com/openshift/ironic-rhcos-downloader/pull/88) * Updating ironic-rhcos-downloader images to be consistent with ART [#87](https://github.com/openshift/ironic-rhcos-downloader/pull/87) * Updating ironic-rhcos-downloader images to be consistent with ART [#86](https://github.com/openshift/ironic-rhcos-downloader/pull/86) * Updating ironic-rhcos-downloader images to be consistent with ART [#85](https://github.com/openshift/ironic-rhcos-downloader/pull/85) * [Full changelog](https://github.com/openshift/ironic-rhcos-downloader/compare/ce2917794de5723248fe3302c8833f89fb54265a...7b56c30661e39b212fc632e8e184c70b14dcf3a2) ### [ironic-static-ip-manager](https://github.com/openshift/ironic-static-ip-manager/tree/1b194fd16b59c4a48223a2c9ac1bfb998a55c615) * [OCPBUGS-49890](https://issues.redhat.com/browse/OCPBUGS-49890): Fix subnet validation [#50](https://github.com/openshift/ironic-static-ip-manager/pull/50) * [OCPBUGS-14614](https://issues.redhat.com/browse/OCPBUGS-14614): Remove provisioning netowrk route from "lo" [#39](https://github.com/openshift/ironic-static-ip-manager/pull/39) * [OCPBUGS-4501](https://issues.redhat.com/browse/OCPBUGS-4501): Flush addresses on provisioning interface with global scope only [#35](https://github.com/openshift/ironic-static-ip-manager/pull/35) * Updating ironic-static-ip-manager images to be consistent with ART [#34](https://github.com/openshift/ironic-static-ip-manager/pull/34) * [Full changelog](https://github.com/openshift/ironic-static-ip-manager/compare/4536724a8644fda91a74b23901ba1789eaff7179...1b194fd16b59c4a48223a2c9ac1bfb998a55c615) ### [k8s-prometheus-adapter](https://github.com/openshift/k8s-prometheus-adapter/tree/801a912b3a60d7e840fb1ff38b5ca992f47327fd) * [OCPBUGS-21473](https://issues.redhat.com/browse/OCPBUGS-21473): Add a toggle to disable HTTP/2 on the server to mitigate CVE-2023-44487 [#89](https://github.com/openshift/k8s-prometheus-adapter/pull/89) * [OCPBUGS-21473](https://issues.redhat.com/browse/OCPBUGS-21473): upgrade golang.org/x/net to 0.17.0 to address CVE-2023… [#81](https://github.com/openshift/k8s-prometheus-adapter/pull/81) * [OCPBUGS-20250](https://issues.redhat.com/browse/OCPBUGS-20250): limit number of simultaneous client requests [#77](https://github.com/openshift/k8s-prometheus-adapter/pull/77) * [OCPBUGS-12659](https://issues.redhat.com/browse/OCPBUGS-12659): bump golang.org/x/net version [#71](https://github.com/openshift/k8s-prometheus-adapter/pull/71) * Updating ose-prometheus-adapter images to be consistent with ART [#69](https://github.com/openshift/k8s-prometheus-adapter/pull/69) * [OCPBUGS-10172](https://issues.redhat.com/browse/OCPBUGS-10172): Updating ose-prometheus-adapter images to be consistent with ART [#68](https://github.com/openshift/k8s-prometheus-adapter/pull/68) * [Full changelog](https://github.com/openshift/k8s-prometheus-adapter/compare/0fce7c7c97d56ba0a0ae4c6a2ba32e559b8a03d7...801a912b3a60d7e840fb1ff38b5ca992f47327fd) ### [keepalived-ipfailover](https://github.com/openshift/images/tree/03e5f40783e1b573f3d07d7640619ad9592f9a77) * [OCPBUGS-30414](https://issues.redhat.com/browse/OCPBUGS-30414): update unit tests in egress/dns-proxy [#173](https://github.com/openshift/images/pull/173) * [OCPBUGS-10176](https://issues.redhat.com/browse/OCPBUGS-10176): 15143307: Updating openshift-enterprise-keepalived-ipfailover images to be consistent with ART [#132](https://github.com/openshift/images/pull/132) * [OCPBUGS-10163](https://issues.redhat.com/browse/OCPBUGS-10163): Updating openshift-enterprise-egress-router images to be consistent with ART [#131](https://github.com/openshift/images/pull/131) * [OCPBUGS-10181](https://issues.redhat.com/browse/OCPBUGS-10181): 15143312: Updating openshift-enterprise-egress-dns-proxy images to be consistent with ART [#133](https://github.com/openshift/images/pull/133) * [NE-1304](https://issues.redhat.com/browse/NE-1304): container builds: switch to haproxy26 package [#141](https://github.com/openshift/images/pull/141) * [OCPBUGS-11385](https://issues.redhat.com/browse/OCPBUGS-11385): Removed chroot setting [#137](https://github.com/openshift/images/pull/137) * egress: update owners [#139](https://github.com/openshift/images/pull/139) * [OCPBUGS-11595](https://issues.redhat.com/browse/OCPBUGS-11595): Revert "[NE-1267] container builds: switch to haproxy26 package" [#138](https://github.com/openshift/images/pull/138) * egress/dns-proxy/Dockerfile: switch to haproxy26 package [#136](https://github.com/openshift/images/pull/136) * [OCPBUGS-10003](https://issues.redhat.com/browse/OCPBUGS-10003): Revert "bump RHEL8 egress-dns-proxy image to haproxy26" [#134](https://github.com/openshift/images/pull/134) * Updating ose-egress-http-proxy images to be consistent with ART [#130](https://github.com/openshift/images/pull/130) * Updating openshift-enterprise-base-rhel9 images to be consistent with ART [#129](https://github.com/openshift/images/pull/129) * Updating openshift-enterprise-base images to be consistent with ART [#128](https://github.com/openshift/images/pull/128) * [Full changelog](https://github.com/openshift/images/compare/1a14e5c9896976b43767ab325a6fe35527a514a5...03e5f40783e1b573f3d07d7640619ad9592f9a77) ### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/1f611c53ca22ebcf23d6a34ca07121f4fa2808d6) * [OCPBUGS-54991](https://issues.redhat.com/browse/OCPBUGS-54991): Handle `openshift-host-network` namespace as special when it modifies [#655](https://github.com/openshift/sdn/pull/655) * [OCPBUGS-46536](https://issues.redhat.com/browse/OCPBUGS-46536): Bump openvswitch [#647](https://github.com/openshift/sdn/pull/647) * [Release 4.14] OCPBUGS-43484: NP-1092: backport SDN live migration [#631](https://github.com/openshift/sdn/pull/631) * [OCPBUGS-20790](https://issues.redhat.com/browse/OCPBUGS-20790): update x/net to v0.17.0 [#587](https://github.com/openshift/sdn/pull/587) * [OCPBUGS-19558](https://issues.redhat.com/browse/OCPBUGS-19558): Collect pod operation latency metrics properly [#577](https://github.com/openshift/sdn/pull/577) * [OCPBUGS-17316](https://issues.redhat.com/browse/OCPBUGS-17316): CVE-2023-3978: golang.org/x/net/html: Cross site scripting [#571](https://github.com/openshift/sdn/pull/571) * [OCPBUGS-16790](https://issues.redhat.com/browse/OCPBUGS-16790): Change the permission of 80-openshift-network.conf to 600 [#570](https://github.com/openshift/sdn/pull/570) * Dockerfile changes to build both rhel8 and rhel9 binaries [#559](https://github.com/openshift/sdn/pull/559) * [SDN-3900](https://issues.redhat.com/browse/SDN-3900): rebase to 1.27.1 [#555](https://github.com/openshift/sdn/pull/555) * [OCPBUGS-12644](https://issues.redhat.com/browse/OCPBUGS-12644): CVE-2022-41723 golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [#538](https://github.com/openshift/sdn/pull/538) * [OCPBUGS-3176](https://issues.redhat.com/browse/OCPBUGS-3176): Enable IP Forwarding if disabled [#549](https://github.com/openshift/sdn/pull/549) * [OCPBUGS-13975](https://issues.redhat.com/browse/OCPBUGS-13975): fix possible concurrent map read/write [#546](https://github.com/openshift/sdn/pull/546) * [OCPBUGS-13717](https://issues.redhat.com/browse/OCPBUGS-13717): Use the ovsver build arg to infer the openvswitch short version number [#534](https://github.com/openshift/sdn/pull/534) * Updating kube-proxy images to be consistent with ART [#531](https://github.com/openshift/sdn/pull/531) * Updating ose-sdn images to be consistent with ART [#530](https://github.com/openshift/sdn/pull/530) * [OCPBUGS-12233](https://issues.redhat.com/browse/OCPBUGS-12233): CVE-2018-17419 ose-node-container: dns: Denial of Service (DoS) [#535](https://github.com/openshift/sdn/pull/535) * [OCPBUGS-12435](https://issues.redhat.com/browse/OCPBUGS-12435): EgressNetworkPolicy DNS resolution does not fall back to TCP [#532](https://github.com/openshift/sdn/pull/532) * Change fedora image to use latest upstream [#523](https://github.com/openshift/sdn/pull/523) * Updating kube-proxy images to be consistent with ART [#516](https://github.com/openshift/sdn/pull/516) * [OCPBUGS-1370](https://issues.redhat.com/browse/OCPBUGS-1370): save and delete the old egress network policy [#525](https://github.com/openshift/sdn/pull/525) * Updating ose-sdn images to be consistent with ART [#514](https://github.com/openshift/sdn/pull/514) * [OCPBUGS-9985](https://issues.redhat.com/browse/OCPBUGS-9985): Prefer local TCP endpoint for cluster DNS service [#518](https://github.com/openshift/sdn/pull/518) * [OCPBUGS-8007](https://issues.redhat.com/browse/OCPBUGS-8007): Fix race in Egress IP Tracker start [#515](https://github.com/openshift/sdn/pull/515) * [Full changelog](https://github.com/openshift/sdn/compare/9c882377e3a4cfc447b490e0a760697f3c9fa9ba...1f611c53ca22ebcf23d6a34ca07121f4fa2808d6) ### [kube-rbac-proxy](https://github.com/openshift/kube-rbac-proxy/tree/b8b8259584046eabb7565f262c8105c2686107a4) * [OCPBUGS-31971](https://issues.redhat.com/browse/OCPBUGS-31971): bump golang.org/x/net [4.14] [#108](https://github.com/openshift/kube-rbac-proxy/pull/108) * [OCPBUGS-20717](https://issues.redhat.com/browse/OCPBUGS-20717): http2: trim connetions and buffers, v4.14 [#81](https://github.com/openshift/kube-rbac-proxy/pull/81) * [OCPBUGS-20717](https://issues.redhat.com/browse/OCPBUGS-20717): go.mod: bump golang.org/x/net to v0.17.0 [#75](https://github.com/openshift/kube-rbac-proxy/pull/75) * [AUTH-362](https://issues.redhat.com/browse/AUTH-362): v0.14.2 downstream [#70](https://github.com/openshift/kube-rbac-proxy/pull/70) * [OCPBUGS-12313](https://issues.redhat.com/browse/OCPBUGS-12313): Update 4.14 kube-rbac-proxy image to be consistent with ART [#66](https://github.com/openshift/kube-rbac-proxy/pull/66) * : OCPBUGS-12777: Downstream merge v0.14.1 [#67](https://github.com/openshift/kube-rbac-proxy/pull/67) * [OCPBUGS-10089](https://issues.redhat.com/browse/OCPBUGS-10089): Update 4.14 kube-rbac-proxy image to be consistent with ART [#64](https://github.com/openshift/kube-rbac-proxy/pull/64) * [Full changelog](https://github.com/openshift/kube-rbac-proxy/compare/f35f954ae0550e6ebeb94e244401fc069dc346b8...b8b8259584046eabb7565f262c8105c2686107a4) ### [kube-state-metrics](https://github.com/openshift/kube-state-metrics/tree/db0c54994a6aad9155a94513eaa3480c1812f45e) * [OCPBUGS-20794](https://issues.redhat.com/browse/OCPBUGS-20794): bump x/net to v0.17.0 [#101](https://github.com/openshift/kube-state-metrics/pull/101) * Merge with `upstream/release-2.9` [#95](https://github.com/openshift/kube-state-metrics/pull/95) * [OCPBUGS-12347](https://issues.redhat.com/browse/OCPBUGS-12347): Update 4.14 kube-state-metrics image to be consistent with ART [#94](https://github.com/openshift/kube-state-metrics/pull/94) * Bump openshift/kube-state-metrics to v2.8.2 [#92](https://github.com/openshift/kube-state-metrics/pull/92) * [OCPBUGS-10177](https://issues.redhat.com/browse/OCPBUGS-10177): Updating kube-state-metrics images to be consistent with ART [#91](https://github.com/openshift/kube-state-metrics/pull/91) * [Full changelog](https://github.com/openshift/kube-state-metrics/compare/fd791df54d7271c1611090505509a03454168689...db0c54994a6aad9155a94513eaa3480c1812f45e) ### [kube-storage-version-migrator](https://github.com/openshift/kubernetes-kube-storage-version-migrator/tree/b533e08c1ee5ac79d5b9219ec0ac2fefca353d9d) * NO-JIRA: Add DOWNSTREAM_OWNERS (release 4-14). [#229](https://github.com/openshift/kubernetes-kube-storage-version-migrator/pull/229) * bump(*): vendor bump to sync with kubernetes fork [#198](https://github.com/openshift/kubernetes-kube-storage-version-migrator/pull/198) * [OCPBUGS-10153](https://issues.redhat.com/browse/OCPBUGS-10153): Updating ose-kube-storage-version-migrator images to be consistent with ART [#194](https://github.com/openshift/kubernetes-kube-storage-version-migrator/pull/194) * [Full changelog](https://github.com/openshift/kubernetes-kube-storage-version-migrator/compare/ac20da35bc6d9cded6dbf7fa0c27e867c7a69cb7...b533e08c1ee5ac79d5b9219ec0ac2fefca353d9d) ### [kubevirt-cloud-controller-manager](https://github.com/openshift/cloud-provider-kubevirt/tree/7d96f56d4bbc8449fdddbdbc630d9337097f0030) * [OCPBUGS-23866](https://issues.redhat.com/browse/OCPBUGS-23866): deps, bump opentelemetry [#38](https://github.com/openshift/cloud-provider-kubevirt/pull/38) * [OCPBUGS-21174](https://issues.redhat.com/browse/OCPBUGS-21174): Bump golang.org/x/net to v0.18.0 [#37](https://github.com/openshift/cloud-provider-kubevirt/pull/37) * [OCPBUGS-30861](https://issues.redhat.com/browse/OCPBUGS-30861): Bump golang.org/x/net to v0.18.0 [#36](https://github.com/openshift/cloud-provider-kubevirt/pull/36) * [OCPBUGS-19020](https://issues.redhat.com/browse/OCPBUGS-19020): Auto sync upstream 2023 09 15 20 36 [#26](https://github.com/openshift/cloud-provider-kubevirt/pull/26) * Auto sync upstream 2023 05 15 20 44 [#22](https://github.com/openshift/cloud-provider-kubevirt/pull/22) * Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART [#21](https://github.com/openshift/cloud-provider-kubevirt/pull/21) * Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART [#20](https://github.com/openshift/cloud-provider-kubevirt/pull/20) * Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART [#19](https://github.com/openshift/cloud-provider-kubevirt/pull/19) * Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART [#18](https://github.com/openshift/cloud-provider-kubevirt/pull/18) * [Full changelog](https://github.com/openshift/cloud-provider-kubevirt/compare/ee2033ecd471dc9fc08d101c421a04916f4f55c5...7d96f56d4bbc8449fdddbdbc630d9337097f0030) ### [kubevirt-csi-driver](https://github.com/openshift/kubevirt-csi-driver/tree/48fafc4a9edc202c5ff674b5f631568b4d62f7f5) * "OCPBUGS-29792: [release-4.14] Address CVE-2024-1725: Restrict access to infrastructure PVCs by requiring matching infraClusterLabels on tenant PVCs" [#34](https://github.com/openshift/kubevirt-csi-driver/pull/34) * [OCPBUGS-19730](https://issues.redhat.com/browse/OCPBUGS-19730): Ensure volume is removed before returning success (https://github.com/kubevirt/csi-driver/pull/90) [#25](https://github.com/openshift/kubevirt-csi-driver/pull/25) * Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART [#20](https://github.com/openshift/kubevirt-csi-driver/pull/20) * [CNV-29315](https://issues.redhat.com/browse/CNV-29315): kubevirt-csi unable to unpublish volumes in the event a VM is unexpectedly destroyed [#21](https://github.com/openshift/kubevirt-csi-driver/pull/21) * [Full changelog](https://github.com/openshift/kubevirt-csi-driver/compare/9d909f7f3a3efd27d7efb71bf0324796aa6e8788...48fafc4a9edc202c5ff674b5f631568b4d62f7f5) ### [libvirt-machine-controllers](https://github.com/openshift/cluster-api-provider-libvirt/tree/34dfccba84a23b871d4f29dcec55929c11696e91) * [OCPBUGS-19926](https://issues.redhat.com/browse/OCPBUGS-19926): [release-4.14] Don't force use of virtio console [#269](https://github.com/openshift/cluster-api-provider-libvirt/pull/269) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#261](https://github.com/openshift/cluster-api-provider-libvirt/pull/261) * Updating ose-libvirt-machine-controllers images to be consistent with ART [#259](https://github.com/openshift/cluster-api-provider-libvirt/pull/259) * Updating ose-libvirt-machine-controllers images to be consistent with ART [#258](https://github.com/openshift/cluster-api-provider-libvirt/pull/258) * Updating ose-libvirt-machine-controllers images to be consistent with ART [#257](https://github.com/openshift/cluster-api-provider-libvirt/pull/257) * Updating ose-libvirt-machine-controllers images to be consistent with ART [#254](https://github.com/openshift/cluster-api-provider-libvirt/pull/254) * Remove myself (frobware) from OWNERS [#253](https://github.com/openshift/cluster-api-provider-libvirt/pull/253) * refactor: replace `github.com/ghodss/yaml` with `sigs.k8s.io/yaml` [#252](https://github.com/openshift/cluster-api-provider-libvirt/pull/252) * [Full changelog](https://github.com/openshift/cluster-api-provider-libvirt/compare/d4b7a8ab790a970ce2f0374146248b2307df0185...34dfccba84a23b871d4f29dcec55929c11696e91) ### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/28aa32fc3084d7e3a91378fd9d70ddd9832404cc) * [OCPBUGS-53296](https://issues.redhat.com/browse/OCPBUGS-53296): add image/read permissions [#1350](https://github.com/openshift/machine-api-operator/pull/1350) * [OCPBUGS-48245](https://issues.redhat.com/browse/OCPBUGS-48245): VSphere: Handle cloned instance with lost taskID [#1322](https://github.com/openshift/machine-api-operator/pull/1322) * [OCPBUGS-47659](https://issues.redhat.com/browse/OCPBUGS-47659): Ensure deletion annotation takes priority and oldestPolicy can distinguish longer ages [#1318](https://github.com/openshift/machine-api-operator/pull/1318) * [OCPBUGS-43821](https://issues.redhat.com/browse/OCPBUGS-43821): install/0000_30_machine-api-operator_00_credentials-request: Set skipServiceCheck again for GCP [#1303](https://github.com/openshift/machine-api-operator/pull/1303) * [CFE-1051](https://issues.redhat.com/browse/CFE-1051): Adding web-hook validation for capacityReservationGroupID [#1260](https://github.com/openshift/machine-api-operator/pull/1260) * [OCPBUGS-31980](https://issues.redhat.com/browse/OCPBUGS-31980): Update x/net to v0.25.0 [#1236](https://github.com/openshift/machine-api-operator/pull/1236) * [OCPBUGS-30898](https://issues.redhat.com/browse/OCPBUGS-30898): Azure MAO CredentialsRequest Contains Unnecessary virtualMachines/extensions Permissions [#1224](https://github.com/openshift/machine-api-operator/pull/1224) * [OCPBUGS-28745](https://issues.redhat.com/browse/OCPBUGS-28745): Set --max-concurrent-reconciles=10 for Azure machine controller [#1217](https://github.com/openshift/machine-api-operator/pull/1217) * [OCPBUGS-28745](https://issues.redhat.com/browse/OCPBUGS-28745): Add AddWithActuatorOpts to allow overriding Machine controller options [#1214](https://github.com/openshift/machine-api-operator/pull/1214) * [OCPBUGS-24998](https://issues.redhat.com/browse/OCPBUGS-24998): Add Snyk file to exclude vendor directory on scan [#1191](https://github.com/openshift/machine-api-operator/pull/1191) * [OCPBUGS-24047](https://issues.redhat.com/browse/OCPBUGS-24047): Update reference URL [#1186](https://github.com/openshift/machine-api-operator/pull/1186) * [OCPBUGS-24047](https://issues.redhat.com/browse/OCPBUGS-24047): Use docs URL instead of KCS article [#1180](https://github.com/openshift/machine-api-operator/pull/1180) * [OCPBUGS-17297](https://issues.redhat.com/browse/OCPBUGS-17297): [release-4.14] Update x/net to fix CVE [#1173](https://github.com/openshift/machine-api-operator/pull/1173) * [OCPBUGS-17872](https://issues.redhat.com/browse/OCPBUGS-17872): Azure MAO CredentialsRequest contains unnecessary network write permissions [#1161](https://github.com/openshift/machine-api-operator/pull/1161) * [OCPBUGS-17090](https://issues.redhat.com/browse/OCPBUGS-17090): Set logger for controller runtime [#1164](https://github.com/openshift/machine-api-operator/pull/1164) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#1163](https://github.com/openshift/machine-api-operator/pull/1163) * [OCPBUGS-17919](https://issues.redhat.com/browse/OCPBUGS-17919): [Azure] MAO Missing DiskEncryptionSet read permissions [#1162](https://github.com/openshift/machine-api-operator/pull/1162) * [OCPCLOUD-2014](https://issues.redhat.com/browse/OCPCLOUD-2014): Switch Azure credentials request to use explicit permissions [#1152](https://github.com/openshift/machine-api-operator/pull/1152) * [OCPBUGS-16925](https://issues.redhat.com/browse/OCPBUGS-16925): only attempt to remove finalizers if staticIPFeatureGateEnabled [#1160](https://github.com/openshift/machine-api-operator/pull/1160) * install/0000_99_machine-api-operator_00_tombstones: Drop obsolete file [#1159](https://github.com/openshift/machine-api-operator/pull/1159) * [OCPBUGS-16307](https://issues.redhat.com/browse/OCPBUGS-16307): default instance type for Azure based on the architecture (+ gcp) [#1155](https://github.com/openshift/machine-api-operator/pull/1155) * [MGMT-13630](https://issues.redhat.com/browse/MGMT-13630): Add Azure Confidential VM and TrustedLaunch for VMs webhook validations [#1157](https://github.com/openshift/machine-api-operator/pull/1157) * [SPLAT-845](https://issues.redhat.com/browse/SPLAT-845): add support for the capv NetworkDeviceSpec [#1079](https://github.com/openshift/machine-api-operator/pull/1079) * Fix data race conditions in unit tests [#1156](https://github.com/openshift/machine-api-operator/pull/1156) * reconcile status when the clusteroperator changes [#1154](https://github.com/openshift/machine-api-operator/pull/1154) * [MULTIARCH-3693](https://issues.redhat.com/browse/MULTIARCH-3693): Add policies to operate on VPC loadbalacers [#1153](https://github.com/openshift/machine-api-operator/pull/1153) * Add feature gate for disabling the MHC controller [#1151](https://github.com/openshift/machine-api-operator/pull/1151) * Bump openshift/api package [#1150](https://github.com/openshift/machine-api-operator/pull/1150) * add capability annotation [#1119](https://github.com/openshift/machine-api-operator/pull/1119) * MachineAPIOperatorMetricsCollectionFailing to warning [#1149](https://github.com/openshift/machine-api-operator/pull/1149) * [CCO-321](https://issues.redhat.com/browse/CCO-321): Add support for feature-gating specific providers [#1140](https://github.com/openshift/machine-api-operator/pull/1140) * [MIXEDARCH-129](https://issues.redhat.com/browse/MIXEDARCH-129): Adds the MergeCommaSeparatedKeyValues method in the util package [#1147](https://github.com/openshift/machine-api-operator/pull/1147) * updated hacking-guide.md to direct customers to open up issues on Jir… [#1139](https://github.com/openshift/machine-api-operator/pull/1139) * [OCPBUGS-13132](https://issues.redhat.com/browse/OCPBUGS-13132): Golang update to 1.20 [#1146](https://github.com/openshift/machine-api-operator/pull/1146) * [OCPBUGS-13956](https://issues.redhat.com/browse/OCPBUGS-13956): Bump controller-runtime to v0.15.0 [#1145](https://github.com/openshift/machine-api-operator/pull/1145) * [OCPBUGS-13806](https://issues.redhat.com/browse/OCPBUGS-13806): Update dependencies to K8s 1.27 [#1142](https://github.com/openshift/machine-api-operator/pull/1142) * [CCO-321](https://issues.redhat.com/browse/CCO-321): Add service account name to Azure credentials request [#1129](https://github.com/openshift/machine-api-operator/pull/1129) * [OCPBUGS-10165](https://issues.redhat.com/browse/OCPBUGS-10165): Updating ose-machine-api-operator images to be consistent with ART [#1127](https://github.com/openshift/machine-api-operator/pull/1127) * [OCPBUGS-10591](https://issues.redhat.com/browse/OCPBUGS-10591): Fix empty component version [#1128](https://github.com/openshift/machine-api-operator/pull/1128) * [OCPBUGS-7249](https://issues.redhat.com/browse/OCPBUGS-7249): Fix zone tag value reconciliation for vSphere machines [#1126](https://github.com/openshift/machine-api-operator/pull/1126) * [OCPCLOUD-1778](https://issues.redhat.com/browse/OCPCLOUD-1778): Add None and External platform type explicit handling [#1122](https://github.com/openshift/machine-api-operator/pull/1122) * [Full changelog](https://github.com/openshift/machine-api-operator/compare/a950acc5d06dda8089dbbe4b9d4ad95e7fe78b62...28aa32fc3084d7e3a91378fd9d70ddd9832404cc) ### [machine-config-operator](https://github.com/openshift/machine-config-operator/tree/00b2e0b1cc83e119995bbbe2ae06665c3d1655d7) * [OCPBUGS-57341](https://issues.redhat.com/browse/OCPBUGS-57341): Do not enable on-prem-resolv-prepender.path for UPI [#5114](https://github.com/openshift/machine-config-operator/pull/5114) * [OCPBUGS-43743](https://issues.redhat.com/browse/OCPBUGS-43743): Soften haproxy timeout for kubeapi probe [#4664](https://github.com/openshift/machine-config-operator/pull/4664) * [OCPBUGS-54228](https://issues.redhat.com/browse/OCPBUGS-54228): Update ObservedGeneration in KubeletConfig [#4950](https://github.com/openshift/machine-config-operator/pull/4950) * [OCPBUGS-50631](https://issues.redhat.com/browse/OCPBUGS-50631): Add clarification to invalid maxUnavailable alert [#4848](https://github.com/openshift/machine-config-operator/pull/4848) * [OCPBUGS-48801](https://issues.redhat.com/browse/OCPBUGS-48801): Wait for all subcontrollers [#4808](https://github.com/openshift/machine-config-operator/pull/4808) * [OCPBUGS-46057](https://issues.redhat.com/browse/OCPBUGS-46057): Remove trailing periods from AWS provided hostnames [#4747](https://github.com/openshift/machine-config-operator/pull/4747) * [OCPBUGS-45271](https://issues.redhat.com/browse/OCPBUGS-45271): Post upgrading from 4.14 to 4.15.36, the observedGeneration count increased tremendously [#4725](https://github.com/openshift/machine-config-operator/pull/4725) * [OCPBUGS-42111](https://issues.redhat.com/browse/OCPBUGS-42111): Do not use 'restart' for 'oneshot' service [#4622](https://github.com/openshift/machine-config-operator/pull/4622) * [MCO-1278](https://issues.redhat.com/browse/MCO-1278): Backport Telemetry to 4.14 [#4672](https://github.com/openshift/machine-config-operator/pull/4672) * [OCPBUGS-43981](https://issues.redhat.com/browse/OCPBUGS-43981): Panic seen in CI job for MCC pod [#4671](https://github.com/openshift/machine-config-operator/pull/4671) * [OCPBUGS-43980](https://issues.redhat.com/browse/OCPBUGS-43980): MCPs report wrong number of nodes when we move nodes from one custom MCP to another custom MCP [#4673](https://github.com/openshift/machine-config-operator/pull/4673) * [OCPBUGS-37552](https://issues.redhat.com/browse/OCPBUGS-37552): On-Prem resolv prepender to watch for NM changes [#4500](https://github.com/openshift/machine-config-operator/pull/4500) * [OCPBUGS-35322](https://issues.redhat.com/browse/OCPBUGS-35322): Decrease logs of haproxy [#4405](https://github.com/openshift/machine-config-operator/pull/4405) * [OCPBUGS-32258](https://issues.redhat.com/browse/OCPBUGS-32258): Log network service output to console [#4320](https://github.com/openshift/machine-config-operator/pull/4320) * [OCPBUGS-38371](https://issues.redhat.com/browse/OCPBUGS-38371): Revert "MCD-pull: run after network-online.target in Azure" [#4526](https://github.com/openshift/machine-config-operator/pull/4526) * [OCPBUGS-37769](https://issues.redhat.com/browse/OCPBUGS-37769): Move StartLimitIntervalSec to Unit section [#4521](https://github.com/openshift/machine-config-operator/pull/4521) * [OCPBUGS-30794](https://issues.redhat.com/browse/OCPBUGS-30794): Mount /run/nodeip-configuration into coredns containers [#4253](https://github.com/openshift/machine-config-operator/pull/4253) * [OCPBUGS-37483](https://issues.redhat.com/browse/OCPBUGS-37483): Remove weights from ingress check script [#4485](https://github.com/openshift/machine-config-operator/pull/4485) * [OCPBUGS-37738](https://issues.redhat.com/browse/OCPBUGS-37738): Openshift uncordoned compute-node that was intentionally cordoned [#4502](https://github.com/openshift/machine-config-operator/pull/4502) * [OCPBUGS-36915](https://issues.redhat.com/browse/OCPBUGS-36915): Use NM's dns-change event for resolv.conf [#4473](https://github.com/openshift/machine-config-operator/pull/4473) * [OCPBUGS-37223](https://issues.redhat.com/browse/OCPBUGS-37223): Copy RHEL9 binaries used in HCP [#4479](https://github.com/openshift/machine-config-operator/pull/4479) * [OCPBUGS-36776](https://issues.redhat.com/browse/OCPBUGS-36776): daemon: Handle correctly OS Version for 4.1 and 4.2 bootimages [#4463](https://github.com/openshift/machine-config-operator/pull/4463) * [OCPBUGS-36593](https://issues.redhat.com/browse/OCPBUGS-36593): MCD-pull: run after network-online.target in Azure [#4456](https://github.com/openshift/machine-config-operator/pull/4456) * [OCPBUGS-36356](https://issues.redhat.com/browse/OCPBUGS-36356): daemon/update: disable systemd unit before overwriting [#4447](https://github.com/openshift/machine-config-operator/pull/4447) * [OCPBUGS-32472](https://issues.redhat.com/browse/OCPBUGS-32472): Delete state files on reboot only [#4331](https://github.com/openshift/machine-config-operator/pull/4331) * [OCPBUGS-33590](https://issues.redhat.com/browse/OCPBUGS-33590): ovs-configure: fix `vlan_parent` calculation [#4361](https://github.com/openshift/machine-config-operator/pull/4361) * [OCPBUGS-34716](https://issues.redhat.com/browse/OCPBUGS-34716): If multiple hostnames are returned, use the first one for the Node name [#4385](https://github.com/openshift/machine-config-operator/pull/4385) * [OCPBUGS-17658](https://issues.redhat.com/browse/OCPBUGS-17658): Controller pod is spamming unknown field "spec.dns.spec.platform" message [#4383](https://github.com/openshift/machine-config-operator/pull/4383) * [OCPBUGS-33643](https://issues.redhat.com/browse/OCPBUGS-33643): Don't error if the certs.d dir doesn't exist yet [#4362](https://github.com/openshift/machine-config-operator/pull/4362) * [OCPBUGS-32341](https://issues.redhat.com/browse/OCPBUGS-32341): Remove the condition for checking the multiple ovs-if-br-ex profiles [#4325](https://github.com/openshift/machine-config-operator/pull/4325) * [OCPBUGS-27030](https://issues.redhat.com/browse/OCPBUGS-27030): Log network service output to console [#4114](https://github.com/openshift/machine-config-operator/pull/4114) * : OCPBUGS-31731: kubelet: restorecon necessary files on kubelet's prestart [#4307](https://github.com/openshift/machine-config-operator/pull/4307) * [OCPBUGS-32260](https://issues.redhat.com/browse/OCPBUGS-32260): fix: resources were in the wrong indentation level [#4322](https://github.com/openshift/machine-config-operator/pull/4322) * [OCPBUGS-27108](https://issues.redhat.com/browse/OCPBUGS-27108): Add \n in cert_writer for old cert methods and skip cloudCA validation [#4117](https://github.com/openshift/machine-config-operator/pull/4117) * [OCPBUGS-31487](https://issues.redhat.com/browse/OCPBUGS-31487): Prevent OVS-configuration to run before kdump [#4291](https://github.com/openshift/machine-config-operator/pull/4291) * [OCPBUGS-29400](https://issues.redhat.com/browse/OCPBUGS-29400): Run resolv-prepender entirely async [#4182](https://github.com/openshift/machine-config-operator/pull/4182) * [OCPBUGS-31681](https://issues.redhat.com/browse/OCPBUGS-31681): make verify should use MCO's kube version [#4305](https://github.com/openshift/machine-config-operator/pull/4305) * [OCPBUGS-30992](https://issues.redhat.com/browse/OCPBUGS-30992): add preferredduringscheduling annotation to kube-rbac-proxy-crio [#4266](https://github.com/openshift/machine-config-operator/pull/4266) * [OCPBUGS-30872](https://issues.redhat.com/browse/OCPBUGS-30872): add static pods for rbacproxy [#4258](https://github.com/openshift/machine-config-operator/pull/4258) * [OCPBUGS-30107](https://issues.redhat.com/browse/OCPBUGS-30107): annotate on-prem static pods for workload partitioning [#4230](https://github.com/openshift/machine-config-operator/pull/4230) * [OCPBUGS-30225](https://issues.redhat.com/browse/OCPBUGS-30225): set nodeStatusReportFrequency [#4242](https://github.com/openshift/machine-config-operator/pull/4242) * [OCPBUGS-29290](https://issues.redhat.com/browse/OCPBUGS-29290): AWS: Always persist the existing node name on 4.14 [#4215](https://github.com/openshift/machine-config-operator/pull/4215) * [OCPBUGS-20039](https://issues.redhat.com/browse/OCPBUGS-20039): Add v6-primary dual stack support to VSphere UPI [#3956](https://github.com/openshift/machine-config-operator/pull/3956) * [OCPBUGS-29457](https://issues.redhat.com/browse/OCPBUGS-29457): Add existing kubeletconfig/ctrcfg mc-name-suffix annotation [#4187](https://github.com/openshift/machine-config-operator/pull/4187) * [OCPBUGS-26072](https://issues.redhat.com/browse/OCPBUGS-26072): Fix bootstrap with NTO Operator and duplicate MachineConfigs [#4098](https://github.com/openshift/machine-config-operator/pull/4098) * [OCPBUGS-28379](https://issues.redhat.com/browse/OCPBUGS-28379): fix nodeStatusUpdateFrequency [#4149](https://github.com/openshift/machine-config-operator/pull/4149) * [OCPBUGS-28384](https://issues.redhat.com/browse/OCPBUGS-28384): daemon: allow the user to override drains on IR changes [#4150](https://github.com/openshift/machine-config-operator/pull/4150) * [OCPBUGS-27759](https://issues.redhat.com/browse/OCPBUGS-27759): Add Image Credential Provider flags for Kubelet on AWS [#4144](https://github.com/openshift/machine-config-operator/pull/4144) * [OCP 4.14] OCPBUGS-24660: daemon: Add support for new nmstate logic [#4066](https://github.com/openshift/machine-config-operator/pull/4066) * [OCPBUGS-27178](https://issues.redhat.com/browse/OCPBUGS-27178): use *resource.Quantity to not automatically set 0 [#4121](https://github.com/openshift/machine-config-operator/pull/4121) * [OCPBUGS-23089](https://issues.redhat.com/browse/OCPBUGS-23089): Don't retry node-ip show in resolv-prepender [#4022](https://github.com/openshift/machine-config-operator/pull/4022) * [OCPBUGS-27362](https://issues.redhat.com/browse/OCPBUGS-27362): Fix typo in AWS node env unit [#4131](https://github.com/openshift/machine-config-operator/pull/4131) * [OCPBUGS-26500](https://issues.redhat.com/browse/OCPBUGS-26500): crio: drop automatic image cleanup on upgrades [#4105](https://github.com/openshift/machine-config-operator/pull/4105) * [OCPBUGS-26559](https://issues.redhat.com/browse/OCPBUGS-26559): Azure Run ovs-configuration.service before dnsmasq.service [#4109](https://github.com/openshift/machine-config-operator/pull/4109) * [OCPBUGS-26551](https://issues.redhat.com/browse/OCPBUGS-26551): kubelet: fix kubelet labels [#4107](https://github.com/openshift/machine-config-operator/pull/4107) * [OCPBUGS-24596](https://issues.redhat.com/browse/OCPBUGS-24596): [release-4.14] execute cert related processes to ensure proper rotation [#4063](https://github.com/openshift/machine-config-operator/pull/4063) * [OCPBUGS-24397](https://issues.redhat.com/browse/OCPBUGS-24397): gcp-routes: don't exit on crictl failures [#4056](https://github.com/openshift/machine-config-operator/pull/4056) * [OCPBUGS-20554](https://issues.redhat.com/browse/OCPBUGS-20554): Ensure gcp-routes hack for internalLB hairpin traffic works for SGW [#3973](https://github.com/openshift/machine-config-operator/pull/3973) * [OCPBUGS-23474](https://issues.redhat.com/browse/OCPBUGS-23474): Use shorter IP label for keepalived VIP [#4041](https://github.com/openshift/machine-config-operator/pull/4041) * [OCPBUGS-23208](https://issues.redhat.com/browse/OCPBUGS-23208): workaround nmstate bug by configuring ipv{4,6} addresses [#4031](https://github.com/openshift/machine-config-operator/pull/4031) * [OCPBUGS-22275](https://issues.redhat.com/browse/OCPBUGS-22275): support icsp and idms objects [#3995](https://github.com/openshift/machine-config-operator/pull/3995) * [OCPBUGS-22391](https://issues.redhat.com/browse/OCPBUGS-22391): Require a hostname override for AWS [#4001](https://github.com/openshift/machine-config-operator/pull/4001) * [OCPBUGS-20418](https://issues.redhat.com/browse/OCPBUGS-20418): Introduce kubelet-dependencies.target and firstboot-osupdate.target [#3967](https://github.com/openshift/machine-config-operator/pull/3967) * [OCPBUGS-20051](https://issues.redhat.com/browse/OCPBUGS-20051): Support to append the duplicate kernel arguments to the rendered MC [#3957](https://github.com/openshift/machine-config-operator/pull/3957) * [OCPBUGS-21065](https://issues.redhat.com/browse/OCPBUGS-21065): Update library-go and k8s dependencies to latest version [#3994](https://github.com/openshift/machine-config-operator/pull/3994) * [OCPBUGS-20025](https://issues.redhat.com/browse/OCPBUGS-20025): Consider ingress VIPs when selecting node IP [#3951](https://github.com/openshift/machine-config-operator/pull/3951) * [OCPBUGS-21841](https://issues.redhat.com/browse/OCPBUGS-21841): CRI-O: Use 127.0.0.1 for stream server with random port [#3984](https://github.com/openshift/machine-config-operator/pull/3984) * [OCPBUGS-20358](https://issues.redhat.com/browse/OCPBUGS-20358): dashboard should detect unknown and not ready for not ready dashboard [#3966](https://github.com/openshift/machine-config-operator/pull/3966) * [OCPBUGS-19657](https://issues.redhat.com/browse/OCPBUGS-19657): After dual-stack conversion reconcile IPFamilies [#3934](https://github.com/openshift/machine-config-operator/pull/3934) * [OCPBUGS-19430](https://issues.redhat.com/browse/OCPBUGS-19430): [release-4.14] resolv-prepender: avoid pulling baremetalRuntimeCfgImage again if it … [#3925](https://github.com/openshift/machine-config-operator/pull/3925) * [OCPBUGS-19703](https://issues.redhat.com/browse/OCPBUGS-19703): Internal Registry Secrets merge causing excessive API calls [#3941](https://github.com/openshift/machine-config-operator/pull/3941) * [OCPBUGS-19662](https://issues.redhat.com/browse/OCPBUGS-19662): fix merged image registry CA behavior [#3937](https://github.com/openshift/machine-config-operator/pull/3937) * [OCPBUGS-19701](https://issues.redhat.com/browse/OCPBUGS-19701): Remove dependency on k8s.io/kubernetes packages [#3940](https://github.com/openshift/machine-config-operator/pull/3940) * [OCPBUGS-19344](https://issues.redhat.com/browse/OCPBUGS-19344): Ignore invoking nbctl calls if its SDN [#3928](https://github.com/openshift/machine-config-operator/pull/3928) * [OCPBUGS-19535](https://issues.redhat.com/browse/OCPBUGS-19535): daemon: always use `podman cp` to copy extensions container content [#3932](https://github.com/openshift/machine-config-operator/pull/3932) * [OCPBUGS-19357](https://issues.redhat.com/browse/OCPBUGS-19357): install: Recreate and delayed default ServiceAccount deletion [#3920](https://github.com/openshift/machine-config-operator/pull/3920) * [OCPBUGS-9972](https://issues.redhat.com/browse/OCPBUGS-9972): Fix azure routes hack for ovnk pods towards internalLB on master nodes in SGW mode [#3878](https://github.com/openshift/machine-config-operator/pull/3878) * [OCPBUGS-18442](https://issues.redhat.com/browse/OCPBUGS-18442): MCO is degraded if not install image registry operator [#3901](https://github.com/openshift/machine-config-operator/pull/3901) * [OCPBUGS-18097](https://issues.redhat.com/browse/OCPBUGS-18097): ensure cconfig is not updated too frequently [#3891](https://github.com/openshift/machine-config-operator/pull/3891) * [OCPBUGS-18086](https://issues.redhat.com/browse/OCPBUGS-18086): Quiet controller noisiness [#3886](https://github.com/openshift/machine-config-operator/pull/3886) * [OCPBUGS-16035](https://issues.redhat.com/browse/OCPBUGS-16035): daemon: create /etc/systemd/network directory on node [#3883](https://github.com/openshift/machine-config-operator/pull/3883) * Revert "fix nodeStatusUpdateFrequency" [#3887](https://github.com/openshift/machine-config-operator/pull/3887) * [OCPBUGS-17787](https://issues.redhat.com/browse/OCPBUGS-17787): Fix sysctl breaking dots in paths [#3870](https://github.com/openshift/machine-config-operator/pull/3870) * [OCPBUGS-16733](https://issues.redhat.com/browse/OCPBUGS-16733): on-prem: run resolv-prepender on NM reapply event [#3827](https://github.com/openshift/machine-config-operator/pull/3827) * [OCPBUGS-15583](https://issues.redhat.com/browse/OCPBUGS-15583): fix nodeStatusUpdateFrequency [#3784](https://github.com/openshift/machine-config-operator/pull/3784) * [OCPBUGS-17810](https://issues.redhat.com/browse/OCPBUGS-17810): temporarily remove cert observability fields, add storageversionmigration for machineconfigpools,controllerconfig [#3866](https://github.com/openshift/machine-config-operator/pull/3866) * [OCPBUGS-11832](https://issues.redhat.com/browse/OCPBUGS-11832): SSHkeys fails to write on upgrade to 4.13.rc3 [#3810](https://github.com/openshift/machine-config-operator/pull/3810) * [MCO-564](https://issues.redhat.com/browse/MCO-564): Make MCD aware of on-cluster builds [#3848](https://github.com/openshift/machine-config-operator/pull/3848) * MCO 566: MCO 662 Wire up productionalized BuildController in Machine OS Builder binary and choosing backend image builder [#3861](https://github.com/openshift/machine-config-operator/pull/3861) * [MCO-605](https://issues.redhat.com/browse/MCO-605): MCO-550: Remove Certificates from MachineConfig [#3787](https://github.com/openshift/machine-config-operator/pull/3787) * [MCO-573](https://issues.redhat.com/browse/MCO-573): Wire up security/trust/pull secrets between rpm-ostree and internal registry [#3806](https://github.com/openshift/machine-config-operator/pull/3806) * [OCPBUGS-17701](https://issues.redhat.com/browse/OCPBUGS-17701): daemon: igmore mounting MCD pod content when target is "/" [#3860](https://github.com/openshift/machine-config-operator/pull/3860) * mcs: Use certwatcher [#3744](https://github.com/openshift/machine-config-operator/pull/3744) * [MCO-729](https://issues.redhat.com/browse/MCO-729): BuildController should allow cluster admins to provide a custom Dockerfile [#3847](https://github.com/openshift/machine-config-operator/pull/3847) * [MCO-564](https://issues.redhat.com/browse/MCO-564): Make NodeController aware of BuildController [#3817](https://github.com/openshift/machine-config-operator/pull/3817) * [OCPBUGS-17568](https://issues.redhat.com/browse/OCPBUGS-17568): Agent-based install process the container machine-config-controller will be oom [#3862](https://github.com/openshift/machine-config-operator/pull/3862) * [OPNET-343](https://issues.redhat.com/browse/OPNET-343): Restore node-ip for kubelet in dual-stack vSphere [#3859](https://github.com/openshift/machine-config-operator/pull/3859) * OCPBUGS-17683 replace .. with : on registry CA file paths [#3854](https://github.com/openshift/machine-config-operator/pull/3854) * operator: remove metrics related log [#3855](https://github.com/openshift/machine-config-operator/pull/3855) * [MCO-565](https://issues.redhat.com/browse/MCO-565): MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions. Deletes deployment rather than scale down to 0 without label [#3834](https://github.com/openshift/machine-config-operator/pull/3834) * [MCO-588](https://issues.redhat.com/browse/MCO-588): Update ignition spec to 3.4, disallow ignition KernelArguments for now [#3814](https://github.com/openshift/machine-config-operator/pull/3814) * [OCPBUGS-17433](https://issues.redhat.com/browse/OCPBUGS-17433): Sync featuregate controller during the node config controller sync [#3846](https://github.com/openshift/machine-config-operator/pull/3846) * [OCPBUGS-8938](https://issues.redhat.com/browse/OCPBUGS-8938): OCPBUGS-15202: MCO-555: kube-rbac-proxy addition [#3663](https://github.com/openshift/machine-config-operator/pull/3663) * [MCO-654](https://issues.redhat.com/browse/MCO-654): forcefile should always trigger an OS update [#3790](https://github.com/openshift/machine-config-operator/pull/3790) * [OCPBUGS-14945](https://issues.redhat.com/browse/OCPBUGS-14945): add HostToContainer propagation to all hostPath volume mounts [#3792](https://github.com/openshift/machine-config-operator/pull/3792) * [MCO-532](https://issues.redhat.com/browse/MCO-532): Finish lease type migration [#3842](https://github.com/openshift/machine-config-operator/pull/3842) * [OCPBUGS-13825](https://issues.redhat.com/browse/OCPBUGS-13825): The machine-config-controller pod restart in SNO+1 causing daemonsets to restart [#3838](https://github.com/openshift/machine-config-operator/pull/3838) * [OCPBUGS-14965](https://issues.redhat.com/browse/OCPBUGS-14965): Run hostnamectl with systemd-run [#3746](https://github.com/openshift/machine-config-operator/pull/3746) * install: Fix dash-to-hyhen for 04_kube_rbac_proxy_config.yaml prefix [#3837](https://github.com/openshift/machine-config-operator/pull/3837) * [OCPNODE-1714](https://issues.redhat.com/browse/OCPNODE-1714): files: add skip_mount_home to storage.conf [#3777](https://github.com/openshift/machine-config-operator/pull/3777) * [OCPBUGS-16227](https://issues.redhat.com/browse/OCPBUGS-16227): make sure sshKey are not emptied out on firstboot [#3829](https://github.com/openshift/machine-config-operator/pull/3829) * daemon: Two minor fixes for reexec [#3835](https://github.com/openshift/machine-config-operator/pull/3835) * daemon: Remove even more dead legacy OS update code [#3820](https://github.com/openshift/machine-config-operator/pull/3820) * [MCO-552](https://issues.redhat.com/browse/MCO-552): implement the ability for the MCO to handle image registry certificates [#3770](https://github.com/openshift/machine-config-operator/pull/3770) * [OCPBUGS-17156](https://issues.redhat.com/browse/OCPBUGS-17156): daemon: Always replace binary [#3832](https://github.com/openshift/machine-config-operator/pull/3832) * Revert "daemon: Make binary writing idempotent" [#3831](https://github.com/openshift/machine-config-operator/pull/3831) * [OCPBUGS-16921](https://issues.redhat.com/browse/OCPBUGS-16921): daemon: Make binary writing idempotent [#3825](https://github.com/openshift/machine-config-operator/pull/3825) * Revert "MCO-565: MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions" [#3830](https://github.com/openshift/machine-config-operator/pull/3830) * Revert " add Passwd to bootstrap served ignition" [#3828](https://github.com/openshift/machine-config-operator/pull/3828) * [OCPBUGS-15367](https://issues.redhat.com/browse/OCPBUGS-15367): The kubeconfig copied on to each node has 644 permissions [#3808](https://github.com/openshift/machine-config-operator/pull/3808) * [MCO-597](https://issues.redhat.com/browse/MCO-597): Remove the MCO's dependency on journal reads [#3822](https://github.com/openshift/machine-config-operator/pull/3822) * fix certExpiry description [#3823](https://github.com/openshift/machine-config-operator/pull/3823) * [OCPBUGS-16227](https://issues.redhat.com/browse/OCPBUGS-16227): add Passwd to bootstrap served ignition [#3811](https://github.com/openshift/machine-config-operator/pull/3811) * [MCO-565](https://issues.redhat.com/browse/MCO-565): MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions [#3763](https://github.com/openshift/machine-config-operator/pull/3763) * [OCPNODE-1717](https://issues.redhat.com/browse/OCPNODE-1717): Make cgroupsv2 default in OCP-4.14 [#3789](https://github.com/openshift/machine-config-operator/pull/3789) * [OCPNODE-1655](https://issues.redhat.com/browse/OCPNODE-1655): Apply node-cluster dashboard as a config map [#3708](https://github.com/openshift/machine-config-operator/pull/3708) * [MCO-607](https://issues.redhat.com/browse/MCO-607): MCO-237: Keep track of certs in ControllerConfigStatus [#3756](https://github.com/openshift/machine-config-operator/pull/3756) * [MCO-687](https://issues.redhat.com/browse/MCO-687): Fix metrics e2e test [#3813](https://github.com/openshift/machine-config-operator/pull/3813) * [MCO-585](https://issues.redhat.com/browse/MCO-585): MCO-569: MCO-563: MCO-586: Introduces BuildController [#3731](https://github.com/openshift/machine-config-operator/pull/3731) * MCO MCO-424: daemon: Remove old legacy OS update path [#3583](https://github.com/openshift/machine-config-operator/pull/3583) * [MGMT-14843](https://issues.redhat.com/browse/MGMT-14843): ovs-configuration service should copy the statically configured address even if the method isn't manual. [#3774](https://github.com/openshift/machine-config-operator/pull/3774) * [OCPBUGS-16128](https://issues.redhat.com/browse/OCPBUGS-16128): daemon: Copy matching binary to host, re-exec with it [#3799](https://github.com/openshift/machine-config-operator/pull/3799) * [MCO-596](https://issues.redhat.com/browse/MCO-596): Deprecate the login monitor [#3791](https://github.com/openshift/machine-config-operator/pull/3791) * kubevirt: Configure IPv6 arp proxy default gw [#3780](https://github.com/openshift/machine-config-operator/pull/3780) * operator: Stop mounting /etc/kubernetes/ca.crt [#3730](https://github.com/openshift/machine-config-operator/pull/3730) * [OCPBUGS-15613](https://issues.redhat.com/browse/OCPBUGS-15613): Soften grep pattern for ingress default router [#3775](https://github.com/openshift/machine-config-operator/pull/3775) * Bug OCPBUGS-15233: OpenStack: fix IPv6 configuration [#3785](https://github.com/openshift/machine-config-operator/pull/3785) * [OCPBUGS-11997](https://issues.redhat.com/browse/OCPBUGS-11997): Prevent NM from unsetting the hostname [#3794](https://github.com/openshift/machine-config-operator/pull/3794) * add wasm extension [#3776](https://github.com/openshift/machine-config-operator/pull/3776) * set MCO namespace on all events [#3767](https://github.com/openshift/machine-config-operator/pull/3767) * OpenStack: restrict IPv6 configuration [#3781](https://github.com/openshift/machine-config-operator/pull/3781) * Update 0000_90_machine-config-operator_01_prometheus-rules.yaml [#3779](https://github.com/openshift/machine-config-operator/pull/3779) * [OCPBUGS-14674](https://issues.redhat.com/browse/OCPBUGS-14674): set pool alert back to zero in more default scenarios. [#3733](https://github.com/openshift/machine-config-operator/pull/3733) * [OCPBUGS-10115](https://issues.redhat.com/browse/OCPBUGS-10115): update image to use golang-1.20 [#3766](https://github.com/openshift/machine-config-operator/pull/3766) * [OCPBUGS-15728](https://issues.redhat.com/browse/OCPBUGS-15728): Fix machine config drifts when deploying with platform external [#3773](https://github.com/openshift/machine-config-operator/pull/3773) * faq: Talk about "no enabled repositories" [#3772](https://github.com/openshift/machine-config-operator/pull/3772) * [OCPBUGS-14185](https://issues.redhat.com/browse/OCPBUGS-14185): change the message annotation to description [#3721](https://github.com/openshift/machine-config-operator/pull/3721) * [OKD-174](https://issues.redhat.com/browse/OKD-174): Dockerfile: OKD: Reenable extensions image on SCOS [#3741](https://github.com/openshift/machine-config-operator/pull/3741) * [OCPBUGS-15575](https://issues.redhat.com/browse/OCPBUGS-15575): Dockerfile: pin to nmstate-2.2.9 [#3769](https://github.com/openshift/machine-config-operator/pull/3769) * [OCPBUGS-10924](https://issues.redhat.com/browse/OCPBUGS-10924): Switch default SA to machine-config-operator [#3740](https://github.com/openshift/machine-config-operator/pull/3740) * trivial: Fix namespace for kube api server operator [#3762](https://github.com/openshift/machine-config-operator/pull/3762) * OCPBUGS-8403 Deleting SSH keys / password hashes should not degrade MachineConfigPool / node [#3606](https://github.com/openshift/machine-config-operator/pull/3606) * OWNERS: Update onwer list [#3761](https://github.com/openshift/machine-config-operator/pull/3761) * [OCPBUGS-4820](https://issues.redhat.com/browse/OCPBUGS-4820): Controller version mismatch causing degradation during upgrades [#3738](https://github.com/openshift/machine-config-operator/pull/3738) * [MCO-640](https://issues.redhat.com/browse/MCO-640): Move all log functions to klog [#3734](https://github.com/openshift/machine-config-operator/pull/3734) * [OCPBUGS-14399](https://issues.redhat.com/browse/OCPBUGS-14399): Minor fix to support `protectKernelDefaults` field in Kubelet Config [#3736](https://github.com/openshift/machine-config-operator/pull/3736) * [MCO-595](https://issues.redhat.com/browse/MCO-595): Remove MCO's pending config workflow [#3700](https://github.com/openshift/machine-config-operator/pull/3700) * [OCPCLOUD-2010](https://issues.redhat.com/browse/OCPCLOUD-2010): Re-vendor api and library-go for external platform support [#3745](https://github.com/openshift/machine-config-operator/pull/3745) * bootstrap: Clarify that "root ca" is really "MCS CA" [#3728](https://github.com/openshift/machine-config-operator/pull/3728) * add ipsec extension [#3726](https://github.com/openshift/machine-config-operator/pull/3726) * OpenStack: configure ipv6 addresses [#3705](https://github.com/openshift/machine-config-operator/pull/3705) * [OCPBUGS-13656](https://issues.redhat.com/browse/OCPBUGS-13656): MCO-632: Update kube deps to 1.27.2 [#3735](https://github.com/openshift/machine-config-operator/pull/3735) * [OCPBUGS-14612](https://issues.redhat.com/browse/OCPBUGS-14612): Improve logging for IPI deployments [#3725](https://github.com/openshift/machine-config-operator/pull/3725) * [OCPBUGS-4370](https://issues.redhat.com/browse/OCPBUGS-4370): Add label to VIP via keepalived [#3683](https://github.com/openshift/machine-config-operator/pull/3683) * [OCPBUGS-14793](https://issues.redhat.com/browse/OCPBUGS-14793): Allow userfaultfd syscall to be used by unprivileged users [#3724](https://github.com/openshift/machine-config-operator/pull/3724) * [OCPBUGS-14272](https://issues.redhat.com/browse/OCPBUGS-14272): Race condition in TestMCDRotatesCertsOnPausedPool [#3718](https://github.com/openshift/machine-config-operator/pull/3718) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): [OCPCLOUD-2034] Update Library-go and API for new featuregate changes [#3688](https://github.com/openshift/machine-config-operator/pull/3688) * [OCPBUGS-2177](https://issues.redhat.com/browse/OCPBUGS-2177): MCO-634: add support for a node pool hierarchy [#3505](https://github.com/openshift/machine-config-operator/pull/3505) * [OCPBUGS-13860](https://issues.redhat.com/browse/OCPBUGS-13860): Fix missing apiVersion and kind fields for embedded resources [#3713](https://github.com/openshift/machine-config-operator/pull/3713) * [OCPBUGS-3176](https://issues.redhat.com/browse/OCPBUGS-3176): Disable global ipv4 and ipv6 forwarding for OVN deployments [#3676](https://github.com/openshift/machine-config-operator/pull/3676) * [OCPBUGS-8447](https://issues.redhat.com/browse/OCPBUGS-8447): MCO-496: Support ignition versions 3.3 + 3.4 but keep version 3.2 as default [#3576](https://github.com/openshift/machine-config-operator/pull/3576) * [OCPBUGS-13547](https://issues.redhat.com/browse/OCPBUGS-13547): Use payload-version flag to set release version consistently across components [#3701](https://github.com/openshift/machine-config-operator/pull/3701) * [OCPBUGS-12885](https://issues.redhat.com/browse/OCPBUGS-12885): daemon: stop using `nmstatectl persist-nic-names --inspect` on el9 [#3685](https://github.com/openshift/machine-config-operator/pull/3685) * [OCPBUGS-11304](https://issues.redhat.com/browse/OCPBUGS-11304): daemon: event only on actual OS updates [#3695](https://github.com/openshift/machine-config-operator/pull/3695) * [OCPBUGS-11652](https://issues.redhat.com/browse/OCPBUGS-11652): kubelet: add enableSystemLogQuery [#3645](https://github.com/openshift/machine-config-operator/pull/3645) * [OCPBUGS-12980](https://issues.redhat.com/browse/OCPBUGS-12980): daemon: write certs in firstboot-complete path [#3694](https://github.com/openshift/machine-config-operator/pull/3694) * [OCPBUGS-11670](https://issues.redhat.com/browse/OCPBUGS-11670): mcc_drain_err metric should not be served for removed nodes [#3689](https://github.com/openshift/machine-config-operator/pull/3689) * [OCPBUGS-12456](https://issues.redhat.com/browse/OCPBUGS-12456): fix duplicate RotateKubeletServerCertificate setting [#3686](https://github.com/openshift/machine-config-operator/pull/3686) * [OCPBUGS-12951](https://issues.redhat.com/browse/OCPBUGS-12951): daemon: Don't traverse `/run/ostree/auth.json` symlink [#3691](https://github.com/openshift/machine-config-operator/pull/3691) * [OCPBUGS-11702](https://issues.redhat.com/browse/OCPBUGS-11702), [OCPBUGS-4476](https://issues.redhat.com/browse/OCPBUGS-4476): keepalived/ingress: change healthcheck script [#3441](https://github.com/openshift/machine-config-operator/pull/3441) * [OCPBUGS-11992](https://issues.redhat.com/browse/OCPBUGS-11992): ControllerConfig's Proxy field should not be marked as embedded resource [#3682](https://github.com/openshift/machine-config-operator/pull/3682) * [OCPBUGS-11162](https://issues.redhat.com/browse/OCPBUGS-11162): Do not trigger openshift-azure-routes/openshift-alibaba-routes service based on file existence [#3643](https://github.com/openshift/machine-config-operator/pull/3643) * [OCPBUGS-10235](https://issues.redhat.com/browse/OCPBUGS-10235): Add quotes to variable with -z [#3679](https://github.com/openshift/machine-config-operator/pull/3679) * [OCPBUGS-11280](https://issues.redhat.com/browse/OCPBUGS-11280): Fixing forcedns dispatcher script permission issue for assisted sno rhel9 upgrade [#3648](https://github.com/openshift/machine-config-operator/pull/3648) * [OCPBUGS-7836](https://issues.redhat.com/browse/OCPBUGS-7836): The MCD has a non-functional pivot command that should be removed [#3666](https://github.com/openshift/machine-config-operator/pull/3666) * Test Revert "Block RHCOS gcp-routes service on both masters and workers" [#3672](https://github.com/openshift/machine-config-operator/pull/3672) * Accomodate ART limitation in parsing [[]] bash [#3669](https://github.com/openshift/machine-config-operator/pull/3669) * Block RHCOS gcp-routes service on both masters and workers [#3619](https://github.com/openshift/machine-config-operator/pull/3619) * [OCPBUGS-10787](https://issues.redhat.com/browse/OCPBUGS-10787): Persist static IP addressed NIC names from rhel8 [#3650](https://github.com/openshift/machine-config-operator/pull/3650) * [OCPBUGS-5356](https://issues.redhat.com/browse/OCPBUGS-5356): changed error handling so no runtime error [#3651](https://github.com/openshift/machine-config-operator/pull/3651) * [OCPBUGS-4877](https://issues.redhat.com/browse/OCPBUGS-4877): End the operator's "unknown field" logspam by marking controllerconfig embedded fields as embedded so they validate [#3662](https://github.com/openshift/machine-config-operator/pull/3662) * [MCO-407](https://issues.redhat.com/browse/MCO-407): add support for operator metrics [#3537](https://github.com/openshift/machine-config-operator/pull/3537) * Updating openshift-proxy-pull-test images to be consistent with ART [#3593](https://github.com/openshift/machine-config-operator/pull/3593) * [OCPBUGS-4122](https://issues.redhat.com/browse/OCPBUGS-4122): Do not add deep nested scope to atomic transport [#3653](https://github.com/openshift/machine-config-operator/pull/3653) * [OCPBUGS-10414](https://issues.redhat.com/browse/OCPBUGS-10414): Fix regex dot in coredns config file [#3626](https://github.com/openshift/machine-config-operator/pull/3626) * [OCPBUGS-11092](https://issues.redhat.com/browse/OCPBUGS-11092): daemon: write certificate in OnceFrom and HyperShift [#3654](https://github.com/openshift/machine-config-operator/pull/3654) * remove container runtime flag [#3640](https://github.com/openshift/machine-config-operator/pull/3640) * [OCPBUGS-4963](https://issues.redhat.com/browse/OCPBUGS-4963): Enable base nodeip-configuration for vsphere upi [#3460](https://github.com/openshift/machine-config-operator/pull/3460) * configure-ovs: would not retry on some errors [#3625](https://github.com/openshift/machine-config-operator/pull/3625) * [OCPBUGS-10598](https://issues.redhat.com/browse/OCPBUGS-10598): Splitting NetworkManager-onprem.conf.yaml to 2 files: [#3620](https://github.com/openshift/machine-config-operator/pull/3620) * [OCPBUGS-10379](https://issues.redhat.com/browse/OCPBUGS-10379): configure-ovs: support UUID in vlan.parent [#3623](https://github.com/openshift/machine-config-operator/pull/3623) * [OCPBUGS-8676](https://issues.redhat.com/browse/OCPBUGS-8676): Fix kubelet.service node-ip for v6-primary dual-stack [#3592](https://github.com/openshift/machine-config-operator/pull/3592) * getPoolsForNode: Use constant MachineConfigPoolWorker instead of "worker" string [#3635](https://github.com/openshift/machine-config-operator/pull/3635) * [MCO-423](https://issues.redhat.com/browse/MCO-423): Adds OS image override test [#3558](https://github.com/openshift/machine-config-operator/pull/3558) * [OCPBUGS-9969](https://issues.redhat.com/browse/OCPBUGS-9969): daemon: Drop duplicate `--authfile` used in `run` [#3611](https://github.com/openshift/machine-config-operator/pull/3611) * [OCPBUGS-8446](https://issues.redhat.com/browse/OCPBUGS-8446): MCO-503: daemon: have a special path to sync in certs [#3575](https://github.com/openshift/machine-config-operator/pull/3575) * [OCPBUGS-7559](https://issues.redhat.com/browse/OCPBUGS-7559): Remove hard requirement for the afterburn from early-running aws-related services [#3585](https://github.com/openshift/machine-config-operator/pull/3585) * Removing jstuever from OWNERS_ALIASES [#3554](https://github.com/openshift/machine-config-operator/pull/3554) * [OCPBUGS-8113](https://issues.redhat.com/browse/OCPBUGS-8113): daemon: Only switchkernel if we are doing an OS update or kernel change [#3600](https://github.com/openshift/machine-config-operator/pull/3600) * [OCPBUGS-9685](https://issues.redhat.com/browse/OCPBUGS-9685): daemon: Always remove pending deployment before we do updates [#3599](https://github.com/openshift/machine-config-operator/pull/3599) * Make OKD/SCOS Dockerfile regexes match again after `rhel-coreos` image name change [#3597](https://github.com/openshift/machine-config-operator/pull/3597) * Switch to rhel-coreos (9) [#3596](https://github.com/openshift/machine-config-operator/pull/3596) * [OCPBUGS-8113](https://issues.redhat.com/browse/OCPBUGS-8113): daemon: Make switchKernel less stateful [#3580](https://github.com/openshift/machine-config-operator/pull/3580) * [OCPBUGS-8523](https://issues.redhat.com/browse/OCPBUGS-8523): Revert "daemon: Temporarily copy auth file with more open perms on FCOS" [#3591](https://github.com/openshift/machine-config-operator/pull/3591) * Update library go to promote AWS CCM to out of tree [#3590](https://github.com/openshift/machine-config-operator/pull/3590) * machineconfigpool: Clarify `status.configuration` description [#3371](https://github.com/openshift/machine-config-operator/pull/3371) * daemon: Remove noisy log message [#3588](https://github.com/openshift/machine-config-operator/pull/3588) * [OCPBUGS-5872](https://issues.redhat.com/browse/OCPBUGS-5872): Wrap podman commands in a while loop [#3581](https://github.com/openshift/machine-config-operator/pull/3581) * configure-ovs: permanent retry on failure [#3544](https://github.com/openshift/machine-config-operator/pull/3544) * [OCPNODE-1495](https://issues.redhat.com/browse/OCPNODE-1495): Default the cgroup version to "v1" via base template controller [#3563](https://github.com/openshift/machine-config-operator/pull/3563) * [OCPBUGS-1662](https://issues.redhat.com/browse/OCPBUGS-1662): mcd_update_state metric should have a single time-series per node [#3571](https://github.com/openshift/machine-config-operator/pull/3571) * [Full changelog](https://github.com/openshift/machine-config-operator/compare/a57ca291235422f8466ac53496e9d192eecfe1e4...00b2e0b1cc83e119995bbbe2ae06665c3d1655d7) ### [machine-image-customization-controller](https://github.com/openshift/image-customization-controller/tree/2a6627bafcbb00437ab97308fe1d7df9039104ad) * [OCPBUGS-24576](https://issues.redhat.com/browse/OCPBUGS-24576): configurable ironic agent vlan creation [#111](https://github.com/openshift/image-customization-controller/pull/111) * [OCPBUGS-21555](https://issues.redhat.com/browse/OCPBUGS-21555): Uplift x/net to v0.17.0 [#104](https://github.com/openshift/image-customization-controller/pull/104) * [OCPBUGS-13532](https://issues.redhat.com/browse/OCPBUGS-13532): Reconcile when networkData Secret changes [#94](https://github.com/openshift/image-customization-controller/pull/94) * [OCPBUGS-9072](https://issues.redhat.com/browse/OCPBUGS-9072): Pass BareMetalHost name to IPA (take 2) [#93](https://github.com/openshift/image-customization-controller/pull/93) * [OCPBUGS-15909](https://issues.redhat.com/browse/OCPBUGS-15909): Revert: Pass BareMetalHost name to IPA" [#92](https://github.com/openshift/image-customization-controller/pull/92) * [OCPBUGS-9072](https://issues.redhat.com/browse/OCPBUGS-9072): Pass BareMetalHost name to IPA [#87](https://github.com/openshift/image-customization-controller/pull/87) * [OCPBUGS-15349](https://issues.redhat.com/browse/OCPBUGS-15349): Uplift assisted-image-service to remove gin-gonic dependency [#91](https://github.com/openshift/image-customization-controller/pull/91) * [OCPBUGS-13532](https://issues.redhat.com/browse/OCPBUGS-13532): Actually respond to changes in Secrets [#90](https://github.com/openshift/image-customization-controller/pull/90) * [OCPBUGS-13532](https://issues.redhat.com/browse/OCPBUGS-13532): Respond to changes in Secrets [#88](https://github.com/openshift/image-customization-controller/pull/88) * [OCPBUGS-4465](https://issues.redhat.com/browse/OCPBUGS-4465): Log message if nmstate output is '--- {}\n' [#72](https://github.com/openshift/image-customization-controller/pull/72) * Updating ose-image-customization-controller images to be consistent with ART [#85](https://github.com/openshift/image-customization-controller/pull/85) * Upgrade golangci-lint to v1.52.2 for go 1.20 support [#83](https://github.com/openshift/image-customization-controller/pull/83) * Updating ose-image-customization-controller images to be consistent with ART [#80](https://github.com/openshift/image-customization-controller/pull/80) * Add a proper README [#81](https://github.com/openshift/image-customization-controller/pull/81) * [Full changelog](https://github.com/openshift/image-customization-controller/compare/34a4abe6ec47fff69476695eccffdb27fe23780c...2a6627bafcbb00437ab97308fe1d7df9039104ad) ### [machine-os-images](https://github.com/openshift/machine-os-images/tree/0d48bf342fdb75481e2746dfa1b1f51434ac3770) * [OCPBUGS-54171](https://issues.redhat.com/browse/OCPBUGS-54171): Change rhcos release browser url [#59](https://github.com/openshift/machine-os-images/pull/59) * Force rebuild of CI image [#31](https://github.com/openshift/machine-os-images/pull/31) * Fix condition check for logging [#29](https://github.com/openshift/machine-os-images/pull/29) * Force updating main rhcos image to version 414.92.202303281555-0 [#28](https://github.com/openshift/machine-os-images/pull/28) * Updating ose-machine-os-images images to be consistent with ART [#26](https://github.com/openshift/machine-os-images/pull/26) * [Full changelog](https://github.com/openshift/machine-os-images/compare/7e2e6cac68ac86ae3cc3578354169658b5620e12...0d48bf342fdb75481e2746dfa1b1f51434ac3770) ### [multus-admission-controller](https://github.com/openshift/multus-admission-controller/tree/75d37a9cae194ebba203a9e6442dc0d90c02aba4) * [OCPBUGS-58763](https://issues.redhat.com/browse/OCPBUGS-58763): Bump github.com/golang/glog to v1.2.4 [#105](https://github.com/openshift/multus-admission-controller/pull/105) * [OCPBUGS-42048](https://issues.redhat.com/browse/OCPBUGS-42048): Update owners [#91](https://github.com/openshift/multus-admission-controller/pull/91) * [OCPBUGS-21372](https://issues.redhat.com/browse/OCPBUGS-21372): Update go.mod for CVE-2023-39325 [Release-4.14] [#71](https://github.com/openshift/multus-admission-controller/pull/71) * [OCPBUGS-12640](https://issues.redhat.com/browse/OCPBUGS-12640): Bump golang.org/x/net from 0.0.0-20211209124913-491a49abca63 to 0.7.0 [#67](https://github.com/openshift/multus-admission-controller/pull/67) * Updating ose-multus-admission-controller images to be consistent with ART [#65](https://github.com/openshift/multus-admission-controller/pull/65) * Updating ose-multus-admission-controller images to be consistent with ART [#64](https://github.com/openshift/multus-admission-controller/pull/64) * Updating ose-multus-admission-controller images to be consistent with ART [#62](https://github.com/openshift/multus-admission-controller/pull/62) * Updating ose-multus-admission-controller images to be consistent with ART [#57](https://github.com/openshift/multus-admission-controller/pull/57) * [Full changelog](https://github.com/openshift/multus-admission-controller/compare/39a2173ffa2fb9b0cdc812121a67d0b46ecd19bd...75d37a9cae194ebba203a9e6442dc0d90c02aba4) ### [multus-cni](https://github.com/openshift/multus-cni/tree/8e48cb09759aadd3ca21d2dcbfbdc6470440cbc2) * [OCPBUGS-48160](https://issues.redhat.com/browse/OCPBUGS-48160): [backport 4.14] Adds a wait to account for the possiblity of a not ready unix socket [#262](https://github.com/openshift/multus-cni/pull/262) * [OCPBUGS-35578](https://issues.redhat.com/browse/OCPBUGS-35578): Update owners file [#243](https://github.com/openshift/multus-cni/pull/243) * [OCPBUGS-33478](https://issues.redhat.com/browse/OCPBUGS-33478): Fix CNI cache update function to prevent nil access [#232](https://github.com/openshift/multus-cni/pull/232) * [OCPBUGS-26331](https://issues.redhat.com/browse/OCPBUGS-26331): Fix SAST scan issues for multus-cni-container [4.14] [#220](https://github.com/openshift/multus-cni/pull/220) * [OCPBUGS-21099](https://issues.redhat.com/browse/OCPBUGS-21099): Update go.mod for CVE-2023-39325 [Release-4.14] [#194](https://github.com/openshift/multus-cni/pull/194) * [OCPBUGS-19860](https://issues.redhat.com/browse/OCPBUGS-19860): Multus annotation permissions: Certificate duration should be configurable [backport 4.14] [#192](https://github.com/openshift/multus-cni/pull/192) * [OCPBUGS-19679](https://issues.redhat.com/browse/OCPBUGS-19679): Move chroot from multus main process to its child processes [#189](https://github.com/openshift/multus-cni/pull/189) * [OCPBUGS-19375](https://issues.redhat.com/browse/OCPBUGS-19375): Per node certification cherry-pick [#185](https://github.com/openshift/multus-cni/pull/185) * [OCPBUGS-19074](https://issues.redhat.com/browse/OCPBUGS-19074): Performance and efficiency improvements in daemon/server mode [#181](https://github.com/openshift/multus-cni/pull/181) * Use container base image's /etc/os-release to copy multus binary [#179](https://github.com/openshift/multus-cni/pull/179) * Change /usr/src/multus-cni/bin to rhel8 based one [#178](https://github.com/openshift/multus-cni/pull/178) * Cherry pick upstream fix [#177](https://github.com/openshift/multus-cni/pull/177) * Upstream sync 202308 [#176](https://github.com/openshift/multus-cni/pull/176) * This change introduces wait to generate config until API is ready [#175](https://github.com/openshift/multus-cni/pull/175) * Upstream sync to 202307, 99c4481 [#168](https://github.com/openshift/multus-cni/pull/168) * Add rhel9 binary for multus [#173](https://github.com/openshift/multus-cni/pull/173) * [OCPBUGS-13815](https://issues.redhat.com/browse/OCPBUGS-13815): Fix multus to support CNI plugin which does not create interface [#162](https://github.com/openshift/multus-cni/pull/162) * [OCPBUGS-12519](https://issues.redhat.com/browse/OCPBUGS-12519): Bump golang.org/x/net from 0.1.0 to 0.7.0 (#1039) [#160](https://github.com/openshift/multus-cni/pull/160) * Updating multus-cni images to be consistent with ART [#159](https://github.com/openshift/multus-cni/pull/159) * Updating multus-cni images to be consistent with ART [#158](https://github.com/openshift/multus-cni/pull/158) * Updating multus-cni images to be consistent with ART [#157](https://github.com/openshift/multus-cni/pull/157) * Updating multus-cni images to be consistent with ART [#148](https://github.com/openshift/multus-cni/pull/148) * Multus entrypoint should regenerate kubeconfig if secret changes [#153](https://github.com/openshift/multus-cni/pull/153) * [Full changelog](https://github.com/openshift/multus-cni/compare/12897bd18a928b8d0ea22fca0c05cee480285752...8e48cb09759aadd3ca21d2dcbfbdc6470440cbc2) ### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/f670647c0cb7b6f870f8176b26f83ce6614e209e) * Update owners (#62) [#62](https://github.com/openshift/multus-networkpolicy/pull/62) * Update vendor package (#40) [#40](https://github.com/openshift/multus-networkpolicy/pull/40) * [OCPBUGS-21454](https://issues.redhat.com/browse/OCPBUGS-21454): Update go.mod for CVE-2023-39325 (#33) [#33](https://github.com/openshift/multus-networkpolicy/pull/33) * [OCPBUGS-974](https://issues.redhat.com/browse/OCPBUGS-974): Sync upstream (#30) [#30](https://github.com/openshift/multus-networkpolicy/pull/30) * Updating multus-networkpolicy images to be consistent with ART (#27) [#27](https://github.com/openshift/multus-networkpolicy/pull/27) * Updating multus-networkpolicy images to be consistent with ART (#26) [#26](https://github.com/openshift/multus-networkpolicy/pull/26) * Updating multus-networkpolicy images to be consistent with ART (#25) [#25](https://github.com/openshift/multus-networkpolicy/pull/25) * Updating multus-networkpolicy images to be consistent with ART (#24) [#24](https://github.com/openshift/multus-networkpolicy/pull/24) * [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/7176ab75edaf6328bb1da06ba55378815271d218...f670647c0cb7b6f870f8176b26f83ce6614e209e) ### [multus-route-override-cni](https://github.com/openshift/route-override-cni/tree/5965fed661f71112104ca6cef22aa883f542226d) * [OCPBUGS-42049](https://issues.redhat.com/browse/OCPBUGS-42049): [release-4.15]Update owners [#60](https://github.com/openshift/route-override-cni/pull/60) * 15393552: Updating ose-multus-route-override-cni images to be consistent with ART [#47](https://github.com/openshift/route-override-cni/pull/47) * 15393552: Updating ose-multus-route-override-cni images to be consistent with ART [#45](https://github.com/openshift/route-override-cni/pull/45) * Revert ART changes to fix rhel9 base binary [#44](https://github.com/openshift/route-override-cni/pull/44) * Updating ose-multus-route-override-cni images to be consistent with ART [#43](https://github.com/openshift/route-override-cni/pull/43) * Fix Dockerfile to use rhel9 [#42](https://github.com/openshift/route-override-cni/pull/42) * Updating ose-multus-route-override-cni images to be consistent with ART [#41](https://github.com/openshift/route-override-cni/pull/41) * Add rhel9 binary [#40](https://github.com/openshift/route-override-cni/pull/40) * Updating ose-multus-route-override-cni images to be consistent with ART [#36](https://github.com/openshift/route-override-cni/pull/36) * Updating ose-multus-route-override-cni images to be consistent with ART [#35](https://github.com/openshift/route-override-cni/pull/35) * Updating ose-multus-route-override-cni images to be consistent with ART [#34](https://github.com/openshift/route-override-cni/pull/34) * Updating ose-multus-route-override-cni images to be consistent with ART [#33](https://github.com/openshift/route-override-cni/pull/33) * [Full changelog](https://github.com/openshift/route-override-cni/compare/ca3bbec5c75ebcd6814bdd74856b27db755c9fa3...5965fed661f71112104ca6cef22aa883f542226d) ### [multus-whereabouts-ipam-cni](https://github.com/openshift/whereabouts-cni/tree/f95487b0831b560de7b8d7c5d1c986338224800b) * [OCPBUGS-55620](https://issues.redhat.com/browse/OCPBUGS-55620): Fixes leftover podref issue [#367](https://github.com/openshift/whereabouts-cni/pull/367) * [OCPBUGS-42047](https://issues.redhat.com/browse/OCPBUGS-42047): Update owners [#311](https://github.com/openshift/whereabouts-cni/pull/311) * [OCPBUGS-37815](https://issues.redhat.com/browse/OCPBUGS-37815), [OCPBUGS-37817](https://issues.redhat.com/browse/OCPBUGS-37817): [release-4.14] align api calls timeout and skip pods marked for deletion [#309](https://github.com/openshift/whereabouts-cni/pull/309) * [OCPBUGS-36722](https://issues.redhat.com/browse/OCPBUGS-36722): Return previous IP allocation for add cmd [#296](https://github.com/openshift/whereabouts-cni/pull/296) * [OCPBUGS-35263](https://issues.redhat.com/browse/OCPBUGS-35263): Use IP to identify orphaned allocation to be deleted [#289](https://github.com/openshift/whereabouts-cni/pull/289) * [OCPBUGS-27858](https://issues.redhat.com/browse/OCPBUGS-27858): Enable reconciler configuration 4.14 [#240](https://github.com/openshift/whereabouts-cni/pull/240) * [OCPBUGS-26553](https://issues.redhat.com/browse/OCPBUGS-26553): Cherry pick fix assignment 4.14 [#230](https://github.com/openshift/whereabouts-cni/pull/230) * [OCPBUGS-21518](https://issues.redhat.com/browse/OCPBUGS-21518): update golang.org/x/net to v0.17.0 [#207](https://github.com/openshift/whereabouts-cni/pull/207) * [Bug 16002](https://bugzilla.redhat.com/show_bug.cgi?id=16002): Change default binary to RHEL8 image [#172](https://github.com/openshift/whereabouts-cni/pull/172) * [OCPBUGS-15905](https://issues.redhat.com/browse/OCPBUGS-15905): Denormalize IP name before checking if pod is alive [Backport 4.14] [#167](https://github.com/openshift/whereabouts-cni/pull/167) * [Bug 16136](https://bugzilla.redhat.com/show_bug.cgi?id=16136): Introduce entrypoint.sh to call ip-control-loop based on RHEL ver [#147](https://github.com/openshift/whereabouts-cni/pull/147) * Downstream sync july23 [#137](https://github.com/openshift/whereabouts-cni/pull/137) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#150](https://github.com/openshift/whereabouts-cni/pull/150) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#149](https://github.com/openshift/whereabouts-cni/pull/149) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#148](https://github.com/openshift/whereabouts-cni/pull/148) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#146](https://github.com/openshift/whereabouts-cni/pull/146) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#143](https://github.com/openshift/whereabouts-cni/pull/143) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#142](https://github.com/openshift/whereabouts-cni/pull/142) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#141](https://github.com/openshift/whereabouts-cni/pull/141) * Restores RHEL specific binary copy and updates to rhel9/8 [#140](https://github.com/openshift/whereabouts-cni/pull/140) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#136](https://github.com/openshift/whereabouts-cni/pull/136) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#130](https://github.com/openshift/whereabouts-cni/pull/130) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#129](https://github.com/openshift/whereabouts-cni/pull/129) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#128](https://github.com/openshift/whereabouts-cni/pull/128) * [OCPBUGS-11324](https://issues.redhat.com/browse/OCPBUGS-11324): respect requested allocation range when exluding ranges [backport 4.14] [#121](https://github.com/openshift/whereabouts-cni/pull/121) * Upstream sync 2023 03 29 [#119](https://github.com/openshift/whereabouts-cni/pull/119) * Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#115](https://github.com/openshift/whereabouts-cni/pull/115) * [Full changelog](https://github.com/openshift/whereabouts-cni/compare/9f8d13c74cfe33562c520a77b1a7dbf2e1bd1ef9...f95487b0831b560de7b8d7c5d1c986338224800b) ### [must-gather](https://github.com/openshift/must-gather/tree/b8585ca862a3fbe77134e5cbe6155d7c04efc269) * [OCPBUGS-42971](https://issues.redhat.com/browse/OCPBUGS-42971): Collect etcd object count [#457](https://github.com/openshift/must-gather/pull/457) * [OCPBUGS-48084](https://issues.redhat.com/browse/OCPBUGS-48084): Update owners [#475](https://github.com/openshift/must-gather/pull/475) * [OCPBUGS-48058](https://issues.redhat.com/browse/OCPBUGS-48058): Support gathering IPsec data [#472](https://github.com/openshift/must-gather/pull/472) * [OCPBUGS-43058](https://issues.redhat.com/browse/OCPBUGS-43058): [Backport 4.14] Multus is now a Pod and will be captured by normal [#451](https://github.com/openshift/must-gather/pull/451) * [OCPBUGS-20429](https://issues.redhat.com/browse/OCPBUGS-20429): Revert "Add must gather script for network observability" [#391](https://github.com/openshift/must-gather/pull/391) * [OCPBUGS-20354](https://issues.redhat.com/browse/OCPBUGS-20354): Removed workload partitioning annotation from ppc script [#388](https://github.com/openshift/must-gather/pull/388) * Use oc get daemonset to identify the NTO image [#378](https://github.com/openshift/must-gather/pull/378) * [OCPBUGS-17907](https://issues.redhat.com/browse/OCPBUGS-17907): Revert "Added gathering script for SNOs with workload partitioning" [#376](https://github.com/openshift/must-gather/pull/376) * Split gather_network_logs into basics and extras [#375](https://github.com/openshift/must-gather/pull/375) * Added gathering script for SNOs with workload partitioning [#373](https://github.com/openshift/must-gather/pull/373) * Add csi-proxy logs collection in must-gather for Windows nodes [#374](https://github.com/openshift/must-gather/pull/374) * [SDN-3687](https://issues.redhat.com/browse/SDN-3687): Support gathering DBs for OVNK-Interconnect mode [#370](https://github.com/openshift/must-gather/pull/370) * Collect information relevant to PerformanceProfile and low latency tuning [#345](https://github.com/openshift/must-gather/pull/345) * gather_network_logs: multus: Fix typo in error redirection [#371](https://github.com/openshift/must-gather/pull/371) * Collect leases.coordination.k8s.io from each namesapce [#366](https://github.com/openshift/must-gather/pull/366) * Create a generic "get_operator_ns" util function [#368](https://github.com/openshift/must-gather/pull/368) * Assert that only one subscription exists [#367](https://github.com/openshift/must-gather/pull/367) * [MCO-608](https://issues.redhat.com/browse/MCO-608): Gather MCO's on-disk configs from degraded nodes [#361](https://github.com/openshift/must-gather/pull/361) * Gather ostree related bits [#353](https://github.com/openshift/must-gather/pull/353) * [OCPBUGS-14984](https://issues.redhat.com/browse/OCPBUGS-14984): Collect Mellanox firmware information [#365](https://github.com/openshift/must-gather/pull/365) * [OCPBUGS-14025](https://issues.redhat.com/browse/OCPBUGS-14025): Add gather_vsphere [#363](https://github.com/openshift/must-gather/pull/363) * [NETOBSERV-987](https://issues.redhat.com/browse/NETOBSERV-987): Add must gather script for network observability [#357](https://github.com/openshift/must-gather/pull/357) * Updating ose-must-gather images to be consistent with ART [#358](https://github.com/openshift/must-gather/pull/358) * [OCPBUGS-10798](https://issues.redhat.com/browse/OCPBUGS-10798): Gather CSIStorageCapacity objects [#356](https://github.com/openshift/must-gather/pull/356) * [OCPBUGS-11147](https://issues.redhat.com/browse/OCPBUGS-11147): network_logs: Gather multus resource yamls for namespaces [#354](https://github.com/openshift/must-gather/pull/354) * Updating ose-must-gather images to be consistent with ART [#352](https://github.com/openshift/must-gather/pull/352) * [Full changelog](https://github.com/openshift/must-gather/compare/339046b6478094030fa5ebf1ebceed2bb03a55f4...b8585ca862a3fbe77134e5cbe6155d7c04efc269) ### [network-interface-bond-cni](https://github.com/openshift/bond-cni/tree/29f61f6b05d958c40e7213937064f26a63a8e6d9) * Add rhel9 binary [#57](https://github.com/openshift/bond-cni/pull/57) * Updating ose-network-interface-bond-cni images to be consistent with ART [#54](https://github.com/openshift/bond-cni/pull/54) * [OCPBUGS-12327](https://issues.redhat.com/browse/OCPBUGS-12327): Updating ose-network-interface-bond-cni images to be consistent with ART [#52](https://github.com/openshift/bond-cni/pull/52) * Updating ose-network-interface-bond-cni images to be consistent with ART [#51](https://github.com/openshift/bond-cni/pull/51) * Updating ose-network-interface-bond-cni images to be consistent with ART [#50](https://github.com/openshift/bond-cni/pull/50) * [OCPBUGS-11190](https://issues.redhat.com/browse/OCPBUGS-11190): Ignore missing links during delete command [#48](https://github.com/openshift/bond-cni/pull/48) * Update owners file [#46](https://github.com/openshift/bond-cni/pull/46) * Align with upstream 14-04-2023 [#45](https://github.com/openshift/bond-cni/pull/45) * Updating ose-network-interface-bond-cni images to be consistent with ART [#44](https://github.com/openshift/bond-cni/pull/44) * [Full changelog](https://github.com/openshift/bond-cni/compare/84bda2afb2ab260253b77d5d282df773cc6b3438...29f61f6b05d958c40e7213937064f26a63a8e6d9) ### [network-metrics-daemon](https://github.com/openshift/network-metrics-daemon/tree/84d7ac4e326e55fea98629d3851e98730c8d44a9) * [OCPBUGS-58778](https://issues.redhat.com/browse/OCPBUGS-58778): Bump github.com/golang/glog to v1.2.4 (#115) [#115](https://github.com/openshift/network-metrics-daemon/pull/115) * [OCPBUGS-60394](https://issues.redhat.com/browse/OCPBUGS-60394): Replace e2e test image (#128) [#128](https://github.com/openshift/network-metrics-daemon/pull/128) * swtich golint install method (#127) [#127](https://github.com/openshift/network-metrics-daemon/pull/127) * Correct 4.16 owners file (#100) [#100](https://github.com/openshift/network-metrics-daemon/pull/100) * Added METRIC_TEST_IMAGE var (#88) [#88](https://github.com/openshift/network-metrics-daemon/pull/88) * Update the k8s dependencies to 1.27.7 (#82) [#82](https://github.com/openshift/network-metrics-daemon/pull/82) * [OCPBUGS-16594](https://issues.redhat.com/browse/OCPBUGS-16594): Update the dependencies to 0.27 (#79) [#79](https://github.com/openshift/network-metrics-daemon/pull/79) * Revert "Remove e2e tests that consistently fail in 4.13 (#65)" (#76) [#65](https://github.com/openshift/network-metrics-daemon/pull/65) * Updating ose-network-metrics-daemon images to be consistent with ART (#73) [#73](https://github.com/openshift/network-metrics-daemon/pull/73) * Updating ose-network-metrics-daemon images to be consistent with ART (#72) [#72](https://github.com/openshift/network-metrics-daemon/pull/72) * Updating ose-network-metrics-daemon images to be consistent with ART (#71) [#71](https://github.com/openshift/network-metrics-daemon/pull/71) * Updating ose-network-metrics-daemon images to be consistent with ART (#70) [#70](https://github.com/openshift/network-metrics-daemon/pull/70) * [Full changelog](https://github.com/openshift/network-metrics-daemon/compare/aa24d460383cf426963226783e3db981f0d3b714...84d7ac4e326e55fea98629d3851e98730c8d44a9) ### [network-tools](https://github.com/openshift/network-tools/tree/e79d8173c5628065da85425bc7e4cb1d94f3c919) * [OCPBUGS-31862](https://issues.redhat.com/browse/OCPBUGS-31862): replace wireshark with wireshark-cli [#122](https://github.com/openshift/network-tools/pull/122) * [OCPBUGS-22172](https://issues.redhat.com/browse/OCPBUGS-22172): Move commands to the function to avoid them being executed on -h. [#94](https://github.com/openshift/network-tools/pull/94) * [OCPBUGS-20520](https://issues.redhat.com/browse/OCPBUGS-20520): Update scripts in network-tools to reflect the changes in IC model [#92](https://github.com/openshift/network-tools/pull/92) * ovn-db-run-locally: gracefully handle non-clustered dbs [#84](https://github.com/openshift/network-tools/pull/84) * Updating ose-network-tools images to be consistent with ART [#81](https://github.com/openshift/network-tools/pull/81) * Updating ose-network-tools images to be consistent with ART [#78](https://github.com/openshift/network-tools/pull/78) * Updating ose-network-tools images to be consistent with ART [#76](https://github.com/openshift/network-tools/pull/76) * [Full changelog](https://github.com/openshift/network-tools/compare/073feda14fbd894c4238d693afa38a06392f2360...e79d8173c5628065da85425bc7e4cb1d94f3c919) ### [nutanix-cloud-controller-manager](https://github.com/openshift/cloud-provider-nutanix/tree/8930f295dfa97cc63321c63192c93a78306fe23b) * [OCPBUGS-23873](https://issues.redhat.com/browse/OCPBUGS-23873): fix for CVE-2023-47108 [#43](https://github.com/openshift/cloud-provider-nutanix/pull/43) * [OCPBUGS-17304](https://issues.redhat.com/browse/OCPBUGS-17304), [OCPBUGS-20899](https://issues.redhat.com/browse/OCPBUGS-20899): bump golang.org/x/net to v0.17.0 [#39](https://github.com/openshift/cloud-provider-nutanix/pull/39) * [OCPBUGS-17986](https://issues.redhat.com/browse/OCPBUGS-17986): Updating ose-nutanix-cloud-controller-manager images to be consistent with ART [#18](https://github.com/openshift/cloud-provider-nutanix/pull/18) * [OCPCLOUD-2045](https://issues.redhat.com/browse/OCPCLOUD-2045): Merge https://github.com/nutanix-cloud-native/cloud-provider-nutanix:main (b4b5a3a) into main [#16](https://github.com/openshift/cloud-provider-nutanix/pull/16) * [OCPBUGS-17184](https://issues.redhat.com/browse/OCPBUGS-17184): Updating ose-nutanix-cloud-controller-manager images to be consistent with ART [#12](https://github.com/openshift/cloud-provider-nutanix/pull/12) * [OCPBUGS-17054](https://issues.redhat.com/browse/OCPBUGS-17054): Nutanix CCM should scope secret informers per namespace [#17](https://github.com/openshift/cloud-provider-nutanix/pull/17) * [Full changelog](https://github.com/openshift/cloud-provider-nutanix/compare/4fe0c590767f41ca443bdd2688e1decd4f66d60a...8930f295dfa97cc63321c63192c93a78306fe23b) ### [nutanix-machine-controllers](https://github.com/openshift/machine-api-provider-nutanix/tree/c06616804f2de1635fb34fd45fdb625fd0b1b506) * [OCPBUGS-47265](https://issues.redhat.com/browse/OCPBUGS-47265): fixing CVE-2024-45338 [#116](https://github.com/openshift/machine-api-provider-nutanix/pull/116) * [OCPBUGS-51852](https://issues.redhat.com/browse/OCPBUGS-51852): Fixing CVE-2025-22868 [#108](https://github.com/openshift/machine-api-provider-nutanix/pull/108) * [OCPBUGS-17305](https://issues.redhat.com/browse/OCPBUGS-17305): bump golang.org/x/net to 0.17.0 [#85](https://github.com/openshift/machine-api-provider-nutanix/pull/85) * [OCPBUGS-29549](https://issues.redhat.com/browse/OCPBUGS-29549): IPI install fails on Nutanix when using DHCP [#70](https://github.com/openshift/machine-api-provider-nutanix/pull/70) * [OCPBUGS-19731](https://issues.redhat.com/browse/OCPBUGS-19731): machine stuck in Provisioning and machineset scale/delete not work [#53](https://github.com/openshift/machine-api-provider-nutanix/pull/53) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#50](https://github.com/openshift/machine-api-provider-nutanix/pull/50) * [OCPBUGS-12098](https://issues.redhat.com/browse/OCPBUGS-12098): Updating ose-nutanix-machine-controllers images to be consistent with ART [#47](https://github.com/openshift/machine-api-provider-nutanix/pull/47) * [OCPCLOUD-2053](https://issues.redhat.com/browse/OCPCLOUD-2053): Update dependencies to K8s 1.27 [#49](https://github.com/openshift/machine-api-provider-nutanix/pull/49) * [OCPBUGS-11223](https://issues.redhat.com/browse/OCPBUGS-11223): Reduce metrics cardinality [#46](https://github.com/openshift/machine-api-provider-nutanix/pull/46) * [OCPBUGS-12726](https://issues.redhat.com/browse/OCPBUGS-12726): Fix userData handling for Windows Machine [#48](https://github.com/openshift/machine-api-provider-nutanix/pull/48) * [OCPBUGS-10141](https://issues.redhat.com/browse/OCPBUGS-10141): Updating ose-nutanix-machine-controllers images to be consistent with ART [#42](https://github.com/openshift/machine-api-provider-nutanix/pull/42) * [OCPBUGS-6727](https://issues.redhat.com/browse/OCPBUGS-6727): Nutanix Hostname of the VM is not set when using DHCP network config [#43](https://github.com/openshift/machine-api-provider-nutanix/pull/43) * [Full changelog](https://github.com/openshift/machine-api-provider-nutanix/compare/cc3a11a909651dec994e23e147e5e505173c21f2...c06616804f2de1635fb34fd45fdb625fd0b1b506) ### [oauth-apiserver](https://github.com/openshift/oauth-apiserver/tree/e1cd9d05b032fbe83df7f68c813309ad7df5d59e) * [OCPBUGS-31982](https://issues.redhat.com/browse/OCPBUGS-31982): bump x/net to 0.24.0 [#110](https://github.com/openshift/oauth-apiserver/pull/110) * [OCPBUGS-21100](https://issues.redhat.com/browse/OCPBUGS-21100): bump k8s.io (release-4.14) [#100](https://github.com/openshift/oauth-apiserver/pull/100) * [OCPBUGS-27116](https://issues.redhat.com/browse/OCPBUGS-27116): UPSTREAM: <carry>: retry etcd Unavailable errors [#97](https://github.com/openshift/oauth-apiserver/pull/97) * bump k8s to 1.27.3 [#89](https://github.com/openshift/oauth-apiserver/pull/89) * [Full changelog](https://github.com/openshift/oauth-apiserver/compare/6a5971643b971170d28b96f676225b344c4cff3c...e1cd9d05b032fbe83df7f68c813309ad7df5d59e) ### [oauth-proxy](https://github.com/openshift/oauth-proxy/tree/a4a2f270a57af830508e8cef52d4c8d4f4dfba76) * [OCPBUGS-20980](https://issues.redhat.com/browse/OCPBUGS-20980): go.mod: bump golang.org/x/net to v0.17.0 [#267](https://github.com/openshift/oauth-proxy/pull/267) * [OCPBUGS-16459](https://issues.redhat.com/browse/OCPBUGS-16459): bump kube and lib-go to get rid of goproxy dep [#260](https://github.com/openshift/oauth-proxy/pull/260) * fix route apiVersion [#257](https://github.com/openshift/oauth-proxy/pull/257) * Updating golang-github-openshift-oauth-proxy images to be consistent with ART [#251](https://github.com/openshift/oauth-proxy/pull/251) * [APPSRE-7970](https://issues.redhat.com/browse/APPSRE-7970): Add support for configuring upstream timeout [#258](https://github.com/openshift/oauth-proxy/pull/258) * [OCPBUGS-14033](https://issues.redhat.com/browse/OCPBUGS-14033): Handle TERM signal gracefully [#255](https://github.com/openshift/oauth-proxy/pull/255) * [AUTH-373](https://issues.redhat.com/browse/AUTH-373): add audit-ID headers to TokenReview and SAR requests [#252](https://github.com/openshift/oauth-proxy/pull/252) * [Full changelog](https://github.com/openshift/oauth-proxy/compare/44af5a3a021fd158c2e44d9951ad59a3d474cdf3...a4a2f270a57af830508e8cef52d4c8d4f4dfba76) ### [oauth-server](https://github.com/openshift/oauth-server/tree/35f4739f342a5838fe6ceaf7a459c78f3777166d) * [OCPBUGS-21393](https://issues.redhat.com/browse/OCPBUGS-21393): go.mod: bump golang.org/x/net to v0.17.0 [#138](https://github.com/openshift/oauth-server/pull/138) * [OCPBUGS-10173](https://issues.redhat.com/browse/OCPBUGS-10173): Updating oauth-server images to be consistent with ART [#134](https://github.com/openshift/oauth-server/pull/134) * [OCPBUGS-5233](https://issues.redhat.com/browse/OCPBUGS-5233): update osin to latest version [#128](https://github.com/openshift/oauth-server/pull/128) * [OCPBUGS-10887](https://issues.redhat.com/browse/OCPBUGS-10887): bump kube to 1.26 and lib-go for the groupcache fix [#123](https://github.com/openshift/oauth-server/pull/123) * [AUTH-357](https://issues.redhat.com/browse/AUTH-357): update osin to latest version [#121](https://github.com/openshift/oauth-server/pull/121) * Updating oauth-server images to be consistent with ART [#119](https://github.com/openshift/oauth-server/pull/119) * [Full changelog](https://github.com/openshift/oauth-server/compare/eb54be281d8f215a6eaa6e10ed1b303c7d064bac...35f4739f342a5838fe6ceaf7a459c78f3777166d) ### [oc-mirror](https://github.com/openshift/oc-mirror/tree/056043d10e0713432e541d58a285f41829c0be6e) * changes the owners file (#1013) [#1013](https://github.com/openshift/oc-mirror/pull/1013) * [OCPBUGS-48513](https://issues.redhat.com/browse/OCPBUGS-48513): e2e: use same version of crane as in go.mod (#1023) [#1023](https://github.com/openshift/oc-mirror/pull/1023) * Bump version to include v5.11.0 of go-git (#822) [#822](https://github.com/openshift/oc-mirror/pull/822) * Fix to ensure operator not found error exits with correct status (#797) [#797](https://github.com/openshift/oc-mirror/pull/797) * [OCPBUGS-28871](https://issues.redhat.com/browse/OCPBUGS-28871): Capability to override default channel (#749) (#790) [#749](https://github.com/openshift/oc-mirror/pull/749) * [OCPBUGS-19429](https://issues.redhat.com/browse/OCPBUGS-19429): Fix cross EUS channel upgrade path calculation (#769) [#769](https://github.com/openshift/oc-mirror/pull/769) * [OCPBUGS-23327](https://issues.redhat.com/browse/OCPBUGS-23327): Fix MirrorToDisk of oci catalogs in hidden folders (#766) [#766](https://github.com/openshift/oc-mirror/pull/766) * skipping prune failure if manifest not found (#735) [#735](https://github.com/openshift/oc-mirror/pull/735) * [OCPBUGS-21472](https://issues.redhat.com/browse/OCPBUGS-21472): fix: CVE-2023-39325 (#711) [#711](https://github.com/openshift/oc-mirror/pull/711) * Fixes HTTP 401 issues when several catalogs are being mirrored and need to be rendered using operator-registry (#704) (#706) [#704](https://github.com/openshift/oc-mirror/pull/704) * Fix OCPBUGS-17546: pod catalogsource generated by oc-mirror will crashloopBackOff randomly (#699) [#699](https://github.com/openshift/oc-mirror/pull/699) * [OCPBUGS-17545](https://issues.redhat.com/browse/OCPBUGS-17545): Improve extracting opm binary from catalogs (#676) [#676](https://github.com/openshift/oc-mirror/pull/676) * [OCPBUGS-7465](https://issues.redhat.com/browse/OCPBUGS-7465): Fix 401 Unauthorized due to stale auth token (#678) [#678](https://github.com/openshift/oc-mirror/pull/678) * Fix OCPBUGS-14402 - case where catalog is on a mirror from registries.conf (#682) [#682](https://github.com/openshift/oc-mirror/pull/682) * [OCPBUGS-17998](https://issues.redhat.com/browse/OCPBUGS-17998): fix: ICSP with incorrect mirror path (#681) [#681](https://github.com/openshift/oc-mirror/pull/681) * [OCPBUGS-17714](https://issues.redhat.com/browse/OCPBUGS-17714): Ensure errors are nil before closing registry to avoid… (#680) [#680](https://github.com/openshift/oc-mirror/pull/680) * [CFE-825](https://issues.redhat.com/browse/CFE-825): As a oc-mirror user, I would like mirrored operator catalogs to have valid caches (#651) [#651](https://github.com/openshift/oc-mirror/pull/651) * CFE-902 feat: removes go workspace due to incompatibility on ART builds (#672) [#672](https://github.com/openshift/oc-mirror/pull/672) * CFE-902 feat: adds go workspace to support multi-module (#670) [#670](https://github.com/openshift/oc-mirror/pull/670) * add go.mod files to testdata directories (#669) [#669](https://github.com/openshift/oc-mirror/pull/669) * fixing `oc-mirror version` when run from read-only fs (#660) [#660](https://github.com/openshift/oc-mirror/pull/660) * Make local storage port configurable via command line (#668) [#668](https://github.com/openshift/oc-mirror/pull/668) * Fix unit tests for local storage collector implementation (#667) [#667](https://github.com/openshift/oc-mirror/pull/667) * [CFE-904](https://issues.redhat.com/browse/CFE-904): Create AdditionalImage Collector implem. based on registry as localStore (#666) [#666](https://github.com/openshift/oc-mirror/pull/666) * v2 initial commit (#664) [#664](https://github.com/openshift/oc-mirror/pull/664) * OCPBUGS-13871 docs: changes the help message for oci-registries-config flag (#663) [#663](https://github.com/openshift/oc-mirror/pull/663) * [OCPBUGS-11754](https://issues.redhat.com/browse/OCPBUGS-11754): add cleanup of /tmp directories (#655) [#655](https://github.com/openshift/oc-mirror/pull/655) * [CFE-875](https://issues.redhat.com/browse/CFE-875): Unlock MirrorToDisk and DiskToMirror workflows for local oci catalogs (#662) [#662](https://github.com/openshift/oc-mirror/pull/662) * Fix OCPBUGS-15329 - OCI index found, but accept header does not support OCI indexes (#658) [#658](https://github.com/openshift/oc-mirror/pull/658) * Enable mirroring of the multi release image (#657) [#657](https://github.com/openshift/oc-mirror/pull/657) * revendor to the latest oc (#656) [#656](https://github.com/openshift/oc-mirror/pull/656) * Replacing the hard coded path with graphDataMountPath (#585) [#585](https://github.com/openshift/oc-mirror/pull/585) * [CFE-859](https://issues.redhat.com/browse/CFE-859): Removing flag use-oci-feature starting release-4.14 (#622) [#622](https://github.com/openshift/oc-mirror/pull/622) * [CFE-783](https://issues.redhat.com/browse/CFE-783): A variety of changes needed for correct operation with multi architecture catalogs (#611) [#611](https://github.com/openshift/oc-mirror/pull/611) * [MULTIARCH-3440](https://issues.redhat.com/browse/MULTIARCH-3440): refine multiarch support for test-unit and test-e2e using dockerfile and add ppc64le build to Makefile (#624) [#624](https://github.com/openshift/oc-mirror/pull/624) * Add ImageSetConfig examples (#610) [#610](https://github.com/openshift/oc-mirror/pull/610) * [OCPBUGS-13871](https://issues.redhat.com/browse/OCPBUGS-13871): fix: changes on help info content (#653) [#653](https://github.com/openshift/oc-mirror/pull/653) * [OCPBUGS-588](https://issues.redhat.com/browse/OCPBUGS-588): minVersion in ImageSetConfiguration seems to be ignored (#603) [#603](https://github.com/openshift/oc-mirror/pull/603) * Fix OCPBUGS-14194 (#649) [#649](https://github.com/openshift/oc-mirror/pull/649) * Fix OCPBUGS-14402 (#652) [#652](https://github.com/openshift/oc-mirror/pull/652) * [OCPBUGS-13332](https://issues.redhat.com/browse/OCPBUGS-13332): Create rfc 1035 compliant catalog source name (#636) [#636](https://github.com/openshift/oc-mirror/pull/636) * fix validateMapping OCPBUGS-13962 (#640) [#640](https://github.com/openshift/oc-mirror/pull/640) * adds Jeremy Peterson to OWNERS file (#644) [#644](https://github.com/openshift/oc-mirror/pull/644) * Chore: Remove Ross from OWNERS (#639) [#639](https://github.com/openshift/oc-mirror/pull/639) * [OCPBUGS-13762](https://issues.redhat.com/browse/OCPBUGS-13762): make addRelatedImageToMapping multithreaded (#638) [#638](https://github.com/openshift/oc-mirror/pull/638) * Fix OCPBUGS-11840: ParseImageReference supports cases where both tag and digest are present in a ref (#633) [#633](https://github.com/openshift/oc-mirror/pull/633) * [OCPBUGS-11922](https://issues.redhat.com/browse/OCPBUGS-11922): paths not needed in ICSPBuilder interface (#634) [#634](https://github.com/openshift/oc-mirror/pull/634) * [OCPBUGS-11910](https://issues.redhat.com/browse/OCPBUGS-11910), [OCPBUGS-11922](https://issues.redhat.com/browse/OCPBUGS-11922): Limit the nested repository path while mirroring the images (#623) [#623](https://github.com/openshift/oc-mirror/pull/623) * [CFE-658](https://issues.redhat.com/browse/CFE-658): Implementation of filtering by channel for OCI catalog (#627) [#627](https://github.com/openshift/oc-mirror/pull/627) * [OCPBUGS-4959](https://issues.redhat.com/browse/OCPBUGS-4959): oc-mirror error on second synchronisation with no change (#605) [#605](https://github.com/openshift/oc-mirror/pull/605) * Deprecate --use-oci-feature in favor of --include-local-oci-catalogs (#620) [#620](https://github.com/openshift/oc-mirror/pull/620) * Updating oc-mirror-plugin images to be consistent with ART (#619) [#619](https://github.com/openshift/oc-mirror/pull/619) * Update OWNERS for CFE team (#614) [#614](https://github.com/openshift/oc-mirror/pull/614) * Revert adding '--cache-dir /tmp/cache' to catalog images (#613) [#613](https://github.com/openshift/oc-mirror/pull/613) * [OCPBUGS-11371](https://issues.redhat.com/browse/OCPBUGS-11371): fix: skips bundles with 'skips' field on head bundle (#608) [#608](https://github.com/openshift/oc-mirror/pull/608) * fix: work around OCPBUGS-6741 by explicitly setting --cache-dir (#604) [#604](https://github.com/openshift/oc-mirror/pull/604) * [OCPBUGS-2633](https://issues.redhat.com/browse/OCPBUGS-2633): Fix (#601) [#601](https://github.com/openshift/oc-mirror/pull/601) * OCPBUGS-7845 fix: changes the way the version is shown (#599) [#599](https://github.com/openshift/oc-mirror/pull/599) * OCPBUGS-10348 fix: changes to include the registry path (#600) [#600](https://github.com/openshift/oc-mirror/pull/600) * OCPBUGS-1060 fix: changes confusing error message (#598) [#598](https://github.com/openshift/oc-mirror/pull/598) * Fix OCPBUGS-8156: Upgrade to containerd v1.6.18 (#593) [#593](https://github.com/openshift/oc-mirror/pull/593) * Bugfix check imagesetconfig for valid oci protocol when oci feature is used (#573) [#573](https://github.com/openshift/oc-mirror/pull/573) * Remove "unsupported" wording from info on console (#577) [#577](https://github.com/openshift/oc-mirror/pull/577) * Fix OCPBUGS-5168: Upgrade helm.sh/helm/v3 to v3.11.2 fixing CVE-2022-23526 and CVE-2022-23525 (#580) [#580](https://github.com/openshift/oc-mirror/pull/580) * [OCPBUGS-10051](https://issues.redhat.com/browse/OCPBUGS-10051): fix: remove catalog reference from ImageContentSourcePolicy.yaml (#586) [#586](https://github.com/openshift/oc-mirror/pull/586) * Updating oc-mirror-plugin images to be consistent with ART (#575) [#575](https://github.com/openshift/oc-mirror/pull/575) * Bugfix for destination registry nested paths length (#572) [#572](https://github.com/openshift/oc-mirror/pull/572) * fix extract dir for cincinnati-graph-data container (#582) [#582](https://github.com/openshift/oc-mirror/pull/582) * [OCPBUGS-8216](https://issues.redhat.com/browse/OCPBUGS-8216): fix: remove an unecessary error message (#579) [#579](https://github.com/openshift/oc-mirror/pull/579) * docs: add information about unsupported scenario (#574) [#574](https://github.com/openshift/oc-mirror/pull/574) * [Full changelog](https://github.com/openshift/oc-mirror/compare/96338efcec8152baebfd57036b728697b2fda89a...056043d10e0713432e541d58a285f41829c0be6e) ### [olm-rukpak](https://github.com/openshift/operator-framework-rukpak/tree/c9409c62cb6bc57cde167452f1da7f3eab8cff79) * : OCPBUGS-27680,OCPBUGS-27595: UPSTREAM: <carry>: Update go-git to v5.11.0 [#73](https://github.com/openshift/operator-framework-rukpak/pull/73) * [OCPBUGS-23358](https://issues.redhat.com/browse/OCPBUGS-23358): [release-4.14] Address http2 vulnerability [#53](https://github.com/openshift/operator-framework-rukpak/pull/53) * [OCPBUGS-21379](https://issues.redhat.com/browse/OCPBUGS-21379): Bump golang.org/x/net from 0.15.0 to 0.17.0 [#39](https://github.com/openshift/operator-framework-rukpak/pull/39) * [OCPBUGS-16793](https://issues.redhat.com/browse/OCPBUGS-16793): openshift/Dockerfile: exclude unpack binary from FIPS build overrides [#33](https://github.com/openshift/operator-framework-rukpak/pull/33) * Rename downstream overlay from service-ca-operator to openshift [#32](https://github.com/openshift/operator-framework-rukpak/pull/32) * UPSTREAM: <carry>: add manifests to image [#31](https://github.com/openshift/operator-framework-rukpak/pull/31) * Makefile,manifests: Add skeleton of default rukpak resources [#18](https://github.com/openshift/operator-framework-rukpak/pull/18) * Introduce barebones build and unit testing GH actions [#14](https://github.com/openshift/operator-framework-rukpak/pull/14) * Skeleton - k8s provisioner [#7](https://github.com/openshift/operator-framework-rukpak/pull/7) * update README to include latest APIs [#5](https://github.com/openshift/operator-framework-rukpak/pull/5) * Introduce a sanity github action check [#3](https://github.com/openshift/operator-framework-rukpak/pull/3) * Init API defs [#1](https://github.com/openshift/operator-framework-rukpak/pull/1) * Add barebones OWNERS file [#2](https://github.com/openshift/operator-framework-rukpak/pull/2) * And 464 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/operator-framework-rukpak/compare/7dde3cd3e7a7dbbc9b5d134cc4f69f1503ed0a68...c9409c62cb6bc57cde167452f1da7f3eab8cff79) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/16560ffb541e7ffdeb51fdb4c49015cf076aacec) * [OCPBUGS-56613](https://issues.redhat.com/browse/OCPBUGS-56613): Fix image reference in TestImageStreamImportQuayIO [#518](https://github.com/openshift/openshift-apiserver/pull/518) * [OCPBUGS-50477](https://issues.redhat.com/browse/OCPBUGS-50477): Pass expected type to deploymentconfig/scale object validation. [#497](https://github.com/openshift/openshift-apiserver/pull/497) * [OCPBUGS-32445](https://issues.redhat.com/browse/OCPBUGS-32445): bump(x/net) to v0.23.0 [#429](https://github.com/openshift/openshift-apiserver/pull/429) * [OCPBUGS-31509](https://issues.redhat.com/browse/OCPBUGS-31509): vendor upgrade runtime-utils [#426](https://github.com/openshift/openshift-apiserver/pull/426) * [OCPBUGS-27104](https://issues.redhat.com/browse/OCPBUGS-27104): UPSTREAM: <carry>: retry etcd Unavailable errors [#412](https://github.com/openshift/openshift-apiserver/pull/412) * : OCPBUGS-21464: Enable HTTP/2 CVE mitigation [#397](https://github.com/openshift/openshift-apiserver/pull/397) * [OCPBUGS-20150](https://issues.redhat.com/browse/OCPBUGS-20150): pkg/image: avoid unnecessary service lookups when registry is removed [#393](https://github.com/openshift/openshift-apiserver/pull/393) * NE-1143 Adds route API changes to set/delete headers. [#380](https://github.com/openshift/openshift-apiserver/pull/380) * [WRKLDS-728](https://issues.redhat.com/browse/WRKLDS-728): Disable apiservers [#366](https://github.com/openshift/openshift-apiserver/pull/366) * add comments about ownership of validation [#384](https://github.com/openshift/openshift-apiserver/pull/384) * add featuregates to server [#382](https://github.com/openshift/openshift-apiserver/pull/382) * idms migrations [#318](https://github.com/openshift/openshift-apiserver/pull/318) * Bump openshift/api to the latest release-4.14:head [#383](https://github.com/openshift/openshift-apiserver/pull/383) * Upgrade distribution to v3 [#378](https://github.com/openshift/openshift-apiserver/pull/378) * wire openapi v3 aggregation controller [#379](https://github.com/openshift/openshift-apiserver/pull/379) * [OCPBUGS-11393](https://issues.redhat.com/browse/OCPBUGS-11393): Bump openshift/api [#368](https://github.com/openshift/openshift-apiserver/pull/368) * [API-1586](https://issues.redhat.com/browse/API-1586): Bump k8s 1.27.2 [#371](https://github.com/openshift/openshift-apiserver/pull/371) * [OCPBUGS-12813](https://issues.redhat.com/browse/OCPBUGS-12813): Updating ose-openshift-apiserver images to be consistent with ART [#364](https://github.com/openshift/openshift-apiserver/pull/364) * [API-1537](https://issues.redhat.com/browse/API-1537): Bump k8s 1.26.2 proof [#360](https://github.com/openshift/openshift-apiserver/pull/360) * [OCPBUGS-8232](https://issues.redhat.com/browse/OCPBUGS-8232): Clear metadata.namespace on projects before write. [#356](https://github.com/openshift/openshift-apiserver/pull/356) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/3a7ac1b91f496b0d4bf179debcd697daa75bc11b...16560ffb541e7ffdeb51fdb4c49015cf076aacec) ### [openshift-controller-manager](https://github.com/openshift/openshift-controller-manager/tree/1c76570bb6ca3b55faa0461f085e43097cc06c50) * [OCPBUGS-57940](https://issues.redhat.com/browse/OCPBUGS-57940): Set node-pullsecrets volume to read-only to protect image pull credentials [#398](https://github.com/openshift/openshift-controller-manager/pull/398) * [OCPBUGS-56951](https://issues.redhat.com/browse/OCPBUGS-56951): Empty proxy variables are causing issues during the build [#386](https://github.com/openshift/openshift-controller-manager/pull/386) * [OCPBUGS-48480](https://issues.redhat.com/browse/OCPBUGS-48480): Add team members to the OWNERS file [#360](https://github.com/openshift/openshift-controller-manager/pull/360) * NO-JIRA: cleanup root and app OWNERS [#349](https://github.com/openshift/openshift-controller-manager/pull/349) * [OCPBUGS-32869](https://issues.redhat.com/browse/OCPBUGS-32869): replaces deprecated square/go-jose wtih go-jose/go-jose [#342](https://github.com/openshift/openshift-controller-manager/pull/342) * [OCPBUGS-41951](https://issues.redhat.com/browse/OCPBUGS-41951): Add adambkaplan as approver [#334](https://github.com/openshift/openshift-controller-manager/pull/334) * [release 4.14] OCPBUGS-33288: Update opentelemetry dependency [#295](https://github.com/openshift/openshift-controller-manager/pull/295) * [OCPBUGS-28950](https://issues.redhat.com/browse/OCPBUGS-28950): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#286](https://github.com/openshift/openshift-controller-manager/pull/286) * [OCPBUGS-18980](https://issues.redhat.com/browse/OCPBUGS-18980): Disable Build and DeploymentConfig Informers if their caps are disabled [#271](https://github.com/openshift/openshift-controller-manager/pull/271) * use constant controller names [#265](https://github.com/openshift/openshift-controller-manager/pull/265) * [OCPBUGS-16071](https://issues.redhat.com/browse/OCPBUGS-16071): Updating Kubernetes and other associated dependencies [#263](https://github.com/openshift/openshift-controller-manager/pull/263) * update runtime-utils for idms migrations [#243](https://github.com/openshift/openshift-controller-manager/pull/243) * [OCPBUGS-14461](https://issues.redhat.com/browse/OCPBUGS-14461): Kubernetes 0.27 [#261](https://github.com/openshift/openshift-controller-manager/pull/261) * Updating ose-openshift-controller-manager images to be consistent with ART [#260](https://github.com/openshift/openshift-controller-manager/pull/260) * Updating ose-openshift-controller-manager images to be consistent with ART [#259](https://github.com/openshift/openshift-controller-manager/pull/259) * Updating ose-openshift-controller-manager images to be consistent with ART [#258](https://github.com/openshift/openshift-controller-manager/pull/258) * Updating ose-openshift-controller-manager images to be consistent with ART [#253](https://github.com/openshift/openshift-controller-manager/pull/253) * [OCPBUGS-10588](https://issues.redhat.com/browse/OCPBUGS-10588): mount build.Spec.Source.ConfigMaps for custom builder images [#254](https://github.com/openshift/openshift-controller-manager/pull/254) * Add Divyanshu Agrawal as a reviewer [#256](https://github.com/openshift/openshift-controller-manager/pull/256) * [Full changelog](https://github.com/openshift/openshift-controller-manager/compare/00cef287411eb1f8b69a73bcac0e8e0b2b7e129b...1c76570bb6ca3b55faa0461f085e43097cc06c50) ### [openshift-state-metrics](https://github.com/openshift/openshift-state-metrics/tree/dff4b0f47e639fe2382e8c4c17208fccaacfcbdf) * [OCPBUGS-20740](https://issues.redhat.com/browse/OCPBUGS-20740): bump `x/net` to v0.17.0 [#107](https://github.com/openshift/openshift-state-metrics/pull/107) * [OCPBUGS-12538](https://issues.redhat.com/browse/OCPBUGS-12538): bump x/net to v0.7.0 [#101](https://github.com/openshift/openshift-state-metrics/pull/101) * [OCPBUGS-6343](https://issues.redhat.com/browse/OCPBUGS-6343): address CVE-2022-41717 [#100](https://github.com/openshift/openshift-state-metrics/pull/100) * [OCPBUGS-12305](https://issues.redhat.com/browse/OCPBUGS-12305): Update 4.14 openshift-state-metrics image to be consistent with ART [#97](https://github.com/openshift/openshift-state-metrics/pull/97) * [OCPBUGS-10076](https://issues.redhat.com/browse/OCPBUGS-10076): Updating openshift-state-metrics images to be consistent with ART [#95](https://github.com/openshift/openshift-state-metrics/pull/95) * [Full changelog](https://github.com/openshift/openshift-state-metrics/compare/9be421f0c013c7f134c1d7cfe1c0ee2f2ae8eaf6...dff4b0f47e639fe2382e8c4c17208fccaacfcbdf) ### [openstack-cinder-csi-driver-operator](https://github.com/openshift/openstack-cinder-csi-driver-operator/tree/1713e9716ce9efe64bc87c3203e0f991e72132d2) * [OCPBUGS-35337](https://issues.redhat.com/browse/OCPBUGS-35337): Correct out-of-bounds check [#173](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/173) * [OCPBUGS-34792](https://issues.redhat.com/browse/OCPBUGS-34792): Make Cinder CSI Driver Topology feature configurable [#162](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/162) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#153](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/153) * [OCPBUGS-26460](https://issues.redhat.com/browse/OCPBUGS-26460), [OCPBUGS-26461](https://issues.redhat.com/browse/OCPBUGS-26461): [release-4.14] CVE-2023-45142,CVE-2023-47108: bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.46.1 [#156](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/156) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#142](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/142) * [OCPBUGS-21573](https://issues.redhat.com/browse/OCPBUGS-21573): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#135](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/135) * [STOR-1436](https://issues.redhat.com/browse/STOR-1436): Restart `openstack-cinder-csi-driver-controller` Pods if metrics-serving-cert changed [#128](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/128) * Remove Dockerfile.rhel7 [#126](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/126) * Configure User Agent [#123](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/123) * [OCPBUGS-16654](https://issues.redhat.com/browse/OCPBUGS-16654): Revert revert "STOR-1065: Rework sidecar bindings to b… [#119](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/119) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS and OWNERS_ALIASES [#121](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/121) * [OCPBUGS-16526](https://issues.redhat.com/browse/OCPBUGS-16526): Bump library-go to remove dependency on goproxy [#122](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/122) * [OCPBUGS-16678](https://issues.redhat.com/browse/OCPBUGS-16678): Fix SCC admission failure race during initial deployment [#120](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/120) * Revert "STOR-1065: Rework sidecar bindings to bind common ClusterRoles" [#118](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/118) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#117](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/117) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump cinder-csi-driver-operator library-go [#116](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/116) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#115](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/115) * Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART [#113](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/113) * [OCPBUGS-12651](https://issues.redhat.com/browse/OCPBUGS-12651): Bump golang.org/x/net@v0.9.0 [#114](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/114) * Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART [#112](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/112) * Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART [#111](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/111) * OSASINFRA-3000 Prefer a Cinder CSI-specific config map [#82](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/82) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#109](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/109) * Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART [#108](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/108) * [Full changelog](https://github.com/openshift/openstack-cinder-csi-driver-operator/compare/b50a649be8b691a6081487330da17e55d242a2e5...1713e9716ce9efe64bc87c3203e0f991e72132d2) ### [openstack-machine-api-provider](https://github.com/openshift/machine-api-provider-openstack/tree/51f8e4d69014bfa7a8815662ab0117b6505a6e29) * [OCPBUGS-32428](https://issues.redhat.com/browse/OCPBUGS-32428): Ensure portSecurity is correctly set in the Instance Ports [#109](https://github.com/openshift/machine-api-provider-openstack/pull/109) * [OCPBUGS-23202](https://issues.redhat.com/browse/OCPBUGS-23202): Don't build InstanceSpec during delete operations [#95](https://github.com/openshift/machine-api-provider-openstack/pull/95) * Bug OCPBUGS-18806: Set controller's SyncPeriod to 1 hour [#81](https://github.com/openshift/machine-api-provider-openstack/pull/81) * Bump CAPO to match branch release-0.7 [#80](https://github.com/openshift/machine-api-provider-openstack/pull/80) * Configure User Agent [#75](https://github.com/openshift/machine-api-provider-openstack/pull/75) * Update README [#77](https://github.com/openshift/machine-api-provider-openstack/pull/77) * [OCPBUGS-16586](https://issues.redhat.com/browse/OCPBUGS-16586): Bump goproxy [#74](https://github.com/openshift/machine-api-provider-openstack/pull/74) * Rework how we build the container image [#76](https://github.com/openshift/machine-api-provider-openstack/pull/76) * go.mod: Upgrade Gophercloud to v1.5.0 [#73](https://github.com/openshift/machine-api-provider-openstack/pull/73) * [OSASINFRA-3063](https://issues.redhat.com/browse/OSASINFRA-3063): Bump CAPO to v0.7.2 [#72](https://github.com/openshift/machine-api-provider-openstack/pull/72) * Updating ose-machine-api-provider-openstack images to be consistent with ART [#70](https://github.com/openshift/machine-api-provider-openstack/pull/70) * Updating ose-machine-api-provider-openstack images to be consistent with ART [#69](https://github.com/openshift/machine-api-provider-openstack/pull/69) * Updating ose-machine-api-provider-openstack images to be consistent with ART [#68](https://github.com/openshift/machine-api-provider-openstack/pull/68) * [OCPBUGS-8687](https://issues.redhat.com/browse/OCPBUGS-8687): machineset_controller: Stop caching clouds credentials [#63](https://github.com/openshift/machine-api-provider-openstack/pull/63) * [OCPBUGS-2153](https://issues.redhat.com/browse/OCPBUGS-2153): Use TenantID if ProjectID is empty [#61](https://github.com/openshift/machine-api-provider-openstack/pull/61) * Updating ose-machine-api-provider-openstack images to be consistent with ART [#60](https://github.com/openshift/machine-api-provider-openstack/pull/60) * [Full changelog](https://github.com/openshift/machine-api-provider-openstack/compare/27f786052c3d35154aa2d16413d20ec3447b502b...51f8e4d69014bfa7a8815662ab0117b6505a6e29) ### [operator-lifecycle-manager, operator-registry](https://github.com/openshift/operator-framework-olm/tree/f493a75f8bd6f62e3032fbb4f7b790bfcfd29047) * [OCPBUGS-61469](https://issues.redhat.com/browse/OCPBUGS-61469): [release-4.14] Add NetworkPolicy as a supported kind [#1052](https://github.com/openshift/operator-framework-olm/pull/1052) * [OCPBUGS-61390](https://issues.redhat.com/browse/OCPBUGS-61390): [4.14] e2e stability fixes [#1085](https://github.com/openshift/operator-framework-olm/pull/1085) * [OCPBUGS-46927](https://issues.redhat.com/browse/OCPBUGS-46927), [OCPBUGS-46934](https://issues.redhat.com/browse/OCPBUGS-46934), [OCPBUGS-47314](https://issues.redhat.com/browse/OCPBUGS-47314): x/net bump to v0.34.0 [release-4.14] [#941](https://github.com/openshift/operator-framework-olm/pull/941) * [OCPBUGS-46595](https://issues.redhat.com/browse/OCPBUGS-46595): CRD upgrade existing CR validation fix (#3442) [#921](https://github.com/openshift/operator-framework-olm/pull/921) * [OCPBUGS-45080](https://issues.redhat.com/browse/OCPBUGS-45080): SSA for Services and ClusterRoleBindings [#905](https://github.com/openshift/operator-framework-olm/pull/905) * [OCPBUGS-42828](https://issues.redhat.com/browse/OCPBUGS-42828): add optional schema migrations; default to olm.bundle.object instead of olm.csv.metadata [#878](https://github.com/openshift/operator-framework-olm/pull/878) * [OCPBUGS-41872](https://issues.redhat.com/browse/OCPBUGS-41872): Fix e2e flake: upgrade CRD with deprecated version [#865](https://github.com/openshift/operator-framework-olm/pull/865) * [OCPBUGS-42150](https://issues.redhat.com/browse/OCPBUGS-42150): (fix) registry pods do not come up again after node failure (#3366) [#872](https://github.com/openshift/operator-framework-olm/pull/872) * [OCPBUGS-42017](https://issues.redhat.com/browse/OCPBUGS-42017): adds paginating lister for evaluating CRs' upgrade fitness versus new CRDs. [#869](https://github.com/openshift/operator-framework-olm/pull/869) * [OCPBUGS-38544](https://issues.redhat.com/browse/OCPBUGS-38544): (fix) Resolver: list CatSrc using client, instead of referring to registry-server cache (#3349) [#842](https://github.com/openshift/operator-framework-olm/pull/842) * [OCPBUGS-36949](https://issues.redhat.com/browse/OCPBUGS-36949): [CARRY] perform operator apiService certificate validity checks directly [#821](https://github.com/openshift/operator-framework-olm/pull/821) * [OCPBUGS-37016](https://issues.redhat.com/browse/OCPBUGS-37016): Bump github.com/containers/image/v5 [#824](https://github.com/openshift/operator-framework-olm/pull/824) * [OCPBUGS-36452](https://issues.redhat.com/browse/OCPBUGS-36452): Can't install operator on 4.15 after uninstalling it on a prior version [#811](https://github.com/openshift/operator-framework-olm/pull/811) * [OCPBUGS-31969](https://issues.redhat.com/browse/OCPBUGS-31969), [OCPBUGS-31970](https://issues.redhat.com/browse/OCPBUGS-31970): UPSTREAM: <carry>: update golang.org/x/net for CVE-2023-45288 [#787](https://github.com/openshift/operator-framework-olm/pull/787) * [OCPBUGS-35230](https://issues.redhat.com/browse/OCPBUGS-35230): Unblock CI [#771](https://github.com/openshift/operator-framework-olm/pull/771) * [OCPBUGS-33356](https://issues.redhat.com/browse/OCPBUGS-33356): UPSTREAM: <carry>: bump go-jose [#743](https://github.com/openshift/operator-framework-olm/pull/743) * [OCPBUGS-30775](https://issues.redhat.com/browse/OCPBUGS-30775): [4.14] bump grpc to 1.60.1, reconnect idle connections (#3147) [#715](https://github.com/openshift/operator-framework-olm/pull/715) * [OCPBUGS-29192](https://issues.redhat.com/browse/OCPBUGS-29192): [release-4.14]: Clear (existing) error cond from Subscription, once error resolved [#686](https://github.com/openshift/operator-framework-olm/pull/686) * [OCPBUGS-29194](https://issues.redhat.com/browse/OCPBUGS-29194): Retry failing unpack jobs [#689](https://github.com/openshift/operator-framework-olm/pull/689) * NO-ISSUE: [release-4.14] Backport e2e fixes to 4.14 [#674](https://github.com/openshift/operator-framework-olm/pull/674) * [OCPBUGS-27314](https://issues.redhat.com/browse/OCPBUGS-27314): Don't sync namespaces that have no subscriptions [#675](https://github.com/openshift/operator-framework-olm/pull/675) * [OCPBUGS-27565](https://issues.redhat.com/browse/OCPBUGS-27565), [OCPBUGS-27570](https://issues.redhat.com/browse/OCPBUGS-27570), [OCPBUGS-27650](https://issues.redhat.com/browse/OCPBUGS-27650), [OCPBUGS-27655](https://issues.redhat.com/browse/OCPBUGS-27655): bump go-git/v5 to 5.11.0 [#677](https://github.com/openshift/operator-framework-olm/pull/677) * [OCPBUGS-27485](https://issues.redhat.com/browse/OCPBUGS-27485): [CARRY] SSC RBAC [#665](https://github.com/openshift/operator-framework-olm/pull/665) * [OCPBUGS-22538](https://issues.redhat.com/browse/OCPBUGS-22538): bump otelhttp to 44.0 for api [#647](https://github.com/openshift/operator-framework-olm/pull/647) * [OCPBUGS-22538](https://issues.redhat.com/browse/OCPBUGS-22538): otelhttp bump [release-4.14] [#632](https://github.com/openshift/operator-framework-olm/pull/632) * [OCPBUGS-20829](https://issues.redhat.com/browse/OCPBUGS-20829): [releaser-4.14] Fix apiserver vulnerability [#608](https://github.com/openshift/operator-framework-olm/pull/608) * [OCPBUGS-23212](https://issues.redhat.com/browse/OCPBUGS-23212): Do not derive installplan.spec.clusterServiceNames from bundle IDs [#607](https://github.com/openshift/operator-framework-olm/pull/607) * [OCPBUGS-18904](https://issues.redhat.com/browse/OCPBUGS-18904): [release-4.14] Improve Leader Election Hand Off [#605](https://github.com/openshift/operator-framework-olm/pull/605) * [OCPBUGS-23508](https://issues.redhat.com/browse/OCPBUGS-23508): [release-4.14] Use generated namespaces in e2e tests [#614](https://github.com/openshift/operator-framework-olm/pull/614) * [OCPBUGS-20400](https://issues.redhat.com/browse/OCPBUGS-20400): Add OLMConfig API to control package server sync interval [release-4.14] [#582](https://github.com/openshift/operator-framework-olm/pull/582) * [OCPBUGS-19789](https://issues.redhat.com/browse/OCPBUGS-19789): Backport OCPBUGS-14698: Rename ClusterRoles created by OperatorGroups [release-4.14] [#566](https://github.com/openshift/operator-framework-olm/pull/566) * [OCPBUGS-22134](https://issues.redhat.com/browse/OCPBUGS-22134): [release-4.14] Bump golang.org/x/net to v0.17.0 [#587](https://github.com/openshift/operator-framework-olm/pull/587) * [OCPBUGS-17950](https://issues.redhat.com/browse/OCPBUGS-17950): Make packageserver wakeup interval configurable [#555](https://github.com/openshift/operator-framework-olm/pull/555) * scripts/bumper: automate pushing changes and creating PRs [#550](https://github.com/openshift/operator-framework-olm/pull/550) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): scripts: add a Go-based bumper, sync upstream [#534](https://github.com/openshift/operator-framework-olm/pull/534) * Add ncdc to DOWNSTREAM_OWNERS [#539](https://github.com/openshift/operator-framework-olm/pull/539) * [OPRUN-3022](https://issues.redhat.com/browse/OPRUN-3022): Add support for make verify to sync script [#537](https://github.com/openshift/operator-framework-olm/pull/537) * Add tmshort to owners [#535](https://github.com/openshift/operator-framework-olm/pull/535) * fix the manifests generation [#533](https://github.com/openshift/operator-framework-olm/pull/533) * Sync 2023 08 04 [#532](https://github.com/openshift/operator-framework-olm/pull/532) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): sync [#531](https://github.com/openshift/operator-framework-olm/pull/531) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): operator-registry: cherry-pick to be up-to-date [#526](https://github.com/openshift/operator-framework-olm/pull/526) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): cmd/package-server-manager: add pprof endpoints [#527](https://github.com/openshift/operator-framework-olm/pull/527) * [OPRUN-3021](https://issues.redhat.com/browse/OPRUN-3021): Improve README [#529](https://github.com/openshift/operator-framework-olm/pull/529) * [OPRUN-2913](https://issues.redhat.com/browse/OPRUN-2913): Sync api, operator-registry, operator-lifecycle-manager downstream [#510](https://github.com/openshift/operator-framework-olm/pull/510) * [OPRUN-2913](https://issues.redhat.com/browse/OPRUN-2913): Add DOWNSTREAM_OWNERS [#520](https://github.com/openshift/operator-framework-olm/pull/520) * [OCPBUGS-10178](https://issues.redhat.com/browse/OCPBUGS-10178): Updating operator-lifecycle-manager images to be consistent with ART [#470](https://github.com/openshift/operator-framework-olm/pull/470) * Allow cpb to be statically compiled / exempt from FIPS compliance [#511](https://github.com/openshift/operator-framework-olm/pull/511) * update verification script to work across non-standard bash location [#505](https://github.com/openshift/operator-framework-olm/pull/505) * [OCPBUGS-13128](https://issues.redhat.com/browse/OCPBUGS-13128): Retry initialization error conditions (#2979) [#502](https://github.com/openshift/operator-framework-olm/pull/502) * Updating operator-registry images to be consistent with ART [#495](https://github.com/openshift/operator-framework-olm/pull/495) * [OCPBUGS-13526](https://issues.redhat.com/browse/OCPBUGS-13526): fix dynamic conversion webhook [#490](https://github.com/openshift/operator-framework-olm/pull/490) * [OPRUN-2995](https://issues.redhat.com/browse/OPRUN-2995): Remove dependency on cluster policy controller in favor of hardcoding [#498](https://github.com/openshift/operator-framework-olm/pull/498) * [OPRUN-2941](https://issues.redhat.com/browse/OPRUN-2941): update cluster-policy-controller dependency [#494](https://github.com/openshift/operator-framework-olm/pull/494) * [OCPBUGS-13789](https://issues.redhat.com/browse/OCPBUGS-13789): downstream y-streams-for-all semver template changes. [#489](https://github.com/openshift/operator-framework-olm/pull/489) * [OCPBUGS-1684](https://issues.redhat.com/browse/OCPBUGS-1684): Optimize certificate generation [#486](https://github.com/openshift/operator-framework-olm/pull/486) * [METAL-575](https://issues.redhat.com/browse/METAL-575): Revert "Mutate service monitor manifests to include tlsConfig cert an… [#478](https://github.com/openshift/operator-framework-olm/pull/478) * [OPRUN-2892](https://issues.redhat.com/browse/OPRUN-2892): Update service-monitor tls config [#368](https://github.com/openshift/operator-framework-olm/pull/368) * [OCPBUGS-6016](https://issues.redhat.com/browse/OCPBUGS-6016): UpdateStrategy RegistryPoll with nil Interval [#468](https://github.com/openshift/operator-framework-olm/pull/468) * [OCPBUGS-7910](https://issues.redhat.com/browse/OCPBUGS-7910): Sort channels in lexicographical order in Packagemanifestst (#2925) [#476](https://github.com/openshift/operator-framework-olm/pull/476) * [OCPBUGS-7431](https://issues.redhat.com/browse/OCPBUGS-7431): Registry Pod Controller Flag [#460](https://github.com/openshift/operator-framework-olm/pull/460) * Update sync script [#472](https://github.com/openshift/operator-framework-olm/pull/472) * [OPECO-2737](https://issues.redhat.com/browse/OPECO-2737): Veneer template rename [#461](https://github.com/openshift/operator-framework-olm/pull/461) * fix pop_candidate script [#467](https://github.com/openshift/operator-framework-olm/pull/467) * Updating operator-registry images to be consistent with ART [#469](https://github.com/openshift/operator-framework-olm/pull/469) * [OPECO-2646](https://issues.redhat.com/browse/OPECO-2646): exclude bundles with `olm.deprecated` property when rendering [#463](https://github.com/openshift/operator-framework-olm/pull/463) * [Full changelog](https://github.com/openshift/operator-framework-olm/compare/5f66f1ac4075c0926cb1b162d3153972d5b29a01...f493a75f8bd6f62e3032fbb4f7b790bfcfd29047) ### [operator-marketplace](https://github.com/operator-framework/operator-marketplace/tree/63ccdc559d1944457375d190b4a209ce0c85d27c) * [OCPBUGS-62222](https://issues.redhat.com/browse/OCPBUGS-62222): Remove Expect func so that the test case can use the retry logic [#673](https://github.com/operator-framework/operator-marketplace/pull/673) * [OCPBUGS-49427](https://issues.redhat.com/browse/OCPBUGS-49427): Upgrade golang.org/x/net [release-4.14] [#589](https://github.com/operator-framework/operator-marketplace/pull/589) * [OCPBUGS-32067](https://issues.redhat.com/browse/OCPBUGS-32067): update golang.org/x/net for CVE-2023-45288 [#565](https://github.com/operator-framework/operator-marketplace/pull/565) * [OCPBUGS-21001](https://issues.redhat.com/browse/OCPBUGS-21001): [release-4.14] bump golang.org/x/net to 0.17.0 [#548](https://github.com/operator-framework/operator-marketplace/pull/548) * [OCPBUGS-19075](https://issues.redhat.com/browse/OCPBUGS-19075): Updating marketplace-operator images to be consistent with ART [#535](https://github.com/operator-framework/operator-marketplace/pull/535) * [OCPBUGS-15158](https://issues.redhat.com/browse/OCPBUGS-15158): Scope Marketplace Operator RBAC [#528](https://github.com/operator-framework/operator-marketplace/pull/528) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): defaults: add memory targets to CatalogSources [#527](https://github.com/operator-framework/operator-marketplace/pull/527) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): manifests: tune memory use [#526](https://github.com/operator-framework/operator-marketplace/pull/526) * [OCPBUGS-17157](https://issues.redhat.com/browse/OCPBUGS-17157): bump controller-runtime, expose pprof, watch only one configmap [#525](https://github.com/operator-framework/operator-marketplace/pull/525) * [OCPBUGS-13910](https://issues.redhat.com/browse/OCPBUGS-13910): update community-operator-index to 4.14 tag [#524](https://github.com/operator-framework/operator-marketplace/pull/524) * Update owners [#517](https://github.com/operator-framework/operator-marketplace/pull/517) * [OCPBUGS-9357](https://issues.redhat.com/browse/OCPBUGS-9357): remove a race condition [#520](https://github.com/operator-framework/operator-marketplace/pull/520) * [OCPBUGS-13921](https://issues.redhat.com/browse/OCPBUGS-13921): Update image tag to 4.14 for all but community operators [#523](https://github.com/operator-framework/operator-marketplace/pull/523) * [OCPBUGS-12794](https://issues.redhat.com/browse/OCPBUGS-12794): update community index to 4.13 tag [#514](https://github.com/operator-framework/operator-marketplace/pull/514) * [OCPBUGS-12341](https://issues.redhat.com/browse/OCPBUGS-12341): Updating marketplace-operator images to be consistent with ART [#515](https://github.com/operator-framework/operator-marketplace/pull/515) * [OCPBUGS-10926](https://issues.redhat.com/browse/OCPBUGS-10926): update image tag to 4.13 for all but community operators [#513](https://github.com/operator-framework/operator-marketplace/pull/513) * Updating marketplace-operator images to be consistent with ART [#508](https://github.com/operator-framework/operator-marketplace/pull/508) * Update OWNERS [#509](https://github.com/operator-framework/operator-marketplace/pull/509) * [Full changelog](https://github.com/operator-framework/operator-marketplace/compare/2a1df4ec9d0216a716ae239921cdbe8ecb3776fd...63ccdc559d1944457375d190b4a209ce0c85d27c) ### [ovirt-csi-driver-operator](https://github.com/openshift/ovirt-csi-driver-operator/tree/2fa33aa7f05da8640a8695372364f2367febd12a) * [OCPRHV-834](https://issues.redhat.com/browse/OCPRHV-834): set upgrade condition of operator to false [#117](https://github.com/openshift/ovirt-csi-driver-operator/pull/117) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#116](https://github.com/openshift/ovirt-csi-driver-operator/pull/116) * [Full changelog](https://github.com/openshift/ovirt-csi-driver-operator/compare/b293972fe2c5eef4262130de621e75e5d0c37d8e...2fa33aa7f05da8640a8695372364f2367febd12a) ### [ovirt-machine-controllers](https://github.com/openshift/cluster-api-provider-ovirt/tree/5d708631fca37aff0ede7d7f8fc9ba76c7fcee47) * 15143237: Updating ose-ovirt-machine-controllers images to be consistent with ART [#174](https://github.com/openshift/cluster-api-provider-ovirt/pull/174) * [Full changelog](https://github.com/openshift/cluster-api-provider-ovirt/compare/22d89b3fd9e2e395a62f71092487d26c8940052e...5d708631fca37aff0ede7d7f8fc9ba76c7fcee47) ### [powervs-block-csi-driver](https://github.com/openshift/ibm-powervs-block-csi-driver/tree/988f7109b4493f62cb13187bc190eae60c77d1e7) * [OCPBUGS-36095](https://issues.redhat.com/browse/OCPBUGS-36095): Fix CVE-2024-6104 by updating http-retryable to 0.7.7 [#90](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/90) * [OCPBUGS-33637](https://issues.redhat.com/browse/OCPBUGS-33637): Fix CVE2023-45288 by bumping x/net to v0.24.0 - 4.14 [#81](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/81) * [OCPBUGS-25980](https://issues.redhat.com/browse/OCPBUGS-25980): Rebase with upstream: Fix snyk code issue: Path Traversal [#72](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/72) * [OCPBUGS-24713](https://issues.redhat.com/browse/OCPBUGS-24713): synk: ignore vendor dir [#60](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/60) * [OCPBUGS-21112](https://issues.redhat.com/browse/OCPBUGS-21112): CVE-2023-39325 - Update net dependencies - 4.14 [#51](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/51) * cherry-pick: Improve delete device failure logs in driver node [#48](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/48) * [OCPBUGS-17309](https://issues.redhat.com/browse/OCPBUGS-17309): Updated golang.org/x/net/html dependency. [#43](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/43) * Rebase with upstream: v0.4.0 changes [#42](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/42) * Rebase: upgrading go modules [#40](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/40) * Rebase with upstream: reduce multipathd usage (OCPBUGS-16878) [#39](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/39) * Rebase with upstream: removed panic and some cleanup [#38](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/38) * Rebase with upstream [#37](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/37) * Package device-mapper-multipath added [#36](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/36) * Merging upstream code with downstream [#33](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/33) * [OCPBUGS-12922](https://issues.redhat.com/browse/OCPBUGS-12922): Updated net dependencies [#29](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/29) * [OCPBUGS-12716](https://issues.redhat.com/browse/OCPBUGS-12716): Updating ose-powervs-block-csi-driver images to be consistent with ART [#30](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/30) * Updating ose-powervs-block-csi-driver images to be consistent with ART [#26](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/26) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver/compare/16fa55557367097b075093d2549e0205558c7527...988f7109b4493f62cb13187bc190eae60c77d1e7) ### [powervs-block-csi-driver-operator](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/tree/7436369afce33811e543b13fcbea8d1e1ff65502) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#58](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/58) * [OCPBUGS-25715](https://issues.redhat.com/browse/OCPBUGS-25715): snyk: ignore vendor dir [#60](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/60) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#48](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/48) * [OCPBUGS-21203](https://issues.redhat.com/browse/OCPBUGS-21203): CVE-2023-39325 - Update net dependencies - 4.14 [#40](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/40) * Update OWNERS add yussufsh [#44](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/44) * [STOR-1438](https://issues.redhat.com/browse/STOR-1438): Restart controller Pods if metrics-serving-cert changed [#36](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/36) * [OCPBUGS-16531](https://issues.redhat.com/browse/OCPBUGS-16531): Upgraded openshift/library-go to remove indirect references to goproxy. [#35](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/35) * [OCPBUGS-16654](https://issues.redhat.com/browse/OCPBUGS-16654): Rename sidecar binding RBACs [#32](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/32) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#33](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/33) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#31](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/31) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump ibm-powervs-block-csi-driver-operator library-go [#30](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/30) * [OCPBUGS-12925](https://issues.redhat.com/browse/OCPBUGS-12925): Updated net dependencies [#26](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/26) * Updating ose-powervs-block-csi-driver-operator images to be consistent with ART [#25](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/25) * Updating ose-powervs-block-csi-driver-operator images to be consistent with ART [#24](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/24) * Updating ose-powervs-block-csi-driver-operator images to be consistent with ART [#23](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/23) * Adding storage team to OWNERS so they can perform lib-go updates. [#21](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/21) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#20](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/20) * Updating ose-powervs-block-csi-driver-operator images to be consistent with ART [#19](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/19) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/compare/e70c980e2561788b710d710efc3e09974ad7374c...7436369afce33811e543b13fcbea8d1e1ff65502) ### [powervs-cloud-controller-manager](https://github.com/openshift/cloud-provider-powervs/tree/19cf1d3f4985a22e9777aad16531a382c4feed45) * [OCPBUGS-36105](https://issues.redhat.com/browse/OCPBUGS-36105): UPSTREAM: <carry>: Fix go-retryablehttp CVE 4.14 [#75](https://github.com/openshift/cloud-provider-powervs/pull/75) * [OCPBUGS-24727](https://issues.redhat.com/browse/OCPBUGS-24727): UPSTREAM: <carry>: snyk code scan exclude vendor directory [#54](https://github.com/openshift/cloud-provider-powervs/pull/54) * [OCPBUGS-21299](https://issues.redhat.com/browse/OCPBUGS-21299): CVE-2023-39325 - Update net dependencies - 4.14 [#45](https://github.com/openshift/cloud-provider-powervs/pull/45) * UPSTREAM: <carry>: Add check for valid Power VS instance id [#42](https://github.com/openshift/cloud-provider-powervs/pull/42) * Manual rebase to k8s 1.27 and go 1.20 [#40](https://github.com/openshift/cloud-provider-powervs/pull/40) * Revert images golang 1.18 [#38](https://github.com/openshift/cloud-provider-powervs/pull/38) * Updating ose-powervs-cloud-controller-manager images to be consistent with ART [#37](https://github.com/openshift/cloud-provider-powervs/pull/37) * Revert build_image to the one currently specified in release repo [#36](https://github.com/openshift/cloud-provider-powervs/pull/36) * [OCPBUGS-12921](https://issues.redhat.com/browse/OCPBUGS-12921): Updated net dependencies [#33](https://github.com/openshift/cloud-provider-powervs/pull/33) * Updating ose-powervs-cloud-controller-manager images to be consistent with ART [#31](https://github.com/openshift/cloud-provider-powervs/pull/31) * Updating ose-powervs-cloud-controller-manager images to be consistent with ART [#30](https://github.com/openshift/cloud-provider-powervs/pull/30) * [Full changelog](https://github.com/openshift/cloud-provider-powervs/compare/c040f3774af48d6d0bd8c31188626cb445be5b83...19cf1d3f4985a22e9777aad16531a382c4feed45) ### [powervs-machine-controllers](https://github.com/openshift/machine-api-provider-powervs/tree/ea93a47d3af967bfe0a738f29336de51f457a143) * [OCPBUGS-54754](https://issues.redhat.com/browse/OCPBUGS-54754): Fix for CVE-2024-51744 in github.com/golang-jwt/jwt/v4 in release-4.14 [#116](https://github.com/openshift/machine-api-provider-powervs/pull/116) * [OCPBUGS-41978](https://issues.redhat.com/browse/OCPBUGS-41978): Update go.mod to fix CVE - 4.14 [#86](https://github.com/openshift/machine-api-provider-powervs/pull/86) * [OCPBUGS-24730](https://issues.redhat.com/browse/OCPBUGS-24730): snyk code scan exclude vendor directory [#65](https://github.com/openshift/machine-api-provider-powervs/pull/65) * [OCPBUGS-21879](https://issues.redhat.com/browse/OCPBUGS-21879): CVE-2023-39325 - Bump golang.org/x/net to v0.17.0 - 4.14 [#54](https://github.com/openshift/machine-api-provider-powervs/pull/54) * [OCPBUGS-18338](https://issues.redhat.com/browse/OCPBUGS-18338): Fix CI by running tests natively by default [#50](https://github.com/openshift/machine-api-provider-powervs/pull/50) * [MULTIARCH-3669](https://issues.redhat.com/browse/MULTIARCH-3669): Set instance build condition to avoid attempting to create duplicate vm with same name [#49](https://github.com/openshift/machine-api-provider-powervs/pull/49) * [MULTIARCH-3677](https://issues.redhat.com/browse/MULTIARCH-3677): Add pagination for listing service instances [#48](https://github.com/openshift/machine-api-provider-powervs/pull/48) * [MULTIARCH-3667](https://issues.redhat.com/browse/MULTIARCH-3667): Loadbalancer integration support for control plane machines [#41](https://github.com/openshift/machine-api-provider-powervs/pull/41) * [MULTIARCH-3668](https://issues.redhat.com/browse/MULTIARCH-3668): Update make file to use latest golang [#47](https://github.com/openshift/machine-api-provider-powervs/pull/47) * [MULTIARCH-3669](https://issues.redhat.com/browse/MULTIARCH-3669): Avoid setting VM provider ID as soon as VM creation [#46](https://github.com/openshift/machine-api-provider-powervs/pull/46) * Updating ose-powervs-machine-controllers images to be consistent with ART [#45](https://github.com/openshift/machine-api-provider-powervs/pull/45) * [OCPBUGS-11223](https://issues.redhat.com/browse/OCPBUGS-11223): Reduce metrics cardinality [#44](https://github.com/openshift/machine-api-provider-powervs/pull/44) * openshift/api version update to latest [#42](https://github.com/openshift/machine-api-provider-powervs/pull/42) * Updating ose-powervs-machine-controllers images to be consistent with ART [#40](https://github.com/openshift/machine-api-provider-powervs/pull/40) * [Full changelog](https://github.com/openshift/machine-api-provider-powervs/compare/87399d677a021fb002649c0bc18762a6929ab313...ea93a47d3af967bfe0a738f29336de51f457a143) ### [prom-label-proxy](https://github.com/openshift/prom-label-proxy/tree/af40ed09f69fab6c4bf054436f537a3e569d5f02) * Bump openshift/prom-label-proxy to v0.7.0 [#356](https://github.com/openshift/prom-label-proxy/pull/356) * [OCPBUGS-12293](https://issues.redhat.com/browse/OCPBUGS-12293): Update 4.14 prom-label-proxy image to be consistent with ART [#355](https://github.com/openshift/prom-label-proxy/pull/355) * Updating prom-label-proxy images to be consistent with ART [#353](https://github.com/openshift/prom-label-proxy/pull/353) * [Full changelog](https://github.com/openshift/prom-label-proxy/compare/b501d5e2aff82d46a141223636b522aeae95b915...af40ed09f69fab6c4bf054436f537a3e569d5f02) ### [prometheus](https://github.com/openshift/prometheus/tree/3aff0d1e4f08b135b958494c14f7c3d914dfe005) * [OCPBUGS-43670](https://issues.redhat.com/browse/OCPBUGS-43670): fix(discovery): Handle cache.DeletedFinalStateUnknown … [#239](https://github.com/openshift/prometheus/pull/239) * [OCPBUGS-22531](https://issues.redhat.com/browse/OCPBUGS-22531): bump otel dependencies [#183](https://github.com/openshift/prometheus/pull/183) * [OCPBUGS-21262](https://issues.redhat.com/browse/OCPBUGS-21262): update golang.org/x/net to v0.17.0 [4.14] [#176](https://github.com/openshift/prometheus/pull/176) * Bump openshift/prometheus to v2.46.0 [#167](https://github.com/openshift/prometheus/pull/167) * Bump openshift/prometheus to v2.45.0 [#166](https://github.com/openshift/prometheus/pull/166) * Bump openshift/prometheus to v2.44.0 [#164](https://github.com/openshift/prometheus/pull/164) * Dockerfile.ocp: update note about UI assets after switching to embed [#165](https://github.com/openshift/prometheus/pull/165) * [OCPBUGS-12996](https://issues.redhat.com/browse/OCPBUGS-12996): Add missing assets after manual merge [#162](https://github.com/openshift/prometheus/pull/162) * [OCPBUGS-12825](https://issues.redhat.com/browse/OCPBUGS-12825): Updating golang-github-prometheus-prometheus images to be consistent with ART [#160](https://github.com/openshift/prometheus/pull/160) * Bump openshift/prometheus to v2.43.0 [#158](https://github.com/openshift/prometheus/pull/158) * Updating golang-github-prometheus-prometheus images to be consistent with ART [#156](https://github.com/openshift/prometheus/pull/156) * [Full changelog](https://github.com/openshift/prometheus/compare/72886096272245e064297c480b24ac4895230c89...3aff0d1e4f08b135b958494c14f7c3d914dfe005) ### [prometheus-alertmanager](https://github.com/openshift/prometheus-alertmanager/tree/e3725166cf8ef228f1672b00d063c488b69687aa) * [OCPBUGS-21064](https://issues.redhat.com/browse/OCPBUGS-21064): Bump golang.org/x/net to v0.17.0 [#80](https://github.com/openshift/prometheus-alertmanager/pull/80) * [OCPBUGS-12506](https://issues.redhat.com/browse/OCPBUGS-12506): update golang.org/x/net [#71](https://github.com/openshift/prometheus-alertmanager/pull/71) * [OCPBUGS-12289](https://issues.redhat.com/browse/OCPBUGS-12289): Update 4.14 golang-github-prometheus-alertmanager image to be consistent with ART [#70](https://github.com/openshift/prometheus-alertmanager/pull/70) * Updating golang-github-prometheus-alertmanager images to be consistent with ART [#68](https://github.com/openshift/prometheus-alertmanager/pull/68) * [Full changelog](https://github.com/openshift/prometheus-alertmanager/compare/df2f11e2ddc206ad1924ed766b4a394d84c9236f...e3725166cf8ef228f1672b00d063c488b69687aa) ### [prometheus-config-reloader, prometheus-operator, prometheus-operator-admission-webhook](https://github.com/openshift/prometheus-operator/tree/a4b845a7ae4e1ffb62eae963406481f1c3456bfe) * [OCPBUGS-30015](https://issues.redhat.com/browse/OCPBUGS-30015): fix: convert `continue` field between v1beta1 and v1alpha1 [#279](https://github.com/openshift/prometheus-operator/pull/279) * [OCPBUGS-20881](https://issues.redhat.com/browse/OCPBUGS-20881): fix: disable HTTP2 connections by default [#253](https://github.com/openshift/prometheus-operator/pull/253) * [OCPBUGS-20881](https://issues.redhat.com/browse/OCPBUGS-20881): Bump golang.org/x/net to v0.17.0 [#247](https://github.com/openshift/prometheus-operator/pull/247) * Bump openshift/prometheus-operator to v0.67.1 [#240](https://github.com/openshift/prometheus-operator/pull/240) * Bump openshift/prometheus-operator to v0.67.0 [#239](https://github.com/openshift/prometheus-operator/pull/239) * [OCPBUGS-14466](https://issues.redhat.com/browse/OCPBUGS-14466): bump openshift/prometheus-operator to v0.66.0 [#236](https://github.com/openshift/prometheus-operator/pull/236) * [OCPBUGS-14033](https://issues.redhat.com/browse/OCPBUGS-14033): cmd/prometheus-config-reloader: add SIGTERM handler [#234](https://github.com/openshift/prometheus-operator/pull/234) * [OCPBUGS-1626](https://issues.redhat.com/browse/OCPBUGS-1626): [bot] Bump openshift/prometheus-operator to v0.65.1 [#233](https://github.com/openshift/prometheus-operator/pull/233) * [OCPBUGS-12324](https://issues.redhat.com/browse/OCPBUGS-12324): Update 4.14 prometheus-config-reloader image to be consistent with ART [#230](https://github.com/openshift/prometheus-operator/pull/230) * Updating prometheus-operator images to be consistent with ART [#229](https://github.com/openshift/prometheus-operator/pull/229) * Updating prometheus-config-reloader images to be consistent with ART [#227](https://github.com/openshift/prometheus-operator/pull/227) * Updating prometheus-operator-admission-webhook images to be consistent with ART [#226](https://github.com/openshift/prometheus-operator/pull/226) * Updating prometheus-config-reloader images to be consistent with ART [#225](https://github.com/openshift/prometheus-operator/pull/225) * [OCPBUGS-10109](https://issues.redhat.com/browse/OCPBUGS-10109): Updating openshift-state-metrics images to be consistent with ART [#221](https://github.com/openshift/prometheus-operator/pull/221) * [OCPBUGS-10137](https://issues.redhat.com/browse/OCPBUGS-10137): Updating openshift-state-metrics images to be consistent with ART [#222](https://github.com/openshift/prometheus-operator/pull/222) * Updating prometheus-operator images to be consistent with ART [#220](https://github.com/openshift/prometheus-operator/pull/220) * [Full changelog](https://github.com/openshift/prometheus-operator/compare/30fdccd139b2c63a9207bd30509aec8ddec7ff5d...a4b845a7ae4e1ffb62eae963406481f1c3456bfe) ### [prometheus-node-exporter](https://github.com/openshift/node_exporter/tree/5ee0a9d957a04756ba76623a8bbc12be9949109f) * [OCPBUGS-21162](https://issues.redhat.com/browse/OCPBUGS-21162): (4.14) upgrade golang.org/x/net to v0.17.0 [#134](https://github.com/openshift/node_exporter/pull/134) * Bump openshift/node_exporter to v1.6.1 [#130](https://github.com/openshift/node_exporter/pull/130) * [OCPBUGS-12714](https://issues.redhat.com/browse/OCPBUGS-12714): Bump openshift/node_exporter to v1.6.0 [#129](https://github.com/openshift/node_exporter/pull/129) * [OCPBUGS-12507](https://issues.redhat.com/browse/OCPBUGS-12507): Upgrade golang.org/x/net to v0.10.0 to fix the CVE [#128](https://github.com/openshift/node_exporter/pull/128) * Updating golang-github-prometheus-node_exporter images to be consistent with ART [#122](https://github.com/openshift/node_exporter/pull/122) * Updating golang-github-prometheus-node_exporter images to be consistent with ART [#120](https://github.com/openshift/node_exporter/pull/120) * [Full changelog](https://github.com/openshift/node_exporter/compare/59d699cac664bfbfe83ef6a1615e34e062fd283d...5ee0a9d957a04756ba76623a8bbc12be9949109f) ### [route-controller-manager](https://github.com/openshift/route-controller-manager/tree/1a5e72f41b21f5ebcd6f9dd8227d92ad1fffbb1e) * [OCPBUGS-21576](https://issues.redhat.com/browse/OCPBUGS-21576): bump(k8s,openshift) to address CVE-2023-44487 [4.14] [#34](https://github.com/openshift/route-controller-manager/pull/34) * refactor route controller manager to use library-go server and ControlerCommand for generic setup [#28](https://github.com/openshift/route-controller-manager/pull/28) * add dummy flags needed for a switch to library-go server and ControlerCommand [#29](https://github.com/openshift/route-controller-manager/pull/29) * Revert "[WRKLDS-730] refactor route controller manager to use library-go server and ControlerCommand for generic setup" [#25](https://github.com/openshift/route-controller-manager/pull/25) * refactor route controller manager to use library-go server and ControlerCommand for generic setup [#22](https://github.com/openshift/route-controller-manager/pull/22) * [WRKLDS-700](https://issues.redhat.com/browse/WRKLDS-700): bump(k8s) to v0.27.1 [#21](https://github.com/openshift/route-controller-manager/pull/21) * Updating ose-route-controller-manager images to be consistent with ART [#19](https://github.com/openshift/route-controller-manager/pull/19) * Updating ose-route-controller-manager images to be consistent with ART [#18](https://github.com/openshift/route-controller-manager/pull/18) * Updating ose-route-controller-manager images to be consistent with ART [#17](https://github.com/openshift/route-controller-manager/pull/17) * [Full changelog](https://github.com/openshift/route-controller-manager/compare/6667a6cbf9a87331fcc4407375118c0bb884c925...1a5e72f41b21f5ebcd6f9dd8227d92ad1fffbb1e) ### [service-ca-operator](https://github.com/openshift/service-ca-operator/tree/3c3f82f7112ee4b5656e5c554f9887acdf881175) * [OCPBUGS-21066](https://issues.redhat.com/browse/OCPBUGS-21066): go.mod: bump golang.org/x/net to v0.17.0 [#224](https://github.com/openshift/service-ca-operator/pull/224) * [OCPBUGS-19318](https://issues.redhat.com/browse/OCPBUGS-19318): fix admission webhook CA injection [#222](https://github.com/openshift/service-ca-operator/pull/222) * [OCPBUGS-16536](https://issues.redhat.com/browse/OCPBUGS-16536): bump lib-go to get rid of the goproxy dep [#213](https://github.com/openshift/service-ca-operator/pull/213) * [OCPBUGS-12662](https://issues.redhat.com/browse/OCPBUGS-12662): bump kube to 1.27.1 [#212](https://github.com/openshift/service-ca-operator/pull/212) * Updating ose-service-ca-operator images to be consistent with ART [#211](https://github.com/openshift/service-ca-operator/pull/211) * [API-1525](https://issues.redhat.com/browse/API-1525): Add openshift_service-ca namespace yaml to manifests dir [#208](https://github.com/openshift/service-ca-operator/pull/208) * [Full changelog](https://github.com/openshift/service-ca-operator/compare/dba00dc5b1874904542bed87f49974bf64be168a...3c3f82f7112ee4b5656e5c554f9887acdf881175) ### [telemeter](https://github.com/openshift/telemeter/tree/1f7268163afc74f9f3c1ff89d8c0149760694e6c) * [OCPBUGS-34830](https://issues.redhat.com/browse/OCPBUGS-34830): fix issuer check during JWT authentication 4.14 [#539](https://github.com/openshift/telemeter/pull/539) * [OCPBUGS-32888](https://issues.redhat.com/browse/OCPBUGS-32888): update gopkg.in/square/go-jose.v2 to fix CVE-2024-28180 [#535](https://github.com/openshift/telemeter/pull/535) * [OCPBUGS-22647](https://issues.redhat.com/browse/OCPBUGS-22647): go.mod: bump go.opentelemetry.io/contrib/instrumentation/net/http/ote… [#494](https://github.com/openshift/telemeter/pull/494) * [OCPBUGS-21349](https://issues.redhat.com/browse/OCPBUGS-21349): [release-4.14]: Bump golang.org/x/net to v0.17.0 [#484](https://github.com/openshift/telemeter/pull/484) * [OCPBUGS-16397](https://issues.redhat.com/browse/OCPBUGS-16397): Nutanix OCP cluster telemetry data "host_type" shows "virt-unknown" [#474](https://github.com/openshift/telemeter/pull/474) * chore: bump github.com/prometheus/prometheus to v0.45.0 [#475](https://github.com/openshift/telemeter/pull/475) * : fix mtls secret generation [#473](https://github.com/openshift/telemeter/pull/473) * Revert wrong cert name change of #455 [#472](https://github.com/openshift/telemeter/pull/472) * : add secret for external mtls connection [#470](https://github.com/openshift/telemeter/pull/470) * [MON-3230](https://issues.redhat.com/browse/MON-3230): Add TLS auth to telemeter-client [#455](https://github.com/openshift/telemeter/pull/455) * jsonnet: Add config to support rhelemeter [#468](https://github.com/openshift/telemeter/pull/468) * Improve debug roundtripper logs [#467](https://github.com/openshift/telemeter/pull/467) * Fix integration test documentation [#461](https://github.com/openshift/telemeter/pull/461) * Fix path benchmark [#466](https://github.com/openshift/telemeter/pull/466) * Add RHEL POC server [#465](https://github.com/openshift/telemeter/pull/465) * [OCPBUGS-12345](https://issues.redhat.com/browse/OCPBUGS-12345): tools: update to golangci-lint v1.51 [#464](https://github.com/openshift/telemeter/pull/464) * [OCPBUGS-12678](https://issues.redhat.com/browse/OCPBUGS-12678): Update golang.org/x/net to lastest version [#462](https://github.com/openshift/telemeter/pull/462) * add thibaultmg in OWNERS file [#459](https://github.com/openshift/telemeter/pull/459) * Update OWNERS [#456](https://github.com/openshift/telemeter/pull/456) * Use receive handler logger [#450](https://github.com/openshift/telemeter/pull/450) * [OCPBUGS-10169](https://issues.redhat.com/browse/OCPBUGS-10169): Updating telemeter images to be consistent with ART [#452](https://github.com/openshift/telemeter/pull/452) * Filter noisy logs from TCP probes [#453](https://github.com/openshift/telemeter/pull/453) * Add `douglascamata` as reviewer and approver [#454](https://github.com/openshift/telemeter/pull/454) * [Full changelog](https://github.com/openshift/telemeter/compare/0634a6d029bfd8fd311e99ccf5f2fd45b5751fa8...1f7268163afc74f9f3c1ff89d8c0149760694e6c) ### [tests](https://github.com/openshift/origin/tree/14c6508e415f1afc280e3a34d8b5ef5725e8f877) * [OCPBUGS-61233](https://issues.redhat.com/browse/OCPBUGS-61233): images/tests: Remove rteval [#30208](https://github.com/openshift/origin/pull/30208) * [OCPBUGS-55747](https://issues.redhat.com/browse/OCPBUGS-55747): [build] Ensure Git Clone Does Not Run Privileged [#29758](https://github.com/openshift/origin/pull/29758) * [OCPBUGS-54770](https://issues.redhat.com/browse/OCPBUGS-54770): Fix egress firewall tests by updating the URL from docs.openshift.com to redhat.com [#29665](https://github.com/openshift/origin/pull/29665) * [OCPBUGS-52583](https://issues.redhat.com/browse/OCPBUGS-52583): Use payload pullspec for image info test [#29591](https://github.com/openshift/origin/pull/29591) * [OCPBUGS-51363](https://issues.redhat.com/browse/OCPBUGS-51363): Disable:Broken for [sig-builds][Feature:Builds][Slow] can use private repositories as build input build using an HTTP token should be able to clone source code via an HTTP token [#29567](https://github.com/openshift/origin/pull/29567) * [OCPBUGS-51044](https://issues.redhat.com/browse/OCPBUGS-51044): Add/remove team members to the OWNERS file for Builds [#29554](https://github.com/openshift/origin/pull/29554) * [OCPBUGS-44107](https://issues.redhat.com/browse/OCPBUGS-44107): Adjust createDNSPod() to support hypershift dual-stack test [#29256](https://github.com/openshift/origin/pull/29256) * [OCPBUGS-39137](https://issues.redhat.com/browse/OCPBUGS-39137): Bump timeout for the pod-network-service endpoints check [#29062](https://github.com/openshift/origin/pull/29062) * [OCPBUGS-38365](https://issues.redhat.com/browse/OCPBUGS-38365): add Proxy config [#28998](https://github.com/openshift/origin/pull/28998) * [OCPBUGS-36800](https://issues.redhat.com/browse/OCPBUGS-36800): Removes dependency on samples operator images [#28952](https://github.com/openshift/origin/pull/28952) * #28775 FIX [release-4.14] OCPBUGS-33367: monitor test fix to wait before connecting to a non-existent dns on PowerVS and IBMCloud platforms [#28792](https://github.com/openshift/origin/pull/28792) * #28745 FIX [release-4.14] OCPBUGS-33022: update egressFWTestE2E image which contains ping binary [#28899](https://github.com/openshift/origin/pull/28899) * [OCPBUGS-36464](https://issues.redhat.com/browse/OCPBUGS-36464): test/extended: skip etcd leader change check on hypershift [#28921](https://github.com/openshift/origin/pull/28921) * [OCPBUGS-35475](https://issues.redhat.com/browse/OCPBUGS-35475): Use centos7 tag instead of latest for cmd images tests [#28881](https://github.com/openshift/origin/pull/28881) * [OCPBUGS-33417](https://issues.redhat.com/browse/OCPBUGS-33417): Provide SCC access via RBAC [#28806](https://github.com/openshift/origin/pull/28806) * [OCPBUGS-33563](https://issues.redhat.com/browse/OCPBUGS-33563): Adjust the method of get the apiServer (release-4.14) [#28763](https://github.com/openshift/origin/pull/28763) * [OCPBUGS-29970](https://issues.redhat.com/browse/OCPBUGS-29970): Do not assume there is just a single kubelet systemd service [#28620](https://github.com/openshift/origin/pull/28620) * [OCPNODE-2101](https://issues.redhat.com/browse/OCPNODE-2101): add kube-rbac-proxy-crio toleration change [#28647](https://github.com/openshift/origin/pull/28647) * [OCPBUGS-29928](https://issues.redhat.com/browse/OCPBUGS-29928): Only extract node role from properly formatted node-role label [#28616](https://github.com/openshift/origin/pull/28616) * [OCPBUGS-29182](https://issues.redhat.com/browse/OCPBUGS-29182): updated timeout to 3 seconds to account for network timing issues [#28578](https://github.com/openshift/origin/pull/28578) * [OCPBUGS-29034](https://issues.redhat.com/browse/OCPBUGS-29034): Replace 'coreydaley' with 'sayan-biswas' [#28574](https://github.com/openshift/origin/pull/28574) * [OCPBUGS-26044](https://issues.redhat.com/browse/OCPBUGS-26044): Adding test case for when exceed openshift.io/image-tags will ban to … [#28493](https://github.com/openshift/origin/pull/28493) * [OCPBUGS-21774](https://issues.redhat.com/browse/OCPBUGS-21774): backport #28316 to 4.14 release [#28335](https://github.com/openshift/origin/pull/28335) * Revert "[release-4.14] OCPBUGS-22720: Use Centos 8 Stream mysql image in tests" [#28368](https://github.com/openshift/origin/pull/28368) * [OCPBUGS-23042](https://issues.redhat.com/browse/OCPBUGS-23042): tolerate AWS edge nodes on monitor tests [#28387](https://github.com/openshift/origin/pull/28387) * [OCPBUGS-23145](https://issues.redhat.com/browse/OCPBUGS-23145): Bump watch requests for cluster-baremetal-operator [#28385](https://github.com/openshift/origin/pull/28385) * trt-1340: backport exact and disable monitor tests options to 4.14 [#28391](https://github.com/openshift/origin/pull/28391) * [OCPBUGS-19923](https://issues.redhat.com/browse/OCPBUGS-19923): Updating parameters for build timing PushImage test [#28291](https://github.com/openshift/origin/pull/28291) * [OCPBUGS-22411](https://issues.redhat.com/browse/OCPBUGS-22411): fix: increase upper bounds for samples operator [#28356](https://github.com/openshift/origin/pull/28356) * [OCPBUGS-22720](https://issues.redhat.com/browse/OCPBUGS-22720): Use Centos 8 Stream mysql image in tests [#28365](https://github.com/openshift/origin/pull/28365) * [OCPBUGS-22389](https://issues.redhat.com/browse/OCPBUGS-22389): Remove all docker.io images due to access denied [#28355](https://github.com/openshift/origin/pull/28355) * [OCPBUGS-21774](https://issues.redhat.com/browse/OCPBUGS-21774): backport https://github.com/openshift/origin/pull/28238 to 4.14 release [#28333](https://github.com/openshift/origin/pull/28333) * Revert #28304 "OCPBUGS-20308: Backport PR 28295 and 28238" [#28314](https://github.com/openshift/origin/pull/28314) * [OCPBUGS-20308](https://issues.redhat.com/browse/OCPBUGS-20308): Backport PR 28295 and 28238 [#28304](https://github.com/openshift/origin/pull/28304) * [OCPBUGS-19903](https://issues.redhat.com/browse/OCPBUGS-19903): kubevirt: add live migration tests [#28281](https://github.com/openshift/origin/pull/28281) * wait for the service to have endpoints before starting pollers [#28279](https://github.com/openshift/origin/pull/28279) * some monitor tests only function on disruptive tests [#28287](https://github.com/openshift/origin/pull/28287) * [OCPBUGS-19718](https://issues.redhat.com/browse/OCPBUGS-19718): rteval [#28276](https://github.com/openshift/origin/pull/28276) * [OCPBUGS-19547](https://issues.redhat.com/browse/OCPBUGS-19547): fix: add rteval to the test image [#28269](https://github.com/openshift/origin/pull/28269) * [TRT-1244](https://issues.redhat.com/browse/TRT-1244): Bump aws-ovn upgradeDurationLimits to 130 [#28265](https://github.com/openshift/origin/pull/28265) * [OCPBUGS-19061](https://issues.redhat.com/browse/OCPBUGS-19061): Remove duplicate connection type from disruption name [#28260](https://github.com/openshift/origin/pull/28260) * [USHIFT-1590](https://issues.redhat.com/browse/USHIFT-1590): skip failing invariants in MicroShift [#28193](https://github.com/openshift/origin/pull/28193) * Revert "created persistent volume claims can not exceed the limitation" [#28232](https://github.com/openshift/origin/pull/28232) * Revert "in-cluster disruption: ensure that only one monitor is started in cluster" [#28230](https://github.com/openshift/origin/pull/28230) * created persistent volume claims can not exceed the limitation [#28224](https://github.com/openshift/origin/pull/28224) * Revert "Fail on APIs removed in the next release" [#28227](https://github.com/openshift/origin/pull/28227) * [OCPBUGS-13158](https://issues.redhat.com/browse/OCPBUGS-13158): in-cluster disruption: ensure that only one monitor is started in cluster [#28081](https://github.com/openshift/origin/pull/28081) * Fail on APIs removed in the next release [#27561](https://github.com/openshift/origin/pull/27561) * Service invariant [#28202](https://github.com/openshift/origin/pull/28202) * prevent secondary errors reported in prior steps [#28221](https://github.com/openshift/origin/pull/28221) * [OCPBUGS-17477](https://issues.redhat.com/browse/OCPBUGS-17477): requestheader: wait for only 3 oauth-servers to be available [#28161](https://github.com/openshift/origin/pull/28161) * [test/extended/networking] Rename ovnkube containers [#28219](https://github.com/openshift/origin/pull/28219) * Reduce usage of dcs [#28212](https://github.com/openshift/origin/pull/28212) * Do not fail etcd storage path test for GVRs that are not served. [#28214](https://github.com/openshift/origin/pull/28214) * move graceful shutdown to monitor test [#28201](https://github.com/openshift/origin/pull/28201) * move PDBUnhealthyPodEvictionPolicy from TP to beta [#28206](https://github.com/openshift/origin/pull/28206) * if no openshift-tests image can be auto-detected or specified, skip it [#28207](https://github.com/openshift/origin/pull/28207) * allow failures for tests intentionally producing failures [#28211](https://github.com/openshift/origin/pull/28211) * fix *-to-host sampler failure calculation [#28209](https://github.com/openshift/origin/pull/28209) * skip test with intermittent serial problems [#28208](https://github.com/openshift/origin/pull/28208) * point host network, network disruption at the kubelet [#28191](https://github.com/openshift/origin/pull/28191) * migrate some watching code to monitortests [#28188](https://github.com/openshift/origin/pull/28188) * fail if no sampler output is found for the poller [#28198](https://github.com/openshift/origin/pull/28198) * Fix possibility of intervals without from/to by requiring when we Build() [#28182](https://github.com/openshift/origin/pull/28182) * [OCPBUGS-17497](https://issues.redhat.com/browse/OCPBUGS-17497): Skip invariant load balancer test for None platform [#28180](https://github.com/openshift/origin/pull/28180) * tolerate cluster without clusterversion [#28197](https://github.com/openshift/origin/pull/28197) * select poller image from payload [#28194](https://github.com/openshift/origin/pull/28194) * [AUTH-409](https://issues.redhat.com/browse/AUTH-409): bump o/k for the updated PSa labels [#28192](https://github.com/openshift/origin/pull/28192) * Fixes openshift-tests dry-run failure asking for KUBERNETES_MASTER [#28165](https://github.com/openshift/origin/pull/28165) * [TRT-930](https://issues.redhat.com/browse/TRT-930): Update test to support 2 release query_results.json [#28149](https://github.com/openshift/origin/pull/28149) * add e2e non-functional test for required-scc SCCs [#28142](https://github.com/openshift/origin/pull/28142) * Add a test to flake if we see NetworkManager log "too many netlink events" [#28098](https://github.com/openshift/origin/pull/28098) * [OCPBUGS-16615](https://issues.redhat.com/browse/OCPBUGS-16615): Making prometheus telemetry test flake [#28181](https://github.com/openshift/origin/pull/28181) * update watch-endpoint-slices to usable shape [#28184](https://github.com/openshift/origin/pull/28184) * add comments requested in review [#28186](https://github.com/openshift/origin/pull/28186) * rebrand invariant tests as monitor tests [#28185](https://github.com/openshift/origin/pull/28185) * basic setup of podNetwork disruption tests [#28179](https://github.com/openshift/origin/pull/28179) * start the watch-endpoint-slice command [#28169](https://github.com/openshift/origin/pull/28169) * stop sampling when we stop [#28178](https://github.com/openshift/origin/pull/28178) * run start and collect in parallel [#28174](https://github.com/openshift/origin/pull/28174) * only close node ready if the node was not ready before [#28170](https://github.com/openshift/origin/pull/28170) * make monitor command separately runnable [#28168](https://github.com/openshift/origin/pull/28168) * [OCPBUGS-15726](https://issues.redhat.com/browse/OCPBUGS-15726): add tests for openapi v3 [#28129](https://github.com/openshift/origin/pull/28129) * fix microshift fix that broke all disruption [#28175](https://github.com/openshift/origin/pull/28175) * Add stlaz and p0lyn0mial to OWNERS [#28166](https://github.com/openshift/origin/pull/28166) * [OCPBUGS-15726](https://issues.redhat.com/browse/OCPBUGS-15726): Revert "temporarily disable oc explain tests until openapi/v3 is working" [#28155](https://github.com/openshift/origin/pull/28155) * Add some tests for event interval generation [#28163](https://github.com/openshift/origin/pull/28163) * [USHIFT-1464](https://issues.redhat.com/browse/USHIFT-1464): skip TestFrontProxy for MicroShift [#28064](https://github.com/openshift/origin/pull/28064) * upgrade distribution to v3 [#27958](https://github.com/openshift/origin/pull/27958) * Skip external service monitoring invariant for microshift [#28160](https://github.com/openshift/origin/pull/28160) * Refactor e2e-test intervals to use the new locator builder [#28099](https://github.com/openshift/origin/pull/28099) * [OCPBUGS-16166](https://issues.redhat.com/browse/OCPBUGS-16166): Update to Kubernetes 1.27.4 [#28147](https://github.com/openshift/origin/pull/28147) * Remove obsolete buildanalyzer tool [#28158](https://github.com/openshift/origin/pull/28158) * Bug OCPBUGS-17483: Skip invariant load balancer test for OpenStack [#28154](https://github.com/openshift/origin/pull/28154) * be sure the exit code fails when the invariant tests fail [#28152](https://github.com/openshift/origin/pull/28152) * [OCPBUGS-17351](https://issues.redhat.com/browse/OCPBUGS-17351): Skip some invariants in microshift [#28136](https://github.com/openshift/origin/pull/28136) * [OCPBUGS-16166](https://issues.redhat.com/browse/OCPBUGS-16166): disable 2 tests in preparation to land k8s 1.27.4 [#28148](https://github.com/openshift/origin/pull/28148) * Fix kubevirt test flake caused by pod name collision [#28153](https://github.com/openshift/origin/pull/28153) * move the discovery filtering into suite filtering instead of post filtering [#28145](https://github.com/openshift/origin/pull/28145) * move remaining disruption tests to invariants [#28144](https://github.com/openshift/origin/pull/28144) * Disable EgressIP test termporarily due to OVN-K bug [#28146](https://github.com/openshift/origin/pull/28146) * Bug OCPBUGS-6778: Correct condition for rejecting connection [#27876](https://github.com/openshift/origin/pull/27876) * [USHIFT-1484](https://issues.redhat.com/browse/USHIFT-1484): skip prometheus alerts for MicroShift [#28070](https://github.com/openshift/origin/pull/28070) * remove unnecessary global modification from upgrade [#28143](https://github.com/openshift/origin/pull/28143) * [OCPBUGS-16615](https://issues.redhat.com/browse/OCPBUGS-16615): Moving Prometheus reporting telemetry to serial jobs [#28138](https://github.com/openshift/origin/pull/28138) * [OCPBUGS-15568](https://issues.redhat.com/browse/OCPBUGS-15568): Set quota wait timeout to 1 minute [#28071](https://github.com/openshift/origin/pull/28071) * rough package alignment [#28131](https://github.com/openshift/origin/pull/28131) * return calculated intervals [#28141](https://github.com/openshift/origin/pull/28141) * move existing invariant tests [#28130](https://github.com/openshift/origin/pull/28130) * remove extraneous layering for the monitor [#28127](https://github.com/openshift/origin/pull/28127) * Fix ClusterOperator tests that can only report failures [#28120](https://github.com/openshift/origin/pull/28120) * properly categorize the stop and start intervals [#28139](https://github.com/openshift/origin/pull/28139) * [MON-1960](https://issues.redhat.com/browse/MON-1960): Remove exceptions for alert annotations [#28118](https://github.com/openshift/origin/pull/28118) * Revert invariant and other refactors [#28133](https://github.com/openshift/origin/pull/28133) * Remove exception on KubeSchedulerDown runbook [#28126](https://github.com/openshift/origin/pull/28126) * expedient engineering: inject intervals into recorded events from out… [#28128](https://github.com/openshift/origin/pull/28128) * Add Fabio and remove Stefan from image approvers [#28125](https://github.com/openshift/origin/pull/28125) * separate the run, run-upgrade, and run-test [#28121](https://github.com/openshift/origin/pull/28121) * Remove enabling multinetwork policy [#28116](https://github.com/openshift/origin/pull/28116) * [OCPVE-292](https://issues.redhat.com/browse/OCPVE-292): OCPVE-293: OCPVE-294: feat: added a realtime latency test suite [#28110](https://github.com/openshift/origin/pull/28110) * Update image mirroring instructions to handle uncompressed layers [#28101](https://github.com/openshift/origin/pull/28101) * protect against nil panic on unassigned disruption adapter [#28123](https://github.com/openshift/origin/pull/28123) * fix: workload partitioning - added more error handling for retry attempts [#28111](https://github.com/openshift/origin/pull/28111) * Revert "adds legacy disruption to invariant tests" [#28117](https://github.com/openshift/origin/pull/28117) * adds legacy disruption to invariant tests [#28104](https://github.com/openshift/origin/pull/28104) * refactor command line start for openshift-tests [#28107](https://github.com/openshift/origin/pull/28107) * oauth requestheaders: gather oauth-server logs as admin [#28114](https://github.com/openshift/origin/pull/28114) * Automated - Update synthetic test data [#28108](https://github.com/openshift/origin/pull/28108) * [SDN-4042](https://issues.redhat.com/browse/SDN-4042): Increase total upgrade time on OVN platforms [#28074](https://github.com/openshift/origin/pull/28074) * Update image stream test to create a manifest list image by default [#28017](https://github.com/openshift/origin/pull/28017) * Adjust interval builder before we continue porting [#28109](https://github.com/openshift/origin/pull/28109) * Put times in UTC to allow local testing; use asserts where we can [#28091](https://github.com/openshift/origin/pull/28091) * feat: make data gathering more robust [#28102](https://github.com/openshift/origin/pull/28102) * remove suite hook configuration and make information flow one-way [#28090](https://github.com/openshift/origin/pull/28090) * [USHIFT-1463](https://issues.redhat.com/browse/USHIFT-1463): add [apigroup] annotation to skip tests for MicroShift [#28061](https://github.com/openshift/origin/pull/28061) * [OCPVE-318](https://issues.redhat.com/browse/OCPVE-318): feat: add node validation for workload partitioning [#28056](https://github.com/openshift/origin/pull/28056) * Unrevert pull request #28069 from dgoodwin/interval-builder [#28095](https://github.com/openshift/origin/pull/28095) * Disruption reverts [#28093](https://github.com/openshift/origin/pull/28093) * [AUTH-401](https://issues.redhat.com/browse/AUTH-401): test/e/authorization/pod_security_admission: add e2e test for pinning SCCs [#28092](https://github.com/openshift/origin/pull/28092) * fix logic -- If error, return current time; else return log line time [#28084](https://github.com/openshift/origin/pull/28084) * add interface for future invariant tests [#28077](https://github.com/openshift/origin/pull/28077) * Interval Building Phase 1 [#28069](https://github.com/openshift/origin/pull/28069) * create a recorder interface that separates monitoring from recording [#28080](https://github.com/openshift/origin/pull/28080) * remove unnecessary options and make monitor act like controller [#28079](https://github.com/openshift/origin/pull/28079) * Fix retrieval of virt-launcher pod of the guest node [#28082](https://github.com/openshift/origin/pull/28082) * Fix usage of priviliged pods in sig-kubevirt test cases [#28078](https://github.com/openshift/origin/pull/28078) * trt-1150: move lock so prevent multiple file updates in single commit [#28065](https://github.com/openshift/origin/pull/28065) * finish scrubbing out sampler [#28076](https://github.com/openshift/origin/pull/28076) * Automated - Update synthetic test data [#28072](https://github.com/openshift/origin/pull/28072) * [MON-3280](https://issues.redhat.com/browse/MON-3280): enable etcd metrics check again [#28049](https://github.com/openshift/origin/pull/28049) * [OCPBUGS-13158](https://issues.redhat.com/browse/OCPBUGS-13158): Run new tests which monitors in-cluster API server disruption as daemonsets on masters/workers [#27909](https://github.com/openshift/origin/pull/27909) * fix: add missing namespaces to exclude list [#28060](https://github.com/openshift/origin/pull/28060) * Update S2i Image tests for removing nodejs 14 ubi8 eol [#28058](https://github.com/openshift/origin/pull/28058) * only close intervals if they are open [#28059](https://github.com/openshift/origin/pull/28059) * [USHIFT-704](https://issues.redhat.com/browse/USHIFT-704): skip [sig-cli] whoami result with console for MicroShift [#28005](https://github.com/openshift/origin/pull/28005) * ignore machine api capability [#28052](https://github.com/openshift/origin/pull/28052) * [ODC-7333](https://issues.redhat.com/browse/ODC-7333): Add consolesamples to the exception list of CRDs without a status [#28057](https://github.com/openshift/origin/pull/28057) * Handle partial discovery results in DoesApiResourceExist. [#28047](https://github.com/openshift/origin/pull/28047) * Remove audit id from sample err [#28043](https://github.com/openshift/origin/pull/28043) * Remove sampler [#27960](https://github.com/openshift/origin/pull/27960) * [ODC-7333](https://issues.redhat.com/browse/ODC-7333): Add consolesamples to the list of console resources that all users should have read access [#28045](https://github.com/openshift/origin/pull/28045) * [OCPBUGS-15893](https://issues.redhat.com/browse/OCPBUGS-15893): Update permission to incl. watch for helmchartrepositories for console users [#28044](https://github.com/openshift/origin/pull/28044) * Automated - Update synthetic test data [#28014](https://github.com/openshift/origin/pull/28014) * increase cloud-credential-operator watch since we added a self-clusteroperator watch [#28046](https://github.com/openshift/origin/pull/28046) * [OCPBUGS-15291](https://issues.redhat.com/browse/OCPBUGS-15291): Update broken dc tests due to deprecation warning [#28041](https://github.com/openshift/origin/pull/28041) * Enable Azure platform check in external cloud provider test [#27776](https://github.com/openshift/origin/pull/27776) * update pathological event namespace label to be unambiguous [#28038](https://github.com/openshift/origin/pull/28038) * multinetpolicy: use RetryOnConflict to reduce flakes [#28035](https://github.com/openshift/origin/pull/28035) * [USHIFT-1379](https://issues.redhat.com/browse/USHIFT-1379): skip must-gather tests for MicroShift [#28015](https://github.com/openshift/origin/pull/28015) * Provide more detailed information when extracting binary fails [#28034](https://github.com/openshift/origin/pull/28034) * test: extended: deployment: use correct apigroup for imagestreamtags [#27689](https://github.com/openshift/origin/pull/27689) * Add logs in clusterquota test for more verbosity [#28032](https://github.com/openshift/origin/pull/28032) * [OCPBUGS-15500](https://issues.redhat.com/browse/OCPBUGS-15500): Avoid panic attempting to process interval logs [#28012](https://github.com/openshift/origin/pull/28012) * Add test checking nodes are in proper read state before upgrade [#28028](https://github.com/openshift/origin/pull/28028) * trt-1030: 80s for service lb under test [#28004](https://github.com/openshift/origin/pull/28004) * [OCPBUGS-15835](https://issues.redhat.com/browse/OCPBUGS-15835): remove references to registry.centos.org [#28029](https://github.com/openshift/origin/pull/28029) * [OCPVE-379](https://issues.redhat.com/browse/OCPVE-379): fix: avoid checking resources for BestEffort pods [#28006](https://github.com/openshift/origin/pull/28006) * [OCPBUGS-15568](https://issues.redhat.com/browse/OCPBUGS-15568): Increase clusterquota wait timeout from 10 to 30 seconds [#28026](https://github.com/openshift/origin/pull/28026) * [OCPBUGS-15558](https://issues.redhat.com/browse/OCPBUGS-15558): retry promql a few times to mask i/o timeouts [#28010](https://github.com/openshift/origin/pull/28010) * [AUTH-377](https://issues.redhat.com/browse/AUTH-377): Add oauth-server redirect URI validation e2e tests [#27922](https://github.com/openshift/origin/pull/27922) * temporarily disable oc explain tests until openapi/v3 is working properly [#28022](https://github.com/openshift/origin/pull/28022) * [USHIFT-647](https://issues.redhat.com/browse/USHIFT-647): skip non-existing resources from security.openshift.io [#27897](https://github.com/openshift/origin/pull/27897) * trt-1117: Test for update lease errors [#28020](https://github.com/openshift/origin/pull/28020) * print out deployment for incorrectly scheduled pods [#28011](https://github.com/openshift/origin/pull/28011) * [OCPBUGS-14425](https://issues.redhat.com/browse/OCPBUGS-14425): Skip CCM upgradable condition on AlibabaCloud [#27967](https://github.com/openshift/origin/pull/27967) * Update "verify that nodes have no unexpected reboots" test [#28016](https://github.com/openshift/origin/pull/28016) * allow cluster-config-operator to manage featuregate upgrade block [#28009](https://github.com/openshift/origin/pull/28009) * add a networking alert for OVNKubernetesResourceRetryFailure [#28008](https://github.com/openshift/origin/pull/28008) * add debugging info for cluster not ready to upgrade [#28007](https://github.com/openshift/origin/pull/28007) * [OCPVE-378](https://issues.redhat.com/browse/OCPVE-378): feat: remove skip, allow check on all platforms regardless [#27911](https://github.com/openshift/origin/pull/27911) * Report external binary usage [#28000](https://github.com/openshift/origin/pull/28000) * Changing the severity of "missing runbook_url annotation for critical alerts" test case from flaky to failure [#27987](https://github.com/openshift/origin/pull/27987) * disruption refinement for availability, not latency. [#28003](https://github.com/openshift/origin/pull/28003) * [TRT-1097](https://issues.redhat.com/browse/TRT-1097): add KubeMemoryOvercommit to specific test so that the general test doesn't fail [#28002](https://github.com/openshift/origin/pull/28002) * [OCPBUGS-11652](https://issues.redhat.com/browse/OCPBUGS-11652): Enable oc adm node-logs [#27992](https://github.com/openshift/origin/pull/27992) * skip reboot test when machineconfigs not in target cluster [#27999](https://github.com/openshift/origin/pull/27999) * [OCPBUGS-15291](https://issues.redhat.com/browse/OCPBUGS-15291): [sig-cli] oc idle: get a dc name through labels instead of parsing oc create output [#27998](https://github.com/openshift/origin/pull/27998) * Automated - Update synthetic test data [#27995](https://github.com/openshift/origin/pull/27995) * Flake ci-cluster-network-liveness and new backend disruption failures to avoid payload rejections [#27990](https://github.com/openshift/origin/pull/27990) * verifies number of node reboots even for HA [#27994](https://github.com/openshift/origin/pull/27994) * [OCPBUGS-13379](https://issues.redhat.com/browse/OCPBUGS-13379): machines: add a test which verifies number of node reboots [#27993](https://github.com/openshift/origin/pull/27993) * strip operator framework from resource watch and fix bugs [#27972](https://github.com/openshift/origin/pull/27972) * Fix panic in loki upload [#27991](https://github.com/openshift/origin/pull/27991) * Replace dashes in locator keys for upload to loki, add namespace label when possible [#27983](https://github.com/openshift/origin/pull/27983) * Automated - Update synthetic test data [#27982](https://github.com/openshift/origin/pull/27982) * Update kubevirt LB connectivity tests to work with AWS ELB [#27978](https://github.com/openshift/origin/pull/27978) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Bump (openshift/kubernetes): to get openshift/kubernetes#1595 [#27970](https://github.com/openshift/origin/pull/27970) * add shutdown interval for apiserver from events [#27919](https://github.com/openshift/origin/pull/27919) * Update expected name for OVN acl logging test [#27974](https://github.com/openshift/origin/pull/27974) * Updated pathological events [#27942](https://github.com/openshift/origin/pull/27942) * new disruption backend [#27838](https://github.com/openshift/origin/pull/27838) * [OCPBUGS-14667](https://issues.redhat.com/browse/OCPBUGS-14667): Revert "MON-3213: Changing the severity of "missing runbook_url annotation for critical alerts" test case from flaky to failure" [#27969](https://github.com/openshift/origin/pull/27969) * [MON-3213](https://issues.redhat.com/browse/MON-3213): Changing the severity of "missing runbook_url annotation for critical alerts" test case from flaky to failure [#27933](https://github.com/openshift/origin/pull/27933) * push intervals to loki [#27930](https://github.com/openshift/origin/pull/27930) * [USHIFT-1300](https://issues.redhat.com/browse/USHIFT-1300): Avoid getting cluster state for TEST_PROVIDER env var [#27964](https://github.com/openshift/origin/pull/27964) * hard monitor.Event message creation [#27946](https://github.com/openshift/origin/pull/27946) * [ETCD-425](https://issues.redhat.com/browse/ETCD-425): restore test should validate state [#27921](https://github.com/openshift/origin/pull/27921) * [OCPBUGS-14338](https://issues.redhat.com/browse/OCPBUGS-14338): test/extended/prometheus: increase telemetry series threshold [#27959](https://github.com/openshift/origin/pull/27959) * Running tests using external binary [#27570](https://github.com/openshift/origin/pull/27570) * [OCPBUGS-14321](https://issues.redhat.com/browse/OCPBUGS-14321): Increase timeout in sysctl allowlist test [#27955](https://github.com/openshift/origin/pull/27955) * remove legacy recovery tests [#27917](https://github.com/openshift/origin/pull/27917) * [OCPBUGS-13649](https://issues.redhat.com/browse/OCPBUGS-13649): add tests for ClusterResourceQuota: count should work for all resources [#27934](https://github.com/openshift/origin/pull/27934) * [MON-3219](https://issues.redhat.com/browse/MON-3219): Clear missing summary/description annotation test case exception [#27944](https://github.com/openshift/origin/pull/27944) * [OCPBUGS-13788](https://issues.redhat.com/browse/OCPBUGS-13788): 2x Revert "test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases" #27926 [#27927](https://github.com/openshift/origin/pull/27927) * [OCPBUGS-14125](https://issues.redhat.com/browse/OCPBUGS-14125): Move from registry.centos.org to quay.io [#27945](https://github.com/openshift/origin/pull/27945) * LoadBalancer network connectivity test cases for HyperShift+KubeVirt [#27931](https://github.com/openshift/origin/pull/27931) * Revert "Add coverage for GET verb and websocket handshake to SCC exec tests." [#27943](https://github.com/openshift/origin/pull/27943) * update the PDB resource to point to resource, not kind [#27938](https://github.com/openshift/origin/pull/27938) * fix oc explain status and spec verification [#27937](https://github.com/openshift/origin/pull/27937) * Add coverage for GET verb and websocket handshake to SCC exec tests. [#27836](https://github.com/openshift/origin/pull/27836) * test/extended/prometheus: fix test with enabled telemetry [#27915](https://github.com/openshift/origin/pull/27915) * bump(k8s.io/kubernetes) [#27935](https://github.com/openshift/origin/pull/27935) * Automated - Update synthetic test data [#27920](https://github.com/openshift/origin/pull/27920) * Change oc annotate cli test output check string [#27932](https://github.com/openshift/origin/pull/27932) * Migrate set-image.sh to go based test [#27863](https://github.com/openshift/origin/pull/27863) * [STOR-1263](https://issues.redhat.com/browse/STOR-1263): Rebase 1.27.1 [#27894](https://github.com/openshift/origin/pull/27894) * Update etcd team lead [#27928](https://github.com/openshift/origin/pull/27928) * Revert "test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases" [#27926](https://github.com/openshift/origin/pull/27926) * trt-1032: update upperbounds based on recent failures [#27923](https://github.com/openshift/origin/pull/27923) * [OCPBUGS-6586](https://issues.redhat.com/browse/OCPBUGS-6586): oc idle: increase wait timeouts to 60 sec [#27913](https://github.com/openshift/origin/pull/27913) * test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases [#27795](https://github.com/openshift/origin/pull/27795) * Mark ErrorReconcilingNode macAddress not found as known and with existing BZ [#27918](https://github.com/openshift/origin/pull/27918) * [OCPBUGS-13366](https://issues.redhat.com/browse/OCPBUGS-13366): ignore repeated TopologyAwareHintsDisabled events [#27916](https://github.com/openshift/origin/pull/27916) * [OCPBUGS-13372](https://issues.redhat.com/browse/OCPBUGS-13372): Add missing error check in sysctl allowlist test [#27914](https://github.com/openshift/origin/pull/27914) * trt-900: log risk-analysis errors but don't pass back up [#27898](https://github.com/openshift/origin/pull/27898) * Automated - Update synthetic test data [#27908](https://github.com/openshift/origin/pull/27908) * [OCPBUGS-5943](https://issues.redhat.com/browse/OCPBUGS-5943): Revert "ignore repeated TopologyAwareHintsDisabled events" [#27815](https://github.com/openshift/origin/pull/27815) * Reactivate netpol tests [#26775](https://github.com/openshift/origin/pull/26775) * Adjust thresholds for reasonable upgrade durations [#27905](https://github.com/openshift/origin/pull/27905) * Fix up the chart so the "Not" column is lined up [#27886](https://github.com/openshift/origin/pull/27886) * Automated - Update synthetic test data [#27861](https://github.com/openshift/origin/pull/27861) * [OCPBUGS-12447](https://issues.redhat.com/browse/OCPBUGS-12447): Add intervals and test for ovs-vswitchd unreasonably long poll interval [#27889](https://github.com/openshift/origin/pull/27889) * [WRKLDS-665](https://issues.redhat.com/browse/WRKLDS-665): Enable [sig-scheduling] SchedulerPreemption [Serial] validates pod disruption condition is added to the preempted pod [Suite:openshift/conformance/serial] [#27874](https://github.com/openshift/origin/pull/27874) * [TRT-856](https://issues.redhat.com/browse/TRT-856): DNS and disruption overlap test [#27826](https://github.com/openshift/origin/pull/27826) * [OCPBUGS-11944](https://issues.redhat.com/browse/OCPBUGS-11944): use tokenrequest from lib-go [#27883](https://github.com/openshift/origin/pull/27883) * [CCO-367](https://issues.redhat.com/browse/CCO-367): Allow CCO to be Upgradeable=False when credentialsMode=Manual [#27887](https://github.com/openshift/origin/pull/27887) * add anonymous cert detection test case [#27890](https://github.com/openshift/origin/pull/27890) * Render html from monitor [#27853](https://github.com/openshift/origin/pull/27853) * PSa podspec exporter e2e: don't specifically add seccompProfile to the podspec [#27756](https://github.com/openshift/origin/pull/27756) * [ETCD-417](https://issues.redhat.com/browse/ETCD-417): add a new basic etcd backup/restore test [#27875](https://github.com/openshift/origin/pull/27875) * test/extended: cpu-partitioning: skip cluster infrastructure for Hypershift [#27884](https://github.com/openshift/origin/pull/27884) * [OCPNODE-1257](https://issues.redhat.com/browse/OCPNODE-1257): feat: remove custom node wait logic for upstream framework call [#27882](https://github.com/openshift/origin/pull/27882) * Add (optional) dual-stack tests to the CNI certification test suite [#27807](https://github.com/openshift/origin/pull/27807) * Trt-945 detect master node updates [#27851](https://github.com/openshift/origin/pull/27851) * Updating openshift-enterprise-tests images to be consistent with ART [#27793](https://github.com/openshift/origin/pull/27793) * Move selfsubjectreviews RBAC rule to the right place [#27873](https://github.com/openshift/origin/pull/27873) * Add git retry to run resource watch [#27865](https://github.com/openshift/origin/pull/27865) * Update ETCD storage data for k8s 1.27 [#27871](https://github.com/openshift/origin/pull/27871) * [OCPBUGS-11652](https://issues.redhat.com/browse/OCPBUGS-11652): disable oc adm node-logs [#27867](https://github.com/openshift/origin/pull/27867) * [NE-1243](https://issues.redhat.com/browse/NE-1243): Validate TCP DNS local endpoint preference as well as UDP. [#27791](https://github.com/openshift/origin/pull/27791) * Add selfsubjectreviews RBAC rules [#27866](https://github.com/openshift/origin/pull/27866) * [ETCD-399](https://issues.redhat.com/browse/ETCD-399): Add recovery suite to openshift-test cli [#27869](https://github.com/openshift/origin/pull/27869) * add specific test for failing cgroups path [#27852](https://github.com/openshift/origin/pull/27852) * not rely on deterministic pod names in oc debug tests [#27842](https://github.com/openshift/origin/pull/27842) * Revert "TRT-889: Temp flake all azure disruption" [#27843](https://github.com/openshift/origin/pull/27843) * add wait for ingress to be responsive before beginning upgrade [#27857](https://github.com/openshift/origin/pull/27857) * Allow cluster daemonsets to use maxSurge [#27819](https://github.com/openshift/origin/pull/27819) * retry getting the URL for routes until we succeed [#27854](https://github.com/openshift/origin/pull/27854) * bump timeout [#27849](https://github.com/openshift/origin/pull/27849) * [OCPBUGS-11215](https://issues.redhat.com/browse/OCPBUGS-11215): fix: add namespace annotation helper for egress cni test [#27834](https://github.com/openshift/origin/pull/27834) * negative filtering [#27829](https://github.com/openshift/origin/pull/27829) * [OCPBUGS-11072](https://issues.redhat.com/browse/OCPBUGS-11072): Add test for Egress Firewall node selector [#27824](https://github.com/openshift/origin/pull/27824) * upkeep: updated query results [#27835](https://github.com/openshift/origin/pull/27835) * Revert "Make unidle test more strict" [#27833](https://github.com/openshift/origin/pull/27833) * [OTA-824](https://issues.redhat.com/browse/OTA-824): test/extended/cli/admin: Test 'oc adm release extract --file image-references ...' [#27822](https://github.com/openshift/origin/pull/27822) * [STOR-1272](https://issues.redhat.com/browse/STOR-1272): DisableSC test should ignore in-tree storage classes [#27814](https://github.com/openshift/origin/pull/27814) * add apiserver availability timeline events [#27828](https://github.com/openshift/origin/pull/27828) * [OCPBUGS-9831](https://issues.redhat.com/browse/OCPBUGS-9831): Make unidle test more strict [#27673](https://github.com/openshift/origin/pull/27673) * remove runresourcewatch git lock file on failure [#27820](https://github.com/openshift/origin/pull/27820) * Improve the disruptive suite description [#27823](https://github.com/openshift/origin/pull/27823) * OpenStack: Restore in-tree cinder provisioner tests [#27789](https://github.com/openshift/origin/pull/27789) * Add Divyanshu Agrawal as a reviewer [#27821](https://github.com/openshift/origin/pull/27821) * Enable AWS platform check in external cloud provider test [#27777](https://github.com/openshift/origin/pull/27777) * [OCPBUGS-10824](https://issues.redhat.com/browse/OCPBUGS-10824): fix: add poll to get deployment status and avoid false positive [#27818](https://github.com/openshift/origin/pull/27818) * Add a test case checking for cluster upgradeability [#27806](https://github.com/openshift/origin/pull/27806) * Gather more interesting etcd pod logs for issues we're debugging [#27816](https://github.com/openshift/origin/pull/27816) * Strip ANSI control characters from junits [#27801](https://github.com/openshift/origin/pull/27801) * Automated - Update synthetic test data [#27703](https://github.com/openshift/origin/pull/27703) * move IsTechPreviewNoUpgrade function to exutil and reuse everywhere [#27787](https://github.com/openshift/origin/pull/27787) * Mark previous pathological events so they get added to spyglass charts [#27743](https://github.com/openshift/origin/pull/27743) * [CNF-5652](https://issues.redhat.com/browse/CNF-5652): Add cpu partitioning tests [#27770](https://github.com/openshift/origin/pull/27770) * Revert "Revert "Add vlan/macvlan/ipvlan incontainer master tests"" [#27775](https://github.com/openshift/origin/pull/27775) * Separate pathological event tests for all known namespaces [#27774](https://github.com/openshift/origin/pull/27774) * Scan etcd logs for dropped internal raft messages [#27798](https://github.com/openshift/origin/pull/27798) * Add intervals, synthetic test, and charting for etcd "slow fdatasync" pod log messages [#27772](https://github.com/openshift/origin/pull/27772) * [OCPBUGS-8092](https://issues.redhat.com/browse/OCPBUGS-8092): Fix mounted volume expansion tests [#27782](https://github.com/openshift/origin/pull/27782) * Specify Audit-ID to identify disruption requests in api audit logs [#27780](https://github.com/openshift/origin/pull/27780) * [TRT-889](https://issues.redhat.com/browse/TRT-889): Temp flake all azure disruption [#27781](https://github.com/openshift/origin/pull/27781) * [OCPBUGS-8483](https://issues.redhat.com/browse/OCPBUGS-8483): Revert "Switch to readyz path for health probes on Azure" [#27771](https://github.com/openshift/origin/pull/27771) * [WRKLDS-657](https://issues.redhat.com/browse/WRKLDS-657): add test for UnhealthyPodEvictionPolicy for PDBs [#27768](https://github.com/openshift/origin/pull/27768) * Enable vSphere platform check in external cloud provider test [#27638](https://github.com/openshift/origin/pull/27638) * Realtime Kernel Tests [#27751](https://github.com/openshift/origin/pull/27751) * [OCPBUGS-8310](https://issues.redhat.com/browse/OCPBUGS-8310): Bump to 1.26.2 [#27764](https://github.com/openshift/origin/pull/27764) * And 7 elided commits (e.g. from squash or rebase merges) * [Full changelog](https://github.com/openshift/origin/compare/d14f9b8ec0093014491f498a1efaaa1d1fd57a81...14c6508e415f1afc280e3a34d8b5ef5725e8f877) ### [thanos](https://github.com/openshift/thanos/tree/a26712509e3f9c511926ca9d8bba3e3ea8e95ada) * [OCPBUGS-22636](https://issues.redhat.com/browse/OCPBUGS-22636): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.42.0 to 0.44.0 [#130](https://github.com/openshift/thanos/pull/130) * [OCPBUGS-21176](https://issues.redhat.com/browse/OCPBUGS-21176): Bump golang.org/x/net to v0.17.0 [#124](https://github.com/openshift/thanos/pull/124) * [OCPBUGS-12525](https://issues.redhat.com/browse/OCPBUGS-12525): fallback Thanos to 0.30.2. [#112](https://github.com/openshift/thanos/pull/112) * Updating thanos images to be consistent with ART [#107](https://github.com/openshift/thanos/pull/107) * [OCPBUGS-11928](https://issues.redhat.com/browse/OCPBUGS-11928): Build with Go 1.20 (#6126) [#106](https://github.com/openshift/thanos/pull/106) * [OCPBUGS-10139](https://issues.redhat.com/browse/OCPBUGS-10139): Updating thanos images to be consistent with ART [#104](https://github.com/openshift/thanos/pull/104) * Update to v0.31.0 from upstream [#105](https://github.com/openshift/thanos/pull/105) * [Full changelog](https://github.com/openshift/thanos/compare/70fb57fb209e5aa491417fc421a97d417a5530bc...a26712509e3f9c511926ca9d8bba3e3ea8e95ada) ### [vsphere-cloud-controller-manager](https://github.com/openshift/cloud-provider-vsphere/tree/efaed5cdb8c7d4b0b7fe38e203c545278ccfab4d) * [OCPBUGS-23889](https://issues.redhat.com/browse/OCPBUGS-23889): Bump otelgrpc to v0.49.0 [#70](https://github.com/openshift/cloud-provider-vsphere/pull/70) * [OCPBUGS-21520](https://issues.redhat.com/browse/OCPBUGS-21520): Bump golang.org/x/net to v0.18.0 [#54](https://github.com/openshift/cloud-provider-vsphere/pull/54) * [OCPBUGS-15154](https://issues.redhat.com/browse/OCPBUGS-15154): Scope secret informers per namespace [#44](https://github.com/openshift/cloud-provider-vsphere/pull/44) * [OCPBUGS-13133](https://issues.redhat.com/browse/OCPBUGS-13133): Updating ose-vsphere-cloud-controller-manager images to be consistent with ART [#37](https://github.com/openshift/cloud-provider-vsphere/pull/37) * [OCPCLOUD-2048](https://issues.redhat.com/browse/OCPCLOUD-2048): Merge https://github.com/kubernetes/cloud-provider-vsphere:master (fb273c6) into master [#39](https://github.com/openshift/cloud-provider-vsphere/pull/39) * Fix downstream commit detection [#41](https://github.com/openshift/cloud-provider-vsphere/pull/41) * Merge https://github.com/kubernetes/cloud-provider-vsphere:master (895e131) into master [#34](https://github.com/openshift/cloud-provider-vsphere/pull/34) * Updating ose-vsphere-cloud-controller-manager images to be consistent with ART [#35](https://github.com/openshift/cloud-provider-vsphere/pull/35) * [Full changelog](https://github.com/openshift/cloud-provider-vsphere/compare/f56d57ba990f7f4ce1a6b1f9842331e9259c94f1...efaed5cdb8c7d4b0b7fe38e203c545278ccfab4d) ### [vsphere-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-vsphere/tree/b6a13f92b85c8616f2720bb5c640bea1c54d7898) * [OCPBUGS-61655](https://issues.redhat.com/browse/OCPBUGS-61655): Fix unit tests [#74](https://github.com/openshift/cluster-api-provider-vsphere/pull/74) * [OCPBUGS-35136](https://issues.redhat.com/browse/OCPBUGS-35136): Bump x/crypto to v0.24.0 [#46](https://github.com/openshift/cluster-api-provider-vsphere/pull/46) * [OCPBUGS-17312](https://issues.redhat.com/browse/OCPBUGS-17312), [OCPBUGS-21558](https://issues.redhat.com/browse/OCPBUGS-21558): [release-4.14] bump golang.org/x/net to v0.17.0 [#20](https://github.com/openshift/cluster-api-provider-vsphere/pull/20) * [OCPBUGS-6465](https://issues.redhat.com/browse/OCPBUGS-6465), [OCPCLOUD-1875](https://issues.redhat.com/browse/OCPCLOUD-1875): Merge https://github.com/kubernetes-sigs/cluster-api-provider-vsphere:v1.7.0 (7e9205d) into master [#16](https://github.com/openshift/cluster-api-provider-vsphere/pull/16) * Updating ose-vsphere-cluster-api-controllers images to be consistent with ART [#14](https://github.com/openshift/cluster-api-provider-vsphere/pull/14) * [OCPBUGS-10071](https://issues.redhat.com/browse/OCPBUGS-10071): Updating ose-vsphere-cluster-api-controllers images to be consistent with ART [#12](https://github.com/openshift/cluster-api-provider-vsphere/pull/12) * [Full changelog](https://github.com/openshift/cluster-api-provider-vsphere/compare/da63f2b930cdd6090904ee607319b40615b245f6...b6a13f92b85c8616f2720bb5c640bea1c54d7898) ### [vsphere-csi-driver, vsphere-csi-driver-syncer](https://github.com/openshift/vmware-vsphere-csi-driver/tree/b5d0e7ddd2262c616147e5ce16220dae2a4de59d) * [OCPBUGS-51045](https://issues.redhat.com/browse/OCPBUGS-51045): Prevent node cache update during attach & detach [#139](https://github.com/openshift/vmware-vsphere-csi-driver/pull/139) * [OCPBUGS-35138](https://issues.redhat.com/browse/OCPBUGS-35138): CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 [#123](https://github.com/openshift/vmware-vsphere-csi-driver/pull/123) * [OCPBUGS-33798](https://issues.redhat.com/browse/OCPBUGS-33798): FailedPrecondition volume does not appear staged [#119](https://github.com/openshift/vmware-vsphere-csi-driver/pull/119) * [OCPBUGS-21564](https://issues.redhat.com/browse/OCPBUGS-21564): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#90](https://github.com/openshift/vmware-vsphere-csi-driver/pull/90) * [OCPBUGS-17315](https://issues.redhat.com/browse/OCPBUGS-17315): UPSTREAM: 2494: Bump golang.org/x/net/html to fix CVE-2023-3978 (#2494) [#85](https://github.com/openshift/vmware-vsphere-csi-driver/pull/85) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS and OWNERS_ALIASES [#84](https://github.com/openshift/vmware-vsphere-csi-driver/pull/84) * [OCPBUGS-12157](https://issues.redhat.com/browse/OCPBUGS-12157): Rebase v3.0.2 [#82](https://github.com/openshift/vmware-vsphere-csi-driver/pull/82) * [OCPBUGS-13386](https://issues.redhat.com/browse/OCPBUGS-13386): Fix use of GetNodeByName when using node's VMUUID (#2387) [#80](https://github.com/openshift/vmware-vsphere-csi-driver/pull/80) * [OCPBUGS-13314](https://issues.redhat.com/browse/OCPBUGS-13314): Fix node resync master [#78](https://github.com/openshift/vmware-vsphere-csi-driver/pull/78) * [OCPBUGS-13003](https://issues.redhat.com/browse/OCPBUGS-13003): Merge v3.0.1 from upstream [#76](https://github.com/openshift/vmware-vsphere-csi-driver/pull/76) * Updating vmware-vsphere-syncer images to be consistent with ART [#74](https://github.com/openshift/vmware-vsphere-csi-driver/pull/74) * Updating ose-vmware-vsphere-csi-driver images to be consistent with ART [#75](https://github.com/openshift/vmware-vsphere-csi-driver/pull/75) * [OCPBUGS-12718](https://issues.redhat.com/browse/OCPBUGS-12718): Fix .gitattributes [#71](https://github.com/openshift/vmware-vsphere-csi-driver/pull/71) * [OCPBUGS-10148](https://issues.redhat.com/browse/OCPBUGS-10148), [OCPBUGS-10152](https://issues.redhat.com/browse/OCPBUGS-10152): Add .gitattributes [#63](https://github.com/openshift/vmware-vsphere-csi-driver/pull/63) * [OCPBUGS-8457](https://issues.redhat.com/browse/OCPBUGS-8457): UPSTREAM: 2326: Update opencontainers/runc for CVE-2023-27561 [#65](https://github.com/openshift/vmware-vsphere-csi-driver/pull/65) * Updating ose-vmware-vsphere-csi-driver images to be consistent with ART [#62](https://github.com/openshift/vmware-vsphere-csi-driver/pull/62) * Updating vmware-vsphere-syncer images to be consistent with ART [#61](https://github.com/openshift/vmware-vsphere-csi-driver/pull/61) * [OCPBUGS-10551](https://issues.redhat.com/browse/OCPBUGS-10551): Rebase to v3.0.0 for OCP 4.14 [#64](https://github.com/openshift/vmware-vsphere-csi-driver/pull/64) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver/compare/4d3036a6c7fe0c850bbadd942267426afe2ec16a...b5d0e7ddd2262c616147e5ce16220dae2a4de59d) ### [vsphere-csi-driver-operator](https://github.com/openshift/vmware-vsphere-csi-driver-operator/tree/5d5105f93e02ba0c4c07890b3db630b11d839abf) * [OCPBUGS-25657](https://issues.redhat.com/browse/OCPBUGS-25657): Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler [#203](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/203) * [OCPBUGS-24224](https://issues.redhat.com/browse/OCPBUGS-24224): Explicitly degrade the cluster when conditions are not met [#194](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/194) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#186](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/186) * [OCPBUGS-23169](https://issues.redhat.com/browse/OCPBUGS-23169): Fix vsphere csi controller pods from getting constantly restarted [#193](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/193) * [OCPBUGS-22430](https://issues.redhat.com/browse/OCPBUGS-22430): disable http/2 server support in webhook [#182](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/182) * [OCPBUGS-21450](https://issues.redhat.com/browse/OCPBUGS-21450): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#173](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/173) * [OCPBUGS-13084](https://issues.redhat.com/browse/OCPBUGS-13084): disable controller hostNetwork [#162](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/162) * [OCPBUGS-16783](https://issues.redhat.com/browse/OCPBUGS-16783): Chore: Update OWNERS [#163](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/163) * [OCPBUGS-16540](https://issues.redhat.com/browse/OCPBUGS-16540): Bump library-go to remove dependency on goproxy [#164](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/164) * [STOR-1065](https://issues.redhat.com/browse/STOR-1065): Rework sidecar bindings to bind common ClusterRoles [#160](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/160) * [OCPBUGS-14824](https://issues.redhat.com/browse/OCPBUGS-14824): Bump vmware-vsphere-csi-driver-operator library-go [#159](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/159) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#155](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/155) * [STOR-1304](https://issues.redhat.com/browse/STOR-1304): Restart controller pods if metrics serving cert or webhook secret changed [#153](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/153) * [OCPBUGS-14581](https://issues.redhat.com/browse/OCPBUGS-14581): Enable Windows supports [#158](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/158) * [OCPBUGS-13386](https://issues.redhat.com/browse/OCPBUGS-13386): Use csinode id feature [#156](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/156) * [OCPBUGS-12666](https://issues.redhat.com/browse/OCPBUGS-12666): Bump golang.org/x/net@v0.9.0 [#154](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/154) * [OCPBUGS-12260](https://issues.redhat.com/browse/OCPBUGS-12260): Add backoff for successful storage policy creations [#148](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/148) * Updating ose-vmware-vsphere-csi-driver-operator images to be consistent with ART [#149](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/149) * [OCPBUGS-8683](https://issues.redhat.com/browse/OCPBUGS-8683): Add management workloads annotations [#144](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/144) * Updating ose-vmware-vsphere-csi-driver-operator images to be consistent with ART [#143](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/143) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver-operator/compare/a9e5036e12facff0193d563b752847191fc9dc91...5d5105f93e02ba0c4c07890b3db630b11d839abf) ### [vsphere-problem-detector](https://github.com/openshift/vsphere-problem-detector/tree/a9c08425f59d37495d655ee16d4fc7fa200a5ea8) * [OCPBUGS-38347](https://issues.redhat.com/browse/OCPBUGS-38347): Drop event when CheckDefaultDatastore fails [#171](https://github.com/openshift/vsphere-problem-detector/pull/171) * [OCPBUGS-35913](https://issues.redhat.com/browse/OCPBUGS-35913): Fix missing failure-domains [#162](https://github.com/openshift/vsphere-problem-detector/pull/162) * [OCPBUGS-24401](https://issues.redhat.com/browse/OCPBUGS-24401): Use failure-domains and other changes from master [#142](https://github.com/openshift/vsphere-problem-detector/pull/142) * [OCPBUGS-21812](https://issues.redhat.com/browse/OCPBUGS-21812): Warn usernames without domain name [#134](https://github.com/openshift/vsphere-problem-detector/pull/134) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#138](https://github.com/openshift/vsphere-problem-detector/pull/138) * [OCPBUGS-21581](https://issues.redhat.com/browse/OCPBUGS-21581): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#129](https://github.com/openshift/vsphere-problem-detector/pull/129) * [OCPBUGS-14177](https://issues.redhat.com/browse/OCPBUGS-14177): Add a cache datacenters and datastores [#123](https://github.com/openshift/vsphere-problem-detector/pull/123) * [STOR-1168](https://issues.redhat.com/browse/STOR-1168): Bump common libraries [#112](https://github.com/openshift/vsphere-problem-detector/pull/112) * [OCPBUGS-13187](https://issues.redhat.com/browse/OCPBUGS-13187): Revert "Allow disabling the operator via ConfigMap" [#122](https://github.com/openshift/vsphere-problem-detector/pull/122) * [OCPBUGS-13187](https://issues.redhat.com/browse/OCPBUGS-13187): Allow disabling the operator via ConfigMap [#116](https://github.com/openshift/vsphere-problem-detector/pull/116) * [OCPBUGS-14089](https://issues.redhat.com/browse/OCPBUGS-14089): Check all storage classes including CSI storageclasses [#119](https://github.com/openshift/vsphere-problem-detector/pull/119) * [OCPBUGS-13696](https://issues.redhat.com/browse/OCPBUGS-13696): Warn about CBT enabled VMs via vsphere-problem-detector [#113](https://github.com/openshift/vsphere-problem-detector/pull/113) * [OCPBUGS-14029](https://issues.redhat.com/browse/OCPBUGS-14029): In UPI clusters VSphere platform could be nil [#115](https://github.com/openshift/vsphere-problem-detector/pull/115) * [OCPBUGS-14023](https://issues.redhat.com/browse/OCPBUGS-14023): Log vcenter version information [#114](https://github.com/openshift/vsphere-problem-detector/pull/114) * [OCPBUGS-12669](https://issues.redhat.com/browse/OCPBUGS-12669): Bump golang.org/x/net@v0.9.0 [#111](https://github.com/openshift/vsphere-problem-detector/pull/111) * Updating vsphere-problem-detector images to be consistent with ART [#110](https://github.com/openshift/vsphere-problem-detector/pull/110) * [OCPBUGS-7353](https://issues.redhat.com/browse/OCPBUGS-7353): CheckNodePerf firing on infra nodes [#106](https://github.com/openshift/vsphere-problem-detector/pull/106) * [OCPBUGS-10988](https://issues.redhat.com/browse/OCPBUGS-10988): day 2 multi-zone configuration fails if tags are not defined [#100](https://github.com/openshift/vsphere-problem-detector/pull/100) * [OCPBUGS-10794](https://issues.redhat.com/browse/OCPBUGS-10794): Add build number to metrics [#102](https://github.com/openshift/vsphere-problem-detector/pull/102) * Updating vsphere-problem-detector images to be consistent with ART [#101](https://github.com/openshift/vsphere-problem-detector/pull/101) * [Full changelog](https://github.com/openshift/vsphere-problem-detector/compare/f50dbfffea8d8a94f250f63d7a9640e6e5136114...a9c08425f59d37495d655ee16d4fc7fa200a5ea8)