Back to index

4.10.38

Download the installer for your operating system or run

oc adm release extract --tools quay.io/openshift-release-dev/ocp-release:4.10.38-x86_64

Tests:

• Blocking jobs
  • upgrade Succeeded release-openshift-origin-installer-e2e-aws-upgrade
  • upgrade-minor Succeeded release-openshift-origin-installer-e2e-aws-upgrade
• Informing jobs
  • aws-sdn-upgrade-4.10-micro Succeeded (2 retries) periodic-ci-openshift-release-master-nightly-4.10-e2e-aws-upgrade
  • aws-serial Succeeded periodic-ci-openshift-release-master-nightly-4.10-e2e-aws-serial
  • gcp-ovn-upgrade-4.10-minor Succeeded (1 retries) periodic-ci-openshift-release-master-ci-4.10-upgrade-from-stable-4.9-e2e-gcp-ovn-upgrade

Upgrades from:

• 4.10.37 (changes) - F F S S S
• 4.10.36 (changes) - Failed
• 4.10.35 (changes) - Success
• 4.10.30 (changes) - Success
• 4.10.20 (changes) - Failed
• 4.10.6 (changes) - Failed
• 4.10.5 - Success
• 4.10.4 (changes) - Success
• 4.10.3 (changes) - Failed
• 4.9.50 (changes) - F S S S
• 4.9.49 (changes) - Success
• 4.9.48 (changes) - Success
• 4.9.44 (changes) - Failed
• 4.9.40 (changes) - Success
• 4.9.24 (changes) - Success
• 4.9.22 (changes) - Success
• 4.9.21 (changes) - Success
• 4.9.19 (changes) - Success

Upgrades to:

• 4.11.13 (changes) - Success
• 4.11.12 (changes) - Failed
• 4.11.11 (changes) - F S F
• 4.11.10 (changes) - F F F S
• 4.10.41 (changes) - Success
• 4.10.40 (changes) - Failed
• 4.10.39 (changes) - S S S

---

Loading changelog, this may take a while ...

Changes from 4.10.5

Created: 2022-10-19 10:14:55 +0000 UTC

Image Digest: sha256:50d7ee7fe5aa9a8900cce799868be7d2a504c796a6a999089c9bd56b14ccef97

Release 4.10.38 was created from registry.ci.openshift.org/ocp/release:4.10.0-0.nightly-2022-10-17-082154

Components

• Kubernetes upgraded from 1.23.3 to 1.23.12
• Red Hat Enterprise Linux CoreOS upgraded from 410.84.202203141348-0 to 410.84.202210130022-0 (diff)

Removed images

• cluster-capi-controllers
• cluster-capi-operator

Rebuilt images without code change

• alibaba-cloud-controller-manager git db2d118a sha256:5e4e9bf8269a301836505e4d42fb002d69af52109c8fab0c65f143aa7a8375da
• aws-cloud-controller-manager git d85867fe sha256:207f0d9b9fa2678fc85d4feecec10bff89e7d17d4c0a4dfba72f9f683dccf0d2
• aws-pod-identity-webhook git 7f9eb87a sha256:5a4971cfcebfc5b59dbd296911f1e1c61fe8193637f7ef6f82b384a4c5368f88
• azure-file-csi-driver git f88155b4 sha256:aa686bbaf71bd9a7a7222c8b59d6472dba5d75b3ddcbf86e7ceb224ba388b371
• azure-file-csi-driver-operator git 3807eb37 sha256:48f4b8151b6177308426aa97c189cd157ca9f530623a010370872fd2cc19b463
• cluster-bootstrap git f22d1c60 sha256:0df6e522a53136918b87dd74fbccdd8d6ccbf8d8bfdcaf3e2da12fcd51f6127e
• cluster-dns-operator git bc48e0aa sha256:90b64b3cfd09104a1cd57b0d4d6b3ce1f59b4a57f9024c37e661d6ec52f8e47f
• cluster-openshift-controller-manager-operator git b8b65d15 sha256:46fcfafbeac8d9e01f299216c51b92bbd35d14e6683b822f980008c0c4232df6
• cluster-policy-controller git 8e5b3651 sha256:92d1e8d2555238e0ae58f4e0b5e97567dde40856b566367e782e08e975fe8731
• configmap-reloader git 22a40ce7 sha256:9923dfcdeb3157b90acfe0398b50cf4320700a449c25e9d87c7257568aa17ec5
• coredns git 3ec1ee7d sha256:2903a1f1fc68c0328c0547df2bc3ad35586e530c0321dc5a12766a65e363fe05
• csi-driver-manila git df0b27de sha256:89758256cd80f7540cf1c9599c79fb9c88e95f28013084496d1f997b415eccc8
• csi-driver-nfs git 3448830c sha256:83dbe84820c16f272301febde956c5bfeb118852a318478afc542474d71575ea
• csi-driver-shared-resource git d06ff18b sha256:feb6d180d352ad80f439d939ee5a1d790f5f449b01d7f6253accb3ffe7a33230
• csi-driver-shared-resource-operator git 662615b3 sha256:dd79d6472bfbd6468fba88d5c71c84426ab5a599144db202ebe80dc769e78066
• csi-external-attacher git 27e71f2b sha256:37ebb695e63f1974f7dcc5f42533c69d19d308c87648340d574fb21c4fd55d52
• csi-external-provisioner git 31de1e19 sha256:3391ab52fa32818825b0d5566c2a4fe68d6ee94c2be036e0b04c9bfe7a6504cd
• csi-external-resizer git e5934091 sha256:60773453c244e3969fae2927dcbb977bdedd1848e5743a41ce986481b45e6564
• csi-external-snapshotter git fe4a0a2f sha256:a6f6fe0416c5c41bf77f3d859e2650a66d7a44d727238979497ab010c298c8f7
• csi-livenessprobe git 8c1a5bca sha256:c2d60ff4637df07bacd046eb45ffb95492a2be8b6c663132f5258df822b7dd84
• csi-node-driver-registrar git bb0bd823 sha256:b62b5637b980b148dba0f06baca9d8e35813aca98aed67fc3e81ce3c15c5ba3b
• csi-snapshot-controller git fe4a0a2f sha256:793c4d3917be0b940240fb1a7df5ad575c2d2c95066de2aa2b71ac8e23665096
• csi-snapshot-validation-webhook git fe4a0a2f sha256:a48fc47c7a380077e028f4419568911d9e5134099cc9ed67d986b08524d1b8c4
• driver-toolkit git 0c77c8d6 sha256:ec826be6d043575c8edda32751f7a20947d272ce589cb588ce8f76b7a2852056
• egress-router-cni git 5c56bc8a sha256:a724d5d6ba4829dc4811aa8c8375811cce09c3b84d8522907bd48da8e22caafc
• gcp-cloud-controller-manager git 4dc728d0 sha256:89bc8238ab23022057f25737be33a9b1e0ac50094e8346ba6d6f2b27104e3638
• gcp-machine-controllers git 3fe46c8b sha256:6640d9a2a5d639c8f52b85c7e1d7a1a0623bb90e12b81f1958610ca872ea1df7
• gcp-pd-csi-driver git 19e9a57f sha256:60989820551629a263ef31e3c48c69d8166d80337d6ee6b5a1f0add816c4ba55
• grafana git 48aec355 sha256:a066499ac8111250821aa214a6afd563948142dc1d9463b92d8cf5769ec66583
• ibm-cloud-controller-manager git e3039120 sha256:6696a52432c5238859761879375679f88d9f27d895949889ed45d04d8f47cc64
• ibm-vpc-node-label-updater git 7074dfc3 sha256:5ad38ed8659ad7daa6f9b6000b28e9f4e1a778124742bf834d96f76d187228c0
• ibmcloud-machine-controllers git 7449a94f sha256:135e76143c00865f42004a3636b34d98d0c74fc3f4f87063e427a43e0d6750f5
• ironic-hardware-inventory-recorder git 62469223 sha256:a948da7b41e0b3c83dbf0f6076bc101c2ff4d32dff5b2ad93ee2c9cc6a5d4fff
• ironic-machine-os-downloader git 81fe2974 sha256:d52c46db00ce394435f6ebc4949dbf8eaa03f6c643bffdce9467412955703ed8
• ironic-static-ip-manager git 45a1c542 sha256:5920593d7799e08c2f9b1b1be05b6a753908f973c2be58cd4957540496114d29
• k8s-prometheus-adapter git 4052b317 sha256:1adc8a04624420215623d0b2db75796af308c1146dc19bc360607c33df1e65aa
• keepalived-ipfailover git 5d526c41 sha256:91155277a9378325735e46bbd88621c95f923da626d9211f61eadfb55de046c5
• kube-rbac-proxy git 4f198b2b sha256:fa482f4c610fea65c1f42cd18c84e1eaa1f6d9e3e610e458bb08a9809c0bd6ef
• kube-storage-version-migrator git 901a6d22 sha256:f69c690c88c552c79aee7a804b9397aee4c905e73381468d495f7ac1f8bd6b40
• libvirt-machine-controllers git 3b330b72 sha256:2adcf1418dbb33d329ccee7459cd2ffe6bdff05e3c8d7b312748146b63864b78
• machine-os-content sha256:b7b605cba1863511641a7970985f46f86626de095b752f3a9eac2cece567506a
• multus-admission-controller git d7a7fe5d sha256:efb03c75fcfea6f07476cdbd07a99dc7b2eccad3f324d732e2884a5ef606c237
• multus-networkpolicy git bfcc6c85 sha256:83a0ef394a208605cdec28ea56d5bfb48ed97fe87eb97012e683299c5a96a78b
• multus-route-override-cni git 707dd380 sha256:03bc4084f4be05e2015a582eebc6075c4358d508be9ccc11db58c87bb8f5ec45
• network-tools git bcfec9c5 sha256:5ff9560982709df1ab9b0f02293a81f58a0313ed162b4d321ab4eacaa0d3b606
• oauth-proxy git 799d414b sha256:64f00b9e73a252b73351e3ff7f68c80bafb66049daa0cc2fa5f2b297da52f60b
• oauth-server git 245b95f8 sha256:e882cf5223e669a805c7b63cb88ac6da7a3fa35b4afac142e8f160a6c0a0bdb9
• openshift-controller-manager git 2c2d50db sha256:c957f548d3a3fd0f7c2bea83f3f8dd8ad36b45f8257fb861d92e524fc67b3147
• openstack-cinder-csi-driver git df0b27de sha256:b1f773c80fcaea03d62329110904da1c150ad873c3493849943ab630ec634555
• openstack-cloud-controller-manager git df0b27de sha256:764a0f5c7ab067c4c09a56aa07fb78c2b046286b88ce5088c04435d05bc86dfc
• openstack-machine-api-provider git 2401f74d sha256:a0662cee5fc37472d0b85d1b315ef541a412652c761df870cbaa0c5fd8c2b825
• operator-marketplace git 80b92ecf sha256:3f7e459c7748f22a3590919725a4adda6a19b9ccebedabe1e28482d60ac31239
• ovirt-machine-controllers git 35ce9aaf sha256:a1072851a355756cc9ac691f551ebfc588a4215600b950fd68a6486143345f07
• powervs-machine-controllers git c1d68e7b sha256:d050d6268856a7c2ce71c9ca4bbbf9322ea46aa34084a9ec39d9b58bd3bd3561
• prom-label-proxy git 5f4c8992 sha256:856a5b44ed38f850797d76003b19e3ed2752110c7fef8d633a648288a6900f20
• prometheus git 3c6cd55e sha256:54bf9a768ccd6f8c9a413ab464c49f373302521c4bc4daef575ab89cb4068990
• prometheus-alertmanager git 01339596 sha256:763eeb5a8989e40b39085d4ccbc278b40b6aa446b8a78b47598e4886d96d98ea
• prometheus-node-exporter git 0eed3102 sha256:651c13a3ab3543a8d373f313f53cc1115f4c748bf01401fdb0f6ef1eb7d421e8
• service-ca-operator git 1611373e sha256:21c6066ecffe8b758f8094b5fa303f8744325f7a7fb7e23fd0576ef0ff07947f
• telemeter git 2c9c76e6 sha256:e8eb4d41c24f103fa92b2d56a1e2a86477972035a644eae9b7865873d3b78a1b
• thanos git 10ca1d38 sha256:c47487cfe889164b1228ae8aa05f7583e45148da3ac5a35eaa831909cb7cbbf5
• vsphere-csi-driver git e310f4d3 sha256:4b3a038eaa754dac95374e20042615263b85990e22addf491d2617dbaf0670cb
• vsphere-csi-driver-syncer git e310f4d3 sha256:2da1877bef0be32c83e8b58c4b1b0b3a204bb649f4a2026fec7153eb7250aefc

alibaba-cloud-csi-driver

• Bug 2076671: 4.10: Add a parameter to the schema to automatically increase volume sizes #14
• Full changelog

alibaba-disk-csi-driver-operator

• Bug 2076671: Auto increase volume size to 20 GiB in the default storage class #28
• Full changelog

alibaba-machine-controllers

• Updating ose-alibaba-machine-controllers images to be consistent with ART #23
• Full changelog

aws-ebs-csi-driver

• OCPBUGS-1804: UPSTREAM: 1398: Add resolver to handle custom endpoints #210
• Full changelog

aws-ebs-csi-driver-operator

• Bug 2077894: Set custom endpoint environment variable if available #154
• Full changelog

aws-machine-controllers

• Bug 2117557: Fix panic when accessing nil machine annotations map #50
• Bug 2109124: Validate unknown regions using AWS API #48
• Bug 2083270: Custom DHCP Option Set: empty domain-name is a valid custom domain #37
• Full changelog

azure-cloud-controller-manager, azure-cloud-node-manager

• bug OCPBUGS-2062: .dockerignore: enable OSBS2 builds #42
• Full changelog

azure-disk-csi-driver

• Bug 2118392: Update dd table 4.10 #31
• Full changelog

azure-disk-csi-driver-operator

• Bug 2105304: Increase pod startup timeout in e2e tests #52
• Bug 2097439: Only use credentials that are provided by the azure-inject-credential… #50
• Full changelog

azure-machine-controllers

• OCPBUGS-930: Ignore unknown Instance types in accelerated networking check #34
• Bug 2093275: update getAvailabilitySetName function #23
• Full changelog

baremetal-installer, installer, installer-artifacts

• OCPBUGS-1737: OpenStack: Lift validation for 14 chars cluster names #6420
• OCPBUGS-1936: bump RHCOS 4.10 bootimage metadata #6454
• Bug 2107154: Make azure baseDomainResoureGroup optional for private c… #6120
• Bug 2112914: Fix validation errors for instance type #6189
• Bug 2102363: Dynamic retrieval of GCP Regions for a Project #6059
• OCPBUGS-784: Download yq in upi installer containers #6285
• Bug 2111258: vsphere installconfig: use full dc path in network validation #6173
• OCPBUGS-249: Allow setting bootstrap kubelet ip #6231
• Bug 2095319: bump RHCOS 4.10 bootimage metadata #6095
• Bug 2099673: Collect whole journal and netstat data #6035
• Bug 2097753: Bootstrap timeout increase #6017
• Bug 2083632: Delete all the ports from tagged Neutron networks. #5882
• Bug 2077904: Fix empty string usage in ValidateForProvisioning #5835
• Bug 2045771: bump RHCOS 4.10 bootimage metadata #5932
• Bug 2083335: Set rc-manager=unmanaged for on-prem bootstrap #5876
• Bug 2084547: update azure arm templates to support customer provided vnet #5892
• Bug 2083327: [release-4.10] Add ‘ARG TAGS=“”’ line for each build step #5874
• Bug 2076613: [release-4.10] data/data/coreos/fcos.json: update initial FCOS to 35.20220327.3.0 #5820
• Bug 2079589: azurestack: stop pinning to Standard_LRS for disk type #5851
• Bug 2041765: Update BMO vendor #5705
• Bug 2077411: for vsphere ipi add cluster domain to the uploaded vm configs so that 30-local-dns-prepender can use it #5827
• Bug 2068948: Update region check for coreos AMIs #5752
• Bug 2072135: vsphere: Use Managed Object ID for networks instead of potentially duplicate name. #5773
• Bug 2062429: IBMCloud: Missing infra providertype #5693
• Bug 2065808: stop considering Mint mode as supported on Azure (#5699) #5717
• Bug 2064731: fix(ibmcloud): Properly match regex for DNS destroy #5711
• Full changelog

baremetal-machine-controllers

• Update OWNERS #179
• Bug 2099584: Update BMO vendor to v0.0.0-20211102102625-469cc9bf7fee #174
• Full changelog

baremetal-operator

• Bug 2047930: Move from Available to Preparing if HostFirmwareSettings changed #210
• Bug 2100996: Uplift kustomize to v4 to remove go-getter dependency #234
• Bug 2097695: Stop treating missing network as fatal error #230
• Full changelog

baremetal-runtimecfg

• Bug 2084187: Avoid kubernetes node port range #178
• Full changelog

cli, cli-artifacts, deployer, tools

• OCPBUGS-1788: oc adm logs: generate proper path for static pods #1246
• OCPBUGS-1638: Increase default value of cache TTL to 6 hours #1241
• Bug 2116526: oc adm inspect: check a resource exists before its inspection #1227
• Bug 2106158: remove klog format and update messages for docker config deprecation #1205
• Bug 2095584: Backport oc adm catalog mirror –continue-on-error flag #1170
• Bug 2084591: [inspect] Add namespace-scoped networking resources to inspect #1133
• Bug 2087248: Add the ReleaseAccepted condition to the oc adm upgrade command #1147
• Bug 2080151: Remove network CRDs scheme registration #1122
• Bug 2084429: Fix project command auto completion #1131
• Bug 2077332: pkg/cli/admin/upgrade: Use PATCH instead of POST for spec updates #1114
• Bug 2079325: Fix kubectl version to 1.23.0 #1117
• Bug 2068763: make sure that we check for resorces and files before picking the simplest path #1098
• Bug 2068474: expose –keep-startup flag for oc debug #1097
• Bug 2049427: Enhancing the output provided when backup collections are attempted #1056
• Bug 2060419: reuse SourceRepository.DetectAuth during argument classification for consistent interaction with private source repositories #1083
• Full changelog

cloud-credential-operator

• Bug 2107276: Make ccoctl work with credentials fetched from gcloud cli defaults #479
• Full changelog

cloud-network-config-controller

• OCPBUGS-2162: Add resolver to handle custom endpoints #67
• Bug 2075444: Get subnet information from subnet instead of from network addresses #40
• Bug 2076935: azure: default empty environment to AzurePublicCloud #37
• Bug 2062133: Fix Azure VNET lookup when the NIC’s subnet is in a different resource group #28
• Full changelog

cluster-authentication-operator

• Bug 2084054: only ever include certificates in the oauth-serving-cert CM #577
• Full changelog

cluster-autoscaler

• Bug 2105110: Have VPA ignore phantom containers named “POD” #236
• Full changelog

cluster-autoscaler-operator

• Bug 2069095: add leader election flags to autoscaler deployment #243
• Full changelog

cluster-baremetal-operator

• OCPBUGS-1517: [release-4.10] Fix a few papercuts #291
• Bug 2101002: Uplift kustomize and BMO to remove go-getter dependency #281
• Synchronize OWNERS from master #274
• Bug 2091738: Fix interpretation of Deployment Status Conditions #267
• Full changelog

cluster-cloud-controller-manager-operator

• Bug 2099499: Backport resourceapply changes for being able to recreate daemonsets/deployments #194
• Bug 2079791: Ensure release version is injected into all controller status clients #187
• Full changelog

cluster-config-operator

• Bug 2072739: [release-4.10] Bump openshift/api to a83e6f8f1d #247
• Full changelog

cluster-csi-snapshot-controller-operator

• Bug 2062197: Fix race when setting Progressing condition #115
• Full changelog

cluster-etcd-operator

• OCPBUGS-1758: fix cert rotation on IP changes #936
• Bug 2116624: etcd-metrics container is flooding logs #906
• OCPBUGS-200: Exits with a non-zero code in case Etcd backup fails #907
• Bug 2108176: Fix etcd minor upgrade backup #892
• Bug 2105249: Add etcd pod liveness and readiness probes #880
• Bug 2086451: fix races in etcdclient #828
• fixing unit test health flakes with tolerance #882
• Bug 2105148: fix degraded missing cluster version #878
• Bug 2102793: avoid extrapolation in leaderhip alert #870
• Bug 2095579: etcdHighNumberOfFailedGRPCRequests alerts with wrong results #850
• Bug 2101912: Upping defrag timeout to 1 minute #866
• Bug 2095114: cluster-backup.sh script has a conflict to use the ‘/etc/kubernetes/static-pod-certs’ folder if a custom API certificate is defined #848
• Bug 2010346: Add summary to etcd alert rules #825
• Bug 2088131: remove etcd_perf before restore #836
• Bug 2082312: Adding Thomas to reviewers, adding Allen to approvers #817
• Bug 2080554: manually disable defrag #809
• Bug 2079660: pkg/operator/upgradebackupcontroller: Pivot from Failing to ReleaseAccepted #806
• Bug 2055833: Increase IBMCloud VPC heartbeat timeout to 500ms and leader election timeout to 2500ms #794
• Bug 2059632: pkg/operator/metriccontroller/fsync_controller: Fix “treshold” -> “thresholds” typos #757
• Bug 2076773: Update owners to add new team members #793
• Bug 2059347: Fix FSyncController degraded latch #755
• Bug 2069825: turn on initial corruption check #771
• Full changelog

cluster-image-registry-operator

• Bug 2110957: Add progressing condition for node-ca daemon set #791
• OCPBUGS-2107: Enable enableHttpsTrafficOnly for Azure storage account #804
• Bug 2110957: Use actualDaemonSet for SetDaemonSetGeneration #799
• Bug 2115267: Disable dualstack when it is not available #794
• Bug 2110963: Bump aws-sdk-go to 1.44.4 #793
• Bug 2083242: IR-253: add prometheus rules for image registry operations metrics #786
• Bug 2083242: IR-120: Add prometheus rules for image stream tags rules #777
• Bug 2083242: IR-120: Implementing metrics for ImageStreams #775
• Bug 2084514: Fix cloudfront middleware configuration #780
• Bug 2083559: IBMCloud: Add admin permissions to CR #778
• Bug 2074050: Deployment annotations, runtimeClassName override and fs policy change #765
• Full changelog

cluster-ingress-operator

• BUG 2094051: Fix removing custom created service in openshift-ingress with same naming convention #820
• Bug 2079034: Add allowPrivilegeEscalation to the router container #748
• Bug 2097735: Fix loadBalancerServiceAnnotationsChanged check and update #784
• Bug 2100630: Fix flakey logic in haproxy timeout tests #792
• Bug 2082161: Delete LoadBalancer-type service finalizer logic #755
• BUG 2063283: Disable keepalive for canary probe #719
• Bug 2059210: Set Upgradeable=False if default cert has no SAN #710
• Full changelog

cluster-kube-apiserver-operator

• Bug 2060058: superfluous apirequestcount entries in audit log #1327
• Bug 2071030: OCP 4.10 should be firing APIRemovedInNextEUSReleaseInUse for APIs removed in 1.25 #1335
• Full changelog

cluster-kube-controller-manager-operator

• OCPBUGS-466: PodDisruptionBudgetAtLimit should not alert when no app/pods exist #648
• Bug 2116983: e2e: Fix test pod disruption budget at limit alert #646
• Bug 2114587: add runbook urls to KCM-o alerts #645
• Full changelog

cluster-kube-scheduler-operator

• Bug 2089336: Fix bootstrap leader election config #429
• Full changelog

cluster-kube-storage-version-migrator-operator

• Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART #65
• Full changelog

cluster-machine-approver

• Updating ose-cluster-machine-approver images to be consistent with ART #168
• Bug 2072928: Reconcile recently approved CSRs by other controllers #162
• Full changelog

cluster-monitoring-operator

• OCPBUGS-1446: [release-4.10] Use service ca beta annotation #1778
• OCPBUGS-1676: Dedicated kubelet ServiceMonitor for prometheus-adapter #1777
• OCPBUGS-924: increase alertmanager’s startupProbe failure threshold #1760
• OCPBUGS-579: Give precedence to CMO config map proxy config #1751
• Bug 2118303: Adds UWM extrenalLabels from Prometheus to ThanosRuler labels #1742
• Bug 2099526: Updates jsonnet dependencies, prom-adapter #1715
• Bug 2098505: Backport PR#1692 to release-4.10 #1695
• Bug 2083242: IR-254: Collecting registry and image stream usage #1694
• Bug 2089806: Refactors CreateRouteIfNotExists to CreateOrUpdateRoute #1677
• Bug 2090422: pkg/manifest: Allow retention to be configurable for Thanos-Ruler in UWM #1678
• Bug 2090602: Federation for UWM metrics #1657
• Bug 2083460: Set timeout across Grafana components #1654
• Bug 2077722: Adjust NodeFilesystemSpaceFillingUp thresholds according default kubelet GC behavior #1665
• Bug 2075757: UWM: add SAR capabilities to prometheus cluster role #1653
• Bug 2075757: use bearer token as fall-back authn method #1641
• Bug 2062452: React to changes in clusteroperators #1585
• Bug 2060756: Properly deal with an empty console URL #1582
• Full changelog

cluster-network-operator

• Bug OCPBUGS-942: Kuryr: Bump timeoutSeconds for livenessProbe #1550
• Bug 2095111: ovn: fix northd preStop command handling #1477
• Bug 2083266: Limit Kuryr pods permissions #1435
• Bug 2077384: Bump max value of hist quantile for kuryr_cni_request_duration #1388
• Bug 2084591: Cleanup CNO relatedObjects #1467
• Bug 2085510: OCPVE-106 Customize rollout strategy to fix SNO upgrade #1445
• Bug 2078501: [release-4.10] Drop Node update permission for sdn-node #1410
• Bug 2058508: Add rolling update strategy for Kuryr-CNI. #1321
• Bug 2083593: Add default-route field to egress-router k8s.v1.cni.cncf.io/networks #1436
• Bug 2079031: Make the use of the ip-reconciler cronjob opt-in by detecting IPAM type usage [backport 4.10] #1398
• Bug 2081149: Reserve port TCP/9104 for cluster-network-operator #1418
• Adds dougbtv to owners [release-4.10] #1401
• Bug 2058672: ip-reconciler cronjob specification requires hostnetwork, api-int lb usage & proper backoff [backport 4.10] #1322
• Bug 2057961: Do not apply OVN-Kubernetes PodDisruptionBudget on single-node clusters #1317
• Full changelog

cluster-node-tuning-operator

• e2e: check for tsc=reliable instead of tsc=nowatchdog (#428) #428
• Ignore Profile updates triggered by old operands (#357) #357
• Full changelog

cluster-openshift-apiserver-operator

• [release 4.10] Bug 2109235: openshift-apiserver pods never going NotReady #501
• Full changelog

cluster-samples-operator

• OCPBUGS-2132: openshift template cakephp-mysql-persistent apiVersion for 4.10 #466
• Full changelog

cluster-storage-operator

• OCPBUGS-286: HTTPS_PROXY ENV missing in some CSI driver operators #311
• Bug 2098655: gcp cluster rollback fails due to storage failure #300
• Bug 2102242: Add missing ibm cloud annotations to prometheus rbac #293
• Bug 2072191: cluster storage operator AWS credentialsrequest lacks KMS privileges #268
• Full changelog

cluster-update-keys

• Updating ose-cluster-update-keys images to be consistent with ART #41
• Full changelog

cluster-version-operator

• OCPBUGS-233: pkg/cvo/updatepayload: Set ‘readOnlyRootFilesystem: false’ #824
• OCPBUGS-235: pkg/clusterconditions/promql: Cap PromQL queries at 5 minutes #825
• Bug 2108292: pkg/cvo: retain initial completed update history entry #798
• Bug 2094078: pkg/cvo/updatepayload: Guard against ‘rm -fR -whatever’ with ./* #787
• Bug 2090150: pkg/cvo/sync_worker.go: Save overrides #782
• Bug 2083370: Do not save desired update on load failures #776
• Bug 2080058: pkg/cvo/updatepayload: Prune previous payload downloads #769
• Bug 2071211: lib/resourcebuilder/batch: Stop waiting on Job deadline exceeded #764
• Bug 2064991: pkg/cvo: Separate payload load from payload apply #753
• Bug 2052839: pkg/cvo/sync_worker: Use current state, not suggested state, for guarding Initializing->Updating #738
• Full changelog

console

• Bug 2072790: Regression “Create VM” #12160
• OCPBUGS-938: do not show NodesUpdateGroup if there are 0 nodes #12061
• Bug 2090127: CNV 20527: Enable boot source select for vm template #12082
• Bug 2094074: Remove error on user template with DS #12092
• Bug 2054917: Fix template example yaml #12091
• Bug 2072790: Select template using also queryParams #12090
• OCPBUGS-1759: Show already loaded catalog items after a timeout (3sec) #12106
• OCPBUGS-403: fix broken update server link #11974
• OCPBUGS-1815: fetch shared resource imagestreams based on labels instance or name #12110
• Bug 2107898: Access mode and volume mode with sourceRef will now be taken from default storageclass #11907
• OCPBUGS-1828: Fix devfile registry assertion #12112
• OCPBUGS-1634: Update registry library dependency to pick up proxy support #12040
• Bug 2080389: Link to documentation from the overview page goes to a missing link #11909
• OCPBUGS-382: [OSD] ClusterVersion YAML editor should be read only #11922
• OCPBUGS-550: Input values in Instantiate Template are disappeared randomly in the developer console #11983
• Bug 2077142: Fix Web Terminal availability check to verify operator is installed #11374
• Bug 2117642: Backport CI test fix to relase 4.10 #11966
• Bug 2117351: fix helm readme bug #11950
• Revert “Bug 2100103: Can’t delete rootdisk in customization wizard” #11932
• Bug 2114833: Use hostname from provided git url when making git api calls #11924
• Bug 2111335: Cannot edit ssh even vm is stopped #11886
• Bug 2101412: fix bug where Cluster update modal errors weren’t displa… #11765
• Bug 2112910: Fix search redirect #11914
• Bug 2100103: Can’t delete rootdisk in customization wizard #11887
• Bug 2052444: Unstar RHEL 7 template #11885
• Bug 2110536: add z-index to ocs-drawer to make box-shadow visible #11873
• Bug 2110938: VM list page crashed #11879
• Bug 2063153: Use link to the downstream doc for Sysprep info #11772
• Bug 2108193: update icons for eventSource and eventSink #11847
• Bug 2053703: Handle blank usernames in error message #11045
• Bug 2109225: Remove modelsLoaded conditional rendering from ModelStatusBox #11857
• Bug 2106385: Fix CronJob resource version to batch/v1 #11820
• Bug 2106385: redirect v1beta1 CronJobs #11819
• Bug 2095217: VM SSH command generated by UI points at api VIP #11779
• [release 4.10] Bug 2094584: Cant create vm with sysprep #11775
• Bug 2100974: Restore spacing between/below modal body content #11763
• Bug 2092832: Check if spec is available in MCP details page #11629
• Bug 2084629: Add params prop to HorizontalNav component #11488
• Bug 2100330: disable upload for sourceRef templates #11774
• Bug 2104889: Fix topology sidebar update issues #11798
• Bug 2052416: fix offensive vm names #11778
• Bug 2094194: fix bug where log stream pauses in Chrome #11654
• Bug 2100345: fix clone vm error creating DV #11770
• Bug 2097338: Filter virtualization alerts in status card #11715
• Bug 2094215: Pass contextSource to TopologyApplicationActionProvider #11656
• Bug 2099600: Topology toolbars are unaligned to other toolbars #11703
• Bug 2095637: Disable update channel validation as well #11753
• Bug 2078699: Display disk size in correct units #11746
• Bug 2099527: Bug fix context menu position on topology #11735
• Bug 2078699: Display disk size in GiB in VM customize wizard #11733
• Bug 2079985: use the correct Alertmanager tenancy proxy #11418
• Bug 2094348: Display only running VMs in Virtualization Overview chart #11659
• Bug 2095217: Fix SSH command string #11679
• Bug 2062980: fixes uri case for event sink #11175
• Bug 2092496: [release-4.10] Added vault_tenants_sa to the list of supported providers #11584
• Bug 2094863: fix web terminal start #11672
• Bug 2094211: Change Ping source spec.jsonData (deprecated) field to spec.data #11655
• Bug 2090750: Handle medik8s node maintenance #11581
• Bug 2091482: change metrics queries based on metrics level configurations #11595
• Bug 2089589: add debounce to tektonhub versions api call to avoid many calls #11552
• Bug 2092140: Avoid using ‘gp2’ hardcoded storage class #11618
• Bug 2089315: fix rolebinding in DevConsole dropping all subjects when updating #11545
• Bug 2095637: Fix failing backend test after devfile registry update #11710
• Bug 2094001: Add high priority alerts to overview #11647
• Bug 2092168: Add ‘Unavailable’ status to clusteroperator status filter #11619
• Bug 2088210: Monitoring: Fix first panel sometimes not rendered #11528
• Bug 2090124: Removing SSH service selectors to minimum required #11565
• Bug 2081946: Fix default branch param in pipeline import from git flow #11442
• Bug 2091402: cloud-init User check for Windows VM refuses to accept capitalized #11592
• Bug 2084430: fixes apiversion for k8s svc and resource selection for sink for form yaml switcher #11482
• Bug 2087065: show Limit exceeded state for large number of nodes in topology #11506
• Bug 2050273: Update MON_DISK_LOW whitelisted alert documentation URL #11411
• Bug 2089162: Change learn more link in virtualization -> migration tool #11541
• Bug 2089547: Eliminate use of lookaside cache and move to Cachito #11551
• Bug 2088430: Set dashboards timeout based on selected timespan #11532
• Bug 2084091: MCG standalone deployment page goes blank when the KMS option is enabled #11479
• Bug 2088247: Different status shows on VM list page and details page #11538
• Bug 2087041: back port conditional updates #11487
• Bug 2088281: Attached disk keeps in loading status when add disk to a power off VM by non-privileged user #11530
• Bug 2088246: Overview page crash if no labels available #11525
• Bug 2051433: [release-4.10] Create HANA VM does not use values from customized HANA templates #11011
• Bug 2088255: Adding missing annotations to create VM from YAML #11527
• Bug 2088019: The default YAML on vm wizard is not latest #11522
• Bug 2083729: Fix Filter Dropdown State Management #11471
• Bug 2084489: Create VM from template that has sourceRef - will now reflect sourceRef at yaml #11485
• Bug 2076989: Fix ResourceQuota dashboard card and ACRQ donut label #11367
• Bug 2083385: fix bug where “Update blocked” label incorrectly displa… #11466
• Bug 2076370: fix CRD name filter #11356
• Bug 2083551: customize wizard is crashed #11469
• Bug 2076275: Update and scope our breadcrumb padding rule so it doesn’t effect a pure implementation #11365
• Bug 2076777: add update mode to Update cluster #11364
• Bug 2074163: remove .pf-c-button.pf-m-link override #11315
• Bug 2071904: Translate Extensions On Each Language Change #11348
• Bug 2078385: Remove reference to deprecated v2v-vmware ConfigMap #11387
• Bug 2076369: fix bug where ClusterRole > RoleBindings did not display… #11354
• Bug 2073477: Add IBM Flashsystem volume types #11308
• Bug 2077641: Improve Firehose cache, so that it does not return unexpected data also if isList differs on two concurrent calls #11382
• Bug 2065008: add a hardcoded blog link as fallback in guided tours #11193
• Bug 2074571: fix bug where Cluster Settings shows 0 of N, 0% progres… #11319
• Bug 2073023: Fix WebSockets not reconnecting during upgrade #11302
• Bug 2072839: fix bug where RoleBindings are not displaying in ClusterRole > RoleBindings #11297
• Bug 2069246: Fixed the render of a Tab Extension when there is a version present #11242
• Bug 2076221: Fix failing TestGetRegistrySamples test #11351
• Bug 2057218: Added support for customized wizard - new templates #11341
• Bug 2069959: Update getting started blog link #11255
• Bug 2074895: Display correct disk size in Edit disk modal #11329
• Bug 2061250: Update ConsolePlugin manifest #11267
• Bug 2072440: avoid pre-fetching tekton hub task versions in pipeline builder #11290
• Bug 2067719: correct ChannelDocLink url #11225
• Bug 2069913: Fix disabling community tasks in pipeline builder issue #11253
• Bug 2059186: Don’t pass Authorization header when not needed #11108
• Bug 2048892: Add empty state to running VMs card #10986
• Bug 2054949: Disabling Vault SA based auth for storage class encryption #11064
• Bug 2049762: Cannot change storage class of boot disk when creating VM #10994
• Bug 2054650: Allow custom template namespace #11057
• Bug 2067983: Pipeline metrics: use prometheus-tenancy API to get data #11226
• Bug 2065480: Fix VolumeSnapshot creation sort #11196
• Bug 2064988: [Tekton Hub] show read more link in the task quick search details pane #11192
• Bug 2057507: Decode secrets before authorizing repository #11094
• Bug 2052414: Add started-by annotation to pipelines created with “Start last run” #11015
• Bug 2059807: Show standalone resources as sink and not the one’s owned by other resource #11119
• Bug 2065672: Fix alert from showing an object #11200
• Bug 2060090: updates versions for kafka and kafkaTopic #11127
• Bug 2059989: Fix to add labels to webhook secrets created during import #11125
• Bug 2056512: fix ClusterOperator Status, Version col sorts #11084
• Bug 2064510: Change the tekton hub api endpoint to use v1 api #11186
• Full changelog

console-operator

• Bug 2106944: InfrastructureTopology must be driving console affinity rule creation #664
• Bug 2078912: Modify the operator display name to match it with the name displayed in operatorhub #651
• Bug 2076453: Console operator should not block installation/upgrade process when set to Removed state #649
• Bug 2059992: Re-enable TestMetricsEndpoint e2e test case #646
• Bug 2054535: ODF quickstart permissions check #637
• Bug 2054199: Dockerfile.rhel7: add new Helm CRD, ProjectHelmChartRepository #636
• Full changelog

container-networking-plugins

• Bug 2103175: Sysctl IFNAME [backport 4.10] #63
• Full changelog

csi-driver-manila-operator

• Bug 2091649: SWEET32: Improve TLS configuration for Kube RBAC Proxy #150
• Full changelog

docker-builder

• OCPBUGS-205: Add support for BUILDAH_QUIET environment variable #310
• Full changelog

docker-registry

• Bug 2110963: Bump aws-sdk-go to 1.44.4 #340
• Bug 2099416: Support authentication using gcp workload identity federation #336
• Bug 2085414: forward http.StatusTooManyRequests to client #332
• Bug 2069807: Bug 2060362: Revert “Support authentication using gcp workload identity federation” #321
• Bug 2061785: Fix ICSP for subrepositories #318
• Full changelog

etcd

• OCPBUGS-2142: Rebase openshift/etcd 4.10 onto 3.5.5 #156
• Update OWNERS #123
• Bug 2077498: Merge Upstream etcd 3.5.3 into Openshift 4.10 #118
• fix the flaky test TestV3AuthRestartMember #14454
• server: don’t panic in readonly serializable txn #14178
• etcdctl: allow move-leader to connect to multiple endpoints #14434
• testing: fix TestOpenWithMaxIndex cleanup #14440
• server/etcdmain: add build support for Apple M1 #14436
• server,test: refresh cache on each NewAuthStore #14409
• Fix corruption checks v3.5 #14282
• Move consistent_index forward when executing alarmList operation #14429
• fix the potential data loss for clusters with only one member #14424
• Backport of pull/14354 to release-3.5 #14397
• Refactor the keepAliveListener and keepAliveConn #14366
• clientv3: close streams after use in lessor keepAliveOnce method #14361
• etcdserver: bump OpenTelemetry to 1.0.1 and gRPC to 1.41.0 #14312
• Change default sampling rate from 100% to 0% #14318
• server/auth: protect rangePermCache with a RW lock #14227
• clientv3: Fix parsing of ETCD_CLIENT_DEBUG #14222
• Support configuring MaxConcurrentStreams for http2 #14219
• Automated cherry pick of #14182 #14187
• client/v3: do not overwrite authTokenBundle on dial #14132
• Restrict the max size of each WAL entry to the remaining size of the WAL file #14127
• Backport two lease related bug fixes to 3.5 #14087
• scripts: Avoid additional repo clone #14050
• Test release scripts #14043
• [backport 3.5]: server/auth: enable tokenProvider if recoved store enables auth #13205
• Update golang.org/x/crypto to latest #13996
• Update consitent_index when applying fails #13946
• Revert #13714 #13950
• PR 13923 to release-3.5 #13938
• Dockerfile*: Switch baseimage to k8s hosted one #13862
• Set backend to cindex before recovering the lessor in applySnapshot #13933
• Support linearizable renew lease #13932
• clientv3: filter learners members during autosync #13917
• etcdserver: upgrade the golang.org/x/crypto dependency #13669
• Fix the data inconsistency issue by adding a txPostLockHook into the backend #13908
• server: Save consistency index and term to backend even when they decrease #13904
• go.mod: Upgrade to prometheus/client_golang v1.11.1 #13895
• server: Add verification of whether lock was called within out outsid… #13887
• Fix inconsistent log format #13866
• Makefile: Fix wrong target #13858
• Update go to 1.16.15 #13832
• Fix offline defrag in etcdctl #13792
• backport 3.5: #13676 load all leases from backend #13726
• server/storage/backend: restore original bolt db options after defrag #13701
• Always print raft term in decimal when displaying member list in json #13727
• *: fix IsOptsWithFromKey #13736
• enhance health check endpoint to support serializable request #13706
• Trim the suffix dot from the srv.Target for etcd-client DNS lookup #13714
• Update dep: gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254 [release 3.5] #13616
• Backport watchablestore runlock bug fix to release-3.5 #13541
• Set the backend again after recovering v3 backend from snapshot #13501
• Backport Lease Checkpoints fix to release-3.5 #13515
• Backport PR 13308 to release-3.5 #13477
• cherry-pick to 3.5 from #13467 exclude the same alarm type activated by multiple peers #13476
• storage/backend: Add a gauge to indicate if defrag is active (backport) #13395
• Dockerfile: bump debian bullseye-20210927 #13380
• Cherry pick “Fix http2 authority header in single endpoint scenario” to release-3.5 #13375
• Fix for v3.5 Ensure that cluster members stored in v2store and backend are in sync #13348
• Stop using tip golang version in CI #13349
• [backport 3.5]: Automated cherry pick of #13145 #13237 #13257
• Full changelog

gcp-pd-csi-driver-operator

• Bug 2098655: gcp cluster rollback fails due to storage failure #49
• Full changelog

haproxy-router

• Bug 2098230: Fix gap in router’s handling of graceful shutdowns. #406
• Bug 2096362: HAProxy: enable PROXY protocol for all listeners #405
• Bug 2076371: generateRouteHostRegexp: Escape blanks #385
• Full changelog

hyperkube, pod

• Bug 2101326: bump to k8s 1.23.12 #1382
• Automated cherry pick of #112299: Reduce default gzip compression level from 4 to 1 in #112400
• Automated cherry pick of #112526: Limit redirect proxy handling to redirected responses #112529
• Automated cherry pick of #112508: kubeadm: allow RSA and ECDSA format keys in preflight check #112536
• Automated cherry pick of #111205: Fix problem in updating VolumeAttached in node status #112303
• Automated cherry pick of #112193: Add an option for aggregator #112358
• Automated cherry pick of #112017: exec auth: support TLS config caching #112338
• Automated cherry pick of #110951: fix nestedPendingOperations mount and umount parallel bug #112102
• Automated cherry pick of #110179: Prune defaults for CRD serving #110578
• Automated cherry pick of #111009: Windows: ensure runAsNonRoot does case-insensitive comparison #112212
• Automated cherry pick of #111999: fix error type #112140
• Automated cherry pick of #107025: Remove AttachID matching from Detach #111952
• Automated cherry pick of #112183: Tolerate sub-microsecond eventTime changes on update #112188
• Automated cherry pick of #112150: Improve kubectl display of invalid errors #112156
• Automated cherry pick of #108146: Fixing logic for kubelet permissions check on windows #111079
• Automated cherry pick of #111773: fix a memory leak problem when calling DryRunPreemption #111804
• Automated cherry pick of #111235: fix a possible panic because of taking the address of nil #111273
• Automated cherry pick of #110140: Fixing issue in generatePodSandboxWindowsConfig for #110965
• Automated cherry pick of #108593: tests: Updates the should delete a collection of pods test #109789
• Automated cherry pick of #111141: Fix kubelet panic when accessing metrics/resource endpoint #111164
• Automated cherry pick of #110075: Add retry logic for Unix Domain sockets on Windows #110934
• Automated cherry pick of #111477: Share a single etcd3 client logger across all clients #111649
• Automated cherry pick of #111721: Fix deleting UIDs tracking expectations #111723
• Automated cherry pick of #110813: Ensure the dir of –audit-log-path exists #111226
• Automated cherry pick of #111646: Fix JobTrackingWithFinalizers when a pod succeeds after the #111665
• Update Go to 1.17.13 #111640
• Update Go to 1.17.12 #111465
• kubeadm: fix the bug that configurable KubernetesVersion not respected during kubeadm join #111022
• Automated cherry pick of #111026: Do not skip job requeue in conflict error #111038
• [release-1.23 cherrypick] Bump cAdvisor to v0.43.1 #111013
• Hotfix: filter out unsatisfied nodes when calling AddPod in PodTopologySpread #110853
• Cherry pick of #110294 GIT-110239: fix activeDeadlineSeconds enforcement bug #110545
• Automated cherry pick of #107631: Avoid updating Services with stale specs Fix the bug that #109358
• Automated cherry pick of #110523: fix image pulling failure when IMDS is unavailalbe in kubelet #110555
• Automated cherry pick of #110791: kubeadm: fix the bug that configurable KubernetesVersion not #110909
• Automated cherry pick of #110408: apiserver: printers should use int64 #110602
• Automated cherry pick of #110469: add missing error handling steps #110577
• Automated cherry pick of #109124: Winkernel proxier cache HNS data to improve syncProxyRules #110702
• Automated cherry pick of #110652: fix: –chunk-size with selector returns missing result #110757
• Automated cherry pick of #108284: fix: exclude non-ready nodes and deleted nodes from azure #109932
• Revert “Automated cherry pick of #109124: Winkernel proxier cache HNS data to improve syncProxyRules” #110585
• Automated cherry pick of #108078: Skip updating Endpoints and EndpointSlice if no relevant #108879
• Automated cherry pick of #109624: Ignore EndpointSlices that are already marked for deletion #110483
• Automated cherry pick of #110256: kubelet: Mark ready condition as false explicitly for terminal pods #110480
• Automated cherry pick of #110145: fix audit union loop variables in closures #110275
• Automated cherry pick of #109124: Winkernel proxier cache HNS data to improve syncProxyRules #109981
• ipvs: fix prevent concurrent map read and map write for 1.23 #110322
• Automated cherry pick of #109987: Fix resizing of ephemeral volumes #110118
• Automated cherry pick of #110191: kubelet: Pod probes should be handled by pod worker #110417
• Update Go to 1.17.11 #110423
• Automated cherry pick of #107402: Reject proxy requests to 0.0.0.0 as well #110361
• Automated cherry pick of #110255: Endpoints and EndpointSlices should not publish IPs for terminal pods #110259
• Automated cherry pick of #109103: cpu manager policy set to none, no one remove container id #109156
• Backport of #106539: Replace url label in rest client latency metrics by host and path #109699
• Automated cherry pick of #110009: Fix requests scope classification #110091
• Automated cherry pick of #109969: authn: fix cache mutation by AuthenticatedGroupAdder #110005
• Automated cherry pick of #109858: GCE: skip updating and deleting external loadbalancers if #110002
• Automated cherry pick of #109947: Wait for cache to sync in job’s TestWatchOrphanPods #109980
• Update Go to 1.17.10 #110045
• Automated cherry pick of #109836: Fix OpenAPI loading error caused by empty APIService #109867
• Disable JobTrackingWithFinalizers due to unresolved bug #109491
• Automated cherry pick of #108107: kubelet apiserver: be gentle closing connections on #109381
• Automated cherry pick of #109486: Integration test for backoff limit and finalizers #109788
• Automated cherry pick of #108613: Fix a bug that out-of-tree plugin is misplaced when using #108890
• Automated cherry pick of #108429: Allow KUBE_TEST_REPO_LIST to be a remote url as well #109512
• Automated cherry pick of #108553: fix: race detected in TestErrConnKilled #109257
• Automated cherry pick of #106969: kubectl: fix hard-coded value in zsh completion #109235
• Automated cherry pick of #109074: kubeadm: add etcd flag for member data consistency #109075
• Automated cherry pick of #109442: Correct event registration for multiple scheduler plugins. #109446
• Automated cherry pick of #108496: iptables: remove port opener #108885
• Automated cherry pick of #108000: azure_file: add namespace tests for InTree to CSI #108600
• Update Go to 1.17.9 #109462
• Automated cherry pick of #109188 upstream release 1.23 #109216
• Automated cherry pick of #108752: Fix: Clean job tracking finalizer from orphan pods #109020
• Automated cherry pick of #109245: Fix: abort nominating a pod that was already scheduled to a #109246
• Fix non-enum CSR condition field, omit enums from static openapi snapshot #109179
• Adjust tests to pass for both client-side and server-side validation #109041
• Automated cherry pick of #108639: unmark non-validated types as enums. #108740
• Cherry pick 108772 #108791
• Automated cherry pick of #109137 upstream release 1.23 #109159
• Automated cherry pick of #107845: kubelet: If the container status is created, we are waiting #108882
• Automated cherry pick of #108455: Copy request in timeout handler #109015
• Automated cherry pick of #108928: kube-up: use registry.k8s.io for containerd-related jobs #108943
• Automated cherry pick of #107763: e2e: Wait for kube-root-ca.crt to be created #108860
• Move kubelet secret and configmap manager calls to sync_Pod functions #108756
• Automated cherry pick of #108366 (release-1.23): Delay writing a terminal phase until the pod is terminated #108723
• OCPBUGS-1266: UPSTREAM: <carry>: Remove reserved CPUs from default set #1362
• Bug 2106414: UPSTREAM: 109103: cpu/memory manager containerMap memory leak #1318
• Bug 2103381: UPSTREAM: <carry>: update list of deprecated apis #1306
• Bug 2104928: UPSTREAM: 109932: fix: exclude non-ready nodes and deleted nodes from azure load balancers #1263
• Bug 2067464: Backport 107821 and 107831 #1241
• Bug 2075831: UPSTREAM: 109487: Disable JobTrackingWithFinalizers due to unresolved… #1244
• Bug 2074094: UPSTREAM: <carry>: An APIRequestCount without dots in the name can cause a panic #1237
• Bug 2069311: UPSTREAM: <carry>: use hardcoded rest mapper from library-go #1231
• Bug 2065774: Backport 108723 OutofCpu Fixes #1221
• Bug 2065620: Rebase 1.23.5 #1220
• Automated cherry pick of #108631: Remove apf_fd from httplog #108634
• Update Go to 1.17.8 #108559
• Bump konnectivity-client@v0.0.30 #108438
• Automated cherry pick of #107131: Fix default config flags #108401
• Automated cherry pick of #108410: fix dryrun when ca file exists #108469
• Automated cherry pick of #107121: fix regression introduced by PR 100320 #108465
• Automated cherry pick of #107764: wrap error from RunCordonOrUncordon #107938
• Automated cherry pick of #107413: kube-proxy: fix duplicate port opening #108294
• Automated cherry pick of #107997: cronjob_controllerv2: do not filter jobs to be reconciled by #108306
• Automated cherry pick of #108209: increase Azure ACR credential provider timeout #108226
• Automated cherry pick of #108149: fix: do not return early in the node informer when there is #108177
• Automated cherry pick of #108167: Fix nodes volumesAttached status not updated #108461
• Automated cherry pick of #108002: kubeadm: fix the bug that ‘kubeadm init –dry-run #108120
• test/e2e/framework: include the new control plane taint for “–non-blocking-taints” #108336
• /test/e2e_kubeadm: adjust label / taint checks for 1.23 #108170
• Automated cherry pick of #108127: test/e2e_kubeadm: fix matching UnversionedKubeletConfigMap #108128
• Automated cherry pick of #107900: Add an e2e test for updating a static pod while it #107931
• Automated cherry pick of #108198: Updating EndpointSlice strategy to retain node name in #108201
• Automated cherry pick of #108138: Revert v1beta1 PodDisruptionBudget select patchStrategy #108139
• Automated cherry pick of #107670: Ignore container notfound error while getPodstatuses #108164
• Automated cherry pick of #107789: Mark device as uncertain if unmount device succeeds #107791
• Update Go to 1.17.7 #108100
• Automated cherry pick of #107575: fix: azurefile volumeid conflict in csi migration #107850
• Automated cherry pick of #106715: set secondary address on host-network pods #107988
• Automated cherry pick of #107970: Make JSON schema round tripping test more strict #108030
• Automated cherry pick of #107956: Deeply copy JSONSchemaProps.XValidations. #107968
• Automated cherry pick of #107786: Revert “Fix comparison between FQDN and hostname” #107902
• Automated cherry pick of #107847: service REST: Call Decorator(old) on update path #107875
• Automated cherry pick of #106280: Set max results if its not set #107651
• Automated cherry pick of #107695: kubelet: fix podstatus not containing pod full name #107761
• Full changelog

hypershift

• Use non-strict mode when parsing global config #1619
• adopt existing immutable selectors to prevent errors reconciling components from roks toolkit clusters #1571
• cache registry files #1567
• feat(oauth): allow challenge override for OpenID #1543
• Add fallback set cache value from old token #1531
• Set Recommended Leader Election Values #1507
• feat(cpo): Support disable profiling annotation #1501
• Use ImagePullPolicyIfNotPresent for HO #1483
• Updated secret permissions to conform to kubernetes CIS benchmark #1480
• Ensure that everything uses imagePullPolicy IfNotPResent for resiliency #1475
• Add missing control plane prometheus rules #1471
• Ensure cache is set during token rotation before reconciling #1461
• Fix(cpo): Propagate TLS security profile config to kube-controller-manager and kube-scheduler #1416
• feat(cpo): adhere to upgrade order from kube version skew policy #1410
• Set shutdown params to improve graceful shutdown #1387
• fix(cpo): Scope down secrets access for olm collect profiles cj #1378
• move to ga apis for all components now that management clusters at minimum release boundary #1361
• configure cipher suites to prevent using medium strength ssl ciphers #1359
• Use apiserver host/port from InfraStatus in reconciling Kube API Server #1333
• Ignition server: Actually use workdir #1317
• Use forked processes instead of pods to generate ignition payload #1311
• disable reconcile of registry config in IBMCloud deployments #1309
• feat(cpo): Disable PodSecurity for 4.10 #1289
• Disable PodSecurity admission in 4.11 as it breaks conformance #1286
• Expose a service account signing key in the API #1265
• release-4.10 - Create valid route names with long namespace names #1252
• Fast-Forward from main #1233
• e2e: Don’t enable user workload monitoring on management clusters #1231
• Fix priority class for olm cronjob and verify priorityclasses in e2e #1226
• e2e: Don’t fail test on transient recoverable API lookup #1230
• Hypershift operator: Give a priority that is higher than any controlplane component #1229
• Get autoscaler/machine-approver images from the payload #1090
• Document KubeVirt Platform Ingress Setup #1213
• AntiAffinity rules to spread KubeVirt VMs across mgmt nodes #1218
• Retry EIP tagging failures during infra creation #1219
• Fix CPO to work with 4.11 #1217
• read apiserver-network-proxy image from ocp payload #1215
• Add support for AdditionalTrustBundle #972
• docs for DNS indirection #1208
• docs: Upgrade mkdocs/material to fix Netlify breakages #1212
• Dump: Always create an archive #1204
• Update staticcheck to a version that works with go 1.18 #1207
• Unique OpenShift vxlan port for KubeVirt Platform #1206
• Registry configuration: reconcile only what we need to changes #1202
• enable external-dns registry #1198
• sync MaxConcurrentReconciles across all controllers #1199
• add external-dns flags to CI install make target #1163
• KAS: Set proxy, but exempt pod and service CIDR #1200
• HO: Don’t report NotFund for hostedcluster as error #1192
• Forward from main #1190
• Revert “PKI: Use ECDSA keys by default” #1195
• add required-api to availablity prober for OLM and HCCO #1193
• Trigger reconcile when paused time is up #1184
• Fix ko entries and update ignition-server dev docs #1191
• Converge helper binaries and ignition-server into CPO binary #1169
• KAS: Never set proxy #1187
• fix AWS HostedCluster fixture to set hostname in alignment with endpointAccess #1188
• Use patch instead of update when updating HCP status and finalizers #1186
• Introduce OIDCConfigurationInvalid condition for OIDC setup validation #1180
• e2e: adjust budgets #1183
• Fix OLM container restart flakes in CI #1185
• Make clusterID optional in HostedControlPlane clusterID #1179
• Hypershift-operator: Increase worker count #1181
• Forward from main #1178
• Add ClusterID to HostedCluster #1151
• Remove CAPI-provider-agent ClusterRole from hypershift Agent platform #1162
• Fix typo in how to pause reconciliation doc #1174
• Update release-4.10 branch with latest from main #1173
• Ensure that all control plane pods use the cluster’s pull secret #1172
• PKI: Use ECDSA keys by default #1167
• dev: specify a more useful ko base image #1165
• Unify hypershift install make targets #1171
• Run unitests with racedetector and -count=25 to detect flakes #1166
• Dump: Dump guest cluster nodes #1170
• Add proxy support #1157
• Resources: Improve runtime of test #1168
• ensure token minter, socks proxy, and availablity prober are versioned with the control plane operator to prevent large scale restarts on hypershift operator upgrades for IBM Cloud #1164
• add clusterid label to admin kubeconfig secret #1154
• Fix events message unit test flake #1161
• Switching KubeVirt platform’s default ingress to NodePort #1150
• Update release-4.10 branch with latest from main #1160
• e2e: support dns indirection #1149
• Surface cloud error conditions for HostedCluster resources #1135
• feat(cpo): Support OLM catalog placement #1139
• Allow overriding images at the hypershift operator level #1155
• Remove capi-provider-agent role from hypershift management #1153
• Restructure how-to docs to categorise per platform #1147
• Alow hypershift operator to grant RBAC permissions to the cpai-provider-agent #1152
• Enable DNS indirection to control plane endpoints #1145
• Forward from main #1148
• Validate that agent namespace exists #1138
• Agent: each hostedcluster provider should have it’s own role and role binding in the agent namespace #1137
• Documented howto BM agent/none #1079
• prevent privilege esclation by explicitly not allowing the escalate and bind verbs with rbac on the control plane operator #1136
• Run the konnektivity agent DS with hostnetwork #1142
• Azure: Fix image name to match what HPO expects #1141
• Rename variable for machineconfig and pretty print message #1140
• add konnectivity proxy sidecar to ingress-operator to ensure it can properly perform in cluster canary healthchecks #1131
• Azure: Add multi-AZ support #1127
• Azure: Stop logging errors during role assignment retry #1120
• Azure: Use an apiserver port that ends with 443 to make conformance tests happy #1133
• Give control-plane-operator access to the pull secret #1132
• add https prefix for proper redirects of console url #1129
• Move oidc configmap management back into install command #1128
• fix dns crd reconciliation for ibm cloud or providers that provide a subdomain #1123
• Fix create nodepool azure command #1118
• Azure: Fix credentials log #1126
• Updated secret permissions to 416 #1124
• Add missing readiness probes on HA deployments #1106
• Fix type in azurecluser for Private DNS name #1119
• Azure: Make the rootdisksize on nodepool configurable #1097
• Full changelog

ibm-vpc-block-csi-driver

• OCPBUGS-1488: Add udev #20
• Full changelog

ibm-vpc-block-csi-driver-operator

• Bug 2077419: [4.10] [ibm-vpc-block] Unable to change default storage class #35
• Full changelog

image-customization-controller

• OCPBUGS-754: mount /run/udev into the agent container #64
• Bug 2098627: Remove the container at exit #56
• Update OWNERS to current team status #53
• Bug 2061977: Add delay between ironic-agent restart, but restart forever #54
• Bug 2061977: Restart ironic-agent.service when it fails #43
• Full changelog

insights-operator

• helm upgrades and uninstalls backport 4.10 (#663) #663
• OCPBUGS-251 Gather status of the cephclusters.ceph.rook.io resources (#659) #659
• Backport console helm installs to 4.10 (#638) #638
• Bug 2081844: Fix the clusteroperator conditions values when IO is (#619) #619
• Bug 2079318: Remove PSP gatherer (#608) (#615) #608
• Bug 2072848: Gather namespace names with overlapping UIDs (#605) #605
• Gather some error messages from the kube-controller-manager containers (#598) #598
• Full changelog

ironic

• OCPBUGS-1740: Backport improvements to iDRAC steps to OCP 4.10 #303
• OCPBUGS-1225: sync BIOS settings fixes #298
• Bug 2109125: Upgrade version of ironic package to include fix for ZTP deployment #284
• Bug 2080442: Update sushy version #272
• Full changelog

ironic-agent

• OCPBUGS-1232: Include Fix for discovering bond interfaces #63
• Bug 2100775: Include Fix discovering WWN/serial for devicemapper devices #56
• Bug 2100836: Add missing multipath modules #55
• Bug 2089312: multipath fix for passive paths #52
• Bug 2053752: import time #49
• Bug 2053752: Bump retries for UEFI boot configuration #48
• Bug 2061278: [release-4.10] Retry UEFI boot Configuration #43
• Bug 2048481: Update ironic-python-agent to latest bugfix version #38
• Full changelog

jenkins, jenkins-agent-base, jenkins-agent-maven, jenkins-agent-nodejs

• OCPBUGS-1440: fix install plugins script #1484
• OCPBUGS-1037: Install glibc language package to remove setLocale warning #1480
• OCPBUGS-473: CVE mitigations #1479
• OCPBUGS-713: Add user coreydaley to approvers list #1477
• OCPBUGS-400: Revert xmlstarlet usage #1469
• Bug 2095620: Bump matrix-project plugin to 1.20 #1453
• Bug 2080204: Correctly declare Jenkins URL with trailing slash #1441
• Bug 2076253: Mitigate multiple CVEs #1430
• Bug 2075135: set necessary JVM args to allow jenkins JVM to come up on a FIPS node #1425
• Bug 2069134: [release-4.10] Update bundle-plugins.txt #1420
• Bug 2069134: [release-4.10] Enable supply-chain check #1417
• Bug 2061616: [release-4.10] Compute bundle plugins in build #1398
• Bug 2063898: [release-4.10] 2022-02-15 Security Advisory #1403
• Bug 2062053: Add Jitendar to OWNERS file #1401
• Bug 2055653: Add xmlstarlet to handle JENKINS_PASSWORD properly #1391
• Full changelog

kube-proxy, sdn

• OCPBUGS-647: Fix DNS endpoint hack to prefer local instead of forcing it #467
• OCPBUGS-647: Fix OCP hack to prefer local DNS endpoints #457
• OCPBUGS-255: setup network policy rules during pod creation to fix postStart hook #455
• Bug 2078501: [release-4.10] Remove node-tainting for too-small MTU #422
• Bug 2087763: Probe failures and pod restarts during 4.7 to 4.8 upgrade #431
• Bug 2082451: Masquerade in cluster traffic that is marked for egress IP #430
• Bug 2066466: Fix releasing egress IP in cloud environments #416
• Bug 2064807: Rebase SDN k8 1.23.4 #415
• Bug 2062859: mixed ingress and egress policies can result in half-isolated pods #410
• Full changelog

kube-state-metrics

• Bug 2078835: internal/store: fix potential panic in pod store #70
• Bug 2085329: Use v1 PodDisruptionBudget and CronJob resources #72
• Full changelog

kuryr-cni, kuryr-controller

• Bug 2082079: Parallelize ports removal #663
• Bug 2097277: Use upper-constraints.txt from stable/xena in UT #673
• Bug 2077384: Increase cni_request_duration buckets #656
• Bug 2055661: Update KLB .spec.provider when required #637
• Full changelog

machine-api-operator

• Bug 2109124: Add DescribeRegions permission for aws controller #1046
• Bug 2086104: Set vCenter client request timeout #1017
• Full changelog

machine-config-operator

• OCPBUGS-642: Fix .ssh directory not owned by core when created by Machine Config Daemon #3315
• Bug 2118609: Fix problem with retaining data in string array in piped while loop #3289
• Bug 2118607: configure-ovs: clone inactive autoconnect slaves #3288
• Bug 2100894: fix MCNameSuffix with kcfg ctrrcfg #3224
• Bug 2084187: Avoid kubernetes node port range #3145
• Bug 2099686: controller: de-couple FIPS and realtime detection #3201
• Bug 2098626: configure-ovs: improve handling of static ip and mac address configuration #3197
• Bug 2096564: Bug fix for node drain caused by ICSP objects #3181
• Bug 2089757: configure-ovs: avoid restarting NetworkManager #3159
• Bug 2085410: OVN Kubernetes configure-ovs-network set static if conversion metric #3147
• Bug 2081317: configure-ovs.sh: Provide store hint for default route interface #3131
• Bug 2076493: [on-prem] make Corefile api matching stricter #3095
• Bug 2082567: [vsphere] remove warning encountered on vSphere UPI cluster without API VIP #3138
• Bug 2069798: ClusterRoleUpdated/ClusterRoleBindingUpdated Spamming Event Logs #3045
• Bug 2079097: Ensure only one apiserver-watcher process is active on a node. #3121
• Bug 2071696: Add KUBELET_NODEIP_HINT to nodeip-configuration #3058
• Bug 2072621: Fix bootstrap-unit test failure caused by #3008 #3109
• Bug 2076308: Move removeUpdateInProgressTaint functionality to mcc #3091
• Bug 2072621: [OCPNODE-869] Create a drop-in file for cri-o’s seccomp use default config #3008
• Bug 2070492: configure-ovs: move dhcp config from br-ex to ovs-if-br-ex #3049
• Bug 2062666: configure-ovs: reload NM only when necessary #3005
• Bug 2062290: Add –templates flag to MCC bootstrap command #2997
• Bug 2063326: [release-4.10] Ensure directories are created with usable permission bits #3012
• Bug 2060954: Explicitly set keyfile as the default plugin #2985
• Full changelog

machine-os-images

• OCPBUGS-960: Update rhcos release browser url #24
• Bug 2090022: Get rid of lookaside cache in OCP build #17
• Revert .ci-operator.yaml #18
• Updating ose-machine-os-images images to be consistent with ART #9
• Bug 2077305: Remove destination coreos if it exists #14
• Full changelog

multus-cni

• Bug 2084289: Bumps net-attach-def client library (for CNI v1.0 IP compatibility) [backport 4.10] #128
• Updating multus-cni images to be consistent with ART #110
• Full changelog

multus-whereabouts-ipam-cni

• Bug 2065488: Sync upstream for context improvements for reconciler [backport 4.10] #88
• Full changelog

must-gather

• Bug 2106842: Add timeout to oc cp command to fix must-gather delays when routers are terminating #323
• Bug 2059777: Fix the namespace extract filter #288
• Bug 2106559: fix gather_insights collection #322
• Bug 2084591: Add networking resources #307
• Bug 2069554: Collect NMState resources when operator is installed #294
• Full changelog

network-interface-bond-cni

• Bug 2116642: Backport “mac duplicates” #42
• Bug 2101841: Backport Fix incorrect bond name issue #36
• Bug 2084289: Backport IPAM fixes [4.10] #34
• Full changelog

network-metrics-daemon

• Updating ose-network-metrics-daemon images to be consistent with ART (#40) #40
• Fix field selector (#50) #50
• Added METRIC_TEST_IMAGE var (#47) #47
• Full changelog

oauth-apiserver

• Bug 2094022: Update 4.10 to 1.23 #79
• Full changelog

oc-mirror

• Bug 2075051: [release-4.10] fix: adds handling for channel with different prefixes in cincinnati.go (#413) #413
• build(deps): bump operator-registry dep to v1.21.1 (#390) #390
• Bug 2064901: fix(associations): modifies association return values to allows image… (#359) #359
• Bug 2065500: resolves multiple channel heads in merged catalogs (#372) #372
• chore: adds dynamic version info for version command with ldflags (#328) (#334) #328
• Full changelog

openshift-apiserver

• Add coreydaley as reviewer/approver for pkg/build #298
• Full changelog

openshift-state-metrics

• Updating openshift-state-metrics images to be consistent with ART #80
• Bug 2052804: adding new build comments required for go 1.17 #83
• Full changelog

openstack-cinder-csi-driver-operator

• Bug 2091649: SWEET32: Improve TLS configuration for Kube RBAC Proxy #89
• Full changelog

openstack-machine-controllers

• OCPBUGS-1951: Apply noAllowedAddressPairs on intended subnets only #245
• Bug 1921656: Remove dependence on annotation to allow Server deletion #240
• Bug 2077380: Fix InstanceCreate port & trunk cleanup #233
• Bug 2071538: Address CVE-2022-21698 #226
• Bug 2050064: Ensure subnets belong to the queried network #219
• Full changelog

operator-lifecycle-manager, operator-registry

• OCPBUGS-1323: Add autoscaling eviction annotation to catalog pods to enable proper draining of nodes #392
• OCPBUGS-1087: Stop corrupting resolver cache. #385
• Bug 2115874: fix(grpc): Add startupProbe to check for grpc health readiness (#2791) #348
• Bug 2118261: Update containerd version #357
• Bug 2106838: remove broken thread-safety (#2697) #340
• Bug 2101802: opm bug fix #327
• Bug 2095329: [release-4.10] Bump go to v1.17 (#922) #310
• Bug 2080609: Fix GRPC CheckRegistryServer function (#2756) #298
• Bug 2071941: Replace collect-profile jobs that haven’t completed #277
• Bug 2070131: Fix a bug in deletion of webhook service for replacement #272
• Full changelog

ovirt-csi-driver

• OCPBUGS-761: CSI provisioned disks are preallocated #117
• OCPBUGS-620: Upgrade go-ovirt-client to 1.0.0 #116
• Full changelog

ovirt-csi-driver-operator

• Bug 2050118: Add custom CA bundle support #84
• Bug 2070525: Recreate oVirt connection for every sync #94
• Full changelog

ovn-kubernetes

• OCPBUGS-1024: Dockerfile: bump to 2.16.0-89.3.el8fdp #1271
• Bug 2111552: Remove conntrack entries after rules #1219
• OCPBUGS-660: [release-4.10] pods: deleteLogicalPort should not fail when port is already gone #1257
• Bug 2113861: reconcile-node-lbs #1227
• OCPBUGS-174: [release-4.10] Fix race when adding and removing pod with same name #1250
• Bug 2070392: Fix egress IP reassignment on cloud #1203
• Bug 2111588: [release-4.10] export OVS metrics #1215
• Bug 2109442: Fix GetPodsBySelector/GetNamespacesBySelector so MatchExpressions is respected #1195
• Bug 2104454: improve performance of service sync #1173
• Bug 2105653: egressIP: node retrieval failure is not respected, causes panic #1185
• Bug 2105275: Fix egressips for pods recreated with same name #1179
• Bug 2107903: Append the SNAT rule in management chain #1201
• Bug 2105265: EGW: Clean Stale Conntrack Entries #1191
• Bug 2099680: [release-4.10] libovsdb fixes for empty values #1164
• Bug 2105276: Fix panics in DestroyNetworkPolicy if policy is nil #1182
• Bug 2099206: Update logging for specific policy when creating it #1149
• Bug 2099822: Fix pointer loop var #1153
• Bug 2091157: [release-4.10] Free IPs and delete resources for completed pods #1152
• Bug 2092501: Fixes finding default gateway for configured GW interface #1131
• Bug 2095193: duplicated IPs can be assigned to multiple Pods #1132
• Bug 2088582: Bumps OVN to 21.12.0-58.el8fdp #1101
• Bug 2086891: policy: Fix multicast allow policy type. #1093
• Bug 2088040: Delete ChassisPrivate along with Chassis #1099
• Bug 2077129: [release-4.10] Fixes secondary bridge #1044
• Bug 2088627: EgressIP NATs are not being cleared correctly from the logical router #1098
• Bug 2087203: enable exportloopref linter and fix violations #1095
• Bug 2082467: Fix cluster/status parsing for single-member db cluster (SNO) #1082
• Bug 2083116: delete SNAT2NIP if pod.node == egressNodeServingPod #1084
• Bug 2080069: Cleanup conntrack entries when services are deleted #1061
• Bug 2080895: Ensure stale information is not present in metrics with labels when they change #1070
• Bug 2080882: Fix incorrectly logged error when searching for ovnkube master pod #1069
• Bug 2080925: Don’t spawn go routines for adding metric events #1071
• Bug 2079546: [release-4.10] call clearInitialNodeNetworkUnavailableCondition for noHostSubnet nodes #1057
• Bug 2065780: [release-4.10][backport] Fix cleaning VF representor ports #1001
• Bug 2073411: Fix ETP=local for host->svc traffic #1063
• Bug 2073137: Fix lgw flows for ingress-svc traffic #1026
• Bug 2074839: [release-4.10] fix ipv6 network policy #1043
• Bug 2052017: Retry Pod Deletions on Failure #1025
• Bug 2059354: [4.10z] After reboot egress node, lr-policy-list was not correct #994
• fix so that this branch can build #7
• Bug 2055381: [release-4.10] support new ingress pipeline option for ACLs #6
• Bug 2061804: [4.10] Fixes “ErrorAddingLogicalPort: duplicate IP found in ECMP Pod route cache!” for same pod #990
• Bug 2063834: backport 2052975 to 4.10 #995
• Full changelog

prometheus-config-reloader, prometheus-operator

• Bug 2108976: pkg/prometheus: fix curl exec probe #196
• Bug 2060718: Add relabel validations #161
• Full changelog

tests

• OCPBUGS-1454: Fixes OVN ACL audit log parsing #27429
• Bug 2117301: Skip ErrImagePull for expected failures #27352
• Bug 2115862: Skip internet connection test if we use a proxy #27344
• Bug 2065028: rearrange test cases #26915
• OCPBUGS-374: test: allow -f to match tests for any test suite #27366
• Bug 2080198: skip tests for etcd leaders when etcd revisions change a lot #27076
• Bug 2080759: Remove BlueOcean annotation check #27065
• Bug 2077995: Best matcher single node OVN #27048
• Bug 2059845: [test]: bump upper bounds for AWS single node and GCP #27055
• Bug 2077414: MGMT-9440: Fix single node serial tests API crash #27037
• Bug 2074714: synthetictests: skip “alert/Watchdog must have no gaps or changes” on SNO upgrades #27011
• Bug 2074448: exclude loki-promtail from duplicated events #27010
• Bug 2077516: don’t fail when a query returns warnings #27039
• Bug 2059845: operators should not create watch channels very often: bump OpenStack monitoring operator #26879
• Bug 2076265: [release-4.10] test: switch to testing CapBnd over CapInh #27021
• Bug 2060592: only add failure when no event was found for the target revision #26881
• Bug 2055381: cleanup network policy ACL extended test #26946
• Full changelog

vsphere-cloud-controller-manager

• OCPBUGS-2065: fix .dockerignore to satisfy OCP specific requirements #27
• Full changelog

vsphere-csi-driver-operator

• OCPBUGS-376: storageclass should not be created for unsupported vsphere version #105
• Bug 2108003: 4.10: Don’t block upgrades when another CSI driver is found #99
• Bug 2095824: Report max. nr. of attachable volumes per node #91
• Full changelog

vsphere-problem-detector

• Bug 2055895: change NodePerfCheck criteria to be based on average latency #76
• Full changelog

---

View changelog in Markdown or change previous release: 4.10.374.10.364.10.354.10.344.10.334.10.324.10.314.10.304.10.294.10.284.10.274.10.264.10.254.10.244.10.234.10.224.10.214.10.204.10.194.10.184.10.174.10.164.10.154.10.144.10.134.10.124.10.114.10.104.10.94.10.84.10.74.10.64.10.54.10.44.10.34.10.24.10.14.10.04.10.0-rc.84.10.0-rc.74.10.0-rc.64.10.0-rc.54.10.0-rc.44.10.0-rc.34.10.0-rc.24.10.0-rc.14.10.0-rc.04.10.0-fc.44.10.0-fc.34.10.0-fc.24.10.0-fc.14.10.0-fc.04.9.554.9.544.9.534.9.524.9.514.9.504.9.494.9.484.9.474.9.464.9.454.9.444.9.434.9.424.9.414.9.404.9.394.9.384.9.374.9.364.9.354.9.344.9.334.9.324.9.314.9.304.9.294.9.284.9.274.9.264.9.254.9.244.9.234.9.224.9.214.9.204.9.194.9.184.9.174.9.164.9.154.9.144.9.134.9.124.9.114.9.104.9.94.9.84.9.74.9.64.9.54.9.44.9.34.9.24.9.14.9.04.9.0-rc.84.9.0-rc.74.9.0-rc.64.9.0-rc.54.9.0-rc.44.9.0-rc.34.9.0-rc.24.9.0-rc.14.9.0-rc.04.9.0-fc.14.9.0-fc.04.8.574.8.564.8.554.8.544.8.534.8.524.8.514.8.504.8.494.8.484.8.474.8.464.8.454.8.444.8.434.8.424.8.414.8.404.8.394.8.384.8.374.8.364.8.354.8.344.8.334.8.324.8.314.8.304.8.294.8.284.8.274.8.264.8.254.8.244.8.234.8.224.8.214.8.204.8.194.8.184.8.174.8.164.8.154.8.144.8.134.8.124.8.114.8.104.8.94.8.84.8.74.8.64.8.54.8.44.8.34.8.24.8.14.8.04.8.0-rc.34.8.0-rc.24.8.0-rc.14.8.0-rc.04.8.0-fc.94.8.0-fc.84.8.0-fc.74.8.0-fc.64.8.0-fc.54.8.0-fc.44.8.0-fc.34.8.0-fc.24.8.0-fc.14.8.0-fc.04.7.604.7.594.7.584.7.574.7.564.7.554.7.544.7.534.7.524.7.514.7.504.7.494.7.484.7.474.7.464.7.454.7.444.7.434.7.424.7.414.7.404.7.394.7.384.7.374.7.364.7.354.7.344.7.334.7.324.7.314.7.304.7.294.7.284.7.274.7.264.7.254.7.244.7.234.7.224.7.214.7.204.7.194.7.184.7.174.7.164.7.154.7.144.7.134.7.124.7.114.7.104.7.94.7.84.7.74.7.64.7.54.7.44.7.34.7.24.7.14.7.04.7.0-rc.34.7.0-rc.24.7.0-rc.14.7.0-rc.04.7.0-fc.54.7.0-fc.44.7.0-fc.34.7.0-fc.24.7.0-fc.14.7.0-fc.04.6.624.6.614.6.604.6.594.6.584.6.574.6.564.6.554.6.544.6.534.6.524.6.514.6.504.6.494.6.484.6.474.6.464.6.454.6.444.6.434.6.424.6.414.6.404.6.394.6.384.6.374.6.364.6.354.6.344.6.334.6.324.6.314.6.304.6.294.6.284.6.274.6.264.6.254.6.244.6.234.6.224.6.214.6.204.6.194.6.184.6.174.6.164.6.154.6.144.6.134.6.124.6.114.6.104.6.94.6.84.6.74.6.64.6.54.6.44.6.34.6.24.6.14.6.04.6.0-rc.44.6.0-rc.34.6.0-rc.24.6.0-rc.14.6.0-rc.04.6.0-fc.94.6.0-fc.84.6.0-fc.74.6.0-fc.64.6.0-fc.54.6.0-fc.44.6.0-fc.3───4.13.0-0.nightly-2023-02-04-0309014.13.0-0.nightly-2023-02-03-2105134.13.0-0.nightly-2023-02-03-1452134.13.0-0.nightly-2023-02-03-0844264.13.0-0.nightly-2023-02-03-0240184.13.0-0.nightly-2023-02-02-1504194.13.0-0.nightly-2023-02-02-0754534.13.0-0.nightly-2023-02-02-0320184.13.0-0.nightly-2023-02-01-112003───4.13.0-0.ci-2023-02-04-0300334.13.0-0.ci-2023-02-03-2100334.13.0-0.ci-2023-02-03-1500334.13.0-0.ci-2023-02-03-0900334.13.0-0.ci-2023-02-03-0300334.13.0-0.ci-2023-02-02-2100334.13.0-0.ci-2023-02-02-150033───4.12.0-0.nightly-2023-02-04-0348214.12.0-0.nightly-2023-02-03-2256424.12.0-0.nightly-2023-02-03-1622134.12.0-0.nightly-2023-02-03-1018144.12.0-0.nightly-2023-02-03-0354364.12.0-0.nightly-2023-02-02-1808274.12.0-0.nightly-2023-02-02-1203254.12.0-0.nightly-2023-02-01-2306334.12.0-0.nightly-2023-01-31-232828───4.12.0-0.ci-2023-02-04-0455424.12.0-0.ci-2023-02-03-1550384.12.0-0.ci-2023-02-03-0907074.12.0-0.ci-2023-02-02-2338104.12.0-0.ci-2023-02-02-1738104.12.0-0.ci-2023-02-02-0354414.12.0-0.ci-2023-02-01-2033024.12.0-0.ci-2023-02-01-143210───4.11.0-0.nightly-2023-02-02-1051024.11.0-0.nightly-2023-02-01-2242394.11.0-0.nightly-2023-02-01-1659354.11.0-0.nightly-2023-02-01-1044384.11.0-0.nightly-2023-01-31-1202424.11.0-0.nightly-2023-01-31-0547454.11.0-0.nightly-2023-01-30-181827───4.11.0-0.ci-2023-02-03-1933534.11.0-0.ci-2023-02-03-1333534.11.0-0.ci-2023-02-02-2147524.11.0-0.ci-2023-02-02-0939494.11.0-0.ci-2023-02-02-0339494.11.0-0.ci-2023-02-01-2139494.11.0-0.ci-2023-02-01-1539494.11.0-0.ci-2023-02-01-0735514.11.0-0.ci-2023-01-31-141646───4.10.0-0.nightly-2023-02-04-0234114.10.0-0.nightly-2023-02-03-1622404.10.0-0.nightly-2023-02-03-1037034.10.0-0.nightly-2023-02-03-0730184.10.0-0.nightly-2023-02-03-0248584.10.0-0.nightly-2023-02-02-2348024.10.0-0.nightly-2023-02-02-1425124.10.0-0.nightly-2023-02-02-0250304.10.0-0.nightly-2023-02-01-171438───4.10.0-0.ci-2023-02-04-0347474.10.0-0.ci-2023-02-03-1711074.10.0-0.ci-2023-02-03-0909484.10.0-0.ci-2023-02-03-0309484.10.0-0.ci-2023-02-02-2109484.10.0-0.ci-2023-02-02-1125284.10.0-0.ci-2023-02-01-2252534.10.0-0.ci-2023-02-01-121736───4.9.0-0.nightly-2023-02-03-0744164.9.0-0.nightly-2023-02-03-0458484.9.0-0.nightly-2023-02-01-1832454.9.0-0.nightly-2023-02-01-1607044.9.0-0.nightly-2023-02-01-1303184.9.0-0.nightly-2023-02-01-0547114.9.0-0.nightly-2023-01-31-0618484.9.0-0.nightly-2023-01-26-0040094.9.0-0.nightly-2023-01-18-1143364.9.0-0.nightly-2023-01-16-104834───4.9.0-0.ci-2023-02-03-2107054.9.0-0.ci-2023-02-03-2007394.9.0-0.ci-2023-02-03-1514394.9.0-0.ci-2023-02-03-0934034.9.0-0.ci-2023-02-03-0734534.9.0-0.ci-2023-02-03-0616274.9.0-0.ci-2023-02-02-0048424.9.0-0.ci-2023-01-23-1210234.9.0-0.ci-2023-01-13-0308054.9.0-0.ci-2023-01-13-023805───4.8.0-0.nightly-2023-02-01-2024214.8.0-0.nightly-2023-01-31-1845124.8.0-0.nightly-2023-01-31-1805124.8.0-0.nightly-2023-01-31-0204394.8.0-0.nightly-2023-01-20-035453───4.8.0-0.ci-2023-02-03-0804504.8.0-0.ci-2023-02-03-0734504.8.0-0.ci-2023-02-01-1942474.8.0-0.ci-2023-02-01-1912474.8.0-0.ci-2023-01-31-1645584.8.0-0.ci-2023-01-23-1215184.8.0-0.ci-2023-01-20-2000294.8.0-0.ci-2023-01-20-185512───4.7.0-0.nightly-2023-01-30-1924454.7.0-0.nightly-2023-01-28-0054404.7.0-0.nightly-2022-11-01-1719474.7.0-0.nightly-2022-10-31-1144174.7.0-0.nightly-2022-10-27-1239064.7.0-0.nightly-2022-10-17-061132───4.7.0-0.ci-2023-02-03-0804514.7.0-0.ci-2023-02-03-0734514.7.0-0.ci-2023-01-31-1906494.7.0-0.ci-2023-01-30-1910264.7.0-0.ci-2023-01-26-1901374.7.0-0.ci-2023-01-25-2218474.7.0-0.ci-2023-01-25-2148474.7.0-0.ci-2022-12-19-1523324.7.0-0.ci-2022-12-14-082739───4.6.0-0.nightly-2022-11-17-1332454.6.0-0.nightly-2022-11-01-1643484.6.0-0.nightly-2022-10-27-0759414.6.0-0.nightly-2022-10-19-2319474.6.0-0.nightly-2022-10-12-040627───4.6.0-0.ci-2023-01-26-2035444.6.0-0.ci-2023-01-26-1958334.6.0-0.ci-2023-01-26-1822344.6.0-0.ci-2023-01-13-1026334.6.0-0.ci-2022-12-19-1526534.6.0-0.ci-2022-12-19-145653───4.13.0-ec.24.13.0-ec.14.13.0-ec.04.12.0-ec.54.12.0-ec.44.12.0-ec.34.12.0-ec.24.12.0-ec.14.12.0-ec.0

Source code for this page located on github