Back to index
4.14.0-0.nightly-2025-10-23-104350 Download the installer for your operating system or run
oc adm release extract --tools registry.ci.openshift.org/ocp/release:4.14.0-0.nightly-2025-10-23-104350 Team Approvals:
Tests:
Upgrades from:
Upgrades to:
Loading changelog, this may take a while ...
Created: 2025-10-23 10:46:56 +0000 UTC
Image Digest: sha256:04b08fa552fad587af9de065df2107ce7098d602252443cfe7fad7daa3dfc85d
Components
New images
Removed images
ovn-kubernetes-microshift-rhel-9
ovn-kubernetes-rhel-9
Rebuilt images without code change
apiserver-network-proxy git f56c606a sha256:abc887bf574b3e364cc29a9a789197af6c5a3e9d9cdd1f7794ea3d5828da8e36
machine-os-content sha256:7e08d4dd8b1384bcae5d41a1d9652b754142ac179cea041e87c6a582cd06a9db
rhel-coreos sha256:41364400a8c89c65afa89d0296b34483c62e88877c967918ac2f71d6483516eb
rhel-coreos-extensions sha256:b47e8b8441d42639f472630a2a3f1f6e6e2292e4a126fd90abffb264208f4db3
OCPBUGS-58632 , OCPBUGS-58637 : Bump glog to v1.2.5 in release-4.14 (#7906) #7906
OCPBUGS-53691 : Bump jwt to 4.5.2 in release-4.14 (#7499) #7499
OCPBUGS-46941 : OCPBUGS-46184: Bump golang.org/x/net to 0.33.0 (#7200) #7200
OCPBUGS-15346 , OCPBUGS-15347 : Update version go-http-metrics and gin-gonic/gin (#6899) #6899
OCPBUGS-34641 : Invalid Pull-Secret when using password which contains a colon character (#6416) #6416
OCPBUGS-31631 : Deploy dual stack with IPv6 on top of bond/vlan fails (#6322) #6322
MGMT-17594 : Bump x/net to v0.24.0 to mitigate CVE-2023-45288 (#6216) #6216
MGMT-17549 : Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#6203) #6203
MGMT-17541 : Replace broken golangci reference (#6197) #6197
NO-ISSUE: replace postgres images as current one disappeared from quay (#6134) #6134
MGMT-16950 : changing dnsmasq configuration for sno in order to meet single ip installation flow for ibu (#5973) #5973
MGMT-16494 : Move ip hint file creation to ignition in order to change it in IBI process (#5974) #5974
MGMT-16517 : Add Env Var Deployment Type & Set ABI (#5987) #5987
MGMT-15796 : set CloudControllerManager to External for OCI (#5877) #5877
OCPBUGS-23069 : Ignore hostPrefix validation for plugins other than OVN/SDN (#5676) #5676
MGMT-15704 : One typo and one missing piece of config, discovered after MGMT-15704 merged (#5465) #5465
Bump OCP versions: 4.12 (#5467) #5467
MGMT-15653 : Validate domain in one place (#5451) #5451
MGMT-15704 : Assisted service should create Day2 import CR for hub cluster. (#5459) #5459
MGMT-15340 : Ensure vlan interface names will be <= 15 characters (#5389) #5389
NO-ISSUE: Add subsystem tests to platform support level (#5460) #5460
Bump OCP versions: 4.10 (#5463) #5463
Bump OCP versions: 4.13 (#5457) #5457
Bump OCP versions: 4.13, 4.11, 4.12 (#5454) #5454
MGMT-11456 : Bugfix - remove redundant code (#5372) #5372
Bump OCP versions: 4.11, 4.12, 4.13 (#5452) #5452
AGENT-694 : Support external platform type for agent installer (#5438) #5438
MGMT-15100 : Remove unused feature-support-levels API endpoint (#5450) #5450
Update RHTAP references (#5410) #5410
Fix setup_env.sh failure handling (#5442) #5442
Add BMH annotation keys to docs (#5444) #5444
OCPBUGS-17992 day2 skip install config overrides (#5439) #5439
Bump OCP versions: 4.12, 4.10 (#5441) #5441
MGMT-14881 : return a valid error when no disks has been found (#5430) #5430
MGMT-15595 : Make client a separate go module (#5434) #5434
MGMT-15177 : Align feature support level to support platform as filterable feature (#5424) #5424
Bump OCP versions: 4.12 (#5432) #5432
Bump OCP versions: 4.11, 4.13 (#5431) #5431
Use go 1.18 when setting up environment (#5422) #5422
NO-ISSUE: Bump k8s.io/klog/v2 from 2.70.1 to 2.100.1 (#5428) #5428
MGMT-15356 : Ensure filenames are distinct between openshift and manifest (#5382) #5382
MGMT-15491 : Validate vSphere disk.EnableUUID ignoring cluster platform (#5416) #5416
NO-ISSUE: Extend waiting time to test DB container to be ready (#5425) #5425
Bump OCP versions: 4.10 (#5423) #5423
Bump OCP versions: 4.13, 4.12 (#5421) #5421
OCPBUGS-17415 : Bump golang.org/x/net (#5417) #5417
MGMT-14933 : Validate hosts running in OCI (#5413) #5413
Ensure inspection is disabled on day-2 spoke node BMHs (#5406) #5406
MGMT-15423 : Change the user message from: ‘Host is not compatible with cluster platform %s; either disable this host or choose a compatible cluster platform (%v)’ to ‘Host is not compatible with cluster platform %s; either disable this host or discover a new, compatible host.’ (#5412) #5412
Don’t set detached for BMHs without infraenv label (#5414) #5414
RHTAPBUGS-318 : Fetch tag in RHTAP build (#5333) #5333
MGMT-15424 : parametrize envoy configmap name (#5411) #5411
Bump OCP versions: 4.12 (#5409) #5409
Bump OCP versions: 4.11 (#5407) #5407
MGMT-15335 : Fix missing state when trying to update to not supported platform (#5399) #5399
Bump OCP versions: 4.14 (#5403) #5403
Update RHTAP references (#5387) #5387
MGMT-15389 : add feature flag to enable/disable OKD support (#5400) #5400
MGMT-11949 : MGMT-12278: Update libksba and libxml2 (#5398) #5398
MGMT-15388 : Remove unsupported platforms from the supported-platforms endpoint (#5394) #5394
AGENT-557 : Split register into registerCluster and registerInfraEnv (#5376) #5376
MGMT-15339 : Run network config before NetworkManager (#5375) #5375
MGMT-15128 : Remove control plane machine set so that control-plane-machine-set operator would not go degraded due to placeholder credentials on installation. (#5378) #5378
MGMT-15047 : use installer to deploy on external platform (#5381) #5381
MGMT-15343 : dependabot remove docker (#5392) #5392
Bump OCP versions: 4.13, 4.10 (#5391) #5391
Don’t attempt to contact spoke while unbinding a day2 host (#5383) #5383
Update RHTAP references (#5374) #5374
MGMT-15128 : Remove control plane machine set so that control-plane-machine-set operator would not go degraded due to placeholder credentials on installation. (#5364) #5364
Bump OCP versions: 4.12 (#5384) #5384
MGMT-14793 : Assisted discovery core and root user shell should have (#5373) #5373
MGMT-15215 : Allow setting of UI specific data for a cluster (#5358) #5358
MGMT-15343 : dependabot group updates (#5379) #5379
MGMT-14923 : add OSImageVersion to InfraEnvSpec (#5365) #5365
Bump OCP versions: 4.13 (#5377) #5377
Update RHTAP references (#5370) #5370
OCPBUGS-16077 : Fix DNS validation (#5371) #5371
MGMT-11456 : kube-api should allow user to specify infraenv additional trust bundle (#5357) #5357
Bump OCP versions: 4.11, 4.12 (#5369) #5369
MGMT-15295 : Fixc bug in list manifests (#5366) #5366
MGMT-14015 : Custom manifest feature usage is never turning off (#5363) #5363
MGMT-14491 : Invalid node label returns error 500 instead of 400 (#5362) #5362
Update RHTAP references (#5328) #5328
Bump OCP versions: 4.14 (#5360) #5360
MGMT-15243 : Skip any zero size manifests when applying (#5355) #5355
Bump OCP versions: 4.12 (#5356) #5356
MGMT-14656 : Sort disks by HCTL after the other options (#5354) #5354
No-ISSUE: Revert “MGMT-14634: Ensure that empty manifest may not be added. (#5348)” (#5353) #5348
MGMT-15213 : temporary disable release-domain-name-resolved-correctly validation (#5351) #5351
MGMT-15073 : Cluster reset - only system generated manifests to be deleted (#5338) #5338
MGMT-15070 : Unable to change machine-network with dual stack (#5349) #5349
MGMT-14634 : Ensure that empty manifest may not be added. (#5348) #5348
MGMT-15150 : Use same installer binary for all platform types (#5334) #5334
MGMT-14851 : Update docs for allowing automatedCleaningMode (#5343) #5343
Bump OCP versions: 4.14, 4.12 (#5345) #5345
MGMT-14726 : Ensure that manifest filename does not contain spaces. (#5342) #5342
MGMT-15064 : Update is_external API description (#5336) #5336
Bump OCP versions: 4.10, 4.11 (#5339) #5339
MGMT-14852 : Allow AutomatedCleaningMode to be set by user (#5319) #5319
MGMT-14374 : update day2 master docs (#5335) #5335
MGMT-14620 Only emit succesful host creation message for pre install hosts (#5296) #5296
MGMT-14704 : Provide info on custom/vs non custom manifest in manifest endpoint. (#5278) #5278
MGMT-15114 : remove event for cluster registration failed (#5330) #5330
MGMT-15126 : Add missing incompatible features in some of the feature-support feature (#5327) #5327
MGMT-15107 : Bump version for hacking LSO catalog (#5323) #5323
Create an override annotation for the ironic agent image (#5310) #5310
OCPBUGS-13621 : Fix singular Ingress and API cluster VIPs removal (#5216) #5216
Don’t require key encipherment usage for approving CSRs (#5322) #5322
MGMT-13284 : Check for BMH CRD before creating controller (#5284) #5284
MGMT-14937 : Deprecate user_managed_networking attribute (#5317) #5317
Bump OCP versions: 4.14 (#5320) #5320
Bump OCP versions: 4.13, 4.10, 4.12 (#5316) #5316
NO-ISSUE: parametrize template to enable switching secrets (#5313) #5313
MGMT-14240 : Specify connect-timeout on curl (#5314) #5314
MGMT-15034 : Fix patch of infrastructure CR with external platform (#5312) #5312
MGMT-14979 : add sasl/scraml auth method for kafka notifications (#5299) #5299
MGMT-15025 : Forbid register Z architecture cluster with OCI platform (#5309) #5309
MGMT-15015 Provider IsHostSupported panic if platform is not found (#5306) #5306
OCPBUGS-13738 enforce additional ntp sources added into chrony (#5295) #5295
MGMT-14992 : Fix Minimal ISO set as default in s390x (#5302) #5302
MGMT-14631 : Removing leftover of support for openshift 4.8 (#5301) #5301
Bump OCP versions: 4.14, 4.11 (#5300) #5300
MGMT-14973 : Fix misleading logs showing wrong platform and user_managed_networking combination (#5298) #5298
MGMT-14975 : Update MCE operator installation to use stable-2.3 channel (#5297) #5297
MGMT-14769 : Enable upgrade agent by default (#5276) #5276
MGMT-14165 : AgentClusterInstall Webhooks improvements and fixes (#5275) #5275
Bump OCP versions: 4.13, 4.12 (#5293) #5293
MGMT-14730 : Validate that manifest file size does not exceed 1MB (#5281) #5281
MGMT-14883 : Fix feature-support validation fail to validate openshift version (#5290) #5290
MGMT-14904 : fix error code for ignition size validation (#5291) #5291
MGMT-14631 : Remove support for openshift 4.8 (#5221) #5221
Add tls config for the service monitor (#5282) #5282
Bump OCP versions: 4.12, 4.10 (#5288) #5288
Red Hat Trusted App Pipeline update assisted-service-q2vh (#5270) #5270
Bump OCP versions: 4.13 (#5280) #5280
OCPBUGS-7076 : Copy Day2 BMH if Agent is installing (#5250) #5250
OCPBUGS-14405 : Avoid panic if pull secret contains non-string (#5267) #5267
MGMT-13746 : validate discovery ignition size (#5273) #5273
MGMT-14830 : Enable TechPreviewNoUpgrade when platform is external (#5279) #5279
MGMT-13431 : patching bug - ODF storage class not recognizing all device sets (#5268) #5268
MGMT-14803 : Fix cluster update won’t fail on incompatible OLM operator dependency (#5264) #5264
MGMT-14600 : Prevent installing dual-stack vSphere on OCP version smaller than 4.13 (#5271) #5271
MGMT-14750 : Allow FC, ECKD, FBA drive types on s390x (#5269) #5269
MGMT-12186 : Add MCE operator plugin (#5203) #5203
Bump OCP versions: 4.11, 4.12 (#5265) #5265
MGMT-14781 : Make LSO operator to support all CPU architectures (#5262) #5262
Bump OCP versions: 4.13 (#5261) #5261
MGMT-14582 : Set OCI platform behind a capability (#5249) #5249
MGMT-13997 : Issues when using multiple bonds with CIM Assisted Installer (#5233) #5233
MGMT-13685 : Make sure ingress and api vip are not broadcast address. (#5256) #5256
MGMT-14723 : Fix randomly failing subsystem test (#5259) #5259
MGMT-14649 : Add feature support for OCI platform (#5244) #5244
NO-ISSUE: fixed misleading error message, the order of the host status was reverse (#5257) #5257
MGMT-14306 : Update host role validation to accept AutoAssign in Day2 (#5247) #5247
Delete the spoke BMH before removing the finalizer (#5239) #5239
MGMT-14723 : Remove duplicate operator cpu architecture validation (#5254) #5254
MGMT-14734 : Fix failed to update Nutanix provider cluster when on multi architecture (#5253) #5253
MGMT-14728 : Escape the escape char () (#5252) #5252
Bump OCP versions: 4.14 (#5251) #5251
MGMT-14721 : Get icsp-file from registries.conf for oc extract command (#5245) #5245
Bump OCP versions: 4.10 (#5248) #5248
Docs fix: ensure kubeconfig secret is created with a kubeconfig key. (#5246) #5246
MGMT-13938 : support external platform (#5143) #5143
Bump OCP versions: 4.11, 4.12 (#5243) #5243
MGMT-8097 : masters schedulable kube-api (#5240) #5240
Remove the detached annotation when BMH is being deleted (#5228) #5228
MGMT-13643 : added MaxLength to additional_trust_bundle (#5226) #5226
Bump OCP versions: 4.11, 4.12 (#5232) #5232
MGMT-14356 : Set 4.13 to default (#5230) #5230
Fix cpu partitioning struct tag/field (#5227) #5227
Force a BMH reboot when the infraenv image changes (#5212) #5212
MGMT-14416 : VipDhcpAllocation from update params should take precedence (#5209) #5209
Bump OCP versions: 4.13 (#5225) #5225
MGMT-14526 : Possible issue with validateNoWildcardDNS resolution validation (#5198) #5198
MGMT-14648 : Make “sufficient-masters-count - failed” subsystem test tolerate extra event. (#5223) #5223
Don’t panic on BMH delete when agents are unbound (#5219) #5219
NO-ISSUE: Wait for hostedcontrolplane to be created (#5218) #5218
NO-ISSUE: Fix install customization doc (#5217) #5217
MGMT-14610 : Wait for the hostedcontrolplane CR ready status instead of watching the ready status of all pods in the namespace (#5215) #5215
OCPBUGS-13081 : Support by-path root device hints (#5185) #5185
MGMT-14526 : Allow trailing dot (.) to be appended to domain name (#5208) #5208
OCPBUGS-13310 support setting CPUPartitioningMode with install config overrides (#5207) #5207
Bump OCP versions: 4.12, 4.13 (#5205) #5205
Deprovision when using converged and unbinding (#5199) #5199
OCPBUGS-13356 : Fix ‘vendor’ root device hint evaluation (#5197) #5197
MGMT-13977 : Disallow single character base domain (#5196) #5196
Updating ose-agent-installer-api-server images to be consistent with ART (#5026) #5026
MGMT-14530 : Changing event message filtering to escape wildcards %,_ and not be case sensetive (#5194) #5194
OCPBUGS-13250 : Fix disk name in generated HardwareDetails (#5193) #5193
MGMT-14370 : add OCP 4.14.0-ec.0 images (#5190) #5190
Podman README-disconnected requires 4.2 and not 3.3 (#5191) #5191
Bump OCP versions: 4.13 (#5189) #5189
MGMT-14425 : Changing event counts behavior (#5186) #5186
MGMT-14226 : Upgrade moby to 20.10.24 (#5153) #5153
Remove all spoke resources when deleting the node (#5161) #5161
Bump OCP versions: 4.12, 4.10 (#5182) #5182
MGMT-14507 : Exposing event headers for scripts (#5179) #5179
MGMT-14509 return 404 if cluster not found when host try to register (#5180) #5180
NO-ISSUE: Check whether is defined (#5178) #5178
NO-ISSUE: Override the control plane operator image only if explicitly asked to (#5176) #5176
MGMT-11424 : added validations for ignition cert (#5145) #5145
Bump OCP versions: 4.11 (#5173) #5173
Bump OCP versions: 4.13 (#5170) #5170
NO-ISSUE: Fixes the UI deployment (#5169) #5169
Update state machine graphs (#5168) #5168
MGMT-14462 : Allow to deploy assisted-service with all available images (#5167) #5167
NO-ISSUE Remove Approvers that are not longer in the group (#5166) #5166
Handle ironic URLs in dual stack hub and IPv6 spoke (#5163) #5163
MGMT-14449 : change creation time for hosts to one minute ago instead of now, to avoid race conditions in tests (#5160) #5160
MGMT-13890 : Drain before deprovisioning spoke nodes (#5110) #5110
Bump OCP versions: 4.10, 4.11 (#5157) #5157
MGMT-13955 : Add known issue regarding ignoring disk size validations (#5158) #5158
MGMT-14315 : Allow to install P and Z architectures with Single Node Openshift on 4.13 (#5147) #5147
NO ISSUE: use literal for cpu limits, to enable nulliable value (#5155) #5155
Bump OCP versions: 4.12 (#5151) #5151
MGMT-14389 : Update operator bundle channel (#5148) #5148
MGMT-14108 : add readiness probe initialDelaySeconds for assisted-service and assisted-image-service (#5150) #5150
MGMT-14137 : Create test flow for ZTP for node labeling and avoiding reboot for custom role (#5086) #5086
Bump OCP versions: 4.13 (#5149) #5149
MGMT-14396 : Get correct path for binary from mirror (#5141) #5141
NO-ISSUE: Fix grammar mistakes (#5146) #5146
MGMT-14395 : Day-2 domain name resolution step shouldn’t include release image domain (#5139) #5139
Cache must-gather images by architecture (#5140) #5140
MGMT-14298 : Set full ISO as default for Z architecture (#5136) #5136
Improve inaccurate ODF validation message (#5137) #5137
MGMT-14338 : add missing stream notifications (#5132) #5132
Bump OCP versions: 4.11 (#5135) #5135
Bump OCP versions: 4.10, 4.12 (#5131) #5131
Use contexts in spoke client (#5130) #5130
MGMT-13083 : limit the size of release binaries (#5120) #5120
NO-ISSUE: Currently, while trying to fetch events using cluster_id
, host_ids
and severities
we don’t get severity filtered correctly because of the precedence of AND, OR in SQL
. (#5123) #5123
MGMT-14239 : Enable UMN as default for Power arch (ppc64le) (#5127) #5127
MGMT-14266 : Fix unclear message when creating a P/Z cluster with OCP ver 4.10 (#5122) #5122
MGMT-10977 : Validate DNS server connection (#5102) #5102
MGMT-14242 : MGMT-14017: MGMT-14239: MGMT-14300: Fix multiple bugs (feature support and feature usage) (#5119) #5119
Add private SELinux label for volume mount content (#5109) #5109
Bump OCP versions: 4.11, 4.12, 4.13 (#5118) #5118
MGMT-14283 : Ignored validations - validation id “all” does not work (#5117) #5117
MGMT-14125 : Use systemd unit instead of dracut hook to configure network (#5107) #5107
MGMT-12301 : refator the progress bar to use state machine (#5103) #5103
Bump OCP versions: 4.13, 4.9, 4.12, 4.11, 4.10 (#5115) #5115
MGMT-13178 : As part of events pagination epic, this commit is about adding ‘order’ parameter so the client can request the events in the desired order, and changing the counting of events by severity to apply after the filtering (#5106) #5106
Bump OCP versions: 4.12, 4.13 (#5105) #5105
MGMT-14195 : Use clusterIdMatcher instead of gomock.Any() in inventory_test (#5104) #5104
MGMT-14161 : removing multi cpu architecture for infra envs (#5098) #5098
MGMT-13846 : Reject UserManagedNetworking true when cluster VIPs are set (#5071) #5071
MGMT-13888 : Remove spoke node on BMH delete (#5028) #5028
MGMT-14190 : Allow installing Power architecture with CMN and MinimalISO (#5101) #5101
MGMT-14026 : Add validation to ensure ignored validation ID exists (#5074) #5074
MGMT-13918 : Modify ignored validation should not be possible post-install (#5077) #5077
NO-ISSUE: Make DB transaction terminate function only when error (#4946) #4946
NO-ISSUE: Wrap VIP update in the DB around transaction (#4943) #4943
MGMT-13916 : Update enhancement doc for ignoring validations feature (#5095) #5095
Bump OCP versions: 4.10, 4.11, 4.13 (#5100) #5100
Add a function for setting annotations (#5099) #5099
Presently, in the PreNetworkConfig script, we are removing the default network manager configuration for a host in every case. This should be altered so that the default configuration is deleted only if custom nmstate configuration has been provided for the host. (#5044) #5044
MGMT-14078 : Add “unavailable” option to the support-level enum (#5062) #5062
MGMT-14150 : Update install-config to support multi vSphere data-centers (#5090) #5090
MGMT-14133 : Fix P/Z support level allows cluster with OLM operators. (#5088) #5088
MGMT-14017 : report accurate P/Z feature usage if multi (#5079) #5079
MGMT-14074 : Don’t run nmcli
if not available (#5087) #5087
Bump OCP versions: 4.12, 4.9 (#5080) #5080
MGMT-13925 : Get the ironic URLs in reconcile rather than at startup (#5041) #5041
MGMT-14074 : Reload NM config after creation (#5066) #5066
Update cluster-baremetal-operator to 4.13 branch (#5078) #5078
NO-ISSUE: add release tag to notified events versions (#5068) #5068
MGMT-14109 : Set P and Z architectures support label as tech-preview on 4.12 (#5072) #5072
MGMT-13308 : Adding events pagination - Currently events are retrieved by the service as a list of events which match the query. This commit is implementing events pagination. (#4987) #4987
MGMT-14073 : Fix logging for event uploader (#5070) #5070
Remove README section about the assisted-service live iso (#5069) #5069
MGMT-14040 : Add log that shows event upload is running (#5054) #5054
Bump OCP versions: 4.11 (#5060) #5060
actually use the ENABLE_DATA_COLLECTION parameter (#5063) #5063
MGMT-14075 : Fix register cluster won’t fail when creating cluster with P or Z architectures on 4.12 (#5061) #5061
MGMT-14000 : Document support-level new API (#5053) #5053
Cleanup BMAC logging (#5055) #5055
Bump OCP versions: 4.12 (#5057) #5057
MGMT-13550 : Create day2 support for node labeling (#5042) #5042
OKD: bump to latest stable release (#5020) #5020
MGMT-14042 : Disable data collection for SaaS by default (#5056) #5056
Bump OCP versions: 4.13 (#5051) #5051
manifests: Add a shebang to NM dispatcher script (#5050) #5050
MGMT-12486 : Add ENABLE_DATA_COLLECTION environment variable to template.yaml (#5048) #5048
MGMT-13520 : filter out unnecessary validations for unbound host (#5023) #5023
MGMT-13862 : Return bed request on wrong feature-feature or feature-architecture combination. (#5039) #5039
MGMT-13947 : Revert assisted boot reporter service (#5035) #5035
Sparing the redirect for official k8s registry (#5033) #5033
MGMT-13596 : Add PATCH to the Manifests API (#5015) #5015
Bump OCP versions: 4.12, 4.13, 4.9, 4.8, 4.11, 4.10 (#5043) #5043
NO-ISSUE: remove the full ignition from log (#5032) #5032
OCPBUGS-8335 : Don’t wait for console if disabled (#5022) #5022
Update multi image names (#5016) #5016
ACM-4127 : Cache release images even if there is no matching OS image (#5027) #5027
MGMT-13957 : deny requests with query parameters matching node-boot. Directed at upload files (#5037) #5037
In case the converged flow is enabled and the assisted-service fails to get a valid ironic inspection URL it’s using the Ironic URL as default. (#5031) #5031
MGMT-13903 : Select inside machine CIDR for BMH (#5024) #5024
MGMT-13904 Add missing feature IDs. (#5030) #5030
MGMT-13913 : Fix empty features list when calling GET v2/support-levels/features (#5029) #5029
MGMT-13859 : notify when creating cluster and resources (#5013) #5013
Allow removing the agent when BMH is deleted (#4948) #4948
MGMT-13659 : Design a feature support mechanism that supports different feature-support criteria (#4989) #4989
MGMT-12486 : Implement data sending for on-prem deployments (#4880) #4880
Fix invalid character in feature-support enhancement (#5021) #5021
MGMT-13780 : Write a feature-support-level enhancement doc (#5000) #5000
MGMT-13398 omit BMH secret from day2 spoke worker (#5009) #5009
NO-ISSUE: display code coverage locally without mocks (#5011) #5011
Full changelog
OCPBUGS-58642 : CVE-2024-45339: Bump glog pkg version to 1.2.4 (#1194) #1194
OCPBUGS-53715 : Bump jwt to 4.5.2 in release-4.14 (#1093) #1093
Bump golang.org/x/net to v0.33.0 (#1012) #1012
OCPBUGS-15347 : Update version go-http-metrics/gin (#933) #933
MGMT-17594 : Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#834) #834
MGMT-17591 : Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#830) #830
MGMT-16843 : Ensure valid hostname during install (#794) #794
OCPBUGS-20049 : Remove uninitialized taint for agent-based installs (#753) #753
NO-ISSUE: dependabot exclude k8s (#706) #706
OCPBUGS-16482 : bump golangci-lint to 1.53.1 (#702) #702
OCPBUGS-4240 : allow controller to complete for agent-based installs (#700) #700
MGMT-15235 : Compile with CGO_ENABLED=1 for amd64 (#699) #699
Revert “MGMT-15235: Compile with CGO_ENABLED=1 for FIPS (#683)” (#693) #683
OCPBUGS-17252 : Bump golang.org/x/net/html (#695) #695
Updating ose-agent-installer-orchestrator images to be consistent with ART (#652) #652
MGMT-15343 : dependabot group updates (#692) #692
MGMT-15344 : Assisted-controller should not timeout on waiting cvo by itself (#688) #688
MGMT-15235 : Compile with CGO_ENABLED=1 for FIPS (#683) #683
MGMT-13586 : Wait for ETCD Bootstrap to complete (#670) #670
NO-ISSUE: Remove slaviered from project OWNERS (#669) #669
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.7 (#663) #663
Updating ose-agent-installer-csr-approver images to be consistent with ART (#651) #651
MGMT-14299 : Limit untaint nodes to vsphere/nutanix (#660) #660
NO-ISSUE: Add javipolo to approvers (#659) #659
MGMT-12967 : Create network policy in assisted-installer namespace (#658) #658
NO-ISSUE: Bump github.com/onsi/gomega from 1.24.2 to 1.27.5 (#656) #656
MGMT-14114 : Nutanix - uninitialized set on nodes (#653) #653
Full changelog
OCPBUGS-58652 , OCPBUGS-58657 : Bump glog to v1.2.5 in release-4.14 (#1073) #1073
OCPBUGS-53707 : Bump golang-jwt/jwt/v4 to 4.5.2 in release-4.14 (#973) #973
OCPBUGS-46955 : Bump golang.org/x/net to 0.33.0 (#885) #885
OCPBUGS-16483 : Update apimachinery dependency to remove goproxy dep (#709) #709
OCPBUGS-33404 : Make removable disks eligible (#725) #725
MGMT-17594 : Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#705) #705
MGMT-17591 : Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#703) #703
MGMT-17541 : Replace broken golangci reference (#698) #698
NO-ISSUE: Bump the go-dependencies group with 1 update (#597) #597
NO-ISSUE: Bump the go-dependencies group with 5 updates (#595) #595
MGMT-15661 : Update to latest ghw version (#594) #594
MGMT-15235 : Allow setting CGO_ENABLED flag (#589) #589
MGMT-15235 : Compile with CGO_ENABLED=1 for amd64 (#588) #588
Revert “MGMT-15235: Compile with CGO_ENABLED=1 for FIPS (#569)” (#582) #569
OCPBUGS-17251 : Bumping golang.org/x/net (#586) #586
MGMT-14933 : Detect if the host in running in OCI (#585) #585
MGMT-15359 : support appliance multipath virtual device (#584) #584
MGMT-13111 : Freeze on 404 Not Found
(#583) #583
MGMT-15343 : dependabot remove docker (#581) #581
MGMT-15343 : dependabot group updates (#579) #579
Updating ose-agent-installer-node-agent images to be consistent with ART (#575) #575
OCPBUGS-16373 : Ignore arping errors on RHEL 9 (#576) #576
NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.16.0 to 2.16.2 (#574) #574
NO-ISSUE: Bump github.com/PuerkitoBio/rehttp from 1.1.0 to 1.2.0 (#568) #568
MGMT-15235 : Compile with CGO_ENABLED=1 for FIPS (#569) #569
NO-ISSUE: Bump golang.org/x/sys from 0.9.0 to 0.10.0 (#566) #566
NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.15.0 to 2.16.0 (#564) #564
AGENT-594 : remove agent based installer code (#563) #563
NO-ISSUE: Bump golang.org/x/sync from 0.2.0 to 0.3.0 (#561) #561
MGMT-14540 : Mark Appliance disk(s) with a partition name prefix ‘agent’ as eligible (#554) #554
OCPBUGS-14848 : Filter out hidden devices (#558) #558
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#555) #555
NO-ISSUE: Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#556) #556
MGMT-13009 : Auto rename host with VLAN (#553) #553
NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.12 to 0.12.13 (#552) #552
NO-ISSUE: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#550) #550
MGMT-14751 : Detect DASD disks (s390x) (#549) #549
NO-ISSUE: Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#545) #545
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#543) #543
NO-ISSUE: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#544) #544
MGMT-14526 : Refernce latest assisted service to reflect domain name pattern change (#542) #542
Updating ose-agent-installer-node-agent images to be consistent with ART (#516) #516
NO-ISSUE: Bump golang.org/x/sync (#541) #541
NO-ISSUE: Remove slaviered from project OWNERS (#539) #539
MGMT-14481 : journal logs are empty during installation on rhel9.2 (#538) #538
NO-ISSUE: Bump github.com/go-openapi/runtime from 0.25.0 to 0.26.0 (#537) #537
MGMT-14319 chronyc segfaulting (#534) #534
NO-ISSUE: Bump golang.org/x/sys from 0.6.0 to 0.7.0 (#533) #533
NO-ISSUE: Bump github.com/cenkalti/backoff/v4 from 4.1.3 to 4.2.1 (#532) #532
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.5 to 1.27.6 (#530) #530
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.5 to 0.21.7 (#529) #529
Force update to pick up latest libs (#531) #531
NO-ISSUE: Bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.5 (#525) #525
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.3 to 1.27.5 (#528) #528
MGMT-13946 : Ignore Proliant Gen 11 serial (#522) #522
NO-ISSUE: Bump github.com/onsi/gomega from 1.27.1 to 1.27.3 (#520) #520
NO-ISSUE: Bump golang.org/x/sys from 0.5.0 to 0.6.0 (#519) #519
OCPBUGS-8695 : vendor agent-installer-utils to v0.0.0-20230310220517-8506fbb6a346 (#517) #517
OCPBUGS-8677 : vendor agent-installer-utils to v0.0.0-20230308101916-306b7995977e (#514) #514
OCPBUGS-8390 : vendor agent-installer-utils to v0.0.0-20230307094740-57807526b660 (#512) #512
NO-ISSUE: Bump github.com/itchyny/gojq from 0.12.11 to 0.12.12 (#511) #511
NO-ISSUE: Bump github.com/spf13/afero from 1.9.3 to 1.9.5 (#510) #510
Full changelog
OCPBUGS-21350 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #36
OCPBUGS-16783 : Chore: Update OWNERS #32
OCPBUGS-12544 : 4.14: UPSTREAM: 763: Bump (golang.org/x/net): to address CVE-2022-41723 #30
STOR-1159 : Rebase to v1.1.7 #29
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #28
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #27
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #26
Updating ose-alibaba-cloud-csi-driver images to be consistent with ART #25
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #81
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #71
OCPBUGS-21443 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #64
STOR-1439 : Restart controller Pods if metrics-serving-cert changed #56
OCPBUGS-16783 : Chore: Update OWNERS #54
OCPBUGS-14824 : Bump alibaba-disk-csi-driver-operator library-go #53
STOR-1168 : Bump common libraries #51
OCPBUGS-12545 : Bump golang.org/x/net@v0.9.0 #50
Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #49
Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #48
Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #47
OCPBUGS-8683 : Add management workloads annotations #46
Updating ose-alibaba-disk-csi-driver-operator images to be consistent with ART #45
Full changelog
Updating ose-alibaba-machine-controllers images to be consistent with ART #42
OCPBUGS-10134 : Updating ose-alibaba-machine-controllers images to be consistent with ART #41
Full changelog
OCPBUGS-33078 : Explicitly reserve 1 attachment for the root disk #306
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #302
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #296
OCPBUGS-21057 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #280
STOR-1432 : hypershift: deploy controller with control plane release images #252
OCPBUGS-16783 : Chore: Update OWNERS #251
Bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.4 #250
Bump k8s.io/component-base from 0.26.3 to 0.27.3 #240
OCPBUGS-15823 : Change CSI RPC call timeouts #248
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #244
OCPBUGS-14824 : Bump efs-ebs-driver-operator library-go #247
STOR-1168 : Bump common libraries #222
Bump Kubernetes libs to v0.27.1 #243
STOR-1167 : Enable extra-create-metadata to tag snapshots #223
STOR-1300 : Restart controller Pods if metrics-serving-cert changed #216
OCPBUGS-11882 : Added safe-to-evict-local-volume annotation from bound-sa-token to ebs-controller #232
OCPBUGS-11882 : Added safe-to-evict annotation to aws-ebs-csi-driver-controller pods #231
OCPBUGS-13017 : assets/hypershift/controller_sa: Set controller ServiceAccount imagePullSecrets #219
Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #217
Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #215
Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #214
Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 #207
OCPBUGS-8691 : Hypershift: set control plane operand properties #205
Bump k8s.io/apiextensions-apiserver from 0.26.2 to 0.26.3 #203
OCPBUGS-8752 : fix: typo #198
OCPBUGS-8752 : feat: add workload annotation to deployment and daemonset #194
Updating ose-aws-ebs-csi-driver-operator images to be consistent with ART #195
Bump k8s.io/apiextensions-apiserver from 0.26.1 to 0.26.2 #189
Bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 #190
Full changelog
OCPBUGS-32884 : Upgrade go-jose module to 2.6.3 #189
OCPBUGS-21761 : Backport the recent rebase to 4.14 #168
NO-ISSUE: Sync OWNERS with team members #176
snyk: exclude vendor/ #171
Bump to go 1.20 in go.mod #163
Updating ose-aws-pod-identity-webhook images to be consistent with ART #162
Updating ose-aws-pod-identity-webhook images to be consistent with ART #159
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #120
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #109
OCPBUGS-20784 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #101
OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #88
OCPBUGS-16496 : Bump library-go to remove dependency on goproxy #90
OCPBUGS-16783 : Chore: Update OWNERS #89
Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #87
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #84
OCPBUGS-14824 : Bump azure-disk-csi-driver-operator library-go #85
CCO-324 : Unrevert “CCO-324: add support for workload identity” #83
Revert “CCO-324: add support for workload identity” #82
CCO-324 : add support for workload identity #78
STOR-1168 : Bump common libraries #81
OCPBUGS-12559 : Bump golang.org/x/net@v0.9.0 #80
Updating ose-azure-disk-csi-driver-operator images to be consistent with ART #79
OCPBUGS-8683 : Add management workloads annotations #74
OCPBUGS-10842 : Reorder static resources to create RBAC first #75
Updating ose-azure-disk-csi-driver-operator images to be consistent with ART #73
And 1 elided commits (e.g. from squash or rebase merges)
Full changelog
ART-13080 : Regenerate go.mod to fix build failures #95
OCPBUGS-41164 : bump mount-utils to treat ENODEV error as corrupted mount #79
OCPBUGS-33039 : Rebase v1.29.5 for OCP 4.14 #66
OCPBUGS-20884 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #37
OCPBUGS-17285 : UPSTREAM: 1355: build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 #33
OCPBUGS-16783 : Chore: Update OWNERS #32
OCPBUGS-15657 : Update to 1.28.1 #31
STOR-1160 : Rebase to v1.28.0 for OCP 4.14 #29
Updating azure-file-csi-driver images to be consistent with ART #28
Updating azure-file-csi-driver images to be consistent with ART #27
Updating azure-file-csi-driver images to be consistent with ART #26
Updating azure-file-csi-driver images to be consistent with ART #25
Full changelog
OCPBUGS-33039 : add token audience for Azure File #104
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #94
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #83
OCPBUGS-20983 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #76
STOR-1434 : Restart controller Pods if metrics-serving-cert changed #68
OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #64
OCPBUGS-16783 : Chore: Update OWNERS #65
OCPBUGS-16498 : Bump library-go to remove dependency on goproxy #66
Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #63
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #60
CCO-325 : Unrevert “CCO-325: add support for workload identity” #62
STOR-989 : Remove SC and manifest file for NFS backend #58
OCPBUGS-14824 : Bump azure-file-csi-driver-operator library-go #61
Revert “CCO-325: add support for workload identity” #59
CCO-325 : add support for workload identity #54
CCO-325 : Mount serviceaccount token into csi-driver container #53
STOR-1168 : Bump common libraries #57
OCPBUGS-12561 : Bump golang.org/x/net@v0.9.0 #56
Updating azure-file-csi-driver-operator images to be consistent with ART #55
Updating azure-file-csi-driver-operator images to be consistent with ART #52
Updating azure-file-csi-driver-operator images to be consistent with ART #51
OCPBUGS-10842 : Reorder static resources to create RBAC first #50
OCPBUGS-8683 : Add management workloads annotations #49
Updating azure-file-csi-driver-operator images to be consistent with ART #48
Full changelog
OCPBUGS-62814 : Release 4.14 bump terraform provider azurerm #10001
OCPBUGS-55193 : data/manifests/bootkube/cvo-overrides: Default to eus-4.14 #9643
OCPBUGS-54323 : Update upi references to api-internal #9609
OCPBUGS-54264 : IBMCloud: Move to IBM TF openshift fork #9605
OCPBUGS-54260 : vsphere-fix convert if only provided name #9602
OCPBUGS-52996 : Bump terraform-provider-google version to v5.37.0 to fix consistent issues during cluster creation #9587
OCPBUGS-53210 : PowerVS: remove system pools #9572
OCPBUGS-46606 : Power VS: Create region-zone-sysType hierarchy #9331
OCPBUGS-48196 : IBMCloud: Ignore failed VPC regions #9350
OCPBUGS-45464 : add chrony.conf file when additional NTP sources are configured #9269
OCPBUGS-43505 : Stop rendering networks.config CRD #9105
OCPBUGS-42285 : Add AWS r8g to arm tested instance types #9050
OCPBUGS-42848 : add tested instance type for IBMCloud #9082
OCPBUGS-25508 : Update Golang SSH package version update to 0.17.0 #8992
OCPBUGS-39411 : Added yq to ci image #8943
OCPBUGS-36180 : baremetal IPI without provisioning network failing on provisioning-interface.service #8712
OCPBUGS-36089 : [release-4.14] bump go-retryablehttp for CVE fix #8658
OCPBUGS-37183 : ic: fix typo in warning message #8771
OCPBUGS-37068 : update RHCOS 4.14 bootimage metadata to 414.92.202407091253-0 #8748
OCPBUGS-36748 : Add yq-v4 to the upi-installer image for CI #8684
OCPBUGS-35827 : If host is offline or disconnected don’t check ver #8634
OCPBUGS-35826 : [release-4.14] bump github.com/containers/image for CVE fix #8633
OCPBUGS-35485 : [release-4.14] aws: terraform: add spot instance support for masters #8605
OCPBUGS-34024 : go.mod: bump aws-sdk-go for ca-west-1 support #8440
OCPBUGS-33401 : PowerVS: Add composite_instance to listServiceInstances #8479
CORS-2951 : Add deprecation notice for OpenShiftSDN for 4.14 users #8518
OCPBUGS-28611 : remove retired serial NCv2 from azure tested instance type list on x86 #7960
OCPBUGS-27394 : preserve category name when trying to find tag category #7926
OCPBUGS-33010 : escape ‘%’ in proxy settings #8318
OCPBUGS-31756 : openstack: Honour worker server group policy #8231
NO-ISSUE: test fix to support slightly different nmstate error messages #8286
OCPBUGS-32358 : Updated libvirt installer to include multi-arch yq and symlink for backwards compatibility #8281
OCPBUGS-31885 : Validate control plane replicas #8241
OCPBUGS-31677 : coreos-installer iso kargs show broken on Agent ISO #8228
OCPBUGS-31338 : upi: aws: fix typo in worker templates #8203
Bug OCPBUGS-30187: OpenStack: fix controlPlanePort validation #8095
OCPBUGS-30027 : gcp: better error msg when service accnt missing #8078
OCPBUGS-30259 : PowerVS remove ibm cloud/bluemix go 4.14 #8103
OCPBUGS-29123 : IBMCloud: Handle disk delete errors #7988
OCPBUGS-29626 : update RHCOS 4.14 bootimage metadata to 414.92.202402130420-0 #8037
OCPBUGS-28929 : [release-4.14] Bump containerd for vulnerability fix #7981
OCPBUGS-27419 : Fix depreciated typo #7929
OCPBUGS-24521 : set vmType in azure cloud config [release-4.14] #7804
OCPBUGS-23738 : vSphere - when using RP network path is incorrect #7759
OCPBUGS-27241 : baremetal: correct external_http_url for v6-only BMCs #7914
OCPBUGS-22315 : bootstrap: Enable gatewayd units only on RHCOS #7628
OCPBUGS-23498 : update RHCOS 4.14 bootimage metadata to 414.92.202401110948-0 #7919
OCPBUGS-20860 : Bump versions for golang modules to accommodate fixes for CVE-2023-39325 & CVE-2023-44487 #7887
OCPBUGS-22895 : Do not generate azure-cloud-provider in manual mode for aro builds #7670
OCPBUGS-22771 : aws: use security groups from defaultMachinePlatform #7658
OCPBUGS-24489 : baremetal: populate customDeploy in advance #7802
OCPBUGS-22770 : destroy: gcp: fix destroying regional disks #7657
Bug OCPBUGS-22776: OpenStack: Fix IPv6 address configuration for bootstrap #7660
OCPBUGS-22978 : IBMCloud: Add eu-es region #7684
OCPBUGS-23399 : Check if PER is enabled in the target PowerVS workspace #7736
OCPBUGS-22688 : Bump Fedora CoreOS to latest stable #7647
OCPBUGS-22774 : Add KMS encryption keys if provided #7659
OCPBUGS-21868 : vSphere,segfault on version check #7605
OCPBUGS-22945 : Update gcloud version to 447.0.0 #7681
OCPBUGS-22187 : azure: validation: validate defaultMachinePlatform #7615
OCPBUGS-22758 : update RHCOS 4.14 bootimage metadata to 414.92.202310210434-0 #7655
OCPBUGS-19922 : Release 4.14 skip agent tui on external oci platform #7599
OCPBUGS-21653 : Rectify GCP label key validation check #7606
OCPBUGS-20357 : update RHCOS 4.14 bootimage metadata to 414.92.202310170514-0 #7618
OCPBUGS-20396 : Unable to disable external CCM for platform external #7594
OCPBUGS-20522 : Use changes to AgentClusterInstall during loading #7588
Enforcing the serial execution of the integration tests #7598
OCPBUGS-20581 : enable cloud controller manager type to be defined #7581
OCPBUGS-20441 : Warn about host and target compatibility #7583
OCPBUGS-20345 : Enable serial console for external OCI platform #7569
OCPBUGS-20401 : always write AWS cloud.conf #7578
OCPBUGS-19922 : Do not start agent-tui if no graphical console available #7539
OCPBUGS-20103 : GCP default value for service account #7553
OCPBUGS-19953 : AWS terraform bootstrap destroy will not refresh state #7543
OCPBUGS-20066 : Use updated ansible-core for Openstack image #7551
OCPBUGS-19835 : Enable FIPS in agent ISO #7541
OCPBUGS-19846 : Graceful fail for AWS getUser on destroy #7532
OCPBUGS-19033 : Add Net capabilities to dnsmasq container #7489
OCPBUGS-19319 : Handle agent tui failure gracefully #7497
OCPBUGS-19738 : Remove warning about CPUPartitioning #7529
OCPBUGS-19300 : Implement workaround to allow SNO installations for OKD/FCOS #7479
OCPBUGS-19702 : Increase bootstrap timeout for vSphere platform by 30 mins #7528
OCPBUGS-19636 : Pass CPUPartitioning via install-config overrides if set #7521
OCPBUGS-18181 : update RHCOS 4.14 bootimage metadata to 414.92.202309201615-0 #7517
OCPBUGS-18719 : for vsphere ipi add cluster domain to the uploaded vm configs so that… #7477
OCPBUGS-18883 : Do not set FailureDomains on CPMS when in a single zone Azure region #7483
AGENT-702 : Generate minimal ISO for external platform #7478
OCPBUGS-18428 : Add ip=dhcp,dhcp6 kernel param for vSphere dual-stack #7467
OSDOCS-6999 : tested machine series ‘C3’, ‘C2D’ #7381
OCPBUGS-18450 : AWS permission missing for security group viewing. #7460
OCPBUGS-18365 : Fix defaulting of userManagedNetworking value #7458
integration tests: Swap order of diff arguments #7462
AGENT-693 : Support external platform #7442
OCPBUGS-18457 : Make extracting ISO kargs more robust #7463
OCPBUGS-18457 : Fix PXE integration tests #7461
OCPBUGS-17806 : gomod: bump openshift/api version #7421
OCPBUGS-17770 : azure: use marketplace image plan’s publisher #7426
OCPBUGS-7690 : azure: destroy: dns records leak if permissions missing #7433
OCPBUGS-17869 : azure: fix setting outboundType #7455
OSDOCS-6880 : Adding 64-bit ARM GCP instance types to documentation #7320
OCPBUGS-16204 : aws: attach additional security groups to controlPlane #7352
OCPBUGS-18046 : update govc version to v0.30.7 #7425
OCPBUGS-15659 : IPI pre-check for MachineAPI capability #7414
OCPBUGS-17860 : OpenStack: Remove NodePorts range 0.0.0.0/0 rules #7405
OCPBUGS-17073 : Revert “Merge pull request #7205 from rna-afk/azure_managed_by_tag” #7412
OCPBUGS-17940 : Add COS endpoint to proxy server (Power VS) #7430
AGENT-692 , OCPBUGS-3860 : Update assisted-service dependencies #7439
OCPBUGS-17227 : gcp: fix validation of custom instance types #7388
OCPBUGS-17869 : azure: put NAT gateway behind TechPreviewNoUpgrade #7434
Destroy startironic.sh forever #7250
CORS-2660 : GCP: deprecate the licenses field #7397
CFE-858 : Update google terraform provider to latest version #7201
MULTIARCH-3676 : PowerVS TG terraform changes #7389
CFE-686 : Generate Infrastructure CR with the GCP user defined tags & labels #7138
CFE-687 : Apply user defined labels on created gcp resources #7153
OCPBUGS-11999 : upkeep: updated description to remove techpreview #7313
CORS-2700 : Make bootstrap S3 bucket optional during bootstrap destroy #7288
CFE-688 : Update install-config CRD to support gcp labels and tags #7126
OCPBUGS-16776 : update RHCOS 4.14 bootimage metadata to 414.92.202308032115-0 #7409
Add baremetal capability validation #7394
azure: validation: machinepool: sort slice before comparing #7407
OCPBUGS-13408 : Log message and add integration test #7408
PowerVS: Update listCOSInstances to continue querying #7404
maintenance: update openshift/api #7401
MGMT-13628 : add support for confidential VMs on Azure #7312
openstack: Test zero replicas in worker machine-pool #7400
OpenStack: Fix user docs for additional network with IPv6 #7395
gather: Use journalctl -o with-unit
#7371
SPLAT-1123 : Revert Alibaba deprecation warning #7396
OCPBUGS-15994 : Update core password after loading config-image #7338
OpenStack: Remove SGS created by CPO on destroy #7378
data/data/coreos: bump FCOS to F38 stable #7311
OCPBUGS-16912 : Ensure DHCPv6 client sends Solicit with mac address #7384
Bug OCPBUGS-16249: Add ip=dhcp,dhcp6 option to Kernel args #7367
PowerVS: Check whether Machine pool CIDR is /24 #6903
OCPBUGS-16292 : GCP XPN: clarify service account support #7347
OCPBUGS-6759 : Fix discrepancy with disk size master #7100
OCPBUGS-16959 : openstack/upi: add missing modules namespaces + doc #7373
CORS-2719 : Remove service account user permission #7291
OCPBUGS-17064 : always create a MachineSet #7380
OpenStack: Fix default for openstack_worker_server_group_names #7359
OCPBUGS-16692 : OpenStack: fix crash with empty platform in machinepool #7363
CORS-2445 : GCP add bootimage override in install-config #7215
CORS-2503 : azure: use marketplace images for all nodes #6890
MULTIARCH-3676 : PowerVS add transit gateway destroy #7294
CORS-1770 : Support pd-balanced disk types for GCP deployments #7337
OCPBUGS-15989 : vSphere - bump terraform provider #7354
OWNERS_ALIASES: Add new user to owners_aliases #7348
OCPBUGS-16515 : gcp: use zones available for both instance and project #7317
OCPBUGS-15852 : Single node cannot be installed if etcd appears in the hostname #7304
OCPBUGS-14877 : Validate that number hosts does not exceed replicas #7268
CORS-2628 : Allow users to set ManagedBy tag to resource group #7205
OCPBUGS-16380 : Add /etc/containers volume on create-cluster-and-infraenv #7332
OCPBUGS-16207 : ic: aws: validate max security groups #7345
OpenStack: Add steps to enable dual-stack clusters #7269
Revert “Merge pull request #7096 from r4f4/gcp-instance-zones” #7360
SPLAT-657 : AWS Local Zones subnets automation for edge compute pool #7137
OSASINFRA-3193 : Update openstack/Dockerfile.ci for ansible-core #7346
Include start-cluster.env in agent-gather #7350
Fix the deployment on OpenStack for worker pools with no replicas. #7356
OCPBUGS-16219 : Fix timing issue between network services #7355
OCPBUGS-16415 : Sync nmstateconfig script with assisted-service changes #7353
Agent: Allow additional kernel args to be passed to ISO #7306
Remove mentions of use-octavia #7335
OCPCLOUD-2036 : introduce External platform type #7217
OCPBUGS-16395 : openstack/upi: update doc for CCPMSO #7351
OCPBUGS-16245 : Make nmstateconfig.yaml optional in config-drive #7333
OSASINFRA-3181 : Volume Types for OpenStack CPMS #7300
CORS-2445 : GCP: Add default values for arm64 #7258
PowerVS: Replace deprecated key_id attribute with name for ibm_pi_key resource #7256
PowerVS: Handle empty serviceInstanceID in metadata.json #7328
OpenStack: Dual stack support with BYON #6797
MULTIARCH-3667 : Add support for CPMSO for Power VS #7226
OCPBUGS-15421 : Allow different service account for xpn installs in gcp #7308
OCPBUGS-15997 : openstack: add root volume AZ validation #7309
aws: drop hostedZoneRole Feature Gate #7327
Agent: clear service status once all services started #7316
AGENT-660 Display insert config image message to console #7299
PowerVS: Create new newAuthenticator function #7321
OCPBUGS-9404 : azure: skip LB creation when not needed #7063
Revert “Merge pull request #7289 from r4f4/padillon-settle-ops” #7318
Agent: Log kernel params when generating pxe assets #7314
OCPBUGS-15238 : GCP: ic: client: use a higher context timeout #7290
AGENT-648 : Remove validation check limiting None platform to SNO #7236
Allow destroy for C2S isolated (us-iso and us-isob) partitions. #7086
OCPBUGS-15999 : update RHCOS 4.14 bootimage metadata to 414.92.202307070025-0 #7310
OCPBUGS-14900 : Use correct SELinux label. Make rename atomic. #7307
create: add check for cluster operator stability #7289
SPLAT-827 : support static IP assignments with vSphere IPI #7179
AGENT-562 : Load config from config image #7200
OCPBUGS-15825 : Fix agent gather tui logs #7293
OSASINFRA-3155 : OpenStack: Create ControlPlaneMachineSet CRDs #7280
ic: gcp: validate instances against user-configured zones #7096
AGENT-678 : Fix concurrency issue in agent integration tests #7303
OCPBUGS-14762 : Use the same names for public LB in IPI and UPI Azure #7292
OCPBUGS-2324 : terraform: aws: bump version to 5.4.0 #7274
tls/root: Document this more and change friendly name #7232
CORS-2572 : azure: implement egress via NAT gateway #6933
docs: Add note about not configuring allowed address pairs for day 2 manila configuration #7287
OCPBUGS-14932 : specify azure cli version #7297
OCPBUGS-14932 : Update azure cli to 2.40.0+ #7216
PowerVS Add support for Capped processors #7286
CORS-2645 : AWS Cross-Account Private Hosted Zone: Add Further Validations #7253
AGENT-624 : Allow override of networkType #7223
Update hack/go-test.sh to golang 1.20 #7270
AGENT-627 : Decompress kernel on ARM #7276
OWNERS_ALIASES: offboard ashcrow and bgilbert from CoreOS #7275
AGENT-558 Generate unconfigured agent ignition #7186
OWNERS: merge agent/installer #7278
OSASINFRA-3182 : openstack: remove portTargets #7239
AGENT-498 : Get iPXE script template kernel parameters from ISO #7150
OCPBUGS-15238 : GCP: ic: improve project validation #7267
Default dataStore is returned the name instead the inventoryPath #7261
Use the correct image name for agent-tui extraction #7266
OCPBUGS-13636 : new Aws secret regions support #6184
CORS-2372 : Azure: auth Installer with Managed Identity from VM #7108
OCPBUGS-11796 : azure: skip NSG creation when BYO vnet #7094
OCPBUGS-9435 : terraform: aws: secret regions now support ALIAS record #7184
SPLAT-1094 : warn users about deprecation of Alibaba Cloud #7257
OCPBUGS-14869 : Add timezone info in installer logs #7243
CORS-2656 : Remove context from cluster uninstaller struct #7169
openstack: document external LB #6920
bootkube: Drop cruft in MCO bootstrap #7244
Update OWNERS_ALIASES #7203
Agent: run shellcheck on start-cluster-installation.sh #7062
OSASINFRA-2168 : Docs: update OpenStack requirements #7015
OCPBUGS-15095 : Add kubevirt digest-ref in RHCOS boot images #7254
AGENT-563 : Create configuration image #7157
AGENT-510 : Support interactive network console when pxe booting #7185
Allow CustomNoUpgrade features via install-config #7246
MULTIARCH-3664 : enable multipath for powervs #7222
OCPBUGS-13960 : update RHCOS 4.14 bootimage metadata to 414.92.202306141028-0 #7247
CFE-829 : Remove Azure Tags TechPreview only indicators and checks #7187
CORS-2631 : Add additional security group ids in AWS #7151
AGENT-596 : use agent-installer-utils for agent-tui extraction #7212
AGENT-491 : Support pxe base url #6723
OCPBUGS-14917 : PowerVS: Cleanup service instances for destroy cluster #7173
OpenStack: add support to multiple subnets in the bootstrap #7111
Add ControlPlaneMachineSet for Nutanix #7119
OPNET-298 : Allow primary-v6 dual-stack on vSphere #7124
CORS-2613 : AWS: Cross-account Shared VPC Support #7225
OpenStack: support user provided dual-stack api and ingress Port #7133
OpenStack: configure IPv6 address in the bootstrap node #7128
SPLAT-995 : vSphere Add new template field #6995
OCPBUGS-14757 : images: installer: add xz to the container #7238
OCPBUGS-14818 : disable oVirt provider #7213
AGENT-556 : Wait for rendezvous host configuration #7068
OCPBUGS-13955 : support OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE #7211
OCPBUGS-14121 : Convert Rendezvous IPv6 address to canonical format #7234
OCPBUGS-14416 : Shorten SNO installation duration by releasing CPC lease #7219
OCPBUGS-14565 : Replace with govc docker image and fix ibmcli folder permission issue #7231
OCPBUGS-13108 : Log additional host info at warning level #7209
OCPBUGS-13662 : Ignore CPUPartitioning for ABI #7218
OCPBUGS-11736 : gcp use preconfigured private zone for installation #7155
Bump & vendor k8s 1.27 dependencies #7220
OCPBUGS-10342 : Check that number of replicas matches hosts #7059
OSASINFRA-3153 : move loadBalancer
API to GA for OpenStack #7127
OCPBUGS-10306 : [vSphere] Upi installation failed due to VMs for master and worker node creation failed #6999
AGENT-567 : Re-enable ‘create pxe-files’ command #7102
AGENT-555 : Move Rendezvous Host config to separate file #7061
OCPBUGS-13764 : Support /dev/disk/by-path root device hints #7192
OCPBUGS-1769 : Ignore IAM Roles that the Installer is not authorized to access #7180
OCPBUGS-14077 : MULTIARCH-3492: Avoid conflicting subnets #7145
OCPBUGS-14076 : PowerVS: Remove ClusterOSImage #6996
OCPBUGS-13094 : Use oc command in bootkube.service in a disconnected env #7178
OCPBUGS-7410 : Reject active VPC connections before service destroy #7101
OCPBUGS-7699 : CVE: go-getter vulnerable to denial of service via malicious compressed archive #6893
OCPBUGS-13552 : vSphere Add ova sha query; additional debugging #7171
OCPBUGS-13718 : ic: azure: validate diskTypes in AzureStack #7194
OCPBUGS-9378 : vSphere set bootstrap/master efi #7154
OCPBUGS-13535 : Set AdditionalTrustBundle in override when mirroring not enabled #7182
OCPBUGS-13547 : Ensure –payload-version is set for MCO on bootstrap #7160
OCPBUGS-13547 : remove special cases for featureset in rendering #7189
OCPBUGS-7978 : FCOS: bump to latest stable version #6902
OCPBUGS-13628 : Revert “remove special cases for featureset in rendering” #7183
OCPBUGS-13300 : masters on a single compute server group #7172
OCPBUGS-3542 : Add bootstrapExternalStaticDNS #6585
remove special cases for featureset in rendering #7158
OCPBUGS-13253 : update RHCOS 4.14 bootimage metadata to 414.92.202305090606-0 #7176
pass payload version and manifests to kas and kcm #7152
OCPBUGS-9081 : openstack destroy: account for BULK DELETE limits on object-storage #7168
OCPBUGS-7699 : terraform: google: bump provider for go-getter CVE fix #7051
OCPBUGS-13107 : openstack destroy: Limit Swift workers to 3 #7165
Updating ose-installer-artifacts images to be consistent with ART #7122
OCPBUGS-11921 : GCP XPN: Pass instance service acct in manual mode #7117
OCPBUGS-12964 : Bootstrap on aws should have same metadata service type as on other nodes #7149
OCPBUGS-11792 : update RHCOS 4.14 bootimage metadata to 414.92.202304252144-0 #7135
pass featuregate args to config-operator to get rendered featuregates #6990
OCPBUGS-12904 : openstack: Add netcat to the Installer image #7142
OCPBUGS-12776 : GCP XPN Private Cluster Fails with no Public Zone #7134
OCPBUGS-12869 : fix nmstate related unit tests #7089
Updating ose-baremetal-installer images to be consistent with ART #7121
Updating ose-installer images to be consistent with ART #7120
OCPBUGS-12748 : use python3 for cloud sdk #7118
OCPBUGS-12196 : bump CVO to stable-4.14 #7114
OCPBUGS-11999 : fix: remove feature flag for cpu partitioning no longer needed #7110
OCPBUGS-11801 : Fix agent-tui libnmstate dependency name #7095
OpenStack: enable ingress traffic for dual-stack installations #7099
OCPBUGS-10767 : Fix and improve locking session and AWS Metadata access #7070
OWNERS_ALIASES: offboard Sohan from CoreOS #7103
OCPBUGS-9081 : openstack: Bump Gophercloud #7098
OCPBUGS-11100 , OCPBUGS-11102 , OCPBUGS-11418 : CVE: bump hashicorp/vault version #7091
OCPBUGS-11788 : update RHCOS 4.14 bootimage metadata to 414.92.202304131328-0 #7092
OCPBUGS-8449 : Azure: don’t set default subscriptionID for disk encryption sets #7076
pkg: rhcos: use Errorf instead of Error #7074
OCPBUGS-4998 : Log additional info when status is pending-user-action #7060
OCPBUGS-10673 : [Alibaba] update the bandwidth value of EIP #7011
OCPBUGS-11636 : AWS - Remove ACLs from s3 ign #7081
OCPBUGS-11479 : Upgrade libnmstate version used #7075
OCPBUGS-10478 : gather: azure: fix collecting VM serial logs #6992
Add imageDigestSources, deprecate imageContentSources #6235
PowerVS: fix human readable group-id #7073
docs: gcp: upi: update obtaining RHCOS source image #7072
gcp: add confidential compute support for boostrap TF #7002
AGENT-275 : Add new agent graph command to output agent internal dependency graph #7066
OCPBUGS-7954 : openstack: Only check HTTPS certs on public endpoints #7057
MULTIARCH-2517 : PowerVS: create install-config improvements #6885
OCPBUGS-10845 : Use 100 GB as minimum disk size in validations #7025
openstack: Bump CI base image to v4.14 #7052
terraform: don’t run zip if building provider binary failed #7047
OCPBUGS-8449 : pkg/asset/installconfig: set subscriptionID #6975
OCPBUGS-11039 : remove container-runtime flag from kubelet config #7036
rhcos: Bump to 414.92.202303281555-0 #7038
update tested instance type on 4.13 #7042
OCPBUGS-11038 : GCP: add europe-west12 region to the survey as supported region #7033
OCPBUGS-7966 : Do not remove host default configuration unless network configuration is provided for it #6991
OCPBUGS-2130 : vSphere - finding networks use full path cluster #6973
OCPBUGS-7699 : bump terraform for go-getter CVE fix #6892
OCPBUGS-8349 : Kubelet Client Cert should include system:serviceaccounts group #7032
OCPBUGS-10728 add project filter to gcp usage api requests #7018
OCPBUGS-10638 : Properly handle invalid agent command #7005
OCPGUS-2363 : IBMCloud: Use direct COS endpoint #6952
OCPBUGS-9081 : openstack/destroy: BulkDelete more objects at once #7017
OCPBUGS-8035 : IBMCloud: Fix SSH Private bootstrap #6944
OCPBUGS-7973 : IBMCloud set dnsrecords offset #6924
OCPBUGS-8509 : baremetal: do not use port 80 for httpd #6945
OCPBUGS-9982 : bootstrap-pivot: skip pivot in SCOS Live ISO #6965
PowerVS: Add capacity checks before installation #6850
OCPBUGS-8237 : update terraform-provider-ironic to 0.4.0 #6956
OCPBUGS-6727 : Nutanix Hostname of the VM is not set when using DHCP network config #6981
AGENT-502 : add agent-tui it test #6978
openstack: Remove version info, update lb FIP -> API FIP #7001
OCPBUGS-10570 : openstack: No master primarySubnet control-plane if portTarget is set #6994
OSDOCS-5240 : doc/fix-aws-localzones: replace jq to aws –query #6993
OCPBUGS-10207 : Do not always output warning msg when releaseImage is digest #6971
OCPBUGS-7015 : vsphere, nutanix survey: relax vip in machine cidr #6967
OCPBUGS-9949 : Verify output file exists when oc image extract
is run #6960
OCPBUGS-7954 : openstack: Provide manual instructions for invalid certificates #6998
OCPBUGS-10313 : fix agent tui showing up multiple times #6977
Bump mongo-driver from 1.10 to 1.11.2 #6987
OCPBUGS-8540 : CVE: bump mongo-go-driver for fix #6950
OCPBUGS-10394 : Sort userTags in Machine and Machineset manifests #6976
Shorten SNO installation duration by releasing CVO lease #6757
OCPBUGS-2968 : bootstrap: Do not needlessly podman pull #6536
terraform: google: bump stringset dependency #6951
openstack-manifests: Export JUnit results #6966
Updating ose-installer-artifacts images to be consistent with ART #6968
quota: gcp: replace deprecated monitoring package and fix linting issues #6896
OCPBUGS-8119 : CVE-2023-25173: bump containerd #6949
OCPBUGS-8468 : aws: bump aws-sdk-go version #6943
data: libvirt: increase volume size to 32GB #6963
Updating ose-baremetal-installer images to be consistent with ART #6954
Updating ose-installer images to be consistent with ART #6953
refactor: replace github.com/ghodss/yaml
with sigs.k8s.io/yaml
#6935
OpenStack: support multiple API and ingress VIPs #6940
update RHCOS 4.13 bootimage metadata #6886
OCPBUGS-8094 : In agent ‘wait-for bootstrap’ command, test ssh to Node0 #6919
openstack-manifest: Show assets dir if persisted #6929
OCPBUGS-7262 : Disable systemd status while TUI showing #6925
OpenStack Failure domains #6917
OCPBUGS-8203 : Don’t log password values #6922
OCPBUGS-5129 : Pass Capabilites from install-config to cluster #6923
OCPBUGS-8305 : Power VS: Add resourceGroup to infrastructure manifest #6928
AGENT-356 : Disable ‘create pxe-files’ command #6927
OCPBUGS-8258 : Specify filename for default registries.conf #6926
openstack: consistent TechPreview-only feature validation #6916
RFE-2782 : Create edge compute pool to support AWS Local Zones #6371
And 2 elided commits (e.g. from squash or rebase merges)
Full changelog
OCPBUGS-35475 : Remove some of newapp unit tests relying on external deprecated images #1802
OCPBUGS-35447 : bump go-git to 5.11.0 #1799
OCPBUGS-30287 : oc adm catalog mirror: use ToSlash and FromSlash to unify the path separators #1699
OCPBUGS-25983 : Remove deprecated password defaulting in default config flag #1646
OCPBUGS-24197 : Add client version in must-gather summary #1607
OCPBUGS-24460 : Overwrite template’s namespace with the explicit one #1616
OCPBUGS-22702 : Reflect container’s exit code for long running tasks not attached to terminal #1592
OCPBUGS-20508 : regeneratemco: explicitly check for PlatformStatus field #1573
OCPBUGS-20527 : Set ImportPolicy to PreserveOriginal to honor –keep-manifest-list when mirroring a payload to an image stream #1574
OCPBUGS-21611 : Bump golang.org/x/net to v0.17.0 #1579
OCPBUGS-20258 : Updating excluded list of unsupported oc adm commands in MicroShift #1561
OCPBUGS-20269 : Use quay redis image instead docker mysql #1562
OCPBUGS-17925 : pkg/cli/admin/prune/images: omit not found error for deployment configs #1530
OCPBUGS-17253 : Bump go x/net library to 0.13.0 #1529
OTA-559 : Revert “Revert “pkg/cli/admin/release/extract: Add –included and –install-config”” #1528
OCPBUGS-17711 : Revert “pkg/cli/admin/release/extract: Add –included and –install-config” #1527
Update openshift/api #1525
OTA-559 : pkg/cli/admin/release/extract: Add –included and –install-config #1521
Stop using deprecated github.com/docker/docker go APIs #1514
OCPBUGS-16735 : Truncate existing files when writing from inspect #1520
introduce plugin and plugin shadowing tests for oc #1424
pkg/cli/admin/upgrade: Newlines after –allow-upgrade-with-warnings errors #1519
Add profiling functionality and flags in oc #1516
Fix typo in /var/log folder #1517
login: improve usage message for –web option #1513
Bump k8s packages to 1.27.4 #1515
OTA-994 : pkg/cli/admin/release/extract: Centralize manifest extraction #1404
OCPBUGS-16009 : reboot: set ignition version to 3.1 #1499
Add tls-server-name when property exists in kubeconfig #1456
OCPBUGS-15776 : mcs cert: account for environments that use IP directly #1497
OCPNODE-1656 : oc release info: Introduce –idms-file and deprecate –icsp-file #1465
AUTH-355 : Add OAuth2 Authorization Code Grant Flow for login #1402
upgrade distribution No 2 #1495
WRKLDS-700 : bump(k8s) to v1.27.2 #1420
OCPBUGS-15012 : oc image extract: idms-file flag map to IDMSFile field #1464
Correct incorrect command in observe command #1419
Clarify the use of the filter without keep-manifest-list #1414
OCPBUGS-10612 : make registry auth prefence default to podman config locations #1376
handle the error case of node retrieval while waiting for reboot #1482
Fix the output of error prompt #1433
pkg/cli/admin/upgrade: Surface Recommended=Unknown more prominently #1442
pkg/cli/admin/upgrade: Add post-period to space to some error messages #1330
Wait for reboot #1473
tweak output format #1471
OCPNODE-1580 : Add –print-mirror-instructions to oc adm release mirror to allow idms instructions #1341
add reboot-nodes #1468
Trust check #1469
fix directories for consistency #1467
ocpcertificates: add ability to rotate MCS CA/cert #1450
OCPNODE-1656 : oc image extract: Introduce IDMS as alternative source #1426
pernodepod: percent works like this #1463
ocpcertificates: don’t make assumptions on resources not to bring pip… #1462
allow running a command while the kubelet is off #1459
add command to create new bootstrap kubeconfig for kubelet #1458
ocpcertificates: fix handling resources by names explicitly + other cosmetic fixes #1460
tweaks needed for wait #1455
Add a command to remove older trust #1447
create command to create new adminkubeconfig #1452
add a command to copy content to every node #1454
Minor updates to CLI help text #1453
add command for regenerating OCP leaf certs #1443
add a new command to wait for all clusteroperators to go stable #1444
add command to produce an updated CA bundle for trusting the kube-apiserver #1446
add printing for new revisions #1445
add oc adm ocp-certificates regenerate-top-level #1439
OCPBUGS-11652 : Extend adm node-logs to new API #1403
OCPBUGS-12793 : adds a mapping for exposed ports to DockerConfig when manifest listed #1415
OCPBUGS-14340 : Name containers w/‘multi’ when mirroring a multi release image #1423
OCPBUGS-11123 : oc adm groups sync: all groups: print warning before caching #1436
OCPBUGS-11632 : Skip invalid events yamls and continue #1429
OCPBUGS-14082 : Remove closed centos7 registry from newapp unit tests #1430
OCPBUGS-12901 : preserve explicit release image in ClusterVersion #1416
OCPBUGS-11123 : oc adm groups sync: fix the annotation key #1427
OCPBUGS-11123 : oc adm groups sync: print a warning when two or more groups are mapped to the same ldap uid #1425
OCPBUGS-13355 : Use RequestToken functions from library-go #991
OCPBUGS-11632 : Improve error log messages in event filtering #1417
OCPBUGS-12143 : oc login: unwrap tls.CertificateVerificationError to use x509 errors #1406
pkg/cli/admin/upgrade: Clarify client-side vs. server-side docs #1181
replace trimLeft with trimPrefix #1400
Support OCI manifest lists in image mirror #1362
OCPBUGS-8004 : Fix bug when recreating an index with fewer images #1335
adm catalog mirror update example to idms #1401
OCPBUGS-10843 : oc debug unique pod name #1393
adm catalog mirror generates idms manifest #1389
OCPBUGS-1115 : Use linux/arch when user’s OS isn’t in manifests #1311
Remove already deprecated adm create-kubeconfig command #1367
append: expose keep-manifest-list option and preserve manifestlist when appending to specific arch images #1361
Updating ose-tools images to be consistent with ART #1369
OCPBUGS-8048 : pkg/cli/admin/upgrade: Client-side checks for –to-multi-arch #1359
IR-300 , IR-301 : generates ImageStreamTags with import-mode when using oc new-build and oc-new-app #1353
OCPBUGS-10879 : Fix deprecated oc command suggestion #1390
Exclude irrelevant commands from MicroShift documentation #1375
Test Fix: Allow submodule using file transport with newer git #1378
Updating openshift-enterprise-deployer images to be consistent with ART #1368
Updating openshift-enterprise-cli images to be consistent with ART #1364
OCPBUGS-3393 : Always copy the blobs if the target isn’t a registry #1355
Updating ose-cli-artifacts images to be consistent with ART #1370
OCPBUGS-1117 : The architecture of oc in the cli-artifacts’ /usr/bin folder should to the one of the built image #1374
OCPBUGS-10622 : bump repo sclorg/s2i-ruby-container location for newapp test #1377
Add microshift into generate-docs #1365
OCPBUGS-5949 : Add subrepository support for ICSP #1350
And 1 elided commits (e.g. from squash or rebase merges)
Full changelog
OCPBUGS-60975 : ccoctl: aws to use proper issuer url on subsequent runs #911
OCPBUGS-58677 : github.com/golang/glog v1.2.5 #895
OCPBUGS-53418 : github.com/golang/glog v1.2.4 #845
OCPBUGS-53819 : update github.com/golang-jwt/jwt #841
OCPBUGS-51542 : Ignore SNYK-GOLANG-GOLANGORGXOAUTH2JWS-8749594 due to not being affected #830
OCPBUGS-47069 : golang.org/x/net v0.33.0 #810
OCPBUGS-46487 : Add AWS region to aws-pod-identity-webhook #801
OCPBUGS-45009 : Add retry to ccoctl gcp create functions #791
OCPBUGS-45004 : github.com/golang-jwt/jwt/v4 v4.5.1 #785
OCPBUGS-43647 : Only attempt timed token credentials on supported platforms. #775
OCPBUGS-43339 : Update github.com/sirupsen/logrus v1.9.3 #769
OCPBUGS-41236 : List secrets in batches to avoid api timeout #755
OCPBUGS-38378 : Update google.golang.org/grpc v1.65.0 #750
OCPBUGS-37823 : GCP passthrough permissions check to ignore problematic permissions. #741
OCPBUGS-37062 : Update cloud.google.com/go/storage v1.43.0 #742
OCPBUGS-37420 : SNYK ignore go-client misreporting #739
OCPBUGS-37276 : Update to azidentity v1.7.0 #732
OCPBUGS-36029 : IBM/go-sdk-core update to v5.17.4 #721
OCPBUGS-36716 : AWS STS should not error when a credentailsRequest does not have awsSTSIAMRoleARN #713
OCPBUGS-32899 : Upgrade go-jose module to 2.6.3 #697
OCPBUGS-29156 : Fix the ClusterOperator watch of the status controller #676
OCPBUGS-28231 : Guard upgrading GCP from 4.14 to 4.15 without RoleAdmin permissions #670
OCPBUGS-29199 : ccoctl - use proxy when validating CloudFront URL #678
OCPBUGS-27911 : Resolve all outstanding snyk vulnerabilities #650
OCPBUGS-28382 : Use cached clients to avoid client side throttling #666
OCPBUGS-27515 : Write manifests when AWS IAM roles already exist. #659
OCPBUGS-26512 : Use live client for metrics #647
OCPBUGS-25275 : Azure Workload Identity info in CredsRequests creates a Secret #643
OCPBUGS-24346 : Discover AWS dns suffix from partition and region. #635
OCPBUGS-23986 : Use per-project custom roles instead of per-cluster custom roles #631
OCPBUGS-23426 : Explicitly set the vsphere secret credential data on sync. #629
OCPBUGS-21388 : Upgrade golang/x/net for CVE-2023-39325 #622
NO-ISSUE: Removing andrew from OWNERS #617
snyk: exclude vendor/ #615
OCPBUGS-22651 : explicitly set azure oidc bucket to allow public blob access #612
OCPBUGS-21926 : azure create-managed-identites to add cloud controller manager to network resource group #608
OCPBUGS-19865 : Add networkResourceGroupName parameter for Azure #602
OCPBUGS-17719 : Double timeout delays for managed identity creation and role assignment from 2 to 4 minutes. #591
pkg/aws/actuator: Drop comment which suggested passthrough permission verification #590
CCO-363 : Adding azure identity webhook #559
OCPBUGS-16684 : Set cr.status.provisioned=false on syncErr path #583
OCPBUGS-17049 : update lastSyncGeneration in STS flow sync success #585
Revert “CCO-401: Add azure-workload-identity-webhook to image references.” #588
CCO-401 : Add azure-workload-identity-webhook to image references. #586
CCO-413 : Add dataPermissions to Azure credentials request. #584
CCO-402 : Create Azure AD pod identity webhook config secret manifest in create-all,create-oidc-issuer #573
OCPCLOUD-2012 : ccoctl: Plumb credreq.spec.cloudTokenPath override into Azure secret creation #580
OCPBUGS-16807 : ccoctl azure exit with error when OIDC and installation resource group names are the same #582
OCPCLOUD-2012 : ccoctl: Add –enable-tech-preview arg to azure create-all subcommand. #581
OCPBUGS-16614 : *: stop checking for the STS feature gate #579
Add DOCKER_CMD Makefile var to use podman when found. #577
OCPBUGS-16614 : go.mod: re-vendor openshift/api #578
CCO-233 : Add Azure AD Workload Identity doc. #566
*: use a global codec #576
OCPBUGS-16313 : pkg/operator: correctly fetch CA for AWS minter #575
OCPBUGS-16334 : Clarify updateActuatorConditions & update lastSync #568
OCPBUGS-16313 : manifests: allow list/watch globally on our config configmap #572
CCO-388 : manifests: add cloudcredentials.operator.openshift.io to HCP #571
Revert “manifests: manually amend resources that get laid down by CVO in HCP” #570
OCPBUGS-15365 : manifests: fix rbac #567
OCPBUGS-15906 : ccoctl azure delete to also delete role assignments #564
OCPBUGS-16088 : Adds [default] section header to STS Secrets #565
OCPBUGS-16036 : Set status on CR properly when STS provisioned #562
Revert “Merge pull request #398 from csrwng/exclude_config_ibmcloud” #561
OCPBUGS-15365 : *: use correct clients in the secretannotator #563
OCPBUGS-15365 : *: use a filtered LIST + WATCH on Secrets for AWS STS #545
reconcile status when the clusteroperator changes #560
CCO-353 : ccoctl to create azure custom roles #556
CCO-394 : Do not Add PodIdentityWebhook controller when InfraStatus.ControlPlaneToplogy is External. #547
CCO-366 Add ability to detect AWS STS and behave accordingly #542
Implement ccoctl command to create infrastructure required for Azure workload identity #523
PORTENABLE-526 : operator: use a partial metadata watch for Namespaces #546
manager: filter the cache of configmaps #544
Bump to go 1.20 in go.mod #536
OCPBUGS-13549 : Determine AWS partition based on region for readOnlyAnonUserPolicyTemplate bucket ARN. #537
Add a make target and stub for actuator e2e tests #535
Updating ose-cloud-credential-operator images to be consistent with ART #534
Updating ose-cloud-credential-operator images to be consistent with ART #533
Updating ose-cloud-credential-operator images to be consistent with ART #532
OCPBUGS-11671 : ccoctl: Enable public anon read access to default OIDC S3 bucket #526
Updating ose-cloud-credential-operator images to be consistent with ART #521
OCPBUGS-8666 : Correct pod-identity-webhook annotations for PreferredDuringScheduling. #522
SPLAT-950 : doc/aws-sts : steps to migrate from public bucket to private issuer URL #515
OCPBUGS-8666 : feat: add workload annotation to pod identity webhook deployment #520
Upgrade build-machinery-go: make vulncheck
#519
Bump golang.org/x/net from v0.5.0 to v0.7.0 #517
Full changelog
OCPBUGS-44095 : Backport SDN live migration #425
OCPBUGS-28649 : Add required PSa labels #403
NO-JIRA: add inert featuregate files to allow diff against later releases #398
OCPBUGS-21653 : Update openshift/api package to latest version #371
: OCPBUGS-21286: bump library-go to include switch to HTTP/1.1 #369
OCPBUGS-20439 : Remove Build CRD #363
OCPBUGS-16726 : psa - move into tech preview for 4.14 #354
Revert “Bump to enable ValidatingAdmissionPolicy in tech preview.” #346
Bump to enable ValidatingAdmissionPolicy in tech preview. #343
Bump openshift/api to add ValidatingAdmissionPolicy feature gate. #340
OCPVE-626 : bump(openshift/api@master) #341
CFE-689 : Update openshift/api package to latest version #335
OCPBUGS-16614 : go.mod: bump openshift/api #338
OCPBUGS-16614 : go.mod: update openshift/api #334
OCPBUGS-16507 : bump sigs.k8s.io/kube-storage-version-migrator #333
OCPCLOUD-2010 : Remove feature gate for external platform #331
SDN-4024 : Vendor openshift/api to get ANP feature-gate changes #330
Promote privateHostedZoneAWS from Tech Preview to Default #328
Update openshift/api #327
OCPBUGS-13547 : Promote Azure CCM from TPNU to default #307
OCPBUGS-15877 : go upgradeable=false when latencysensitive is used and not corrected #325
Enable feature gate for externalCertificate on Route API #326
stomp the latencysensitive featureset for equivalent default #324
WRKLDS-757 : Sync with openshift/api to drop MatchLabelKeysInPodTopologySpread from TechPreviewNoUpgrade #322
SPLAT-1099 : bump openshift/api for vSphere static IP feature gate and platform spec #323
remove dead flag for file #309
Changes to move to api@2d36f53 #321
OCPBUGS-12767 : Add CustomNoUpgrade CRD versions to payload #320
OCPCLOUD-2010 : Re-vendor api to support external platform #306
Update openshift/api to disable EventedPLEG featuregate in techpreview #317
update openshift/api for types and gates #316
Update github.com/openshift/api to pull in evented pleg and sigstore feature flags #312
Update github.com/openshift/api to pull in feature gates #311
OCPBUGS-6266 : Rename config-operator_00_namespace run level to 00 #303
Update library-go dependency #305
Add JoelSpeed to owners #302
Update API and library-go #301
Require consistency in rendered artifacts #299
specify all known featureGates in disabled #297
update render to handle directories of manifests #295
adjust to refined openshift/api types #296
update ordering and featuregates #294
add featuregate status #288
Updating ose-cluster-config-operator images to be consistent with ART #287
OCPBUGS-10037 : update openshift/api to get new apiserver schema #289
Full changelog
OCPBUGS-53867 : Bump github.com/golang-jwt/jwt #1229
OCPBUGS-53867 : Bump github.com/golang-jwt/jwt #1224
OCPBUGS-51598 : bump golang.org/x/oauth2 #1213
OCPBUGS-51312 : ensure that storage names don’t end in dashes #1185
OCPBUGS-44048 : fix proxy config and leader election test flakes #1153
OCPBUGS-44002 : Continuous pull-secret updates / slow initialization on build01 (test platform infrastructure) #1152
OCPBUGS-42935 : azureclient: stop validating credentials when creating the client #1137
OCPBUGS-39100 : Avoid Shared Access Key usage for Azure Storage Account when using Managed Identity based auth #1114
OCPBUGS-36035 : go.*,vendor: bump go-retryablehttp #1069
OCPBUGS-33147 : azure-path-fix: get client secret from k8s secret #1058
OCPBUGS-34668 : pkg/storage/s3: use force path style in favour of virtual hosted style config #1051
OCPBUGS-33409 : azurepathfix: check if platform status is nil before accessing it #1033
OCPBUGS-32450 : azure-path-fix: support auth via account key (without clientID) #1023
OCPBUGS-31857 : bump aws-sdk-go from v1.44 to v1.50 #1018
OCPBUGS-28989 : pkg/storage/s3: enable bucket key on encryption settings #995
OCPBUGS-29755 : azurepathfix: fix stack hub, government and workload identity setup #1005
OCPBUGS-29604 : move azure storage blobs from docker
back into /docker
#1001
OCPBUGS-22127 : increase storage account key cache expiration #941
OCPBUGS-20710 : mitigate effects of rapid reset #942
OCPBUGS-18794 : check if response is nil before using it #917
OCPVE-632 : add capability annotations to manifests #856
OCPBUGS-17882 : Add rbac permission IDMS, ITMS #891
TRT-1193 : Revert “IR-373: remove node-ca daemon” #899
CFE-846 : Add user defined tags to the GCP buckets created #873
IR-373 : remove node-ca daemon #867
build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.4 #877
build(deps): bump the k8s-dependencies group with 1 update #895
IR-363 : Update Azure Credentials Request manifest of the Cluster Image Registry Operator to use new API field for requesting permissions #890
build(deps): bump github.com/prometheus/common from 0.37.0 to 0.44.0 #878
CFE-682 : Add user defined labels to the GCP buckets created #872
CFE-682 : Update openshift/api package to latest version #887
IR-390 : Make a configmap for MCO to consume CAs #880
build(deps): bump github.com/aws/aws-sdk-go from 1.44.291 to 1.44.298 #879
build(deps): bump golang.org/x/net from 0.8.0 to 0.11.0 #871
build(deps): bump github.com/aliyun/aliyun-oss-go-sdk from 2.1.10+incompatible to 2.2.7+incompatible #869
.github/dependabot.yml: group certain dependencies #865
IR-389 : bump aws-sdk-go #860
.github: configure dependabot #861
IR-369 , IR-370 : support Azure workload identity #857
OCPBUGS-12132 : Updating ose-cluster-image-registry-operator images to be consistent with ART #854
Updating ose-cluster-image-registry-operator images to be consistent with ART #849
OCPBUGS-8224 : fix storage selection on IBM cloud #847
Full changelog
OCPBUGS-28247 : Remove “include.release.openshift.io/ibm-cloud-managed:” annotation #791
OCPBUGS-27063 : bump(library-go)=release-4.14 #787
OCPBUGS-21088 : Bump deps to address CVE-2023-44487 [4.14] #764
OCPBUGS-21088 : Bump deps to address CVE-2023-44487 #756
OCPBUGS-19553 : Update static pod manifests perms #749
add roles for the new privileged namespaces PSa syncer controller #743
OCPBUGS-15256 : Sync openshift/api to reduce installerpod configmap based file permissions to 0600 #740
OCPCLOUD-2010 : Re-vendor api and library-go for external platform support #736
OCPBUGS-14323 : Change manifest directory permissions #739
OCPBUGS-13579 : remove RBAC for cluster-policy-controller CM leader election #738
OCPBUGS-13579 : Drop flags removed in k8s 1.26 #737
Remove featureset flag and use only the manifest #735
Update cloud provider tests with feature gate changes #731
STOR-1263 : Bump k8s 1.27 #713
Read feature manifest #733
Restricted featuregate reader #732
use new featuregate API #730
OCPBUGS-12709 : Reset library-go branch after Azure revert #729
OCPBUGS-12133 : Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART #727
Revert azure out of tree provider change #724
OCPBUGS-11352 : AWS should not use external-cloud-volume-plugin post CSI migration #721
OCPBUGS-7440 : do not degrade KCM when when monitoring stack rollout is in progress #706
OCPBUGS-10568 : migrate to using lease objects for leader election #715
Updating ose-cluster-kube-controller-manager-operator images to be consistent with ART #709
OWNERS: remove ravi from the owners #714
Reset library-go to openshift fork #708
Update library-go dependency to move Azure to out of tree #705
Update library-go dependency to move AWS to out of tree #707
Full changelog
: OCPBUGS-21371: bump library-go to include switch to HTTP/1.1 #96
Revert “specify master node selector on migrator pod” #93
OCPBUGS-17170 : specify master node selector on migrator pod #92
OCPBUGS-16513 : bump(*): update to 1.27.1 #91
Fix operator doc in README #90
Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART #89
Full changelog
OCPBUGS-51170 : Use applyconfigurations for updating network.oprerator status #2660
OCPBUGS-48323 : Pass transit_switch_subnet options in ovnkube-node pod for single-zone #2617
OCPBUGS-42754 : Set mount propagation to HostToContainer for /var/lib/kubelet #2521
OCPBUGS-47320 : Pass transit_switch_subnet options in ovnkube-node pod #2607
OCPBUGS-43821 : manifests/02-cncc-credentials: Set skipServiceCheck for GCP #2546
OCPBUGS-39086 : Fix wait logic for IPsec certificate signing request #2481
OCPBUGS-41508 : Tighten the permissions on whereabouts.conf #2493
OCPBUGS-42021 : Add proxy env vars to onvkube-node #2505
OCPBUGS-38440 : [release-4.14] 4.14 subnet config #2473
OCPBUGS-37221 : Ensure that the node-identity webhook address contains colons for IPv6 #2440
OCPBUGS-38073 : Fix IC distributed control plane alerts #2463
OCPBUGS-37468 : Backport ipsec state metric #2444
OCPBUGS-32706 : Add conditions for ignored-namespaces #2380
OCPBUGS-36722 : update whereabouts crd #2434
OCPBUGS-34885 : [release-4.14] Fix 4.13->4.14 upgrade with ipsec enabled #2390
OCPBUGS-27925 , OCPBUGS-30579 : [release-4.14] tighten conditions for the state transitions in IC upgrade #2207
OCPBUGS-30021 : Fully disable network-node-identity on ROKS #2315
OCPBUGS-31669 : [release-4.14] ensure local networking deployments within hypershift use the client side load balancer to be resilient to control plane node failures #2311
OCPBUGS-31360 : Remove egressip write permissions from ovn-kubernetes-node #2320
OCPBUGS-30021 : [release-4.14] Disable network-node-identity on ROKS #2286
OCPBUGS-30100 : ipsec: fix openssl typo #2287
OCPBUGS-29168 : add env var in whereabouts-reconciler daemonset #2257
OCPBUGS-26573 : Improve troubleshooting IC upgrades #2076
OCPBUGS-29033 : network node identity: tolarate all taints #2248
OCPBUGS-18281 : only 2 master nodes are required for ovn-kubernetes #2154
OCPBUGS-29300 : Update ingressconfig_controller to use field Manager #2266
OCPBUGS-28608 : fix whereabouts conformance test failures #2235
NO-JIRA: add kyrtapz as reviewer and approver for release 4.14 #2228
OCPBUGS-27858 : [release-4.14] Add ConfigMap mount to the whereabouts-reconciler DaemonSet #2219
OCPBUGS-27013 : HyperShift, network-node-identity: Check the deployment in the management cluster #2195
OCPBUGS-24326 : adminpolicybasedexternalroutes CR accepts an invalid IP address #2196
OCPBUGS-24037 : remove all managed fields used by old manager #2112
OCPBUGS-24320 : Add apbroute/status patch rights for ovnkube-node to update status #2143
OCPBUGS-22787 , OCPBUGS-22788 , OCPBUGS-22789 : ovnkube: container scripts cleanup #2090
OCPBUGS-23371 : hypershift, hosted clusters: enable multi-homing and multi-net features #2117
OCPBUGS-21717 : Bump golang.org/x/net and github.com/openshift/library-go #2122
OCPBUGS-24633 : ipsec add pluto restart #2152
OCPBUGS-22363 : Added HCP label to CNO pods #2081
OCPBUGS-22286 : hypershift: adjust backoff on infrastructure name retry #2078
OCPBUGS-23011 : Block upgrades to 4.15 with Kuryr #2096
OCPBUGS-23315 : set automountServiceAccountToken to false for hypershift managed network-node-identity deploy #2107
OCPBUGS-19897 : HyperShift: Use the local konnectivity proxy when checking proxy readiness #2043
OCPBUGS-20472 : hosted cluster upgrade failure from 4.13 stable to 4.14 #2063
OCPBUGS-20254 : [release-4.14] Revert Kuryr MTU fixes #2046
OCPBUGS-20184 : [release-4.14]: Don’t run network node identity as root #2054
OCPBUGS-20064 : Multus should determine kubeconfig path [backport 4.14] #2050
OCPBUGS-19955 : get ipsecStatus from host daemonset #2045
OCPBUGS-19862 : Multus per-node certificates should have 24h duration [backport 4.14] #2040
OCPBUGS-19523 : use $CPE_NAME to find the OS major version #2017
OCPBUGS-19808 : remove prestop hooks for northd, sbdbd and nbdb #2036
OCPBUGS-19747 : [release-4.14] Use port 9108 for ovnkube-control-plane metrics #2033
OCPBUGS-19771 : Relax conditions to get IC upgrade started #2035
OCPBUGS-19748 : Fix config status MTU migration not being updated #2034
OCPBUGS-19725 : Do not enable node admission webhook if the CNI is not OVN-Kubernetes #2032
OCPBUGS-19686 : ipsec: remove preStop from host #2029
OCPBUGS-19627 : Multus per-node certificate request [backport 4.14] #2023
OCPBUGS-19461 : make ipsec.service required #2014
OCPBUGS-19649 : Network node identity: node-specific certificate in ovnkube-node, admission webhook #2011
OCPBUGS-19623 : multus: set MULTUS_NODE_NAME to filter pods to local node #2022
OCPBUGS-19481 : separate libovsdblogs from main ovnkube-master #2008
OCPBUGS-18728 : Kuryr: Set MTU on Bootstrap, not Render phase #1995
OCPBUGS-18871 : ipsec: fix oopsy from 2e3fc8e7a0 #1997
OCPBUGS-18874 : ovnkube: set northd backoff-interval and use a single thread to save CPU #1998
OCPBUGS-18135 : IBMCloud specific: patch out management workload for dataplane component thats needed for bootstrapping #1955
move IPsec to host #1849
OCPBUGS-17916 : Fix IC configmap lookup in pod_status.go #1954
OCPBUGS-17677 : [Azure]CNCC failed to assign egressIP to NIC for Azure Workload Identity Cluster #1980
OCPBUGS-18363 : Add ‘/etc/cni/multus/net.d’ into volumemount in multus pod #1979
OCPBUGS-18175 : Fix bond-cni’s default directory in multus manifest #1953
OCPBUGS-17782 , SDN-3664 : Join ovnkube-controller and ovnkube-node container for multizone setup #1971
OCPBUGS-16051 , OCPBUGS-3176 : Enables IP Forwarding config in CNO #1952
OCPBUGS-17257 : CVE-2023-3978: golang.org/x/net/html: Cross site scripting #1935
OCPBUGS-17677 : [Azure] Add granular permission for assigning egressIP to NIC to Azure CredentialsRequest for workload identity. #1949
OCPBUGS-17964 : ovn-k, managed: Align join subnet configuration #1962
SDN-4024 : Add ANP Feature Gate #1859
SDN-4057 : hypershift: Allow ovnkube-master and ovnkube-node to have different images #1942
Remove certificatesigningrequests/update permission from ovnkubenode #1934
Add rolling update for managed ovnkube-control-plane #1944
IC & openshift + hypershift #1874
OCPBUGS-16019 : prevent creation of multiple cni-sysctl-allowlist-ds pods #1904
OCPBUGS-10765 : make MAXLOGFILES a real variable and work for self-hosted #1931
Multus thick plugin support #1915
OVN-Kubernetes ipsec: create the CSR with a random name #1928
CCO-294 : Switch azure credentials request to use explicit permissions #1922
OVN-Kubernetes: Add status subresource permissions for setting labels and annotations #1896
SDN-3223 : Use encapsulation=true for IBM Cloud #1800
Bug 16136 : change whereabouts ip reconciler exec #1890
Add OpenStack platform to list of allowed dual-stack clusters #1697
OCPBUGS-15945 : Stop using utilruntime.PanicHandlers to handle reconciliation panics #1893
HOSTEDCP-1063 : allow webhooks in hosted clusters to reach multus-admission-controller service #1879
OCPBUGS-15961 : FIPS related CNO changes #1901
OCPBUGS-10765 : Revert “Revert “OCPBUGS-10765: Remove oldest ovn acl log files when f… #1876
ovn-k: Configure dns service namespace and name #1912
OCPBUGS-15544 : Enable multi-external-gateway feature by default for managed and hosted clusters #1887
OCPBUGS-15918 : Skip rendering 0.0.0.0/0 for cluster proxy status #1903
Change rhel7/8 to rhel8/9 #1870
Enable EgressService controller #1848
Edited multus-admission-controller deployment config to not add autom… #1767
OCPBUGS-15794 : fix: add missing annotation for workload partitioning #1866
OCPBUGS-15544 : Add adminpolicybasedexternalroutes rights for ovnkube-node. #1867
Revert “Remove oldest ovn acl log files when file limit exceeded” #1873 #1873
OCPBUGS-10765 : Remove oldest ovn acl log files when file limit exceeded #1868
kube-proxy config overriding updates #1831
OCPBUGS-15282 : Add release version annotation to whereabouts-reconciler #1851
CCO-356 : Add Infrastructures permission to CNCC cluster role #1843
Add multi-networkpolicies support for OVN #1796
Add support for AdminPolicyBasedExternalRoute CRD and controller’s RBAC #1765
OCPBUGS-15138 : Add kubernetes.io/os nodeSelector to wherebouts reconciler DS #1841
OCPBUGS-14988 , SDN-3901 : Rebase to kube 1.27 #1826
CCO-358 : Manifest changes necessary to support Azure Workload Identity #1755
OCPBUGS-14714 : Do not rely on ControlPlaneTopology do determine if running in HyperShift #1835
OCPBUGS-11882 : Added another volume to safe-to-evict-local-volume annotation #1830
OCPBUGS-14833 : Fixes lint issues #1834
OCPBUGS-14384 : Remove nodeSelector for architecture in whereabouts daemonset #1828
OCPBUGS-11882 : Added safe-to-evict annotation to ovnkube-master and multus admission controller components #1822
OCPBUGS-13922 : Revert “Do not set the operator as available before updating the network config” #1818
OCPBUGS-11448 : add Hypershift release-image annotation to multus #1770
OCPBUGS-10937 : multus-admission-controller mounts secret with mode 0640 #1752
OCPBUGS-13219 : Use IfNotPresent
instead of Always
in OVNK upgrades pre-puller #1803
OCPBUGS-5027 : Make the operator degraded on panic #1786
OCPBUGS-12856 : Support Device Plugin Resources For Smart NIC and DPU Hosts #1721
Updating cluster-network-operator images to be consistent with ART #1790
OCPBUGS-11565 : High API requests due to allowlist and operconfig reconcilers running too often #1788
OCPBUGS-8070 : Depreciate legacy field manager #1763
OCPBUGS-11550 : AUTH: update cluster-reader to include k8s.ovn.org #1791
OCPBUGS-10009 : HyperShift: Support HostedControlPlane node selector #1736
OCPBUGS-11046 : fix reconciliation process of the allowlist controller #1792
OCPBUGS-1341 : Enhance check controller to remove old check objects #1649
OCPBUGS-11046 : Fix allowlist ds template #1773
OCPBUGS-10647 : multus-admission-controller should not run as root under Hypershift #1745
OCPBUGS-9174 : The cluster-readers group should be able to get net-attach-defs #1343
Updating cluster-network-operator images to be consistent with ART #1768
OCPBUGS-9964 : Split out konnectivity certs #1734
SDN-3444 : Add runbook url for SBDB connectivity alert #1553
OCPBUGS-7777 : use –template instead of -a for ‘oc observe’ #1760
Fix tier label, privileged, HOSTNAME/NODENAME in whereabouts reconciler #1735
OCPBUGS-10433 : Hypershift: Add RollingUpdate parameters to multus-admission-controller #1740
ovn-kube: move back to unsuffixed RHEL9 images #1747
Updating cluster-network-operator images to be consistent with ART #1732
OCPBUGS-10649 : HyperShift: Add POD_NAME env to ovnkube-node #1748
OCPBUGS-10031 : operConfig reconcile can return nil error on failure #1744
Set OVN-K north/south bound stale alerts severity to critical #1668
OCPBUGS-8707 : Point libreswan to proper nss location #1727
Whereabouts should implement the reconciliation controller #1693
add/update some UTs around clusternetwork change #1725
OCPBUGS-9931 : Enable configuration of node healthz server on ovnkube #1715
OCPBUGS-8692 : HyperShift: Set affinity, tolerations and co-location for all hcp resources created by CNO #1728
Cno 4.13 kubernetes 1.26 #1708
use annotation on the daemonset to update hybrid overlay #1709
Remove the ovn-kind-cno.sh script #1710
SDN-3597 : OVN-K alerts: add OVS overflow alerts #1630
Full changelog
e2e:performance: decode to valid kubeletconfig object (#1276) #1276
Fix context deadlines in ExecCommandOnPod() (#1272) #1272
OCPBUGS-44506 : Drop sched_migration_cost_ns setting (#1215) #1215
OCPBUGS-44283 : right-hand-side profile_dirs take precedence (#1210) #1210
OCPBUGS-42567 : Add cluster-wide proxy env file (#1176) #1176
TuneD prior to kubelet in one-shot mode (#1137) #1137
OCPBUGS-37754 : Remove tuned/rendered object (#1133) #1133
OCPBUGS-37734 : Backport fix for OCPBUGS-36355 (#1126) #1126
OCPBUGS-33929 : Negative net interface name does not reduce queues (#1074) #1074
Add a ‘.snyk’ to silence static code analysis warnings (#1002) #1002
OCPBUGS-30153 : fix rendering extra ctrcfgs (#978) #978
fix extra-reboot on upgrade with paused mcp worker (#1053) #1053
OCPBUGS-31694 : E2E: Workload hints test cases fixes (#1012) (#1052) #1012
Systemd processes not being moved to cpuset/systemd.slice fix (#1040) #1040
Reduce number of reboots in offline tests (#1035) #1035
OCPBUGS-30507 : Add performance real time tuned template (#984) (#1025) #984
Report duplicate priority only for multiple matching profiles (#1018) #1018
Scheduler plugin: ignore IRQs (#1023) #1023
irqbalance: set banned cpus list to 0 (#994) #994
OCPBUGS-18640 : [release-4.14][manual] backport performance profile owner reference ehnancements (#989) #989
rps: fail silently when rps application failed (#901) #901
OCPBUGS-25982 : E2E: Add tests for Dynamic ovs pinning (#904) (#913) #904
OCPBUGS-26003 : E2E: PPC Test cases (#905) #905
Make MC names deterministic (#903) #903
OCPBUGS-25671 : rps: fix mask update for SR-IOV devices (#891) #891
OCPBUGS-18640 : Fix Racing Machine Configs and add Day 0 Support (#854) (#871) #854
OCPBUGS-24638 : Do not set default RPS sysctl twice (#880) #880
OCPBUGS-21845 : rps: trigger udev event per queue #832 (#832) #832
OCPBUGS-21845 : e2e:rps: improve logging (#831) #831
render: change dir path (#826) #826
Disable HTTP/2 for webhook and metrics servers (#841) #841
Remove obsolete protocols and weak ciphers (#835) #835
OCPBUGS-19459 : check for object being nil (#805) #805
OCPBUGS-19821 : e2e: perfprof: enhance the scheduling domain tests (#813) #813
nto: avoid timeout when there are too many CSV (#817) #817
Add kubeconfig path for IBM Managed OpenShift (#812) #812
OCPBUGS-18868 : [release-4.14] e2e: add expected max latancy to hwlatdetec test & rename constant (#788) #788
Sync DaemonSet if operand image changes (#785) #785
OCPBUGS-18392 : Change the OVN trigger file name to adapt to OVN IC (#777) #777
OCPBUGS-15044 : e2e:irqloadbalance: wait for profile revert (#768) #768
Add SetLogger() prior to controller-runtime start (#779) #779
OCPBUGS-18052 : feat: added logic to handle legacy sno install (#778) #778
OCPBUGS-17943 : Add rtentsk plugin to pp tuned profile (#767) #767
Tighten the rules for modifying Tuned Profiles (#775) #775
Revert “Tighten the rules for modifying Tuned Profiles (#765)” (#771) #765
Tighten the rules for modifying Tuned Profiles (#765) #765
OCPBUGS-14026 : cgroup: Match the name of the cgroup to what is expected by kubelet (#758) #758
e2e: irqbalance: improve test troubleshooting (#753) #753
OCPBUGS-16348 : OSLAT latency spikes due to tsc karg setting (#756) #756
Makefile: hack: add helpers to compile testsuites (#751) #751
OCPBUGS-17219 : Render mode should not segfault w/ no matching MCP (#754) #754
Release leader election on manager exit (#745) #745
generate missing files (#752) #752
vendor: bump OCP dependencies 08082023 (#750) #750
OCPBUGS-7980 : e2e:ht-aware: exec on the correct worker node (#729) #729
bump k8s to 1.27.4 (#748) #748
e2e: wait for objects deletion (#749) #749
e2e:wait: return updated pod object explicitly (#744) #744
OCPBUGS-17258 : CVE-2023-3978: golang.org/x/net/html (#747) #747
e2e: remove image parameter from must gather (#743) #743
Update the config.openshift.io/node
object’s cgroupMode
to “v1” (#737) #737
Fix a race in e2e test rollback.go code (#739) #739
e2e:irqbalance: applied condition exists (#727) #727
Improve render error handling (#724) #724
e2e:irqbalance: wait for tuned profile to be ready (#721) #721
pao:status: do not take address of loop var (#720) #720
nto:tuned: remove sched_min_granularity_ns settings (#722) #722
Align TuneD with the latest shipped FDP version (#716) #716
E2E: update cpu load balancing test for latest cgroup related changes (#712) #712
Build gather-sysinfo (#714) #714
e2e: overhaul Performance-Addon-Operator tests (#590) #590
e2e: latency testing: increase the expected threshold (#706) #706
e2e: perf-prof: disable truncating gomega output (#702) #702
Configure OVS for dynamic cpu pinning (#559) #559
OCPVE-382 : fix: add default state for crio config (#700) #700
e2e: devmgr: fine tune kubelet restart test (#701) #701
e2e: RPS: fix expected cpu set (#703) #703
Switch to rslave/HostToContainer volume mount propagation (#692) #692
Do not rollback settings on TuneD exit (#699) #699
e2e: reboot: add kubelet restart test (#697) #697
remove conditional skip (#690) #690
e2e: memorymanager fix: check the hugepage size condition (#693) #693
Use RHEL9 as a base (#665) #665
Expose TuneD socket to host. (#651) #651
E2E: Use appropriate device path for rpsmask test (#691) #691
chore: replace github.com/ghodss/yaml
with sigs.k8s.io/yaml
(#628) #628
test: perfprof: devices: fix default test image (#672) #672
e2e: verify latency tests run with LATENCY_TEST_DELAY>120 (#662) #662
E2E: Add memory manager sanity test case (#573) #573
modify owners (#634) #634
Add minLength restriction to Tuned CR (#689) #689
OCPBUGS-14934 : consistent use of ginkgo flags in Makefile (#682) #682
OCPBUGS-14622 : Do not fail creating cgroups if they exist already (#683) #683
OCPBUGS-14193 : pao e2e: Split e2e PAO update lane to more lanes (#631) #631
OCPBUGS-4194 : rps: use default rps mask kernel API (#650) #650
OCPBUGS-14756 : [test] [e2e] Check ci lanes are executing the right test suites (#679) #679
check ocp version and export CNF_TEST_IMAGE variable with appropriate cluster version (#584) #584
OCPBUGS-5529 : Fix updating numa core siblings map in GetCpuSiblings function (#564) #564
Remove cpu-quota.crio.io: disable annotation (#663) #663
OCPBUGS-14137 : e2e: perfprof: add SNO device recovery test (#653) #653
Add PerformanceProfiles to ‘oc adm must-gather’ (#655) #655
Revert “Add PerformanceProfiles to ‘oc adm must-gather’ (#582)” (#654) #582
Add PerformanceProfiles to ‘oc adm must-gather’ (#582) #582
OCPBUGS-13148 : Configure cpu balancing cpu sets for all clusters (#646) #646
OCPBUGS-12978 use WatchNamespace() when deleting Profiles (#644) #644
Updating cluster-node-tuning-operator images to be consistent with ART (#579) #579
OCPBUGS-11083 : pao e2e: fix update test suit timeouts (#626) #626
e2e: Fix RPS test for multi-worker cluster (#641) #641
Revert PR558 and PR585 partially (#639) #639
e2e: add missing test id (#622) #622
OCPNODE-1539 : perf profile: add script for preparing cgroups for CPU load balance disabling (#601) #601
Remove subPaths, they are broken (#623) #623
OCPBUGS-10293 : performance-profile: enable crun for high-performance runtime (#588) #588
Revert #567 and cleanup PPC-generated TuneD config (#611) #611
Backup and revert profile when hugepages test completes (#597) #597
tuned: Handle UserLevelNetworking nil pointer gracefully (#608) #608
A new env var NO_BZ_CHECKS disables Bz and Jira status checks (#607) #607
OCPBUGS-9959 : check scheduler settings under /sys/kernel/debug/sched/ (#581) #581
workload-hints: disable stalld when rt disabled (#592) #592
render: remove uid from render-sync target (#594) #594
OCPBUGS-11083 : e2e: profile updates tests revised (#600) #600
Update to the latest k8s and OpenShift deps (#580) #580
Make the enable-leader-election option work (#586) #586
Update NTO-generated MC on MachineCount <= 1 (#585) #585
remove BZ 2181546 from skip list (#602) #602
Fix updating nodeSelector test (#595) #595
Remove the preStop hook for openshift-tuned (#587) #587
Skip tests depending on Jira or Bz issue status (#591) #591
kubectl explain to explicitly state workloadHint default values (#576) #576
Full changelog
OCPBUGS-28247 : Remove “include.release.openshift.io/ibm-cloud-managed:” annotation #570
: OCPBUGS-20724: bump library-go to include switch to HTTP/1.1 #554
WRKLDS-728 : Capabilities: drop build/apps APIService when capabilities are not enabled #532
switch image-registry cert CM #545
OCPBUGS-16554 : update dependencies to get rid of goproxy #546
AUTH-408 : bindata: set required-scc #544
Plumb featuregates to the openshift-apiserver #542
allow etcd healthcheck timeout closer to probe timeouts to avoid failing on slower etcd #540
Add AES-GCM encryption tests #539
OCPBUGS-14010 : increase timeout for probes #536
OCPBUGS-2765 : Library go bump #538
OCPBUGS-12813 : Updating ose-cluster-openshift-apiserver-operator images to be consistent with ART #534
Updating ose-cluster-openshift-apiserver-operator images to be consistent with ART #525
OCPBUGS-10040 : update openshift/api to include aesgcm provider in the default apiserver schema #526
Full changelog
OCPBUGS-48841 : Add new team members to the OWNERS file #380
OCPBUGS-33295 : Update opentelemetry to mitigate CVE-2023-47108 #344
OCPBUGS-28951 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #328
OCPBUGS-23490 : Remove blockage of ConfigObserver by build informer has synced flag #318
OCPBUGS-20818 : bump(k8s,openshift) to address CVE-2023-44487 [4.14] #309
OCPBUGS-20439 : Include Build CRD in manifests #307
OCPBUGS-18992 : Always sort disabled controller list #303
OCPBUGS-18980 : Disable BuildConfigChange controller when Build cap is disabled #301
route-controller-manager deployment updates #295
OCPBUGS-16072 : Updating Kubernetes and other associated dependencies #296
OCPBUGS-13926 : change the operator log level to default normal in the deployment #289
BUILD-582 , OCPBUGS-14638 : bump(k8s): 1.27.1 #294
OCPBUGS-13926 : add loglevel controller for OCM-o #292
Revert “13895: [WRKLDS-730] route-controller-manager deployment updates” #293
OCPBUGS-13895 : [WRKLDS-730] route-controller-manager deployment updates #288
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #287
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #286
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #285
Bump golang.org/x/net from 0.5.0 to 0.7.0 #284
Updating ose-cluster-openshift-controller-manager-operator images to be consistent with ART #279
OCPBUGS-10568 : migrate to using lease objects for leader election #282
Add Divyanshu Agrawal as a reviewer #283
And 1 elided commits (e.g. from squash or rebase merges)
Full changelog
OCPBUGS-21759 : switch to bingo for dependency management (and bump golangci-lint@v1.51.0) #98
OCPBUGS-21019 : Bump golang.org/x/net to v0.17.0 #96
Merge rukpak updates into main + Required Fixes #88
Add ncdc to OWNERS #89
Temporarily remove from payload #90
Revert “Merge rukpak updates into main” #87
Merge rukpak updates into main #86
Updating ose-cluster-platform-operators-manager images to be consistent with ART #83
OCPBUGS-10333 : feat: add workload pinning annotations #82
Full changelog
OCPBUGS-21122 : bump(k8s,openshift) to address CVE-2023-44487 [4.14] #139
OCPBUGS-21122 : Bump deps to address CVE-2023-44487 #134
OCPBUGS-17989 : pkg/psalabelsyncer: enforce syncing in case label is set #129
AUTH-413 : ps syncer: only sync labels if noone else is managing them #127
ps syncer: add a controller for run-level 0 namespaces #128
Adjust logs per generic troubleshooting #126
OCPBUGS-15568 : Add timeout into cache sync wait to prevent hanging forever #124
OCPBUGS-15568 : Remove debugs logs in workqueuebucket #125
Add more logs for queue operations #122
OCPBUGS-15568 : Handle error if caches are not synced instead silently exit #121
Add ingvagabund to owners #120
Add logs for quota namespace syncing with verbosity level 2 #119
OCPBUGS-13649 : fix ClusterResourceQuotas to work for all api resources including custom resources #115
OCPBUGS-13579 : bump(k8s) to v0.27.1 #113
OCPBUGS-8271 : external template and route Informer #100
Updating cluster-policy-controller images to be consistent with ART #110
complete controller description #104
OCPBUGS-160 : psalabelsyncer: handle empty namespace of a rolebinding subject #107
Updating cluster-policy-controller images to be consistent with ART #105
Full changelog
OCPBUGS-55655 : Adding mutex to func createSamples on handler.go #635
OCPBUGS-54537 : add rhdmalone to owners #624
OCPBUGS-49421 : add shannon and aroyoredhat as owners #598
OCPBUGS-21217 : CVE-2023-39325 ose-cluster-samples-operator-container:golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) #539
OCPBUGS-22257 : Sync library to remove invalid dockerhub references for OKD #520
manifests: Drop explicit runlevel from CRD manifest #515
OCPBUGS-16435 : Bump k8 to v0.27.2 for ocp 4.14 #514
OCPBUGS-16403 : Update Cluster Sample Operator dependencies and libraries for OCP 4.14 #511
reconcile status when clusteroperator changes #510
OCPBUGS-15754 : Update Jenkins and Jenkins Agent Base image versions #504
OCPBUGS-14491 : Updating to use Jenkins 4.13 images #502
OCPBUGS-12775 : Update Cluster Sample Operator dependencies and libraaies for OCP 4.14 #500
Updating ose-cluster-samples-operator images to be consistent with ART #499
OCPBUGS-10910 : Add network tools imagestreams #495
Updating ose-cluster-samples-operator images to be consistent with ART #493
Fix jira component #494
Full changelog
OCPBUGS-50592 : Set openshift.io/required-scc
: privileged annotation in version
pods #1151
OCPBUGS-45331 : deps: bump golang.org/x/net to 0.31.0 #1120
OCPBUGS-44704 : Fix desired before sync_worker’s work is initialized #1109
OCPBUGS-30878 : install/0000_90_cluster-version-operator_02_servicemonitor: Drop $ from ${{ #1040
OCPBUGS-27822 : Revert “[release-4.14] OCPBUGS-27175: clusterOperatorBuilder: Reconcile metadata on COs” #1028
OCPBUGS-27175 : clusterOperatorBuilder: Reconcile metadata on COs #1021
OCPBUGS-27048 : pkg/payload/precondition/clusterversion/rollback: Allow previous version within z-stream #1018
OCPBUGS-26207 : pkg/cvo/availableupdates: Only bump LastAttempt on Cincinnati pulls #1016
OCPBUGS-20762 : [4.14] Bump http-related deps #986
OCPBUGS-19921 : pkg/clusterconditions/cache: Avoid panic on all-fresh-cache evaluation #976
OCPBUGS-19737 : pkg/clusterconditions/promql: Warm cache with 1s delay #973
OCPBUGS-19465 : Properly reconcile SCC resources #972
OCPBUGS-13308 : Simplify user-facing messages on risk evaluation throttling #955
OCPBUGS-17418 : Really handle DeletedFinalStateUnknown correctly #954
CNF-9385 : add ImageRegistry capability #950
OCPBUGS-17418 : Handle cache.DeletedFinalStateUnknown #952
docs/user/tasks-*by-number-and-component.svg: Update to 4.13 #949
Dockerfile: bump to 1.19 and use public UBI pullspec #944
pkg/payload: De-noise ‘excluding …’ logs #945
bump api version to add new capability #941
pkg/cvo/metrics: Doc from_version semantics for cluster_version{type=“completed”} #929
Code cleanups for golangci-lint failures #942
OTA-559 : Migrate to (*Manifest).Include(…, overrides) #934
OCPBUGS-9070 : Fix hotlooping on Cronjob resources #910
Updating cluster-version-operator images to be consistent with ART #932
Updating cluster-version-operator images to be consistent with ART #930
Updating cluster-version-operator images to be consistent with ART #928
syncStatus: Reduce verbosity when syncing nothing of interest #922
Update dnsPolicy to allow consistent resolution of the internal LB #920
OTA-941 : pkg/payload/precondition/clusterversion/rollback: New precondition #918
Updating cluster-version-operator images to be consistent with ART #911
OCPBUGS-5469 : pkg/cvo/availableupdates: Prioritize conditional risks for largest target version #909
Full changelog
OCPBUGS-44158 : bump dompurify to latest #15593
OCPBUGS-59998 : Remove the devconsole backend common internet proxy and replace it with dedicated ones #15464
OCPBUGS-58274 : Fix TypeError Cannot read properties of null (reading ‘metadata’) #15228
OCPBUGS-57099 : Add all files to vendor
regardless of gitignore #15135
OCPBUGS-55942 : fix bug where operator appears twice #15033
OCPBUGS-55427 : Add missing pipelines plugin name to known plugins #15005
OCPBUGS-39010 : fix crash if helm chart metadata is nil #14198
OCPBUGS-53437 : Show Observe section without PROMETHEUS and MONITORING flags #14892
OCPBUGS-54404 : Update the monitoring topic used by the console team #14910
OCPBUGS-54167 : fix run time error when no completed version exists #14899
OCPBUGS-51118 : redirect to correct alert #14823
OCPBUGS-49753 : ImagePullSecret getting duplicated when editing DeploymentConfig in Form View #14711
OCPBUGS-46603 : Unable to remove finally tasks in pipeline builder mode #14642
OCPBUGS-33145 : Fix “Auto deploy when new image is available” becomes unchecked when editing a deployment from web console #14370
OCPBUGS-45323 : Use vCenterCluster value from CM as primary resource #14574
OCPBUGS-39368 : Remove deprecated resources from spec of the Pipeline #14230
OCPBUGS-45283 : Add IBM Block Storage CSI driver support for RWX #14569
OCPBUGS-44791 : A value submitted in From view is wrapped with single quotation after switching to Yaml view. #14518
OCPBUGS-42962 : Need to allow blank for Project/namespace when setting SA Subject in ‘Project access tab’ #14386
OCPBUGS-43000 : List of default Camel K event sources disappears when adding a custom event source #14388
OCPBUGS-36558 : Increase login flow state paramater length/entropy #14439
OCPBUGS-10337 : Updating openshift-enterprise-console images to be consistent with ART #12760
OCPBUGS-42518 : The filepath including leading slash makes error during parsing devfile using Gitlab #14342
OCPBUGS-42517 : Values entered into the Instantiate Template form are automatically cleared #14341
OCPBUGS-42757 : Switch to use annotations as labels from PipelineRuns created through Pipelines as Code is deprecated #14369
OCPBUGS-38883 : Fix password set to Secret created through Start Pipeline form #14184
OCPBUGS-37353 : Import from Git allow users to import an app with Build option Pipeline also when no Pipeline is available #14108
OCPBUGS-41836 : DeploymentConfigs deprecation info alert should not present on the Edit deployment page #14281
OCPBUGS-39389 : Edit the secret and add the Chinese in the web-console, garbled characters will be displayed #14231
OCPBUGS-41581 : Increased max nodes limit to 200 in topology page #14262
OCPBUGS-38972 : Redirects to new PipelineRun logs URL from old PipelineRun logs URL #14234
OCPBUGS-38053 : fix BMH restart annotation #14109
OCPBUGS-33748 : Fix Pipeline details page with when expression using CEL expression #13856
OCPBUGS-32499 : Fixed some problems in topology Chinese translation text #13779
OCPBUGS-33942 : make sure folder is encapsulated with quotas #13869
OCPBUGS-35723 : Upgrade Pipeline trigger resources to v1beta1 #13985
OCPBUGS-33558 : Display “With Data upload form” in Create PVC drop down once #13840
OCPBUGS-33064 : Fix PipelineRun Logs tab navigation #13673
OCPBUGS-33321 : Helm Plugin’s Catalog incorrectly renders a single index entry into multiple tiles #13824
OCPBUGS-33635 : restrict Masthead logo to max-height to 60px #13847
OCPBUGS-33640 : Add visual connector between VMs and non VMs workloads #13848
OCPBUGS-33462 : fix issues with Edit Route form #13831
OCPBUGS-33110 : change OperatorHub filter FIPS Mode to Designed for FIPS #13804
OCPBUGS-32697 : Routes created by devfiles do not always use HTTPS #13787
OCPBUGS-21799 : Fix empty editor error #13256
OCPBUGS-32168 : fix bug where paused MCPs were incorrectly unpausing w… #13753
OCPBUGS-20173 : Console should not panic when no response is retrieved for plugin assets #13217
OCPBUGS-31388 : Application creation fail when manually entering input scaling value in local setup #13697
OCPBUGS-31394 : PipelineRuns in Console show wrong status or load indefinitely #13698
OCPBUGS-31864 : Fix config ini format #13738
OCPBUGS-25145 : fix vCenter cluster being empty #13436
OCPBUGS-28746 : fix bug where Expand PVC modal assumes pvc.spec.resou… #13558
OCPBUGS-29783 : Fix operands list endpoint #13625
OCPBUGS-29813 : Release 4.14 backports #13646
OCPBUGS-29813 : Addition of optional chaining to prevent yaml crash #13541
OCPBUGS-25274 : Add support for Azure Workload Identity / Federated Identity based in… #13642
OCPBUGS-28972 : Add flags checks to hide Pipeline static plugin List and details pages #13572
OCPBUGS-27898 : Add support for custom segment domains (to load JS and make API calls) #13540
OCPBUGS-29349 : Error in displaying BuildRun logs in Console #13601
OCPBUGS-29100 : Pipeline Name gets changed to “new-pipeline” on the Edit Pipeline YAML/Builder #13585
OCPBUGS-29239 : Add a new allowInsecure option to the internet proxy #13592
OCPBUGS-28990 : update check for the ‘provider’ label on the PackageMa… #13573
OCPBUGS-27157 : add additional check to determine if file is binary #13507
OCPBUGS-28635 : Bump graphql-go to v1.3.0 #13553
OCPBUGS-27305 : Copy response code from proxied plugin requests #13517
OCPBUGS-27851 : fix bug where Clone PVC modal assumes pvc.spec.resourc… #13537
OCPBUGS-27350 : Add Pipeline metrics tab using plugin #13520
OCPBUGS-26171 : Set unlimited line width in YAML editor #13482
OCPBUGS-24640 : Strip ‘Server’ header from proxy response #13423
OCPBUGS-25997 : change Alertmanager form to create using matchers inst… #13478
OCPBUGS-24349 : Fix crash when ArtifactHub Task has no version #13399
OCPBUGS-25397 : fix runtime error on Node details Overview when Machin… #13446
OCPBUGS-23771 : Fix for yaml editor that crashes with MCE and ACM plugins enabled #13360
OCPBUGS-24667 : Fix plugin proxy handler #13425
OCPBUGS-24474 : S2I Build Wizard should check for Containerfile in addition to Dockerfile #13415
OCPBUGS-24432 : fix filtering issues on Events #13413
OCPBUGS-24352 : add access review for impersonate #13400
OCPBUGS-22240 : Save also the location.search and .hash values in localStorage to restore them after login #13270
OCPBUGS-24293 : ConsolePlugin metrics must no longer be grouped by the vendor #13391
OCPBUGS-24423 : Searching for items in quick search is confusing #13412
OCPBUGS-22375 : Delete results.tekton.dev annotations before rerun the pipelineRun #13278
OCPBUGS-22478 : Extra space is in the translation text(Chinese) of ‘Create rolebinding’ and ‘replicate rolebinding’ #13290
OCPBUGS-24196 : ApiVersion displayed on console is v1alpha1 whereas we support v1beta1 #13402
OCPBUGS-23423 : Cannot Edit Shipwright Build #13343
OCPBUGS-22980 : remove expandable toggle for conditional update risk d… #13308
OCPBUGS-22374 : Telemetry- Current page was sometimes not tracked when reloading the current page #13277
OCPBUGS-22177 : Channel page shows “Required” message for the default name when navigate to create channel page #13262
OCPBUGS-19371 : Upgrade DomainMapping apiVersion to v1beta1 #13165
OCPBUGS-19416 : Correct logout process #13173
OCPBUGS-22285 : updating doc links for 4.14 GA #13273
OCPBUGS-19845 : mock apis for git repo in test serverless function tests #13199
OCPBUGS-22460 : Fix the forms when BC is not installed in the cluster #13288
OCPBUGS-21877 : add support for new features annotations while preserv… #13258
OCPBUGS-22377 : Fixed Edit Application form for Knative Services #13279
OCPBUGS-21784 : hide page-specific doc links for ROSA and OSD #13254
OCPBUGS-19898 : fix ResourceLog permissions when impersonating #13203
OCPBUGS-19899 : change resource icon for FenceAgentRemediationTemplate… #13204
OCPBUGS-19878 : show all the legends for Pipeline metrics in PipelineRun TaskRun Duration chart #13202
OCPBUGS-19776 : 404 - not found will show on Knative-serving Details page #13193
OCPBUGS-19526 : fetch TaskRuns without selector and reduces the get TaskRuns requests #13178
OCPBUGS-18997 : fix issues with refactored “Create StorageClass” form #13170
OCPBUGS-19664 : Check if filtered object contains name property #13187
OCPBUGS-19380 : Hide the Builds NavItem if BuildConfig is not installed in the cluster #13167
OCPBUGS-19337 : Unhide the Import From Git Tab on the Add page if Pipelines Operator is installed and BuildConfig is not installed in the cluster #13160
OCPBUGS-19336 : Added React Icon #13159
OCPBUGS-18881 : use active namespace in Create cta href of create action for operator backed #13150
OCPBUGS-19362 : Hide the DeploymentConfig option in the User Preferences if that resource type isn’t available #13164
OCPBUGS-19338 : Hide DeploymentConfig option from forms when it’s not installed in the cluster #13161
OCPBUGS-18987 : Monitoring: Fix display of silenced alerts in dev console #13152
OCPBUGS-18727 : bump @patternfly/react-core to v4.276.11 to pick up Sele… #13146
OCPBUGS-18686 : Fix incorrect export of useLabelsModal in dynamic plug… #13142
OCPBUGS-18604 : [knative] Don’t rely on openshift/hello-openshift as a sample image #13134
OCPBUGS-18094 : Remove cluster filter and menu group title #13137
OCPBUGS-18348 : Add deprecation alert for DeploymentConfig #12968
OCPBUGS-13359 : Fix crash when filtering the quick start catalog #13126
OCPBUGS-18306 : fix useDeleteModal Example formatting #13117
OCPBUGS-18406 : Builds navigation item is missing in Developer perspective #13124
OCPBUGS-17341 : OCP console mandate secret for repository creation #13084
OCPBUGS-16108 : Fix DeploymentConfig list performance issues by lazy loading their ReplicationControllers #13118
CONSOLE-3126 : Update cluster paused alert message #13106
OCPBUGS-17864 : Web console slowness on Project>Project access page #13099
OCPBUGS-17981 : Remove DeploymentConfig, Build and BuildConfig sections from navigation and use flags so they can be enabled by cluster admins #13089
OCPBUGS-9182 : Enable default-container annotation to specify the default container for logs and terminal. #13098
OCPBUGS-17913 : Typo in the OCP console menu #13096
OCPBUGS-17948 : Fix that Devconsole plugin show essential features like add page and topology also when Builds and DeploymentConfigs capabilities are disabled #13097
OCPBUGS-13892 : Remove spaces from prometheus queries #13043
OCPBUGS-15927 : Error page when fresh normal user visiting BuildConfigs page of ‘default’ project #13091
OCPBUGS-16374 : Fix topology crash when a console.topology/data/factory extension tries to resolve a resource with version from the CRDs which doesn’t exists #13093
CONSOLE-3327 : Expose useActiveNamespace within dynamic-core-api #13033
OCPBUGS-17595 : Updating YAML from console shows error #13090
OU-206 : Merge monitoring alerts with alerts from other sources in the dev console #12940
CONSOLE-3681 : Convert storage-class-form.tsx from class component to … #13036
OCPBUGS-17496 : Bridge NAD should set “preserveDefaultVlan”: false #13076
CONSOLE-3126 : Remove paused state since its no longer relevant due to 4.14 changes … #13072
OCPBUGS-17515 : Console UI is broken due to patternfly/react-core version change #13086
OCPBUGS-17504 : Dev console: Remove checkboxes on Alert Details page Silenced By list #13085
OCPBUGS-16717 : Fix name validation regex #13075
OCPBUGS-17410 : Fix that “Delete application” doesn’t work in topology when Pipelines operator is not installed #13074
OCPBUGS-14138 : Console fix #13078
OCPBUGS-15458 : Links for console-dynamic-plugin-sdk markdown docs are not working #13062
OCPBUGS-129 : bump @patternfly/react-core to v4.276.11 to pick up Sel… #13052
OCPBUGS-17234 : change Command Line Tools text #13068
OCPBUGS-17347 : Fix “View alerting rule” action URL #13058
OCPBUGS-15419 : Title on Overview page has changed to “Cluster · Red Hat OpenShift” #12951
OCPBUGS-13387 , OCPBUGS-16693 : Import page create button is disabled due to PAC validation #13046
CONSOLE-3683 : Convert FireMan component in list-page.tsx from class c… #13024
OU-231 : Add jgbernalp and zhuje to OWNERS for monitoring #13069
OCPBUGS-17196 : Fix nad ovn type - annotation and netAttachName #13053
OCPBUGS-16844 : external link icon in resource added
toast notification not linked #13057
OCPBUGS-15310 : Helm Chart installation modal “Documentation” field is always N/A #13032
CONSOLE-3686 : Convert SecretFormWrapper component in create-secret.ts… #13017
OCPBUGS-15008 : update the KnativeServing API version to v1beta1 for global-config extension #13059
CONSOLE-3679 : Convert instantiate-template.tsx from class component t… #12947
CONSOLE-3568 : expose DeleteModal via useDeleteModal hook in @console/shared #12974
CONSOLE-3677 : Convert edit-yaml.jsx from class component to functiona… #12973
CONSOLE-3678 : Convert EventStream component in events.jsx from class … #12989
OCPBUGS-16093 , OCPBUGS-16270 , OCPBUGS-9409 : Creation of GH webhook and attaching it to repo while importing from git using PAC #13021
CONSOLE-3682 : Convert components in cluster-settings folder from clas… #13011
CONSOLE-3676 : Convert app.jsx from class component to functional comp… #12952
OU-175 : Monitoring: Add “Silences” tab to Developer console #12900
OCPBUGS-10884 : propagate mpath device type to request data #13022
OCPBUGS-16656 : Devfile import fails on master branch #13050
OCPBUGS-9355 : Fix translation bug #13049
OCPBUGS-3495 : Add cacheBuster query string when requesting plugin entry scripts #13035
OCPBUGS-16599 : allow creation of v1beta1 APIversion Pipeline in Pipeline builder YAML view #13034
OCPBUGS-9285 : Add note to the console.page/route extension regarding its usage #13044
OCPBUGS-14341 : Check operands deletionTimestamp to disable kebab action menu #13042
ODC-7336 : automation for customization-of-catalog-add-page-form feature file #12934
OCPBUGS-11285 : Dynamic plugin translation support for plurals broken #13028
chore(i18n): update translations: Completed Master Branch - Sprint 238 #12999
OCPBUGS-16433 : Fixes location update issues #13023
CONSOLE-3591 : Remove directory listing for /static/* #13001
CONSOLE-3694 : Convert tile-view-page.jsx from class component to func… #12942
ODC-7334 : Show ConsoleSamples resources in the samples catalog #12970
CONSOLE-3666 : Validate shared modules of dynamic plugins #12881
OCPBUGS-11971 : When removing the project owner from the project in GUI, instead of that user, the group (the default group added as project admin through the project template) will be removed. #13016
OCPBUGS-13808 : Console SDK components should be using GroupVersionKin… #13029
OCPBUGS-14837 , OCPBUGS-16025 : Hide the Duplicate Pipelines Card in the DevConsole Add Page #13007
OCPBUGS-8274 : Fix copy login command regression #13003
CONSOLE-3687 : Convert components in utils folder from class component… #12925
OCPBUGS-11219 : Fix incorrectly nested css rule for print styles #12991
OCPBUGS-11620 : Fix stop PLR option #13020
CONSOLE-3706 : Remove custom history.pushPath alias function #12873
CONSOLE-3431 : Allow building dynamic plugins without any exposed modules #12530
HELM-502 : Bump Helm to 3.12.1 #13014
OCPBUGS-15359 : Enable namespace dropdown selection when all namespace installation mode selected by default and… #12975
OCPBUGS-16174 : Update the VSCode extension link and descriptions on Create Serverless function form #13015
OCPBUGS-13142 : InstallPlan info cannot shown on Subscription tab for … #13012
OCPBUGS-14907 : Fix operator backed catalog page when copied CSVs disabled #12932
CONSOLE-3684 : Convert components in modals folder from class componen… #12941
OCPBUGS-16148 : disable Save if Use existing claim is active and no … #13010
OCPBUGS-16150 : Fix Start last run action in Topology sidepanel #13009
OCPBUGS-15458 : Links for console-dynamic-plugin-sdk markdown docs are not working #12993
OU-218 : Monitoring: Use useResolvedExtensions
instead of useExtensions
#12987
CONSOLE-3680 : Convert row-filter.jsx from class component to function… #12957
OCPBUGS-13808 : Console SDK components should be using GroupVersionKin… #12946
CONSOLE-3685 : Convert components in RBAC folder from class component … #12933
CONSOLE-3611 : User can configure the install of Operators that authenticate using STS #12779
OCPBUGS-9991 : Most of contents are lack of i18n on “Command Line Tools” page #12995
OCPBUGS-15021 : Use FLAGS.CAN_GET_NS to decide whether to show Route details > Metrics tab #12944
ODC-7341 : Show Build output in Shipwright Build list and details page #12972
OCPBUGS-8005 : Fix broken upstream doc link for cluster channel upgrades #12998
OCPBUGS-10884 : add multipath device type to LocalVolumeSet #12723
OCPBUGS-14434 : Running yarn dev
results in the build running on a loop #12990
OCPBUGS-10844 : fix bug where binary secret values are corrupted on edit and add test coverage #12986
OCPBUGS-15011 : Upload JAR file does not work if the Cluster Samples Operator is disabled #12917
OCPBUGS-12891 : check for valid OLM selector in K8sResourceWidget to p… #12887
OCPBUGS-15896 : STS label not valid according to kube #12980
RHSTOR-4533 : added a mutator property for the storage class extension #12886
OCPBUGS-7416 : get Kamelets from the camel-k-operator namespace as well #12710
OCPBUGS-14548 : only show pipelines doc link for downstream #12979
CONSOLE-3565 : Expose annotations modal in dynamic plugins sdk #12843
CONSOLE-3610 : User can filter on STS enabled clusters for Operators that claim support for STS #12778
OCPBUGS-15773 : The upgrade Helm Release tab in OpenShift GUI Developer console is not refreshing with updated values. #12966
ODC-7319 : correcting - missing package tag across gherkin files #12847
ODC-7313 : Run CI tests with non-admin user #12814
OCPBUGS-15427 : Remove access review check for PipelineResource from Pipeline section #12964
ODC-7325 : Improve BuildConfig and Shipwright Build list pages #12910
ODC-7340 : Remove Shipwright Tech Preview badges #12960
OCPBUGS-14548 : update pipelines doc links #12890
OCPBUGS-15572 : Fix bug where the install operator update approval radio button does … #12959
OCPBUGS-14959 : Error for DuplicateClusterRoleBinding and Edit ClusterRoleBinding subject in RHOCP4 Web Console #12939
OCPBUGS-14665 , OCPBUGS-14874 , OCPBUGS-14875 : Helm Chart installation form hangs on create if JSON-schema is using 2019-09 or 2020-20 standard revisions #12929
OU-198 : Revert “Disable broken monitoring-tests” #12943
ODC-7337 : Skip wait for authentication operator to start progressing when the secret already exists #12884
OCPBUGS-497 : frontend: fix kube-apiserver availability query #12928
OCPBUGS-15060 : “Duplicate RoleBinding” leads to “Unsupported value” error #12921
OCPBUGS-7794 : Image pull secret creation form doesn’t re-enable Create button once it is disabled #12609
CONSOLE-3616 : Revert multicluster server flags #12782
OCPBUGS-15299 : Create Serverless Function Form is Broken #12926
OCPBUGS-13120 : Serverless functions UI warning is misleading #12923
ODC-7329 : Subsequent PipelineRuns take initial PipelineRun name into account #12913
CONSOLE-3612 : User is warned when cluster is in STS mode #12777
ODC-7322 : Implement a proxy to hit the Artifacthub.io API end point #12905
MGMT-15023 : Add help text to vCenter cluster field #12912
OCPBUGS-11464 : Availability requirement update is initially disabled … #12918
OCPBUGS-15135 : Make knative routes copyable similar to openshift routes #12908
OCPBUGS-14909 : Disabling web-terminal tests in CI #12892
OCPBUGS-14015 : Create helm release page doesn’t show a YAML editor when schema isn’t available (httpd-imagestreams chart) #12914
CONSOLE-3372 , OCPBUGS-13648 , OCPBUGS-13833 : Console supports installing non-latest Operator versions #12743
OCPBUGS-7036 : Add Git Repository (PAC) doesn’t setup GitLab and Bitbucket configuration correct #12593
chore(i18n): update translations: Completed-7034-OCP 4.13/Master Branch UI Localization- Sprint 231 #12695
OCPBUGS-14354 : e2e: Enable Pipeline tests #12911
OCPBUGS-14915 : Remove entries from the menu that are now added by monitoring-plugin
#12893
ODC-7316 : Add discoverability of the IDE extensions from Create Serverless form #12846
OCPBUGS-14419 : Remove tech preview badge from Pipeline repository pages #12888
ODC-7326 : Align Build, BuildRun and PipelineRun details page #12898
OCPBUGS-14836 : Updated BuildConfig and Shipwright Build lists shows runs from another namespace #12896
OCPBUGS-14890 : Missing ‘View details’ link for several servicemonitors.spec.endpoints fields in YAML sidebar #12895
OCPBUGS-14002 : Correct the alignment of yaml toolbar links #12894
OCPBUGS-14660 : Helm Repository “Edit” button results in 404 #12891
OCPBUGS-14716 : add ROSA branding option #12889
OCPBUGS-13208 : Fix PVC metrics query #12867
OCPBUGS-12897 : Knative Route Details Page should show the URL of the route as it is shown in the Openshift Routes Details page #12853
OCPBUGS-8682 : Fix empty create dropdown on provided APIs page #12819
OCPBUGS-9214 : Create button is disabled in Git Import form when git repo url has hyphens in owner part of the url #12652
OCPBUGS-4496 : Fix Samples/Snippets tab #12642
OCPBUGS-7361 : support JSON schema 06 in the helm install/upgrade form #12644
OU-138 : Move QueryBrowser component to dynamic SDK #12841
OCPBUGS-9063 : Remove frontend validation from legacy operand form gen… #12788
ODC-7275 : Implement invoke serverless functions #12755
OCPBUGS-14964 : Disable broken monitoring-tests #12902
OCPBUGS-11219 : Include print styles to allow printout of full screen and … #12849
ODC-7306 : Show the latest Build status in the Build list view #12809
ODC-7277 : added v1 support for Pipeline #12729
CONSOLE-3660 : Introduce react-router v6 compatibility #12861
OCPBUGS-8274 : Do not request token URL if auth is disabled #12818
OCPBUGS-14668 : visiting Configurations page returns error Cannot read… #12882
OCPBUGS-14602 : selected project was not taking effect when searching … #12880
OCPBUGS-14550 : Use proxy with web socket connection and monitoring d… #12877
CONSOLE-3392 : Implement exact search for more precise result sets and add user prefs setting #12838
ODC-7288 : Add proxy to invoke knative services with a public route #12789
ODC-7320 : Gherkin for customisation of add page and developer catalog through customisation form view #12855
OCPBUGS-14424 : OVN Kubernetes multi-homing #12869
OCPBUGS-14262 : Fix Pipeline metrics page #12863
OCPBUGS-10411 : Edit deployment don’t enable save button if image stream is added #12673
OCPBUGS-14149 : account for single object in status.conditions instead… #12866
OCPBUGS-14352 : E2e tests fails because OpenShift Pipelines operator could not be found #12872
OCPBUGS-9909 : Could not import multiple resources via JSON (while YAML supports this) #12721
ODC-7317 : Update Terminal step of the Guided Tour to indicate that odo CLI is accessible #12848
ODC-7308 : Update test cases of web terminal configuration page #12825
ODC-7283 : Add Web Terminal tab in cluster configuration page #12718
OCPBUGS-6767 : Regression: OpenShift Console no-longer filters SecretList when displaying ServiceAccount #12679
OCPBUGS-13782 : Surface the message from Operator developer #12840
OCPBUGS-12896 : Corrected Labels for resolving the bug related to the Create Route Checkbox #12834
ODC-7315 : Change help texts in initialize Terminal page #12824
OCPBUGS-11668 : Fix kebab actions on Installed Operators page #12822
OCPBUGS-13693 : Fix RTE in bridge. #12817
OCPBUGS-11256 : Topology UI doesn’t recognize Serverless Rust function for proper UI icon #12816
OCPBUGS-11996 : Fixed Make Serverless Form Error #12815
OCPBUGS-13257 : propagate labels to pipeline resources #12808
MGMT-14527 : Add vSphere cluster field. #12806
OCPBUGS-12783 : Remove “Action” type from OLM descriptor readme #12800
CONSOLE-3623 : Add X-CSRF token to console request headers #12719
OCPBUGS-5453 : Add Pipeline metrics unsupported empty page #12435
OCPBUGS-1829 : use service port name instead targetPort in the Pipeline Event listener route #12148
CONSOLE-2501 : Upgrade TypeScript version to 4.5 #12821
ODC-7318 : Update ODC owners, May 2023 edition #12839
CONSOLE-2501 : Update builder image #12828
OCPBUGS-13361 : Update plural string dynamic demo plugin locales #12799
ODC-7309 : Remove dev console integration-tests reviewers #12802
OCPBUGS-12244 : only copy workload annotations to debug pod #12794
ODC-7279 : Correcting CI failures of ODC Packages #12700
HELM-484 : Basic authentication documentation update #12768
CONSOLE-3615 : Mark multicluster code for removal #12754
ODC-7300 : Change method name for labelKeyForNodeKind to getTitleForNodeKind #12733
ODC-7296 : Rename all instances of YAMLEditor to CodeEditor #12708
Bug 2176216 : VMs are listed twice in cluster inventory #12795
OCPBUGS-12267 : Fix OLM k8sResourcePrefix descriptor dropdown behavior #12758
OCPBUGS-11099 : add support for minimal status of tekton #12724
OCPBUGS-12732 : fix buildconfig form ns #12771
OCPBUGS-12637 : update helm release empty state text #12767
OCPBUGS-12286 : Fix missing console plugin control on CSV details page. #12766
OCPBUGS-7692 : Fix that helm details page shows an inf. loading indicator when api call fails #12578
OCPBUGS-11057 : Importing a kn Service shows a non-working Open URL decorator also when the Add Route checkbox was unselected #12726
OCPBUGS-6581 : Serverless - Eventing - Channels: Conditions column i18n misses #12641
OCPBUGS-7485 : When Creating Sample Devfile from the Samples Page, Topology Icon is not set #12725
OCPBUGS-11596 : Do not fetch catalog sources on CSV or Subscription details pages. #12717
OCPBUGS-10224 : Multiple instances of tabs under ODF dashboard #12635
OCPBUGS-6770 : Pipeline doesn’t render correctly when displayed but looks fine in edit mode #12722
OCPBUGS-11869 : Pod Status Overlapping in Sidebar #12732
CONSOLE-3600 : Filter operators based on nodes OS type #12707
OCPBUGS-9329 : update dynamic plugin info for development mode #12666
OCPBUGS-10562 : disable operator-uninstall.ts as the uninstall test is… #12731
OCPBUGS-3036 : Do not list subscriptions in all namespaces on CSV details page. #12716
OCPBUGS-5548 : delete associated pipeline, triggertemplate and eventlistener when deleting app #12587
Add the possibility login with different IDP and user credentials #12709
ODC-7270 , ODC-7272 : Improve telemetry: Add resource and tab name to the page title #12669
Improve useModal docs example #12115
Improvements on Web Terminal Operator Installation functionality #12713
OCPBUGS-10956 : Reduce metrics cardinality by grouping well-known and other perspectives and plugins #12684
OCPBUGS-9305 : add missing readOnly conditions #12685
ODC-7280 : Add PipelineRun tab to Dev perspective Pipeline page #12672
OCPBUGS-10562 : re-enable and fix operator-uninstall.spec.ts #12678
ODC-7282 : Add webhook informations on Repository details and summary page #12690
OCPBUGS-11382 : Update Dockerfile to use latest builder images #12655
ODC-7274 : Prepare a page and modal to invoke a Serverless function #12686
OCPBUGS-103 : Move operator install status to it’s own route/page #12704
OCPBUGS-11020 : fix runtime error on OperatorHub details pages #12702
ODC-7281 : Provide Column management option for the TaskRuns list page #12689
Remove andybraren as dashboard reviewer #11807
OCPBUGS-11197 : Rephrase vCenter connection tooltips #12694
OCPBUGS-10961 : Fix description for BuildAdapter SDK extension #12683
CONSOLE-3577 : Remove deprecated metering endpoint from backend #12692
OCPBUGS-5940 : Wait with CRD/model translation until i18n bundles are loaded #12697
OCPBUGS-10916 : fix translation string for Image pull secret created alert #12681
OCPBUGS-10836 : fix All projects selection on Pipelines page in dev perspective #12676
OCPBUGS-10950 : use PipelineRun template from ‘pipelines-as-code-pipelinerun-go’ configMap for Go runtime #12682
ODC-7271 : add duration for PipelineRun and TaskRun on details page #12659
ODC-7276 : Add cancelled status color in Pipeline metrics page #12662
automation of edit build config feature file #12622
OCPBUGS-10619 : Enable modal scroll for uninstall operator instances #12680
OCPBUGS-10562 : disable operator-uninstall.spec.ts as the previous fix… #12677
PF Update 2023-2 #12664
OCPBUGS-10562 : re-enable and fix operator-uninstall.spec.ts #12661
OCPBUGS-10655 : Do not show builder ImageStreams without sampleRepo
as samples #12667
OCPBUGS-10509 : Sync Debug in Terminal feature availability with 3.x pods in web console #12657
OCPBUGS-9956 : update the default pipelineRun template name #12660
OCPBUGS-7620 : Edit Deployment (and DC) form doesn’t enable Save button when changing strategy type #12608
OCPBUGS-8086 : Visual fixes for list items #12619
OCPBUGS-9907 : Fix alerts source display values #12632
OU-110 : Observe > Dashboards : Code Consolidation Fixes #12588
OCPBUGS-7484 : When there are 2 pipelines displayed in the dropdown menu, selecting one, unchecks the Add Pipeline checkbox #12650
OCPBUGS-8268 : OpenShift pipeline TaskRun(s) column Duration is not present as column in UI #12633
OCPBUGS-7632 : comment out suspected problematic test #12647
OCPBUGS-10345 : Fix backend runtime error #12654
OCPBUGS-10269 : Fix grammatical error in feedback modal #12634
OCPBUGS-8299 : CronJobs table/details UI doesn’t have Suspend indication #12638
OCPBUGS-7801 : taskrun ui fails when using object type results #12626
OCPBUGS-10230 : Fixes card sizes not even issue when commit info is not available on Environments page #12550
OCPBUGS-5360 : re-enable operator-install-single-namespace.spec.ts test #12424
OCPBUGS-10232 : Fixes argocd link for non-KAM added application envs #12558
OCPBUGS-7232 : Fixes resource status alignment issue #12429
CONSOLE-3393 : Proxy managed cluster monitoring requests through MCE c… #12360
CONSOLE-3425 : Expose ‘nameFilter’ prop to ‘ListPageFilter’ component #12438
OU-117 : No response for duplicate query with default disabled status when click ‘Hide all queries’ #12621
Update dockerignore. #12538
CONSOLE-3452 : Add patternfly customer feedback extension mechanism to console #12611
OCPBUGS-7446 : Show type of sample on the samples view #12548
OCPBUGS-7395 : Users don’t know what type of resource is being created by Import from Git or Deploy Image flows #12615
OCPBUGS-7178 : Add page title to Devconsole pages #12591
And 7 elided commits (e.g. from squash or rebase merges)
Full changelog
OCPBUGS-56046 : Check error returned by ipv6 SettleAddresses #193
OCPBUGS-46121 : [4.14] cherry-pick containernetworking/plugins#997 #168
OCPBUGS-33066 : macvlan enable ipv6 ndisc_notify #160
OCPBUGS-20374 : build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.14] #129
OCPBUGS-17681 : Default CNI binaries to RHEL 8 #116
Updating ose-containernetworking-plugins images to be consistent with ART #108
Updating ose-containernetworking-plugins images to be consistent with ART #107
Add rhel9 binary #106
OCPBUGS-14095 : Sync with upstream version v1.3.0 #98
Updating ose-containernetworking-plugins images to be consistent with ART #94
Updating ose-containernetworking-plugins images to be consistent with ART #93
Updating ose-containernetworking-plugins images to be consistent with ART #92
Updating ose-containernetworking-plugins images to be consistent with ART #80
Full changelog
OCPBUGS-28952 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #167
OCPBUGS-25069 , OCPBUGS-26309 , OCPBUGS-26323 : add snyk config file for SAST scan #163
OCPBUGS-23111 : Should reference configmaps instead of secrets #152
OCPBUGS-20734 : bump golang.org/x/net to v0.17.0 #146
OCPBUGS-16074 : Updating Kubernetes and other associated dependencies #141
OCPBUGS-14489 : Kubernetes 0.27 #139
OCPBUGS-12597 : bump(*): golang.org/x/net #138
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #136
Updating ose-csi-driver-shared-resource images to be consistent with ART #137
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #135
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #133
Add go-imports-organizer/goio to organize imports #132
OCPBUGS-10022 : add ‘system:serviceaccounts’ to SAR to allow group based RBAC #130
Updating ose-csi-driver-shared-resource-mustgather images to be consistent with ART #131
Updating ose-csi-driver-shared-resource-webhook images to be consistent with ART #128
Updating ose-csi-driver-shared-resource images to be consistent with ART #129
Full changelog
OCPBUGS-28957 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #103
OCPBUGS-26312 : add snyk config file for SAST scank #97
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #91
OCPBUGS-20825 : bump golang.org/x/net to v0.17.0 #86
STOR-1442 : Restart webhook Pods if webhook-serving-cert changed #83
STOR-1441 : Restart node Pods if metrics-serving-cert changed #82
OCPBUGS-16073 : Updating Kubernetes and other associated dependencies #81
OCPBUGS-14824 : Bump csi-driver-shared-resource-operator library-go #80
OCPBUGS-14488 : bumping kubernetes to 0.27.1 #79
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #77
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #76
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #75
Updating ose-csi-driver-shared-resource-operator images to be consistent with ART #73
OCPBUGS-7906 : add openshift workload annotation to driver daemonset #72
Full changelog
OCPBUGS-21177 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #60
STOR-1169 : Rebase external-attacher
to v4.3.0 for OCP 4.14 #54
OCPBUGS-14815 : Chore: Update OWNERS and OWNERS_ALIASES #55
Updating csi-attacher images to be consistent with ART #53
Updating csi-attacher images to be consistent with ART #52
Updating csi-attacher images to be consistent with ART #51
Updating csi-attacher images to be consistent with ART #50
Full changelog
OCPBUGS-35112 : CVE-2023-48795: bump golang.org/x/crypto to v0.17.0 #99
OCPBUGS-20775 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #72
OCPBUGS-17264 : USPTREAM: 969: build(deps): bump golang.org/x/tools from 0.9.3 to 0.12.0 #68
OCPBUGS-14811 : Chore: Update OWNERS and OWNERS_ALIASES #66
STOR-1169 : Rebase external-provisioner
to v3.5.0 for OCP 4.14 #65
Updating csi-provisioner images to be consistent with ART #64
Updating csi-provisioner images to be consistent with ART #63
Updating csi-provisioner images to be consistent with ART #62
Updating csi-provisioner images to be consistent with ART #61
Full changelog
OCPBUGS-20929 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #147
STOR-1169 : Rebase external-resizer
to v1.8.0 for OCP 4.14 #141
OCPBUGS-14812 : Chore: Update OWNERS and OWNERS_ALIASES #142
Updating ose-csi-external-resizer images to be consistent with ART #140
Updating ose-csi-external-resizer images to be consistent with ART #139
Updating ose-csi-external-resizer images to be consistent with ART #138
Updating ose-csi-external-resizer images to be consistent with ART #137
Full changelog
OCPBUGS-29433 : cherry-pick:release-4.14: OCPBUGS-29244 Update VolumeSnapshot and VolumeSnapshotContent using JSON patch #142
OCPBUGS-21032 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #109
STOR-1169 : Rebase external-snapshotter
to v6.2.2 for OCP 4.14 #101
OCPBUGS-14813 : Chore: Update OWNERS and OWNERS_ALIASES #102
Updating csi-snapshot-validation-webhook images to be consistent with ART #100
Updating ose-csi-external-snapshotter images to be consistent with ART #99
Updating ose-csi-snapshot-controller images to be consistent with ART #98
Updating csi-snapshot-validation-webhook images to be consistent with ART #97
Updating ose-csi-external-snapshotter images to be consistent with ART #96
Updating ose-csi-snapshot-controller images to be consistent with ART #95
Updating csi-snapshot-validation-webhook images to be consistent with ART #94
Updating ose-csi-external-snapshotter images to be consistent with ART #93
Updating ose-csi-snapshot-controller images to be consistent with ART #92
Updating csi-snapshot-validation-webhook images to be consistent with ART #91
Updating ose-csi-snapshot-controller images to be consistent with ART #89
Updating ose-csi-external-snapshotter images to be consistent with ART #90
Full changelog
OCPBUGS-20640 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #50
STOR-1169 : Rebase livenessprobe
to v2.10.0 for OCP 4.14 #44
OCPBUGS-14810 : Chore: Update OWNERS and OWNERS_ALIASES #45
Updating csi-livenessprobe images to be consistent with ART #40
Updating csi-livenessprobe images to be consistent with ART #38
Full changelog
OCPBUGS-20697 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #52
STOR-1169 : Rebase node-driver-registrar
to v2.8.0 for OCP 4.14 #46
OCPBUGS-14814 : Chore: Update OWNERS and OWNERS_ALIASES #47
Updating csi-node-driver-registrar images to be consistent with ART #45
Updating csi-node-driver-registrar images to be consistent with ART #44
Updating csi-node-driver-registrar images to be consistent with ART #43
Updating csi-node-driver-registrar images to be consistent with ART #42
Full changelog
Removing kernel[-rt]-core
packages from the image. (#132) #132
Upgrade glibc, use dnf (#131) #131
Fixing the regexp used to get the correct GCC version. (#127) #127
Updating the docs to use ubi9
instead of ubi8
. (#126) #126
Updating driver-toolkit images to be consistent with ART (#120) #120
Remove abi since it was not in 9.2 rpms (#121) #121
Full changelog
OCPBUGS-35143 : update to go 1.19 and k8s.io mods to v0.27.4 #87
OCPBUGS-19850 : Ensure that IP forwarding is enabled #78
rework PR #74 to switch Dockerfile to use rhel9 #75
Updating egress-router-cni images to be consistent with ART #70
OCPBUGS-6553 : update go-yaml to v2.4.0 #67
Updating egress-router-cni images to be consistent with ART #66
Full changelog
OCPBUGS-20752 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #45
OCPBUGS-17367 : UPSTREAM: <carry>: Remove the static library linking flag #41
OCPBUGS-16783 : Chore: Update OWNERS #39
UPSTREAM: <carry>: Fix OWNERS_ALIASES #40
STOR-1163 : Rebase to upstream v1.10.1 #37
Updating ose-gcp-pd-csi-driver images to be consistent with ART #36
Updating ose-gcp-pd-csi-driver images to be consistent with ART #33
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #107
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #96
OCPBUGS-20847 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #87
CFE-878 : Add userLabels in Infrastructure to driver args list #74
OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #76
OCPBUGS-16569 : Bump library-go to remove dependency on goproxy #78
OCPBUGS-16783 : Chore: Update OWNERS #77
Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #75
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #71
OCPBUGS-15823 : Change timeout of CSI sidecar #73
OCPBUGS-14824 : Bump gcp-pd-csi-driver-operator library-go #72
STOR-1301 : Restart controller Pods if metrics-serving-cert changed #68
STOR-1168 : Bump common libraries #70
OCPBUGS-12609 : Bump golang.org/x/net@v0.9.0 #69
Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #67
Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #66
Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #65
OCPBUGS-8683 : Add management workloads annotations #64
Updating ose-gcp-pd-csi-driver-operator images to be consistent with ART #63
Full changelog
OCPBUGS-61176 : Add missing service network DNS entries to KAS cert #6742
OCPBUGS-57321 : Add validation to avoid conflicts between KubeAPIServer and NamedCertificates SANs #6231 #6252
OCPBUGS-55936 : [release-4.14] Add konnectivity-proxy sidecar to openshift-oauth… #6129
CNTRLPLANE-921 : Konflux build pipeline service account migration #6080
CNTRLPLANE-921 : Konflux build pipeline service account migration #6085
OCPBUGS-51802 : Fix golang crypto dependency go.mod replacement #5996
OCPBUGS-53899 : bump golang-jwt v4 #5909
OCPBUGS-53433 : Prevent IgnitionServer from flooding the API server with patch requests #5878
OCPBUGS-51731 , OCPBUGS-51802 : Bump dependencies to OCP fork in backports #5899
Red Hat Konflux update control-plane-operator-4-14 #5953
ART-11792 : update go mod dependency for konflux #5921
OCPBUGS-53314 : Fix IsIPv4 function identifying also addresses instead of CIDRs #5867
OCPBUGS-45559 : Add Network Policies for Konnectivity server and Ignition server proxy #5816
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.6 #5730
NO-JIRA: chore(deps): update dependency mkdocs-material to v9.6.6 #5725
chore(deps): update dependency mkdocs-mermaid2-plugin to v0.6.0 #5687
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.5 #5681
NO-JIRA: chore(deps): update dependency mkdocs-material to v9 #5688
OCPBUGS-50700 : add region to AWS creds passed to operators managed by CPO #5668
NO-JIRA: Red Hat Konflux update control-plane-operator-4-14 #5339
OCPBUGS-47630 : Separate CPO containerfiles #5619
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.4 #5538
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.6.1 #5537
OCPBUGS-49405 : add ValidIDPConfiguration condition to report IDP config issues #5520
NO-JIRA: chore: update konflux references & bump up go version to 1.20 #5517
NO-JIRA: Update squidfunk/mkdocs-material Docker tag to v9.5.50 (release-4.14) #5444
NO-JIRA: Update dependency mkdocs-material to v8.5.11 (release-4.14) #5430
NO-JIRA: [release-4.14] Bump golang.org/x/crypto and golang.org/x/net #5372
NO-JIRA: Update dependency mkdocs-glightbox to v0.4.0 (release-4.14) #5331
NO-JIRA: Update dependency mkdocs to v1.6.1 (release-4.14) #5330
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.49 (release-4.14) - abandoned #5308
OCPBUGS-44279 : Configure OAuth https proxy to dial cloud endpoints directly #5067
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.45 (release-4.14) #5162
NO-JIRA: chore(deps): update konflux references (release-4.14) #5145
NO-JIRA: chore(deps): update konflux references (release-4.14) #5121
NO-JIRA: chore(deps): update registry.access.redhat.com/ubi9-minimal docker tag to v9.5-1731518200 (release-4.14) #5105
NO-JIRA: Update Konflux references (release-4.14) #5100
chore(deps): update konflux references (release-4.14) #5076
NO-JIRA: chore(deps): update konflux references (release-4.14) #5055
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.44 (release-4.14) #5056
NO-JIRA: Update Konflux references to fedcfe0 (release-4.14) #5043
chore(deps): update konflux references (release-4.14) #5026
chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.43 (release-4.14) #5021
chore(deps): update konflux references to f53fe54 (release-4.14) #5020
NO-JIRA: Update Konflux references (release-4.14) #5011
OCPBUGS-41701 : cmd: report server version, supported OCP #4718
NO-JIRA: chore(deps): update konflux references (release-4.14) #4975
OCPBUGS-43688 : Use guest DNS resolution in Konnectivity HTTPS proxy by default #4964
chore(deps): update konflux references (release-4.14) #4953
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.42 (release-4.14) #4948
OCPBUGS-43368 : Let payload generation pick the release for the NodePool #4913
NO-JIRA: chore(deps): update konflux references (release-4.14) #4934
NO-JIRA: chore(deps): update konflux references to 66f551f (release-4.14) #4924
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.41 (release-4.14) #4917
NO-JIRA: chore(deps): update konflux references to 674e70f (release-4.14) #4910
NO-JIRA: chore(deps): update konflux references (release-4.14) #4898
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.40 (release-4.14) #4879
NO-JIRA: chore(deps): update konflux references to 37b9187 (release-4.14 #4851
OCPBUGS-42533 : enable audit log for oauth-openshift #4822
chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker tag to v1.21.13 (release-4.14) #4794
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.39 (release-4.14) #4828
NO-JIRA: chore(deps): update konflux references (release-4.14) #4813
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9.5.38 (release-4.14) #4805
NO-JIRA: chore(deps): update squidfunk/mkdocs-material docker tag to v9 (release-4.14) #4788
chore(deps): update registry.access.redhat.com/ubi9-minimal docker tag to v9.4-1227.1726694542 (release-4.14) #4758
chore(deps): update squidfunk/mkdocs-material docker tag to v8.5.11 (release-4.14) #4784
OCPBUGS-41374 : CPO oauth idp converter: resolve names before dialing #4763
NO-JIRA: chore(deps): update konflux references to 5ac9b24 (release-4.14) #4783
chore(deps): update konflux references to 2c3426a (release-4.14) #4773
NO-JIRA: chore(deps): update konflux references (release-4.14) #4757
OCPBUGS-42221 : Make guest cluster components use the correct KAS port #4753
OCPBUGS-38060 : Add HTTP konnectivity proxy to OAuth server #4498
OCPBUGS-38066 : [release-4.14] Use HTTP proxy for ingress controller #4724
NO-JIRA: Security fixes for openshift-ci-security job #4752
OCPBUGS-42184 : copy image-registry AdditionalTrustedCA configmap into HC openshift-config #4747
OCPBUGS-41506 : fix: bump google.golang.org/protobuf #4687
HOSTEDCP-1957 : bump go-jose version #4698
OCPBUGS-39378 : Set KCM node monitor grace period #4659
chore(deps): update konflux references (release-4.14) #4683
OCPBUGS-39183 : fix: bump github.com/IBM/go-sdk-core/v5 #4626
NO-JIRA: Add PodDisruptionBudget for router deployment #4692
NO-JIRA: Revert “Merge pull request #4661 from jparrill/bp-4.14/OCPBUGS-24308” #4667
NO-JIRA: PDB backports #4661
NO-JIRA: Konflux migration 4.14 #4648
OCPBUGS-39230 : set proxy envvars on aws CCM #4638
OCPBUGS-38791 : Let the CPO oidc check resolve through data plane #4617
NO-JIRA: Flaky cert validation test #4633
HOSTEDCP-1897 : [release-4.14] Allow setting Kube APIServer maximum requests in flight #4553
OCPBUGS-37076 : Fixed audit-logs sigterm failing to terminate gracefully #4369
OCPBUGS-38624 : remove weak ciphers from security profile #4575
OCPBUGS-37173 : Add newline after TLS certs referenced by image.config #4471
OCPBUGS-37172 : OCPBUGS-35899: Doubled machineHealthCheck timeout on Agent and None #4490
OCPBUGS-36944 : [release-4.14] Add HTTP(s) konnectivity proxy and use it with OpenShift APIServer #4360
HOSTEDCP-1795 , HOSTEDCP-1796 : Customize the self-generated cert validity and rotation #4473
OCPBUGS-37175 : Delete IDMS in dataplane once HCP ICS field is removed #4472
NO-JIRA: Konflux mce-2.4 pipeline fixes #4464
NO-JIRA: [release-4.14] OCPBUGS-36297: kubevirt-csi-driver: Pass infra kubeconfig in case of external infra #4288
NO-JIRA: [release-4.14] test/e2e: remove api budget checks #4438
NO-JIRA: chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker tag to v1.21.11-2 (release-4.14) - abandoned #4363
NO-JIRA: Update registry.access.redhat.com/ubi9/go-toolset Docker tag to v1.21.10-1.1719562237 (release-4.14) - abandoned #4326
NO-JIRA: Update registry.access.redhat.com/ubi9-minimal Docker tag to v9.4-1134 (release-4.14) - abandoned #4325
OCPBUGS-36518 : Run haproxy to connect to kas from data plane if noproxy settings contain kas #4315
OCPBUGS-36159 : Generate default worker security group rules based on machineCIDR #4270
OCPBUGS-35549 : Restrict image registry overrides to control plane component #4223
OCPBUGS-35365 : fix router on 4.14 y-stream upgrade #4205
NO-JIRA: chore(deps): update konflux references (release-4.14) #4257
OCPBUGS-35401 : Fix disconnected metadata inspection for nodepool #4208
OCPBUGS-35482 : Add TrustedBundles to OAS container #4216
OCPBUGS-35290 : [release-4.14] Backport etcd defrag #4189
NO-JIRA: chore(deps): update konflux references (release-4.14) #4248
OCPBUGS-35183 : add AWS STS URL to OIDC provider audiences #4179
NO-JIRA: hack: make the e2e script generic #4201
chore(deps): update konflux references to 2be7c9c (release-4.14) #4225
NO-JIRA: Update Konflux references to 1025001 (release-4.14) #4181
NO-JIRA: chore(deps): update konflux references (release-4.14) #4168
OCPBUGS-34856 : [release-4.14] OCPBUGS-34855: Add new permission required in CAPA #4149
NO-JIRA: test/e2e: fix prometheus serviceaccount handling against 4.16+ #4159
NO-JIRA: chore(deps): update rhtap references (release-4.14) #4112
NO-JIRA: chore(deps): update rhtap references to 9aec3ae (release-4.14) #4073
NO-JIRA: Remove CLI inspection of release image #4061
OCPBUGS-33713 : Reconcile over ICSP/IDMS #4059
NO-JIRA: chore(deps): update rhtap references to 7cd8020 (release-4.14) #4065
OCPBUGS-33844 : Fix disconnected metadata inspection #4049
OCPBUGS-33843 : Recycler-pod image now points to the OCP Payload reference #4048
NO-JIRA: chore(deps): update rhtap references (release-4.14) #4040
HOSTEDCP-1480 : Update TLS cert hash creation with sha512 #4025
NO-JIRA: Update RHTAP references (release-4.14) #3995
HOSTEDCP-1552 : Update RHTAP tekton files for 0.3 -> 0.4 migration #3958
OCPBUGS-33105 : [release-4.14] remove PrivateIngressController cleanup #3960
OCPBUGS-32471 : Fix ICSP and IDMS inclusion as registriesOverrides #3912
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3920
OCPBUGS-32221 : Added support for OLM Disable default sources on HC creation #3882
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3903
NO-JIRA: [4.14] [e2e test framework] Add a flag to add an annotation to Hosted Cluster #3905
HOSTEDCP-1526 : [release-4.14] Support additional node selectors for request serving nodes #3898
chore(deps): update rhtap references (release-4.14) #3888
NO-JIRA: Update RHTAP references (release-4.14) #3874
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3869
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3858
NO-JIRA: Update RHTAP references (release-4.14) #3836
OCPBUGS-31657 : disable http2 for ignition server and proxy #3831
OCPBUGS-31605 : inject built-in MCP selector for KubeletConfigs and ContainerRuntimeConfigs #3826
HOSTEDCP-1322 : NodeUpgradeType defaulted by provider #3822
NO-JIRA: Update RHTAP references (release-4.14) #3813
OCPBUGS-31417 : honor HC image configuration #3806
OCPBUGS-23914 : Added OLMCatalogPlacement option to the CLI #3229
OCPBUGS-30211 : set Konnectivity cipher suites #3679
chore(deps): update rhtap references (release-4.14) #3792
OCPBUGS-31048 : [4.15] HCP deletion can get stuck if CPO is unable to delete the default worker security group #3771
HOSTEDCP-1488 : Use regionalized STS endpoints in AWS #3756
NO-JIRA: Update RHTAP references (release-4.14) #3755
chore(deps): update rhtap references (release-4.14) #3739
OCPBUGS-30596 : Bump golang.org/x/net to version v0.17.0 #3711
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3706
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3676
NO-JIRA: Update RHTAP references (release-4.14) #3672
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3651
OCPBUGS-29782 : use 2040 for apiserver svc in IBM provider #3594
”[release-4.14] OCPBUGS-29259: Fix default release image lookup” #3550
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3620
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3625
OCPBUGS-29094 : Make ControllerAvailabilityPolicy immutable #3534
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3604
NO-JIRA: Update RHTAP references (release-4.14) #3591
NO-JIRA: Update RHTAP references (release-4.14) #3519
NO-JIRA: Approvers update #3580
MULTIARCH-4084 : Reduce the policy access scope to specific instance #3530
OCPBUGS-29206 : Add GC knobs for KAS #3543
OCPBUGS-29187 : node spread anti-affinity for HA HCP #3541
OCPBUGS-19956 , OCPBUGS-28984 , OCPBUGS-28985 , OCPBUGS-28986 , OCPBUGS-29000 : Support Disconnected HCP #3520
OCPBUGS-29030 : Add ValidatingAdmissionPolicy to KAS config #3524
HOSTEDCP-1272 : Added CLI support to create DualStack clusters using default values #3514
OCPBUGS-28238 : consider HCP upgradeable if CVO has no upgradable condition #3468
OCPBUGS-26526 : Documented to disable UWM telemetry writer in disconnected envs #3389
OCPBUGS-26526 : Disable UWM Telemetry writer when telemeter-client cm not exists #3388
OCPBUGS-27072 : Apply Scheduling Configuration for kCCM #3418
NO-JIRA: Update RHTAP references (release-4.14) #3509
OCPBUGS-20180 , OCPBUGS-20547 : Added network validations #3096
OCPBUGS-23997 : add watch for HCP pullsecret to HCCO #3265
OCPBUGS-28249 : Required RBAC for network-node-identity is not created when hosted cluster networkType is set to Other. #3485
NO-JIRA: Update RHTAP references (release-4.14) #3447
OCPBUGS-24315 : Add prestop to konnectiviy server #3268
OCPBUGS-24307 : Set shutdown-delay-duration to 15s #3264
OCPBUGS-21795 : change trusted bundle volume mount for CPO #3102
OCPBUGS-25217 : Konnectivity agent update strategy #3308
OCPBUGS-26574 : Set new condition on SG deletion. #3398
Update RHTAP references (release-4.14) #3402
Update RHTAP references (release-4.14) #3383
OCPBUGS-22360 : Validate accessTokenInactivityTimeout >= 300s #3175
OCPBUGS-23936 : Use correct kubeconfig in CCM and remove CCMs access t… #3232
OCPBUGS-12720 : Updating hypershift images to be consistent with ART #2467
OCPBUGS-24627 : unset ServiceAccount on ignition-server-proxy #3295
[Release 4.14] OCPBUGS-24556: Fix a bug on deletion of a hostedcluster #3290
OCPBUGS-24269 : add CLI oauthclient #3272
OCPBUGS-23569 : Added IPFamilyPolicy to services exposed at the HCP in DualStack mode #3224
HOSTEDCP-1318 : external OIDC enablement #3261
OCPBUGS-23747 : Added brackets to IPv6 KAS address on kubeconfig #3228
OCPBUGS-24063 : fix(cpo): Set restart annotation on network-node-identity #3248
release-4.14, HOSTEDCP-1315: Improve NodePool CPU arch & platform check #3236
OCPBUGS-22676 : Make the OLMCatalogPlacement field immutable #3143
OCPBUGS-23558 : Let router use svc ips 4.14 #3221
OCPBUGS-19678 : Remove cluster name validation from HCC #3040
”[release-4.14] CNV-35326: unsupported escape hatch mechanism custom HS/KV vms” #3202
OCPBUGS-23027 : Configure HSTS for kube-apiserver #3169
NO-JIRA: chore(deps): update rhtap references (release-4.14) #3085
OCPBUGS-23142 : adding permission to CNO RBAC Calico path for network-node-identity deploy #3182
OCPBUGS-22295 : Added brackets to the kubeconfig server address when IPv6 #3117
OCPBUGS-22690 : Use the same etcd snapshot for all replicas during etcd restore #3146
OCPBUGS-22959 : Update regex validation for nodepool.spec.taints.value #3165
HOSTEDCP-1280 : Adjustment cluster-cidr,service-cidr to support dualstack #3162
OCPBUGS-22898 : Stop exposing kas on 6443 private route service load balancer #3159
OCPBUGS-22898 : Stop defaulting aws private haproxy external port to 6443 #3160
OCPBUGS-19897 : Add konnectivity-proxy container to CNO #3058
OCPBUGS-22379 : Cluster-policy-controller: add missing RBAC for privileged namespaces PSA syncer controller #3131
OCPBUGS-20526 : Align PSA labels on guest cluster namespaces with standalone OCP #3111
OCPBUGS-21869 : Remove EnsurePSANotPrivileged #3107
OCPBUGS-21822 : Add ign proxy label selector for LabelTopologyZone PodAntiAffinity #3105
OCPBUGS-21587 : change required pod anti-affinity rule to preferred rule #3098
OCPBUGS-19794 : Upgrade Agent APIs to v1beta1 #3059
OCPBUGS-19797 : reconcile Authentication global config #3053
OCPBUGS-19794 : Upgrade agent APIs to v1beta1 #3051
OCPBUGS-20249 : Set KAS config pod security Enforce to privileged #3083
OCPBUGS-20163 : Report correct port when API exposed via route #3078
OCPBUGS-19796 : set accesstoken-inactivity-timeout flag to openshift-oauth-apiserver #3052
Update RHTAP references (release-4.14) #3060
Migrate deprecated-base-image-check pipeline #3057
chore(deps): update rhtap references (release-4.14) #2752
Update kubevirt csi driver deployment with proper timeouts #3046
OCPBUGS-19463 : set default deploymentconfig params on AWS CCM #3029
ACM-7278 : Remove marking pull secret as required in hcp cli #3023
OCPBUGS-18978 : add KAS endpoints to Except in router egress rule #3010
CNV-31919 : Validate KubeVirt platform required versioning #3026
OCPBUGS-19063 : amend OLM catalogs ImageStream according to annotation #3016
enable CGO_ENABLED for building FIPS compliant images #3006
OCPBUGS-18828 : tuned DS should not use controlPlaneReleaseImage #3005
Red Hat Trusted App Pipeline update hypershift-release-414 #2639
HOSTEDCP-1185 : Add flag to create a single NAT gateway #2984
Dump kubevirt external infra clusters #2992
OCPBUGS-18568 : Use MCO and CCO image references when looking up mappings #2985
HOSTEDCP-591 : Amend OLM catalog IS according to OpenShiftImageRegistryOverrides #2947
e2e: skip CNO pod restart check #2986
HOSTEDCP-1133 : Signal NodePool rolling upgrade because of platform changes #2973
OCPBUGS-18127 : Enable caching of Unstructured Objects in HO #2988
e2e: run Ensure functions after Main part of test #2983
OCPBUGS-18127 : Ensure machineTemplate name length respects RFC1123 spec #2975
ACM-6435 : add pausedUntil create cluster option in CLI #2965
OCPBUGS-7840 : Untangle kas port #2964
OCPBUGS-18399 : Preserve mirror order when serializing ICSP to env #2977
OCPBUGS-18336 : make konnectivity routes roundrobin #2971
Use the correct pull secret for HCP KubeVirt components #2919
Disable nto inplace test for kubevirt #2980
OCPBUGS-18438 : Properly format IPv6 address when proxying it through Konnectivity #2969
OCPBUGS-18127 : Trigger a rolling upgrade on NodePool .spec.platfrom changes #2956
HOSTEDCP-1156 : Add defaulting webhook to installation and notes #2922
HOSTEDCP-979 : Re-enable nodepool in-place upgrade tests #2960
Add a default value (32Gi) for nodepool in create nodepool kubevirt
command #2940
OCPBUGS-16221 : Adds trust bundle to ignition-server when configured in HC #2819
Avoid creating tar archive if –archive-dump=false #2963
OCPBUGS-3873 adding rbac for UserOAuthAccessToken #2962
HOSTEDCP-1178 fix limited support label key #2958
OCPBUGS-18065 : enable aws-pod-identity-webhook on AWS #2957
OCPBUGS-18308 : Do not use mgmt cluster ICSP to mutate CCO image in KAS pod #2966
OCPBUGS-18266 : fix Progressing condition when ControlPlaneRelease is set #2959
fix(ho): Restore match label selector behavior #2951
OCPBUGS-18072 : Set emptyDir storage for the image registry only on initial time for None and Kubevirt platform #2895
OCPBUGS-18024 : Set Arch to amd64 for HCP NodePool Create #2941
chore(deps): update rhtap references (main) #2920
OCPBUGS-16813 : switch konnectivity-server to additional container in KAS pods #2942
Updating hostedcluster controller to stop using deprecated flags #2946
OCPBUGS-17827 : e2e: remove private-router from NeedManagementKASAccessLabel allowlist #2939
MULTIARCH-3709 : PowerVS - Add reuse resource flags to e2e test #2902
MULTIARCH-3478 : Minor bug fix on PowerVS infra #2451
OCPBUGS-18069 : Ensure load balancers are not exist before declaring load balancers are cleaned up #2887
MULTIARCH-3708 : PowerVS - Fix cluster deletion when existing resources passed #2867
MGMT-15368 : Document scaling down NodePools #2944
OCPBUGS-13348 : Hypershift Audit configuration not working. #2945
TRT-1202 : set SkipReleaseImageValidation annotation properly on e2e clusters #2943
OCPBUGS-17678 : Reconcile cloud credentials configuration to hosted cluster #2937
Add e2e test for etcd member recovery #2930
OCPBUGS-17827 : remove NeedManagementKASAccessLabel from router pods #2934
OCPBUGS-17985 : Handle empty mirrorImage result for ignition disconnected registry #2935
OCPBUGS-17827 : e2e: refactor checkPodsHaveLabel to be allowlist rather than exact match #2928
OCPBUGS-16813 : do not hardcode ignition-server-proxy replicas #2933
fix(ho): Restore match label selector behavior #2893
TRT-1202 : add annotation to skip release image validation #2929
OCPBUGS-17812 : Update Etcd health check to mirror standalone etcd #2918
STOR-1443 : Sync 05_operator_role-hypershift.yaml
manifest from cluster-csi-snapsht-controller-operator #2915
HOSTEDCP-1065 : CNO deployed hosted-cluster-kubecfg-setup initContainers use CPR image #2917
HOSTEDCP-1001 : Image registryOverride included in the image metadata extraction flow #2909
OCPBUGS-17669 : Validate HostedCluster name against RFC1123 #2914
HOSTEDCP-1075 : Document how to recover single etcd member #2916
HOSTEDCP-1085 : Create a monitoring dashboard per HostedCluster #2907
chore(deps): update rhtap references (main) #2903
HOSTEDCP-1063 : Account for guest webhook URLs without a port #2898
OCPBUGS-17680 : Remove immutable note from PullSecret #2910
Revert “HOSTEDCP-1001: Image registryOverride included in the image metadata extraction flow” #2908
OCPBUGS-16076 : Validate HostedCluster name against RFC1123 in CLI #2906
OCPBUGS-15331 , OCPBUGS-16049 : Enable AdvertiseAddress dual stack and IPv6 support and added the changes to be included in the certificates #2779
HOSTEDCP-1081 : Perform etcd recovery when etcd member data is lost #2900
SDN-4057 : Pass ControlPlane image to OVN #2896
test: e2e: remove SingleReplica etcd chaos test #2901
Allow overriding pod security admission label #2886
HOSTEDCP-1146 : cpo: use CPO spec container image if it is a sha256 reference #2899
HOSTEDCP-1022 : Set Arch to amd64 #2897
Re-introducing defaulting webhook for self managed HCP #2892
fix-CNV-30260: KubeVirt: fix failed conformance test #2891
OCPBUGS-16298 : Prevent the kube-apiserver from connecting to the managment kas #2888
HOSTEDCP-1001 : Image registryOverride included in the image metadata extraction flow #2820
HOSTEDCP-1046 , HOSTEDCP-1102 : Follow-on Items #2847
Revert “[HOSTEDCP-1041] Defaulting webhook for self managed HCP” #2889
OCPBUGS-17446 : Set advertise-address in HCP etcd to resolvable name #2884
Defaulting webhook for self managed HCP #2864
STOR-1432 : cso: add envvars for CSI driver controller images #2882
HOSTEDCP-1025 : Add HCP CLI Command to Create a NodePool on AWS #2852
SDN-4042 : Increase upgrade rollout timers #2881
skip olm-collect-profiles in EnsureComponentsHaveNeedManagementKASAccessLabel #2874
HOSTEDCP-1064 : Add egress policy for private-router #2792
HOSTEDCP-1121 : Ensure SG reconciliation for aws endpoint #2872
chore(deps): update rhtap references #2865
HOSTEDCP-1065 : add ControlPlaneImage API for provider-side HCP updates #2848
HOSTEDCP-1063 : Disallow webhooks URLs targeting control plane services #2775
OCPBUGS-17374 : Fast specific dockerignore #2879
Kubevirt how-to docs updates #2875
Fix nodepool upgrade docs link #2880
OCPBUGS-17171 : Update OLM catalog image tags #2877
HOSTEDCP-1029 : Add HCP CLI Command to Destroy a Cluster on AWS #2853
Add workload management annotation to kubevirt-csi daemonset #2840
WRKLDS-730 : use default /healthz path for readiness probe in OCM and RCM #2873
Add api and cli validation for kubevirt volume mode #2862
HOSTEDCP-1079 : RHTAP HO Containerfile #2857
OCPBUGS-16770 : add need-management-kas-access label to olm-collect-profiles pods #2854
MULTIARCH-3684 : PowerVS - Upgrade capi to use v1beta2 APIs #2831
HOSTEDCP-1046 : Add ImageDigestMirrorSet to Config API comment #2868
MULTIARCH-3683 : Add dev flags in destroy cluster powervs command #2764
kubevirt: Reconcile EgressFirewall only for ovn-k #2849
HOSTEDCP-1046 : Add IDMS to the list of valid config manifests #2837
OCPBUGS-17059 : Add volume mode to kubevirt root volume api #2860
Update RHTAP references (main) #2832
OCPBUGS-16809 : Configured IgnitionProxy to support IPv4 and IPv6 #2850
OCPBUGS-14163 : Fixed ETCD to work in Ipv6 and Dual stack envs #2846
HOSTEDCP-1112 : Add config to set creation frequency of RHTAP PRs #2838
HOSTEDCP-1020 : Remove name as a persistent flag required field #2836
OCPBUGS-16232 : skip z-stream version check when upgrade is forced #2823
OCPBUGS-16033 : ClusterNetwork’s HostPrefix validation for dual stack #2795
OCPBUGS-14783 : Fix NetworkPolicy to work over IPv4 and IPv6 #2704
Revert “HOSTEDCP-710: Make ImageContentSource immutable” #2829
Update RHTAP references (main) #2814
HOSTEDCP-1062 : Make CAPI pod selector backward compatible #2825
HOSTEDCP-1093 : Add default flags to HCP create cluster CLI cmd #2802
Revert “HOSTEDCP-1094: e2e autoscaler balancing similar node groups” #2828
HOSTEDCP-1090 : Use statically configured haproxy for router #2778
HOSTEDCP-1046 : Allow HCP Specification to Support ICSP & IDMS #2720
HOSTEDCP-710 : Make ImageContentSource immutable #2815
OCPBUGS-11835 : Add missing probes to two services #2430
HOSTEDCP-1094 : e2e autoscaler balancing similar node groups #2808
OCPBUGS-16113 : unshare ignition-server reconciliation between HO and CPO #2817
OCPBUGS-11939 : Fix additional issues with OCPBUGS-11939 #2804
OCPBUGS-16135 : fix deletion bug when hostedzone is already deleted #2811
OCPBUGS-14862 Improve clarity around hypershift operator permissions #2782
HOSTEDCP-1062 : Management kas policy #2796
Revert “HOSTEDCP-1062: Add management cluster KAS network policy” #2793
HOSTEDCP-1020 : Add pullSecret & NodePool replica flags to HCP CLI #2774
HOSTEDCP-1101 : Add snyk-secret HO RHTAP scripts #2788
OCPBUGS-15991 : use ignition-proxy Service to populate ignitionEndpoint with strategy NodePort #2787
OCPBUGS-15769 : Include hypershift specific labels to be ignored by similar autoscaler groups #2784
Add management cluster KAS network policy #2717
HOSTEDCP-1019 : Add create cluster for Agent for HCP CLI #2754
CNV-30407 : KubeVirt Platform: Support NetworkInterfaceMultiQueue #2760
HOSTEDCP-1030 : Add destroy cluster for Agent for HCP CLI #2756
OCPBUGS-15594 : Get valid arch image for cluster-config-operator #2753
kubevirt: Annotate VMs to be live migratable #2772
Revert “Merge pull request #2770 from dharaneeshvrd/upgrade-capi-ibmcloud #2776
MULTIARCH-3684 : PowerVS - Upgrade capi to use v1beta2 APIs #2770
OCPBUGS-14862 : Reject VPCE Connections during VPCE Service cleanup #2700
Update RHTAP references #2768
HOSTEDCP-1023 : Add create NodePool for Agent for HCP CLI #2755
HOSTEDCP-1061 : Implement dedicated request serving nodes for HostedClusters #2722
OCPBUGS-15769 : Set –balance-similar-node-groups for autoscaler #2769
Leader election config update. #2282
OCPBUGS-15723 : Let getMachinesForNodePool return machines ordered by creation Timestamp #2766
Fix KAS HealthCheck for non DNS-Based ingress points in LB service #2765
Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible #2741
Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /hack/tools #2740
Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 in /hack/tools #2737
OCPBUGS-12208 ensureExists pullSecret resource reconciliation strategy #2732
Bump github.com/coreos/ignition/v2 from 2.10.1 to 2.14.0 #2739
Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /hack/tools #2738
Remove hardcoded AWS CI References #2742
TRT-1118 : Remove DisableStrictZoneCheck from AWS CCM config #2757
Update RHTAP references #2750
add OWNERS for new ci-tooling area label #2743
Add production cli (hcp) to dockerfile #2747
feat: Enable priority class override #2661
test/e2e: retry configmap create in etcd chaos tests #2746
OCPBUGS-14578 : Set allocate-node-cidrs to false in the cluster-kube-controller-manager #2731
Revert “HOSTEDCP-1016: Validate publishing strategies” #2733
HOSTEDCP-1027 : Add Create kubeconfig for HCP CLI #2719
HOSTEDCP-1016 : Validate publishing strategies #2651
KubeVirt Platform documentation for Advanced Storage Configurations and External Infrastructure #2712
Follow up to PR comments on #2642 #2690
HOSTEDCP-1067 : Add dependabot dependency management #2708
HOSTEDCP-1073 : enforce blocked rollout of HCP #2726
Revert “HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default” #2705
Remove –service-publishing-strategy from production cli #2721
HOSTEDCP-1024 : Add Create NodePool for KubeVirt for HCP CLI #2718
HOSTEDCP-1032 : e2e: ensure default PSA policy is not privileged #2714
HOSTEDCP-1031 : Add Destroy Cluster Cmd for KubeVirt for HCP CLI #2673
Expose annotation to allow release image overrides #2595
HOSTEDCP-1060 : add ignition-server proxy #2668
OCPBUGS-14637 : Check OwningIngressController also in Labels #2706
HOSTEDCP-1020 : Add Create Cluster for KubeVirt for HCP CLI #2672
properly handle user CA bundle not existing #2703
OCPBUGS-15168 : fix(oauth): Do not proxy IBM Cloud IAM endpoints #2699
OCPBUGS-14859 : Skip AWS resource deletion for ‘Unknown’ OIDC state #2691
Whitelist access from virt-launchers to NodeIP if NodePort ServicePublishingStrategy is used #2688
OCPBUGS-13829 : cpo: oauth: honor AccessTokenInactivityTimeout #2693
Update NodePool docs to include data propagation #2687
HOSTEDCP-1008 : Add NodePoolTransitionSeconds metric #2631
HOSTEDCP-967 : [Re-revert] Disable v1alpha1 and conversion webhook by default #2685
Make NodePool arch input immutable #2689
Update autocaler RBAC to accomodate machinepools support added upstream #2663
Enforce Immutability of some KubeVirt Platform Values #2654
CNV-24818 : Add fsGroup support to kubevirt-csi-driver #2563
Let payload provider render feature gate yaml #2664
OCPBUGS-14633 : Check for OPENSHIFT_IMG_OVERRIDES before using #2660
HOSTEDCP-965 : Add impersonate feature to the CLI and document HC dump procedure #2653
OCPBUGS-11882 : Annotate HCP pods with the safe-to-evict-local-volume CA annotation #2647
Update RHTAP references #2657
Disable nodepool replace upgrade test #2665
OCPBUGS-14784 : Honor global ingress configuration LoadBalancer type on AWS #2669
OCPBUGS-14620 : Set DisableStrictZoneCheck = true
in the AWS Cloud Provider config #2659
HOSTEDCP-992 : refactor ignition-server reconcilation #2662
Minor fix in KAS LB HealthCheck #2656
HOSTEDCP-1036 : Create Makefile path to create productized CLI #2633
Extend np test timeout for KubeVirt platform #2655
HOSTEDCP-1003 : Set AWS conditions only for AWS platform #2604
Remove alsologtostderr flag form CAP* #2648
OCPBUGS-14575 : Check for IDMS only if mgmt cluster has req API #2650
Network isolation of VirtualMachines for KubeVirt provider #2622
OCPBUGS-14428 : remove OLM alerts from the HCCO #2636
KubeVirt Openstack image annotation override #2629
Red Hat Trusted App Pipeline update hypershift-operator-main #2638
Red Hat Trusted App Pipeline purge hypershift-azjx #2635
cli: Add release-stream flag #2644
OCPBUGS-13547 : Pass payload-version to MCS and MCC #2643
KubeVirt: Handle deletion of the cache DV on an edge case #2620
OCPBUGS-14087 : Enable HCCO to reconcile over the OperatorHub’s disableAllDefaultSources object #2632
HOSTEDCP-1009 : Allow external-dns image to be set in install cli #2623
Ensure FeatureGate is copied from cluster to MCO render source #2581
OCPBUGS-12972 : Use different ports for MCS in the ignition provider #2628
hypershift dump: use random local port for kas port-forwarding #2625
OCPBUGS-11939 : Initialize RegistryOverrides w/ mgmt cluster ICSP #2437
Revert “Merge pull request #2596 from muraee/disable-valpha1” #2627
Add ‘Creating Arm NodePools Through the API’ Section #2587
HOSTEDCP-967 : Disable v1alpha1 and conversion webhook by default #2596
OCPBUGS-13113 : Add ClusterUpgradeDuration metric #2566
chore(deps): update rhtap references #2612
OCPBU-609 : agent infrastructure docs #2618
OCPBUGS-14169 : Remove external-dns –events flag #2616
OCPBUGS-13970 : Reconcile oauthDeployment annotations even if kubeadmin secret is not found #2593
cmd: infra: aws: retry on AuthorizeSecurityGroup failure #2605
Fix dump for Kubevirt #2589
Kubevirt CSI StorageClass mapping API #2528
Remove Arm e2e test #2591
HOSTEDCP-947 : Set ETCD Storage Size as immutable field and equalised the default size among both api versions #2588
OCPBUGS-13735 : Fixed revoking some permissions to CAPI Manager Clusterrole #2586
HOSTEDCP-445 : Add script to migrate hosted control plane #2598
Use newly introduced KubeVirt Platform rhcos Image #2576
OCPBUGS-13168 : Include default ingress CA in root CA bundle #2584
HOSTEDCP-975 : Add new grafana panels for nodepools SLOs #2592
HOSTEDCP-926 : Send metric when HO/CPO decide to skip cloud resource deletion #2531
Update RHTAP references #2420
OCPBUGS-13897 : Use cluster-config-operator to render featuregate status on KAS bootstrap #2585
HOSTEDCP-975 : Add cluster_name label to nodepools metrics #2580
Fix broken tests for non-aws platforms #2577
Updated secret permissions for openshift-route-controller-manager #2575
HOSTEDCP-987 : Update go version and dependencies in /hack/tools/go.mod #2551
remove flags set by CI env var #2521
HOSTEDCP-975 : Add NodePool DeletionDuration and InitialRolloutDuration metrics #2558
ARMOCP-412 : Add ARM nodepool to AWS x86 Hosted Cluster #1594
OCPBUGS-11939 : Fix minor codebase nits #2502
control-plane-operator/controllers/hostedcontrolplane: Align reconcileCloudControllerManager error strings #2500
HOSTEDCP-960 : Add e2e to validate HC/NP conditions expected status #2482
HOSTEDCP-830 : Update auto scaler role to get and list agentmachinetemplates #2564
HOSTEDCP-445 : Included how to fix image-registry clusteroperator after a disaster recovery migration #2481
OCPBUGS-13547 : Pass release image version to MCO bootstrap via –payload-version #2572
Cache KubeVirt Boot Image #1918
contrib: ci: increase HC quota in clusters namespace #2547
HOSTEDCP-996 : CLI: enable guest cluster dump for private clusters #2571
MULTIARCH-3205 : Support IBM COS as storage for PowerVS in image registry operator #2207
fix nil deref in DefaultWorkerSecurityGroupID check #2573
remove unused OLM catalog rollout code #2568
OCPBUGS-13034 : Cluster-api SA can’t create events #2565
ACM-4277 : docs: Add L2Advertisement CR to the Handling Ingress section in the agent docs #2470
HOSTEDCP-947 : Increases default etcd PV size to 8Gi #2549
Add a new e2e option for the ETCD storage class #2560
Red Hat Trusted App Pipeline update hypershift-azjx #2555
HOSTEDCP-975 : Revised nodePoolSize metric and added AvailableReplicasMetric #2532
OCPBUGS-11383 : Sync proxy TrustedCA to guest cluster #2550
Removed unused KMS permissions for nodePool role #2456
Lock down kubevirt csi storageclass mappings #2534
OCPBUGS-13021 : Add internal/external elb tags to subnets #2541
HOSTEDCP-918 : Add validation for NodePool security Group condition when using default SG #2498
HOSTEDCP-981 : Minor updates to Getting Started & Contribute pages #2527
OCPBUGS-13111 : Fix errors from HCP controller removeServiceCAAnnotationAndSecret() #2513
Stop triggering rollout on labels/taint change #2533
Validate HO private platform input #2536
OCPBUGS-13021 : Health check load balancers only on public clusters #2535
OCPBUGS-13309 : set FeatureGate global config #2543
Add audit-log-maxbackup setting for openshift-api-server #2509
OCPBUGS-11894 : Let the aws endpoint to use the hypershift owned SG #2475
HOSTEDCP-980 : Include HostedClusterDegraded in hypershift_hostedclusters_failure_conditions metric #2523
HOSTEDCP-788 : Configurable SRE MetricsSet #2505
OCPBUGS-13112 : Add timeout to KAS health check client #2522
HOSTEDCP-978 : Bump openshift/api version and fixed KCM flags (k8s 1.27) #2519
OCPBUGS-7841 : Account for expectedState == false when capturing hostedClustersWithFailureCondition #2507
OCPBUGS-11719 : Ensure ingress controllers are removed before load balancers #2444
Fixed assignment to entry in nil map #2508
Add new –featuregate-manifest to /usr/bin/cluster-config-operator render #2506
ACM-5116 : Increase KubeVirt default Mem and Root Volume Sizes #2471
HOSTEDCP-937 : New metric to expose Hypershift operator info #2443
HOSTEDCP-969 : Consolidate labels for metrics #2494
HOSTEDCP-969 : Move proxy, silence alerts and limited support metrics into HC controller #2489
HOSTEDCP-969 : Only track available metric once #2479
OCPBUGS-11738 : Delete kubeadmin secret when an idp is defined #2452
Add PollImmediate for e2e metrics to avoid race with prom scrape interval #2483
HOSTEDCP-969 : Move HC creation metrics #2477
OCPBUGS-12153 : fix(hcco): Get OLM CatalogSource images from defined map #2454
HOSTEDCP-917 : Add publicAndPrivate <-> Private e2e test #2383
add hyperv1.SilenceClusterAlertsLabel to HostedCluster on deletion #2476
HOSTEDCP-969 : Move guest cluster resource deletion metric #2463
OCPBUGS-11450 : Pass OPENSHIFT_RELEASE_IMAGE env variable to CNO #2384
HOSTEDCP-972 : Add pre-commit command to Make file #2465
HOSTEDCP-969 : Move cluster deletion duration metric into controller #2459
Fix kubevirt csi daemonset reconcile loop #2466
Fixes loop between HC controller and pod security label syncer #2460
docs: update OIDC bucket create with bucket policy #2461
OCPBUGS-11946 : Add new OCP 4.13 storage admission plugin #2445
OCPBUGS-11773 : remove ACL for aws bucket #2423
OCPBUGS-7841 : Set metrics to 0 when needed to keep time series honest #2440
OCPBUGS-11930 : Clean up existing VPC endpoint connections #2438
Revert “Add validation for default Security Group conditions during N… #2453
HOSTEDCP-918 : Add validation for default Security Group conditions during NodePool upgrade test #2342
OCPBUGS-11649 : Always requeue AWSEndpointService controllers #2424
Add IBMers as reviewers #2436
e2e: Cleanup shared OIDC provider on SIGTERM #2435
HOSTEDCP-950 : Fix haproxy image name in ignition server #2441
OCPBUGS-7091 : Restart kube-scheduler when its configuration changes #2421
OCPBUGS-11749 : Add pod security labels to hcp namespace #2415
HOSTEDCP-950 : Validate release payload images #2368
kubevirt: Block metadata server egress #2399
Bring latest MCO API #2434
Relax MCO API strict decoding #2433
docs: update OIDC s3 bucket creation procedure #2425
json export for a common grafana dashboard for SLOs #2422
Enable monitoring for hypershift namespace #2419
MULTIARCH-3449 : set priority class for cloud controller manager pod for PowerVS #2390
Fixes HCCO reconcile error for kubevirt csi driver #2259
Add monitoring label to HCP namespace #2393
Update tekton references #2308
add OWNERS for new area labels #2414
fix typo #2411
HOSTEDCP-807 : Requeue HCP always #2408
OCPBUGS-11640 : Update HostedCluster oauthCallbackURLTemplate #2400
e2e: Fixed idp test conflict error on HosterCluster update #2389
dump: Store guest worker node logs and increase kubevirt logs verbosity #2317
HOSTEDCP-568 : Update Konnectiviy socks5 proxy for IBM exception #2366
OCPBUGS-11442 : properly reconcile with user specified changes for in proxy configuration #2382
Updated kubevirt docs #2318
OCPBUGS-11439 : allow z-stream upgrade even if CVO Upgradeable is false #2381
HOSTEDCP-954 : Remove ec2:ReleaseAddress #2379
HOSTEDCP-802 : add cli flag to enable upgrade type #2367
e2e: Fix oauth idp e2e test #2377
HOSTEDCP-951 : Let install apply to aggregate errors #2372
Revert “Create a second scheme that always registers prometheusoperatorv1 GVKs” #2374
HOSTEDCP-807 : Check KAS loadbalancer health #2264
e2e: fix for non-AWS platform #2360
HOSTEDCP-445 : Fix the storage ClusterOperator during a DR migration #2358
HOSTEDCP-850 : Fix nodepool autoscaler logic #2354
support/releaseinfo/pod_provider: Drop unused legacy PodProvider #2341
Fix nodepool upgrade e2e test #2359
HOSTEDCP-806 : Fix ValidAWSKMSConfig condition #2322
HOSTEDCP-939 : Setup shared OIDC provider for e2e clusters #2335
OCPBUGS-10227 : Preserve false status of ValidAWSIdentityProvider condition #2344
ACM-4615 get pull secret instead of dockerconfigjson from mce credentials #2338
Slo alerts #2049
HOSTEDCP-943 : Add hypershift_hosted_cluster_transition_seconds histogram #2348
HOSTEDCP-944 : Add more expectedHCConditionStates metrics #2347
OCPBUGS-10227 : Create new EC2 client for AWS identity provider health check #2346
OCPBUGS-10823 ensure well known public domains do not get proxied on image imports #2321
SDA-8609 : No more specifying the scrape interval at servicemonitors & podmonitors level #2327
OCPBUGS-10807 : Pass runAsUser to CNO so it can run its managed services with proper security context #2319
Appstudio update hypershift-azjx #2332
Revert “cpo: cno: follow image name change in release payload” #2345
support/supportedversion: Include the problematic version strings in error messages #2334
OCPBUGS-10864 : fix external APIServer address selection based on endpointAccess #2328
OCPBUGS-8073 : Do not proxy when guest cluster resolution fails #2261
MULTIARCH-3028 : handle PowerVS instance which goes to failed state during infra create and destroy process. #2088
HOSTEDCP-938 : Added PSA default profile to RunTimeDefault in operator deployment #2333
HOSTEDCP-934 : Validate PublishingStrategyMapping #2324
OCPBUGS-7091 : Honor scheduler profile in HostedCluster configuration #2330
HOSTEDCP-736 : Docs on how we handle aws permissions #2311
Add support for external infra clusters in KubeVirt platform #2017
Create a second scheme that always registers prometheusoperatorv1
GVKs #2292
OCPBUGS-10504 : Deletion of the VPCEnpoint on conflicting service names #2290
HOSTEDCP-801 : Expose external DNS for private cluster endpoints #2286
HOSTEDCP-903 : Propagate AWSEndpointService conditions #2278
Appstudio update hypershift-azjx #2287
OCPBUGS-8691 : Add storage operators perms. to watch HostedControlPlane #2301
OCPBUGS-10423 : Add validation for taint.value in nodePool #2298
HOSTEDCP-839 : Audit log sidecars for openshift-apiserver and openshift-oauth-apiserver #2232
Route to kubevirt VMs using infra id as service label selector #2092
Force controleplane upgrade always #2288
HOSTEDCP-900 : Modified AWSPrivateLinkController and AWSEndpointServiceController to respect PausedUntil spec field #2265
HOSTEDCP-919 : Clean up and API doc #2280
HOSTEDCP-688 : E2E Test NodePool Upgrade #2256
HOSTEDCP-445 : Documented the possible issues found during a HostedCluster migration #2276
OCPBUGS-10227 : Ensure identity provider health check condition is persisted and remove awsendpoint control plane finalizer if invalid aws creds #2281
OCPBUGS-8040 : Switch NTO metrics auth to certs generated by HCP controller #2050
OCPBUGS-8381 : Use appropriate serving certificate for OAuth #2279
HOSTEDCP-501 : Added detailed documentation about Hypershift release process #2272
HOSTEDCP-919 : Add AWS cloud controller manager #2271
Update PowerVS prereq doc with install and authorization details #2172
Remove webhook validation #2217
HOSTEDCP-809 : Clone CA key/cert to TLS key/cert #2246
Refactor e2e nodepool tests #2228
Update HCP version in capi cluster ref #2119
Validate etcd KMS config #2174
OCPBUGS-8421 : fix API documentation for audit webhook field #2258
Add a debug section to the Node Tuning docs #2254
Destroy cloud resources by default #2224
Add e2e test for identity providers #2166
HOSTEDCP-638 : Add latest ocp supported info to -v command for cli and operator #2233
OCPBUGS-8231 : Fix cleanup of volumes on cluster deletion #2243
fix(cpo): Delete multus validatingwebhookconfiguration on CNO init #2231
add pull-secret to imagePullSecrets for NTO, CNO, and olm-collect-profiles #2248
Update images and hypershift operator to 4.14 #2249
And 5 elided commits (e.g. from squash or rebase merges)
Full changelog
OCPBUGS-59791 : [IBM VPC] set offlineExpansion to false in e2e test manifest #151
OCPBUGS-36071 : CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 #122
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #104
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #91
OCPBUGS-21339 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #81
OCPBUGS-18105 : [IBM VPC] failed provisioning volume in proxy cluster #74
OCPBUGS-16654 : Revert revert “STOR-1065: Rename node-driver-registrar… #69
OCPBUGS-16571 : Bump library-go to remove dependency on goproxy #71
OCPBUGS-16783 : Chore: Update OWNERS #70
Revert “STOR-1065: Rename node-driver-registrar RBAC and Rework sidecar bindings to bind common ClusterRoles” #68
STOR-1065 : Rename node-driver-registrar RBAC and Rework sidecar bindings to bind common ClusterRoles #64
OCPBUGS-14824 : Bump ibm-vpc-block-csi-driver-operator library-go #65
OCPBUGS-12614 , STOR-1168 : Bump common libraries #57
Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #56
Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #55
Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #54
OCPBUGS-8683 : Add management workloads annotations #53
Updating ose-ibm-vpc-block-csi-driver-operator images to be consistent with ART #52
Full changelog
OCPBUGS-56065 : tech debt: rework vendor patches #50
OCPBUGS-53539 : bump github.com/golang-jwt/jwt/v4 to v4.5.2 #46
OCPBUGS-36011 : CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 #42
OCPBUGS-21451 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #27
OCPBUGS-12510 : UPSTREAM: 20: Bump (golang.org/x/net): to address CVE-2022-41723 #23
Updating ibm-vpc-node-label-updater images to be consistent with ART #22
Updating ibm-vpc-node-label-updater images to be consistent with ART #21
Updating ibm-vpc-node-label-updater images to be consistent with ART #20
Updating ibm-vpc-node-label-updater images to be consistent with ART #19
Full changelog
Update documentation #783
update DVO metrics example in the sample archive #777
OCPBUGS-14270 : Revert “Implement periodic gathering as a job in tech … #785
And 67 elided commits (e.g. from squash or rebase merges)
Full changelog
Binary should be compiled on rhel9 #89
Updating ironic-rhcos-downloader images to be consistent with ART #88
Updating ironic-rhcos-downloader images to be consistent with ART #87
Updating ironic-rhcos-downloader images to be consistent with ART #86
Updating ironic-rhcos-downloader images to be consistent with ART #85
Full changelog
OCPBUGS-30414 : update unit tests in egress/dns-proxy #173
OCPBUGS-10176 : 15143307: Updating openshift-enterprise-keepalived-ipfailover images to be consistent with ART #132
OCPBUGS-10163 : Updating openshift-enterprise-egress-router images to be consistent with ART #131
OCPBUGS-10181 : 15143312: Updating openshift-enterprise-egress-dns-proxy images to be consistent with ART #133
NE-1304 : container builds: switch to haproxy26 package #141
OCPBUGS-11385 : Removed chroot setting #137
egress: update owners #139
OCPBUGS-11595 : Revert “[NE-1267] container builds: switch to haproxy26 package” #138
egress/dns-proxy/Dockerfile: switch to haproxy26 package #136
OCPBUGS-10003 : Revert “bump RHEL8 egress-dns-proxy image to haproxy26” #134
Updating ose-egress-http-proxy images to be consistent with ART #130
Updating openshift-enterprise-base-rhel9 images to be consistent with ART #129
Updating openshift-enterprise-base images to be consistent with ART #128
Full changelog
NO-JIRA: Add DOWNSTREAM_OWNERS (release 4-14). #229
bump(*): vendor bump to sync with kubernetes fork #198
OCPBUGS-10153 : Updating ose-kube-storage-version-migrator images to be consistent with ART #194
Full changelog
OCPBUGS-23866 : deps, bump opentelemetry #38
OCPBUGS-21174 : Bump golang.org/x/net to v0.18.0 #37
OCPBUGS-30861 : Bump golang.org/x/net to v0.18.0 #36
OCPBUGS-19020 : Auto sync upstream 2023 09 15 20 36 #26
Auto sync upstream 2023 05 15 20 44 #22
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #21
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #20
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #19
Updating ose-kubevirt-cloud-controller-manager images to be consistent with ART #18
Full changelog
OCPBUGS-19926 : [release-4.14] Don’t force use of virtio console #269
OCPBUGS-18338 : Fix CI by running tests natively by default #261
Updating ose-libvirt-machine-controllers images to be consistent with ART #259
Updating ose-libvirt-machine-controllers images to be consistent with ART #258
Updating ose-libvirt-machine-controllers images to be consistent with ART #257
Updating ose-libvirt-machine-controllers images to be consistent with ART #254
Remove myself (frobware) from OWNERS #253
refactor: replace github.com/ghodss/yaml
with sigs.k8s.io/yaml
#252
Full changelog
OCPBUGS-57341 : Do not enable on-prem-resolv-prepender.path for UPI #5114
OCPBUGS-43743 : Soften haproxy timeout for kubeapi probe #4664
OCPBUGS-54228 : Update ObservedGeneration in KubeletConfig #4950
OCPBUGS-50631 : Add clarification to invalid maxUnavailable alert #4848
OCPBUGS-48801 : Wait for all subcontrollers #4808
OCPBUGS-46057 : Remove trailing periods from AWS provided hostnames #4747
OCPBUGS-45271 : Post upgrading from 4.14 to 4.15.36, the observedGeneration count increased tremendously #4725
OCPBUGS-42111 : Do not use ‘restart’ for ‘oneshot’ service #4622
MCO-1278 : Backport Telemetry to 4.14 #4672
OCPBUGS-43981 : Panic seen in CI job for MCC pod #4671
OCPBUGS-43980 : MCPs report wrong number of nodes when we move nodes from one custom MCP to another custom MCP #4673
OCPBUGS-37552 : On-Prem resolv prepender to watch for NM changes #4500
OCPBUGS-35322 : Decrease logs of haproxy #4405
OCPBUGS-32258 : Log network service output to console #4320
OCPBUGS-38371 : Revert “MCD-pull: run after network-online.target in Azure” #4526
OCPBUGS-37769 : Move StartLimitIntervalSec to Unit section #4521
OCPBUGS-30794 : Mount /run/nodeip-configuration into coredns containers #4253
OCPBUGS-37483 : Remove weights from ingress check script #4485
OCPBUGS-37738 : Openshift uncordoned compute-node that was intentionally cordoned #4502
OCPBUGS-36915 : Use NM’s dns-change event for resolv.conf #4473
OCPBUGS-37223 : Copy RHEL9 binaries used in HCP #4479
OCPBUGS-36776 : daemon: Handle correctly OS Version for 4.1 and 4.2 bootimages #4463
OCPBUGS-36593 : MCD-pull: run after network-online.target in Azure #4456
OCPBUGS-36356 : daemon/update: disable systemd unit before overwriting #4447
OCPBUGS-32472 : Delete state files on reboot only #4331
OCPBUGS-33590 : ovs-configure: fix vlan_parent
calculation #4361
OCPBUGS-34716 : If multiple hostnames are returned, use the first one for the Node name #4385
OCPBUGS-17658 : Controller pod is spamming unknown field “spec.dns.spec.platform” message #4383
OCPBUGS-33643 : Don’t error if the certs.d dir doesn’t exist yet #4362
OCPBUGS-32341 : Remove the condition for checking the multiple ovs-if-br-ex profiles #4325
OCPBUGS-27030 : Log network service output to console #4114
: OCPBUGS-31731: kubelet: restorecon necessary files on kubelet’s prestart #4307
OCPBUGS-32260 : fix: resources were in the wrong indentation level #4322
OCPBUGS-27108 : Add \n in cert_writer for old cert methods and skip cloudCA validation #4117
OCPBUGS-31487 : Prevent OVS-configuration to run before kdump #4291
OCPBUGS-29400 : Run resolv-prepender entirely async #4182
OCPBUGS-31681 : make verify should use MCO’s kube version #4305
OCPBUGS-30992 : add preferredduringscheduling annotation to kube-rbac-proxy-crio #4266
OCPBUGS-30872 : add static pods for rbacproxy #4258
OCPBUGS-30107 : annotate on-prem static pods for workload partitioning #4230
OCPBUGS-30225 : set nodeStatusReportFrequency #4242
OCPBUGS-29290 : AWS: Always persist the existing node name on 4.14 #4215
OCPBUGS-20039 : Add v6-primary dual stack support to VSphere UPI #3956
OCPBUGS-29457 : Add existing kubeletconfig/ctrcfg mc-name-suffix annotation #4187
OCPBUGS-26072 : Fix bootstrap with NTO Operator and duplicate MachineConfigs #4098
OCPBUGS-28379 : fix nodeStatusUpdateFrequency #4149
OCPBUGS-28384 : daemon: allow the user to override drains on IR changes #4150
OCPBUGS-27759 : Add Image Credential Provider flags for Kubelet on AWS #4144
[OCP 4.14] OCPBUGS-24660: daemon: Add support for new nmstate logic #4066
OCPBUGS-27178 : use *resource.Quantity to not automatically set 0 #4121
OCPBUGS-23089 : Don’t retry node-ip show in resolv-prepender #4022
OCPBUGS-27362 : Fix typo in AWS node env unit #4131
OCPBUGS-26500 : crio: drop automatic image cleanup on upgrades #4105
OCPBUGS-26559 : Azure Run ovs-configuration.service before dnsmasq.service #4109
OCPBUGS-26551 : kubelet: fix kubelet labels #4107
OCPBUGS-24596 : [release-4.14] execute cert related processes to ensure proper rotation #4063
OCPBUGS-24397 : gcp-routes: don’t exit on crictl failures #4056
OCPBUGS-20554 : Ensure gcp-routes hack for internalLB hairpin traffic works for SGW #3973
OCPBUGS-23474 : Use shorter IP label for keepalived VIP #4041
OCPBUGS-23208 : workaround nmstate bug by configuring ipv{4,6} addresses #4031
OCPBUGS-22275 : support icsp and idms objects #3995
OCPBUGS-22391 : Require a hostname override for AWS #4001
OCPBUGS-20418 : Introduce kubelet-dependencies.target and firstboot-osupdate.target #3967
OCPBUGS-20051 : Support to append the duplicate kernel arguments to the rendered MC #3957
OCPBUGS-21065 : Update library-go and k8s dependencies to latest version #3994
OCPBUGS-20025 : Consider ingress VIPs when selecting node IP #3951
OCPBUGS-21841 : CRI-O: Use 127.0.0.1 for stream server with random port #3984
OCPBUGS-20358 : dashboard should detect unknown and not ready for not ready dashboard #3966
OCPBUGS-19657 : After dual-stack conversion reconcile IPFamilies #3934
OCPBUGS-19430 : [release-4.14] resolv-prepender: avoid pulling baremetalRuntimeCfgImage again if it … #3925
OCPBUGS-19703 : Internal Registry Secrets merge causing excessive API calls #3941
OCPBUGS-19662 : fix merged image registry CA behavior #3937
OCPBUGS-19701 : Remove dependency on k8s.io/kubernetes packages #3940
OCPBUGS-19344 : Ignore invoking nbctl calls if its SDN #3928
OCPBUGS-19535 : daemon: always use podman cp
to copy extensions container content #3932
OCPBUGS-19357 : install: Recreate and delayed default ServiceAccount deletion #3920
OCPBUGS-9972 : Fix azure routes hack for ovnk pods towards internalLB on master nodes in SGW mode #3878
OCPBUGS-18442 : MCO is degraded if not install image registry operator #3901
OCPBUGS-18097 : ensure cconfig is not updated too frequently #3891
OCPBUGS-18086 : Quiet controller noisiness #3886
OCPBUGS-16035 : daemon: create /etc/systemd/network directory on node #3883
Revert “fix nodeStatusUpdateFrequency” #3887
OCPBUGS-17787 : Fix sysctl breaking dots in paths #3870
OCPBUGS-16733 : on-prem: run resolv-prepender on NM reapply event #3827
OCPBUGS-15583 : fix nodeStatusUpdateFrequency #3784
OCPBUGS-17810 : temporarily remove cert observability fields, add storageversionmigration for machineconfigpools,controllerconfig #3866
OCPBUGS-11832 : SSHkeys fails to write on upgrade to 4.13.rc3 #3810
MCO-564 : Make MCD aware of on-cluster builds #3848
MCO 566: MCO 662 Wire up productionalized BuildController in Machine OS Builder binary and choosing backend image builder #3861
MCO-605 : MCO-550: Remove Certificates from MachineConfig #3787
MCO-573 : Wire up security/trust/pull secrets between rpm-ostree and internal registry #3806
OCPBUGS-17701 : daemon: igmore mounting MCD pod content when target is “/” #3860
mcs: Use certwatcher #3744
MCO-729 : BuildController should allow cluster admins to provide a custom Dockerfile #3847
MCO-564 : Make NodeController aware of BuildController #3817
OCPBUGS-17568 : Agent-based install process the container machine-config-controller will be oom #3862
OPNET-343 : Restore node-ip for kubelet in dual-stack vSphere #3859
OCPBUGS-17683 replace .. with : on registry CA file paths #3854
operator: remove metrics related log #3855
MCO-565 : MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions. Deletes deployment rather than scale down to 0 without label #3834
MCO-588 : Update ignition spec to 3.4, disallow ignition KernelArguments for now #3814
OCPBUGS-17433 : Sync featuregate controller during the node config controller sync #3846
OCPBUGS-8938 : OCPBUGS-15202: MCO-555: kube-rbac-proxy addition #3663
MCO-654 : forcefile should always trigger an OS update #3790
OCPBUGS-14945 : add HostToContainer propagation to all hostPath volume mounts #3792
MCO-532 : Finish lease type migration #3842
OCPBUGS-13825 : The machine-config-controller pod restart in SNO+1 causing daemonsets to restart #3838
OCPBUGS-14965 : Run hostnamectl with systemd-run #3746
install: Fix dash-to-hyhen for 04_kube_rbac_proxy_config.yaml prefix #3837
OCPNODE-1714 : files: add skip_mount_home to storage.conf #3777
OCPBUGS-16227 : make sure sshKey are not emptied out on firstboot #3829
daemon: Two minor fixes for reexec #3835
daemon: Remove even more dead legacy OS update code #3820
MCO-552 : implement the ability for the MCO to handle image registry certificates #3770
OCPBUGS-17156 : daemon: Always replace binary #3832
Revert “daemon: Make binary writing idempotent” #3831
OCPBUGS-16921 : daemon: Make binary writing idempotent #3825
Revert “MCO-565: MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions” #3830
Revert “ add Passwd to bootstrap served ignition” #3828
OCPBUGS-15367 : The kubeconfig copied on to each node has 644 permissions #3808
MCO-597 : Remove the MCO’s dependency on journal reads #3822
fix certExpiry description #3823
OCPBUGS-16227 : add Passwd to bootstrap served ignition #3811
MCO-565 : MCO-568: MCO-659: MCO-660 On-cluster build opt-in function, building machine-os-builder stub, RBAC and service acct inclusions #3763
OCPNODE-1717 : Make cgroupsv2 default in OCP-4.14 #3789
OCPNODE-1655 : Apply node-cluster dashboard as a config map #3708
MCO-607 : MCO-237: Keep track of certs in ControllerConfigStatus #3756
MCO-687 : Fix metrics e2e test #3813
MCO-585 : MCO-569: MCO-563: MCO-586: Introduces BuildController #3731
MCO MCO-424: daemon: Remove old legacy OS update path #3583
MGMT-14843 : ovs-configuration service should copy the statically configured address even if the method isn’t manual. #3774
OCPBUGS-16128 : daemon: Copy matching binary to host, re-exec with it #3799
MCO-596 : Deprecate the login monitor #3791
kubevirt: Configure IPv6 arp proxy default gw #3780
operator: Stop mounting /etc/kubernetes/ca.crt #3730
OCPBUGS-15613 : Soften grep pattern for ingress default router #3775
Bug OCPBUGS-15233: OpenStack: fix IPv6 configuration #3785
OCPBUGS-11997 : Prevent NM from unsetting the hostname #3794
add wasm extension #3776
set MCO namespace on all events #3767
OpenStack: restrict IPv6 configuration #3781
Update 0000_90_machine-config-operator_01_prometheus-rules.yaml #3779
OCPBUGS-14674 : set pool alert back to zero in more default scenarios. #3733
OCPBUGS-10115 : update image to use golang-1.20 #3766
OCPBUGS-15728 : Fix machine config drifts when deploying with platform external #3773
faq: Talk about “no enabled repositories” #3772
OCPBUGS-14185 : change the message annotation to description #3721
OKD-174 : Dockerfile: OKD: Reenable extensions image on SCOS #3741
OCPBUGS-15575 : Dockerfile: pin to nmstate-2.2.9 #3769
OCPBUGS-10924 : Switch default SA to machine-config-operator #3740
trivial: Fix namespace for kube api server operator #3762
OCPBUGS-8403 Deleting SSH keys / password hashes should not degrade MachineConfigPool / node #3606
OWNERS: Update onwer list #3761
OCPBUGS-4820 : Controller version mismatch causing degradation during upgrades #3738
MCO-640 : Move all log functions to klog #3734
OCPBUGS-14399 : Minor fix to support protectKernelDefaults
field in Kubelet Config #3736
MCO-595 : Remove MCO’s pending config workflow #3700
OCPCLOUD-2010 : Re-vendor api and library-go for external platform support #3745
bootstrap: Clarify that “root ca” is really “MCS CA” #3728
add ipsec extension #3726
OpenStack: configure ipv6 addresses #3705
OCPBUGS-13656 : MCO-632: Update kube deps to 1.27.2 #3735
OCPBUGS-14612 : Improve logging for IPI deployments #3725
OCPBUGS-4370 : Add label to VIP via keepalived #3683
OCPBUGS-14793 : Allow userfaultfd syscall to be used by unprivileged users #3724
OCPBUGS-14272 : Race condition in TestMCDRotatesCertsOnPausedPool #3718
OCPBUGS-13547 : [OCPCLOUD-2034] Update Library-go and API for new featuregate changes #3688
OCPBUGS-2177 : MCO-634: add support for a node pool hierarchy #3505
OCPBUGS-13860 : Fix missing apiVersion and kind fields for embedded resources #3713
OCPBUGS-3176 : Disable global ipv4 and ipv6 forwarding for OVN deployments #3676
OCPBUGS-8447 : MCO-496: Support ignition versions 3.3 + 3.4 but keep version 3.2 as default #3576
OCPBUGS-13547 : Use payload-version flag to set release version consistently across components #3701
OCPBUGS-12885 : daemon: stop using nmstatectl persist-nic-names --inspect
on el9 #3685
OCPBUGS-11304 : daemon: event only on actual OS updates #3695
OCPBUGS-11652 : kubelet: add enableSystemLogQuery #3645
OCPBUGS-12980 : daemon: write certs in firstboot-complete path #3694
OCPBUGS-11670 : mcc_drain_err metric should not be served for removed nodes #3689
OCPBUGS-12456 : fix duplicate RotateKubeletServerCertificate setting #3686
OCPBUGS-12951 : daemon: Don’t traverse /run/ostree/auth.json
symlink #3691
OCPBUGS-11702 , OCPBUGS-4476 : keepalived/ingress: change healthcheck script #3441
OCPBUGS-11992 : ControllerConfig’s Proxy field should not be marked as embedded resource #3682
OCPBUGS-11162 : Do not trigger openshift-azure-routes/openshift-alibaba-routes service based on file existence #3643
OCPBUGS-10235 : Add quotes to variable with -z #3679
OCPBUGS-11280 : Fixing forcedns dispatcher script permission issue for assisted sno rhel9 upgrade #3648
OCPBUGS-7836 : The MCD has a non-functional pivot command that should be removed #3666
Test Revert “Block RHCOS gcp-routes service on both masters and workers” #3672
Accomodate ART limitation in parsing [[]] bash #3669
Block RHCOS gcp-routes service on both masters and workers #3619
OCPBUGS-10787 : Persist static IP addressed NIC names from rhel8 #3650
OCPBUGS-5356 : changed error handling so no runtime error #3651
OCPBUGS-4877 : End the operator’s “unknown field” logspam by marking controllerconfig embedded fields as embedded so they validate #3662
MCO-407 : add support for operator metrics #3537
Updating openshift-proxy-pull-test images to be consistent with ART #3593
OCPBUGS-4122 : Do not add deep nested scope to atomic transport #3653
OCPBUGS-10414 : Fix regex dot in coredns config file #3626
OCPBUGS-11092 : daemon: write certificate in OnceFrom and HyperShift #3654
remove container runtime flag #3640
OCPBUGS-4963 : Enable base nodeip-configuration for vsphere upi #3460
configure-ovs: would not retry on some errors #3625
OCPBUGS-10598 : Splitting NetworkManager-onprem.conf.yaml to 2 files: #3620
OCPBUGS-10379 : configure-ovs: support UUID in vlan.parent #3623
OCPBUGS-8676 : Fix kubelet.service node-ip for v6-primary dual-stack #3592
getPoolsForNode: Use constant MachineConfigPoolWorker instead of “worker” string #3635
MCO-423 : Adds OS image override test #3558
OCPBUGS-9969 : daemon: Drop duplicate --authfile
used in run
#3611
OCPBUGS-8446 : MCO-503: daemon: have a special path to sync in certs #3575
OCPBUGS-7559 : Remove hard requirement for the afterburn from early-running aws-related services #3585
Removing jstuever from OWNERS_ALIASES #3554
OCPBUGS-8113 : daemon: Only switchkernel if we are doing an OS update or kernel change #3600
OCPBUGS-9685 : daemon: Always remove pending deployment before we do updates #3599
Make OKD/SCOS Dockerfile regexes match again after rhel-coreos
image name change #3597
Switch to rhel-coreos (9) #3596
OCPBUGS-8113 : daemon: Make switchKernel less stateful #3580
OCPBUGS-8523 : Revert “daemon: Temporarily copy auth file with more open perms on FCOS” #3591
Update library go to promote AWS CCM to out of tree #3590
machineconfigpool: Clarify status.configuration
description #3371
daemon: Remove noisy log message #3588
OCPBUGS-5872 : Wrap podman commands in a while loop #3581
configure-ovs: permanent retry on failure #3544
OCPNODE-1495 : Default the cgroup version to “v1” via base template controller #3563
OCPBUGS-1662 : mcd_update_state metric should have a single time-series per node #3571
Full changelog
OCPBUGS-54171 : Change rhcos release browser url #59
Force rebuild of CI image #31
Fix condition check for logging #29
Force updating main rhcos image to version 414.92.202303281555-0 #28
Updating ose-machine-os-images images to be consistent with ART #26
Full changelog
OCPBUGS-58763 : Bump github.com/golang/glog to v1.2.4 #105
OCPBUGS-42048 : Update owners #91
OCPBUGS-21372 : Update go.mod for CVE-2023-39325 [Release-4.14] #71
OCPBUGS-12640 : Bump golang.org/x/net from 0.0.0-20211209124913-491a49abca63 to 0.7.0 #67
Updating ose-multus-admission-controller images to be consistent with ART #65
Updating ose-multus-admission-controller images to be consistent with ART #64
Updating ose-multus-admission-controller images to be consistent with ART #62
Updating ose-multus-admission-controller images to be consistent with ART #57
Full changelog
OCPBUGS-48160 : [backport 4.14] Adds a wait to account for the possiblity of a not ready unix socket #262
OCPBUGS-35578 : Update owners file #243
OCPBUGS-33478 : Fix CNI cache update function to prevent nil access #232
OCPBUGS-26331 : Fix SAST scan issues for multus-cni-container [4.14] #220
OCPBUGS-21099 : Update go.mod for CVE-2023-39325 [Release-4.14] #194
OCPBUGS-19860 : Multus annotation permissions: Certificate duration should be configurable [backport 4.14] #192
OCPBUGS-19679 : Move chroot from multus main process to its child processes #189
OCPBUGS-19375 : Per node certification cherry-pick #185
OCPBUGS-19074 : Performance and efficiency improvements in daemon/server mode #181
Use container base image’s /etc/os-release to copy multus binary #179
Change /usr/src/multus-cni/bin to rhel8 based one #178
Cherry pick upstream fix #177
Upstream sync 202308 #176
This change introduces wait to generate config until API is ready #175
Upstream sync to 202307, 99c4481 #168
Add rhel9 binary for multus #173
OCPBUGS-13815 : Fix multus to support CNI plugin which does not create interface #162
OCPBUGS-12519 : Bump golang.org/x/net from 0.1.0 to 0.7.0 (#1039) #160
Updating multus-cni images to be consistent with ART #159
Updating multus-cni images to be consistent with ART #158
Updating multus-cni images to be consistent with ART #157
Updating multus-cni images to be consistent with ART #148
Multus entrypoint should regenerate kubeconfig if secret changes #153
Full changelog
Update owners (#62) #62
Update vendor package (#40) #40
OCPBUGS-21454 : Update go.mod for CVE-2023-39325 (#33) #33
OCPBUGS-974 : Sync upstream (#30) #30
Updating multus-networkpolicy images to be consistent with ART (#27) #27
Updating multus-networkpolicy images to be consistent with ART (#26) #26
Updating multus-networkpolicy images to be consistent with ART (#25) #25
Updating multus-networkpolicy images to be consistent with ART (#24) #24
Full changelog
OCPBUGS-42049 : [release-4.15]Update owners #60
15393552: Updating ose-multus-route-override-cni images to be consistent with ART #47
15393552: Updating ose-multus-route-override-cni images to be consistent with ART #45
Revert ART changes to fix rhel9 base binary #44
Updating ose-multus-route-override-cni images to be consistent with ART #43
Fix Dockerfile to use rhel9 #42
Updating ose-multus-route-override-cni images to be consistent with ART #41
Add rhel9 binary #40
Updating ose-multus-route-override-cni images to be consistent with ART #36
Updating ose-multus-route-override-cni images to be consistent with ART #35
Updating ose-multus-route-override-cni images to be consistent with ART #34
Updating ose-multus-route-override-cni images to be consistent with ART #33
Full changelog
OCPBUGS-55620 : Fixes leftover podref issue #367
OCPBUGS-42047 : Update owners #311
OCPBUGS-37815 , OCPBUGS-37817 : [release-4.14] align api calls timeout and skip pods marked for deletion #309
OCPBUGS-36722 : Return previous IP allocation for add cmd #296
OCPBUGS-35263 : Use IP to identify orphaned allocation to be deleted #289
OCPBUGS-27858 : Enable reconciler configuration 4.14 #240
OCPBUGS-26553 : Cherry pick fix assignment 4.14 #230
OCPBUGS-21518 : update golang.org/x/net to v0.17.0 #207
Bug 16002 : Change default binary to RHEL8 image #172
OCPBUGS-15905 : Denormalize IP name before checking if pod is alive [Backport 4.14] #167
Bug 16136 : Introduce entrypoint.sh to call ip-control-loop based on RHEL ver #147
Downstream sync july23 #137
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #150
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #149
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #148
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #146
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #143
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #142
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #141
Restores RHEL specific binary copy and updates to rhel9/8 #140
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #136
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #130
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #129
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #128
OCPBUGS-11324 : respect requested allocation range when exluding ranges [backport 4.14] #121
Upstream sync 2023 03 29 #119
Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART #115
Full changelog
OCPBUGS-42971 : Collect etcd object count #457
OCPBUGS-48084 : Update owners #475
OCPBUGS-48058 : Support gathering IPsec data #472
OCPBUGS-43058 : [Backport 4.14] Multus is now a Pod and will be captured by normal #451
OCPBUGS-20429 : Revert “Add must gather script for network observability” #391
OCPBUGS-20354 : Removed workload partitioning annotation from ppc script #388
Use oc get daemonset to identify the NTO image #378
OCPBUGS-17907 : Revert “Added gathering script for SNOs with workload partitioning” #376
Split gather_network_logs into basics and extras #375
Added gathering script for SNOs with workload partitioning #373
Add csi-proxy logs collection in must-gather for Windows nodes #374
SDN-3687 : Support gathering DBs for OVNK-Interconnect mode #370
Collect information relevant to PerformanceProfile and low latency tuning #345
gather_network_logs: multus: Fix typo in error redirection #371
Collect leases.coordination.k8s.io from each namesapce #366
Create a generic “get_operator_ns” util function #368
Assert that only one subscription exists #367
MCO-608 : Gather MCO’s on-disk configs from degraded nodes #361
Gather ostree related bits #353
OCPBUGS-14984 : Collect Mellanox firmware information #365
OCPBUGS-14025 : Add gather_vsphere #363
NETOBSERV-987 : Add must gather script for network observability #357
Updating ose-must-gather images to be consistent with ART #358
OCPBUGS-10798 : Gather CSIStorageCapacity objects #356
OCPBUGS-11147 : network_logs: Gather multus resource yamls for namespaces #354
Updating ose-must-gather images to be consistent with ART #352
Full changelog
Add rhel9 binary #57
Updating ose-network-interface-bond-cni images to be consistent with ART #54
OCPBUGS-12327 : Updating ose-network-interface-bond-cni images to be consistent with ART #52
Updating ose-network-interface-bond-cni images to be consistent with ART #51
Updating ose-network-interface-bond-cni images to be consistent with ART #50
OCPBUGS-11190 : Ignore missing links during delete command #48
Update owners file #46
Align with upstream 14-04-2023 #45
Updating ose-network-interface-bond-cni images to be consistent with ART #44
Full changelog
OCPBUGS-58778 : Bump github.com/golang/glog to v1.2.4 (#115) #115
OCPBUGS-60394 : Replace e2e test image (#128) #128
swtich golint install method (#127) #127
Correct 4.16 owners file (#100) #100
Added METRIC_TEST_IMAGE var (#88) #88
Update the k8s dependencies to 1.27.7 (#82) #82
OCPBUGS-16594 : Update the dependencies to 0.27 (#79) #79
Revert “Remove e2e tests that consistently fail in 4.13 (#65)” (#76) #65
Updating ose-network-metrics-daemon images to be consistent with ART (#73) #73
Updating ose-network-metrics-daemon images to be consistent with ART (#72) #72
Updating ose-network-metrics-daemon images to be consistent with ART (#71) #71
Updating ose-network-metrics-daemon images to be consistent with ART (#70) #70
Full changelog
OCPBUGS-31862 : replace wireshark with wireshark-cli #122
OCPBUGS-22172 : Move commands to the function to avoid them being executed on -h. #94
OCPBUGS-20520 : Update scripts in network-tools to reflect the changes in IC model #92
ovn-db-run-locally: gracefully handle non-clustered dbs #84
Updating ose-network-tools images to be consistent with ART #81
Updating ose-network-tools images to be consistent with ART #78
Updating ose-network-tools images to be consistent with ART #76
Full changelog
changes the owners file (#1013) #1013
OCPBUGS-48513 : e2e: use same version of crane as in go.mod (#1023) #1023
Bump version to include v5.11.0 of go-git (#822) #822
Fix to ensure operator not found error exits with correct status (#797) #797
OCPBUGS-28871 : Capability to override default channel (#749) (#790) #749
OCPBUGS-19429 : Fix cross EUS channel upgrade path calculation (#769) #769
OCPBUGS-23327 : Fix MirrorToDisk of oci catalogs in hidden folders (#766) #766
skipping prune failure if manifest not found (#735) #735
OCPBUGS-21472 : fix: CVE-2023-39325 (#711) #711
Fixes HTTP 401 issues when several catalogs are being mirrored and need to be rendered using operator-registry (#704) (#706) #704
Fix OCPBUGS-17546: pod catalogsource generated by oc-mirror will crashloopBackOff randomly (#699) #699
OCPBUGS-17545 : Improve extracting opm binary from catalogs (#676) #676
OCPBUGS-7465 : Fix 401 Unauthorized due to stale auth token (#678) #678
Fix OCPBUGS-14402 - case where catalog is on a mirror from registries.conf (#682) #682
OCPBUGS-17998 : fix: ICSP with incorrect mirror path (#681) #681
OCPBUGS-17714 : Ensure errors are nil before closing registry to avoid… (#680) #680
CFE-825 : As a oc-mirror user, I would like mirrored operator catalogs to have valid caches (#651) #651
CFE-902 feat: removes go workspace due to incompatibility on ART builds (#672) #672
CFE-902 feat: adds go workspace to support multi-module (#670) #670
add go.mod files to testdata directories (#669) #669
fixing oc-mirror version
when run from read-only fs (#660) #660
Make local storage port configurable via command line (#668) #668
Fix unit tests for local storage collector implementation (#667) #667
CFE-904 : Create AdditionalImage Collector implem. based on registry as localStore (#666) #666
v2 initial commit (#664) #664
OCPBUGS-13871 docs: changes the help message for oci-registries-config flag (#663) #663
OCPBUGS-11754 : add cleanup of /tmp directories (#655) #655
CFE-875 : Unlock MirrorToDisk and DiskToMirror workflows for local oci catalogs (#662) #662
Fix OCPBUGS-15329 - OCI index found, but accept header does not support OCI indexes (#658) #658
Enable mirroring of the multi release image (#657) #657
revendor to the latest oc (#656) #656
Replacing the hard coded path with graphDataMountPath (#585) #585
CFE-859 : Removing flag use-oci-feature starting release-4.14 (#622) #622
CFE-783 : A variety of changes needed for correct operation with multi architecture catalogs (#611) #611
MULTIARCH-3440 : refine multiarch support for test-unit and test-e2e using dockerfile and add ppc64le build to Makefile (#624) #624
Add ImageSetConfig examples (#610) #610
OCPBUGS-13871 : fix: changes on help info content (#653) #653
OCPBUGS-588 : minVersion in ImageSetConfiguration seems to be ignored (#603) #603
Fix OCPBUGS-14194 (#649) #649
Fix OCPBUGS-14402 (#652) #652
OCPBUGS-13332 : Create rfc 1035 compliant catalog source name (#636) #636
fix validateMapping OCPBUGS-13962 (#640) #640
adds Jeremy Peterson to OWNERS file (#644) #644
Chore: Remove Ross from OWNERS (#639) #639
OCPBUGS-13762 : make addRelatedImageToMapping multithreaded (#638) #638
Fix OCPBUGS-11840: ParseImageReference supports cases where both tag and digest are present in a ref (#633) #633
OCPBUGS-11922 : paths not needed in ICSPBuilder interface (#634) #634
OCPBUGS-11910 , OCPBUGS-11922 : Limit the nested repository path while mirroring the images (#623) #623
CFE-658 : Implementation of filtering by channel for OCI catalog (#627) #627
OCPBUGS-4959 : oc-mirror error on second synchronisation with no change (#605) #605
Deprecate –use-oci-feature in favor of –include-local-oci-catalogs (#620) #620
Updating oc-mirror-plugin images to be consistent with ART (#619) #619
Update OWNERS for CFE team (#614) #614
Revert adding ‘–cache-dir /tmp/cache’ to catalog images (#613) #613
OCPBUGS-11371 : fix: skips bundles with ‘skips’ field on head bundle (#608) #608
fix: work around OCPBUGS-6741 by explicitly setting –cache-dir (#604) #604
OCPBUGS-2633 : Fix (#601) #601
OCPBUGS-7845 fix: changes the way the version is shown (#599) #599
OCPBUGS-10348 fix: changes to include the registry path (#600) #600
OCPBUGS-1060 fix: changes confusing error message (#598) #598
Fix OCPBUGS-8156: Upgrade to containerd v1.6.18 (#593) #593
Bugfix check imagesetconfig for valid oci protocol when oci feature is used (#573) #573
Remove “unsupported” wording from info on console (#577) #577
Fix OCPBUGS-5168: Upgrade helm.sh/helm/v3 to v3.11.2 fixing CVE-2022-23526 and CVE-2022-23525 (#580) #580
OCPBUGS-10051 : fix: remove catalog reference from ImageContentSourcePolicy.yaml (#586) #586
Updating oc-mirror-plugin images to be consistent with ART (#575) #575
Bugfix for destination registry nested paths length (#572) #572
fix extract dir for cincinnati-graph-data container (#582) #582
OCPBUGS-8216 : fix: remove an unecessary error message (#579) #579
docs: add information about unsupported scenario (#574) #574
Full changelog
: OCPBUGS-27680,OCPBUGS-27595: UPSTREAM: <carry>: Update go-git to v5.11.0 #73
OCPBUGS-23358 : [release-4.14] Address http2 vulnerability #53
OCPBUGS-21379 : Bump golang.org/x/net from 0.15.0 to 0.17.0 #39
OCPBUGS-16793 : openshift/Dockerfile: exclude unpack binary from FIPS build overrides #33
Rename downstream overlay from service-ca-operator to openshift #32
UPSTREAM: <carry>: add manifests to image #31
Makefile,manifests: Add skeleton of default rukpak resources #18
Introduce barebones build and unit testing GH actions #14
Skeleton - k8s provisioner #7
update README to include latest APIs #5
Introduce a sanity github action check #3
Init API defs #1
Add barebones OWNERS file #2
And 464 elided commits (e.g. from squash or rebase merges)
Full changelog
OCPBUGS-57940 : Set node-pullsecrets volume to read-only to protect image pull credentials #398
OCPBUGS-56951 : Empty proxy variables are causing issues during the build #386
OCPBUGS-48480 : Add team members to the OWNERS file #360
NO-JIRA: cleanup root and app OWNERS #349
OCPBUGS-32869 : replaces deprecated square/go-jose wtih go-jose/go-jose #342
OCPBUGS-41951 : Add adambkaplan as approver #334
[release 4.14] OCPBUGS-33288: Update opentelemetry dependency #295
OCPBUGS-28950 : Replace ‘coreydaley’ with ‘sayan-biswas’ in OWNERS file #286
OCPBUGS-18980 : Disable Build and DeploymentConfig Informers if their caps are disabled #271
use constant controller names #265
OCPBUGS-16071 : Updating Kubernetes and other associated dependencies #263
update runtime-utils for idms migrations #243
OCPBUGS-14461 : Kubernetes 0.27 #261
Updating ose-openshift-controller-manager images to be consistent with ART #260
Updating ose-openshift-controller-manager images to be consistent with ART #259
Updating ose-openshift-controller-manager images to be consistent with ART #258
Updating ose-openshift-controller-manager images to be consistent with ART #253
OCPBUGS-10588 : mount build.Spec.Source.ConfigMaps for custom builder images #254
Add Divyanshu Agrawal as a reviewer #256
Full changelog
OCPBUGS-35337 : Correct out-of-bounds check #173
OCPBUGS-34792 : Make Cinder CSI Driver Topology feature configurable #162
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #153
OCPBUGS-26460 , OCPBUGS-26461 : [release-4.14] CVE-2023-45142,CVE-2023-47108: bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.46.1 #156
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #142
OCPBUGS-21573 : CVE-2023-44487: bump golang.org/x/net to v0.17.0 #135
STOR-1436 : Restart openstack-cinder-csi-driver-controller
Pods if metrics-serving-cert changed #128
Remove Dockerfile.rhel7 #126
Configure User Agent #123
OCPBUGS-16654 : Revert revert “STOR-1065: Rework sidecar bindings to b… #119
OCPBUGS-16783 : Chore: Update OWNERS and OWNERS_ALIASES #121
OCPBUGS-16526 : Bump library-go to remove dependency on goproxy #122
OCPBUGS-16678 : Fix SCC admission failure race during initial deployment #120
Revert “STOR-1065: Rework sidecar bindings to bind common ClusterRoles” #118
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #117
OCPBUGS-14824 : Bump cinder-csi-driver-operator library-go #116
STOR-1168 : Bump common libraries #115
Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #113
OCPBUGS-12651 : Bump golang.org/x/net@v0.9.0 #114
Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #112
Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #111
OSASINFRA-3000 Prefer a Cinder CSI-specific config map #82
OCPBUGS-8683 : Add management workloads annotations #109
Updating ose-openstack-cinder-csi-driver-operator images to be consistent with ART #108
Full changelog
OCPBUGS-32428 : Ensure portSecurity is correctly set in the Instance Ports #109
OCPBUGS-23202 : Don’t build InstanceSpec during delete operations #95
Bug OCPBUGS-18806: Set controller’s SyncPeriod to 1 hour #81
Bump CAPO to match branch release-0.7 #80
Configure User Agent #75
Update README #77
OCPBUGS-16586 : Bump goproxy #74
Rework how we build the container image #76
go.mod: Upgrade Gophercloud to v1.5.0 #73
OSASINFRA-3063 : Bump CAPO to v0.7.2 #72
Updating ose-machine-api-provider-openstack images to be consistent with ART #70
Updating ose-machine-api-provider-openstack images to be consistent with ART #69
Updating ose-machine-api-provider-openstack images to be consistent with ART #68
OCPBUGS-8687 : machineset_controller: Stop caching clouds credentials #63
OCPBUGS-2153 : Use TenantID if ProjectID is empty #61
Updating ose-machine-api-provider-openstack images to be consistent with ART #60
Full changelog
OCPBUGS-61469 : [release-4.14] Add NetworkPolicy as a supported kind #1052
OCPBUGS-61390 : [4.14] e2e stability fixes #1085
OCPBUGS-46927 , OCPBUGS-46934 , OCPBUGS-47314 : x/net bump to v0.34.0 [release-4.14] #941
OCPBUGS-46595 : CRD upgrade existing CR validation fix (#3442) #921
OCPBUGS-45080 : SSA for Services and ClusterRoleBindings #905
OCPBUGS-42828 : add optional schema migrations; default to olm.bundle.object instead of olm.csv.metadata #878
OCPBUGS-41872 : Fix e2e flake: upgrade CRD with deprecated version #865
OCPBUGS-42150 : (fix) registry pods do not come up again after node failure (#3366) #872
OCPBUGS-42017 : adds paginating lister for evaluating CRs’ upgrade fitness versus new CRDs. #869
OCPBUGS-38544 : (fix) Resolver: list CatSrc using client, instead of referring to registry-server cache (#3349) #842
OCPBUGS-36949 : [CARRY] perform operator apiService certificate validity checks directly #821
OCPBUGS-37016 : Bump github.com/containers/image/v5 #824
OCPBUGS-36452 : Can’t install operator on 4.15 after uninstalling it on a prior version #811
OCPBUGS-31969 , OCPBUGS-31970 : UPSTREAM: <carry>: update golang.org/x/net for CVE-2023-45288 #787
OCPBUGS-35230 : Unblock CI #771
OCPBUGS-33356 : UPSTREAM: <carry>: bump go-jose #743
OCPBUGS-30775 : [4.14] bump grpc to 1.60.1, reconnect idle connections (#3147) #715
OCPBUGS-29192 : [release-4.14]: Clear (existing) error cond from Subscription, once error resolved #686
OCPBUGS-29194 : Retry failing unpack jobs #689
NO-ISSUE: [release-4.14] Backport e2e fixes to 4.14 #674
OCPBUGS-27314 : Don’t sync namespaces that have no subscriptions #675
OCPBUGS-27565 , OCPBUGS-27570 , OCPBUGS-27650 , OCPBUGS-27655 : bump go-git/v5 to 5.11.0 #677
OCPBUGS-27485 : [CARRY] SSC RBAC #665
OCPBUGS-22538 : bump otelhttp to 44.0 for api #647
OCPBUGS-22538 : otelhttp bump [release-4.14] #632
OCPBUGS-20829 : [releaser-4.14] Fix apiserver vulnerability #608
OCPBUGS-23212 : Do not derive installplan.spec.clusterServiceNames from bundle IDs #607
OCPBUGS-18904 : [release-4.14] Improve Leader Election Hand Off #605
OCPBUGS-23508 : [release-4.14] Use generated namespaces in e2e tests #614
OCPBUGS-20400 : Add OLMConfig API to control package server sync interval [release-4.14] #582
OCPBUGS-19789 : Backport OCPBUGS-14698: Rename ClusterRoles created by OperatorGroups [release-4.14] #566
OCPBUGS-22134 : [release-4.14] Bump golang.org/x/net to v0.17.0 #587
OCPBUGS-17950 : Make packageserver wakeup interval configurable #555
scripts/bumper: automate pushing changes and creating PRs #550
OCPBUGS-17157 : scripts: add a Go-based bumper, sync upstream #534
Add ncdc to DOWNSTREAM_OWNERS #539
OPRUN-3022 : Add support for make verify to sync script #537
Add tmshort to owners #535
fix the manifests generation #533
Sync 2023 08 04 #532
OCPBUGS-17157 : sync #531
OCPBUGS-17157 : operator-registry: cherry-pick to be up-to-date #526
OCPBUGS-17157 : cmd/package-server-manager: add pprof endpoints #527
OPRUN-3021 : Improve README #529
OPRUN-2913 : Sync api, operator-registry, operator-lifecycle-manager downstream #510
OPRUN-2913 : Add DOWNSTREAM_OWNERS #520
OCPBUGS-10178 : Updating operator-lifecycle-manager images to be consistent with ART #470
Allow cpb to be statically compiled / exempt from FIPS compliance #511
update verification script to work across non-standard bash location #505
OCPBUGS-13128 : Retry initialization error conditions (#2979) #502
Updating operator-registry images to be consistent with ART #495
OCPBUGS-13526 : fix dynamic conversion webhook #490
OPRUN-2995 : Remove dependency on cluster policy controller in favor of hardcoding #498
OPRUN-2941 : update cluster-policy-controller dependency #494
OCPBUGS-13789 : downstream y-streams-for-all semver template changes. #489
OCPBUGS-1684 : Optimize certificate generation #486
METAL-575 : Revert “Mutate service monitor manifests to include tlsConfig cert an… #478
OPRUN-2892 : Update service-monitor tls config #368
OCPBUGS-6016 : UpdateStrategy RegistryPoll with nil Interval #468
OCPBUGS-7910 : Sort channels in lexicographical order in Packagemanifestst (#2925) #476
OCPBUGS-7431 : Registry Pod Controller Flag #460
Update sync script #472
OPECO-2737 : Veneer template rename #461
fix pop_candidate script #467
Updating operator-registry images to be consistent with ART #469
OPECO-2646 : exclude bundles with olm.deprecated
property when rendering #463
Full changelog
15143237: Updating ose-ovirt-machine-controllers images to be consistent with ART #174
Full changelog
OCPBUGS-36095 : Fix CVE-2024-6104 by updating http-retryable to 0.7.7 #90
OCPBUGS-33637 : Fix CVE2023-45288 by bumping x/net to v0.24.0 - 4.14 #81
OCPBUGS-25980 : Rebase with upstream: Fix snyk code issue: Path Traversal #72
OCPBUGS-24713 : synk: ignore vendor dir #60
OCPBUGS-21112 : CVE-2023-39325 - Update net dependencies - 4.14 #51
cherry-pick: Improve delete device failure logs in driver node #48
OCPBUGS-17309 : Updated golang.org/x/net/html dependency. #43
Rebase with upstream: v0.4.0 changes #42
Rebase: upgrading go modules #40
Rebase with upstream: reduce multipathd usage (OCPBUGS-16878) #39
Rebase with upstream: removed panic and some cleanup #38
Rebase with upstream #37
Package device-mapper-multipath added #36
Merging upstream code with downstream #33
OCPBUGS-12922 : Updated net dependencies #29
OCPBUGS-12716 : Updating ose-powervs-block-csi-driver images to be consistent with ART #30
Updating ose-powervs-block-csi-driver images to be consistent with ART #26
Full changelog
OCPBUGS-25657 : Add annotation to CSI driver Pod preventing eviction from the cluster-autoscaler #58
OCPBUGS-25715 : snyk: ignore vendor dir #60
OCPBUGS-23078 : CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 #48
OCPBUGS-21203 : CVE-2023-39325 - Update net dependencies - 4.14 #40
Update OWNERS add yussufsh #44
STOR-1438 : Restart controller Pods if metrics-serving-cert changed #36
OCPBUGS-16531 : Upgraded openshift/library-go to remove indirect references to goproxy. #35
OCPBUGS-16654 : Rename sidecar binding RBACs #32
OCPBUGS-16783 : Chore: Update OWNERS #33
STOR-1065 : Rework sidecar bindings to bind common ClusterRoles #31
OCPBUGS-14824 : Bump ibm-powervs-block-csi-driver-operator library-go #30
OCPBUGS-12925 : Updated net dependencies #26
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #25
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #24
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #23
Adding storage team to OWNERS so they can perform lib-go updates. #21
OCPBUGS-8683 : Add management workloads annotations #20
Updating ose-powervs-block-csi-driver-operator images to be consistent with ART #19
Full changelog
OCPBUGS-36105 : UPSTREAM: <carry>: Fix go-retryablehttp CVE 4.14 #75
OCPBUGS-24727 : UPSTREAM: <carry>: snyk code scan exclude vendor directory #54
OCPBUGS-21299 : CVE-2023-39325 - Update net dependencies - 4.14 #45
UPSTREAM: <carry>: Add check for valid Power VS instance id #42
Manual rebase to k8s 1.27 and go 1.20 #40
Revert images golang 1.18 #38
Updating ose-powervs-cloud-controller-manager images to be consistent with ART #37
Revert build_image to the one currently specified in release repo #36
OCPBUGS-12921 : Updated net dependencies #33
Updating ose-powervs-cloud-controller-manager images to be consistent with ART #31
Updating ose-powervs-cloud-controller-manager images to be consistent with ART #30
Full changelog
Bump openshift/prom-label-proxy to v0.7.0 #356
OCPBUGS-12293 : Update 4.14 prom-label-proxy image to be consistent with ART #355
Updating prom-label-proxy images to be consistent with ART #353
Full changelog
OCPBUGS-43670 : fix(discovery): Handle cache.DeletedFinalStateUnknown … #239
OCPBUGS-22531 : bump otel dependencies #183
OCPBUGS-21262 : update golang.org/x/net to v0.17.0 [4.14] #176
Bump openshift/prometheus to v2.46.0 #167
Bump openshift/prometheus to v2.45.0 #166
Bump openshift/prometheus to v2.44.0 #164
Dockerfile.ocp: update note about UI assets after switching to embed #165
OCPBUGS-12996 : Add missing assets after manual merge #162
OCPBUGS-12825 : Updating golang-github-prometheus-prometheus images to be consistent with ART #160
Bump openshift/prometheus to v2.43.0 #158
Updating golang-github-prometheus-prometheus images to be consistent with ART #156
Full changelog
OCPBUGS-30015 : fix: convert continue
field between v1beta1 and v1alpha1 #279
OCPBUGS-20881 : fix: disable HTTP2 connections by default #253
OCPBUGS-20881 : Bump golang.org/x/net to v0.17.0 #247
Bump openshift/prometheus-operator to v0.67.1 #240
Bump openshift/prometheus-operator to v0.67.0 #239
OCPBUGS-14466 : bump openshift/prometheus-operator to v0.66.0 #236
OCPBUGS-14033 : cmd/prometheus-config-reloader: add SIGTERM handler #234
OCPBUGS-1626 : [bot] Bump openshift/prometheus-operator to v0.65.1 #233
OCPBUGS-12324 : Update 4.14 prometheus-config-reloader image to be consistent with ART #230
Updating prometheus-operator images to be consistent with ART #229
Updating prometheus-config-reloader images to be consistent with ART #227
Updating prometheus-operator-admission-webhook images to be consistent with ART #226
Updating prometheus-config-reloader images to be consistent with ART #225
OCPBUGS-10109 : Updating openshift-state-metrics images to be consistent with ART #221
OCPBUGS-10137 : Updating openshift-state-metrics images to be consistent with ART #222
Updating prometheus-operator images to be consistent with ART #220
Full changelog
OCPBUGS-21162 : (4.14) upgrade golang.org/x/net to v0.17.0 #134
Bump openshift/node_exporter to v1.6.1 #130
OCPBUGS-12714 : Bump openshift/node_exporter to v1.6.0 #129
OCPBUGS-12507 : Upgrade golang.org/x/net to v0.10.0 to fix the CVE #128
Updating golang-github-prometheus-node_exporter images to be consistent with ART #122
Updating golang-github-prometheus-node_exporter images to be consistent with ART #120
Full changelog
OCPBUGS-21576 : bump(k8s,openshift) to address CVE-2023-44487 [4.14] #34
refactor route controller manager to use library-go server and ControlerCommand for generic setup #28
add dummy flags needed for a switch to library-go server and ControlerCommand #29
Revert “[WRKLDS-730] refactor route controller manager to use library-go server and ControlerCommand for generic setup” #25
refactor route controller manager to use library-go server and ControlerCommand for generic setup #22
WRKLDS-700 : bump(k8s) to v0.27.1 #21
Updating ose-route-controller-manager images to be consistent with ART #19
Updating ose-route-controller-manager images to be consistent with ART #18
Updating ose-route-controller-manager images to be consistent with ART #17
Full changelog
OCPBUGS-34830 : fix issuer check during JWT authentication 4.14 #539
OCPBUGS-32888 : update gopkg.in/square/go-jose.v2 to fix CVE-2024-28180 #535
OCPBUGS-22647 : go.mod: bump go.opentelemetry.io/contrib/instrumentation/net/http/ote… #494
OCPBUGS-21349 : [release-4.14]: Bump golang.org/x/net to v0.17.0 #484
OCPBUGS-16397 : Nutanix OCP cluster telemetry data “host_type” shows “virt-unknown” #474
chore: bump github.com/prometheus/prometheus to v0.45.0 #475
: fix mtls secret generation #473
Revert wrong cert name change of #455 #472
: add secret for external mtls connection #470
MON-3230 : Add TLS auth to telemeter-client #455
jsonnet: Add config to support rhelemeter #468
Improve debug roundtripper logs #467
Fix integration test documentation #461
Fix path benchmark #466
Add RHEL POC server #465
OCPBUGS-12345 : tools: update to golangci-lint v1.51 #464
OCPBUGS-12678 : Update golang.org/x/net to lastest version #462
add thibaultmg in OWNERS file #459
Update OWNERS #456
Use receive handler logger #450
OCPBUGS-10169 : Updating telemeter images to be consistent with ART #452
Filter noisy logs from TCP probes #453
Add douglascamata
as reviewer and approver #454
Full changelog
OCPBUGS-61233 : images/tests: Remove rteval #30208
OCPBUGS-55747 : [build] Ensure Git Clone Does Not Run Privileged #29758
OCPBUGS-54770 : Fix egress firewall tests by updating the URL from docs.openshift.com to redhat.com #29665
OCPBUGS-52583 : Use payload pullspec for image info test #29591
OCPBUGS-51363 : Disable:Broken for [sig-builds][Feature:Builds][Slow] can use private repositories as build input build using an HTTP token should be able to clone source code via an HTTP token #29567
OCPBUGS-51044 : Add/remove team members to the OWNERS file for Builds #29554
OCPBUGS-44107 : Adjust createDNSPod() to support hypershift dual-stack test #29256
OCPBUGS-39137 : Bump timeout for the pod-network-service endpoints check #29062
OCPBUGS-38365 : add Proxy config #28998
OCPBUGS-36800 : Removes dependency on samples operator images #28952
#28775 FIX [release-4.14] OCPBUGS-33367: monitor test fix to wait before connecting to a non-existent dns on PowerVS and IBMCloud platforms #28792
#28745 FIX [release-4.14] OCPBUGS-33022: update egressFWTestE2E image which contains ping binary #28899
OCPBUGS-36464 : test/extended: skip etcd leader change check on hypershift #28921
OCPBUGS-35475 : Use centos7 tag instead of latest for cmd images tests #28881
OCPBUGS-33417 : Provide SCC access via RBAC #28806
OCPBUGS-33563 : Adjust the method of get the apiServer (release-4.14) #28763
OCPBUGS-29970 : Do not assume there is just a single kubelet systemd service #28620
OCPNODE-2101 : add kube-rbac-proxy-crio toleration change #28647
OCPBUGS-29928 : Only extract node role from properly formatted node-role label #28616
OCPBUGS-29182 : updated timeout to 3 seconds to account for network timing issues #28578
OCPBUGS-29034 : Replace ‘coreydaley’ with ‘sayan-biswas’ #28574
OCPBUGS-26044 : Adding test case for when exceed openshift.io/image-tags will ban to … #28493
OCPBUGS-21774 : backport #28316 to 4.14 release #28335
Revert “[release-4.14] OCPBUGS-22720: Use Centos 8 Stream mysql image in tests” #28368
OCPBUGS-23042 : tolerate AWS edge nodes on monitor tests #28387
OCPBUGS-23145 : Bump watch requests for cluster-baremetal-operator #28385
trt-1340: backport exact and disable monitor tests options to 4.14 #28391
OCPBUGS-19923 : Updating parameters for build timing PushImage test #28291
OCPBUGS-22411 : fix: increase upper bounds for samples operator #28356
OCPBUGS-22720 : Use Centos 8 Stream mysql image in tests #28365
OCPBUGS-22389 : Remove all docker.io images due to access denied #28355
OCPBUGS-21774 : backport https://github.com/openshift/origin/pull/28238 to 4.14 release #28333
Revert #28304 “OCPBUGS-20308: Backport PR 28295 and 28238” #28314
OCPBUGS-20308 : Backport PR 28295 and 28238 #28304
OCPBUGS-19903 : kubevirt: add live migration tests #28281
wait for the service to have endpoints before starting pollers #28279
some monitor tests only function on disruptive tests #28287
OCPBUGS-19718 : rteval #28276
OCPBUGS-19547 : fix: add rteval to the test image #28269
TRT-1244 : Bump aws-ovn upgradeDurationLimits to 130 #28265
OCPBUGS-19061 : Remove duplicate connection type from disruption name #28260
USHIFT-1590 : skip failing invariants in MicroShift #28193
Revert “created persistent volume claims can not exceed the limitation” #28232
Revert “in-cluster disruption: ensure that only one monitor is started in cluster” #28230
created persistent volume claims can not exceed the limitation #28224
Revert “Fail on APIs removed in the next release” #28227
OCPBUGS-13158 : in-cluster disruption: ensure that only one monitor is started in cluster #28081
Fail on APIs removed in the next release #27561
Service invariant #28202
prevent secondary errors reported in prior steps #28221
OCPBUGS-17477 : requestheader: wait for only 3 oauth-servers to be available #28161
[test/extended/networking] Rename ovnkube containers #28219
Reduce usage of dcs #28212
Do not fail etcd storage path test for GVRs that are not served. #28214
move graceful shutdown to monitor test #28201
move PDBUnhealthyPodEvictionPolicy from TP to beta #28206
if no openshift-tests image can be auto-detected or specified, skip it #28207
allow failures for tests intentionally producing failures #28211
fix *-to-host sampler failure calculation #28209
skip test with intermittent serial problems #28208
point host network, network disruption at the kubelet #28191
migrate some watching code to monitortests #28188
fail if no sampler output is found for the poller #28198
Fix possibility of intervals without from/to by requiring when we Build() #28182
OCPBUGS-17497 : Skip invariant load balancer test for None platform #28180
tolerate cluster without clusterversion #28197
select poller image from payload #28194
AUTH-409 : bump o/k for the updated PSa labels #28192
Fixes openshift-tests dry-run failure asking for KUBERNETES_MASTER #28165
TRT-930 : Update test to support 2 release query_results.json #28149
add e2e non-functional test for required-scc SCCs #28142
Add a test to flake if we see NetworkManager log “too many netlink events” #28098
OCPBUGS-16615 : Making prometheus telemetry test flake #28181
update watch-endpoint-slices to usable shape #28184
add comments requested in review #28186
rebrand invariant tests as monitor tests #28185
basic setup of podNetwork disruption tests #28179
start the watch-endpoint-slice command #28169
stop sampling when we stop #28178
run start and collect in parallel #28174
only close node ready if the node was not ready before #28170
make monitor command separately runnable #28168
OCPBUGS-15726 : add tests for openapi v3 #28129
fix microshift fix that broke all disruption #28175
Add stlaz and p0lyn0mial to OWNERS #28166
OCPBUGS-15726 : Revert “temporarily disable oc explain tests until openapi/v3 is working” #28155
Add some tests for event interval generation #28163
USHIFT-1464 : skip TestFrontProxy for MicroShift #28064
upgrade distribution to v3 #27958
Skip external service monitoring invariant for microshift #28160
Refactor e2e-test intervals to use the new locator builder #28099
OCPBUGS-16166 : Update to Kubernetes 1.27.4 #28147
Remove obsolete buildanalyzer tool #28158
Bug OCPBUGS-17483: Skip invariant load balancer test for OpenStack #28154
be sure the exit code fails when the invariant tests fail #28152
OCPBUGS-17351 : Skip some invariants in microshift #28136
OCPBUGS-16166 : disable 2 tests in preparation to land k8s 1.27.4 #28148
Fix kubevirt test flake caused by pod name collision #28153
move the discovery filtering into suite filtering instead of post filtering #28145
move remaining disruption tests to invariants #28144
Disable EgressIP test termporarily due to OVN-K bug #28146
Bug OCPBUGS-6778: Correct condition for rejecting connection #27876
USHIFT-1484 : skip prometheus alerts for MicroShift #28070
remove unnecessary global modification from upgrade #28143
OCPBUGS-16615 : Moving Prometheus reporting telemetry to serial jobs #28138
OCPBUGS-15568 : Set quota wait timeout to 1 minute #28071
rough package alignment #28131
return calculated intervals #28141
move existing invariant tests #28130
remove extraneous layering for the monitor #28127
Fix ClusterOperator tests that can only report failures #28120
properly categorize the stop and start intervals #28139
MON-1960 : Remove exceptions for alert annotations #28118
Revert invariant and other refactors #28133
Remove exception on KubeSchedulerDown runbook #28126
expedient engineering: inject intervals into recorded events from out… #28128
Add Fabio and remove Stefan from image approvers #28125
separate the run, run-upgrade, and run-test #28121
Remove enabling multinetwork policy #28116
OCPVE-292 : OCPVE-293: OCPVE-294: feat: added a realtime latency test suite #28110
Update image mirroring instructions to handle uncompressed layers #28101
protect against nil panic on unassigned disruption adapter #28123
fix: workload partitioning - added more error handling for retry attempts #28111
Revert “adds legacy disruption to invariant tests” #28117
adds legacy disruption to invariant tests #28104
refactor command line start for openshift-tests #28107
oauth requestheaders: gather oauth-server logs as admin #28114
Automated - Update synthetic test data #28108
SDN-4042 : Increase total upgrade time on OVN platforms #28074
Update image stream test to create a manifest list image by default #28017
Adjust interval builder before we continue porting #28109
Put times in UTC to allow local testing; use asserts where we can #28091
feat: make data gathering more robust #28102
remove suite hook configuration and make information flow one-way #28090
USHIFT-1463 : add [apigroup] annotation to skip tests for MicroShift #28061
OCPVE-318 : feat: add node validation for workload partitioning #28056
Unrevert pull request #28069 from dgoodwin/interval-builder #28095
Disruption reverts #28093
AUTH-401 : test/e/authorization/pod_security_admission: add e2e test for pinning SCCs #28092
fix logic – If error, return current time; else return log line time #28084
add interface for future invariant tests #28077
Interval Building Phase 1 #28069
create a recorder interface that separates monitoring from recording #28080
remove unnecessary options and make monitor act like controller #28079
Fix retrieval of virt-launcher pod of the guest node #28082
Fix usage of priviliged pods in sig-kubevirt test cases #28078
trt-1150: move lock so prevent multiple file updates in single commit #28065
finish scrubbing out sampler #28076
Automated - Update synthetic test data #28072
MON-3280 : enable etcd metrics check again #28049
OCPBUGS-13158 : Run new tests which monitors in-cluster API server disruption as daemonsets on masters/workers #27909
fix: add missing namespaces to exclude list #28060
Update S2i Image tests for removing nodejs 14 ubi8 eol #28058
only close intervals if they are open #28059
USHIFT-704 : skip [sig-cli] whoami result with console for MicroShift #28005
ignore machine api capability #28052
ODC-7333 : Add consolesamples to the exception list of CRDs without a status #28057
Handle partial discovery results in DoesApiResourceExist. #28047
Remove audit id from sample err #28043
Remove sampler #27960
ODC-7333 : Add consolesamples to the list of console resources that all users should have read access #28045
OCPBUGS-15893 : Update permission to incl. watch for helmchartrepositories for console users #28044
Automated - Update synthetic test data #28014
increase cloud-credential-operator watch since we added a self-clusteroperator watch #28046
OCPBUGS-15291 : Update broken dc tests due to deprecation warning #28041
Enable Azure platform check in external cloud provider test #27776
update pathological event namespace label to be unambiguous #28038
multinetpolicy: use RetryOnConflict to reduce flakes #28035
USHIFT-1379 : skip must-gather tests for MicroShift #28015
Provide more detailed information when extracting binary fails #28034
test: extended: deployment: use correct apigroup for imagestreamtags #27689
Add logs in clusterquota test for more verbosity #28032
OCPBUGS-15500 : Avoid panic attempting to process interval logs #28012
Add test checking nodes are in proper read state before upgrade #28028
trt-1030: 80s for service lb under test #28004
OCPBUGS-15835 : remove references to registry.centos.org #28029
OCPVE-379 : fix: avoid checking resources for BestEffort pods #28006
OCPBUGS-15568 : Increase clusterquota wait timeout from 10 to 30 seconds #28026
OCPBUGS-15558 : retry promql a few times to mask i/o timeouts #28010
AUTH-377 : Add oauth-server redirect URI validation e2e tests #27922
temporarily disable oc explain tests until openapi/v3 is working properly #28022
USHIFT-647 : skip non-existing resources from security.openshift.io #27897
trt-1117: Test for update lease errors #28020
print out deployment for incorrectly scheduled pods #28011
OCPBUGS-14425 : Skip CCM upgradable condition on AlibabaCloud #27967
Update “verify that nodes have no unexpected reboots” test #28016
allow cluster-config-operator to manage featuregate upgrade block #28009
add a networking alert for OVNKubernetesResourceRetryFailure #28008
add debugging info for cluster not ready to upgrade #28007
OCPVE-378 : feat: remove skip, allow check on all platforms regardless #27911
Report external binary usage #28000
Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure #27987
disruption refinement for availability, not latency. #28003
TRT-1097 : add KubeMemoryOvercommit to specific test so that the general test doesn’t fail #28002
OCPBUGS-11652 : Enable oc adm node-logs #27992
skip reboot test when machineconfigs not in target cluster #27999
OCPBUGS-15291 : [sig-cli] oc idle: get a dc name through labels instead of parsing oc create output #27998
Automated - Update synthetic test data #27995
Flake ci-cluster-network-liveness and new backend disruption failures to avoid payload rejections #27990
verifies number of node reboots even for HA #27994
OCPBUGS-13379 : machines: add a test which verifies number of node reboots #27993
strip operator framework from resource watch and fix bugs #27972
Fix panic in loki upload #27991
Replace dashes in locator keys for upload to loki, add namespace label when possible #27983
Automated - Update synthetic test data #27982
Update kubevirt LB connectivity tests to work with AWS ELB #27978
STOR-1263 : Bump (openshift/kubernetes): to get openshift/kubernetes#1595 #27970
add shutdown interval for apiserver from events #27919
Update expected name for OVN acl logging test #27974
Updated pathological events #27942
new disruption backend #27838
OCPBUGS-14667 : Revert “MON-3213: Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure” #27969
MON-3213 : Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure #27933
push intervals to loki #27930
USHIFT-1300 : Avoid getting cluster state for TEST_PROVIDER env var #27964
hard monitor.Event message creation #27946
ETCD-425 : restore test should validate state #27921
OCPBUGS-14338 : test/extended/prometheus: increase telemetry series threshold #27959
Running tests using external binary #27570
OCPBUGS-14321 : Increase timeout in sysctl allowlist test #27955
remove legacy recovery tests #27917
OCPBUGS-13649 : add tests for ClusterResourceQuota: count should work for all resources #27934
MON-3219 : Clear missing summary/description annotation test case exception #27944
OCPBUGS-13788 : 2x Revert “test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases” #27926 #27927
OCPBUGS-14125 : Move from registry.centos.org to quay.io #27945
LoadBalancer network connectivity test cases for HyperShift+KubeVirt #27931
Revert “Add coverage for GET verb and websocket handshake to SCC exec tests.” #27943
update the PDB resource to point to resource, not kind #27938
fix oc explain status and spec verification #27937
Add coverage for GET verb and websocket handshake to SCC exec tests. #27836
test/extended/prometheus: fix test with enabled telemetry #27915
bump(k8s.io/kubernetes) #27935
Automated - Update synthetic test data #27920
Change oc annotate cli test output check string #27932
Migrate set-image.sh to go based test #27863
STOR-1263 : Rebase 1.27.1 #27894
Update etcd team lead #27928
Revert “test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases” #27926
trt-1032: update upperbounds based on recent failures #27923
OCPBUGS-6586 : oc idle: increase wait timeouts to 60 sec #27913
test/extended: Add MultiNetworkPolicy IPv4/IPv6 test cases #27795
Mark ErrorReconcilingNode macAddress not found as known and with existing BZ #27918
OCPBUGS-13366 : ignore repeated TopologyAwareHintsDisabled events #27916
OCPBUGS-13372 : Add missing error check in sysctl allowlist test #27914
trt-900: log risk-analysis errors but don’t pass back up #27898
Automated - Update synthetic test data #27908
OCPBUGS-5943 : Revert “ignore repeated TopologyAwareHintsDisabled events” #27815
Reactivate netpol tests #26775
Adjust thresholds for reasonable upgrade durations #27905
Fix up the chart so the “Not” column is lined up #27886
Automated - Update synthetic test data #27861
OCPBUGS-12447 : Add intervals and test for ovs-vswitchd unreasonably long poll interval #27889
WRKLDS-665 : Enable [sig-scheduling] SchedulerPreemption [Serial] validates pod disruption condition is added to the preempted pod [Suite:openshift/conformance/serial] #27874
TRT-856 : DNS and disruption overlap test #27826
OCPBUGS-11944 : use tokenrequest from lib-go #27883
CCO-367 : Allow CCO to be Upgradeable=False when credentialsMode=Manual #27887
add anonymous cert detection test case #27890
Render html from monitor #27853
PSa podspec exporter e2e: don’t specifically add seccompProfile to the podspec #27756
ETCD-417 : add a new basic etcd backup/restore test #27875
test/extended: cpu-partitioning: skip cluster infrastructure for Hypershift #27884
OCPNODE-1257 : feat: remove custom node wait logic for upstream framework call #27882
Add (optional) dual-stack tests to the CNI certification test suite #27807
Trt-945 detect master node updates #27851
Updating openshift-enterprise-tests images to be consistent with ART #27793
Move selfsubjectreviews RBAC rule to the right place #27873
Add git retry to run resource watch #27865
Update ETCD storage data for k8s 1.27 #27871
OCPBUGS-11652 : disable oc adm node-logs #27867
NE-1243 : Validate TCP DNS local endpoint preference as well as UDP. #27791
Add selfsubjectreviews RBAC rules #27866
ETCD-399 : Add recovery suite to openshift-test cli #27869
add specific test for failing cgroups path #27852
not rely on deterministic pod names in oc debug tests #27842
Revert “TRT-889: Temp flake all azure disruption” #27843
add wait for ingress to be responsive before beginning upgrade #27857
Allow cluster daemonsets to use maxSurge #27819
retry getting the URL for routes until we succeed #27854
bump timeout #27849
OCPBUGS-11215 : fix: add namespace annotation helper for egress cni test #27834
negative filtering #27829
OCPBUGS-11072 : Add test for Egress Firewall node selector #27824
upkeep: updated query results #27835
Revert “Make unidle test more strict” #27833
OTA-824 : test/extended/cli/admin: Test ‘oc adm release extract –file image-references …’ #27822
STOR-1272 : DisableSC test should ignore in-tree storage classes #27814
add apiserver availability timeline events #27828
OCPBUGS-9831 : Make unidle test more strict #27673
remove runresourcewatch git lock file on failure #27820
Improve the disruptive suite description #27823
OpenStack: Restore in-tree cinder provisioner tests #27789
Add Divyanshu Agrawal as a reviewer #27821
Enable AWS platform check in external cloud provider test #27777
OCPBUGS-10824 : fix: add poll to get deployment status and avoid false positive #27818
Add a test case checking for cluster upgradeability #27806
Gather more interesting etcd pod logs for issues we’re debugging #27816
Strip ANSI control characters from junits #27801
Automated - Update synthetic test data #27703
move IsTechPreviewNoUpgrade function to exutil and reuse everywhere #27787
Mark previous pathological events so they get added to spyglass charts #27743
CNF-5652 : Add cpu partitioning tests #27770
Revert “Revert “Add vlan/macvlan/ipvlan incontainer master tests”” #27775
Separate pathological event tests for all known namespaces #27774
Scan etcd logs for dropped internal raft messages #27798
Add intervals, synthetic test, and charting for etcd “slow fdatasync” pod log messages #27772
OCPBUGS-8092 : Fix mounted volume expansion tests #27782
Specify Audit-ID to identify disruption requests in api audit logs #27780
TRT-889 : Temp flake all azure disruption #27781
OCPBUGS-8483 : Revert “Switch to readyz path for health probes on Azure” #27771
WRKLDS-657 : add test for UnhealthyPodEvictionPolicy for PDBs #27768
Enable vSphere platform check in external cloud provider test #27638
Realtime Kernel Tests #27751
OCPBUGS-8310 : Bump to 1.26.2 #27764
And 7 elided commits (e.g. from squash or rebase merges)
Full changelog
Source code for this page located on github