CAPZ filters ASO CRDs so it only includes a small subset of ASO CRDs.
Prior to this commit, we were not filtering ASO CRDs, which leads to
a bug when ASO and CAPZ create conflicting CRDs. By filtering the ASO
CRDs in the same manner as CAPZ we can avoid the bug.
This is split out from CAPO starting with CAPO v0.12.0. Start deploying it manually
in preparation for a CAPO bump.
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Updates the generation of the coreos stream manifest, which runs
during container building, to merge the contents of the
marketplace-rhcos.json file with rhcos.json when creating the coreos
stream configmap.
Adds a standalone go program that generates
data/data/coreos/marketplace-rhcos.json
This file is combined with rhcos.json to create the coreos stream,
but the files are updated at different cadences by different teams.
OKD will now use centos pure os bootimages
This change was generated using:
```
plume cosa2stream \
--distro rhcos --no-signatures --name c9s \
--url https://rhcos.mirror.openshift.com/art/storage/prod/streams \
x86_64=9.0.20250222-0 \
aarch64=9.0.20250222-0 \
ppc64le=9.0.20250222-0 \
s390x=9.0.20250222-0
```
Co-authored-by: Patrick Dillon <pdd@redhat.com>
Since CI is using tag latest, we can also use the same tag here. There
might be a case where latest mirrored image on CI points to an older
version. In that case, we can adjust local version accordingly.
Current version: golangci-lint v1.63.4
The file .golangci.yaml contains configurations for golangci-lint.
As golangci-lint version is bumped, some configurations are deprecated
and moved/removed. With this patch, the file is now compatible.
For gosec, we can safely exclude G115 (integer overflow converting between int types).
For errcheck, we skip checking type assertions.
* CORS-3295: hack: add script to verify capi CRDs
This script will be used to create a test in CI to check that the capi
CRDs in data/data/cluster-api match what's expected from the provider
version used in cluster-api/providers.
As a side effect, this script can be used to generate the CRD, allowing
a dev to then commit the result.
* hack: add capi CRD generation to verify-capi-manifests script
* hack/verify-capi-manifests: use Golang 1.22 image
* hack: add azureaso to the manifest generation
Although we are not technically generating the manifest, only
downloading it from the upstream repo.
* data/data/cluster-api: reconcile CRDs differences
This is the diff generated by running `hack/verify-capi-manifests.sh`
We are using golangci-lint v1.59.0 in CI, so let's match that in local
dev. That version is needed for Golang 1.22 support.
This is a fallout of https://github.com/openshift/installer/pull/8473.
Because of the way in which we rebase and build our kube fork, the
binary doesn't have minor versions set correctly. For example, version
1.29.5 appears as `v1.29.0-rc.1.3970+87992f48b0ead9-dirty` and that
breaks the version detection in our scripts.
Since we already have pre-built binaries in CI/release, there is no
reason for downloading those binaries. The only case in which it's
needed is for local dev. So we introduce an env var `SKIP_ENVTEST` to
skip the download when building images.
We cannot execute cross-compiled binaries, otherwise we get an error saying:
```
hack/build-cluster-api.sh: line 26: /go/src/github.com/openshift/installer/cluster-api/bin/darwin_amd64/kube-apiserver: cannot execute binary file: Exec format error
```
The check should be skipped in those cases.
With this patch, manifest-tests parse feature-set and feature-gates
information from the environment variables `FEATURE_SET` and
`FEATURE_GATES`.
This change enables testing the generation of manifests in the CAPI
flow.
Only download the binaries if the existing binaries' version is lower
than the minimum version (currently 1.28.0). This change will be needed
when we copy etcd/kas binaries from existing container images which
build them from source.
When we linked to libvirt directly, having the libvirt platform in the
build was synonymous with a dynamically linked build. Now that we use a
pure-Go libvirt library, the build type can be independent of whether
libvirt is included.
Once the baremetal installer build no longer includes the libvirt
platform, we still want it to be dynamically linked.
Initially we were using the provider's module version in the go.sum
file to determine if a provider needed to be rebuilt. Since
vsphereprivate is locally developed, not an imported module, it required
special treatment. Now that we are using the `go.mod` git hash to check
if a terraform provider needs to be rebuilt, we don't need to give
vsphereprivate special treatment. Unfortunately, this implementation
detail slipped through even though we changed the approach.
If we don't drop the workaround, the build script will think
`vsphereprivate` always needs to be rebuilt since it's comparing values
that will never match.
Look at the Golang module information from the binary to determine
whether the providers need to be rebuilt. It'll be useful when we use an
external container image containing pre-built binaries for the providers.
Parallel builds can be achieved by setting the MAKEFLAGS env var.
Hardcoding the value is causing some container builds to fail in CI with
```
{ error occurred handling build openstack-installer-amd64: build not successful after 5 attempts: [the build openstack-installer-amd64 failed after 7m36s with reason BuildPodEvicted: The node was low on resource: memory. Threshold quantity: 100Mi, available: 65128Ki. Container docker-build was using 10522940Ki, request is 5Gi, has larger consumption of memory. , the build openstack-installer-amd64 failed after 6m31s with reason BuildPodEvicted: The node was low on resource: memory. Threshold quantity: 100Mi, available: 53452Ki. Container docker-build was using 10936476Ki, request is 5Gi, has larger consumption of memory.
```
