The AWS IAM role and instance profile waiters had a 2 minute timeout
with custom delay options (1-5 seconds). This timeout was insufficient
in CI environment where IAM calls can be throttled.
Increased the timeout to 15 minutes and removed the custom delay
options to use the AWS SDK defaults (min 1s and max 120s).
This commit updates default value handling when loading the
install config to set values in machine pools based on the
defaultMachinePlatform.
By populating the values directly in the install config, we can
avoid repetitive checks throughout the codebase to ensure the
default machine platform is applied to the relevant machine pool.
Marketplace images do not support confidential VMs or trusted launch,
so when machinesets use confidential VMs the installer will still
create an image gallery compatible with the security settings.
Unfortunately we have a lot of big functions in the installer, and
that is not likely to change. Therefore bumping the cyclomatic
complexity threshold so the linter starts complaining at a threshold
of 40 rather than 30.
Also remove the tenv linter as it is deprecated.
Now that we can use marketplace images, we only need to create
managed images for OKD or AzureStack. We can also safely remove the
environment variable that allowed skipping image upload and the
corresponding validation.
Defaults the Rhcos image asset to the non-paid Azure marketplace image.
Fallback to Azure disk and image creation if the marketplqace image
is not available, which is the case for OKD.
Refactors the installconfig metadata to store the VM capabilities
and hyperVGeneration, so that we do not need to repeatedly call the
azure API to get the same information.
GP3 volumes have the ability to configure throughput from 125 MiB/s to
2000 MiB/s. This allows the ability to set this at install time in the
install-config.
https://issues.redhat.com/browse/CORS-4212
pkg/types/gcp/platform.go:
Add FirewallManagementPolicy. The policy will indicate whether the cluster or user
will manage the firewall rules.
Add validation to ensure that a network is provided when the install config
is set to Unmanaged to FirewallManagement.
pkg/types/gcp/metadata.go:
Add the management policy to the metadata so that the bootstrap destroy process
knows whether to delete the bootstrap firewall rules or not.
Achieved by bumping the library itself:
pushd cluster-api/providers/openstack
go get -u sigs.k8s.io/cluster-api-provider-openstack@latest
go mod tidy
go mod vendor
popd
Followed by the assets:
pushd <path-to-upstream-capo-repo>
git checkout v0.13.0
make release-manifests
popd
cp <path-to-upstream-capo-repo>/out/infrastructure-components.yaml \
data/data/cluster-api/openstack-infrastructure-components.yaml
This has the side effect of bumping golang to 1.24.
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This is split out from CAPO starting with CAPO v0.12.0. Start deploying it manually
in preparation for a CAPO bump.
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The agent-interactive-console and agent-interactive-console-serial@
services should have consistent Before/After edges. Previously,
agent-auth-token-status.service had agent-interactive-console.service
in its After= directive, but there was no corresponding dependency for
the serial console variant.
This adds agent-auth-token-status.service to the Before= directive in
both console services, and removes the now-redundant After= directive
from agent-auth-token-status.service, so both services define the
dependency consistently in the same direction.
Assisted-by: Claude Code
The agent-interactive-console and agent-interactive-console-serial@
services should have consistent Before/After edges since only one runs
on each system (depending on whether there is a graphical console).
Previously, set-hostname.service had a Before= dependency on
agent-interactive-console.service only, which created an edge in the
systemd diagrams from set-hostname to agent-interactive-console but not
to agent-interactive-console-serial@.
This fixes the inconsistency by:
- Adding set-hostname.service to the After= directive in both console
services
- Removing the redundant Before= directive from set-hostname.service
Both services now define the dependency consistently in the same
direction.
Assisted-by: Claude Code
The testscript framework needs environment variables explicitly passed
through to the test environment. This adds passthrough for proxy variables
(HTTP_PROXY, HTTPS_PROXY, NO_PROXY and lowercase variants) that may be set
by the sandbox or CI environment.
Without these, integration tests running behind a proxy would fail with
network DNS resolution failures when attempting to download resources.
Assisted-by: Claude Code
The integration test setup was not passing through the XDG_CACHE_HOME
environment variable to the test environment, causing tests to fall
back to $HOME/.cache for caching downloaded files. This caused test
failures in environments where $HOME/.cache is not writable but
XDG_CACHE_HOME points to a writable location.
This change ensures that if XDG_CACHE_HOME is set in the test runner's
environment, it is passed through to the integration test environment,
allowing tests to respect the XDG Base Directory specification.
Assisted-by: Claude Code
Remove vCenter credentials from agent installer validation tests to
prevent network connection attempts during unit tests. The tests now
validate that credential fields are required when any credential field
is specified, in addition to their original validation logic.
This change reduces test execution time from 60-180 seconds to under
1 second while maintaining test validity. The tests still verify the
same validation errors they were designed to check, plus additional
credential validation.
Also updated test domains from test.vcenter.com to vcenter.test for
consistency with RFC 2606 reserved test domains.
Assisted-by: Claude Code
Replace hardcoded /tmp path with os.TempDir() to respect TMPDIR
environment variable. Add defer statements to clean up temporary
files created during vSphere simulator initialization.
Assisted-by: Claude Code
Add guidance for Claude Code covering build commands, testing,
architecture overview, dependency management, and commit conventions.
Assisted-by: Claude Code
Adding support to install multiple NAT gateways per subnet in
the specific zones they need to be in.
Also, allowing the users to bring their own subnets.
(NAT gateways on BYO subnets are not supported by CAPZ, it just
creates a dummy NAT gateway and doesn't attach it to the subnet).
