Releases: Azure/ARO-RP
Release v20240917.00-ARO9327-test
Test for PR 3764
Changes
20e317a Fix and improve Hive instllation
db81c4f Fix some bash linting improvments after review
17c4a19 Update docs, rename files and add cleanup target
768f609 Refactor three bash scripts for RP full dev automation
1cb3ed6 Skip deployments based on SKIP_DEPLOYMENTS
ec38a61 Seperate deploy target into three targets
8f3f9dc Add bash scripts for automating RP deployment creation
112942e Automate RP full dev using container
abf4167 Refactor Hive Directory (#3765)
fa7af61 Merge pull request #3818 from Azure/lranjbar/ARO-10003-etchosts-managed-flag
66f073f Dynamic validation for workload identity permissions and requirements (#3619)
89be0b2 ARO-10003: Add managed flag to etchosts controller
590e828 Clean up the remainder of go run
uses of external tools (#3823)
bd9af03 Only perform machineconfig reconciliation during OpenShift upgrades (#3473)
98fe23c Merge pull request #3787 from Azure/rhamitarora/ARO-0000-minor-dockerfile-change
f033ba1 Docker file change replace as with AS
Full Changelog: v20240906.00...v20240917.00-ARO9327-test
Release v20240906.00
RP release 259 ARO-10062
Changes
What's Changed
- ARO-8423: fix client generation issue with new Identity field for MIWI by @kimorris27 in #3639
- Adding logging statements for pullsecret controller by @slawande2 in #3613
- Migrate PR e2e to ARO Classic E2E subscription by @tony-schndr in #3614
- [ARO-4562] Migrate DNS to track2 SDK, arm dns client creation. by @jonathan34c in #3625
- Add new makefile targets for go mod verification by @razo7 in #3550
- Add mirroring of ose-tools-rhel8 for 4.15 by @razo7 in #3649
- Mirror two Microsoft Geneva images by @razo7 in #3635
- use track2 SDK in updateAPIIPEarly by @bitoku in #3638
- Create and populate OIDC blob store for the cluster by @rajdeepc2792 in #3564
- update guardrails protected namespaces list by @yjst2012 in #3641
- Fix automatic triggering of CI + E2E by @hawkowl in #3644
- feat: Add srini as codeowner by @jaitaiwan in #3658
- Add validation for default CIDR range by @rhamitarora in #3611
- Add myself and Aldo as codeowners by @mociarain in #3659
- Add tenant ID to internal apis for CMSI usage by @niontive in #3655
- [ARO-8862] local-rp dev docs should mention registering the sub by @mrWinston in #3666
- [ARO-7181] Upgrade the ARO Operator, then update the Cluster object by @hawkowl in #3530
- Bump github.com/gorilla/schema from 1.2.1 to 1.4.1 by @dependabot in #3657
- Increase dev-proxy-vmss OSDisk to 64GB by @tsatam in #3656
- Update hive-generate-config.sh to accept differing versions by @s-fairchild in #3664
- bump azdev by @bitoku in #3669
- Bump Hive Image to commit b1ac27b248 - ARO-5063 by @s-fairchild in #3662
- Emit Cluster Feature Metrics for Cluster Operations by @s-fairchild in #3631
- Add new NASA codeowners to ARO-RP by @cadenmarchese in #3672
- Mociarain/aro 8608 refactor by @mociarain in #3665
- [ARO-7788] Don't overwrite default installer version in local dev by @mrWinston in #3671
- ARO Operator - Reduce unnecessary reconciles by limiting watched resources/changes by @tsatam in #3292
- Move to maintained yaml lib by @hawkowl in #3454
- Architecting Local
make ci-rp
File To Allow Caching For Later by @safwank97 in #3623 - Updates Test Suite To Use New GA API Plus Adds Missing Functionality To Our Internal Utility Clients by @safwank97 in #3640
- Containerize
./hack/tunnel
by @tsatam in #3646 - Update network SDK to track2 by @bitoku in #3594
- New cmd to populate PlatformWorkloadIdentityRoleSets in dev and prod by @cadenmarchese in #3617
- Make dev-proxy use Trusted Launch by @nwnt in #3600
- HOTFIX: correct local image names by @SudoBrendan in #3682
- Add controller to disable CPMS on ARO clusters by @tsatam in #3660
- [ARO-5368] Try and log the VM info + console log on failure by @hawkowl in #3629
- Add doc on rotating full RP env VPN certs by @cadenmarchese in #3544
- fix dev env panic in e2e by @bitoku in #3693
- Update controllergen commands to work with 0.9.0 by @hawkowl in #3680
- Bug fix - Add nil pointer check for LoadBalancerProfile in cluster metrics by @s-fairchild in #3695
- [ARO-9169] Remove disused clustermanager frontend code by @hawkowl in #3642
- Clean up some duplicated code in cmd/ by @hawkowl in #3648
- Hotfix: compute API version used in ARM templates by @kimorris27 in #3687
- pkg/cluster: Use Action for fixupClusterSPObjectID by @ehvs in #3694
- Add cpms e2e test by @tsatam in #3688
- Update go.sum by @tsatam in #3703
- Try and get the NewMonitor/Frontend/etc mess under control by @hawkowl in #3690
- Update Go to 1.21 by @niontive in #3698
- Preflight update and tests by @carvalhe in #3686
- Fix Managed Upgrade Operator reconciler by @slintes in #3704
- Fix missing database refactor on preflight validation in frontend by @bennerv in #3705
- Refactor/remove private dns zone by @AldoFusterTurpin in #3500
- Initial start of RP int automation by @razo7 in #3670
- Smoke test automation for some basic checks by @bitoku in #3667
- Create sp for each e2e run by @mociarain in #3685
- log outbound correlation data by @AldoFusterTurpin in #3503
- refactor package pki to be unit testeable by @AldoFusterTurpin in #3708
- Always do group expansion for CheckAccess subjects by @nwnt in #3710
- Clean up some lint errors found on golangci-lint 1.59.1 by @hawkowl in #3715
- Fixed context issue by @anshulvermapatel in #3674
- WI/MI CLI Phase 1 - Base API functionality by @tsatam in #3624
- Deploy shared dev key vault for mock MSI certificates by @kimorris27 in #3696
- shared utility function to check if a cluster is workload identity by @slawande2 in #3683
- ARO-6756 Remove usecheckaccess feature and environment variables by @rajdeepc2792 in #3643
- Add scripts for creating and persisting mock cluster MSI by @niontive in #3713
- Add machine scaling smoke test by @bitoku in #3716
- CIF - ServerError: ZonalAllocationFailed by @rhamitarora in #3691
- Drop SyncSets check by @mociarain in #3723
- fix repeated reconciliation in node controller by @bitoku in #3720
- Add load balancer smoke test by @bitoku in #3717
- [ARO-4562] Migrate DNS to track2 SDK replace dns in cluster. by @jonathan34c in #3652
- Update MDSD, MDM, Fluentbit base images by @s-fairchild in #3718
- Use latest "in-progress" ARO API for local/E2E cluster creation by @tsatam in #3622
- move iswimi function to openshiftcluster.go by @slawande2 in #3721
- [ARO-7345] smoke test automation for aro-operator log by @bitoku in #3725
- Add middleware for mock MSI headers by @niontive in #3714
- Do not modify user's Azure CLI config in make pyenv target by @tsatam in #3733
- Add note on using oc with dev clusters by @mociarain in #3724
- Fix NotFound error in DNS isn't handled properly by @bitoku in #3739
- Increase RP and VMSS disk size from 256GB to 1024GB by @s-fairchild in #3731
- ARO-4373 fix oidcstorageaccount variable validation error in aro-monitor by @rajdeepc2792 in #3743
- Ensure identity headers are persisted in requests to create MIWI clusters by @kimorris27 in #3746
- [Dev Tooling] generateSubnets should check if subnets are already taken by @mrWinston in #3706
- Add panic recovery within endLease by @s-fairchild in #3701
- Allow the Loki swarming session for day-of-learning by @SudoBrendan in #3754
- Correct mdsd image sha to distroless checksum by @s-fairchild in #3751
- Added known issues and a session of when to use by @ehvs in #3737
- Minor document changes by @rhamitarora in #3759
- Optionally Use USER Environment Variable for Azure Resources by @razo7 in #3681
- Sync fluentbit image with correct checksum seen in arosvc registry by @s-fairchild in #3766
- Fix ax...
Release v20240618.01
Duplicate tag of v20240618.00
Changes
75a681e Merge pull request #3636 from Azure/tiguelu/hotfix-revert-track2sdk-usage
5fc6067 Reverting usage of SDK track2 clients from #3579
a42f1ac Use newer default dev kubernetes version (#3601)
bd3a12f Merge pull request #3621 from vinaybommana/ci-guardrailpolicies
e44a826 Merge pull request #3630 from Azure/hawkowl/cleanup-log-lines-steps
e57930c add better comments
ec12eb5 cleanups
a33264f use an instantiated struct for this test, like the real steps
da4b09a fixes
0de597a reduce the amount of package names in the logs
ba7566f splitting oneliner
121b140 seperated gatorcli and opa install steps
3dfafbd added github actions for guardrail policies
Full Changelog: v20240614.00...v20240618.01
Release v20240827.01
Release 259 - 1
Changes
2f651e7 Merge pull request #3781 from Azure/lranjbar/ARO-9570-udr-etchosts-operator-patch
5dfba05 Merge pull request #3780 from Azure/copy-fluentbit
fd2b2f9 Merge pull request #3796 from Azure/shubhadapaithankar/runlocal-rp-version-fix
6360087 Add licenses
564f1b0 Fix linting
fec517c test the operator identity secret generation code properly
4666495 get subscription info from the subscription doc rather than env
69c55bf Update pkg/operator/deploy/deploy.go
fde6d81 generate a secret for the operator from workload identity
a05c82c Fixed to correctly reference the local image, preventing unauthorized Docker Hub pulls.
7361eae ARO-9750: Add a controller to create the etchosts machineconfigs if they dont exist
a10deab ARO-9570: Update controller to watch MCP and ARO Cluster object
9a4ad4a ARO-9570: Add a controller to the ARO operator to lay down etchosts machine config
0ae1ef4 Copy fluentbit image from arointsvc ACR to your ACR
7531359 Align docs hierarchy
Full Changelog: v20240827.00...v20240827.01
Release v20240827.00
Tagging for ARO Installer Release
Changes
e83bf05 Bump micromatch from 4.0.7 to 4.0.8 in /portal/v2 (#3795)
426b56b Bump oxsecurity/megalinter from 7 to 8 (#3794)
e079d17 Only fail NPM audit on high/critical vulnerabilities (#3790)
bd0229d Add route smoke-test (#3784)
89cf7d3 Update VMSS to Mariner with FIPS enabled (#3741)
c9410c2 Allow remote podman
e374a42 Makefile Podman Fixes
09c49cb Use Podman, not Docker
8808352 Allow prerelease OCP versions and version strings with metadata during cluster installation (#3782)
92a8bfc Containerized portal as it runs in prod, locally (#3745)
52cdcb8 Exclude platform identities from permissions denial (#3653)
fd8d3cf Add scripts to create platform identities for dev (#3734)
309d82a Add PVC smoke tests (#3747)
8badd84 Thank you Aldo, and good luck (#3774)
c3e324c fix typo (#3779)
18b43b5 Add smoke tests doc (#3750)
0d99157 Add missing dependencies (#3749)
a387947 Make runlocal-rp with Container Image (#3593)
c74906d Change load balancer image in smoke test (#3740)
d874268 Update hive image to tag bdf9d08a06 (#3770)
8bcd1b6 WI/MI CLI Phase 1 - Base Update Functionality (#3709)
a1c4de7 Fix axios vulnerability by moving to Fetch (#3769)
29e09d5 Fluentbit pipeline has been updated to sync versions between arointsvc (#3766)
cedba92 Optionally Use USER Environment Variable for Azure Resources (#3681)
50939e1 Minor document changes (#3759)
cb40d34 Merge pull request #3737 from Azure/hevs/docs-rp
66e2980 Correct mdsd image sha to distroless checksum (#3751)
de78a12 Adding a temp branch for Loki swarm session (#3754)
7a00c04 Update docs/deploy-development-rp.md
8303ccf Update docs/deploy-development-rp.md
c3655d1 Add panic recovery within endLease (#3701)
3f4b98a Update docs/deploy-development-rp.md
ed3ea8e Update docs/deploy-development-rp.md
0829252 Added known issues and a session of when to use
Full Changelog: v20240729.01...v20240827.00
Release v20240816.03-bootstrap
Fixed fluentbit config file indentation
This tag is meant to be used as a test release to Canary region only. v20240816.00-bootstrap
This is to test PR #3741 prior to merging into master.
Changes
169f42c Embed scripts as strings rather than []byte
14f49b6 Update RP and Gateway vmss OS image to cbl-mariner-2-gen2 with Manually Configured FIPS Mode
a1c4de7 Fix axios vulnerability by moving to Fetch (#3769)
29e09d5 Fluentbit pipeline has been updated to sync versions between arointsvc (#3766)
cedba92 Optionally Use USER Environment Variable for Azure Resources (#3681)
50939e1 Minor document changes (#3759)
cb40d34 Merge pull request #3737 from Azure/hevs/docs-rp
66e2980 Correct mdsd image sha to distroless checksum (#3751)
de78a12 Adding a temp branch for Loki swarm session (#3754)
7a00c04 Update docs/deploy-development-rp.md
8303ccf Update docs/deploy-development-rp.md
c3655d1 Add panic recovery within endLease (#3701)
3f4b98a Update docs/deploy-development-rp.md
ed3ea8e Update docs/deploy-development-rp.md
0829252 Added known issues and a session of when to use
Full Changelog: v20240729.01...v20240816.03-bootstrap
Release v20240816.01-bootstrap
Testing PR #3741
Changes
08003b3 Embed scripts as strings rather than []byte
66b6b12 Update function comments, remove duplicate rpm package installs
2ce8ffe Refactor certificate configuration functions to make things less complicated. Refractor verify_roles to fit with new certificate functions.
724c747 Use SKU cbl-mariner-2-gen2 for Automatic OS Updates Support + FIPS
c60b702 Update RP and Gateway vmss OS image to cbl-mariner-2-gen2-fips. Restructure VMSS bootstrap bash scripts for increased reliability, and easier debugging
a1c4de7 Fix axios vulnerability by moving to Fetch (#3769)
29e09d5 Fluentbit pipeline has been updated to sync versions between arointsvc (#3766)
cedba92 Optionally Use USER Environment Variable for Azure Resources (#3681)
50939e1 Minor document changes (#3759)
cb40d34 Merge pull request #3737 from Azure/hevs/docs-rp
66e2980 Correct mdsd image sha to distroless checksum (#3751)
de78a12 Adding a temp branch for Loki swarm session (#3754)
7a00c04 Update docs/deploy-development-rp.md
8303ccf Update docs/deploy-development-rp.md
c3655d1 Add panic recovery within endLease (#3701)
3f4b98a Update docs/deploy-development-rp.md
ed3ea8e Update docs/deploy-development-rp.md
0829252 Added known issues and a session of when to use
Full Changelog: v20240729.01...v20240816.01-bootstrap
Release v20240816.00-bootstrap
This tag is meant to be used as a test release to Canary region only. v20240816.00-bootstrap
This is to test PR #3741 prior to merging into master.
Changes
374af12 Embed scripts as strings rather than []byte
7f65006 Update function comments, remove duplicate rpm package installs
53d5d25 Refactor certificate configuration functions to make things less complicated. Refractor verify_roles to fit with new certificate functions.
195a910 Use SKU cbl-mariner-2-gen2 for Automatic OS Updates Support + FIPS
4a853ab Update RP and Gateway vmss OS image to cbl-mariner-2-gen2-fips. Restructure VMSS bootstrap bash scripts for increased reliability, and easier debugging
a1c4de7 Fix axios vulnerability by moving to Fetch (#3769)
29e09d5 Fluentbit pipeline has been updated to sync versions between arointsvc (#3766)
cedba92 Optionally Use USER Environment Variable for Azure Resources (#3681)
50939e1 Minor document changes (#3759)
cb40d34 Merge pull request #3737 from Azure/hevs/docs-rp
66e2980 Correct mdsd image sha to distroless checksum (#3751)
de78a12 Adding a temp branch for Loki swarm session (#3754)
7a00c04 Update docs/deploy-development-rp.md
8303ccf Update docs/deploy-development-rp.md
c3655d1 Add panic recovery within endLease (#3701)
3f4b98a Update docs/deploy-development-rp.md
ed3ea8e Update docs/deploy-development-rp.md
0829252 Added known issues and a session of when to use
Full Changelog: v20240729.01...v20240816.00-bootstrap
Release v20240729.01
Release 257 - 1
Changes
0250e2f Merge pull request #3706 from Azure/mrwinston/hotfix-dev-cluster-create-better-subnet-creation
1cee7a1 Ensure identity headers are persisted in requests to create MIWI clusters (#3746)
a16e7e8 ARO-4373 fix oidcstorageaccount var validation (#3743)
2808298 Increase RP and VMSS disk size from 256GB to 1024GB (#3731)
db4508d Merge pull request #3739 from Azure/atokubi/dns-deletion-bugfix
2143cb8 fix notfound error handling in DNS manager
b228701 Add note on using oc with dev clusters (#3724)
297c989 Merge pull request #3733 from Azure/tsatam/hotfix-python-env-fixups
78feafb Add middleware for mock MSI headers (#3714)
8d8e63d Do not modify user's Azure CLI config
f3c683d Merge pull request #3725 from Azure/smoke/aro-log
c157292 Fix formatting
858084a incorporate feedback, add mocks for subnet client
2f292b0 generate subnets now takes existing subnets into account
a394169 Merge pull request #3721 from Azure/slawande/ARO-7856/iswimi-2
40c830e Merge pull request #3622 from Azure/tsatam/ARO-8003-use-in-progress-api-for-cluster-creation
b80a91a apply suggestions from code review
146ef94 Merge remote-tracking branch 'origin/master' into slawande/ARO-7856/iswimi-2
f9c7eb7 remove unused const
4d5628c add aro-operator log smoke test
bdcd8c1 apply suggestions from code review
2d97fea move iswimi function to openshiftcluster.go
510b3ee Add new "internal" ARO client wrapper over external ARO clients
Full Changelog: v20240729.00...v20240729.01
Release v20240729.00
Release 257
Changes
09a56b1 Merge pull request #3718 from Azure/s-fairchild/ARO-5049-image-bump
550b655 Merge pull request #3652 from Azure/sdktrack2/dnsreplace
2cbc5ed Merge pull request #3717 from Azure/smoke/loadbalancer
ef9b8d1 Merge pull request #3720 from Azure/atokubi/node
5920a27 Drop SyncSets check (#3723)
36b6da2 add load balancer test
1291b45 add dynamic Client
962d8e4 fix infinite reconciliation in node controller
1a9bf96 Update MDSD, MDM, Fluentbit base images
eefe6e8 Merge pull request #3691 from Azure/zonalallocationfailed
6982049 Merge pull request #3716 from Azure/smoke/machine-scale
44fce6f Merge pull request #3713 from Azure/niontive/ARO-8986
0684a5a ARO-6756 Remove usecheckaccess feature and variables (#3643)
53691de shared utility function to check if a cluster is workload identity (#3683)
bfb554c Merge pull request #3696 from Azure/kimorris27/ARO-9005-shared-dev-kv-for-msi
3907e7c WI/MI CLI Phase 1 - Base API functionality (#3624)
4b35728 Merge pull request #3674 from Azure/anshulvermapatel/cosmosdb-authorizer-context
0f3a104 add scaling machine smoke tests
cb9a49b generated code from jewzaam/go-cosmosdb
05da909 [Draft]Fixed context issue
5cf1e33 Add msi.sh
b364f27 Update local_dev_env.sh
f00f065 Update md
178a8b0 use fpCredRPtenant
c7af7fc Update docs and hack script to reflect consolidated MIWI dev infra ARM template
54e94f2 Consolidate OIDC storage account and cluster MSI key vault into one ARM template + make generate
b90e510 Appease the linter
cb2d4d1 Update documentation to reflect addition of new functions for deploying key vault separately from other dev resources
0e5b43e Update hack script with functions for deploying the key vault
4e46ed4 make generate
1953401 Move the shared cluster MSI key vault to its own ARM template
8612abe Fix indentation
3b0147e Add new KV with RBAC and then make generate
b072d62 Rename existing shared dev key vault
5a234a9 Remove comment that appears to be out-of-date information
49af5c6 CIF - ServerError: ZonalAllocationFailed
c999a58 remove white space
8e2eb0d add error
a0e4aaf fix azcore
2b270a4 change variable
5854f87 remove go mod confict
32fbfb9 change cluster
6a775b2 add
cdda20f replace with sdkdns
58f5476 fix ci
6895ac7 add mock
7ef1528 fix lint
8eca566 remove white space
e5bf96e remove azidentity
74374a9 create client and vendor for armdns
Full Changelog: v20240723.00...v20240729.00