From 66ce350393a7918bc7f1d1466d805dcf739b1055 Mon Sep 17 00:00:00 2001 From: Steven Presti Date: Mon, 13 Mar 2023 11:37:23 -0400 Subject: [PATCH] Stabilize openshift 4.13.0; create openshift 4.14.0-experimental The MCO doesn't support Ignition spec 3.3.0 yet, so we also need to roll back openshift 4.13.0 to fcos 1.3.0 and base 0.3 --- config/config.go | 6 +- config/openshift/v4_13/result/schema.go | 2 +- config/openshift/v4_13/schema.go | 4 +- config/openshift/v4_13/translate.go | 64 ++-------- config/openshift/v4_13/translate_test.go | 128 +++---------------- config/openshift/v4_13/validate.go | 2 +- config/openshift/v4_13/validate_test.go | 2 +- config/openshift/v4_14_exp/schema.go | 2 +- config/openshift/v4_14_exp/translate.go | 20 +-- config/openshift/v4_14_exp/translate_test.go | 8 +- config/openshift/v4_14_exp/validate.go | 2 +- config/openshift/v4_14_exp/validate_test.go | 2 +- docs/config-openshift-v4_13.md | 18 ++- docs/config-openshift-v4_14-exp.md | 6 +- docs/release-notes.md | 16 ++- docs/specs.md | 6 +- docs/upgrading-openshift.md | 4 + 17 files changed, 81 insertions(+), 211 deletions(-) diff --git a/config/config.go b/config/config.go index 54ea1f2c..5e4308c5 100644 --- a/config/config.go +++ b/config/config.go @@ -29,7 +29,8 @@ import ( openshift4_10 "github.com/coreos/butane/config/openshift/v4_10" openshift4_11 "github.com/coreos/butane/config/openshift/v4_11" openshift4_12 "github.com/coreos/butane/config/openshift/v4_12" - openshift4_13_exp "github.com/coreos/butane/config/openshift/v4_13_exp" + openshift4_13 "github.com/coreos/butane/config/openshift/v4_13" + openshift4_14_exp "github.com/coreos/butane/config/openshift/v4_14_exp" openshift4_8 "github.com/coreos/butane/config/openshift/v4_8" openshift4_9 "github.com/coreos/butane/config/openshift/v4_9" r4e1_0 "github.com/coreos/butane/config/r4e/v1_0" @@ -64,7 +65,8 @@ func init() { RegisterTranslator("openshift", "4.10.0", openshift4_10.ToConfigBytes) RegisterTranslator("openshift", "4.11.0", openshift4_11.ToConfigBytes) RegisterTranslator("openshift", "4.12.0", openshift4_12.ToConfigBytes) - RegisterTranslator("openshift", "4.13.0-experimental", openshift4_13_exp.ToConfigBytes) + RegisterTranslator("openshift", "4.13.0", openshift4_13.ToConfigBytes) + RegisterTranslator("openshift", "4.14.0-experimental", openshift4_14_exp.ToConfigBytes) RegisterTranslator("r4e", "1.0.0", r4e1_0.ToIgn3_3Bytes) RegisterTranslator("r4e", "1.1.0-experimental", r4e1_1_exp.ToIgn3_4Bytes) RegisterTranslator("rhcos", "0.1.0", unsupportedRhcosVariant) diff --git a/config/openshift/v4_13/result/schema.go b/config/openshift/v4_13/result/schema.go index ad5abd8e..37e49f30 100644 --- a/config/openshift/v4_13/result/schema.go +++ b/config/openshift/v4_13/result/schema.go @@ -15,7 +15,7 @@ package result import ( - "github.com/coreos/ignition/v2/config/v3_4/types" + "github.com/coreos/ignition/v2/config/v3_2/types" ) const ( diff --git a/config/openshift/v4_13/schema.go b/config/openshift/v4_13/schema.go index ab204d39..54e6bfda 100644 --- a/config/openshift/v4_13/schema.go +++ b/config/openshift/v4_13/schema.go @@ -12,10 +12,10 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_13 import ( - fcos "github.com/coreos/butane/config/fcos/v1_5_exp" + fcos "github.com/coreos/butane/config/fcos/v1_3" ) const ROLE_LABEL_KEY = "machineconfiguration.openshift.io/role" diff --git a/config/openshift/v4_13/translate.go b/config/openshift/v4_13/translate.go index 4f951b49..9f1404f6 100644 --- a/config/openshift/v4_13/translate.go +++ b/config/openshift/v4_13/translate.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_13 import ( "net/url" @@ -20,12 +20,12 @@ import ( "strings" "github.com/coreos/butane/config/common" - "github.com/coreos/butane/config/openshift/v4_13_exp/result" + "github.com/coreos/butane/config/openshift/v4_13/result" cutil "github.com/coreos/butane/config/util" "github.com/coreos/butane/translate" "github.com/coreos/ignition/v2/config/util" - "github.com/coreos/ignition/v2/config/v3_4/types" + "github.com/coreos/ignition/v2/config/v3_2/types" "github.com/coreos/vcontext/path" "github.com/coreos/vcontext/report" ) @@ -42,11 +42,10 @@ const ( // can be tracked back to their source in the source config. No config // validation is performed on input or output. func (c Config) ToMachineConfig4_13Unvalidated(options common.TranslateOptions) (result.MachineConfig, translate.TranslationSet, report.Report) { - cfg, ts, r := c.Config.ToIgn3_4Unvalidated(options) + cfg, ts, r := c.Config.ToIgn3_2Unvalidated(options) if r.IsFatal() { return result.MachineConfig{}, ts, r } - ts = translateUserGrubCfg(&cfg, &ts) // wrap ts = ts.PrefixPaths(path.New("yaml"), path.New("json", "spec", "config")) @@ -103,11 +102,11 @@ func (c Config) ToMachineConfig4_13(options common.TranslateOptions) (result.Mac return cfg.(result.MachineConfig), r, err } -// ToIgn3_4Unvalidated translates the config to an Ignition config. It also +// ToIgn3_2Unvalidated translates the config to an Ignition config. It also // returns the set of translations it did so paths in the resultant config // can be tracked back to their source in the source config. No config // validation is performed on input or output. -func (c Config) ToIgn3_4Unvalidated(options common.TranslateOptions) (types.Config, translate.TranslationSet, report.Report) { +func (c Config) ToIgn3_2Unvalidated(options common.TranslateOptions) (types.Config, translate.TranslationSet, report.Report) { mc, ts, r := c.ToMachineConfig4_13Unvalidated(options) cfg := mc.Spec.Config @@ -122,21 +121,21 @@ func (c Config) ToIgn3_4Unvalidated(options common.TranslateOptions) (types.Conf return cfg, ts, r } -// ToIgn3_4 translates the config to an Ignition config. It returns a +// ToIgn3_2 translates the config to an Ignition config. It returns a // report of any errors or warnings in the source and resultant config. If // the report has fatal errors or it encounters other problems translating, // an error is returned. -func (c Config) ToIgn3_4(options common.TranslateOptions) (types.Config, report.Report, error) { - cfg, r, err := cutil.Translate(c, "ToIgn3_4Unvalidated", options) +func (c Config) ToIgn3_2(options common.TranslateOptions) (types.Config, report.Report, error) { + cfg, r, err := cutil.Translate(c, "ToIgn3_2Unvalidated", options) return cfg.(types.Config), r, err } -// ToConfigBytes translates from a v4.13 Butane config to a v4.13 MachineConfig or a v3.4.0 Ignition config. It returns a report of any errors or +// ToConfigBytes translates from a v4.13 Butane config to a v4.13 MachineConfig or a v3.2.0 Ignition config. It returns a report of any errors or // warnings in the source and resultant config. If the report has fatal errors or it encounters other problems // translating, an error is returned. func ToConfigBytes(input []byte, options common.TranslateBytesOptions) ([]byte, report.Report, error) { if options.Raw { - return cutil.TranslateBytes(input, &Config{}, "ToIgn3_4", options) + return cutil.TranslateBytes(input, &Config{}, "ToIgn3_2", options) } else { return cutil.TranslateBytesYAML(input, &Config{}, "ToMachineConfig4_13", options) } @@ -207,10 +206,6 @@ func validateMCOSupport(mc result.MachineConfig, ts translate.TranslationSet) re // FORBIDDEN - Not supported by the MCD. If present in MC, MCD will // mark the node degraded. We reject these. // - // REDUNDANT - Feature is also provided by a MachineConfig-specific - // field with different semantics. To reduce confusion, disable - // this implementation. - // // IMMUTABLE - Permitted in MC, passed through to Ignition, but not // supported by the MCD. MCD will mark the node degraded if the // field changes after the node is provisioned. We reject these @@ -223,12 +218,6 @@ func validateMCOSupport(mc result.MachineConfig, ts translate.TranslationSet) re // supported fields. We reject these. var r report.Report - for i, fs := range mc.Spec.Config.Storage.Filesystems { - if fs.Format != nil && *fs.Format == "none" { - // UNPARSABLE - r.AddOnError(path.New("json", "spec", "config", "storage", "filesystems", i, "format"), common.ErrFilesystemNoneSupport) - } - } for i := range mc.Spec.Config.Storage.Directories { // IMMUTABLE r.AddOnError(path.New("json", "spec", "config", "storage", "directories", i), common.ErrDirectorySupport) @@ -286,36 +275,5 @@ func validateMCOSupport(mc result.MachineConfig, ts translate.TranslationSet) re r.AddOnError(path.New("json", "spec", "config", "passwd", "users", i), common.ErrUserNameSupport) } } - for i := range mc.Spec.Config.KernelArguments.ShouldExist { - // UNPARSABLE, REDUNDANT - r.AddOnError(path.New("json", "spec", "config", "kernelArguments", "shouldExist", i), common.ErrKernelArgumentSupport) - } - for i := range mc.Spec.Config.KernelArguments.ShouldNotExist { - // UNPARSABLE, REDUNDANT - r.AddOnError(path.New("json", "spec", "config", "kernelArguments", "shouldNotExist", i), common.ErrKernelArgumentSupport) - } return cutil.TranslateReportPaths(r, ts) } - -// fcos config generates a user.cfg file using append; however, OpenShift config -// does not support append (since MCO does not support it). Let change the file to use contents -func translateUserGrubCfg(config *types.Config, ts *translate.TranslationSet) translate.TranslationSet { - newMappings := translate.NewTranslationSet("json", "json") - for i, file := range config.Storage.Files { - if file.Path == "/boot/grub2/user.cfg" { - if len(file.Append) != 1 { - // The number of append objects was different from expected, this file - // was created by the user and not via butane GRUB sugar - return *ts - } - fromPath := path.New("json", "storage", "files", i, "append", 0) - translatedPath := path.New("json", "storage", "files", i, "contents") - config.Storage.Files[i].FileEmbedded1.Contents = file.Append[0] - config.Storage.Files[i].FileEmbedded1.Append = nil - newMappings.AddFromCommonObject(fromPath, translatedPath, config.Storage.Files[i].FileEmbedded1.Contents) - - return ts.Map(newMappings) - } - } - return *ts -} diff --git a/config/openshift/v4_13/translate_test.go b/config/openshift/v4_13/translate_test.go index 77ea7da4..4719df6b 100644 --- a/config/openshift/v4_13/translate_test.go +++ b/config/openshift/v4_13/translate_test.go @@ -12,21 +12,21 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_13 import ( "fmt" "testing" baseutil "github.com/coreos/butane/base/util" - base "github.com/coreos/butane/base/v0_5_exp" + base "github.com/coreos/butane/base/v0_3" "github.com/coreos/butane/config/common" - fcos "github.com/coreos/butane/config/fcos/v1_5_exp" - "github.com/coreos/butane/config/openshift/v4_13_exp/result" + fcos "github.com/coreos/butane/config/fcos/v1_3" + "github.com/coreos/butane/config/openshift/v4_13/result" "github.com/coreos/butane/translate" "github.com/coreos/ignition/v2/config/util" - "github.com/coreos/ignition/v2/config/v3_4/types" + "github.com/coreos/ignition/v2/config/v3_2/types" "github.com/coreos/vcontext/path" "github.com/coreos/vcontext/report" "github.com/stretchr/testify/assert" @@ -51,7 +51,7 @@ func TestElidedFieldWarning(t *testing.T) { expected.AddOnWarn(path.New("yaml", "openshift", "fips"), common.ErrFieldElided) expected.AddOnWarn(path.New("yaml", "openshift", "kernel_type"), common.ErrFieldElided) - _, _, r := in.ToIgn3_4Unvalidated(common.TranslateOptions{}) + _, _, r := in.ToIgn3_2Unvalidated(common.TranslateOptions{}) assert.Equal(t, expected, r, "report mismatch") } @@ -83,7 +83,7 @@ func TestTranslateConfig(t *testing.T) { Spec: result.Spec{ Config: types.Config{ Ignition: types.Ignition{ - Version: "3.4.0", + Version: "3.2.0", }, }, }, @@ -118,23 +118,23 @@ func TestTranslateConfig(t *testing.T) { }, { Name: "b", - Options: []string{"b", "b"}, + Options: []base.LuksOption{"b", "b"}, }, { Name: "c", - Options: []string{"c", "--cipher", "c"}, + Options: []base.LuksOption{"c", "--cipher", "c"}, }, { Name: "d", - Options: []string{"--cipher=z"}, + Options: []base.LuksOption{"--cipher=z"}, }, { Name: "e", - Options: []string{"-c", "z"}, + Options: []base.LuksOption{"-c", "z"}, }, { Name: "f", - Options: []string{"--ciphertext"}, + Options: []base.LuksOption{"--ciphertext"}, }, }, }, @@ -158,7 +158,7 @@ func TestTranslateConfig(t *testing.T) { Spec: result.Spec{ Config: types.Config{ Ignition: types.Ignition{ - Version: "3.4.0", + Version: "3.2.0", }, Storage: types.Storage{ Filesystems: []types.Filesystem{ @@ -176,7 +176,7 @@ func TestTranslateConfig(t *testing.T) { Label: util.StrToPtr("luks-root"), WipeVolume: util.BoolToPtr(true), Options: []types.LuksOption{fipsCipherOption, fipsCipherArgument}, - Clevis: types.Clevis{ + Clevis: &types.Clevis{ Tpm2: util.BoolToPtr(true), }, }, @@ -271,89 +271,6 @@ func TestTranslateConfig(t *testing.T) { {From: path.New("yaml", "openshift", "fips"), To: path.New("json", "spec", "fips")}, }, }, - // Test Grub config - { - Config{ - Metadata: Metadata{ - Name: "z", - Labels: map[string]string{ - ROLE_LABEL_KEY: "z", - }, - }, - Config: fcos.Config{ - Grub: fcos.Grub{ - Users: []fcos.GrubUser{ - { - Name: "root", - PasswordHash: util.StrToPtr("grub.pbkdf2.sha512.10000.874A958E526409..."), - }, - }, - }, - }, - }, - result.MachineConfig{ - ApiVersion: result.MC_API_VERSION, - Kind: result.MC_KIND, - Metadata: result.Metadata{ - Name: "z", - Labels: map[string]string{ - ROLE_LABEL_KEY: "z", - }, - }, - Spec: result.Spec{ - Config: types.Config{ - Ignition: types.Ignition{ - Version: "3.4.0", - }, - Storage: types.Storage{ - Filesystems: []types.Filesystem{ - { - Device: "/dev/disk/by-label/boot", - Format: util.StrToPtr("ext4"), - Path: util.StrToPtr("/boot"), - }, - }, - Files: []types.File{ - { - Node: types.Node{ - Path: "/boot/grub2/user.cfg", - }, - FileEmbedded1: types.FileEmbedded1{ - Contents: types.Resource{ - Source: util.StrToPtr("data:,%23%20Generated%20by%20Butane%0A%0Aset%20superusers%3D%22root%22%0Apassword_pbkdf2%20root%20grub.pbkdf2.sha512.10000.874A958E526409...%0A"), - Compression: util.StrToPtr(""), - }, - }, - }, - }, - }, - }, - }, - }, - []translate.Translation{ - {From: path.New("yaml", "version"), To: path.New("json", "apiVersion")}, - {From: path.New("yaml", "version"), To: path.New("json", "kind")}, - {From: path.New("yaml", "version"), To: path.New("json", "spec")}, - {From: path.New("yaml"), To: path.New("json", "spec", "config")}, - {From: path.New("yaml", "ignition"), To: path.New("json", "spec", "config", "ignition")}, - {From: path.New("yaml", "version"), To: path.New("json", "spec", "config", "ignition", "version")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0)}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "path")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "device")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "format")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0)}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "path")}, - // "append" field is a remnant of translations performed in fcos config - // TODO: add a delete function to translation.TranslationSet and delete "append" translation - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "append")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents", "source")}, - {From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents", "compression")}, - }, - }, } for i, test := range tests { @@ -478,10 +395,6 @@ func TestValidateSupport(t *testing.T) { Device: "/dev/vda4", Format: util.StrToPtr("btrfs"), }, - { - Device: "/dev/vda5", - Format: util.StrToPtr("none"), - }, }, Directories: []base.Directory{ { @@ -491,7 +404,7 @@ func TestValidateSupport(t *testing.T) { Links: []base.Link{ { Path: "/l", - Target: util.StrToPtr("/t"), + Target: "/t", }, }, }, @@ -525,20 +438,11 @@ func TestValidateSupport(t *testing.T) { }, }, }, - KernelArguments: base.KernelArguments{ - ShouldExist: []base.KernelArgument{ - "foo", - }, - ShouldNotExist: []base.KernelArgument{ - "bar", - }, - }, }, }, }, []entry{ {report.Error, common.ErrBtrfsSupport, path.New("yaml", "storage", "filesystems", 0, "format")}, - {report.Error, common.ErrFilesystemNoneSupport, path.New("yaml", "storage", "filesystems", 1, "format")}, {report.Error, common.ErrDirectorySupport, path.New("yaml", "storage", "directories", 0)}, {report.Error, common.ErrFileAppendSupport, path.New("yaml", "storage", "files", 1, "append")}, {report.Error, common.ErrFileSchemeSupport, path.New("yaml", "storage", "files", 2, "contents", "source")}, @@ -557,8 +461,6 @@ func TestValidateSupport(t *testing.T) { {report.Error, common.ErrUserFieldSupport, path.New("yaml", "passwd", "users", 0, "system")}, {report.Error, common.ErrUserFieldSupport, path.New("yaml", "passwd", "users", 0, "uid")}, {report.Error, common.ErrUserNameSupport, path.New("yaml", "passwd", "users", 1)}, - {report.Error, common.ErrKernelArgumentSupport, path.New("yaml", "kernel_arguments", "should_exist", 0)}, - {report.Error, common.ErrKernelArgumentSupport, path.New("yaml", "kernel_arguments", "should_not_exist", 0)}, }, }, } diff --git a/config/openshift/v4_13/validate.go b/config/openshift/v4_13/validate.go index 74f0955d..d1e932d6 100644 --- a/config/openshift/v4_13/validate.go +++ b/config/openshift/v4_13/validate.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_13 import ( "github.com/coreos/butane/config/common" diff --git a/config/openshift/v4_13/validate_test.go b/config/openshift/v4_13/validate_test.go index 7e293283..c4f15253 100644 --- a/config/openshift/v4_13/validate_test.go +++ b/config/openshift/v4_13/validate_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_13 import ( "fmt" diff --git a/config/openshift/v4_14_exp/schema.go b/config/openshift/v4_14_exp/schema.go index ab204d39..07d5d1c0 100644 --- a/config/openshift/v4_14_exp/schema.go +++ b/config/openshift/v4_14_exp/schema.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_14_exp import ( fcos "github.com/coreos/butane/config/fcos/v1_5_exp" diff --git a/config/openshift/v4_14_exp/translate.go b/config/openshift/v4_14_exp/translate.go index 4f951b49..ca8a0b5e 100644 --- a/config/openshift/v4_14_exp/translate.go +++ b/config/openshift/v4_14_exp/translate.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_14_exp import ( "net/url" @@ -20,7 +20,7 @@ import ( "strings" "github.com/coreos/butane/config/common" - "github.com/coreos/butane/config/openshift/v4_13_exp/result" + "github.com/coreos/butane/config/openshift/v4_14_exp/result" cutil "github.com/coreos/butane/config/util" "github.com/coreos/butane/translate" @@ -37,11 +37,11 @@ const ( fipsCipherArgument = types.LuksOption("aes-cbc-essiv:sha256") ) -// ToMachineConfig4_13Unvalidated translates the config to a MachineConfig. It also +// ToMachineConfig4_14Unvalidated translates the config to a MachineConfig. It also // returns the set of translations it did so paths in the resultant config // can be tracked back to their source in the source config. No config // validation is performed on input or output. -func (c Config) ToMachineConfig4_13Unvalidated(options common.TranslateOptions) (result.MachineConfig, translate.TranslationSet, report.Report) { +func (c Config) ToMachineConfig4_14Unvalidated(options common.TranslateOptions) (result.MachineConfig, translate.TranslationSet, report.Report) { cfg, ts, r := c.Config.ToIgn3_4Unvalidated(options) if r.IsFatal() { return result.MachineConfig{}, ts, r @@ -94,12 +94,12 @@ func (c Config) ToMachineConfig4_13Unvalidated(options common.TranslateOptions) return mc, ts, r } -// ToMachineConfig4_13 translates the config to a MachineConfig. It returns a +// ToMachineConfig4_14 translates the config to a MachineConfig. It returns a // report of any errors or warnings in the source and resultant config. If // the report has fatal errors or it encounters other problems translating, // an error is returned. -func (c Config) ToMachineConfig4_13(options common.TranslateOptions) (result.MachineConfig, report.Report, error) { - cfg, r, err := cutil.Translate(c, "ToMachineConfig4_13Unvalidated", options) +func (c Config) ToMachineConfig4_14(options common.TranslateOptions) (result.MachineConfig, report.Report, error) { + cfg, r, err := cutil.Translate(c, "ToMachineConfig4_14Unvalidated", options) return cfg.(result.MachineConfig), r, err } @@ -108,7 +108,7 @@ func (c Config) ToMachineConfig4_13(options common.TranslateOptions) (result.Mac // can be tracked back to their source in the source config. No config // validation is performed on input or output. func (c Config) ToIgn3_4Unvalidated(options common.TranslateOptions) (types.Config, translate.TranslationSet, report.Report) { - mc, ts, r := c.ToMachineConfig4_13Unvalidated(options) + mc, ts, r := c.ToMachineConfig4_14Unvalidated(options) cfg := mc.Spec.Config // report warnings if there are any non-empty fields in Spec (other @@ -131,14 +131,14 @@ func (c Config) ToIgn3_4(options common.TranslateOptions) (types.Config, report. return cfg.(types.Config), r, err } -// ToConfigBytes translates from a v4.13 Butane config to a v4.13 MachineConfig or a v3.4.0 Ignition config. It returns a report of any errors or +// ToConfigBytes translates from a v4.14 Butane config to a v4.13 MachineConfig or a v3.4.0 Ignition config. It returns a report of any errors or // warnings in the source and resultant config. If the report has fatal errors or it encounters other problems // translating, an error is returned. func ToConfigBytes(input []byte, options common.TranslateBytesOptions) ([]byte, report.Report, error) { if options.Raw { return cutil.TranslateBytes(input, &Config{}, "ToIgn3_4", options) } else { - return cutil.TranslateBytesYAML(input, &Config{}, "ToMachineConfig4_13", options) + return cutil.TranslateBytesYAML(input, &Config{}, "ToMachineConfig4_14", options) } } diff --git a/config/openshift/v4_14_exp/translate_test.go b/config/openshift/v4_14_exp/translate_test.go index 77ea7da4..cbc6932a 100644 --- a/config/openshift/v4_14_exp/translate_test.go +++ b/config/openshift/v4_14_exp/translate_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_14_exp import ( "fmt" @@ -22,7 +22,7 @@ import ( base "github.com/coreos/butane/base/v0_5_exp" "github.com/coreos/butane/config/common" fcos "github.com/coreos/butane/config/fcos/v1_5_exp" - "github.com/coreos/butane/config/openshift/v4_13_exp/result" + "github.com/coreos/butane/config/openshift/v4_14_exp/result" "github.com/coreos/butane/translate" "github.com/coreos/ignition/v2/config/util" @@ -358,7 +358,7 @@ func TestTranslateConfig(t *testing.T) { for i, test := range tests { t.Run(fmt.Sprintf("translate %d", i), func(t *testing.T) { - actual, translations, r := test.in.ToMachineConfig4_13Unvalidated(common.TranslateOptions{}) + actual, translations, r := test.in.ToMachineConfig4_14Unvalidated(common.TranslateOptions{}) assert.Equal(t, test.out, actual, "translation mismatch") assert.Equal(t, report.Report{}, r, "non-empty report") baseutil.VerifyTranslations(t, translations, test.exceptions) @@ -569,7 +569,7 @@ func TestValidateSupport(t *testing.T) { for _, entry := range test.entries { expectedReport.AddOn(entry.path, entry.err, entry.kind) } - actual, translations, r := test.in.ToMachineConfig4_13Unvalidated(common.TranslateOptions{}) + actual, translations, r := test.in.ToMachineConfig4_14Unvalidated(common.TranslateOptions{}) assert.Equal(t, expectedReport, r, "report mismatch") assert.NoError(t, translations.DebugVerifyCoverage(actual), "incomplete TranslationSet coverage") }) diff --git a/config/openshift/v4_14_exp/validate.go b/config/openshift/v4_14_exp/validate.go index 74f0955d..09cc1673 100644 --- a/config/openshift/v4_14_exp/validate.go +++ b/config/openshift/v4_14_exp/validate.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_14_exp import ( "github.com/coreos/butane/config/common" diff --git a/config/openshift/v4_14_exp/validate_test.go b/config/openshift/v4_14_exp/validate_test.go index 7e293283..89101d71 100644 --- a/config/openshift/v4_14_exp/validate_test.go +++ b/config/openshift/v4_14_exp/validate_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License.) -package v4_13_exp +package v4_14_exp import ( "fmt" diff --git a/docs/config-openshift-v4_13.md b/docs/config-openshift-v4_13.md index 712a6c83..5b3d33cf 100644 --- a/docs/config-openshift-v4_13.md +++ b/docs/config-openshift-v4_13.md @@ -1,24 +1,22 @@ --- -title: OpenShift v4.13.0-experimental +title: OpenShift v4.13.0 parent: Configuration specifications -nav_order: 150 +nav_order: 144 --- -# OpenShift Specification v4.13.0-experimental - -**Note: This configuration is experimental and has not been stabilized. It is subject to change without warning or announcement.** +# OpenShift Specification v4.13.0 The OpenShift configuration is a YAML document conforming to the following specification, with **_italicized_** entries being optional: * **variant** (string): used to differentiate configs for different operating systems. Must be `openshift` for this specification. -* **version** (string): the semantic version of the spec for this document. This document is for version `4.13.0-experimental` and generates Ignition configs with version `3.4.0`. +* **version** (string): the semantic version of the spec for this document. This document is for version `4.13.0` and generates Ignition configs with version `3.2.0`. * **metadata** (object): metadata about the generated MachineConfig resource. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config. * **name** (string): a unique [name][k8s-names] for this MachineConfig resource. * **labels** (object): string key/value pairs to apply as [Kubernetes labels][k8s-labels] to this MachineConfig resource. `machineconfiguration.openshift.io/role` is required. * **_ignition_** (object): metadata about the configuration itself. * **_config_** (objects): options related to the configuration. * **_merge_** (list of objects): a list of the configs to be merged to the current config. - * **_source_** (string): the URL of the config. Supported schemes are `http`, `https`, `s3`, `arn`, `gs`, `tftp`, and [`data`][rfc2397]. Note: When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. + * **_source_** (string): the URL of the config. Supported schemes are `http`, `https`, `s3`, `gs`, `tftp`, and [`data`][rfc2397]. Note: When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. * **_inline_** (string): the contents of the config. Mutually exclusive with `source` and `local`. * **_local_** (string): a local path to the contents of the config, relative to the directory specified by the `--files-dir` command-line argument. Mutually exclusive with `source` and `inline`. * **_compression_** (string): the type of compression used on the config (null or gzip). Compression cannot be used with S3. @@ -28,7 +26,7 @@ The OpenShift configuration is a YAML document conforming to the following speci * **_verification_** (object): options related to the verification of the config. * **_hash_** (string): the hash of the config, in the form `-` where type is either `sha512` or `sha256`. If `compression` is specified, the hash describes the decompressed config. * **_replace_** (object): the config that will replace the current. - * **_source_** (string): the URL of the config. Supported schemes are `http`, `https`, `s3`, `arn`, `gs`, `tftp`, and [`data`][rfc2397]. Note: When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. + * **_source_** (string): the URL of the config. Supported schemes are `http`, `https`, `s3`,`gs`, `tftp`, and [`data`][rfc2397]. Note: When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. * **_inline_** (string): the contents of the config. Mutually exclusive with `source` and `local`. * **_local_** (string): a local path to the contents of the config, relative to the directory specified by the `--files-dir` command-line argument. Mutually exclusive with `source` and `inline`. * **_compression_** (string): the type of compression used on the config (null or gzip). Compression cannot be used with S3. @@ -43,7 +41,7 @@ The OpenShift configuration is a YAML document conforming to the following speci * **_security_** (object): options relating to network security. * **_tls_** (object): options relating to TLS when fetching resources over `https`. * **_certificate_authorities_** (list of objects): the list of additional certificate authorities (in addition to the system authorities) to be used for TLS verification when fetching over `https`. All certificate authorities must have a unique `source`, `inline`, or `local`. - * **_source_** (string): the URL of the certificate bundle (in PEM format). With Ignition ≥ 2.4.0, the bundle can contain multiple concatenated certificates. Supported schemes are `http`, `https`, `s3`, `arn`, `gs`, `tftp`, and [`data`][rfc2397]. Note: When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. + * **_source_** (string): the URL of the certificate bundle (in PEM format). With Ignition ≥ 2.4.0, the bundle can contain multiple concatenated certificates. Supported schemes are `http`, `https`, `s3`, `gs`, `tftp`, and [`data`][rfc2397]. Note: When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. * **_inline_** (string): the contents of the certificate bundle (in PEM format). With Ignition ≥ 2.4.0, the bundle can contain multiple concatenated certificates. Mutually exclusive with `source` and `local`. * **_local_** (string): a local path to the contents of the certificate bundle (in PEM format), relative to the directory specified by the `--files-dir` command-line argument. With Ignition ≥ 2.4.0, the bundle can contain multiple concatenated certificates. Mutually exclusive with `source` and `inline`. * **_compression_** (string): the type of compression used on the certificate (null or gzip). Compression cannot be used with S3. @@ -108,7 +106,7 @@ The OpenShift configuration is a YAML document conforming to the following speci * **device** (string): the absolute path to the device. Devices are typically referenced by the `/dev/disk/by-*` symlinks. * **_key_file_** (string): options related to the contents of the key file. * **_compression_** (string): the type of compression used on the contents (null or gzip). Compression cannot be used with S3. - * **_source_** (string): the URL of the key file contents. Supported schemes are `http`, `https`, `tftp`, `s3`, `arn`, `gs`, and [`data`][rfc2397]. When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. + * **_source_** (string): the URL of the key file contents. Supported schemes are `http`, `https`, `tftp`, `s3`, `gs`, and [`data`][rfc2397]. When using `http`, it is advisable to use the verification option to ensure the contents haven't been modified. Mutually exclusive with `inline` and `local`. * **_inline_** (string): the contents of the key file. Mutually exclusive with `source` and `local`. * **_local_** (string): a local path to the contents of the key file, relative to the directory specified by the `--files-dir` command-line argument. Mutually exclusive with `source` and `inline`. * **_http_headers_** (list of objects): a list of HTTP headers to be added to the request. Available for `http` and `https` source schemes only. diff --git a/docs/config-openshift-v4_14-exp.md b/docs/config-openshift-v4_14-exp.md index 4ed6a100..128d8dbb 100644 --- a/docs/config-openshift-v4_14-exp.md +++ b/docs/config-openshift-v4_14-exp.md @@ -1,17 +1,17 @@ --- -title: OpenShift v4.13.0-experimental +title: OpenShift v4.14.0-experimental parent: Configuration specifications nav_order: 150 --- -# OpenShift Specification v4.13.0-experimental +# OpenShift Specification v4.14.0-experimental **Note: This configuration is experimental and has not been stabilized. It is subject to change without warning or announcement.** The OpenShift configuration is a YAML document conforming to the following specification, with **_italicized_** entries being optional: * **variant** (string): used to differentiate configs for different operating systems. Must be `openshift` for this specification. -* **version** (string): the semantic version of the spec for this document. This document is for version `4.13.0-experimental` and generates Ignition configs with version `3.4.0`. +* **version** (string): the semantic version of the spec for this document. This document is for version `4.14.0-experimental` and generates Ignition configs with version `3.4.0`. * **metadata** (object): metadata about the generated MachineConfig resource. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config. * **name** (string): a unique [name][k8s-names] for this MachineConfig resource. * **labels** (object): string key/value pairs to apply as [Kubernetes labels][k8s-labels] to this MachineConfig resource. `machineconfiguration.openshift.io/role` is required. diff --git a/docs/release-notes.md b/docs/release-notes.md index 558350eb..a1bf5944 100644 --- a/docs/release-notes.md +++ b/docs/release-notes.md @@ -12,12 +12,15 @@ nav_order: 9 ### Features +- Stabilize OpenShift spec 4.13.0, targeting Ignition spec 3.2.0 +- Add OpenShift spec 4.14.0-experimental, targeting Ignition spec + 3.4.0 - Allow enabling discard passthrough on LUKS devices _(fcos 1.5.0-exp, - flatcar 1.1.0-exp, openshift 4.13.0-exp)_ + flatcar 1.1.0-exp, openshift 4.14.0-exp)_ - Allow specifying arbitrary LUKS open options _(fcos 1.5.0-exp, - flatcar 1.1.0-exp, openshift 4.13.0-exp)_ -- Allow specifying user password hash _(openshift 4.13.0-exp)_ -- Support offline Tang provisioning via pre-shared advertisement _(fcos 1.5.0-exp, openshift 4.13.0-exp)_ + flatcar 1.1.0-exp, openshift 4.14.0-exp)_ +- Allow specifying user password hash _(openshift 4.14.0-exp)_ +- Support offline Tang provisioning via pre-shared advertisement _(fcos 1.5.0-exp, openshift 4.14.0-exp)_ ### Bug fixes @@ -26,9 +29,10 @@ nav_order: 9 ### Misc. changes -- Drop `extensions` section _(fcos 1.5.0-exp, openshift 4.13.0-exp)_ +- Roll back to Ignition spec 3.2.0 _(openshift 4.13.0)_ +- Drop `extensions` section _(fcos 1.5.0-exp, openshift 4.14.0-exp)_ - Drop `LuksOption` and `RaidOption` types _(Go API for fcos 1.5.0-experimental, - flatcar 1.1.0-experimental, openshift 4.13.0-experimental)_ + flatcar 1.1.0-experimental, openshift 4.14.0-experimental)_ - Require Go 1.18+ ### Docs changes diff --git a/docs/specs.md b/docs/specs.md index eb626dfe..ba12cd3c 100644 --- a/docs/specs.md +++ b/docs/specs.md @@ -23,6 +23,7 @@ We recommend that you always use the latest **stable** specification for your op - Flatcar (`flatcar`) - [v1.0.0](config-flatcar-v1_0.md) - OpenShift (`openshift`) + - [v4.13.0](config-openshift-v4_13.md) - [v4.12.0](config-openshift-v4_12.md) - [v4.11.0](config-openshift-v4_11.md) - [v4.10.0](config-openshift-v4_10.md) @@ -40,7 +41,7 @@ Do not use **experimental** specifications for anything beyond **development and - Flatcar (`flatcar`) - [v1.1.0-experimental](config-flatcar-v1_1-exp.md) - OpenShift (`openshift`) - - [v4.13.0-experimental](config-openshift-v4_13-exp.md) + - [v4.14.0-experimental](config-openshift-v4_14-exp.md) - RHEL for Edge (`r4e`) - [v1.1.0-experimental](config-r4e-v1_1-exp.md) @@ -63,6 +64,7 @@ Each version of the Butane specification corresponds to a version of the Ignitio | `openshift` | 4.10.0 | 3.2.0 | | `openshift` | 4.11.0 | 3.2.0 | | `openshift` | 4.12.0 | 3.2.0 | -| `openshift` | 4.13.0-experimental | 3.4.0 | +| `openshift` | 4.13.0 | 3.2.0 | +| `openshift` | 4.14.0-experimental | 3.4.0 | | `r4e` | 1.0.0 | 3.3.0 | | `r4e` | 1.1.0-experimental | 3.4.0 | diff --git a/docs/upgrading-openshift.md b/docs/upgrading-openshift.md index 395dd924..55bd796c 100644 --- a/docs/upgrading-openshift.md +++ b/docs/upgrading-openshift.md @@ -13,6 +13,10 @@ Occasionally, changes are made to OpenShift Butane configs (those that specify ` 1. TOC {:toc} +## From Version 4.12.0 to 4.13.0 + +There are no breaking changes between versions 4.12.0 and 4.13.0 of the `openshift` configuration specification. Any valid 4.12.0 configuration can be updated to a 4.13.0 configuration by changing the version string in the config. + ## From Version 4.11.0 to 4.12.0 There are no breaking changes between versions 4.11.0 and 4.12.0 of the `openshift` configuration specification. Any valid 4.11.0 configuration can be updated to a 4.12.0 configuration by changing the version string in the config.