diff --git a/Makefile.version.aarch64.var b/Makefile.version.aarch64.var index 362184f426..6d314a6cf3 100644 --- a/Makefile.version.aarch64.var +++ b/Makefile.version.aarch64.var @@ -1 +1 @@ -OCP_VERSION := 5.0.0-0.nightly-arm64-2026-05-06-233705 +OCP_VERSION := 5.0.0-0.nightly-arm64-2026-05-07-233705 diff --git a/Makefile.version.x86_64.var b/Makefile.version.x86_64.var index da111c0300..c18ef011c7 100644 --- a/Makefile.version.x86_64.var +++ b/Makefile.version.x86_64.var @@ -1 +1 @@ -OCP_VERSION := 5.0.0-0.nightly-2026-05-05-231020 +OCP_VERSION := 5.0.0-0.nightly-2026-05-07-114403 diff --git a/assets/components/multus/kustomization.aarch64.yaml b/assets/components/multus/kustomization.aarch64.yaml index 0cb177a79c..1fa40fe9d7 100644 --- a/assets/components/multus/kustomization.aarch64.yaml +++ b/assets/components/multus/kustomization.aarch64.yaml @@ -2,7 +2,7 @@ images: - name: multus-cni-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:39553f8b8ee836be1f442665fc55be7642261b7766f4b2fff0b30718abc9dae2 + digest: sha256:0419b8946da554100869c1d2cab4f568cd7287d57b6e01558998a1dbb9422efc - name: containernetworking-plugins-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:6cbb31dceaec7a3fd771c614b804176e0947bc4e5278e3af167b9b1ba744e740 + digest: sha256:96bffbb8d7f3efd742853a424e730e70fdb4889d0628f072db19039cbaaa70e6 diff --git a/assets/components/multus/kustomization.x86_64.yaml b/assets/components/multus/kustomization.x86_64.yaml index 6d76735ac0..7f4b337ccc 100644 --- a/assets/components/multus/kustomization.x86_64.yaml +++ b/assets/components/multus/kustomization.x86_64.yaml @@ -2,7 +2,7 @@ images: - name: multus-cni-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:9e3d2bea43fd760020304e1b77e4d8b22c1effb0c575bb00efda8ce4c73f0ead + digest: sha256:f1dfb635e62215c6b02d70ee5c5da7892876f2dd9b9291447f78a219f6cf8080 - name: containernetworking-plugins-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:12943ba669bad24ae74176906654bd96b46827714f7e0bb46db338d920215ede + digest: sha256:d397da631df1f1b257b682088d85961d656ca69edb02257b99d4929a222a0440 diff --git a/assets/components/multus/release-multus-aarch64.json b/assets/components/multus/release-multus-aarch64.json index 270d1ba859..76d60732ac 100644 --- a/assets/components/multus/release-multus-aarch64.json +++ b/assets/components/multus/release-multus-aarch64.json @@ -1,9 +1,9 @@ { "release": { - "base": "5.0.0-0.nightly-arm64-2026-05-06-233705" + "base": "5.0.0-0.nightly-arm64-2026-05-07-233705" }, "images": { - "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:39553f8b8ee836be1f442665fc55be7642261b7766f4b2fff0b30718abc9dae2", - "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:6cbb31dceaec7a3fd771c614b804176e0947bc4e5278e3af167b9b1ba744e740" + "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0419b8946da554100869c1d2cab4f568cd7287d57b6e01558998a1dbb9422efc", + "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:96bffbb8d7f3efd742853a424e730e70fdb4889d0628f072db19039cbaaa70e6" } } diff --git a/assets/components/multus/release-multus-x86_64.json b/assets/components/multus/release-multus-x86_64.json index 5f972198f7..91c611e775 100644 --- a/assets/components/multus/release-multus-x86_64.json +++ b/assets/components/multus/release-multus-x86_64.json @@ -1,9 +1,9 @@ { "release": { - "base": "5.0.0-0.nightly-2026-05-05-231020" + "base": "5.0.0-0.nightly-2026-05-07-114403" }, "images": { - "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:9e3d2bea43fd760020304e1b77e4d8b22c1effb0c575bb00efda8ce4c73f0ead", - "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:12943ba669bad24ae74176906654bd96b46827714f7e0bb46db338d920215ede" + "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:f1dfb635e62215c6b02d70ee5c5da7892876f2dd9b9291447f78a219f6cf8080", + "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:d397da631df1f1b257b682088d85961d656ca69edb02257b99d4929a222a0440" } } diff --git a/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml b/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml index f495f41c72..450647e187 100644 --- a/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml +++ b/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml @@ -2,13 +2,13 @@ images: - name: quay.io/operator-framework/olm newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:882318cac95ca934668849dcd7d5da9a9198c968c6b561ac9bb43b28c5454ff2 + digest: sha256:cb1a4757e20b4212972f1626e007f7eca05de56252d4127db38cdb0e05801134 - name: quay.io/operator-framework/configmap-operator-registry newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:cf89dd206b52c7bb704d6609e90d47fe116a68bcf5c6e20525bebf9fe2d9b370 + digest: sha256:29e2d6d0dcb07e52a511195107f2ae607a40694cf652577b6a0064b6d741729d - name: quay.io/openshift/origin-kube-rbac-proxy newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:0446463c285378b96336a9bcfdc1560181ceb3c2c2c9d0e1274c4978d043a10e + digest: sha256:1ed9257b8ee67cac5f75a6cb8ff80ff99e44bf67e2864b1fb7a7a09c34d5bdb6 patches: - patch: |- @@ -16,12 +16,12 @@ patches: path: /spec/template/spec/containers/0/env/- value: name: OPERATOR_REGISTRY_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:cf89dd206b52c7bb704d6609e90d47fe116a68bcf5c6e20525bebf9fe2d9b370 + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:29e2d6d0dcb07e52a511195107f2ae607a40694cf652577b6a0064b6d741729d - op: add path: /spec/template/spec/containers/0/env/- value: name: OLM_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:882318cac95ca934668849dcd7d5da9a9198c968c6b561ac9bb43b28c5454ff2 + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:cb1a4757e20b4212972f1626e007f7eca05de56252d4127db38cdb0e05801134 target: kind: Deployment labelSelector: app=catalog-operator diff --git a/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml b/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml index 18a959d93c..58dd5b5951 100644 --- a/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml +++ b/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml @@ -2,13 +2,13 @@ images: - name: quay.io/operator-framework/olm newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:9af145c15f17fbc08ff3490c71e6a69fdb364914be5ae3c3cf0498d55cbc40c9 + digest: sha256:bcb13a1695726b8f68dadb3a0c2411f7acdac47cbdea29759da5bff4214e5b8f - name: quay.io/operator-framework/configmap-operator-registry newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:bc549adfc831847203871fe9ebd1a4c9f54ab5f94843a3c4f20c9f9553984767 + digest: sha256:fec8a43ec565361b34881820e5322d15711a313463f4b25fcf5d48eef4c4c9dd - name: quay.io/openshift/origin-kube-rbac-proxy newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:3482ea3d2b8dce334f07b89086fdb06543d1a1680b4e71f937fbd13a171c42cf + digest: sha256:8222e4f74bbfa6138b29668f3c54d4df920a9ff67cfefca877bb9932cfc65ae9 patches: - patch: |- @@ -16,12 +16,12 @@ patches: path: /spec/template/spec/containers/0/env/- value: name: OPERATOR_REGISTRY_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bc549adfc831847203871fe9ebd1a4c9f54ab5f94843a3c4f20c9f9553984767 + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:fec8a43ec565361b34881820e5322d15711a313463f4b25fcf5d48eef4c4c9dd - op: add path: /spec/template/spec/containers/0/env/- value: name: OLM_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:9af145c15f17fbc08ff3490c71e6a69fdb364914be5ae3c3cf0498d55cbc40c9 + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bcb13a1695726b8f68dadb3a0c2411f7acdac47cbdea29759da5bff4214e5b8f target: kind: Deployment labelSelector: app=catalog-operator diff --git a/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json b/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json index 9f1a5b3ffa..6d28008616 100644 --- a/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json +++ b/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json @@ -1,10 +1,10 @@ { "release": { - "base": "5.0.0-0.nightly-arm64-2026-05-06-233705" + "base": "5.0.0-0.nightly-arm64-2026-05-07-233705" }, "images": { - "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:882318cac95ca934668849dcd7d5da9a9198c968c6b561ac9bb43b28c5454ff2", - "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:cf89dd206b52c7bb704d6609e90d47fe116a68bcf5c6e20525bebf9fe2d9b370", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0446463c285378b96336a9bcfdc1560181ceb3c2c2c9d0e1274c4978d043a10e" + "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:cb1a4757e20b4212972f1626e007f7eca05de56252d4127db38cdb0e05801134", + "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:29e2d6d0dcb07e52a511195107f2ae607a40694cf652577b6a0064b6d741729d", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:1ed9257b8ee67cac5f75a6cb8ff80ff99e44bf67e2864b1fb7a7a09c34d5bdb6" } } diff --git a/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json b/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json index d91fba0e84..b0eb9af828 100644 --- a/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json +++ b/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json @@ -1,10 +1,10 @@ { "release": { - "base": "5.0.0-0.nightly-2026-05-05-231020" + "base": "5.0.0-0.nightly-2026-05-07-114403" }, "images": { - "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:9af145c15f17fbc08ff3490c71e6a69fdb364914be5ae3c3cf0498d55cbc40c9", - "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bc549adfc831847203871fe9ebd1a4c9f54ab5f94843a3c4f20c9f9553984767", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:3482ea3d2b8dce334f07b89086fdb06543d1a1680b4e71f937fbd13a171c42cf" + "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bcb13a1695726b8f68dadb3a0c2411f7acdac47cbdea29759da5bff4214e5b8f", + "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:fec8a43ec565361b34881820e5322d15711a313463f4b25fcf5d48eef4c4c9dd", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:8222e4f74bbfa6138b29668f3c54d4df920a9ff67cfefca877bb9932cfc65ae9" } } diff --git a/assets/release/release-aarch64.json b/assets/release/release-aarch64.json index 7e694e1233..f14d8d4bc7 100644 --- a/assets/release/release-aarch64.json +++ b/assets/release/release-aarch64.json @@ -1,16 +1,16 @@ { "release": { - "base": "5.0.0-0.nightly-arm64-2026-05-06-233705" + "base": "5.0.0-0.nightly-arm64-2026-05-07-233705" }, "images": { - "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:3277eaa3a85a72ce660972f7baebbe0748e7c9f011856c0a663dd46456275484", - "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:e9864b5d80dfd8f55aabae4b59c1589d5c5632085def754a3857a34b8a371f73", - "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:7f283ab977c67b26b55efc5476855e16e24a46b453a01a2d8ff389aca4db4547", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0446463c285378b96336a9bcfdc1560181ceb3c2c2c9d0e1274c4978d043a10e", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:f571b5d5727dd2f1ab6093338bf12d9fad21d6672a2fa3f3a5db0997ebc76d25", - "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:cc92fce3d1515a67507dde231828df292e47d8c1e10bf399d12cf395ff9d5178", - "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:b6761de6a76f9dad5eaef988546747c4836b3ead5e619d20026824a9dc2b0893", + "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:dd590c51d530eb48f689e8097e2c5bbfe319f55a6a034620c88cad76666c23f1", + "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:8fa002a213169cb15d7e2e1a453de7e27ee351d831e44d024c99fcb9ae03c8ce", + "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:c4ca276618e4a0d96d52743bebb3080891dfe1e303133beacf2bd37b73e0320f", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:1ed9257b8ee67cac5f75a6cb8ff80ff99e44bf67e2864b1fb7a7a09c34d5bdb6", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:531ff65e820f164733ffbf84b6473409826c9590b97a0a779a1f24031935203e", + "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:3fe0f31aebb1871d61ab5d5996cd7171e57027d419747130743e60a45c512939", + "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:fa287ac17c526a95fdf8a5a7a4be597ac77b46c0120838f2643f8e0f13f7b79e", "lvms_operator": "registry.redhat.io/lvms4/lvms-rhel9-operator@sha256:3766640b19c336b443619ecdb35f36b479c79ea71b21de97febf024a5eaf6c84", - "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:ce0f839b8e9c87191ea14eb415d2e4da4f938f31d67e22b00ecea232528ed4c5" + "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:499419aed4bec193ecdd2c1a3e9f80dc87caa117c4ecec88d08938cc35ebf696" } } diff --git a/assets/release/release-x86_64.json b/assets/release/release-x86_64.json index e43caa7540..a8116c70d5 100644 --- a/assets/release/release-x86_64.json +++ b/assets/release/release-x86_64.json @@ -1,16 +1,16 @@ { "release": { - "base": "5.0.0-0.nightly-2026-05-05-231020" + "base": "5.0.0-0.nightly-2026-05-07-114403" }, "images": { - "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:e8b207ab1f79cd199ed14b049e94c0b20575a432f345c6b26958e93f8bd0950f", - "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:304935bdd611c30672df711b3a2ef97166a103adbf8b001cdf5e4f4522da5271", - "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0549986bcbce883d1025bf92e21226e3a651405f543b97e39a9cec663aa975ce", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:3482ea3d2b8dce334f07b89086fdb06543d1a1680b4e71f937fbd13a171c42cf", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:a1665452c9943ca04b084e2f6b5016690ac820212687a3767ff1c89bdeb1a6f6", - "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:928bc512af4f6a8372f90d9e3c1aae0e5f11def3ad36e94e96be9abf0e98c718", - "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:5e568f1c00750c8e248388b53d4c3b12a5cdb714e350a74a5199c52ec11c8613", + "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:ed5939130af392e761cbb664373f901fc4493fbe6a424b5b63f2f83eac22256f", + "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:a5da0cf18dfcac91ba02842f7f1303815c9848e787f5bc62eb1b0c06c970dfad", + "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:852316baf30018a983f00f600d4a6306b4b2745b7e8227de3356682dbc5cd2fb", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:8222e4f74bbfa6138b29668f3c54d4df920a9ff67cfefca877bb9932cfc65ae9", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:f6c8d741caf8400bfc5e90ba721b7331e284c6ee63ec6cd753fe8aff0a641248", + "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:a0e20ffbf1dbde1d887ca948c8b8ef2404b0b4a0d00187402edf22665e5ed578", + "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:c5d024b03285795cd3d3f2f110de6465c315fed3c1fc695343d9c5106862d794", "lvms_operator": "registry.redhat.io/lvms4/lvms-rhel9-operator@sha256:58804d8baf922927b66cec9424d431a3bdb341d207024ce40cc8f0123bac03ee", - "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:2fb9d63f94d6f17f4ddd326d2dd8f78b041b8001747117919eb87e30a6a150f4" + "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:69d05cdbea20351d2baaea5fc112d6aeaa668bf13b6d69532e5632d5679bbdca" } } diff --git a/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go b/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go index cffb723f2c..192ee26d73 100644 --- a/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go +++ b/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go @@ -212,6 +212,9 @@ func (c *Config) incorporateUserSettings(u *Config) { if u.DNS.BaseDomain != "" { c.DNS.BaseDomain = u.DNS.BaseDomain } + if u.DNS.ConfigFile != "" { + c.DNS.ConfigFile = u.DNS.ConfigFile + } if u.Network.CNIPlugin != "" { c.Network.CNIPlugin = u.Network.CNIPlugin diff --git a/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go b/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go index d8948449c9..b567cbbc08 100644 --- a/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go +++ b/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go @@ -27,6 +27,15 @@ type DNS struct { // +kubebuilder:example=microshift.example.com BaseDomain string `json:"baseDomain"` + // configFile is the path to a custom CoreDNS Corefile on the host filesystem. + // When set, MicroShift uses this file as the Corefile in the dns-default ConfigMap, + // fully replacing the default template-rendered configuration. + // Changes to this file are detected at runtime and applied without restarting MicroShift. + // Mutually exclusive with dns.hosts: setting both causes a startup error. + // +optional + // +kubebuilder:example="/etc/microshift/dns/Corefile" + ConfigFile string `json:"configFile,omitempty"` + // Hosts contains configuration for the hosts file. Hosts HostsConfig `json:"hosts,omitempty"` } @@ -59,36 +68,31 @@ func dnsDefaults() DNS { } func (t *DNS) validate() error { - switch t.Hosts.Status { - case HostsStatusEnabled: - if t.Hosts.File == "" { - break - } + if t.ConfigFile != "" && t.Hosts.Status == HostsStatusEnabled { + return fmt.Errorf("dns.configFile and dns.hosts are mutually exclusive") + } - cleanPath := filepath.Clean(t.Hosts.File) + if err := t.validateConfigFile(); err != nil { + return err + } - fi, err := os.Stat(cleanPath) - // Enforce ConfigMap requirement: the file must not exceed 1MiB, as it will be mounted into a ConfigMap. - if err == nil && fi.Size() > 1048576 { - return fmt.Errorf("hosts file %s exceeds 1MiB ConfigMap (and internal buffer) size limit (got %d bytes)", t.Hosts.File, fi.Size()) - } - if !filepath.IsAbs(cleanPath) { - return fmt.Errorf("hosts file path must be absolute: got %s", t.Hosts.File) - } + return t.validateHosts() +} - _, err = os.Stat(cleanPath) - if os.IsNotExist(err) { - return fmt.Errorf("hosts file %s does not exist", t.Hosts.File) - } else if err != nil { - return fmt.Errorf("error checking hosts file %s: %v", t.Hosts.File, err) - } +func (t *DNS) validateConfigFile() error { + if t.ConfigFile == "" { + return nil + } + return validateFilePath(t.ConfigFile, "dns config file") +} - file, err := os.Open(t.Hosts.File) - if err != nil { - return fmt.Errorf("hosts file %s is not readable: %v", t.Hosts.File, err) +func (t *DNS) validateHosts() error { + switch t.Hosts.Status { + case HostsStatusEnabled: + if t.Hosts.File == "" { + break } - return file.Close() - + return validateFilePath(t.Hosts.File, "hosts file") case HostsStatusDisabled: return nil default: @@ -96,3 +100,34 @@ func (t *DNS) validate() error { } return nil } + +func validateFilePath(path, label string) error { + cleanPath := filepath.Clean(path) + if !filepath.IsAbs(cleanPath) { + return fmt.Errorf("%s path must be absolute: got %s", label, path) + } + + fi, err := os.Stat(cleanPath) + if os.IsNotExist(err) { + return fmt.Errorf("%s %s does not exist", label, path) + } else if err != nil { + return fmt.Errorf("error checking %s %s: %v", label, path, err) + } + if !fi.Mode().IsRegular() { + return fmt.Errorf("%s %s must be a regular file", label, path) + } + + if fi.Size() == 0 { + return fmt.Errorf("%s %s is empty", label, path) + } + + if fi.Size() > 1048576 { + return fmt.Errorf("%s %s exceeds 1MiB size limit (got %d bytes)", label, path, fi.Size()) + } + + file, err := os.Open(cleanPath) + if err != nil { + return fmt.Errorf("%s %s is not readable: %v", label, path, err) + } + return file.Close() +} diff --git a/packaging/crio.conf.d/10-microshift_amd64.conf b/packaging/crio.conf.d/10-microshift_amd64.conf index c4e400d86d..31e70bb47f 100644 --- a/packaging/crio.conf.d/10-microshift_amd64.conf +++ b/packaging/crio.conf.d/10-microshift_amd64.conf @@ -2,6 +2,6 @@ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:928bc512af4f6a8372f90d9e3c1aae0e5f11def3ad36e94e96be9abf0e98c718" +pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:a0e20ffbf1dbde1d887ca948c8b8ef2404b0b4a0d00187402edf22665e5ed578" pause_image_auth_file = "/etc/crio/openshift-pull-secret" pause_command = "/usr/bin/pod" diff --git a/packaging/crio.conf.d/10-microshift_arm64.conf b/packaging/crio.conf.d/10-microshift_arm64.conf index 7c10be8155..dd0070d322 100644 --- a/packaging/crio.conf.d/10-microshift_arm64.conf +++ b/packaging/crio.conf.d/10-microshift_arm64.conf @@ -2,6 +2,6 @@ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:cc92fce3d1515a67507dde231828df292e47d8c1e10bf399d12cf395ff9d5178" +pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:3fe0f31aebb1871d61ab5d5996cd7171e57027d419747130743e60a45c512939" pause_image_auth_file = "/etc/crio/openshift-pull-secret" pause_command = "/usr/bin/pod" diff --git a/scripts/auto-rebase/changelog.txt b/scripts/auto-rebase/changelog.txt index 8d92762d0e..5a32e0f1ee 100644 --- a/scripts/auto-rebase/changelog.txt +++ b/scripts/auto-rebase/changelog.txt @@ -1,57 +1,72 @@ -- api embedded-component a49973eaef537f281362e1ffa3abeacf7ed85c62 to 28b45b8020c71ad7c056b3ad1d569eff94d6b878 - - e9c797fc 2026-05-01T11:53:18-04:00 Clarify cluster operator Progressing condition - - 3dd2dc4b 2026-04-29T11:06:20+02:00 MON-4561: API: Add softirqs node-exporter collector to ClusterMonitoring CRD +- api embedded-component 28b45b8020c71ad7c056b3ad1d569eff94d6b878 to ecec2e859bad0c9288c2fef3dded294c44c12c61 + - ebfb8f08 2026-04-28T12:16:15+05:30 Revert "OCPBUGS-83492: Allow :ref suffix in additionalLayerStores path for stargz-store to support lazy image pulling" + - 51fe56c7 2026-04-08T20:43:45+02:00 Promote EVPN Feature Gate -- cluster-ingress-operator embedded-component 98ff1a6fedd18fbf2ed6fec9796104d7b4bc952c to df64b34df475cd58b0342dd617c29a9180ea9e5e - - a846988 2026-04-10T00:51:18-04:00 waitForDeploymentEnvVar: Remove client parameter - - 9d2f210 2026-04-10T00:51:18-04:00 TestUnsupportedConfigOverride: Ignore featuregate - - 579b4de 2026-04-10T00:26:09-04:00 Add waitForDeploymentFunc test helper func - - 49371cb 2026-03-30T16:43:15-04:00 waitForDeploymentEnvVar: Fix godoc +- cluster-ingress-operator embedded-component df64b34df475cd58b0342dd617c29a9180ea9e5e to 1a9e496df580ea7c3a0da6018a6713be4e187c85 + - b99436e 2026-05-04T13:37:37-04:00 Allow host network connections to the ingress canary -- cluster-network-operator embedded-component 23f002049008db9e852694ff2baaa68cd5b84525 to b1101d16e850319c488a47cb5c756402075900b8 - - 7795779 2026-05-04T19:10:11+05:30 frr-k8s: enable BGP daemon to listen on standard port 179 - - a09d0c1 2026-05-04T19:10:11+05:30 ovn-k: grant routeadvertisements CRUD to control-plane SA in managed routing mode +- cluster-kube-apiserver-operator embedded-component 9b45cbafcea23be9c63e01947506495d030666d0 to 29c414767d458310f3bee40308cde49ffad73507 + - ca5e71a 2026-04-28T11:50:35-04:00 vendor: bump library-go + - beb322c 2026-04-28T11:48:53-04:00 Use SkipInClusterAuthenticationLookup in check-endpoints -- kubernetes embedded-component 2447118a5cf501f71c2da4b2f4ff14f3492aec10 to 5f099ccd1e8345f615d10381290909a8ca581b66 - - 739e2eb2c 2026-04-30T16:11:47+01:00 UPSTREAM: : bump openshift/api dependency - - 568c860e4 2026-04-30T16:11:36+01:00 UPSTREAM: : authentication: enforce claims.email_verified usage when claims.email is used in username expression - - 4bfac2def 2026-04-30T16:11:21+01:00 UPSTREAM: : Export email validation functions +- cluster-network-operator embedded-component b1101d16e850319c488a47cb5c756402075900b8 to cb1b119339370308f6ef69e0479a6b46f2f955aa + - f4734c5 2026-04-16T19:08:18-04:00 OCPBUGS-78731: Move enable-multicast from config maps to CLI flags + - 35ff348 2026-04-16T19:08:13-04:00 NVIDIA-554: DPU-host mode: use ConfigMap for OVN feature enablement instead of per-node script gating + - 411921c 2026-04-15T15:19:23-04:00 Remove dead OVN_MULTI_NETWORK_ENABLE template variable -- machine-config-operator embedded-component 7eef4fdc72274bbf6845b1ea15d8af4723e42962 to 9d3ee9d972ed9373db03a498ca6ab831093d2420 - - 9c7c37f6 2026-04-29T23:26:51+08:00 AGENT-1443: Include platform VIPs in IRI cert SANs to match installer - - 95c47d22 2026-04-27T19:17:17+08:00 AGENT-1443: Add e2e test for IRI cert regeneration on MCS CA rotation - - da3b4783 2026-04-27T17:55:05+08:00 AGENT-1443: Add SAN validation to IRI cert rotation and wire mcfgClient - - 8be62adb 2026-04-27T17:55:05+08:00 AGENT-1443: Add feature gate, idempotency, and localhost SANs to IRI cert rotation - - 1c84abf9 2026-04-27T17:55:05+08:00 AGENT-1443: Add IRI certificate regeneration to MCS cert rotation controller - - 6c48b964 2026-04-24T12:19:32-04:00 crio: enable default_runtime metric - - 138f7a5e 2026-04-24T12:19:32-04:00 prom rules: add alert for nodes using runc - - 3d1f08bc 2026-04-22T13:20:08+05:30 Migrate MCO daemon test suite from openshift-tests-private - -- operator-framework-olm embedded-component 4201d40dfc99de60e8791d02b89bc7aebeaae930 to 2fcbb3e4a8a1445c2b557d3485ac3f63ba5127a1 - - -- service-ca-operator embedded-component 2aa88ace39a1abe7647bc5b03e6a599985b31605 to e7ccfa308e69ce4ad1f2afcd1d7c8ff25144374b - - 73dd9f6 2026-04-27T14:48:36+05:30 test: network policy tests - -- router image-amd64 896390778ebe15f57f87e6ca78f11c96e64c2652 to dfaf1cb3116cd7e0a5ab2e23f4d371f3777f7853 - - c223ef7 2026-05-04T11:25:19-03:00 fix handling of host conflict +- csi-external-snapshotter embedded-component d1bc3ffaa9759c13a06c2ec61c541342e71bd109 to 3219da7dcbb14fa762704746d21fb38131beb1f4 + - 72eb399 2026-04-21T11:21:53+02:00 UPSTREAM: 1392: Fix VolumeSnapshotContent deletion -- kubernetes image-amd64 2447118a5cf501f71c2da4b2f4ff14f3492aec10 to 5f099ccd1e8345f615d10381290909a8ca581b66 - - 739e2eb2c 2026-04-30T16:11:47+01:00 UPSTREAM: : bump openshift/api dependency - - 568c860e4 2026-04-30T16:11:36+01:00 UPSTREAM: : authentication: enforce claims.email_verified usage when claims.email is used in username expression - - 4bfac2def 2026-04-30T16:11:21+01:00 UPSTREAM: : Export email validation functions +- machine-config-operator embedded-component 9d3ee9d972ed9373db03a498ca6ab831093d2420 to 66df1c1a7e660d698f5e1685c171769f96915e42 + - c48e9be4 2026-05-06T11:37:52-04:00 daemon: skip bootupd when shim is safe + - 5e350d32 2026-05-06T10:24:44-04:00 Fix e2e-ocl-1of2 flake where MOSB is deleted by stale controller event + - ba342bf9 2026-05-06T10:24:26-04:00 Fix e2e-ocl-2of2 timeout flake for TestStaleAnnotationClearedOnLayerOnlyChange + - a5bc08d4 2026-05-05T10:18:48+02:00 OCPBUGS-84661: Fix wrong early exit during kubelet MCs regeneration + - 31427064 2026-05-04T14:16:26-04:00 controller: add terminationMessagePolicy to build pod containers + - d54b9b4b 2026-05-04T11:27:52-04:00 daemon: use --delete-if-present for karg removal -- service-ca-operator image-amd64 2aa88ace39a1abe7647bc5b03e6a599985b31605 to e7ccfa308e69ce4ad1f2afcd1d7c8ff25144374b - - 73dd9f6 2026-04-27T14:48:36+05:30 test: network policy tests +- operator-framework-olm embedded-component 2fcbb3e4a8a1445c2b557d3485ac3f63ba5127a1 to d75c36f6b28fffa0da1ae2bb0fa9b7d1c0e546e8 + - 5a9d6c44 2026-05-06T09:42:25+02:00 Fix lifecycle-server readiness probe to allow empty index -- oc image-arm64 16d140aeefdc2b07f549945801c9cefab703ca68 to 6ac066994b962cb01886dab515d821720324ed52 +- oc image-amd64 16d140aeefdc2b07f549945801c9cefab703ca68 to 6ac066994b962cb01886dab515d821720324ed52 - d1931c31 2026-04-22T17:32:51+01:00 OCPBUGS-62799: Add required-scc annotation to node-joiner pod to prevent third-party SCC interference -- csi-external-snapshotter image-arm64 d1bc3ffaa9759c13a06c2ec61c541342e71bd109 to 3219da7dcbb14fa762704746d21fb38131beb1f4 +- csi-external-snapshotter image-amd64 d1bc3ffaa9759c13a06c2ec61c541342e71bd109 to 3219da7dcbb14fa762704746d21fb38131beb1f4 - 72eb399 2026-04-21T11:21:53+02:00 UPSTREAM: 1392: Fix VolumeSnapshotContent deletion -- router image-arm64 dfaf1cb3116cd7e0a5ab2e23f4d371f3777f7853 to 65271d2c19cb35fb5e802ee72fc4de502c5e16b6 +- router image-amd64 dfaf1cb3116cd7e0a5ab2e23f4d371f3777f7853 to 65271d2c19cb35fb5e802ee72fc4de502c5e16b6 - dc7e786 2026-04-23T15:52:51-03:00 move from option forwarded to manual header update - 313daa6 2026-04-23T11:09:02-03:00 fix forwarded header for IPv6 on IPv4 stack - 0500b49 2026-04-14T17:06:57-03:00 create self-signed crt if failing to read default +- router image-arm64 65271d2c19cb35fb5e802ee72fc4de502c5e16b6 to b75bab261392d5eacb115db408f121618a23e41d + - 6c4ca66 2025-09-22T15:38:07-04:00 Reapply "OCPBUGS-55506: Prevent startup failures due to name resolution" + +- ovn-kubernetes image-arm64 952886fd8af2ca3ecf1717a2cb69311a32f25c06 to 22e9487ee7060a85cfe20886b73e11fce3249e36 + - 34cfe4e5 2026-04-30T10:09:06Z sync test annotations with upstream changes + - 0abdfe64 2026-04-30T10:06:55Z sync openshift/go.mod with upstream dependencies + - 3e586049 2026-04-29T11:24:31+02:00 Address set: add existing IPs check on setAddresses. + - ad46e42d 2026-04-28T08:54:17Z test: fix layer2 UDN controller test flake in kubevirt live-migration + - b66b0927 2026-04-28T10:05:39+02:00 fix UDN unit test to use new node controller constructor + - a0e535ac 2026-04-27T17:12:58Z EVPN: add allowas-in origin for BGP neighbors + - 4b7ffe0f 2026-04-27T16:49:36Z Bump the go_modules group across 3 directories with 2 updates + - 53822e35 2026-04-27T12:12:24-04:00 Fake NM: make it per network activity + - 5b9cf808 2026-04-27T12:12:24-04:00 cluster manager: integrate status manager with d-udn + - 726bdd19 2026-04-27T12:12:24-04:00 e2e egress fw: fixes for Dynamic UDN + - 267f18d2 2026-04-27T12:12:24-04:00 networkmanager: skip dynamic UDN for bare NADs + - 9c6e65bc 2026-04-27T12:12:24-04:00 cluster manager: fixes race with NAD deletion + - 9f7ece70 2026-04-27T12:12:24-04:00 Update e2e for Dynamic Subnet Allocation + - c1e81f8e 2026-04-27T12:12:24-04:00 Adds dynamic allocation for cluster manager + - 6760a289 2026-04-24T14:03:49-07:00 cleanup stale L2 primary UDN tunnel ID annotations on restart + - e1d509a8 2026-04-24T17:54:42+02:00 UT: get rid of the fake address set factory + - 7d049570 2026-04-24T17:54:38+02:00 Replace selectedNamespace = nil with more obvious struct. + - 960efda8 2026-04-24T17:18:18+02:00 Move hostNamespace handling to the addressset_manager.go + - f90bfac4 2026-04-24T11:07:08-04:00 Bump frr to 10.6.0 to pick up more coredump fixes + - caac89aa 2026-04-24T11:07:08-04:00 Bump metallb frr to 10.5.3 + - d58942dd 2026-04-24T16:03:30+02:00 UT: stop setting HostNetworkNamespace across unrelated UTs + - 5b649e92 2026-04-24T16:03:30+02:00 addresssetManager: fix resetting address sets on restart. + - cc84bac9 2026-04-24T16:03:30+02:00 AddresssetManager: add legacy netpol mode. + - e4b71f53 2026-04-21T14:51:08-04:00 e2e: preload netshoot image for no_overlay suite + - 1b2426bf 2026-04-21T14:51:08-04:00 e2e: preload netshoot image for kubevirt tests instead of iperf + - fe163a70 2026-03-12T11:48:25+01:00 Fix invalid characters in e2e artifact directory paths + diff --git a/scripts/auto-rebase/commits.txt b/scripts/auto-rebase/commits.txt index 772ec98ebd..7e40afe4b3 100644 --- a/scripts/auto-rebase/commits.txt +++ b/scripts/auto-rebase/commits.txt @@ -1,26 +1,26 @@ -https://github.com/openshift/api embedded-component 28b45b8020c71ad7c056b3ad1d569eff94d6b878 +https://github.com/openshift/api embedded-component ecec2e859bad0c9288c2fef3dded294c44c12c61 https://github.com/openshift/cluster-csi-snapshot-controller-operator embedded-component 108f37f0e378accc322cbeb68136ec500ec35b94 https://github.com/openshift/cluster-dns-operator embedded-component 3d2141182243cde1ec6417bd005c76d29aa88a01 -https://github.com/openshift/cluster-ingress-operator embedded-component df64b34df475cd58b0342dd617c29a9180ea9e5e -https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 9b45cbafcea23be9c63e01947506495d030666d0 +https://github.com/openshift/cluster-ingress-operator embedded-component 1a9e496df580ea7c3a0da6018a6713be4e187c85 +https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 29c414767d458310f3bee40308cde49ffad73507 https://github.com/openshift/cluster-kube-controller-manager-operator embedded-component ca150c42a7982509b8bba34080308cff00c09310 https://github.com/openshift/cluster-kube-scheduler-operator embedded-component a0495853f80d38e19d07b98a225e1aa0e7972ac9 -https://github.com/openshift/cluster-network-operator embedded-component b1101d16e850319c488a47cb5c756402075900b8 +https://github.com/openshift/cluster-network-operator embedded-component cb1b119339370308f6ef69e0479a6b46f2f955aa https://github.com/openshift/cluster-openshift-controller-manager-operator embedded-component c941a99dd2b9200c0de23606c4372d33d656a756 https://github.com/openshift/cluster-policy-controller embedded-component bb429f5b2a7d77791110b06d8ec5c017183e3ab9 -https://github.com/openshift/csi-external-snapshotter embedded-component d1bc3ffaa9759c13a06c2ec61c541342e71bd109 +https://github.com/openshift/csi-external-snapshotter embedded-component 3219da7dcbb14fa762704746d21fb38131beb1f4 https://github.com/openshift/etcd embedded-component d8d67b8ce849f816d6d23c904098336632e2348f https://github.com/openshift/kubernetes embedded-component 5f099ccd1e8345f615d10381290909a8ca581b66 https://github.com/openshift/kubernetes-kube-storage-version-migrator embedded-component 72835e43c7754356645e41031f3a99926b4d42e6 -https://github.com/openshift/machine-config-operator embedded-component 9d3ee9d972ed9373db03a498ca6ab831093d2420 +https://github.com/openshift/machine-config-operator embedded-component 66df1c1a7e660d698f5e1685c171769f96915e42 https://github.com/openshift/openshift-controller-manager embedded-component 731d7429a788e0d70e3556e40f82c1ba9d55abe7 -https://github.com/openshift/operator-framework-olm embedded-component 2fcbb3e4a8a1445c2b557d3485ac3f63ba5127a1 +https://github.com/openshift/operator-framework-olm embedded-component d75c36f6b28fffa0da1ae2bb0fa9b7d1c0e546e8 https://github.com/openshift/route-controller-manager embedded-component 624742d93f3a7885cf7f70985f1e23ff60da580d https://github.com/openshift/service-ca-operator embedded-component e7ccfa308e69ce4ad1f2afcd1d7c8ff25144374b -https://github.com/openshift/oc image-amd64 16d140aeefdc2b07f549945801c9cefab703ca68 +https://github.com/openshift/oc image-amd64 6ac066994b962cb01886dab515d821720324ed52 https://github.com/openshift/coredns image-amd64 0dded2d232dab43c107b1dab9d0d9fdfd8259622 -https://github.com/openshift/csi-external-snapshotter image-amd64 d1bc3ffaa9759c13a06c2ec61c541342e71bd109 -https://github.com/openshift/router image-amd64 dfaf1cb3116cd7e0a5ab2e23f4d371f3777f7853 +https://github.com/openshift/csi-external-snapshotter image-amd64 3219da7dcbb14fa762704746d21fb38131beb1f4 +https://github.com/openshift/router image-amd64 65271d2c19cb35fb5e802ee72fc4de502c5e16b6 https://github.com/openshift/kube-rbac-proxy image-amd64 d12e274605248f6c59373240a7eae7a7a357dcb3 https://github.com/openshift/ovn-kubernetes image-amd64 952886fd8af2ca3ecf1717a2cb69311a32f25c06 https://github.com/openshift/kubernetes image-amd64 5f099ccd1e8345f615d10381290909a8ca581b66 @@ -28,8 +28,8 @@ https://github.com/openshift/service-ca-operator image-amd64 e7ccfa308e69ce4ad1f https://github.com/openshift/oc image-arm64 6ac066994b962cb01886dab515d821720324ed52 https://github.com/openshift/coredns image-arm64 0dded2d232dab43c107b1dab9d0d9fdfd8259622 https://github.com/openshift/csi-external-snapshotter image-arm64 3219da7dcbb14fa762704746d21fb38131beb1f4 -https://github.com/openshift/router image-arm64 65271d2c19cb35fb5e802ee72fc4de502c5e16b6 +https://github.com/openshift/router image-arm64 b75bab261392d5eacb115db408f121618a23e41d https://github.com/openshift/kube-rbac-proxy image-arm64 d12e274605248f6c59373240a7eae7a7a357dcb3 -https://github.com/openshift/ovn-kubernetes image-arm64 952886fd8af2ca3ecf1717a2cb69311a32f25c06 +https://github.com/openshift/ovn-kubernetes image-arm64 22e9487ee7060a85cfe20886b73e11fce3249e36 https://github.com/openshift/kubernetes image-arm64 5f099ccd1e8345f615d10381290909a8ca581b66 https://github.com/openshift/service-ca-operator image-arm64 e7ccfa308e69ce4ad1f2afcd1d7c8ff25144374b diff --git a/scripts/auto-rebase/last_rebase.sh b/scripts/auto-rebase/last_rebase.sh index dc4f6c8b4b..0f6ba8512c 100755 --- a/scripts/auto-rebase/last_rebase.sh +++ b/scripts/auto-rebase/last_rebase.sh @@ -1,2 +1,2 @@ #!/bin/bash -x -./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release-5:5.0.0-0.nightly-2026-05-05-231020" "registry.ci.openshift.org/ocp-arm64/release-5-arm64:5.0.0-0.nightly-arm64-2026-05-06-233705" +./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release-5:5.0.0-0.nightly-2026-05-07-114403" "registry.ci.openshift.org/ocp-arm64/release-5-arm64:5.0.0-0.nightly-arm64-2026-05-07-233705"