diff --git a/Makefile.version.aarch64.var b/Makefile.version.aarch64.var index 430d63b0c0..ba519e3a09 100644 --- a/Makefile.version.aarch64.var +++ b/Makefile.version.aarch64.var @@ -1 +1 @@ -OCP_VERSION := 5.0.0-0.nightly-arm64-2026-05-27-222818 +OCP_VERSION := 5.0.0-0.nightly-arm64-2026-06-04-190103 diff --git a/Makefile.version.x86_64.var b/Makefile.version.x86_64.var index 18f0039133..f805152db4 100644 --- a/Makefile.version.x86_64.var +++ b/Makefile.version.x86_64.var @@ -1 +1 @@ -OCP_VERSION := 5.0.0-0.nightly-2026-05-27-205543 +OCP_VERSION := 5.0.0-0.nightly-2026-06-04-190102 diff --git a/assets/components/multus/kustomization.aarch64.yaml b/assets/components/multus/kustomization.aarch64.yaml index 4359dba24e..ff16be9af1 100644 --- a/assets/components/multus/kustomization.aarch64.yaml +++ b/assets/components/multus/kustomization.aarch64.yaml @@ -2,7 +2,7 @@ images: - name: multus-cni-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:9731df837f9dc3677bf2676d9a739eb12f76a38b1870a00792cd70e5dff9f03b + digest: sha256:d95acb85de525f3ed6c179c7c780245d7f50821d881f2c5c84c9f08c947d47b3 - name: containernetworking-plugins-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:594456e4fd92b9e5fffd11f5748b358a245e56e31f76ce1fff844259073e2875 + digest: sha256:5fed52311e3e769dbb5dc03067ce33c7de0c1308ee033310cc53f7203f7fbe5f diff --git a/assets/components/multus/kustomization.x86_64.yaml b/assets/components/multus/kustomization.x86_64.yaml index f9e1c0789e..868983bcfe 100644 --- a/assets/components/multus/kustomization.x86_64.yaml +++ b/assets/components/multus/kustomization.x86_64.yaml @@ -2,7 +2,7 @@ images: - name: multus-cni-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:0d60eed5435b727796d71713f0e4edae2f8cf009e0c5af2c42747a1b100dfd33 + digest: sha256:d6d962ee038eac98ae9a7cb182052a79804740db2c03bfeedb0dd7196a894a62 - name: containernetworking-plugins-microshift newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:bfe2abfc336ee1f26782da9ffafb878289292d7a1150b3e0cec6e13cca961aac + digest: sha256:51b0ac230b385565a5285a95b29ff48a65b7110445f7631b9888212329e7f165 diff --git a/assets/components/multus/release-multus-aarch64.json b/assets/components/multus/release-multus-aarch64.json index 9eea296e9b..4151308b00 100644 --- a/assets/components/multus/release-multus-aarch64.json +++ b/assets/components/multus/release-multus-aarch64.json @@ -1,9 +1,9 @@ { "release": { - "base": "5.0.0-0.nightly-arm64-2026-05-27-222818" + "base": "5.0.0-0.nightly-arm64-2026-06-04-190103" }, "images": { - "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:9731df837f9dc3677bf2676d9a739eb12f76a38b1870a00792cd70e5dff9f03b", - "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:594456e4fd92b9e5fffd11f5748b358a245e56e31f76ce1fff844259073e2875" + "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:d95acb85de525f3ed6c179c7c780245d7f50821d881f2c5c84c9f08c947d47b3", + "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:5fed52311e3e769dbb5dc03067ce33c7de0c1308ee033310cc53f7203f7fbe5f" } } diff --git a/assets/components/multus/release-multus-x86_64.json b/assets/components/multus/release-multus-x86_64.json index 5bff6de6c2..09c64a90c4 100644 --- a/assets/components/multus/release-multus-x86_64.json +++ b/assets/components/multus/release-multus-x86_64.json @@ -1,9 +1,9 @@ { "release": { - "base": "5.0.0-0.nightly-2026-05-27-205543" + "base": "5.0.0-0.nightly-2026-06-04-190102" }, "images": { - "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0d60eed5435b727796d71713f0e4edae2f8cf009e0c5af2c42747a1b100dfd33", - "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bfe2abfc336ee1f26782da9ffafb878289292d7a1150b3e0cec6e13cca961aac" + "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:d6d962ee038eac98ae9a7cb182052a79804740db2c03bfeedb0dd7196a894a62", + "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:51b0ac230b385565a5285a95b29ff48a65b7110445f7631b9888212329e7f165" } } diff --git a/assets/crd/route.crd.yaml b/assets/crd/route.crd.yaml index f923ec9ae1..b0c3b33e7d 100644 --- a/assets/crd/route.crd.yaml +++ b/assets/crd/route.crd.yaml @@ -558,13 +558,13 @@ spec: - termination type: object x-kubernetes-validations: + - message: cannot have both spec.tls.certificate and spec.tls.externalCertificate + rule: '!(has(self.certificate) && has(self.externalCertificate))' - message: 'cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow' rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) : true' - - message: cannot have both spec.tls.certificate and spec.tls.externalCertificate - rule: '!(has(self.certificate) && has(self.externalCertificate))' to: description: |- to is an object the route should use as the primary backend. Only the Service kind diff --git a/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml b/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml index 6da747a8f0..a6499e02ff 100644 --- a/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml +++ b/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml @@ -2,13 +2,13 @@ images: - name: quay.io/operator-framework/olm newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:62283e52d11c75defea93afdf86f8d50e8028155bde588b4d43298f7204c4188 + digest: sha256:d3328a007e3059145dc4261121a0dcb6c9c2f7f82aba8bed2dc7fe4442b44317 - name: quay.io/operator-framework/configmap-operator-registry newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:8ce7c9323a5e3e69503fa94cbf7089deffaa37fe4aeb949fdf3e6f227f8a93ae + digest: sha256:1fb113ed086cc02b16fcb089d0456ffd3faa917ad28ed669cad0b40b7bfe11b8 - name: quay.io/openshift/origin-kube-rbac-proxy newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:0053edf86c2a802a62a07af974324ad4f1aa37c5f85164255321d8bf676820fc + digest: sha256:793a8dbe8247852c605ad6bebb039641eeef1a84842d7661a7ec3c8c2c8617fb patches: - patch: |- @@ -16,12 +16,12 @@ patches: path: /spec/template/spec/containers/0/env/- value: name: OPERATOR_REGISTRY_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:8ce7c9323a5e3e69503fa94cbf7089deffaa37fe4aeb949fdf3e6f227f8a93ae + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:1fb113ed086cc02b16fcb089d0456ffd3faa917ad28ed669cad0b40b7bfe11b8 - op: add path: /spec/template/spec/containers/0/env/- value: name: OLM_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:62283e52d11c75defea93afdf86f8d50e8028155bde588b4d43298f7204c4188 + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:d3328a007e3059145dc4261121a0dcb6c9c2f7f82aba8bed2dc7fe4442b44317 target: kind: Deployment labelSelector: app=catalog-operator diff --git a/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml b/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml index 04f71433e2..47ddf85bad 100644 --- a/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml +++ b/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml @@ -2,13 +2,13 @@ images: - name: quay.io/operator-framework/olm newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:7f415763ee0a7c205f5e6f11b4fa5aff0aaa0eda109288aaf8d123f6dba59d3b + digest: sha256:5983a2a3a4a7505ef21024cb248c8b8011789eb51de8fc4fd0528df4b6652a9e - name: quay.io/operator-framework/configmap-operator-registry newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:770b6bc7d12769e0fd835da058fc4d31c96cc7b6a6511d52ee9393ea6a81a17b + digest: sha256:83031211e6f9b1d120da82554fba373db194236cf7395058efaeb74bf7015e84 - name: quay.io/openshift/origin-kube-rbac-proxy newName: quay.io/openshift-release-dev/ocp-v5.0-art-dev - digest: sha256:021ef755badbca515d58b612e314b021ef2f50312811c9721b1f4c5f2c6b8529 + digest: sha256:b2f55f068d30a61367962c5af6c43d399a5ecba5b1ba24749c2268131ba4ed98 patches: - patch: |- @@ -16,12 +16,12 @@ patches: path: /spec/template/spec/containers/0/env/- value: name: OPERATOR_REGISTRY_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:770b6bc7d12769e0fd835da058fc4d31c96cc7b6a6511d52ee9393ea6a81a17b + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:83031211e6f9b1d120da82554fba373db194236cf7395058efaeb74bf7015e84 - op: add path: /spec/template/spec/containers/0/env/- value: name: OLM_IMAGE - value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:7f415763ee0a7c205f5e6f11b4fa5aff0aaa0eda109288aaf8d123f6dba59d3b + value: quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:5983a2a3a4a7505ef21024cb248c8b8011789eb51de8fc4fd0528df4b6652a9e target: kind: Deployment labelSelector: app=catalog-operator diff --git a/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json b/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json index f0baa55f5c..e5c0a2bfc5 100644 --- a/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json +++ b/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json @@ -1,10 +1,10 @@ { "release": { - "base": "5.0.0-0.nightly-arm64-2026-05-27-222818" + "base": "5.0.0-0.nightly-arm64-2026-06-04-190103" }, "images": { - "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:62283e52d11c75defea93afdf86f8d50e8028155bde588b4d43298f7204c4188", - "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:8ce7c9323a5e3e69503fa94cbf7089deffaa37fe4aeb949fdf3e6f227f8a93ae", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0053edf86c2a802a62a07af974324ad4f1aa37c5f85164255321d8bf676820fc" + "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:d3328a007e3059145dc4261121a0dcb6c9c2f7f82aba8bed2dc7fe4442b44317", + "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:1fb113ed086cc02b16fcb089d0456ffd3faa917ad28ed669cad0b40b7bfe11b8", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:793a8dbe8247852c605ad6bebb039641eeef1a84842d7661a7ec3c8c2c8617fb" } } diff --git a/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json b/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json index 2392cbd7aa..5166fdb7d0 100644 --- a/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json +++ b/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json @@ -1,10 +1,10 @@ { "release": { - "base": "5.0.0-0.nightly-2026-05-27-205543" + "base": "5.0.0-0.nightly-2026-06-04-190102" }, "images": { - "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:7f415763ee0a7c205f5e6f11b4fa5aff0aaa0eda109288aaf8d123f6dba59d3b", - "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:770b6bc7d12769e0fd835da058fc4d31c96cc7b6a6511d52ee9393ea6a81a17b", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:021ef755badbca515d58b612e314b021ef2f50312811c9721b1f4c5f2c6b8529" + "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:5983a2a3a4a7505ef21024cb248c8b8011789eb51de8fc4fd0528df4b6652a9e", + "operator-registry": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:83031211e6f9b1d120da82554fba373db194236cf7395058efaeb74bf7015e84", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:b2f55f068d30a61367962c5af6c43d399a5ecba5b1ba24749c2268131ba4ed98" } } diff --git a/assets/release/release-aarch64.json b/assets/release/release-aarch64.json index e69cedf64a..7badaabd6c 100644 --- a/assets/release/release-aarch64.json +++ b/assets/release/release-aarch64.json @@ -1,16 +1,16 @@ { "release": { - "base": "5.0.0-0.nightly-arm64-2026-05-27-222818" + "base": "5.0.0-0.nightly-arm64-2026-06-04-190103" }, "images": { - "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:b09be655df91261f96df64a17c9af8754238f9de772e06c1af14fc2f7e8a2918", - "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:477b23e4acc6f370f1083ed2ff9d29800475b67d604aba5ef9dbcdede647d528", - "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:8ce94c719d49cdc98b56a4595bbbff75721381e0e2432b4d93faa1e54793b2be", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0053edf86c2a802a62a07af974324ad4f1aa37c5f85164255321d8bf676820fc", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:c4e4917c83de2f90fa2ca0159cedc4b567cd43ea78e930cc545ae82bc20ab8ab", - "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:2d655ca263dd1cca079e6093e8d630cfb1c5badd8e4fe8ddf188e5c71e650701", - "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:098ad69386ec4e9523e604081d2e562cd0f93a6cbae18af46bbf290c02cf3b0a", + "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:55907bd20ec3842c334cf0226d4d28df82d4957f3f71213a574ad766da99cf17", + "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:7c4e908fe93c8708a99301c9a0ef14759411f78e6c5a808fc596be08442827b2", + "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0e9dc401a27f987fd240c57853e762f3b27c433d7eb54d71e7ecad107cd9ed2f", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:793a8dbe8247852c605ad6bebb039641eeef1a84842d7661a7ec3c8c2c8617fb", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:62054084006a6e09fd13a3f7dfcba6e31c87ef38cfe7e7d85d1531ca9bb8b056", + "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bc19885aeb4dd9c3bb8157fa3f5fbb5e7b2e26eb221fbf9bdecbd93a1b454c2f", + "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:a8cd2a992324089c2a52ce09313c0442db7f6af34f65ec44e5ab63ea13e3ed2d", "lvms_operator": "registry.redhat.io/lvms4/lvms-rhel9-operator@sha256:e77365e44676fbd8ab9e4ce53f3a406856bbdfef3467c545a7df1197d84477af", - "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:851f03cc7e38750d55d9d526dd1b7ca5f4babc4ecf5860066a106c73ebe7c122" + "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:22423c0373c6bcfd931e95be278c6f74d7c4b36a0d7967662dca02cd86243b5b" } } diff --git a/assets/release/release-x86_64.json b/assets/release/release-x86_64.json index aa0c9b412c..8b6834d8f6 100644 --- a/assets/release/release-x86_64.json +++ b/assets/release/release-x86_64.json @@ -1,16 +1,16 @@ { "release": { - "base": "5.0.0-0.nightly-2026-05-27-205543" + "base": "5.0.0-0.nightly-2026-06-04-190102" }, "images": { - "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:5834bc2fe2f60d6ddcd1e52c3f3d6f542213cd97c06c4fe9a98de979fde6f772", - "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:521fdf9daae2a5e9427b1f337d6f7d574e1e07cba0fbedc5dcdecc200944b240", - "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:0f5e8e002ada1f7adc0116b8393fdeacabfcc418924134a7f49fa55b4b298117", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:021ef755badbca515d58b612e314b021ef2f50312811c9721b1f4c5f2c6b8529", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:de7d3cab66356363569fe490cc954a1899ba008c17c12222cd44f5a0c93792e3", - "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:33402db6db336615409b979a031a8cae93b6141986df0d5bd60e2b44978daf63", - "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:64bdd7ad7048c1a3258e57f0182a37582404c3bcca5fb7b24314a0497d2c60b2", + "cli": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:76b2782a71641225901307dee52db196138ce2fda3dd21214a7239a6c87c76cd", + "coredns": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:aee08a2b05d706e5fc35a9f2672207d86c15ce32126706f19a57f984004e289d", + "haproxy-router": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:42a9650f03b6db9f60ef77c7c86bd3ab26b45c8ccb6b60725812f7e145aecf95", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:b2f55f068d30a61367962c5af6c43d399a5ecba5b1ba24749c2268131ba4ed98", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:26cceed0404a6663a8b4c6b7770ca2331913ac20bed03a361d09c4a049386085", + "pod": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:c88bf8c8745f9140316f2be4fe922ece86ebd99083e7c5ee942540bcbee12c0a", + "service-ca-operator": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:44d9a33c6699de6a47288c50f87bda2a87859568ac4b1c11256959167cf27bfb", "lvms_operator": "registry.redhat.io/lvms4/lvms-rhel9-operator@sha256:10c9ccab4f2857d113b55e12cac29aed0dc97d5a4e29ed2e4ea0f77551ee55f8", - "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:3554be064fdbdc1255b5f09fcc2e1c28c126d03c4527cadf332d92ebd038d9c9" + "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:b2ddaffd296f87873e3a2f1b486bad33b865eb03678e4a8d4ebc0616a8c475da" } } diff --git a/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go b/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go index 28cd90d5e0..c4902cae86 100644 --- a/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go +++ b/etcd/vendor/github.com/openshift/microshift/pkg/config/config.go @@ -445,6 +445,24 @@ func (c *Config) incorporateUserSettings(u *Config) { c.DNS.Hosts.File = u.DNS.Hosts.File } } + + // DNS resource configuration - merge key-by-key to preserve defaults + if u.DNS.Resources.Requests != nil { + if c.DNS.Resources.Requests == nil { + c.DNS.Resources.Requests = make(map[string]string) + } + for k, v := range u.DNS.Resources.Requests { + c.DNS.Resources.Requests[k] = v + } + } + if u.DNS.Resources.Limits != nil { + if c.DNS.Resources.Limits == nil { + c.DNS.Resources.Limits = make(map[string]string) + } + for k, v := range u.DNS.Resources.Limits { + c.DNS.Resources.Limits[k] = v + } + } if u.ApiServer.FeatureGates.FeatureSet != "" { c.ApiServer.FeatureGates.FeatureSet = u.ApiServer.FeatureGates.FeatureSet } diff --git a/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go b/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go index b567cbbc08..cbd5372b46 100644 --- a/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go +++ b/etcd/vendor/github.com/openshift/microshift/pkg/config/dns.go @@ -4,6 +4,8 @@ import ( "fmt" "os" "path/filepath" + + "k8s.io/apimachinery/pkg/api/resource" ) const ( @@ -13,6 +15,20 @@ const ( type HostsStatusEnum string +// DNSResources configures the CPU and memory resources for the dns container +// in the dns-default DaemonSet. +type DNSResources struct { + // Requests specifies the minimum resources required for the dns container. + // Valid keys are "cpu" and "memory". Values must be valid Kubernetes resource quantities. + // When not set, defaults to cpu=50m, memory=70Mi. + Requests map[string]string `json:"requests,omitempty"` + + // Limits specifies the maximum resources the dns container can use. + // Valid keys are "cpu" and "memory". Values must be valid Kubernetes resource quantities. + // When not set, no limits are applied. + Limits map[string]string `json:"limits,omitempty"` +} + type DNS struct { // baseDomain is the base domain of the cluster. All managed DNS records will // be sub-domains of this base. @@ -38,6 +54,9 @@ type DNS struct { // Hosts contains configuration for the hosts file. Hosts HostsConfig `json:"hosts,omitempty"` + + // Resources configures the CPU and memory resources for the dns container. + Resources DNSResources `json:"resources,omitempty"` } // HostsConfig contains configuration for the hosts file . @@ -64,6 +83,12 @@ func dnsDefaults() DNS { File: "/etc/hosts", Status: HostsStatusDisabled, }, + Resources: DNSResources{ + Requests: map[string]string{ + "cpu": "50m", + "memory": "70Mi", + }, + }, } } @@ -76,7 +101,10 @@ func (t *DNS) validate() error { return err } - return t.validateHosts() + if err := t.validateHosts(); err != nil { + return err + } + return t.validateResources() } func (t *DNS) validateConfigFile() error { @@ -90,7 +118,7 @@ func (t *DNS) validateHosts() error { switch t.Hosts.Status { case HostsStatusEnabled: if t.Hosts.File == "" { - break + return nil } return validateFilePath(t.Hosts.File, "hosts file") case HostsStatusDisabled: @@ -98,6 +126,54 @@ func (t *DNS) validateHosts() error { default: return fmt.Errorf("invalid hosts status: %s", t.Hosts.Status) } +} + +func dnsMinimumRequests() map[string]resource.Quantity { + defaults := dnsDefaults() + mins := make(map[string]resource.Quantity, len(defaults.Resources.Requests)) + for k, v := range defaults.Resources.Requests { + mins[k] = resource.MustParse(v) + } + return mins +} + +func (t *DNS) validateResources() error { + allowed := map[string]struct{}{ + "cpu": {}, + "memory": {}, + } + mins := dnsMinimumRequests() + for key, val := range t.Resources.Requests { + if _, ok := allowed[key]; !ok { + return fmt.Errorf("unsupported dns resource request key %q: allowed keys are cpu, memory", key) + } + qty, err := resource.ParseQuantity(val) + if err != nil { + return fmt.Errorf("invalid dns resource request %s=%q: %v", key, val, err) + } + if minQty, ok := mins[key]; ok && qty.Cmp(minQty) < 0 { + return fmt.Errorf("dns resource request %s=%q is below minimum %s", key, val, minQty.String()) + } + } + for key, val := range t.Resources.Limits { + if _, ok := allowed[key]; !ok { + return fmt.Errorf("unsupported dns resource limit key %q: allowed keys are cpu, memory", key) + } + if _, err := resource.ParseQuantity(val); err != nil { + return fmt.Errorf("invalid dns resource limit %s=%q: %v", key, val, err) + } + } + for key, limitVal := range t.Resources.Limits { + reqVal, ok := t.Resources.Requests[key] + if !ok { + continue + } + limit := resource.MustParse(limitVal) + req := resource.MustParse(reqVal) + if limit.Cmp(req) < 0 { + return fmt.Errorf("dns resource limit %s=%q must be greater than or equal to request %s=%q", key, limitVal, key, reqVal) + } + } return nil } diff --git a/packaging/crio.conf.d/10-microshift_amd64.conf b/packaging/crio.conf.d/10-microshift_amd64.conf index cbef79424a..eac1b7bea0 100644 --- a/packaging/crio.conf.d/10-microshift_amd64.conf +++ b/packaging/crio.conf.d/10-microshift_amd64.conf @@ -2,6 +2,6 @@ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:33402db6db336615409b979a031a8cae93b6141986df0d5bd60e2b44978daf63" +pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:c88bf8c8745f9140316f2be4fe922ece86ebd99083e7c5ee942540bcbee12c0a" pause_image_auth_file = "/etc/crio/openshift-pull-secret" pause_command = "/usr/bin/pod" diff --git a/packaging/crio.conf.d/10-microshift_arm64.conf b/packaging/crio.conf.d/10-microshift_arm64.conf index 6d25a90cef..74bbaed0f5 100644 --- a/packaging/crio.conf.d/10-microshift_arm64.conf +++ b/packaging/crio.conf.d/10-microshift_arm64.conf @@ -2,6 +2,6 @@ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:2d655ca263dd1cca079e6093e8d630cfb1c5badd8e4fe8ddf188e5c71e650701" +pause_image = "quay.io/openshift-release-dev/ocp-v5.0-art-dev@sha256:bc19885aeb4dd9c3bb8157fa3f5fbb5e7b2e26eb221fbf9bdecbd93a1b454c2f" pause_image_auth_file = "/etc/crio/openshift-pull-secret" pause_command = "/usr/bin/pod" diff --git a/scripts/auto-rebase/changelog.txt b/scripts/auto-rebase/changelog.txt index 1fe6440634..e69de29bb2 100644 --- a/scripts/auto-rebase/changelog.txt +++ b/scripts/auto-rebase/changelog.txt @@ -1,57 +0,0 @@ -- csi-external-snapshotter embedded-component 3219da7dcbb14fa762704746d21fb38131beb1f4 to 77d02e52a442c1a98457797bf8eb5777489aabae - - 6316ddd 2026-05-25T12:29:32+01:00 UPSTREAM: : vendor changes - - 84b0745 2026-05-25T12:29:20+01:00 UPSTREAM: 1403: Bump google.golang.org/grpc to v1.79.3 - -- kubernetes embedded-component 73359c58edaa0a838b8557b8743ad5860a955272 to 99b75aa92a7f60c4446ee29f54d511f140a8aed0 - - 0c487fdcc 2026-05-20T17:48:11-03:00 UPSTREAM: : bump library-go - - 91e515568 2026-05-20T16:21:31-03:00 UPSTREAM: : remove RouteExternalCertificate feature gate - -- machine-config-operator embedded-component f9bc3c89294762591088e83762f7bda188243729 to 78e9e0e35b20d538b5b27c2fbb061612d5675d1f - - 8ad800fe 2026-05-25T14:49:35Z OCPBUGS-86474: Tests using realtime kernel should not be limited to aws and gcp platforms - - 70e8d896 2026-05-25T09:28:09Z OCPBUGS-86332: remove tests using base images older than 4.13 - - 3d844adf 2026-05-21T16:47:04-04:00 fix iri test - - e8bd3e07 2026-05-20T08:25:12-04:00 fix iri deletion test - - 286bd6c0 2026-05-19T20:19:48-04:00 additional unit tests/e2e test, simplified watcher methods - - b1d4753e 2026-05-19T13:48:42-04:00 add acceptance tests and skill - - 354b9a5d 2026-05-19T13:48:42-04:00 Use CA certificate for TLS validation in registry ping - - 00c5a2c2 2026-05-19T13:48:40-04:00 AGENT-1488: Aggregate IRI status from MachineConfigNodes - - 433e6c8f 2026-05-18T14:11:47Z MCO-2288: Adapt test '54922 - daemon: add check before updating kernelArgs'. Use --delete-if-present - - 27197e06 2026-05-05T05:16:35-04:00 reclaim disk space from the node when IRI resource is deleted - - 80f0f0d4 2026-03-03T10:58:50-05:00 unify GOTAGS behavior and remove unneded build tags - -- operator-framework-olm embedded-component 328957caa46b4d822ff39dc823bc5e28f7f2bf80 to bc60033b299368309e8d3ca001cba75970c227c9 - - 462501c5 2026-05-27T00:03:01Z fix: bypass system registries.conf in image-canonical-ref tool (#3839) - - b8100d2c 2026-05-26T14:02:57Z Bump go.podman.io/common from 0.67.1 to 0.68.0 (#1996) - - 97b5a649 2026-05-26T14:02:18Z Bump golang.org/x/sys from 0.44.0 to 0.45.0 in the golang-x-deps group (#1995) - - 3f8d5aba 2026-05-26T14:02:03Z Store custom schema metas as proto binary in pogreb cache (#1994) - - ab5cb366 2026-05-26T14:01:48Z Add ExperimentalListPackageCustomSchemas streaming gRPC endpoint (#1981) - - 22cfa0f7 2026-05-26T14:01:34Z Bump go.podman.io/image/v5 from 5.39.2 to 5.40.0 (#1991) - - 7f3df3d9 2026-05-26T14:01:19Z Bump github.com/containerd/containerd from 1.7.31 to 1.7.32 (#1993) - - dcd2f9c0 2026-05-26T14:01:05Z Bump github.com/docker/cli (#1992) - - cf6a1c58 2026-05-26T14:00:50Z fix(validate): validate skipRange with blang/semver ParseRange (#1987) - - ef26e896 2026-05-26T14:00:35Z Bump github.com/docker/cli (#1990) - - f830b8e3 2026-05-26T14:00:20Z Bump github.com/onsi/ginkgo/v2 from 2.28.3 to 2.29.0 (#1989) - - 02b8f26f 2026-05-26T14:00:06Z Bump github.com/onsi/gomega from 1.40.0 to 1.41.0 (#1988) - - 02a9fdba 2026-05-26T13:59:51Z Bump google.golang.org/grpc from 1.81.0 to 1.81.1 (#1985) - - 92849157 2026-05-26T13:59:36Z Bump github.com/docker/cli (#1984) - - 404922d6 2026-05-26T13:59:21Z Bump github.com/grpc-ecosystem/grpc-health-probe from 0.4.49 to 0.4.50 (#1982) - - 67f67108 2026-05-26T13:59:04Z chore(dep): bump operator-registry to v1.69.0 (#3838) - - 10c3e662 2026-05-26T13:58:47Z :seedling: Bump go.podman.io/image/v5 from 5.39.2 to 5.40.0 (#3837) - - 975f6974 2026-05-26T13:58:30Z :seedling: Bump golang.org/x/net from 0.54.0 to 0.55.0 (#3836) - - 92264f8e 2026-05-26T13:58:12Z :seedling: Bump github.com/containerd/containerd from 1.7.31 to 1.7.32 (#3835) - -- route-controller-manager embedded-component 6a87600a4c82f2a822a2f88ab81b968bac858205 to 1916ceb059f500f06e8552f88bf38cd09f9522fd - - 0bc1316 2026-05-19T16:32:54Z OCPBUGS-39598: remove all duplicate ingress IPs in clearPersistedAllocation - -- csi-external-snapshotter image-amd64 3219da7dcbb14fa762704746d21fb38131beb1f4 to 77d02e52a442c1a98457797bf8eb5777489aabae - - 6316ddd 2026-05-25T12:29:32+01:00 UPSTREAM: : vendor changes - - 84b0745 2026-05-25T12:29:20+01:00 UPSTREAM: 1403: Bump google.golang.org/grpc to v1.79.3 - -- kubernetes image-amd64 73359c58edaa0a838b8557b8743ad5860a955272 to 99b75aa92a7f60c4446ee29f54d511f140a8aed0 - - 0c487fdcc 2026-05-20T17:48:11-03:00 UPSTREAM: : bump library-go - - 91e515568 2026-05-20T16:21:31-03:00 UPSTREAM: : remove RouteExternalCertificate feature gate - -- kubernetes image-arm64 73359c58edaa0a838b8557b8743ad5860a955272 to 99b75aa92a7f60c4446ee29f54d511f140a8aed0 - - 0c487fdcc 2026-05-20T17:48:11-03:00 UPSTREAM: : bump library-go - - 91e515568 2026-05-20T16:21:31-03:00 UPSTREAM: : remove RouteExternalCertificate feature gate - diff --git a/scripts/auto-rebase/commits.txt b/scripts/auto-rebase/commits.txt index 670189ca50..5f2142d080 100644 --- a/scripts/auto-rebase/commits.txt +++ b/scripts/auto-rebase/commits.txt @@ -1,23 +1,23 @@ -https://github.com/openshift/api embedded-component 09730f85d8835712c0412a585685ddadb01e171b +https://github.com/openshift/api embedded-component 70f01b82bb532c61086160b6033575b65540f73e https://github.com/openshift/cluster-csi-snapshot-controller-operator embedded-component 108f37f0e378accc322cbeb68136ec500ec35b94 https://github.com/openshift/cluster-dns-operator embedded-component 3d2141182243cde1ec6417bd005c76d29aa88a01 -https://github.com/openshift/cluster-ingress-operator embedded-component 8360b3561fd7fd9abcd67064d3604f6f57f3c3b0 -https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 3f0fc12dd47751683491e66b7da4c3afafe83ba2 +https://github.com/openshift/cluster-ingress-operator embedded-component 53b8a64230fb27b820297d6dcd1b90cf0c176573 +https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 7547b7c84d27699706e1746428f4d0d82bf1ce7e https://github.com/openshift/cluster-kube-controller-manager-operator embedded-component ca150c42a7982509b8bba34080308cff00c09310 https://github.com/openshift/cluster-kube-scheduler-operator embedded-component d43423b583269eea8236040424609c3f108ac9c4 -https://github.com/openshift/cluster-network-operator embedded-component bea98c0a2a0ff2cc7c642f72feefddbf42f5e28f +https://github.com/openshift/cluster-network-operator embedded-component 7d4c17ac28ac25d47be68694956a693c15b80939 https://github.com/openshift/cluster-openshift-controller-manager-operator embedded-component 34f95b07f4afbc47558e54e4fa2710fd692e615e https://github.com/openshift/cluster-policy-controller embedded-component bb429f5b2a7d77791110b06d8ec5c017183e3ab9 https://github.com/openshift/csi-external-snapshotter embedded-component 77d02e52a442c1a98457797bf8eb5777489aabae https://github.com/openshift/etcd embedded-component c543fe15324510d13e896c31232ecd5d100d9de5 https://github.com/openshift/kubernetes embedded-component 99b75aa92a7f60c4446ee29f54d511f140a8aed0 https://github.com/openshift/kubernetes-kube-storage-version-migrator embedded-component 72835e43c7754356645e41031f3a99926b4d42e6 -https://github.com/openshift/machine-config-operator embedded-component 78e9e0e35b20d538b5b27c2fbb061612d5675d1f +https://github.com/openshift/machine-config-operator embedded-component d72b715f8f9e0fad5d27a45420ea074ea2628207 https://github.com/openshift/openshift-controller-manager embedded-component 5631cf493b006cbc72a8600a7435813272d71940 https://github.com/openshift/operator-framework-olm embedded-component bc60033b299368309e8d3ca001cba75970c227c9 https://github.com/openshift/route-controller-manager embedded-component 1916ceb059f500f06e8552f88bf38cd09f9522fd https://github.com/openshift/service-ca-operator embedded-component e7ccfa308e69ce4ad1f2afcd1d7c8ff25144374b -https://github.com/openshift/oc image-amd64 a052bd4018333201e48f7370b2263db2dc6a5c99 +https://github.com/openshift/oc image-amd64 9557cf3d482ecbc4e271eb4eefeefff5eaf4bdac https://github.com/openshift/coredns image-amd64 3c21b066c9bd86caa06f790dcd1c046667875d46 https://github.com/openshift/csi-external-snapshotter image-amd64 77d02e52a442c1a98457797bf8eb5777489aabae https://github.com/openshift/router image-amd64 676113436feb61e5c89376d6a7ae66fdaefe8e98 @@ -25,7 +25,7 @@ https://github.com/openshift/kube-rbac-proxy image-amd64 d12e274605248f6c5937324 https://github.com/openshift/ovn-kubernetes image-amd64 3ce6353a1ed2962dc8aabe96dcef0e5bd7a40555 https://github.com/openshift/kubernetes image-amd64 99b75aa92a7f60c4446ee29f54d511f140a8aed0 https://github.com/openshift/service-ca-operator image-amd64 e7ccfa308e69ce4ad1f2afcd1d7c8ff25144374b -https://github.com/openshift/oc image-arm64 a052bd4018333201e48f7370b2263db2dc6a5c99 +https://github.com/openshift/oc image-arm64 9557cf3d482ecbc4e271eb4eefeefff5eaf4bdac https://github.com/openshift/coredns image-arm64 3c21b066c9bd86caa06f790dcd1c046667875d46 https://github.com/openshift/csi-external-snapshotter image-arm64 77d02e52a442c1a98457797bf8eb5777489aabae https://github.com/openshift/router image-arm64 676113436feb61e5c89376d6a7ae66fdaefe8e98 diff --git a/scripts/auto-rebase/last_rebase.sh b/scripts/auto-rebase/last_rebase.sh index 77c41ca7c8..54eaa2dd8d 100755 --- a/scripts/auto-rebase/last_rebase.sh +++ b/scripts/auto-rebase/last_rebase.sh @@ -1,2 +1,2 @@ #!/bin/bash -x -./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release-5:5.0.0-0.nightly-2026-05-27-205543" "registry.ci.openshift.org/ocp-arm64/release-5-arm64:5.0.0-0.nightly-arm64-2026-05-27-222818" +./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release-5:5.0.0-0.nightly-2026-06-04-190102" "registry.ci.openshift.org/ocp-arm64/release-5-arm64:5.0.0-0.nightly-arm64-2026-06-04-190103" diff --git a/scripts/auto-rebase/manifests_patches/020-dns-daemonset-resources.patch b/scripts/auto-rebase/manifests_patches/020-dns-daemonset-resources.patch new file mode 100644 index 0000000000..c993ee07d3 --- /dev/null +++ b/scripts/auto-rebase/manifests_patches/020-dns-daemonset-resources.patch @@ -0,0 +1,22 @@ +diff --git a/assets/components/openshift-dns/dns/daemonset.yaml b/assets/components/openshift-dns/dns/daemonset.yaml +index 5faae9a3e..248245b36 100644 +--- a/assets/components/openshift-dns/dns/daemonset.yaml ++++ b/assets/components/openshift-dns/dns/daemonset.yaml +@@ -57,8 +57,15 @@ spec: + failureThreshold: 5 + resources: + requests: +- cpu: 50m +- memory: 70Mi ++ {{- range $key, $value := .DNSRequests }} ++ {{ $key }}: {{ $value }} ++ {{- end }} ++ {{- if .DNSLimits }} ++ limits: ++ {{- range $key, $value := .DNSLimits }} ++ {{ $key }}: {{ $value }} ++ {{- end }} ++ {{- end }} + securityContext: + readOnlyRootFilesystem: true + image: '{{ .ReleaseImage.coredns }}'