EIB updates for 1.2.1

Reviewed-on: suse-edge/Factory#180
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>

.gitea/workflows/check_manifest.yaml

@@ -0,0 +1,23 @@
+name: Check Release Manifest Local Charts Versions
+on:
+  pull_request:
+      branches-ignore:
+      - "devel"
+
+
+jobs:
+  sync-pr-project:
+    name: "Check Release Manifest Local Charts Versions"
+    runs-on: tumbleweed
+    steps:
+        # Waiting on PR to get merged for support in upstream action/checkout action
+      - uses: 'https://github.com/yangskyboxlabs/action-checkout@sha256'
+        name: Checkout repository
+        with:
+          object-format: 'sha256'
+      - name: Setup dependencies
+        run: |
+          zypper in -y python3-PyYAML
+      - name: Check release manifest
+        run: |
+          python3 .obs/manifest-check.py

.obs/common.py

@@ -1,3 +1,3 @@
-PROJECT = "isv:SUSE:Edge:Factory:Devel"
+PROJECT = "isv:SUSE:Edge:Factory"
 REPOSITORY = "https://src.opensuse.org/suse-edge/Factory"
-BRANCH = "devel"
+BRANCH = "main"

.obs/manifest-check.py

@@ -0,0 +1,45 @@
+#!/usr/bin/python3
+
+import yaml
+import sys
+
+def get_chart_version(chart_name: str) -> str:
+    with open(f"./{chart_name}-chart/Chart.yaml") as f:
+        chart = yaml.safe_load(f)
+        return chart["version"]
+
+def get_charts(chart):
+    if not chart["chart"].startswith("%%CHART_REPO%%"):
+        # Not a locally managed chart
+        return {}
+
+    chart_name = chart["chart"][len("%%CHART_REPO%%/%%CHART_PREFIX%%"):]
+    charts = { chart_name: chart["version"] }
+    for child_chart in chart.get("dependencyCharts", []) + chart.get("addonCharts", []):
+        charts.update(get_charts(child_chart))
+    return charts
+
+def get_charts_list():
+    with open("./release-manifest-image/release_manifest.yaml") as f:
+        manifest = yaml.safe_load(f)
+    charts = {}
+    for chart in manifest["spec"]["components"]["workloads"]["helm"]:
+        charts.update(get_charts(chart))
+    return charts
+
+def main():
+    print("Checking charts versions in release manifest")
+    success = True
+    charts = get_charts_list()
+    for chart in charts:
+        expected_version = get_chart_version(chart)
+        if expected_version != charts[chart]:
+            success = False
+            print(f"{chart}: Expected: {expected_version}, Got: {charts[chart]}")
+    if not success:
+        sys.exit(1)
+    else:
+        print("All local charts in release manifest are using the right version")
+
+if __name__ == "__main__":
+    main()

.obs/trigger_package.py

@@ -1,65 +0,0 @@
-import xml.etree.ElementTree as ET
-import subprocess
-
-from sync_packages import get_local_packages
-from common import PROJECT
-
-def get_service_repo(package):
-    with open(f"{package}/_service") as service:
-        root = ET.parse(service).getroot()
-        for service in root.findall("service"):
-            if service.get("mode") in ["manual", "disabled"]:
-                continue
-            if service.get("name") not in ["obs_scm", "tar_scm"]:
-                continue
-            ref = service.find("param[@name='revision']").text
-            repo = service.find("param[@name='url']").text
-            return (repo, ref)
-    return None
-    
-
-def get_remote_ref(project, package):
-    files = subprocess.run(["osc", "ls", "-e", project, package], encoding='utf-8' , capture_output=True).stdout.splitlines()
-    for filename in files:
-        if filename.startswith("_service") and filename.endswith(".obsinfo"):
-            obsinfo = subprocess.run(["osc", "cat", project, package, filename], encoding='utf-8' , capture_output=True).stdout.splitlines()
-            for line in obsinfo:
-                if line.startswith("commit:"):
-                    return line.split(':')[-1].strip()
-
-def get_upstream_ref(repo, ref):
-    refs = subprocess.run(["git", "ls-remote", repo, ref, f"{ref}^{{}}"], encoding='utf-8' , capture_output=True).stdout.splitlines()
-    refpath = ref.split('/')
-    best = None
-    for rref in refs:
-        value = rref.split('\t')
-        (sha, name) = (value[0].strip(), value[1].strip())
-        namepath = name.split('/')
-        if len(namepath) == len(refpath) or len(namepath) - 2 == len(refpath):
-            if name.endswith(ref) and best is None:
-                best = sha
-            if name.endswith("^{}"):
-                best = sha
-    return best
-
-def trigger_service(project, package):
-    subprocess.run(["osc", "service", "remoterun", project, package], encoding="utf-8",check=True)
-
-def main():
-    packages = get_local_packages()
-    for package in packages:
-        try:
-            (repo, ref) = get_service_repo(package)
-            print(f"{package} uses {repo} at {ref}")
-        except: # Package is not using server side scm service
-            continue
-        remote_ref = get_remote_ref(PROJECT, package)
-        upstream_ref = get_upstream_ref(repo, ref)
-        if upstream_ref != remote_ref:
-            print(f"\t{package} needs a refresh")
-            print(f"\tOBS ref is {remote_ref}")
-            print(f"\tgit ref is {upstream_ref}")
-            trigger_service(PROJECT, package)
-            
-if __name__ == "__main__":
-    main()

_config

@@ -108,7 +108,12 @@ BuildFlags: onlybuild:release-manifest-image
 
     # Publish multi-arch container images only once all archs have been built
     PublishFlags: archsync
+    
+    # skopeo and umoci are used by build scripts to list packages
+    Substitute: system-packages:podman podman buildah createrepo_c release-compare skopeo umoci
+%endif
 
+%if "%_repository" == "images"
     # skopeo and umoci are used by build scripts to list packages
     Substitute: system-packages:podman podman buildah createrepo_c release-compare edge-build-checks skopeo umoci
 
@@ -122,6 +127,8 @@ BuildFlags: onlybuild:release-manifest-image
     Patterntype: none
     BuildFlags: dockerarg:SLE_VERSION=16.0
     BuildFlags: onlybuild:kiwi-builder-image
+    
+    Substitute: system-packages:podman podman buildah createrepo_c release-compare skopeo umoci
 
     # Publish multi-arch container images only once all archs have been built
     PublishFlags: archsync
@@ -140,7 +147,9 @@ BuildFlags: onlybuild:release-manifest-image
     %endif
 
 %else
-    BuildFlags: excludebuild:kiwi-builder-image
+    %if "%{sub %{reverse %_project} 1 7}" != "%{reverse :ToTest}" && "%{sub %{reverse %_project} 1 9}" != "%{reverse :Snapshot}"
+      BuildFlags: excludebuild:kiwi-builder-image
+    %endif
 %endif
 
 

_meta

@@ -23,6 +23,9 @@
     <disable/>
     <enable repository="charts"/>
     <enable repository="test_manifest_images"/>
+    {%- if for_release %}
+    <enable repository="releasecharts"/>
+    {%- endif %}
   </build>
   <publish>
     <disable repository="phantomcharts"/>

akri-dashboard-extension-chart/Chart.yaml

@@ -1,6 +1,6 @@
-#!BuildTag: %%CHART_PREFIX%%akri-dashboard-extension:%%CHART_MAJOR%%.0.1
+#!BuildTag: %%CHART_PREFIX%%akri-dashboard-extension:%%CHART_MAJOR%%.0.2
-#!BuildTag: %%CHART_PREFIX%%akri-dashboard-extension:%%CHART_MAJOR%%.0.1_up1.3.0
+#!BuildTag: %%CHART_PREFIX%%akri-dashboard-extension:%%CHART_MAJOR%%.0.2_up1.3.1
-#!BuildTag: %%CHART_PREFIX%%akri-dashboard-extension:%%CHART_MAJOR%%.0.1_up1.3.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%akri-dashboard-extension:%%CHART_MAJOR%%.0.2_up1.3.1-%RELEASE%
 annotations:
   catalog.cattle.io/certified: rancher
   catalog.cattle.io/namespace: cattle-ui-plugin-system
@@ -10,13 +10,13 @@ annotations:
   catalog.cattle.io/ui-component: plugins
   catalog.cattle.io/display-name: Akri
   catalog.cattle.io/rancher-version: '>= 2.11.0-0'
-  catalog.cattle.io/ui-extensions-version: '>= 3.0.4 < 4.0.0'
+  catalog.cattle.io/ui-extensions-version: '>= 3.0.2 < 4.0.0'
   catalog.cattle.io/kube-version: '>= v1.26.0-0'
 apiVersion: v2
-appVersion: 303.0.1+up1.3.0
+appVersion: 303.0.2+up1.3.1
 description: 'SUSE Edge: Akri extension for Rancher Dashboard'
 name: akri-dashboard-extension
 type: application
-version: "%%CHART_MAJOR%%.0.1+up1.3.0"
+version: "%%CHART_MAJOR%%.0.2+up1.3.1"
 icon: >-
   https://raw.githubusercontent.com/cncf/artwork/main/projects/akri/icon/color/akri-icon-color.svg

akri-dashboard-extension-chart/templates/cr.yaml

@@ -8,7 +8,7 @@ spec:
   plugin:
     name: {{ include "extension-server.fullname" . }}
     version: {{ (semver (default .Chart.AppVersion .Values.plugin.versionOverride)).Original }}
-    endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/akri-dashboard-extension/303.0.1+up1.3.0
+    endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/akri-dashboard-extension/303.0.2+up1.3.1
     noCache: {{ .Values.plugin.noCache }}
     noAuth: {{ .Values.plugin.noAuth }}
     metadata: {{ include "extension-server.pluginMetadata" . | indent 6 }}

akri-dashboard-extension-chart/values.yaml

@@ -8,5 +8,5 @@ plugin:
   metadata:
     catalog.cattle.io/display-name: Akri
     catalog.cattle.io/rancher-version: ">= 2.11.0-0"
-    catalog.cattle.io/ui-extensions-version: ">= 3.0.4 < 4.0.0"
+    catalog.cattle.io/ui-extensions-version: ">= 3.0.2 < 4.0.0"
     catalog.cattle.io/kube-version: ">= v1.26.0-0"

baremetal-operator-image/Dockerfile

@@ -1,13 +1,13 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%
+#!BuildTag: %%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%.1
-#!BuildTag: %%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%.1-%RELEASE%
 #!BuildVersion: 15.6
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
 
 FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
 COPY --from=micro / /installroot/
-RUN zypper --installroot /installroot --non-interactive install --no-recommends baremetal-operator iproute2 bind-utils vim shadow; zypper -n clean; rm -rf /var/log/*
+RUN zypper --installroot /installroot --non-interactive install --no-recommends baremetal-operator inotify-tools procps iproute2 bind-utils vim shadow; zypper -n clean; rm -rf /var/log/*
 
 FROM micro AS final
 # Define labels according to https://en.opensuse.org/Building_derived_containers
@@ -19,7 +19,7 @@ LABEL org.opencontainers.image.version="%%baremetal-operator_version%%"
 LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%.1-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"
@@ -29,6 +29,8 @@ LABEL com.suse.release-stage="released"
 # endlabelprefix
 
 COPY --from=base /installroot /
+COPY bmo-run /usr/bin/bmo-run
+RUN chmod +x /usr/bin/bmo-run
 RUN groupadd -r -g 11000 bmo
 RUN useradd -u 11000 -g 11000 bmo
-ENTRYPOINT [ "/usr/bin/baremetal-operator" ]
+ENTRYPOINT [ "/usr/bin/bmo-run" ]

baremetal-operator-image/bmo-run

@@ -0,0 +1,12 @@
+#!/bin/bash
+export RESTART_CONTAINER_CERTIFICATE_UPDATED=${RESTART_CONTAINER_CERTIFICATE_UPDATED:-"false"}
+export IRONIC_CACERT_FILE=${IRONIC_CACERT_FILE:-"/opt/metal3/certs/ca/tls.crt"}
+
+if [[ "${RESTART_CONTAINER_CERTIFICATE_UPDATED}" == "true" ]]; then
+    # shellcheck disable=SC2034
+    inotifywait -m -e delete_self "${IRONIC_CACERT_FILE}" | while read -r file event; do
+        kill $(pgrep baremetal-opera)
+    done &
+fi
+
+exec /usr/bin/baremetal-operator $@

cdi-chart/Chart.yaml

@@ -1,9 +1,9 @@
-#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.4.0
+#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.5.0
-#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.4.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.5.0-%RELEASE%
 apiVersion: v2
-appVersion: 1.60.1
+appVersion: 1.61.0
 description: A Helm chart for Containerized Data Importer (CDI)
 icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg
 name: cdi
 type: application
-version: "%%CHART_MAJOR%%.0.0+up0.4.0"
+version: "%%CHART_MAJOR%%.0.0+up0.5.0"

cdi-chart/crds/cdi.yaml

@@ -5079,4 +5079,4 @@ spec:
           type: object
       served: true
       storage: true
-      subresources: {}
+      subresources: {}

cdi-chart/templates/NOTES.txt

@@ -1,2 +1,2 @@
 Verify that all CDI components are installed correctly:
-  kubectl get all -n {{ .Release.Namespace }}
+  kubectl get all -n {{ .Release.Namespace }}

cdi-chart/templates/_helpers.tpl

@@ -59,4 +59,4 @@ Create the name of the service account to use
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
-{{- end }}
+{{- end }}

cdi-chart/templates/_hooks.tpl

@@ -44,4 +44,4 @@
 {{/* CRD uninstalling hook name */}}
 {{- define "cdi.crdUninstallHook.name" -}}
 {{ include "cdi.fullname" . }}-crd-uninstall
-{{- end }}
+{{- end }}

cdi-chart/templates/cdi-operator.yaml

@@ -606,17 +606,7 @@ spec:
         prometheus.cdi.kubevirt.io: "true"
     spec:
       affinity:
-        podAffinity:
+{{- .Values.deployment.affinity | toYaml | nindent 8 }}
-          preferredDuringSchedulingIgnoredDuringExecution:
-            - podAffinityTerm:
-                labelSelector:
-                  matchExpressions:
-                    - key: cdi.kubevirt.io
-                      operator: In
-                      values:
-                        - cdi-operator
-                topologyKey: kubernetes.io/hostname
-              weight: 1
       containers:
         - env:
             - name: DEPLOY_CLUSTER_RESOURCES
@@ -650,9 +640,7 @@ spec:
               name: metrics
               protocol: TCP
           resources:
-            requests:
+{{- .Values.deployment.resources | toYaml | nindent 12 }}
-              cpu: 100m
-              memory: 150Mi
           securityContext:
             allowPrivilegeEscalation: false
             capabilities:
@@ -661,6 +649,8 @@ spec:
             runAsNonRoot: true
             seccompProfile:
               type: RuntimeDefault
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
       nodeSelector:
         kubernetes.io/os: linux
       securityContext:
@@ -668,4 +658,4 @@ spec:
       serviceAccountName: cdi-operator
       tolerations:
         - key: CriticalAddonsOnly
-          operator: Exists
+          operator: Exists

cdi-chart/templates/cdi-uninstall-hooks.yaml

@@ -66,4 +66,4 @@ spec:
             - deployments/cdi-apiserver
             - deployments/cdi-deployment
             - deployments/cdi-uploadproxy
-            - --timeout=60s
+            - --timeout=60s

cdi-chart/templates/cdi.yaml

@@ -18,4 +18,4 @@ spec:
   {{- with .Values.cdi.workload }}
   workload:
   {{- toYaml . | nindent 4 }}
-  {{- end }}
+  {{- end }}

cdi-chart/templates/crd-uninstall-hooks.yaml

@@ -52,4 +52,4 @@ spec:
             - customresourcedefinitions
             - cdis.cdi.kubevirt.io
           securityContext:
-            {{- toYaml .Values.hookSecurityContext | nindent 12 }}
+            {{- toYaml .Values.hookSecurityContext | nindent 12 }}

cdi-chart/templates/crd-upgrade-hooks.yaml

@@ -77,4 +77,4 @@ spec:
             name: cdi-crd-manifest
             items:
               - key: crd
-                path: crd.yaml
+                path: crd.yaml

cdi-chart/templates/namespace-hooks.yaml

@@ -53,4 +53,4 @@ spec:
             - label
             - namespace
             - {{ .Release.Namespace }}
-            - cdi.kubevirt.io=
+            - cdi.kubevirt.io=

cdi-chart/values.yaml

@@ -1,5 +1,5 @@
 deployment:
-  version: 1.60.1-150600.3.9.1
+  version: 1.61.0-150600.3.12.1
   operatorImage: registry.suse.com/suse/sles/15.6/cdi-operator
   controllerImage: registry.suse.com/suse/sles/15.6/cdi-controller
   importerImage: registry.suse.com/suse/sles/15.6/cdi-importer
@@ -8,6 +8,22 @@ deployment:
   uploadserverImage: registry.suse.com/suse/sles/15.6/cdi-uploadserver
   uploadproxyImage: registry.suse.com/suse/sles/15.6/cdi-uploadproxy
   pullPolicy: IfNotPresent
+  affinity:
+    podAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+        - podAffinityTerm:
+            labelSelector:
+              matchExpressions:
+                - key: cdi.kubevirt.io
+                  operator: In
+                  values:
+                    - cdi-operator
+            topologyKey: kubernetes.io/hostname
+          weight: 1
+  resources:
+    requests:
+      cpu: 100m
+      memory: 150Mi
 
 cdi:
   config:
@@ -35,4 +51,4 @@ hookSecurityContext:
   allowPrivilegeEscalation: false
   capabilities:
     drop:
-      - ALL
+      - ALL

edge-build-checks/20-helm-images

@@ -8,6 +8,7 @@ import pprint
 
 AUTHORIZED_REPOS = [
     "registry.suse.com/suse/sles/",
+    "registry.suse.com/rancher",
     "registry.rancher.com",
 ]
 

edge-image-builder-image/Dockerfile

@@ -1,5 +1,5 @@
-#!BuildTag: %%IMG_PREFIX%%edge-image-builder:%PACKAGE_VERSION%
+#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.2.1
-#!BuildTag: %%IMG_PREFIX%%edge-image-builder:%PACKAGE_VERSION%-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.2.1-%RELEASE%
 #!BuildVersion: 15.6
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-base:$SLE_VERSION
@@ -15,11 +15,11 @@ RUN zypper --non-interactive install --no-recommends edge-image-builder qemu-x86
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SLE edge-image-builder Container Image"
 LABEL org.opencontainers.image.description="edge-image-builder based on the SLE Base Container Image."
-LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
+LABEL org.opencontainers.image.version="1.2.1"
 LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%edge-image-builder:%PACKAGE_VERSION%-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%edge-image-builder:1.2.1-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"

edge-image-builder-image/_service

@@ -1,10 +1,5 @@
 <services>
   <service mode="buildtime" name="kiwi_metainfo_helper"/>
-  <service name="replace_using_package_version" mode="buildtime">
-      <param name="file">Dockerfile</param>
-      <param name="regex">%PACKAGE_VERSION%</param>
-      <param name="package">edge-image-builder</param>
-    </service>
   <service name="replace_using_env" mode="buildtime">
     <param name="file">Dockerfile</param>
     <param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})</param>

edge-image-builder/_service

@@ -1,12 +1,15 @@
 <services>
   <service name="obs_scm">
     <param name="url">https://github.com/suse-edge/edge-image-builder.git</param>
-    <param name="versionformat">@PARENT_TAG@_%h.%ad</param>
     <param name="scm">git</param>
     <param name="exclude">.git</param>
-    <param name="revision">main</param>
+    <param name="revision">v1.2.1</param>
-    <param name="versionrewrite-pattern">v(.*)</param>
+    <!-- Uncomment and set this For Pre-Release Version -->
-    <param name="versionrewrite-replacement">\1</param>
+    <!-- <param name="version">1.2.0~rc1</param> -->
+    <!-- Uncomment and this for regular version -->
+    <param name="versionformat">@PARENT_TAG@</param>
+    <param name="versionrewrite-pattern">v(\d+).(\d+).(\d+)</param>
+    <param name="versionrewrite-replacement">\1.\2.\3</param>
     <param name="changesgenerate">enable</param>
   </service>
   <service mode="buildtime" name="tar">

edge-image-builder/edge-image-builder.spec

@@ -17,7 +17,7 @@
 
 
 Name:           edge-image-builder
-Version:        0
+Version:        1.2.1
 Release:        0
 Summary:        Edge Image Builder
 License:        Apache-2.0

ironic-ipa-downloader-image/Dockerfile

@@ -1,7 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.3
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.7
-#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.3-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.7-%RELEASE%
-#!BuildVersion: 15.6
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
 
@@ -19,11 +18,11 @@ FROM micro AS final
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
 LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
-LABEL org.opencontainers.image.version="3.0.3"
+LABEL org.opencontainers.image.version="3.0.6"
 LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.3-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.7-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"

ironic-ipa-downloader-image/Dockerfile.aarch64

@@ -0,0 +1,45 @@
+# SPDX-License-Identifier: Apache-2.0
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.7
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.7-%RELEASE%
+ARG SLE_VERSION
+FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
+
+FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
+COPY --from=micro / /installroot/
+RUN sed -i -e 's%^# rpm.install.excludedocs = no.*%rpm.install.excludedocs = yes%g' /etc/zypp/zypp.conf
+RUN zypper --installroot /installroot --non-interactive install --no-recommends ironic-ipa-ramdisk-aarch64 tar gawk curl xz zstd shadow cpio findutils
+
+RUN cp /usr/bin/getopt /installroot/
+
+FROM micro AS final
+
+# Define labels according to https://en.opensuse.org/Building_derived_containers
+# labelprefix=com.suse.application.ironic
+LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
+LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
+LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
+LABEL org.opencontainers.image.version="3.0.6"
+LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
+LABEL org.opencontainers.image.created="%BUILDTIME%"
+LABEL org.opencontainers.image.vendor="SUSE LLC"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.7-%RELEASE%"
+LABEL org.openbuildservice.disturl="%DISTURL%"
+LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
+LABEL com.suse.eula="SUSE Combined EULA February 2024"
+LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
+LABEL com.suse.image-type="application"
+LABEL com.suse.release-stage="released"
+# endlabelprefix
+
+COPY --from=base /installroot /
+RUN cp /getopt /usr/bin/
+RUN cp /srv/tftpboot/openstack-ironic-image/initrd*.zst /tmp
+RUN cp /srv/tftpboot/openstack-ironic-image/openstack-ironic-image*.kernel /tmp
+RUN sha256sum /srv/tftpboot/openstack-ironic-image/initrd*.zst /srv/tftpboot/openstack-ironic-image/openstack-ironic-image*.kernel > /tmp/images.sha256
+# configure non-root user
+COPY configure-nonroot.sh /bin/
+RUN set -euo pipefail; chmod +x /bin/configure-nonroot.sh
+RUN set -euo pipefail; /bin/configure-nonroot.sh && rm -f /bin/configure-nonroot.sh
+COPY get-resource.sh /usr/local/bin/get-resource.sh
+
+RUN set -euo pipefail; chmod +x /usr/local/bin/get-resource.sh

ironic-ipa-downloader-image/Dockerfile.x86_64

@@ -0,0 +1,45 @@
+# SPDX-License-Identifier: Apache-2.0
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.7
+#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.7-%RELEASE%
+ARG SLE_VERSION
+FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
+
+FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
+COPY --from=micro / /installroot/
+RUN sed -i -e 's%^# rpm.install.excludedocs = no.*%rpm.install.excludedocs = yes%g' /etc/zypp/zypp.conf
+RUN zypper --installroot /installroot --non-interactive install --no-recommends ironic-ipa-ramdisk-x86_64 tar gawk curl xz zstd shadow cpio findutils
+
+RUN cp /usr/bin/getopt /installroot/
+
+FROM micro AS final
+
+# Define labels according to https://en.opensuse.org/Building_derived_containers
+# labelprefix=com.suse.application.ironic
+LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
+LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
+LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
+LABEL org.opencontainers.image.version="3.0.6"
+LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
+LABEL org.opencontainers.image.created="%BUILDTIME%"
+LABEL org.opencontainers.image.vendor="SUSE LLC"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.7-%RELEASE%"
+LABEL org.openbuildservice.disturl="%DISTURL%"
+LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
+LABEL com.suse.eula="SUSE Combined EULA February 2024"
+LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
+LABEL com.suse.image-type="application"
+LABEL com.suse.release-stage="released"
+# endlabelprefix
+
+COPY --from=base /installroot /
+RUN cp /getopt /usr/bin/
+RUN cp /srv/tftpboot/openstack-ironic-image/initrd*.zst /tmp
+RUN cp /srv/tftpboot/openstack-ironic-image/openstack-ironic-image*.kernel /tmp
+RUN sha256sum /srv/tftpboot/openstack-ironic-image/initrd*.zst /srv/tftpboot/openstack-ironic-image/openstack-ironic-image*.kernel > /tmp/images.sha256
+# configure non-root user
+COPY configure-nonroot.sh /bin/
+RUN set -euo pipefail; chmod +x /bin/configure-nonroot.sh
+RUN set -euo pipefail; /bin/configure-nonroot.sh && rm -f /bin/configure-nonroot.sh
+COPY get-resource.sh /usr/local/bin/get-resource.sh
+
+RUN set -euo pipefail; chmod +x /usr/local/bin/get-resource.sh

ironic-ipa-downloader-image/_multibuild

@@ -0,0 +1,4 @@
+<multibuild>
+  <flavor>x86_64</flavor>
+  <flavor>aarch64</flavor>
+</multibuild>

ironic-ipa-downloader-image/_service

@@ -2,6 +2,8 @@
   <service mode="buildtime" name="kiwi_metainfo_helper"/>
   <service mode="buildtime" name="docker_label_helper"/>
   <service name="replace_using_env" mode="buildtime">
+    <param name="file">Dockerfile.aarch64</param>
+    <param name="file">Dockerfile.x86_64</param>
     <param name="file">Dockerfile</param>
     <param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})</param>
     <param name="var">IMG_PREFIX</param>

ironic-ipa-downloader-image/get-resource.sh

@@ -26,11 +26,15 @@ if [ -z "${IPA_BASEURI}" ]; then
   IMAGE_CHANGED=1
   # SLES BASED IPA - ironic-ipa-ramdisk-x86_64 and ironic-ipa-ramdisk-aarch64 packages
   mkdir -p /shared/html/images
-  cp /tmp/initrd-x86_64.zst /shared/html/images/ironic-python-agent-x86_64.initramfs
+  if [ -f /tmp/initrd-x86_64.zst ]; then
-  cp /tmp/openstack-ironic-image.x86_64*.kernel /shared/html/images/ironic-python-agent-x86_64.kernel
+    cp /tmp/initrd-x86_64.zst /shared/html/images/ironic-python-agent-x86_64.initramfs
+    cp /tmp/openstack-ironic-image.x86_64*.kernel /shared/html/images/ironic-python-agent-x86_64.kernel
+  fi
   # Use arm64 as destination for iPXE compatibility
-  cp /tmp/initrd-aarch64.zst /shared/html/images/ironic-python-agent-arm64.initramfs
+  if [ -f /tmp/initrd-aarch64.zst ]; then
-  cp /tmp/openstack-ironic-image.aarch64*.kernel /shared/html/images/ironic-python-agent-arm64.kernel
+    cp /tmp/initrd-aarch64.zst /shared/html/images/ironic-python-agent-arm64.initramfs
+    cp /tmp/openstack-ironic-image.aarch64*.kernel /shared/html/images/ironic-python-agent-arm64.kernel
+  fi
 
   cp /tmp/images.sha256 /shared/images.sha256
 else

ironic-ipa-ramdisk/config.sh

@@ -13,11 +13,6 @@ echo "Configure image: [$kiwi_iname]..."
 #------------------------------------------
 baseSetupBuildDay
 
-#======================================
-# Mount system filesystems
-#--------------------------------------
-#baseMount
-
 #==========================================
 # remove unneded kernel files
 #------------------------------------------
@@ -39,12 +34,8 @@ suseImportBuildKey
 #--------------------------------------
 baseInsertService openstack-ironic-python-agent
 baseInsertService suse-ironic-image-setup
-baseInsertService suse-network-setup
 baseInsertService sshd
 baseInsertService NetworkManager
-#suseInsertService sshd
-#suseInsertService openstack-ironic-python-agent
-#suseInsertService suse-ironic-image-setup
 
 echo 'DEFAULT_TIMEZONE="UTC"' >> /etc/sysconfig/clock
 baseUpdateSysConfig /etc/sysconfig/clock HWCLOCK "-u"
@@ -64,42 +55,7 @@ sed -E 's/^(ExecStart=.*\/agetty).*(--noclear.*)/\1 \2 --autologin root/' /usr/l
 #------------------------------------------
 echo 'tmpfs /tmp tmpfs size=3G 0 0' >> /etc/fstab
 
-#==========================================
-# remove package docs and manuals
-#------------------------------------------
-#baseStripDocs
-#baseStripMans
-#baseStripInfos
-
-#======================================
-# only basic version of vim is
-# installed; no syntax highlighting
-#--------------------------------------
-sed -i -e's/^syntax on/" syntax on/' /etc/vimrc
-
-#======================================
-# Remove yast if not in use
-#--------------------------------------
-#suseRemoveYaST
-
-#======================================
-# Remove package manager
-#--------------------------------------
-#suseStripPackager
-
-#rm -f usr/lib/perl5/*/*/auto/Encode/??/??.so # 9MB
-
-#======================================
-# Umount kernel filesystems
-#--------------------------------------
-#baseCleanMount
-
 ln -s /sbin/init /init
 
-#==========================================
-# umount
-#------------------------------------------
-umount /proc >/dev/null 2>&1
-
 exit 0
 

ironic-ipa-ramdisk/ironic-ipa-ramdisk.kiwi

@@ -12,6 +12,7 @@
         <locale>en_US</locale>
         <packagemanager>zypper</packagemanager>
         <rpm-check-signatures>false</rpm-check-signatures>
+        <rpm-excludedocs>true</rpm-excludedocs>
         <timezone>UTC</timezone>
         <version>1.0.0</version> 
     </preferences>	
@@ -102,64 +103,25 @@
         <package name="libxcb-render0"/>
         <package name="libxcb-shm0"/>
         <package name="libxcb1"/>
-        <package name="plymouth"/>
+        <package name="kernel-firmware-amdgpu"/>
-        <package name="plymouth-branding-SLE"/>
+        <package name="kernel-firmware-ath10k"/>
+        <package name="kernel-firmware-ath11k"/>
+        <package name="kernel-firmware-ath12k"/>
+        <package name="kernel-firmware-atheros"/>
+        <package name="kernel-firmware-bluetooth"/>
+        <package name="kernel-firmware-brcm"/>
+        <package name="kernel-firmware-i915"/>
+        <package name="kernel-firmware-iwlwifi"/>
+        <package name="kernel-firmware-media"/>
+        <package name="kernel-firmware-nvidia"/>
+        <package name="kernel-firmware-qcom"/>
+        <package name="kernel-firmware-radeon"/>
+        <package name="kernel-firmware-realtek"/>
+        <package name="kernel-firmware-sound"/>
+        <package name="kernel-firmware-ti"/>
+        <package name="kernel-firmware-ueagle"/>
     </packages>
 
-    <packages type="image">
-        <package name="checkmedia"/>
-        <package name="plymouth-branding-SLE"/>
-        <package name="plymouth-dracut"/>
-        <package name="plymouth-theme-bgrt"/>
-        <package name="grub2-branding-SLE"/>
-        <package name="iputils"/>
-        <package name="vim"/>
-        <package name="grub2"/>
-        <package name="grub2-x86_64-efi" arch="x86_64"/>
-        <package name="grub2-arm64-efi" arch="aarch64"/>
-        <package name="grub2-i386-pc" arch="x86_64"/>
-        <package name="syslinux" arch="x86_64"/>
-        <package name="lvm2"/>
-        <package name="plymouth"/>
-        <package name="fontconfig"/>
-        <package name="fonts-config"/>
-        <package name="openssh"/>
-        <package name="iproute2"/>
-        <package name="which"/>
-        <package name="kernel-firmware"/>
-        <package name="kernel-default"/>
-        <package name="NetworkManager"/>
-        <package name="nm-configurator"/>
-        <package name="timezone"/>
-        <package name="haveged"/>
-        <!-- ironic-python-agent specific -->
-        <package name="openstack-ironic-python-agent"/>
-        <package name="hdparm"/>
-        <package name="qemu-tools"/>
-        <package name="python311-proliantutils"/>
-        <package name="lshw"/>
-        <package name="dmidecode"/>
-        <package name="efibootmgr"/>
-        <package name="gptfdisk"/>
-        <package name="open-iscsi"/>
-        <package name="hwinfo"/>
-        <package name="ipmitool"/>
-        <package name="iputils"/>
-        <package name="lvm2"/>
-        <package name="net-tools"/>
-        <package name="ntp"/>
-        <package name="parted"/>
-        <package name="psmisc"/>
-        <package name="timezone"/>
-        <package name="which"/>
-        <package name="kbd"/>
-    </packages>
-
-    <packages type="kis">
-        <package name="dracut-kiwi-oem-repart"/>
-        <package name="dracut-kiwi-oem-dump"/>
-    </packages> 
-
     <packages type="bootstrap">
         <package name="glibc-locale"/>
         <package name="udev"/>
@@ -167,5 +129,50 @@
         <package name="cracklib-dict-full"/>
         <package name="ca-certificates"/>
         <package name="sles-release"/>
+
+        <package name="checkmedia"/>
+        <package name="fontconfig"/>
+        <package name="fonts-config"/>
+        <package name="grub2-arm64-efi" arch="aarch64"/>
+        <package name="grub2-branding-SLE"/>
+        <package name="grub2-i386-pc" arch="x86_64"/>
+        <package name="grub2-x86_64-efi" arch="x86_64"/>
+        <package name="grub2"/>
+        <package name="iproute2"/>
+        <package name="iputils"/>
+        <package name="kernel-default"/>
+        <package name="kernel-firmware-all"/>
+        <package name="lvm2"/>
+        <package name="NetworkManager"/>
+        <package name="nm-configurator"/>
+        <package name="openssh"/>
+        <package name="timezone"/>
+        <package name="which"/>
+        <!-- ironic-python-agent specific -->
+        <package name="dmidecode"/>
+        <package name="efibootmgr"/>
+        <package name="gptfdisk"/>
+        <package name="hdparm"/>
+        <package name="hwinfo"/>
+        <package name="ipmitool"/>
+        <package name="iputils"/>
+        <package name="kbd"/>
+        <package name="lshw"/>
+        <package name="lvm2"/>
+        <package name="net-tools"/>
+        <package name="ntp"/>
+        <package name="open-iscsi"/>
+        <package name="openstack-ironic-python-agent"/>
+        <package name="parted"/>
+        <package name="psmisc"/>
+        <package name="python311-proliantutils"/>
+        <package name="qemu-tools"/>
+        <package name="timezone"/>
+        <package name="which"/>
     </packages>
+
+    <packages type="kis">
+        <package name="dracut-kiwi-oem-repart"/>
+        <package name="dracut-kiwi-oem-dump"/>
+    </packages> 
 </image>

ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec

@@ -19,7 +19,7 @@
 
 
 Name:           ironic-ipa-ramdisk
-Version:        3.0.3
+Version:        3.0.7
 Release:        0
 Summary:        Kernel and ramdisk image for OpenStack Ironic
 License:        SUSE-EULA
@@ -27,7 +27,7 @@ Group:          System/Management
 URL:            https://github.com/SUSE-Cloud/
 Source0:        config.sh
 Source10:       ironic-ipa-ramdisk.kiwi
-Source20:       root.tar.bz2
+Source20:       root
 
 BuildRequires:  -post-build-checks
 BuildRequires:  bash
@@ -38,7 +38,7 @@ BuildArch:      noarch
 
 BuildRequires:  checkmedia
 BuildRequires:  acl
-BuildRequires:  ca-certificates
+BuildRequires:  ca-certificates-mozilla-prebuilt
 BuildRequires:  cracklib-dict-full
 BuildRequires:  cron
 BuildRequires:  dbus-1
@@ -62,7 +62,7 @@ BuildRequires:  ipmitool
 BuildRequires:  iproute2
 BuildRequires:  iputils
 BuildRequires:  kernel-default
-BuildRequires:  kernel-firmware
+BuildRequires:  kernel-firmware-all
 BuildRequires:  lvm2
 BuildRequires:  net-tools
 BuildRequires:  ntp
@@ -123,13 +123,13 @@ Kernel and ramdisk image for use with Metal3
 For %{_arch}
 
 %prep
-mkdir -p /tmp/openstack-ironic-image/build /tmp/openstack-ironic-image/root /tmp/openstack-ironic-image/img
+mkdir -p /tmp/openstack-ironic-image/build /tmp/openstack-ironic-image/img
 
 cp -a %{SOURCE0} /tmp/openstack-ironic-image/config.sh
 
 cp -a %{SOURCE10} /tmp/openstack-ironic-image/config.kiwi
 
-tar -xC /tmp/openstack-ironic-image/root -f %{SOURCE20}
+cp -ar %{SOURCE20} /tmp/openstack-ironic-image/root
 
 %build
 if ! which kiwi; then

ironic-ipa-ramdisk/root/etc/NetworkManager/conf.d/00-main.conf

@@ -0,0 +1,24 @@
+# WARNING: This file has been modified by the diskimage-builder
+# dhcp-all-interfaces element as this machine is likely running
+# a ramdisk or needs to attempt auto-configuration on all interfaces.
+[main]
+# This makes sense even with dhcp on all interfaces in the event
+# that the configuration has been or is being supplied via external means.
+ignore-carrier=*
+# Use dhclient as was done previously to the Centos8/RHEL8 RPM defaults.
+# This is because dhclient shuts the interface down after a retry attempt
+# which allows the link state to reset with some switches, which may be
+# important for the ramdisk to recover networking.
+dhcp=dhclient
+
+[connection]
+# Keep retrying, this is important for this important espescialy for
+# ramdisks in environments where varying switch configurations may
+# cause traffic to be blocked or intermittent connectivity failures
+# such as those at an edge site may cause issues.
+autoconnect-retries=-1
+# Set the timeout. Diskimage-builder dhcp-all-interfaces has a 30
+# second default. NetworkManager, by default, is 45 seconds.
+# In some cases where ramdisks are in use, 60 seconds is advisable.
+ipv4.dhcp-timeout=30
+ipv6.dhcp-timeout=30

ironic-ipa-ramdisk/root/etc/ironic-python-agent.conf.d

@@ -0,0 +1 @@
+ironic-python-agent/ironic-python-agent.conf.d

ironic-ipa-ramdisk/root/etc/issue

@@ -0,0 +1 @@
+SUSE Ironic Python Agent Ramdisk - terminal \l

ironic-ipa-ramdisk/root/etc/sysctl.d/98-rp_filter.conf

@@ -0,0 +1,2 @@
+# avoid problems with multiple network interfaces
+net.ipv4.conf.all.rp_filter=0

ironic-ipa-ramdisk/root/etc/systemd/system/NetworkManager.service.d/nmc.conf

@@ -0,0 +1,7 @@
+[Unit]
+#WantsMountsFor=/mnt/ipa
+After=mnt-ipa.mount
+Wants=mnt-ipa.mount
+
+[Service]
+ExecStartPre=-/usr/local/bin/suse-network-setup.sh

ironic-ipa-ramdisk/root/etc/systemd/system/mnt-ipa.mount

@@ -0,0 +1,7 @@
+[Unit]
+Description=config-2 rom consumed by IPA for networking configuration
+
+[Mount]
+What=/dev/ipa
+Where=/mnt/ipa
+TimeoutSec=30

ironic-ipa-ramdisk/root/etc/systemd/system/suse-ironic-image-setup.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Setup ironic-python-agent image
+After=getty.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/suse-ironic-image-setup.sh
+StandardOutput=journal+console
+RemainAfterExit=true
+
+[Install]
+WantedBy=multi-user.target

ironic-ipa-ramdisk/root/etc/systemd/system/systemd-udevd.service.d/ordering.conf

@@ -0,0 +1,3 @@
+[Unit]
+Before=local-fs.target
+WantedBy=local-fs.target

ironic-ipa-ramdisk/root/etc/udev/rules.d/61-config2.rules

@@ -0,0 +1 @@
+ACTION=="add|change", SUBSYSTEM=="block", ENV{ID_FS_LABEL}=="config-2", ENV{ID_FS_PUBLISHER_ID}=="?*", PROGRAM="/usr/local/bin/suse-test-config-2.sh", SYMLINK+="ipa"

ironic-ipa-ramdisk/root/usr/local/bin/suse-ironic-image-setup.sh

@@ -0,0 +1,52 @@
+#!/bin/sh
+PARAMS=$(</proc/cmdline)
+# find vfloppy device (based on IPA code)
+VMEDIA_DEVICE=$(find /dev/disk/by-label -iname ir-vfd-dev)
+# read params from vmedia and prepend them to params from kernel cmdline
+if [[ -b "$VMEDIA_DEVICE" ]]; then
+  VMEDIA_MOUNT=$(mktemp -d)
+  if mount -o loop $VMEDIA_DEVICE $VMEDIA_MOUNT; then
+    # parameters.txt has one param per line, reformat to match cmdline
+    VMEDIA_PARAMS=$(cat $VMEDIA_MOUNT/parameters.txt | tr '\n' ' ')
+    umount $VMEDIA_MOUNT
+    PARAMS="$VMEDIA_PARAMS $PARAMS"
+  fi
+  rmdir $VMEDIA_MOUNT
+fi
+
+# resize /tmp
+if [[ $PARAMS =~ suse.tmpsize=([^ ]+) ]]; then
+  echo "Resizing /tmp to ${BASH_REMATCH[1]}..."
+  mount -o remount,size=${BASH_REMATCH[1]} /tmp
+fi
+# deploy authorized sshkey from kernel command line
+if [[ $PARAMS =~ sshkey=\"([^\"]+)\" ]]; then
+  echo "Adding authorized SSH key..."
+  (umask 077 ; mkdir -p /root/.ssh)
+  echo "${BASH_REMATCH[1]}" >> /root/.ssh/authorized_keys
+fi
+# Inject certs
+if [[ $PARAMS =~ tls.enabled=(true|True) ]]; then
+  cp /etc/ironic-python-agent.d/ca-certs/* /etc/pki/trust/anchors/
+  cp /etc/ironic-python-agent.d/ca-certs/* /usr/share/pki/trust/anchors/
+  update-ca-certificates
+fi
+# autologin root on given console (default tty1) if suse.autologin or coreos.autologin is enabled
+if [[ $PARAMS =~ (suse|coreos)\.autologin=?([^ ]*) ]]; then
+  tty="${BASH_REMATCH[2]:-tty1}"
+  echo "Enabling autologin on $tty..."
+  systemctl stop getty@$tty
+  systemctl disable getty@$tty
+  systemctl start autologin@$tty
+fi
+
+# Append to /etc/hosts
+# hosts.append=1.2.3.4_foo,4.5.6.7_foo2
+if [[ $PARAMS =~ hosts.append=([^ ]+) ]]; then
+  HOSTS=${BASH_REMATCH[1]}
+  echo "Appending to hosts ${HOSTS}..."
+  for h in ${HOSTS/,/ }; do
+    echo "${h/_/ }" >> /etc/hosts
+  done
+  cat /etc/hosts
+fi

ironic-ipa-ramdisk/root/usr/local/bin/suse-network-setup.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -eux
+
+# Inspired by/based on glean-early.sh
+# https://opendev.org/opendev/glean/src/branch/master/glean/init/glean-early.sh
+
+# NOTE(TheJulia): We care about iso images, and would expect lower case as a
+# result. In the case of VFAT partitions, they would be upper case.
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+NETWORK_DATA_FILE="/mnt/ipa/openstack/latest/network_data.json"
+
+
+if [ ! -f "${NETWORK_DATA_FILE}" ]; then
+	echo "No network_data.json found, skipping network configuration"
+	exit 1
+fi
+
+mkdir -p /tmp/nmc/{desired,generated}
+cp ${NETWORK_DATA_FILE} /tmp/nmc/desired/_all.yaml
+
+nmc generate --config-dir /tmp/nmc/desired --output-dir /tmp/nmc/generated
+nmc apply --config-dir /tmp/nmc/generated

ironic-ipa-ramdisk/root/usr/local/bin/suse-test-config-2.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -eux
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+# Transform the ID from the drive being considered to lower case
+device_publisher_id=$(echo ${ID_FS_PUBLISHER_ID} | tr '[A-Z]' '[a-z]')
+
+# Retrieve the publisher ID from the command line and convert to lower case
+cmdline_publisher_id=""
+if grep -q "ir_pub_id" /proc/cmdline; then
+    cmdline_publisher_id=$(cat /proc/cmdline | sed -e 's/^.*ir_pub_id=//' -e 's/ .*$//')
+fi
+
+# Is this the filesystem we are looking for?
+if [[ "${cmdline_publisher_id}" == "${device_publisher_id}" ]]; then
+	# It is the device we are looking for, return success
+	exit 0
+else
+	# Not a match, return failure
+	exit 1
+fi

kubectl-image/Dockerfile

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
-#!BuildTag: %%IMG_PREFIX%%kubectl:1.30.3
+#!BuildTag: %%IMG_PREFIX%%kubectl:1.32.4
-#!BuildTag: %%IMG_PREFIX%%kubectl:1.30.3-%RELEASE%
+#!BuildTag: %%IMG_PREFIX%%kubectl:1.32.4-%RELEASE%
 #!BuildVersion: 15.6
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -16,11 +16,11 @@ FROM micro AS final
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SLE kubectl image"
 LABEL org.opencontainers.image.description="kubectl on the SLE Base Container Image."
-LABEL org.opencontainers.image.version="1.30.3"
+LABEL org.opencontainers.image.version="1.32.4"
 LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%kubectl:1.30.3-%RELEASE%"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%kubectl:1.32.4-%RELEASE%"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"

kubectl/kubectl.spec

@@ -1,7 +1,7 @@
 %global debug_package %{nil}
 
 Name: kubectl
-Version: 1.30.3
+Version: 1.32.4
 Release: 0
 Summary: Command-line utility for interacting with a Kubernetes cluster
 
@@ -12,7 +12,7 @@ Group: admin
 Packager: Kubernetes Authors <dev@kubernetes.io>
 License: Apache-2.0
 URL: https://kubernetes.io
-Source0: kubectl_%{version}.orig.tar.gz
+Source0: %{name}_%{version}.orig.tar.gz
 
 %description
 %{summary}.

kubevirt-dashboard-extension-chart/Chart.yaml

@@ -1,6 +1,6 @@
-#!BuildTag: %%CHART_PREFIX%%kubevirt-dashboard-extension:%%CHART_MAJOR%%.0.1
+#!BuildTag: %%CHART_PREFIX%%kubevirt-dashboard-extension:%%CHART_MAJOR%%.0.2
-#!BuildTag: %%CHART_PREFIX%%kubevirt-dashboard-extension:%%CHART_MAJOR%%.0.1_up1.3.1
+#!BuildTag: %%CHART_PREFIX%%kubevirt-dashboard-extension:%%CHART_MAJOR%%.0.2_up1.3.2
-#!BuildTag: %%CHART_PREFIX%%kubevirt-dashboard-extension:%%CHART_MAJOR%%.0.1_up1.3.1-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%kubevirt-dashboard-extension:%%CHART_MAJOR%%.0.2_up1.3.2-%RELEASE%
 annotations:
   catalog.cattle.io/certified: rancher
   catalog.cattle.io/namespace: cattle-ui-plugin-system
@@ -10,13 +10,13 @@ annotations:
   catalog.cattle.io/ui-component: plugins
   catalog.cattle.io/display-name: KubeVirt
   catalog.cattle.io/rancher-version: '>= 2.11.0-0'
-  catalog.cattle.io/ui-extensions-version: '>= 3.0.4 < 4.0.0'
+  catalog.cattle.io/ui-extensions-version: '>= 3.0.2 < 4.0.0'
   catalog.cattle.io/kube-version: '>= v1.26.0-0'
 apiVersion: v2
-appVersion: 303.0.1+up1.3.1
+appVersion: 303.0.2+up1.3.2
 description: 'SUSE Edge: KubeVirt extension for Rancher Dashboard'
 name: kubevirt-dashboard-extension
 type: application
-version: "%%CHART_MAJOR%%.0.1+up1.3.1"
+version: "%%CHART_MAJOR%%.0.2+up1.3.2"
 icon: >-
   https://raw.githubusercontent.com/cncf/artwork/master/projects/kubevirt/icon/color/kubevirt-icon-color.svg

kubevirt-dashboard-extension-chart/templates/cr.yaml

@@ -8,7 +8,7 @@ spec:
   plugin:
     name: {{ include "extension-server.fullname" . }}
     version: {{ (semver (default .Chart.AppVersion .Values.plugin.versionOverride)).Original }}
-    endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/kubevirt-dashboard-extension/303.0.1+up1.3.1
+    endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/kubevirt-dashboard-extension/303.0.2+up1.3.2
     noCache: {{ .Values.plugin.noCache }}
     noAuth: {{ .Values.plugin.noAuth }}
     metadata: {{ include "extension-server.pluginMetadata" . | indent 6 }}

kubevirt-dashboard-extension-chart/values.yaml

@@ -8,5 +8,5 @@ plugin:
   metadata:
     catalog.cattle.io/display-name: KubeVirt
     catalog.cattle.io/rancher-version: ">= 2.11.0-0"
-    catalog.cattle.io/ui-extensions-version: ">= 3.0.4 < 4.0.0"
+    catalog.cattle.io/ui-extensions-version: ">= 3.0.2 < 4.0.0"
     catalog.cattle.io/kube-version: ">= v1.26.0-0"

metal3-chart/Chart.yaml

@@ -1,16 +1,16 @@
-#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.2_up0.11.0
+#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.7_up0.11.5
-#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.2_up0.11.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.7_up0.11.5-%RELEASE%
 apiVersion: v2
-appVersion: 0.11.0
+appVersion: 0.11.5
 dependencies:
 - alias: metal3-baremetal-operator
   name: baremetal-operator
   repository: file://./charts/baremetal-operator
-  version: 0.9.1
+  version: 0.9.2
 - alias: metal3-ironic
   name: ironic
   repository: file://./charts/ironic
-  version: 0.10.0
+  version: 0.10.5
 - alias: metal3-mariadb
   condition: global.enable_mariadb
   name: mariadb
@@ -20,9 +20,9 @@ dependencies:
   condition: global.enable_metal3_media_server
   name: media
   repository: file://./charts/media
-  version: 0.6.1
+  version: 0.6.2
 description: A Helm chart that installs all of the dependencies needed for Metal3
 icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg
 name: metal3
 type: application
-version: "%%CHART_MAJOR%%.0.2+up0.11.0"
+version: "%%CHART_MAJOR%%.0.7+up0.11.5"

metal3-chart/charts/baremetal-operator/Chart.yaml

@@ -3,4 +3,4 @@ appVersion: 0.9.1
 description: A Helm chart for baremetal-operator, used by Metal3
 name: baremetal-operator
 type: application
-version: 0.9.1
+version: 0.9.2

metal3-chart/charts/baremetal-operator/templates/configmap-ironic.yaml

@@ -10,14 +10,15 @@
 apiVersion: v1
 data:
   IRONIC_ENDPOINT: "{{ $protocol }}://{{ $ironicApiHost }}/v1/"
-  RESTART_CONTAINER_CERTIFICATE_UPDATED: "false"
   # Switch VMedia to HTTP if enable_vmedia_tls is false
   {{- if and $enableTLS $enableVMediaTLS }}
     {{- $ironicBootHost = print $ironicIP ":" .Values.global.vmediaTLSPort }}
     {{- $ironicCacheHost = print $ironicIP ":" .Values.global.vmediaTLSPort }}
     {{- $protocol = "https" }}
+  RESTART_CONTAINER_CERTIFICATE_UPDATED: "true"
   {{- else }}
     {{- $protocol = "http" }}
+  RESTART_CONTAINER_CERTIFICATE_UPDATED: "false"
   {{- end }}
   CACHEURL: "{{ $protocol }}://{{ $ironicCacheHost }}/images"
   DEPLOY_KERNEL_URL: "{{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent-{{ $deployArch }}.kernel"

metal3-chart/charts/baremetal-operator/templates/configmap.yaml

@@ -1,19 +0,0 @@
-apiVersion: v1
-data:
-  controller_manager_config.yaml: |
-    apiVersion: controller-runtime.sigs.k8s.io/v1alpha1
-    kind: ControllerManagerConfig
-    health:
-      healthProbeBindAddress: :9440
-    metrics:
-      bindAddress: 127.0.0.1:8085
-    webhook:
-      port: 9443
-    leaderElection:
-      leaderElect: true
-      resourceName: a9498140.metal3.io
-kind: ConfigMap
-metadata:
-  name: baremetal-operator-manager-config
-  labels:
-    {{- include "baremetal-operator.labels" . | nindent 4 }}

metal3-chart/charts/baremetal-operator/templates/deployment.yaml

@@ -17,6 +17,8 @@ spec:
       control-plane: controller-manager
   template:
     metadata:
+      annotations:
+        checksum/config-env: {{ include (print $.Template.BasePath "/configmap-ironic.yaml") . | sha256sum }}
       labels:
         {{- include "baremetal-operator.selectorLabels" . | nindent 8 }}
         control-plane: controller-manager

metal3-chart/charts/baremetal-operator/values.yaml

@@ -22,15 +22,13 @@ global:
   # Comment this out when pinning the baremetal-operator container to a specfic host.
   nodeSelector: {}
 
-  enable_tls: false
-
 replicaCount: 1
 
 images:
   baremetalOperator:
     repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/baremetal-operator
     pullPolicy: IfNotPresent
-    tag: "0.9.1"
+    tag: "0.9.1.1"
 
 imagePullSecrets: []
 nameOverride: "manger"

metal3-chart/charts/ironic/Chart.yaml

@@ -3,4 +3,4 @@ appVersion: 26.1.2
 description: A Helm chart for Ironic, used by Metal3
 name: ironic
 type: application
-version: 0.10.0
+version: 0.10.5

metal3-chart/charts/ironic/templates/deployment.yaml

@@ -14,10 +14,11 @@ spec:
     type: Recreate
   template:
     metadata:
-      {{- with .Values.podAnnotations }}
       annotations:
-        {{- toYaml . | nindent 8 }}
+        checksum/config-env: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-      {{- end }}
+        {{- with .Values.podAnnotations }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
       labels:
         {{- include "ironic.selectorLabels" . | nindent 8 }}
     spec:

metal3-chart/charts/ironic/values.yaml

@@ -50,8 +50,6 @@ global:
   # Comment this out when pinning the pdns containers to a specfic host.
   nodeSelector: {}
 
-  enable_tls: false
-
 replicaCount: 1
 
 images:
@@ -62,7 +60,7 @@ images:
   ironicIPADownloader:
     repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic-ipa-downloader
     pullPolicy: IfNotPresent
-    tag: 3.0.3
+    tag: 3.0.7
 
 nameOverride: ""
 fullnameOverride: ""

metal3-chart/charts/media/Chart.yaml

@@ -3,4 +3,4 @@ appVersion: 1.16.0
 description: A Helm chart for Media, used by Metal3
 name: media
 type: application
-version: 0.6.1
+version: 0.6.2

metal3-chart/charts/media/values.yaml

@@ -24,7 +24,7 @@ replicaCount: 1
 image:
   repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic
   pullPolicy: IfNotPresent
-  tag: 26.1.2.2
+  tag: 26.1.2.4
 
 imagePullSecrets: []
 nameOverride: ""

nm-configurator/_service

@@ -3,7 +3,7 @@
     <param name="url">https://github.com/suse-edge/nm-configurator.git</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="scm">git</param>
-    <param name="revision">v0.3.2</param>
+    <param name="revision">v0.3.3</param>
     <param name="match-tag">*</param>
     <param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
     <param name="versionrewrite-replacement">\1</param>

nm-configurator/_servicedata

@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/suse-edge/nm-configurator.git</param>
-              <param name="changesrevision">747301ba15a28e758d1f06070dc7ff29a5e80242</param></service></servicedata>
+              <param name="changesrevision">4563857d761c6d83e4013721f68ec4ac5828a1a7</param></service></servicedata>

nm-configurator/nm-configurator.obsinfo

@@ -1,4 +1,4 @@
 name: nm-configurator
-version: 0.3.2
+version: 0.3.3
-mtime: 1744218621
+mtime: 1748341626
-commit: 747301ba15a28e758d1f06070dc7ff29a5e80242
+commit: 4563857d761c6d83e4013721f68ec4ac5828a1a7

rancher-turtles-airgap-resources-chart/Chart.yaml

@@ -1,10 +1,10 @@
-#!BuildTag: %%CHART_PREFIX%%rancher-turtles-airgap-resources:%%CHART_MAJOR%%.0.0_up0.17.0
+#!BuildTag: %%CHART_PREFIX%%rancher-turtles-airgap-resources:%%CHART_MAJOR%%.0.3_up0.20.0
-#!BuildTag: %%CHART_PREFIX%%rancher-turtles-airgap-resources:%%CHART_MAJOR%%.0.0_up0.17.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%rancher-turtles-airgap-resources:%%CHART_MAJOR%%.0.3_up0.20.0-%RELEASE%
 apiVersion: v2
-appVersion: 0.17.0
+appVersion: 0.20.0
 description: Rancher Turtles utility chart for airgap scenarios
 home: https://github.com/rancher/turtles/
 icon: https://raw.githubusercontent.com/rancher/turtles/main/logos/capi.svg
 name: rancher-turtles-airgap-resources
 type: application
-version: "%%CHART_MAJOR%%.0.0+up0.17.0"
+version: "%%CHART_MAJOR%%.0.3+up0.20.0"

rancher-turtles-airgap-resources-chart/_service

@@ -2,7 +2,7 @@
   <service mode="buildtime" name="kiwi_metainfo_helper"/>
   <service name="replace_using_env" mode="buildtime">
     <param name="file">Chart.yaml</param>
-    <param name="eval">CHART_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})</param>
+    <param name="eval">CHART_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?chart_prefix})</param>
     <param name="var">CHART_PREFIX</param>
     <param name="eval">CHART_MAJOR=$(rpm --macros=/root/.rpmmacros -E %{?chart_major})</param>
     <param name="var">CHART_MAJOR</param>

rancher-turtles-airgap-resources-chart/templates/airgap-cm-fleet-addon.yaml

@@ -1,11 +1,900 @@
 apiVersion: v1
 data:
-  components: Not Found
+  components: |
-  metadata: Not Found
+    apiVersion: v1
+    kind: Namespace
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+        control-plane: controller-manager
+      name: caapf-system
+    ---
+    apiVersion: apiextensions.k8s.io/v1
+    kind: CustomResourceDefinition
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: fleetaddonconfigs.addons.cluster.x-k8s.io
+    spec:
+      group: addons.cluster.x-k8s.io
+      names:
+        categories: []
+        kind: FleetAddonConfig
+        plural: fleetaddonconfigs
+        shortNames: []
+        singular: fleetaddonconfig
+      scope: Cluster
+      versions:
+      - additionalPrinterColumns: []
+        name: v1alpha1
+        schema:
+          openAPIV3Schema:
+            description: Auto-generated derived type for FleetAddonConfigSpec via `CustomResource`
+            properties:
+              spec:
+                description: This provides a config for fleet addon functionality
+                properties:
+                  cluster:
+                    description: |-
+                      Enable Cluster config funtionality.
+
+                      This will create Fleet Cluster for each Cluster with the same name. In case the cluster specifies topology.class, the name of the `ClusterClass` will be added to the Fleet Cluster labels.
+                    nullable: true
+                    properties:
+                      agentEnvVars:
+                        description: '`AgentEnvVars` are extra environment variables to
+                          be added to the agent deployment.'
+                        items:
+                          description: EnvVar represents an environment variable present
+                            in a Container.
+                          properties:
+                            name:
+                              description: Name of the environment variable. Must be a
+                                C_IDENTIFIER.
+                              type: string
+                            value:
+                              description: 'Variable references $(VAR_NAME) are expanded
+                                using the previously defined environment variables in
+                                the container and any service environment variables. If
+                                a variable cannot be resolved, the reference in the input
+                                string will be unchanged. Double $$ are reduced to a single
+                                $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                                "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                                Escaped references will never be expanded, regardless
+                                of whether the variable exists or not. Defaults to "".'
+                              nullable: true
+                              type: string
+                            valueFrom:
+                              description: Source for the environment variable's value.
+                                Cannot be used if value is not empty.
+                              nullable: true
+                              properties:
+                                configMapKeyRef:
+                                  description: Selects a key of a ConfigMap.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      description: The key to select.
+                                      type: string
+                                    name:
+                                      description: 'Name of the referent. This field is
+                                        effectively required, but due to backwards compatibility
+                                        is allowed to be empty. Instances of this type
+                                        with an empty value here are almost certainly
+                                        wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                      nullable: true
+                                      type: string
+                                    optional:
+                                      description: Specify whether the ConfigMap or its
+                                        key must be defined
+                                      nullable: true
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                fieldRef:
+                                  description: 'Selects a field of the pod: supports metadata.name,
+                                    metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                    `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                    spec.serviceAccountName, status.hostIP, status.podIP,
+                                    status.podIPs.'
+                                  nullable: true
+                                  properties:
+                                    apiVersion:
+                                      description: Version of the schema the FieldPath
+                                        is written in terms of, defaults to "v1".
+                                      nullable: true
+                                      type: string
+                                    fieldPath:
+                                      description: Path of the field to select in the
+                                        specified API version.
+                                      type: string
+                                  required:
+                                  - fieldPath
+                                  type: object
+                                resourceFieldRef:
+                                  description: 'Selects a resource of the container: only
+                                    resources limits and requests (limits.cpu, limits.memory,
+                                    limits.ephemeral-storage, requests.cpu, requests.memory
+                                    and requests.ephemeral-storage) are currently supported.'
+                                  nullable: true
+                                  properties:
+                                    containerName:
+                                      description: 'Container name: required for volumes,
+                                        optional for env vars'
+                                      nullable: true
+                                      type: string
+                                    divisor:
+                                      description: Specifies the output format of the
+                                        exposed resources, defaults to "1"
+                                      nullable: true
+                                      x-kubernetes-int-or-string: true
+                                    resource:
+                                      description: 'Required: resource to select'
+                                      type: string
+                                  required:
+                                  - resource
+                                  type: object
+                                secretKeyRef:
+                                  description: Selects a key of a secret in the pod's
+                                    namespace
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      description: The key of the secret to select from.  Must
+                                        be a valid secret key.
+                                      type: string
+                                    name:
+                                      description: 'Name of the referent. This field is
+                                        effectively required, but due to backwards compatibility
+                                        is allowed to be empty. Instances of this type
+                                        with an empty value here are almost certainly
+                                        wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                      nullable: true
+                                      type: string
+                                    optional:
+                                      description: Specify whether the Secret or its key
+                                        must be defined
+                                      nullable: true
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                              type: object
+                          required:
+                          - name
+                          type: object
+                        nullable: true
+                        type: array
+                      agentNamespace:
+                        description: Namespace selection for the fleet agent
+                        nullable: true
+                        type: string
+                      agentTolerations:
+                        description: Agent taint toleration settings for every cluster
+                        items:
+                          description: The pod this Toleration is attached to tolerates
+                            any taint that matches the triple <key,value,effect> using
+                            the matching operator <operator>.
+                          properties:
+                            effect:
+                              description: Effect indicates the taint effect to match.
+                                Empty means match all taint effects. When specified, allowed
+                                values are NoSchedule, PreferNoSchedule and NoExecute.
+                              nullable: true
+                              type: string
+                            key:
+                              description: Key is the taint key that the toleration applies
+                                to. Empty means match all taint keys. If the key is empty,
+                                operator must be Exists; this combination means to match
+                                all values and all keys.
+                              nullable: true
+                              type: string
+                            operator:
+                              description: Operator represents a key's relationship to
+                                the value. Valid operators are Exists and Equal. Defaults
+                                to Equal. Exists is equivalent to wildcard for value,
+                                so that a pod can tolerate all taints of a particular
+                                category.
+                              nullable: true
+                              type: string
+                            tolerationSeconds:
+                              description: TolerationSeconds represents the period of
+                                time the toleration (which must be of effect NoExecute,
+                                otherwise this field is ignored) tolerates the taint.
+                                By default, it is not set, which means tolerate the taint
+                                forever (do not evict). Zero and negative values will
+                                be treated as 0 (evict immediately) by the system.
+                              format: int64
+                              nullable: true
+                              type: integer
+                            value:
+                              description: Value is the taint value the toleration matches
+                                to. If the operator is Exists, the value should be empty,
+                                otherwise just a regular string.
+                              nullable: true
+                              type: string
+                          type: object
+                        nullable: true
+                        type: array
+                      applyClassGroup:
+                        description: Apply a `ClusterGroup` for a `ClusterClass` referenced
+                          from a different namespace.
+                        nullable: true
+                        type: boolean
+                      hostNetwork:
+                        description: 'Host network allows to deploy agent configuration
+                          using hostNetwork: true setting which eludes dependency on the
+                          CNI configuration for the cluster.'
+                        nullable: true
+                        type: boolean
+                      namespaceSelector:
+                        description: Namespace label selector. If set, only clusters in
+                          the namespace matching label selector will be imported.
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that relates
+                                the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  type: string
+                                values:
+                                  description: values is an array of string values. If
+                                    the operator is In or NotIn, the values array must
+                                    be non-empty. If the operator is Exists or DoesNotExist,
+                                    the values array must be empty. This array is replaced
+                                    during a strategic merge patch.
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs. A
+                              single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is "key",
+                              the operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.
+                            type: object
+                        type: object
+                      naming:
+                        description: Naming settings for the fleet cluster
+                        nullable: true
+                        properties:
+                          prefix:
+                            description: Specify a prefix for the Cluster name, applied
+                              to created Fleet cluster
+                            nullable: true
+                            type: string
+                          suffix:
+                            description: Specify a suffix for the Cluster name, applied
+                              to created Fleet cluster
+                            nullable: true
+                            type: string
+                        type: object
+                      patchResource:
+                        description: Allow to patch resources, maintaining the desired
+                          state. If is not set, resources will only be re-created in case
+                          of removal.
+                        nullable: true
+                        type: boolean
+                      selector:
+                        description: Cluster label selector. If set, only clusters matching
+                          label selector will be imported.
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that relates
+                                the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  type: string
+                                values:
+                                  description: values is an array of string values. If
+                                    the operator is In or NotIn, the values array must
+                                    be non-empty. If the operator is Exists or DoesNotExist,
+                                    the values array must be empty. This array is replaced
+                                    during a strategic merge patch.
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs. A
+                              single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is "key",
+                              the operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.
+                            type: object
+                        type: object
+                      setOwnerReferences:
+                        description: Setting to disable setting owner references on the
+                          created resources
+                        nullable: true
+                        type: boolean
+                    required:
+                    - namespaceSelector
+                    - selector
+                    type: object
+                  clusterClass:
+                    description: |-
+                      Enable clusterClass controller functionality.
+
+                      This will create Fleet `ClusterGroups` for each `ClusterClaster` with the same name.
+                    nullable: true
+                    properties:
+                      patchResource:
+                        description: Allow to patch resources, maintaining the desired
+                          state. If is not set, resources will only be re-created in case
+                          of removal.
+                        nullable: true
+                        type: boolean
+                      setOwnerReferences:
+                        description: Setting to disable setting owner references on the
+                          created resources
+                        nullable: true
+                        type: boolean
+                    type: object
+                  config:
+                    nullable: true
+                    properties:
+                      bootstrapLocalCluster:
+                        description: Enable auto-installation of a fleet agent in the
+                          local cluster.
+                        nullable: true
+                        type: boolean
+                      featureGates:
+                        description: feature gates controlling experimental features
+                        nullable: true
+                        properties:
+                          configMap:
+                            description: '`FeaturesConfigMap` references a `ConfigMap`
+                              where to apply feature flags. If a `ConfigMap` is referenced,
+                              the controller will update it instead of upgrading the Fleet
+                              chart.'
+                            nullable: true
+                            properties:
+                              ref:
+                                description: ObjectReference contains enough information
+                                  to let you inspect or modify the referred object.
+                                nullable: true
+                                properties:
+                                  apiVersion:
+                                    description: API version of the referent.
+                                    type: string
+                                  fieldPath:
+                                    description: 'If referring to a piece of an object
+                                      instead of an entire object, this string should
+                                      contain a valid JSON/Go field access statement,
+                                      such as desiredState.manifest.containers[2]. For
+                                      example, if the object reference is to a container
+                                      within a pod, this would take on a value like: "spec.containers{name}"
+                                      (where "name" refers to the name of the container
+                                      that triggered the event) or if no container name
+                                      is specified "spec.containers[2]" (container with
+                                      index 2 in this pod). This syntax is chosen only
+                                      to have some well-defined way of referencing a part
+                                      of an object.'
+                                    type: string
+                                  kind:
+                                    description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                    type: string
+                                  namespace:
+                                    description: 'Namespace of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                                    type: string
+                                  resourceVersion:
+                                    description: 'Specific resourceVersion to which this
+                                      reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+                                    type: string
+                                  uid:
+                                    description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+                                    type: string
+                                type: object
+                            type: object
+                          experimentalHelmOps:
+                            description: Enables experimental Helm operations support.
+                            type: boolean
+                          experimentalOciStorage:
+                            description: Enables experimental OCI  storage support.
+                            type: boolean
+                        required:
+                        - experimentalHelmOps
+                        - experimentalOciStorage
+                        type: object
+                      server:
+                        description: fleet server url configuration options
+                        nullable: true
+                        oneOf:
+                        - required:
+                          - inferLocal
+                        - required:
+                          - custom
+                        properties:
+                          custom:
+                            properties:
+                              apiServerCaConfigRef:
+                                description: ObjectReference contains enough information
+                                  to let you inspect or modify the referred object.
+                                nullable: true
+                                properties:
+                                  apiVersion:
+                                    description: API version of the referent.
+                                    type: string
+                                  fieldPath:
+                                    description: 'If referring to a piece of an object
+                                      instead of an entire object, this string should
+                                      contain a valid JSON/Go field access statement,
+                                      such as desiredState.manifest.containers[2]. For
+                                      example, if the object reference is to a container
+                                      within a pod, this would take on a value like: "spec.containers{name}"
+                                      (where "name" refers to the name of the container
+                                      that triggered the event) or if no container name
+                                      is specified "spec.containers[2]" (container with
+                                      index 2 in this pod). This syntax is chosen only
+                                      to have some well-defined way of referencing a part
+                                      of an object.'
+                                    type: string
+                                  kind:
+                                    description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                    type: string
+                                  namespace:
+                                    description: 'Namespace of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                                    type: string
+                                  resourceVersion:
+                                    description: 'Specific resourceVersion to which this
+                                      reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+                                    type: string
+                                  uid:
+                                    description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+                                    type: string
+                                type: object
+                              apiServerUrl:
+                                nullable: true
+                                type: string
+                            type: object
+                          inferLocal:
+                            type: boolean
+                        type: object
+                    type: object
+                  install:
+                    nullable: true
+                    oneOf:
+                    - required:
+                      - followLatest
+                    - required:
+                      - version
+                    properties:
+                      followLatest:
+                        description: Follow the latest version of the chart on install
+                        type: boolean
+                      version:
+                        description: Use specific version to install
+                        type: string
+                    type: object
+                type: object
+              status:
+                nullable: true
+                properties:
+                  conditions:
+                    description: conditions represents the observations of a Fleet addon
+                      current state.
+                    items:
+                      description: Condition contains details for one aspect of the current
+                        state of this API Resource.
+                      properties:
+                        lastTransitionTime:
+                          description: lastTransitionTime is the last time the condition
+                            transitioned from one status to another. This should be when
+                            the underlying condition changed.  If that is not known, then
+                            using the time when the API field changed is acceptable.
+                          format: date-time
+                          type: string
+                        message:
+                          description: message is a human readable message indicating
+                            details about the transition. This may be an empty string.
+                          type: string
+                        observedGeneration:
+                          description: observedGeneration represents the .metadata.generation
+                            that the condition was set based upon. For instance, if .metadata.generation
+                            is currently 12, but the .status.conditions[x].observedGeneration
+                            is 9, the condition is out of date with respect to the current
+                            state of the instance.
+                          format: int64
+                          type: integer
+                        reason:
+                          description: reason contains a programmatic identifier indicating
+                            the reason for the condition's last transition. Producers
+                            of specific condition types may define expected values and
+                            meanings for this field, and whether the values are considered
+                            a guaranteed API. The value should be a CamelCase string.
+                            This field may not be empty.
+                          type: string
+                        status:
+                          description: status of the condition, one of True, False, Unknown.
+                          type: string
+                        type:
+                          description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                          type: string
+                      required:
+                      - lastTransitionTime
+                      - message
+                      - reason
+                      - status
+                      - type
+                      type: object
+                    type: array
+                  installedVersion:
+                    nullable: true
+                    type: string
+                type: object
+            required:
+            - spec
+            title: FleetAddonConfigValidated
+            type: object
+            x-kubernetes-validations:
+            - rule: self.metadata.name == 'fleet-addon-config'
+        served: true
+        storage: true
+        subresources:
+          status: {}
+    ---
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-controller-manager
+      namespace: caapf-system
+    ---
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-helm-manager
+      namespace: caapf-system
+    ---
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: Role
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-leader-election-role
+      namespace: caapf-system
+    rules:
+    - apiGroups:
+      - ""
+      resources:
+      - configmaps
+      verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - patch
+      - delete
+    - apiGroups:
+      - coordination.k8s.io
+      resources:
+      - leases
+      verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - patch
+      - delete
+    - apiGroups:
+      - ""
+      resources:
+      - events
+      verbs:
+      - create
+      - patch
+    ---
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRole
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-manager-role
+    rules:
+    - apiGroups:
+      - addons.cluster.x-k8s.io
+      resources:
+      - fleetaddonconfigs
+      - fleetaddonconfigs/status
+      verbs:
+      - '*'
+    - apiGroups:
+      - ""
+      resources:
+      - namespaces
+      verbs:
+      - list
+      - get
+      - watch
+    - apiGroups:
+      - ""
+      resources:
+      - namespaces
+      verbs:
+      - create
+    - apiGroups:
+      - events.k8s.io
+      resources:
+      - events
+      verbs:
+      - create
+    - apiGroups:
+      - ""
+      resources:
+      - secrets
+      verbs:
+      - get
+      - list
+      - watch
+    - apiGroups:
+      - ""
+      resources:
+      - configmaps
+      verbs:
+      - get
+      - patch
+      - list
+      - watch
+    - apiGroups:
+      - ""
+      resources:
+      - endpoints
+      verbs:
+      - get
+    - apiGroups:
+      - apiextensions.k8s.io
+      resources:
+      - customresourcedefinitions
+      verbs:
+      - get
+      - watch
+    - apiGroups:
+      - authentication.k8s.io
+      resources:
+      - tokenreviews
+      verbs:
+      - create
+    - apiGroups:
+      - authorization.k8s.io
+      resources:
+      - subjectaccessreviews
+      verbs:
+      - create
+    - apiGroups:
+      - bootstrap.cluster.x-k8s.io
+      - clusterctl.cluster.x-k8s.io
+      - controlplane.cluster.x-k8s.io
+      - infrastructure.cluster.x-k8s.io
+      resources:
+      - '*'
+      verbs:
+      - get
+      - list
+      - watch
+    - apiGroups:
+      - cluster.x-k8s.io
+      resources:
+      - clusters
+      - clusterclasses
+      verbs:
+      - get
+      - list
+      - watch
+      - patch
+    - apiGroups:
+      - fleet.cattle.io
+      resources:
+      - clusters
+      - clustergroups
+      - clusterregistrationtokens
+      - bundlenamespacemappings
+      verbs:
+      - create
+      - get
+      - list
+      - patch
+      - update
+      - watch
+    - apiGroups:
+      - fleet.cattle.io
+      resources:
+      - bundlenamespacemappings
+      verbs:
+      - delete
+    ---
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-helm-manager-rolebinding
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: cluster-admin
+    subjects:
+    - kind: ServiceAccount
+      name: caapf-helm-manager
+      namespace: caapf-system
+    ---
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-manager-rolebinding
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: caapf-manager-role
+    subjects:
+    - kind: ServiceAccount
+      name: caapf-controller-manager
+      namespace: caapf-system
+    ---
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      annotations:
+        kubernetes.io/service-account.name: caapf-helm-manager
+      labels:
+        cluster.x-k8s.io/fleet-addon-registration: "true"
+        cluster.x-k8s.io/provider: fleet
+      name: caapf-helm-manager
+      namespace: caapf-system
+    type: kubernetes.io/service-account-token
+    ---
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      labels:
+        cluster.x-k8s.io/provider: fleet
+        control-plane: controller-manager
+      name: caapf-controller-manager
+      namespace: caapf-system
+    spec:
+      replicas: 1
+      selector:
+        matchLabels:
+          cluster.x-k8s.io/provider: fleet
+          control-plane: controller-manager
+      template:
+        metadata:
+          annotations:
+            kubectl.kubernetes.io/default-container: manager
+          labels:
+            cluster.x-k8s.io/provider: fleet
+            control-plane: controller-manager
+        spec:
+          containers:
+          - image: ghcr.io/rancher-sandbox/cluster-api-addon-provider-fleet:v0.10.0
+            imagePullPolicy: IfNotPresent
+            name: manager
+            ports:
+            - containerPort: 8443
+              name: http
+              protocol: TCP
+            readinessProbe:
+              httpGet:
+                path: /health
+                port: http
+              initialDelaySeconds: 5
+              periodSeconds: 5
+            resources:
+              limits:
+                cpu: 100m
+                memory: 150Mi
+              requests:
+                cpu: 100m
+                memory: 100Mi
+          - args:
+            - --helm-install
+            image: ghcr.io/rancher-sandbox/cluster-api-addon-provider-fleet:v0.10.0
+            name: helm-manager
+            resources:
+              limits:
+                cpu: 100m
+                memory: 150Mi
+              requests:
+                cpu: 100m
+                memory: 100Mi
+            volumeMounts:
+            - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
+              name: helm-kubeconfig
+              readOnly: true
+          serviceAccountName: caapf-controller-manager
+          terminationGracePeriodSeconds: 10
+          volumes:
+          - name: helm-kubeconfig
+            secret:
+              secretName: caapf-helm-manager
+  metadata: |
+    apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
+    releaseSeries:
+      - major: 0
+        minor: 1
+        contract: v1beta1
+      - major: 0
+        minor: 2
+        contract: v1beta1
+      - major: 0
+        minor: 3
+        contract: v1beta1
+      - major: 0
+        minor: 4
+        contract: v1beta1
+      - major: 0
+        minor: 5
+        contract: v1beta1
+      - major: 0
+        minor: 6
+        contract: v1beta1
+      - major: 0
+        minor: 7
+        contract: v1beta1
+      - major: 0
+        minor: 8
+        contract: v1beta1
+      - major: 0
+        minor: 9
+        contract: v1beta1
+      - major: 0
+        minor: 10
+        contract: v1beta1
 kind: ConfigMap
 metadata:
   creationTimestamp: null
-  name: v0.6.0
+  name: v0.10.0
   namespace: rancher-turtles-system
   labels:
     provider-components: fleet

rancher-turtles-airgap-resources-chart/templates/airgap-cm-rke2-bootstrap.yaml

@@ -22,7 +22,7 @@ data:
     metadata:
       annotations:
         cert-manager.io/inject-ca-from: rke2-bootstrap-system/rke2-bootstrap-serving-cert
-        controller-gen.kubebuilder.io/version: v0.16.1
+        controller-gen.kubebuilder.io/version: v0.17.3
       labels:
         cluster.x-k8s.io/provider: bootstrap-rke2
         cluster.x-k8s.io/v1beta1: v1alpha1_v1beta1
@@ -1218,7 +1218,7 @@ data:
     metadata:
       annotations:
         cert-manager.io/inject-ca-from: rke2-bootstrap-system/rke2-bootstrap-serving-cert
-        controller-gen.kubebuilder.io/version: v0.16.1
+        controller-gen.kubebuilder.io/version: v0.17.3
       labels:
         cluster.x-k8s.io/provider: bootstrap-rke2
         cluster.x-k8s.io/v1beta1: v1alpha1_v1beta1
@@ -2525,9 +2525,11 @@ data:
             - --leader-elect
             - --diagnostics-address=${CAPRKE2_DIAGNOSTICS_ADDRESS:=:8443}
             - --insecure-diagnostics=${CAPRKE2_INSECURE_DIAGNOSTICS:=false}
+            - --feature-gates=MachinePool=${EXP_MACHINE_POOL:=true}
+            - --v=${CAPRKE2_DEBUG_LEVEL:=0}
             command:
             - /manager
-            image: ghcr.io/rancher/cluster-api-provider-rke2-bootstrap:v0.12.0
+            image: ghcr.io/rancher/cluster-api-provider-rke2-bootstrap:v0.16.1
             imagePullPolicy: IfNotPresent
             livenessProbe:
               httpGet:
@@ -2750,10 +2752,22 @@ data:
       - major: 0
         minor: 12
         contract: v1beta1
+      - major: 0
+        minor: 13
+        contract: v1beta1
+      - major: 0
+        minor: 14
+        contract: v1beta1
+      - major: 0
+        minor: 15
+        contract: v1beta1
+      - major: 0
+        minor: 16
+        contract: v1beta1
 kind: ConfigMap
 metadata:
   creationTimestamp: null
-  name: v0.12.0
+  name: v0.16.1
   namespace: rke2-bootstrap-system
   labels:
     provider-components: rke2-bootstrap

rancher-turtles-airgap-resources-chart/templates/airgap-cm-rke2-control-plane.yaml

@@ -22,7 +22,7 @@ data:
     metadata:
       annotations:
         cert-manager.io/inject-ca-from: rke2-control-plane-system/rke2-control-plane-serving-cert
-        controller-gen.kubebuilder.io/version: v0.16.1
+        controller-gen.kubebuilder.io/version: v0.17.3
       labels:
         cluster.x-k8s.io/provider: control-plane-rke2
         cluster.x-k8s.io/v1beta1: v1alpha1_v1beta1
@@ -1744,12 +1744,23 @@ data:
                               More info: http://kubernetes.io/docs/user-guide/labels
                             type: object
                         type: object
+                      nodeDeletionTimeout:
+                        description: |-
+                          nodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine
+                          hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely.
+                          If no value is provided, the default value for this property of the Machine resource will be used.
+                        type: string
                       nodeDrainTimeout:
                         description: |-
                           NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node
                           The default value is 0, meaning that the node can be drained without any time limitations.
                           NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`
                         type: string
+                      nodeVolumeDetachTimeout:
+                        description: |-
+                          nodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes
+                          to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.
+                        type: string
                     required:
                     - infrastructureRef
                     type: object
@@ -1974,6 +1985,54 @@ data:
                     - control-plane-endpoint
                     - ""
                     type: string
+                  remediationStrategy:
+                    description: remediationStrategy is the RemediationStrategy that controls
+                      how control plane machine remediation happens.
+                    properties:
+                      maxRetry:
+                        description: "maxRetry is the Max number of retries while attempting
+                          to remediate an unhealthy machine.\nA retry happens when a machine
+                          that was created as a replacement for an unhealthy machine also
+                          fails.\nFor example, given a control plane with three machines
+                          M1, M2, M3:\n\n\tM1 become unhealthy; remediation happens, and
+                          M1-1 is created as a replacement.\n\tIf M1-1 (replacement of
+                          M1) has problems while bootstrapping it will become unhealthy,
+                          and then be\n\tremediated; such operation is considered a retry,
+                          remediation-retry #1.\n\tIf M1-2 (replacement of M1-1) becomes
+                          unhealthy, remediation-retry #2 will happen, etc.\n\nA retry
+                          could happen only after RetryPeriod from the previous retry.\nIf
+                          a machine is marked as unhealthy after MinHealthyPeriod from
+                          the previous remediation expired,\nthis is not considered a
+                          retry anymore because the new issue is assumed unrelated from
+                          the previous one.\n\nIf not set, the remedation will be retried
+                          infinitely."
+                        format: int32
+                        type: integer
+                      minHealthyPeriod:
+                        description: "minHealthyPeriod defines the duration after which
+                          RKE2ControlPlane will consider any failure to a machine unrelated\nfrom
+                          the previous one. In this case the remediation is not considered
+                          a retry anymore, and thus the retry\ncounter restarts from 0.
+                          For example, assuming MinHealthyPeriod is set to 1h (default)\n\n\tM1
+                          become unhealthy; remediation happens, and M1-1 is created as
+                          a replacement.\n\tIf M1-1 (replacement of M1) has problems within
+                          the 1hr after the creation, also\n\tthis machine will be remediated
+                          and this operation is considered a retry - a problem related\n\tto
+                          the original issue happened to M1 -.\n\n\tIf instead the problem
+                          on M1-1 is happening after MinHealthyPeriod expired, e.g. four
+                          days after\n\tm1-1 has been created as a remediation of M1,
+                          the problem on M1-1 is considered unrelated to\n\tthe original
+                          issue happened to M1.\n\nIf not set, this value is defaulted
+                          to 1h."
+                        type: string
+                      retryPeriod:
+                        description: |-
+                          retryPeriod is the duration that RKE2ControlPlane should wait before remediating a machine being created as a replacement
+                          for an unhealthy machine (a retry).
+
+                          If not set, a retry will happen immediately.
+                        type: string
+                    type: object
                   replicas:
                     description: Replicas is the number of replicas for the Control Plane.
                     format: int32
@@ -2185,9 +2244,15 @@ data:
                               - rke2-coredns
                               - rke2-ingress-nginx
                               - rke2-metrics-server
+                              - rke2-snapshot-controller
+                              - rke2-snapshot-controller-crd
+                              - rke2-snapshot-validation-webhook
                               type: string
                             type: array
                         type: object
+                      embeddedRegistry:
+                        description: EmbeddedRegistry enables the embedded registry.
+                        type: boolean
                       etcd:
                         description: Etcd defines optional custom configuration of ETCD.
                         properties:
@@ -2541,14 +2606,42 @@ data:
                     description: Initialized indicates the target cluster has completed
                       initialization.
                     type: boolean
+                  lastRemediation:
+                    description: lastRemediation stores info about last remediation performed.
+                    properties:
+                      machine:
+                        description: machine is the machine name of the latest machine
+                          being remediated.
+                        maxLength: 253
+                        minLength: 1
+                        type: string
+                      retryCount:
+                        description: |-
+                          retryCount used to keep track of remediation retry for the last remediated machine.
+                          A retry happens when a machine that was created as a replacement for an unhealthy machine also fails.
+                        type: integer
+                      timestamp:
+                        description: timestamp is when last remediation happened. It is
+                          represented in RFC3339 form and is in UTC.
+                        format: date-time
+                        type: string
+                    required:
+                    - machine
+                    - retryCount
+                    - timestamp
+                    type: object
                   observedGeneration:
                     description: ObservedGeneration is the latest generation observed
                       by the controller.
                     format: int64
                     type: integer
                   ready:
-                    description: Ready indicates the BootstrapData field is ready to be
+                    description: |-
-                      consumed.
+                      Ready denotes that the RKE2ControlPlane API Server became ready during initial provisioning
+                      to receive requests.
+                      NOTE: this field is part of the Cluster API contract and it is used to orchestrate provisioning.
+                      The value of this field is never updated after provisioning is completed. Please use conditions
+                      to check the operational state of the control plane.
                     type: boolean
                   readyReplicas:
                     description: ReadyReplicas is the number of replicas current attached
@@ -2589,7 +2682,7 @@ data:
     metadata:
       annotations:
         cert-manager.io/inject-ca-from: rke2-control-plane-system/rke2-control-plane-serving-cert
-        controller-gen.kubebuilder.io/version: v0.16.1
+        controller-gen.kubebuilder.io/version: v0.17.3
       labels:
         cluster.x-k8s.io/provider: control-plane-rke2
         cluster.x-k8s.io/v1beta1: v1alpha1_v1beta1
@@ -3152,12 +3245,23 @@ data:
                                       More info: http://kubernetes.io/docs/user-guide/labels
                                     type: object
                                 type: object
+                              nodeDeletionTimeout:
+                                description: |-
+                                  nodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine
+                                  hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely.
+                                  If no value is provided, the default value for this property of the Machine resource will be used.
+                                type: string
                               nodeDrainTimeout:
                                 description: |-
                                   NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node
                                   The default value is 0, meaning that the node can be drained without any time limitations.
                                   NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`
                                 type: string
+                              nodeVolumeDetachTimeout:
+                                description: |-
+                                  nodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes
+                                  to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.
+                                type: string
                             required:
                             - infrastructureRef
                             type: object
@@ -3384,6 +3488,57 @@ data:
                             - control-plane-endpoint
                             - ""
                             type: string
+                          remediationStrategy:
+                            description: remediationStrategy is the RemediationStrategy
+                              that controls how control plane machine remediation happens.
+                            properties:
+                              maxRetry:
+                                description: "maxRetry is the Max number of retries while
+                                  attempting to remediate an unhealthy machine.\nA retry
+                                  happens when a machine that was created as a replacement
+                                  for an unhealthy machine also fails.\nFor example, given
+                                  a control plane with three machines M1, M2, M3:\n\n\tM1
+                                  become unhealthy; remediation happens, and M1-1 is created
+                                  as a replacement.\n\tIf M1-1 (replacement of M1) has
+                                  problems while bootstrapping it will become unhealthy,
+                                  and then be\n\tremediated; such operation is considered
+                                  a retry, remediation-retry #1.\n\tIf M1-2 (replacement
+                                  of M1-1) becomes unhealthy, remediation-retry #2 will
+                                  happen, etc.\n\nA retry could happen only after RetryPeriod
+                                  from the previous retry.\nIf a machine is marked as
+                                  unhealthy after MinHealthyPeriod from the previous remediation
+                                  expired,\nthis is not considered a retry anymore because
+                                  the new issue is assumed unrelated from the previous
+                                  one.\n\nIf not set, the remedation will be retried infinitely."
+                                format: int32
+                                type: integer
+                              minHealthyPeriod:
+                                description: "minHealthyPeriod defines the duration after
+                                  which RKE2ControlPlane will consider any failure to
+                                  a machine unrelated\nfrom the previous one. In this
+                                  case the remediation is not considered a retry anymore,
+                                  and thus the retry\ncounter restarts from 0. For example,
+                                  assuming MinHealthyPeriod is set to 1h (default)\n\n\tM1
+                                  become unhealthy; remediation happens, and M1-1 is created
+                                  as a replacement.\n\tIf M1-1 (replacement of M1) has
+                                  problems within the 1hr after the creation, also\n\tthis
+                                  machine will be remediated and this operation is considered
+                                  a retry - a problem related\n\tto the original issue
+                                  happened to M1 -.\n\n\tIf instead the problem on M1-1
+                                  is happening after MinHealthyPeriod expired, e.g. four
+                                  days after\n\tm1-1 has been created as a remediation
+                                  of M1, the problem on M1-1 is considered unrelated to\n\tthe
+                                  original issue happened to M1.\n\nIf not set, this value
+                                  is defaulted to 1h."
+                                type: string
+                              retryPeriod:
+                                description: |-
+                                  retryPeriod is the duration that RKE2ControlPlane should wait before remediating a machine being created as a replacement
+                                  for an unhealthy machine (a retry).
+
+                                  If not set, a retry will happen immediately.
+                                type: string
+                            type: object
                           replicas:
                             description: Replicas is the number of replicas for the Control
                               Plane.
@@ -3601,9 +3756,15 @@ data:
                                       - rke2-coredns
                                       - rke2-ingress-nginx
                                       - rke2-metrics-server
+                                      - rke2-snapshot-controller
+                                      - rke2-snapshot-controller-crd
+                                      - rke2-snapshot-validation-webhook
                                       type: string
                                     type: array
                                 type: object
+                              embeddedRegistry:
+                                description: EmbeddedRegistry enables the embedded registry.
+                                type: boolean
                               etcd:
                                 description: Etcd defines optional custom configuration
                                   of ETCD.
@@ -3974,14 +4135,42 @@ data:
                     description: Initialized indicates the target cluster has completed
                       initialization.
                     type: boolean
+                  lastRemediation:
+                    description: lastRemediation stores info about last remediation performed.
+                    properties:
+                      machine:
+                        description: machine is the machine name of the latest machine
+                          being remediated.
+                        maxLength: 253
+                        minLength: 1
+                        type: string
+                      retryCount:
+                        description: |-
+                          retryCount used to keep track of remediation retry for the last remediated machine.
+                          A retry happens when a machine that was created as a replacement for an unhealthy machine also fails.
+                        type: integer
+                      timestamp:
+                        description: timestamp is when last remediation happened. It is
+                          represented in RFC3339 form and is in UTC.
+                        format: date-time
+                        type: string
+                    required:
+                    - machine
+                    - retryCount
+                    - timestamp
+                    type: object
                   observedGeneration:
                     description: ObservedGeneration is the latest generation observed
                       by the controller.
                     format: int64
                     type: integer
                   ready:
-                    description: Ready indicates the BootstrapData field is ready to be
+                    description: |-
-                      consumed.
+                      Ready denotes that the RKE2ControlPlane API Server became ready during initial provisioning
+                      to receive requests.
+                      NOTE: this field is part of the Cluster API contract and it is used to orchestrate provisioning.
+                      The value of this field is never updated after provisioning is completed. Please use conditions
+                      to check the operational state of the control plane.
                     type: boolean
                   readyReplicas:
                     description: ReadyReplicas is the number of replicas current attached
@@ -4097,6 +4286,14 @@ data:
       - patch
       - update
       - watch
+    - apiGroups:
+      - apiextensions.k8s.io
+      resources:
+      - customresourcedefinitions
+      verbs:
+      - get
+      - list
+      - watch
     - apiGroups:
       - authentication.k8s.io
       resources:
@@ -4248,6 +4445,7 @@ data:
             - --leader-elect
             - --diagnostics-address=${CAPRKE2_DIAGNOSTICS_ADDRESS:=:8443}
             - --insecure-diagnostics=${CAPRKE2_INSECURE_DIAGNOSTICS:=false}
+            - --v=${CAPRKE2_DEBUG_LEVEL:=0}
             command:
             - /manager
             env:
@@ -4263,7 +4461,7 @@ data:
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.uid
-            image: ghcr.io/rancher/cluster-api-provider-rke2-controlplane:v0.12.0
+            image: ghcr.io/rancher/cluster-api-provider-rke2-controlplane:v0.16.1
             imagePullPolicy: IfNotPresent
             livenessProbe:
               httpGet:
@@ -4493,10 +4691,22 @@ data:
       - major: 0
         minor: 12
         contract: v1beta1
+      - major: 0
+        minor: 13
+        contract: v1beta1
+      - major: 0
+        minor: 14
+        contract: v1beta1
+      - major: 0
+        minor: 15
+        contract: v1beta1
+      - major: 0
+        minor: 16
+        contract: v1beta1
 kind: ConfigMap
 metadata:
   creationTimestamp: null
-  name: v0.12.0
+  name: v0.16.1
   namespace: rke2-control-plane-system
   labels:
     provider-components: rke2-control-plane

rancher-turtles-chart/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: cluster-api-operator
   repository: https://kubernetes-sigs.github.io/cluster-api-operator
-  version: 0.17.0
+  version: 0.18.1
-digest: sha256:c564dd1edce5e74cf5747adfa2477b3f0b9bae2b17a21b4c7312b2c1adbda64e
+digest: sha256:7ad59ce8888c32723b4ef1ae5f334fdff00a8aba87e6f1de76d605f134bff354
-generated: "2025-02-27T10:39:03.203623466Z"
+generated: "2025-05-29T09:13:16.863770955Z"

rancher-turtles-chart/Chart.yaml

@@ -1,5 +1,5 @@
-#!BuildTag: %%CHART_PREFIX%%rancher-turtles:%%CHART_MAJOR%%.0.0_up0.17.0
+#!BuildTag: %%CHART_PREFIX%%rancher-turtles:%%CHART_MAJOR%%.0.3_up0.20.0
-#!BuildTag: %%CHART_PREFIX%%rancher-turtles:%%CHART_MAJOR%%.0.0_up0.17.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%rancher-turtles:%%CHART_MAJOR%%.0.3_up0.20.0-%RELEASE%
 annotations:
   catalog.cattle.io/certified: rancher
   catalog.cattle.io/display-name: Rancher Turtles - the Cluster API Extension
@@ -7,12 +7,12 @@ annotations:
   catalog.cattle.io/namespace: rancher-turtles-system
   catalog.cattle.io/os: linux
   catalog.cattle.io/permits-os: linux
-  catalog.cattle.io/rancher-version: '>= 2.10.0-1'
+  catalog.cattle.io/rancher-version: '>= 2.11.0-1'
   catalog.cattle.io/release-name: rancher-turtles
   catalog.cattle.io/scope: management
   catalog.cattle.io/type: cluster-tool
 apiVersion: v2
-appVersion: 0.17.0
+appVersion: 0.20.0
 dependencies:
 - condition: cluster-api-operator.enabled
   name: cluster-api-operator
@@ -29,4 +29,4 @@ keywords:
 - provisioning
 name: rancher-turtles
 type: application
-version: "%%CHART_MAJOR%%.0.0+up0.17.0"
+version: "%%CHART_MAJOR%%.0.3+up0.20.0"

rancher-turtles-chart/RELEASE_NOTES.md

@@ -1,4 +1,6 @@
-gh: To use GitHub CLI in a GitHub Actions workflow, set the GH_TOKEN environment variable. Example:
+## Changes since v0.20.0-rc.0
-  env:
+---
-    GH_TOKEN: ${{ github.token }}
+## :chart_with_upwards_trend: Overview
-: exit status 4
+
+
+_Thanks to all our contributors!_ 😊

rancher-turtles-chart/questions.yml

@@ -29,12 +29,6 @@ questions:
         description: "Flag to enable or disable installation of the RKE2 provider for Cluster API. By default this is enabled."
         label: "Enable RKE2 Provider"
         type: boolean
-      - variable: rancherTurtles.features.addon-provider-fleet.enabled
-        default: true
-        description: "[BETA] Enable Fleet Addon Provider functionality in Rancher Turtles."
-        type: boolean
-        label: Seamless integration with Fleet and CAPI
-        group: "Rancher Turtles Features Settings"
       - variable: rancherTurtles.features.agent-tls-mode.enabled
         default: false
         description: "[ALPHA] If enabled Turtles will use the agent-tls-mode setting to determine CA cert trust mode for importing clusters."
@@ -42,7 +36,7 @@ questions:
         label: Enable Agent TLS Mode
         group: "Rancher Turtles Features Settings"
       - variable: rancherTurtles.kubectlImage
-        default: "registry.suse.com/edge/3.2/kubectl:1.30.3"
+        default: "registry.suse.com/edge/3.2/kubectl:1.32.4"
         description: "Specify the image to use when running kubectl in jobs."
         type: string
         label: Kubectl Image

rancher-turtles-chart/templates/addon-provider-fleet.yaml

@@ -1,5 +1,3 @@
-{{- if index .Values "rancherTurtles" "features" "addon-provider-fleet" "enabled" }}
----
 apiVersion: turtles-capi.cattle.io/v1alpha1
 kind: CAPIProvider
 metadata:
@@ -10,12 +8,6 @@ metadata:
     "helm.sh/hook-weight": "2"
 spec:
   type: addon
-  deployment:
-    containers:
-    - name: manager
-      imageUrl: registry.rancher.com/rancher/cluster-api-fleet-controller:v0.6.0
-    - name: helm-manager
-      imageUrl: registry.rancher.com/rancher/cluster-api-fleet-controller:v0.6.0
   additionalManifests:
     name: fleet-addon-config
     namespace: '{{ .Values.rancherTurtles.namespace }}'
@@ -35,10 +27,22 @@ data:
     metadata:
       name: fleet-addon-config
     spec:
+      config:
+        featureGates:
+          configMap:
+            ref:
+              kind: ConfigMap
+              apiVersion: v1
+              name: rancher-config
+              namespace: cattle-system
+          experimentalOciStorage: true
+          experimentalHelmOps: true
       clusterClass:
         patchResource: true
         setOwnerReferences: true
       cluster:
+        agentNamespace: cattle-fleet-system
+        applyClassGroup: true
         patchResource: true
         setOwnerReferences: true
         hostNetwork: true
@@ -54,4 +58,3 @@ data:
           matchExpressions:
             - key: cluster-api.cattle.io/disable-fleet-auto-import
               operator: DoesNotExist
-{{- end }}

rancher-turtles-chart/templates/deployment.yaml

@@ -26,7 +26,7 @@ spec:
       containers:
       - args:
         - --leader-elect
-        - --feature-gates=addon-provider-fleet={{ index .Values "rancherTurtles" "features" "addon-provider-fleet" "enabled"}},agent-tls-mode={{ index .Values "rancherTurtles" "features" "agent-tls-mode" "enabled"}},ui-plugin={{ index .Values "turtlesUI" "enabled"}}
+        - --feature-gates=agent-tls-mode={{ index .Values "rancherTurtles" "features" "agent-tls-mode" "enabled"}},ui-plugin={{ index .Values "turtlesUI" "enabled"}}
         {{- range .Values.rancherTurtles.managerArguments }}
         - {{ . }}
         {{- end }}  

rancher-turtles-chart/templates/rancher-turtles-components.yaml

@@ -3103,9 +3103,9 @@ spec:
             - message: Config secret namespace is always equal to the resource namespace
                 and should not be set.
               rule: '!has(self.configSecret) || !has(self.configSecret.__namespace__)'
-            - message: One of fetchConfig url or selector should be set.
+            - message: One of fetchConfig oci, url or selector should be set.
-              rule: '!has(self.fetchConfig) || [has(self.fetchConfig.url), has(self.fetchConfig.selector)].exists_one(e,
+              rule: '!has(self.fetchConfig) || [has(self.fetchConfig.oci), has(self.fetchConfig.url),
-                e)'
+                has(self.fetchConfig.selector)].exists_one(e, e)'
           status:
             default: {}
             description: CAPIProviderStatus defines the observed state of CAPIProvider.

rancher-turtles-chart/values.schema.json

@@ -0,0 +1,403 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "Helm Chart Values Schema",
+  "type": "object",
+  "properties": {
+    "turtlesUI": {
+      "type": "object",
+      "description": "Manages the UI component.",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "default": false,
+          "description": "Turn UI on or off."
+        },
+        "version": {
+          "type": "string",
+          "default": "0.8.2",
+          "description": "UI version to use."
+        }
+      }
+    },
+    "rancherTurtles": {
+      "type": "object",
+      "description": "Sets up the cluster management controller.",
+      "properties": {
+        "image": {
+          "type": "string",
+          "default": "controller",
+          "description": "Controller container image."
+        },
+        "imageVersion": {
+          "type": "string",
+          "default": "v0.0.0",
+          "description": "Image tag."
+        },
+        "imagePullPolicy": {
+          "type": "string",
+          "default": "IfNotPresent",
+          "description": "Specify image pull policy."
+        },
+        "namespace": {
+          "type": "string",
+          "default": "rancher-turtles-system",
+          "description": "Namespace for Turtles to run."
+        },
+        "managerArguments": {
+          "type": "array",
+          "default": [],
+          "description": "Extra args for the controller.",
+          "items": { "type": "string" }
+        },
+        "imagePullSecrets": {
+          "type": "array",
+          "default": [],
+          "description": "Secrets for private registries.",
+          "items": { "type": "string" }
+        },
+        "rancherInstalled": {
+          "type": "boolean",
+          "default": true,
+          "description": "True if Rancher is already installed in the cluster."
+        },
+        "kubectlImage": {
+          "type": "string",
+          "default": "registry.k8s.io/kubernetes/kubectl:v1.30.0",
+          "description": "Image for kubectl tasks."
+        },
+        "features": {
+          "type": "object",
+          "description": "Optional and experimental features.",
+          "properties": {
+            "day2operations": {
+              "type": "object",
+              "description": "Alpha feature.",
+              "properties": {
+                "enabled": {
+                  "type": "boolean",
+                  "default": false,
+                  "description": "Turn on or off."
+                },
+                "image": {
+                  "type": "string",
+                  "default": "controller",
+                  "description": "Image for day-2 ops."
+                },
+                "imageVersion": {
+                  "type": "string",
+                  "default": "v0.0.0",
+                  "description": "Image tag."
+                },
+                "imagePullPolicy": {
+                  "type": "string",
+                  "default": "IfNotPresent",
+                  "description": "Specify image pull policy."
+                },
+                "etcdBackupRestore": {
+                  "type": "object",
+                  "description": "Manages etcd backup/restore.",
+                  "properties": {
+                    "enabled": {
+                      "type": "boolean",
+                      "default": false,
+                      "description": "Turn on (true) or off (false)."
+                    }
+                  }
+                }
+              }
+            },
+            "addon-provider-fleet": {
+              "type": "object",
+              "description": "Beta feature for fleet addons.",
+              "properties": {
+                "enabled": {
+                  "type": "boolean",
+                  "default": true,
+                  "description": "Turn on or off."
+                }
+              }
+            },
+            "agent-tls-mode": {
+              "type": "object",
+              "description": "Alpha feature for agent TLS.",
+              "properties": {
+                "enabled": {
+                  "type": "boolean",
+                  "default": false,
+                  "description": "Turn on or off."
+                }
+              }
+            },
+            "clusterclass-operations": {
+              "type": "object",
+              "description": "Alpha feature. Not ready for testing yet.",
+              "properties": {
+                "enabled": {
+                  "type": "boolean",
+                  "default": false,
+                  "description": "Turn on or off."
+                },
+                "image": {
+                  "type": "string",
+                  "default": "controller",
+                  "description": "Image for cluster class ops."
+                },
+                "imageVersion": {
+                  "type": "string",
+                  "default": "v0.0.0",
+                  "description": "Image tag."
+                },
+                "imagePullPolicy": {
+                  "type": "string",
+                  "default": "IfNotPresent",
+                  "description": "Pull policy."
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "cluster-api-operator": {
+      "type": "object",
+      "description": "Manages Cluster API components.",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "default": true,
+          "description": "Turn on or off."
+        },
+        "cert-manager": {
+          "type": "object",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "default": false,
+              "description": "Turn on or off."
+            }
+          }
+        },
+        "volumes": {
+          "type": "array",
+          "description": "Volumes for operator pods (certs, config).",
+          "items": {
+            "type": "object",
+            "oneOf": [
+              {
+                "required": ["name", "secret"],
+                "properties": {
+                  "name": { "type": "string" },
+                  "secret": {
+                    "type": "object",
+                    "properties": {
+                      "defaultMode": {
+                        "type": "integer",
+                        "default": 420,
+                        "description": "File permissions."
+                      },
+                      "secretName": {
+                        "type": "string",
+                        "default": "capi-operator-webhook-service-cert",
+                        "description": "Secret for webhook certs."
+                      }
+                    }
+                  }
+                }
+              },
+              {
+                "required": ["name", "configMap"],
+                "properties": {
+                  "name": { "type": "string" },
+                  "configMap": {
+                    "type": "object",
+                    "properties": {
+                      "name": {
+                        "type": "string",
+                        "default": "clusterctl-config",
+                        "description": "ConfigMap for clusterctl."
+                      }
+                    }
+                  }
+                }
+              }
+            ]
+          }
+        },
+        "image": {
+          "type": "object",
+          "properties": {
+            "manager": {
+              "type": "object",
+              "properties": {
+                "repository": {
+                  "type": "string",
+                  "default": "registry.rancher.com/rancher/cluster-api-operator",
+                  "description": "Image repo."
+                }
+              }
+            }
+          }
+        },
+        "volumeMounts": {
+          "type": "object",
+          "properties": {
+            "manager": {
+              "type": "array",
+              "description": "Mount volumes to pods.",
+              "items": {
+                "type": "object",
+                "properties": {
+                  "mountPath": { "type": "string" },
+                  "name": { "type": "string" },
+                  "readOnly": {
+                    "type": "boolean",
+                    "default": true,
+                    "description": "Mount as read-only."
+                  }
+                }
+              }
+            }
+          }
+        },
+        "resources": {
+          "type": "object",
+          "properties": {
+            "manager": {
+              "type": "object",
+              "properties": {
+                "limits": {
+                  "type": "object",
+                  "properties": {
+                    "cpu": {
+                      "type": "string",
+                      "description": "CPU limit."
+                    },
+                    "memory": {
+                      "type": "string",
+                      "description": "Memory limit."
+                    }
+                  }
+                },
+                "requests": {
+                  "type": "object",
+                  "properties": {
+                    "cpu": {
+                      "type": "string",
+                      "description": "CPU request."
+                    },
+                    "memory": {
+                      "type": "string",
+                      "description": "Memory request."
+                    }
+                  }
+                }
+              }
+            }
+          }
+        },
+        "cleanup": {
+          "type": "boolean",
+          "default": true,
+          "description": "Enable cleanup tasks."
+        },
+        "cluster-api": {
+          "type": "object",
+          "description": "Cluster API component settings.",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "default": true,
+              "description": "Turn on or off."
+            },
+            "configSecret": {
+              "type": "object",
+              "properties": {
+                "name": {
+                  "type": "string",
+                  "default": "",
+                  "description": "Custom secret name (if overriding)."
+                },
+                "defaultName": {
+                  "type": "string",
+                  "default": "capi-env-variables",
+                  "description": "Default secret name."
+                }
+              }
+            },
+            "core": {
+              "type": "object",
+              "properties": {
+                "namespace": {
+                  "type": "string",
+                  "default": "capi-system",
+                  "description": "Core component namespace."
+                },
+                "imageUrl": {
+                  "type": "string",
+                  "default": "",
+                  "description": "Custom image URL."
+                },
+                "fetchConfig": {
+                  "type": "object",
+                  "properties": {
+                    "url": { "type": "string", "default": "" },
+                    "selector": { "type": "string", "default": "" }
+                  }
+                }
+              }
+            },
+            "rke2": {
+              "type": "object",
+              "properties": {
+                "enabled": {
+                  "type": "boolean",
+                  "default": true,
+                  "description": "Turn on or off."
+                },
+                "version": {
+                  "type": "string",
+                  "default": "",
+                  "description": "RKE2 version."
+                },
+                "bootstrap": {
+                  "type": "object",
+                  "properties": {
+                    "namespace": {
+                      "type": "string",
+                      "default": "rke2-bootstrap-system"
+                    },
+                    "imageUrl": { "type": "string", "default": "" },
+                    "fetchConfig": {
+                      "type": "object",
+                      "properties": {
+                        "url": { "type": "string", "default": "" },
+                        "selector": { "type": "string", "default": "" }
+                      }
+                    }
+                  }
+                },
+                "controlPlane": {
+                  "type": "object",
+                  "properties": {
+                    "namespace": {
+                      "type": "string",
+                      "default": "rke2-control-plane-system"
+                    },
+                    "imageUrl": { "type": "string", "default": "" },
+                    "fetchConfig": {
+                      "type": "object",
+                      "properties": {
+                        "url": { "type": "string", "default": "" },
+                        "selector": { "type": "string", "default": "" }
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}

rancher-turtles-chart/values.yaml

@@ -1,83 +1,156 @@
+# turtlesUI: Manages the UI component.
 turtlesUI:
+  # enabled: Turn UI on or off.
   enabled: false
-  version: v0.8.2
+  # version: UI version to use.
+  version: 0.8.2
+
+# rancherTurtles: Sets up the cluster management controller.
 rancherTurtles:
+  # image: registry.rancher.com/rancher/rancher/turtles
   image: registry.rancher.com/rancher/rancher/turtles
-  imageVersion: v0.17.0
+  # imageVersion: v0.20.0
+  imageVersion: v0.20.0
+  # imagePullPolicy: IfNotPresent
   imagePullPolicy: IfNotPresent
+  # namespace: Select namespace for Turtles to run.
   namespace: rancher-turtles-system
+  # managerArguments: Extra args for the controller.
   managerArguments: []
+  # imagePullSecrets: Secrets for private registries.
   imagePullSecrets: []
+  # rancherInstalled: True if Rancher already installed is in the cluster, this is the preferred installation way.
   rancherInstalled: false
-  kubectlImage: "%%IMG_REPO%%/%%IMG_PREFIX%%kubectl:1.30.3"
+  # kubectlImage: Image for kubectl tasks.
+  kubectlImage: "%%IMG_REPO%%/%%IMG_PREFIX%%kubectl:1.32.4"
+  # features: Optional and experimental features.
   features:
+    # day2operations: Alpha feature.
     day2operations:
+      # enabled: Turn on or off.
       enabled: false
+      # image: registry.rancher.com/rancher/rancher/turtles
       image: registry.rancher.com/rancher/rancher/turtles
-      imageVersion: v0.17.0
+      # imageVersion: v0.20.0
+      imageVersion: v0.20.0
+      # imagePullPolicy: IfNotPresent
       imagePullPolicy: IfNotPresent
+      # etcdBackupRestore: Alpha feature. Manages etcd backup/restore.
       etcdBackupRestore:
+        # enabled: Turn on (true) or off (false).
         enabled: false
-    # beta feature, see documentation for more information on feature stages
+    # agent-tls-mode: Beta feature for agent TLS.
-    addon-provider-fleet:
-      enabled: true
-    # alpha feature, see documentation for more information on feature stages
     agent-tls-mode:
-      enabled: false
+      # enabled: Turn on or off.
+      enabled: true
+    # clusterclass-operations: Alpha feature. Manages cluster class ops. Not ready for testing yet.
     clusterclass-operations:
+      # enabled: Turn on or off.
       enabled: false
+      # image: registry.rancher.com/rancher/rancher/turtles
       image: registry.rancher.com/rancher/rancher/turtles
-      imageVersion: v0.17.0
+      # imageVersion: v0.20.0
+      imageVersion: v0.20.0
+      # imagePullPolicy: IfNotPresent
       imagePullPolicy: IfNotPresent
+
+# cluster-api-operator: Manages Cluster API components.
 cluster-api-operator:
+  # enabled: Turn on or off.
   enabled: true
+  # cert-manager: Cert-manager integration.
   cert-manager:
+    # enabled: Turn on or off.
     enabled: false
+  # volumes: Volumes for operator pods (certs, config).
   volumes:
     - name: cert
       secret:
+        # defaultMode: File permissions.
         defaultMode: 420
+        # secretName: Secret for webhook certs.
         secretName: capi-operator-webhook-service-cert
     - name: clusterctl-config
       configMap:
+        # name: ConfigMap for clusterctl.
         name: clusterctl-config
+  resources:
+    manager:
+      limits:
+        cpu: 100m
+        memory: 300Mi
+      requests:
+        cpu: 100m
+        memory: 100Mi
+  # image: registry.rancher.com/rancher/rancher/turtles
   image:
     manager:
+      # repository: Image repo.
       repository: registry.rancher.com/rancher/cluster-api-operator
+  # volumeMounts: Mount volumes to pods.
   volumeMounts:
     manager:
       - mountPath: /tmp/k8s-webhook-server/serving-certs
         name: cert
+        # readOnly: Mount as read-only.
         readOnly: true
       - mountPath: /config
         name: clusterctl-config
+        # readOnly: Mount as read-only.
         readOnly: true
+  # cleanup: Enable cleanup tasks.
   cleanup: true
+  # cluster-api: Cluster API component settings.
   cluster-api:
+    # enabled: Turn on or off.
     enabled: true
+    # configSecret: Secret for Cluster API config.
     configSecret:
+      # name: Custom secret name (if overriding).
       name: ""
+      # defaultName: Default secret name.
       defaultName: capi-env-variables
+    # core: Core Cluster API settings.
     core:
+      # namespace: Core component namespace.
       namespace: capi-system
+      # imageUrl: Custom image URL.
       imageUrl: ""
+      # fetchConfig: Config fetching settings.
       fetchConfig:
+        # url: Config fetch URL.
         url: ""
+        # selector: Config selector.
         selector: ""
+    # rke2: RKE2 provider settings.
     rke2:
+      # enabled: Turn on or off.
       enabled: true
-      version: ""
+      # version: RKE2 version.
+      version: "v0.16.1"
+      # bootstrap: RKE2 bootstrap provider.
       bootstrap:
+        # namespace: Bootstrap namespace.
         namespace: rke2-bootstrap-system
+        # imageUrl: Custom image URL.
         imageUrl: ""
+        # fetchConfig: Config fetching settings.
         fetchConfig:
+          # url: Config fetch URL.
           url: ""
+          # selector: Config selector.
           selector: ""
+      # controlPlane: RKE2 control plane provider.
       controlPlane:
+        # namespace: Control plane namespace.
         namespace: rke2-control-plane-system
+        # imageUrl: Custom image URL.
         imageUrl: ""
+        # fetchConfig: Config fetching settings.
         fetchConfig:
+          # url: Config fetch URL.
           url: ""
+          # selector: Config selector.
           selector: ""
     metal3:
       enabled: true

release-manifest-image/Dockerfile

@@ -1,4 +1,4 @@
-#!BuildTag: %%IMG_PREFIX%%release-manifest:3.3.0
+#!BuildTag: %%IMG_PREFIX%%release-manifest:3.4.0
 ARG SLE_VERSION
 FROM registry.suse.com/bci/bci-micro:$SLE_VERSION
 
@@ -7,11 +7,11 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION
 LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
 LABEL org.opencontainers.image.title="SUSE Edge Release Manifest"
 LABEL org.opencontainers.image.description="Release Manifest containing information about a specific SUSE Edge release"
-LABEL org.opencontainers.image.version="3.3.0"
+LABEL org.opencontainers.image.version="3.4.0"
 LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
 LABEL org.opencontainers.image.created="%BUILDTIME%"
 LABEL org.opencontainers.image.vendor="SUSE LLC"
-LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%release-manifest:3.3.0"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%release-manifest:3.4.0"
 LABEL org.openbuildservice.disturl="%DISTURL%"
 LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
 LABEL com.suse.eula="SUSE Combined EULA February 2024"

release-manifest-image/release_manifest.yaml

@@ -1,13 +1,13 @@
 apiVersion: lifecycle.suse.com/v1alpha1
 kind: ReleaseManifest
 metadata:
-  name: release-manifest-3-3-0
+  name: release-manifest-3-4-0
 spec:
-  releaseVersion: 3.3.0
+  releaseVersion: 3.4.0
   components:
     kubernetes:
       k3s:
-        version: v1.32.2+k3s1
+        version: v1.32.4+k3s1
         coreComponents:
         - name: traefik-crd
           version: 34.2.1+up34.2.0
@@ -23,7 +23,7 @@ spec:
         - name: coredns
           containers:
           - name: coredns
-            image: rancher/mirrored-coredns-coredns:1.12.0
+            image: rancher/mirrored-coredns-coredns:1.12.1
           type: Deployment
         - name: metrics-server
           containers:
@@ -31,25 +31,25 @@ spec:
             image: rancher/mirrored-metrics-server:v0.7.2
           type: Deployment
       rke2:
-        version: v1.32.2+rke2r1
+        version: v1.32.4+rke2r1
         coreComponents:
         - name: rke2-cilium
-          version: 1.17.000
+          version: 1.17.300
           type: HelmChart
         - name: rke2-canal
-          version: v3.29.2-build2025021800
+          version: v3.29.3-build2025040801
           type: HelmChart
         - name: rke2-calico-crd
           version: v3.29.101
           type: HelmChart
         - name: rke2-calico
-          version: v3.29.200
+          version: v3.29.300
           type: HelmChart
         - name: rke2-coredns
-          version: 1.36.102
+          version: 1.39.201
           type: HelmChart
         - name: rke2-ingress-nginx
-          version: 4.12.005
+          version: 4.12.101
           type: HelmChart
         - name: rke2-metrics-server
           version: 3.12.200
@@ -89,64 +89,64 @@ spec:
         - prettyName: Rancher
           releaseName: rancher
           chart: rancher
-          version: 2.11.0-alpha11
+          version: 2.11.2
-          repository: https://releases.rancher.com/server-charts/alpha
+          repository: https://charts.rancher.com/server-charts/prime
           values:
             postDelete:
               enabled: false
         - prettyName: Longhorn
           releaseName: longhorn
           chart: longhorn
-          version: 105.1.1+up1.7.3
+          version: 106.2.0+up1.8.1
           repository: https://charts.rancher.io
           dependencyCharts:
             - releaseName: longhorn-crd
               chart: longhorn-crd
-              version: 105.1.1+up1.7.3
+              version: 106.2.0+up1.8.1
               repository: https://charts.rancher.io
         - prettyName: MetalLB
           releaseName: metallb
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%metallb
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%metallb"
-          version: %%CHART_MAJOR%%.0.0+up0.14.9
+          version: "%%CHART_MAJOR%%.0.0+up0.14.9"
         - prettyName: CDI
           releaseName: cdi
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%cdi
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%cdi"
-          version: %%CHART_MAJOR%%.0.0+up0.4.0
+          version: "%%CHART_MAJOR%%.0.0+up0.5.0"
         - prettyName: KubeVirt
           releaseName: kubevirt
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%kubevirt
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%kubevirt"
-          version: %%CHART_MAJOR%%.0.0+up0.4.0
+          version: "%%CHART_MAJOR%%.0.0+up0.5.0"
           addonCharts:
             - releaseName: kubevirt-dashboard-extension
-              chart: %%CHART_REPO%%/%%CHART_PREFIX%%kubevirt-dashboard-extension
+              chart: "%%CHART_REPO%%/%%CHART_PREFIX%%kubevirt-dashboard-extension"
-              version: %%CHART_MAJOR%%.0.1+up1.3.1
+              version: "%%CHART_MAJOR%%.0.2+up1.3.2"
         - prettyName: NeuVector
           releaseName: neuvector
           chart: neuvector
-          version: 105.0.1+up2.8.4
+          version: 106.0.1+up2.8.6
           repository: https://charts.rancher.io
           dependencyCharts:
             - releaseName: neuvector-crd
               chart: neuvector-crd
-              version: 105.0.1+up2.8.4
+              version: 106.0.1+up2.8.6
               repository: https://charts.rancher.io
           addonCharts:
             - releaseName: neuvector-ui-ext
               chart: neuvector-ui-ext
               repository: https://github.com/rancher/ui-plugin-charts/raw/main
-              version: 2.0.1
+              version: 2.1.3
         - prettyName: EndpointCopierOperator
           releaseName: endpoint-copier-operator
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%endpoint-copier-operator
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%endpoint-copier-operator"
-          version: %%CHART_MAJOR%%.0.0+up0.2.1
+          version: "%%CHART_MAJOR%%.0.0+up0.2.1"
         - prettyName: Elemental
           releaseName: elemental-operator
           chart: oci://registry.suse.com/rancher/elemental-operator-chart
-          version: 1.6.5
+          version: 1.6.8
           dependencyCharts:
             - releaseName: elemental-operator-crds
               chart: oci://registry.suse.com/rancher/elemental-operator-crds-chart
-              version: 1.6.5
+              version: 1.6.8
           addonCharts:
             - releaseName: elemental
               chart: elemental
@@ -154,25 +154,25 @@ spec:
               version: 3.0.0
         - prettyName: SRIOV
           releaseName: sriov-network-operator
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%sriov-network-operator
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%sriov-network-operator"
-          version: %%CHART_MAJOR%%.0.0+up1.4.0
+          version: "%%CHART_MAJOR%%.0.2+up1.5.0"
           dependencyCharts:
             - releaseName: sriov-crd
-              chart: %%CHART_REPO%%/%%CHART_PREFIX%%sriov-crd
+              chart: "%%CHART_REPO%%/%%CHART_PREFIX%%sriov-crd"
-              version: %%CHART_MAJOR%%.0.0+up1.4.0
+              version: "%%CHART_MAJOR%%.0.2+up1.5.0"
         - prettyName: Akri
           releaseName: akri
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%akri
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%akri"
-          version: %%CHART_MAJOR%%.0.0+up0.12.20
+          version: "%%CHART_MAJOR%%.0.0+up0.12.20"
           addonCharts:
             - releaseName: akri-dashboard-extension
-              chart: %%CHART_REPO%%/%%CHART_PREFIX%%akri-dashboard-extension
+              chart: "%%CHART_REPO%%/%%CHART_PREFIX%%akri-dashboard-extension"
-              version: %%CHART_MAJOR%%.0.1+up1.3.0
+              version: "%%CHART_MAJOR%%.0.2+up1.3.1"
         - prettyName: Metal3
           releaseName: metal3
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%metal3
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%metal3"
-          version: %%CHART_MAJOR%%.0.0+up0.10.0
+          version: "%%CHART_MAJOR%%.0.7+up0.11.5"
         - prettyName: RancherTurtles
           releaseName: rancher-turtles
-          chart: %%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles
+          chart: "%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles"
-          version: %%CHART_MAJOR%%.0.0+up0.17.0
+          version: "%%CHART_MAJOR%%.0.3+up0.20.0"

sriov-crd-chart/Chart.yaml

@@ -1,5 +1,5 @@
-#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.0_up1.4.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.2_up1.5.0-%RELEASE%
-#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.0_up1.4.0
+#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.2_up1.5.0
 annotations:
   catalog.cattle.io/experimental: "true"
   catalog.cattle.io/hidden: "true"
@@ -10,4 +10,4 @@ apiVersion: v2
 description: Installs the CRDs for the SR-IOV operator
 name: sriov-crd
 type: application
-version: "%%CHART_MAJOR%%.0.0+up1.4.0"
+version: "%%CHART_MAJOR%%.0.2+up1.5.0"

sriov-crd-chart/templates/sriovnetwork.openshift.io_ovsnetworks.yaml

@@ -14,92 +14,92 @@ spec:
     singular: ovsnetwork
   scope: Namespaced
   versions:
-  - name: v1
+    - name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: OVSNetwork is the Schema for the ovsnetworks API
+          description: OVSNetwork is the Schema for the ovsnetworks API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: OVSNetworkSpec defines the desired state of OVSNetwork
+              description: OVSNetworkSpec defines the desired state of OVSNetwork
-            properties:
+              properties:
-              bridge:
+                bridge:
-                description: |-
+                  description: |-
-                  name of the OVS bridge, if not set OVS will automatically select bridge
+                    name of the OVS bridge, if not set OVS will automatically select bridge
-                  based on VF PCI address
+                    based on VF PCI address
-                type: string
+                  type: string
-              capabilities:
+                capabilities:
-                description: |-
+                  description: |-
-                  Capabilities to be configured for this network.
+                    Capabilities to be configured for this network.
-                  Capabilities supported: (mac|ips), e.g. '{"mac": true}'
+                    Capabilities supported: (mac|ips), e.g. '{"mac": true}'
-                type: string
+                  type: string
-              interfaceType:
+                interfaceType:
-                description: The type of interface on ovs.
+                  description: The type of interface on ovs.
-                type: string
+                  type: string
-              ipam:
+                ipam:
-                description: IPAM configuration to be used for this network.
+                  description: IPAM configuration to be used for this network.
-                type: string
+                  type: string
-              metaPlugins:
+                metaPlugins:
-                description: MetaPluginsConfig configuration to be used in order to
+                  description: MetaPluginsConfig configuration to be used in order to
-                  chain metaplugins
+                    chain metaplugins
-                type: string
+                  type: string
-              mtu:
+                mtu:
-                description: Mtu for the OVS port
+                  description: Mtu for the OVS port
-                type: integer
+                  type: integer
-              networkNamespace:
+                networkNamespace:
-                description: Namespace of the NetworkAttachmentDefinition custom resource
+                  description: Namespace of the NetworkAttachmentDefinition custom resource
-                type: string
+                  type: string
-              resourceName:
+                resourceName:
-                description: OVS Network device plugin endpoint resource name
+                  description: OVS Network device plugin endpoint resource name
-                type: string
+                  type: string
-              trunk:
+                trunk:
-                description: Trunk configuration for the OVS port
+                  description: Trunk configuration for the OVS port
-                items:
+                  items:
-                  description: TrunkConfig contains configuration for bridge trunk
+                    description: TrunkConfig contains configuration for bridge trunk
-                  properties:
+                    properties:
-                    id:
+                      id:
-                      maximum: 4095
+                        maximum: 4095
-                      minimum: 0
+                        minimum: 0
-                      type: integer
+                        type: integer
-                    maxID:
+                      maxID:
-                      maximum: 4095
+                        maximum: 4095
-                      minimum: 0
+                        minimum: 0
-                      type: integer
+                        type: integer
-                    minID:
+                      minID:
-                      maximum: 4095
+                        maximum: 4095
-                      minimum: 0
+                        minimum: 0
-                      type: integer
+                        type: integer
-                  type: object
+                    type: object
-                type: array
+                  type: array
-              vlan:
+                vlan:
-                description: Vlan to assign for the OVS port
+                  description: Vlan to assign for the OVS port
-                maximum: 4095
+                  maximum: 4095
-                minimum: 0
+                  minimum: 0
-                type: integer
+                  type: integer
-            required:
+              required:
-            - resourceName
+                - resourceName
-            type: object
+              type: object
-          status:
+            status:
-            description: OVSNetworkStatus defines the observed state of OVSNetwork
+              description: OVSNetworkStatus defines the observed state of OVSNetwork
-            type: object
+              type: object
-        type: object
+          type: object
-    served: true
+      served: true
-    storage: true
+      storage: true
-    subresources:
+      subresources:
-      status: {}
+        status: {}

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml

@@ -14,65 +14,65 @@ spec:
     singular: sriovibnetwork
   scope: Namespaced
   versions:
-  - name: v1
+    - name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: SriovIBNetwork is the Schema for the sriovibnetworks API
+          description: SriovIBNetwork is the Schema for the sriovibnetworks API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
+              description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
-            properties:
+              properties:
-              capabilities:
+                capabilities:
-                description: |-
+                  description: |-
-                  Capabilities to be configured for this network.
+                    Capabilities to be configured for this network.
-                  Capabilities supported: (infinibandGUID), e.g. '{"infinibandGUID": true}'
+                    Capabilities supported: (infinibandGUID), e.g. '{"infinibandGUID": true}'
-                type: string
+                  type: string
-              ipam:
+                ipam:
-                description: IPAM configuration to be used for this network.
+                  description: IPAM configuration to be used for this network.
-                type: string
+                  type: string
-              linkState:
+                linkState:
-                description: VF link state (enable|disable|auto)
+                  description: VF link state (enable|disable|auto)
-                enum:
+                  enum:
-                - auto
+                    - auto
-                - enable
+                    - enable
-                - disable
+                    - disable
-                type: string
+                  type: string
-              metaPlugins:
+                metaPlugins:
-                description: |-
+                  description: |-
-                  MetaPluginsConfig configuration to be used in order to chain metaplugins to the sriov interface returned
+                    MetaPluginsConfig configuration to be used in order to chain metaplugins to the sriov interface returned
-                  by the operator.
+                    by the operator.
-                type: string
+                  type: string
-              networkNamespace:
+                networkNamespace:
-                description: Namespace of the NetworkAttachmentDefinition custom resource
+                  description: Namespace of the NetworkAttachmentDefinition custom resource
-                type: string
+                  type: string
-              resourceName:
+                resourceName:
-                description: SRIOV Network device plugin endpoint resource name
+                  description: SRIOV Network device plugin endpoint resource name
-                type: string
+                  type: string
-            required:
+              required:
-            - resourceName
+                - resourceName
-            type: object
+              type: object
-          status:
+            status:
-            description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
+              description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
-            type: object
+              type: object
-        type: object
+          type: object
-    served: true
+      served: true
-    storage: true
+      storage: true
-    subresources:
+      subresources:
-      status: {}
+        status: {}

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml

@@ -14,196 +14,200 @@ spec:
     singular: sriovnetworknodepolicy
   scope: Namespaced
   versions:
-  - name: v1
+    - name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
+          description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
-          API
+            API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
+              description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
-            properties:
+              properties:
-              bridge:
+                bridge:
-                description: |-
+                  description: |-
-                  contains bridge configuration for matching PFs,
+                    contains bridge configuration for matching PFs,
-                  valid only for eSwitchMode==switchdev
+                    valid only for eSwitchMode==switchdev
-                properties:
+                  properties:
-                  ovs:
+                    ovs:
-                    description: contains configuration for the OVS bridge,
+                      description: contains configuration for the OVS bridge,
-                    properties:
+                      properties:
-                      bridge:
+                        bridge:
-                        description: contains bridge level settings
+                          description: contains bridge level settings
-                        properties:
+                          properties:
-                          datapathType:
+                            datapathType:
-                            description: configure datapath_type field in the Bridge
+                              description: configure datapath_type field in the Bridge
-                              table in OVSDB
+                                table in OVSDB
-                            type: string
-                          externalIDs:
-                            additionalProperties:
                               type: string
-                            description: IDs to inject to external_ids field in the
+                            externalIDs:
-                              Bridge table in OVSDB
+                              additionalProperties:
-                            type: object
-                          otherConfig:
-                            additionalProperties:
-                              type: string
-                            description: additional options to inject to other_config
-                              field in the bridge table in OVSDB
-                            type: object
-                        type: object
-                      uplink:
-                        description: contains settings for uplink (PF)
-                        properties:
-                          interface:
-                            description: contains settings for PF interface in the
-                              OVS bridge
-                            properties:
-                              externalIDs:
-                                additionalProperties:
-                                  type: string
-                                description: external_ids field in the Interface table
-                                  in OVSDB
-                                type: object
-                              options:
-                                additionalProperties:
-                                  type: string
-                                description: options field in the Interface table
-                                  in OVSDB
-                                type: object
-                              otherConfig:
-                                additionalProperties:
-                                  type: string
-                                description: other_config field in the Interface table
-                                  in OVSDB
-                                type: object
-                              type:
-                                description: type field in the Interface table in
-                                  OVSDB
                                 type: string
-                            type: object
+                              description: IDs to inject to external_ids field in the
-                        type: object
+                                Bridge table in OVSDB
-                    type: object
+                              type: object
-                type: object
+                            otherConfig:
-              deviceType:
+                              additionalProperties:
-                default: netdevice
+                                type: string
-                description: The driver type for configured VFs. Allowed value "netdevice",
+                              description: additional options to inject to other_config
-                  "vfio-pci". Defaults to netdevice.
+                                field in the bridge table in OVSDB
-                enum:
+                              type: object
-                - netdevice
+                          type: object
-                - vfio-pci
+                        uplink:
-                type: string
+                          description: contains settings for uplink (PF)
-              eSwitchMode:
+                          properties:
-                description: NIC Device Mode. Allowed value "legacy","switchdev".
+                            interface:
-                enum:
+                              description: contains settings for PF interface in the
-                - legacy
+                                OVS bridge
-                - switchdev
+                              properties:
-                type: string
+                                externalIDs:
-              excludeTopology:
+                                  additionalProperties:
-                description: Exclude device's NUMA node when advertising this resource
+                                    type: string
-                  by SRIOV network device plugin. Default to false.
+                                  description: external_ids field in the Interface table
-                type: boolean
+                                    in OVSDB
-              externallyManaged:
+                                  type: object
-                description: don't create the virtual function only allocated them
+                                mtuRequest:
-                  to the device plugin. Defaults to false.
+                                  description: mtu_request field in the Interface table
-                type: boolean
+                                    in OVSDB
-              isRdma:
+                                  type: integer
-                description: RDMA mode. Defaults to false.
+                                options:
-                type: boolean
+                                  additionalProperties:
-              linkType:
+                                    type: string
-                description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
+                                  description: options field in the Interface table
-                  "IB".
+                                    in OVSDB
-                enum:
+                                  type: object
-                - eth
+                                otherConfig:
-                - ETH
+                                  additionalProperties:
-                - ib
+                                    type: string
-                - IB
+                                  description: other_config field in the Interface table
-                type: string
+                                    in OVSDB
-              mtu:
+                                  type: object
-                description: MTU of VF
+                                type:
-                minimum: 1
+                                  description: type field in the Interface table in
-                type: integer
+                                    OVSDB
-              needVhostNet:
+                                  type: string
-                description: mount vhost-net device. Defaults to false.
+                              type: object
-                type: boolean
+                          type: object
-              nicSelector:
+                      type: object
-                description: NicSelector selects the NICs to be configured
+                  type: object
-                properties:
+                deviceType:
-                  deviceID:
+                  default: netdevice
-                    description: The device hex code of SR-IoV device. Allowed value
+                  description: The driver type for configured VFs. Allowed value "netdevice",
-                      "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
+                    "vfio-pci". Defaults to netdevice.
-                    type: string
+                  enum:
-                  netFilter:
+                    - netdevice
-                    description: Infrastructure Networking selection filter. Allowed
+                    - vfio-pci
-                      value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
-                    type: string
-                  pfNames:
-                    description: Name of SR-IoV PF.
-                    items:
-                      type: string
-                    type: array
-                  rootDevices:
-                    description: PCI address of SR-IoV PF.
-                    items:
-                      type: string
-                    type: array
-                  vendor:
-                    description: The vendor hex code of SR-IoV device. Allowed value
-                      "8086", "15b3".
-                    type: string
-                type: object
-              nodeSelector:
-                additionalProperties:
                   type: string
-                description: NodeSelector selects the nodes to be configured
+                eSwitchMode:
-                type: object
+                  description: NIC Device Mode. Allowed value "legacy","switchdev".
-              numVfs:
+                  enum:
-                description: Number of VFs for each PF
+                    - legacy
-                minimum: 0
+                    - switchdev
-                type: integer
+                  type: string
-              priority:
+                excludeTopology:
-                description: Priority of the policy, higher priority policies can
+                  description: Exclude device's NUMA node when advertising this resource
-                  override lower ones.
+                    by SRIOV network device plugin. Default to false.
-                maximum: 99
+                  type: boolean
-                minimum: 0
+                externallyManaged:
-                type: integer
+                  description: don't create the virtual function only allocated them
-              resourceName:
+                    to the device plugin. Defaults to false.
-                description: SRIOV Network device plugin endpoint resource name
+                  type: boolean
-                type: string
+                isRdma:
-              vdpaType:
+                  description: RDMA mode. Defaults to false.
-                description: VDPA device type. Allowed value "virtio", "vhost"
+                  type: boolean
-                enum:
+                linkType:
-                - virtio
+                  description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
-                - vhost
+                    "IB".
-                type: string
+                  enum:
-            required:
+                    - eth
-            - nicSelector
+                    - ETH
-            - nodeSelector
+                    - ib
-            - numVfs
+                    - IB
-            - resourceName
+                  type: string
-            type: object
+                mtu:
-          status:
+                  description: MTU of VF
-            description: SriovNetworkNodePolicyStatus defines the observed state of
+                  minimum: 1
-              SriovNetworkNodePolicy
+                  type: integer
-            type: object
+                needVhostNet:
-        type: object
+                  description: mount vhost-net device. Defaults to false.
-    served: true
+                  type: boolean
-    storage: true
+                nicSelector:
-    subresources:
+                  description: NicSelector selects the NICs to be configured
-      status: {}
+                  properties:
+                    deviceID:
+                      description: The device hex code of SR-IoV device. Allowed value
+                        "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
+                      type: string
+                    netFilter:
+                      description: Infrastructure Networking selection filter. Allowed
+                        value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+                      type: string
+                    pfNames:
+                      description: Name of SR-IoV PF.
+                      items:
+                        type: string
+                      type: array
+                    rootDevices:
+                      description: PCI address of SR-IoV PF.
+                      items:
+                        type: string
+                      type: array
+                    vendor:
+                      description: The vendor hex code of SR-IoV device. Allowed value
+                        "8086", "15b3".
+                      type: string
+                  type: object
+                nodeSelector:
+                  additionalProperties:
+                    type: string
+                  description: NodeSelector selects the nodes to be configured
+                  type: object
+                numVfs:
+                  description: Number of VFs for each PF
+                  minimum: 0
+                  type: integer
+                priority:
+                  description: Priority of the policy, higher priority policies can
+                    override lower ones.
+                  maximum: 99
+                  minimum: 0
+                  type: integer
+                resourceName:
+                  description: SRIOV Network device plugin endpoint resource name
+                  type: string
+                vdpaType:
+                  description: VDPA device type. Allowed value "virtio", "vhost"
+                  enum:
+                    - virtio
+                    - vhost
+                  type: string
+              required:
+                - nicSelector
+                - nodeSelector
+                - numVfs
+                - resourceName
+              type: object
+            status:
+              description: SriovNetworkNodePolicyStatus defines the observed state of
+                SriovNetworkNodePolicy
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml

@@ -14,330 +14,356 @@ spec:
     singular: sriovnetworknodestate
   scope: Namespaced
   versions:
-  - additionalPrinterColumns:
+    - additionalPrinterColumns:
-    - jsonPath: .status.syncStatus
+        - jsonPath: .status.syncStatus
-      name: Sync Status
+          name: Sync Status
-      type: string
+          type: string
-    - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/desired-state
+        - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/desired-state
-      name: Desired Sync State
+          name: Desired Sync State
-      type: string
+          type: string
-    - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/current-state
+        - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/current-state
-      name: Current Sync State
+          name: Current Sync State
-      type: string
+          type: string
-    - jsonPath: .metadata.creationTimestamp
+        - jsonPath: .metadata.creationTimestamp
-      name: Age
+          name: Age
-      type: date
+          type: date
-    name: v1
+      name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
+          description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
-          API
+            API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
+              description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
-            properties:
+              properties:
-              bridges:
+                bridges:
-                description: Bridges contains list of bridges
+                  description: Bridges contains list of bridges
-                properties:
-                  ovs:
-                    items:
-                      description: OVSConfigExt contains configuration for the concrete
-                        OVS bridge
-                      properties:
-                        bridge:
-                          description: bridge-level configuration for the bridge
-                          properties:
-                            datapathType:
-                              description: configure datapath_type field in the Bridge
-                                table in OVSDB
-                              type: string
-                            externalIDs:
-                              additionalProperties:
-                                type: string
-                              description: IDs to inject to external_ids field in
-                                the Bridge table in OVSDB
-                              type: object
-                            otherConfig:
-                              additionalProperties:
-                                type: string
-                              description: additional options to inject to other_config
-                                field in the bridge table in OVSDB
-                              type: object
-                          type: object
-                        name:
-                          description: name of the bridge
-                          type: string
-                        uplinks:
-                          description: |-
-                            uplink-level bridge configuration for each uplink(PF).
-                            currently must contain only one element
-                          items:
-                            description: OVSUplinkConfigExt contains configuration
-                              for the concrete OVS uplink(PF)
-                            properties:
-                              interface:
-                                description: configuration from the Interface OVS
-                                  table for the PF
-                                properties:
-                                  externalIDs:
-                                    additionalProperties:
-                                      type: string
-                                    description: external_ids field in the Interface
-                                      table in OVSDB
-                                    type: object
-                                  options:
-                                    additionalProperties:
-                                      type: string
-                                    description: options field in the Interface table
-                                      in OVSDB
-                                    type: object
-                                  otherConfig:
-                                    additionalProperties:
-                                      type: string
-                                    description: other_config field in the Interface
-                                      table in OVSDB
-                                    type: object
-                                  type:
-                                    description: type field in the Interface table
-                                      in OVSDB
-                                    type: string
-                                type: object
-                              name:
-                                description: name of the PF interface
-                                type: string
-                              pciAddress:
-                                description: pci address of the PF
-                                type: string
-                            required:
-                            - pciAddress
-                            type: object
-                          type: array
-                      required:
-                      - name
-                      type: object
-                    type: array
-                type: object
-              interfaces:
-                items:
                   properties:
-                    eSwitchMode:
+                    ovs:
-                      type: string
-                    externallyManaged:
-                      type: boolean
-                    linkType:
-                      type: string
-                    mtu:
-                      type: integer
-                    name:
-                      type: string
-                    numVfs:
-                      type: integer
-                    pciAddress:
-                      type: string
-                    vfGroups:
                       items:
+                        description: OVSConfigExt contains configuration for the concrete
+                          OVS bridge
                         properties:
-                          deviceType:
+                          bridge:
-                            type: string
+                            description: bridge-level configuration for the bridge
-                          isRdma:
-                            type: boolean
-                          mtu:
-                            type: integer
-                          policyName:
-                            type: string
-                          resourceName:
-                            type: string
-                          vdpaType:
-                            type: string
-                          vfRange:
-                            type: string
-                        type: object
-                      type: array
-                  required:
-                  - pciAddress
-                  type: object
-                type: array
-            type: object
-          status:
-            description: SriovNetworkNodeStateStatus defines the observed state of
-              SriovNetworkNodeState
-            properties:
-              bridges:
-                description: Bridges contains list of bridges
-                properties:
-                  ovs:
-                    items:
-                      description: OVSConfigExt contains configuration for the concrete
-                        OVS bridge
-                      properties:
-                        bridge:
-                          description: bridge-level configuration for the bridge
-                          properties:
-                            datapathType:
-                              description: configure datapath_type field in the Bridge
-                                table in OVSDB
-                              type: string
-                            externalIDs:
-                              additionalProperties:
-                                type: string
-                              description: IDs to inject to external_ids field in
-                                the Bridge table in OVSDB
-                              type: object
-                            otherConfig:
-                              additionalProperties:
-                                type: string
-                              description: additional options to inject to other_config
-                                field in the bridge table in OVSDB
-                              type: object
-                          type: object
-                        name:
-                          description: name of the bridge
-                          type: string
-                        uplinks:
-                          description: |-
-                            uplink-level bridge configuration for each uplink(PF).
-                            currently must contain only one element
-                          items:
-                            description: OVSUplinkConfigExt contains configuration
-                              for the concrete OVS uplink(PF)
                             properties:
-                              interface:
+                              datapathType:
-                                description: configuration from the Interface OVS
+                                description: configure datapath_type field in the Bridge
-                                  table for the PF
+                                  table in OVSDB
-                                properties:
+                                type: string
-                                  externalIDs:
+                              externalIDs:
-                                    additionalProperties:
+                                additionalProperties:
-                                      type: string
+                                  type: string
-                                    description: external_ids field in the Interface
+                                description: IDs to inject to external_ids field in
-                                      table in OVSDB
+                                  the Bridge table in OVSDB
-                                    type: object
+                                type: object
-                                  options:
+                              otherConfig:
-                                    additionalProperties:
+                                additionalProperties:
-                                      type: string
+                                  type: string
-                                    description: options field in the Interface table
+                                description: additional options to inject to other_config
-                                      in OVSDB
+                                  field in the bridge table in OVSDB
-                                    type: object
-                                  otherConfig:
-                                    additionalProperties:
-                                      type: string
-                                    description: other_config field in the Interface
-                                      table in OVSDB
-                                    type: object
-                                  type:
-                                    description: type field in the Interface table
-                                      in OVSDB
-                                    type: string
                                 type: object
-                              name:
-                                description: name of the PF interface
-                                type: string
-                              pciAddress:
-                                description: pci address of the PF
-                                type: string
-                            required:
-                            - pciAddress
                             type: object
-                          type: array
-                      required:
-                      - name
-                      type: object
-                    type: array
-                type: object
-              interfaces:
-                items:
-                  properties:
-                    Vfs:
-                      items:
-                        properties:
-                          Vlan:
-                            type: integer
-                          assigned:
-                            type: string
-                          deviceID:
-                            type: string
-                          driver:
-                            type: string
-                          guid:
-                            type: string
-                          mac:
-                            type: string
-                          mtu:
-                            type: integer
                           name:
+                            description: name of the bridge
                             type: string
-                          pciAddress:
+                          uplinks:
-                            type: string
+                            description: |-
-                          representorName:
+                              uplink-level bridge configuration for each uplink(PF).
-                            type: string
+                              currently must contain only one element
-                          vdpaType:
+                            items:
-                            type: string
+                              description: OVSUplinkConfigExt contains configuration
-                          vendor:
+                                for the concrete OVS uplink(PF)
-                            type: string
+                              properties:
-                          vfID:
+                                interface:
-                            type: integer
+                                  description: configuration from the Interface OVS
+                                    table for the PF
+                                  properties:
+                                    externalIDs:
+                                      additionalProperties:
+                                        type: string
+                                      description: external_ids field in the Interface
+                                        table in OVSDB
+                                      type: object
+                                    mtuRequest:
+                                      description: mtu_request field in the Interface
+                                        table in OVSDB
+                                      type: integer
+                                    options:
+                                      additionalProperties:
+                                        type: string
+                                      description: options field in the Interface table
+                                        in OVSDB
+                                      type: object
+                                    otherConfig:
+                                      additionalProperties:
+                                        type: string
+                                      description: other_config field in the Interface
+                                        table in OVSDB
+                                      type: object
+                                    type:
+                                      description: type field in the Interface table
+                                        in OVSDB
+                                      type: string
+                                  type: object
+                                name:
+                                  description: name of the PF interface
+                                  type: string
+                                pciAddress:
+                                  description: pci address of the PF
+                                  type: string
+                              required:
+                                - pciAddress
+                              type: object
+                            type: array
                         required:
-                        - pciAddress
+                          - name
-                        - vfID
                         type: object
                       type: array
-                    deviceID:
-                      type: string
-                    driver:
-                      type: string
-                    eSwitchMode:
-                      type: string
-                    externallyManaged:
-                      type: boolean
-                    linkAdminState:
-                      type: string
-                    linkSpeed:
-                      type: string
-                    linkType:
-                      type: string
-                    mac:
-                      type: string
-                    mtu:
-                      type: integer
-                    name:
-                      type: string
-                    netFilter:
-                      type: string
-                    numVfs:
-                      type: integer
-                    pciAddress:
-                      type: string
-                    totalvfs:
-                      type: integer
-                    vendor:
-                      type: string
-                  required:
-                  - pciAddress
                   type: object
-                type: array
+                interfaces:
-              lastSyncError:
+                  items:
-                type: string
+                    properties:
-              syncStatus:
+                      eSwitchMode:
-                type: string
+                        type: string
-            type: object
+                      externallyManaged:
-        type: object
+                        type: boolean
-    served: true
+                      linkType:
-    storage: true
+                        type: string
-    subresources:
+                      mtu:
-      status: {}
+                        type: integer
+                      name:
+                        type: string
+                      numVfs:
+                        type: integer
+                      pciAddress:
+                        type: string
+                      vfGroups:
+                        items:
+                          properties:
+                            deviceType:
+                              type: string
+                            isRdma:
+                              type: boolean
+                            mtu:
+                              type: integer
+                            policyName:
+                              type: string
+                            resourceName:
+                              type: string
+                            vdpaType:
+                              type: string
+                            vfRange:
+                              type: string
+                          type: object
+                        type: array
+                    required:
+                      - pciAddress
+                    type: object
+                  type: array
+                system:
+                  properties:
+                    rdmaMode:
+                      description: RDMA subsystem. Allowed value "shared", "exclusive".
+                      enum:
+                        - shared
+                        - exclusive
+                      type: string
+                  type: object
+              type: object
+            status:
+              description: SriovNetworkNodeStateStatus defines the observed state of
+                SriovNetworkNodeState
+              properties:
+                bridges:
+                  description: Bridges contains list of bridges
+                  properties:
+                    ovs:
+                      items:
+                        description: OVSConfigExt contains configuration for the concrete
+                          OVS bridge
+                        properties:
+                          bridge:
+                            description: bridge-level configuration for the bridge
+                            properties:
+                              datapathType:
+                                description: configure datapath_type field in the Bridge
+                                  table in OVSDB
+                                type: string
+                              externalIDs:
+                                additionalProperties:
+                                  type: string
+                                description: IDs to inject to external_ids field in
+                                  the Bridge table in OVSDB
+                                type: object
+                              otherConfig:
+                                additionalProperties:
+                                  type: string
+                                description: additional options to inject to other_config
+                                  field in the bridge table in OVSDB
+                                type: object
+                            type: object
+                          name:
+                            description: name of the bridge
+                            type: string
+                          uplinks:
+                            description: |-
+                              uplink-level bridge configuration for each uplink(PF).
+                              currently must contain only one element
+                            items:
+                              description: OVSUplinkConfigExt contains configuration
+                                for the concrete OVS uplink(PF)
+                              properties:
+                                interface:
+                                  description: configuration from the Interface OVS
+                                    table for the PF
+                                  properties:
+                                    externalIDs:
+                                      additionalProperties:
+                                        type: string
+                                      description: external_ids field in the Interface
+                                        table in OVSDB
+                                      type: object
+                                    mtuRequest:
+                                      description: mtu_request field in the Interface
+                                        table in OVSDB
+                                      type: integer
+                                    options:
+                                      additionalProperties:
+                                        type: string
+                                      description: options field in the Interface table
+                                        in OVSDB
+                                      type: object
+                                    otherConfig:
+                                      additionalProperties:
+                                        type: string
+                                      description: other_config field in the Interface
+                                        table in OVSDB
+                                      type: object
+                                    type:
+                                      description: type field in the Interface table
+                                        in OVSDB
+                                      type: string
+                                  type: object
+                                name:
+                                  description: name of the PF interface
+                                  type: string
+                                pciAddress:
+                                  description: pci address of the PF
+                                  type: string
+                              required:
+                                - pciAddress
+                              type: object
+                            type: array
+                        required:
+                          - name
+                        type: object
+                      type: array
+                  type: object
+                interfaces:
+                  items:
+                    properties:
+                      Vfs:
+                        items:
+                          properties:
+                            Vlan:
+                              type: integer
+                            assigned:
+                              type: string
+                            deviceID:
+                              type: string
+                            driver:
+                              type: string
+                            guid:
+                              type: string
+                            mac:
+                              type: string
+                            mtu:
+                              type: integer
+                            name:
+                              type: string
+                            pciAddress:
+                              type: string
+                            representorName:
+                              type: string
+                            vdpaType:
+                              type: string
+                            vendor:
+                              type: string
+                            vfID:
+                              type: integer
+                          required:
+                            - pciAddress
+                            - vfID
+                          type: object
+                        type: array
+                      deviceID:
+                        type: string
+                      driver:
+                        type: string
+                      eSwitchMode:
+                        type: string
+                      externallyManaged:
+                        type: boolean
+                      linkAdminState:
+                        type: string
+                      linkSpeed:
+                        type: string
+                      linkType:
+                        type: string
+                      mac:
+                        type: string
+                      mtu:
+                        type: integer
+                      name:
+                        type: string
+                      netFilter:
+                        type: string
+                      numVfs:
+                        type: integer
+                      pciAddress:
+                        type: string
+                      totalvfs:
+                        type: integer
+                      vendor:
+                        type: string
+                    required:
+                      - pciAddress
+                    type: object
+                  type: array
+                lastSyncError:
+                  type: string
+                syncStatus:
+                  type: string
+                system:
+                  properties:
+                    rdmaMode:
+                      description: RDMA subsystem. Allowed value "shared", "exclusive".
+                      enum:
+                        - shared
+                        - exclusive
+                      type: string
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml

@@ -14,110 +14,116 @@ spec:
     singular: sriovnetworkpoolconfig
   scope: Namespaced
   versions:
-  - name: v1
+    - name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
+          description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
-          API
+            API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
+              description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
-            properties:
+              properties:
-              maxUnavailable:
+                maxUnavailable:
-                anyOf:
+                  anyOf:
-                - type: integer
+                    - type: integer
-                - type: string
+                    - type: string
-                description: |-
+                  description: |-
-                  maxUnavailable defines either an integer number or percentage
+                    maxUnavailable defines either an integer number or percentage
-                  of nodes in the pool that can go Unavailable during an update.
+                    of nodes in the pool that can go Unavailable during an update.
 
 
-                  A value larger than 1 will mean multiple nodes going unavailable during
+                    A value larger than 1 will mean multiple nodes going unavailable during
-                  the update, which may affect your workload stress on the remaining nodes.
+                    the update, which may affect your workload stress on the remaining nodes.
-                  Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards,
+                    Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards,
-                  even if maxUnavailable is greater than one.
+                    even if maxUnavailable is greater than one.
-                x-kubernetes-int-or-string: true
+                  x-kubernetes-int-or-string: true
-              nodeSelector:
+                nodeSelector:
-                description: nodeSelector specifies a label selector for Nodes
+                  description: nodeSelector specifies a label selector for Nodes
-                properties:
+                  properties:
-                  matchExpressions:
+                    matchExpressions:
-                    description: matchExpressions is a list of label selector requirements.
+                      description: matchExpressions is a list of label selector requirements.
-                      The requirements are ANDed.
+                        The requirements are ANDed.
-                    items:
+                      items:
-                      description: |-
+                        description: |-
-                        A label selector requirement is a selector that contains values, a key, and an operator that
+                          A label selector requirement is a selector that contains values, a key, and an operator that
-                        relates the key and values.
+                          relates the key and values.
-                      properties:
+                        properties:
-                        key:
+                          key:
-                          description: key is the label key that the selector applies
+                            description: key is the label key that the selector applies
-                            to.
+                              to.
-                          type: string
-                        operator:
-                          description: |-
-                            operator represents a key's relationship to a set of values.
-                            Valid operators are In, NotIn, Exists and DoesNotExist.
-                          type: string
-                        values:
-                          description: |-
-                            values is an array of string values. If the operator is In or NotIn,
-                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
-                            the values array must be empty. This array is replaced during a strategic
-                            merge patch.
-                          items:
                             type: string
-                          type: array
+                          operator:
-                      required:
+                            description: |-
-                      - key
+                              operator represents a key's relationship to a set of values.
-                      - operator
+                              Valid operators are In, NotIn, Exists and DoesNotExist.
+                            type: string
+                          values:
+                            description: |-
+                              values is an array of string values. If the operator is In or NotIn,
+                              the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                              the values array must be empty. This array is replaced during a strategic
+                              merge patch.
+                            items:
+                              type: string
+                            type: array
+                        required:
+                          - key
+                          - operator
+                        type: object
+                      type: array
+                    matchLabels:
+                      additionalProperties:
+                        type: string
+                      description: |-
+                        matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                        map is equivalent to an element of matchExpressions, whose key field is "key", the
+                        operator is "In", and the values array contains only "value". The requirements are ANDed.
                       type: object
-                    type: array
+                  type: object
-                  matchLabels:
+                  x-kubernetes-map-type: atomic
-                    additionalProperties:
+                ovsHardwareOffloadConfig:
+                  description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
+                    for selected Nodes
+                  properties:
+                    name:
+                      description: |-
+                        Name is mandatory and must be unique.
+                        On Kubernetes:
+                        Name is the name of OvsHardwareOffloadConfig
+                        On OpenShift:
+                        Name is the name of MachineConfigPool to be enabled with OVS hardware offload
                       type: string
-                    description: |-
+                  type: object
-                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                rdmaMode:
-                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                  description: RDMA subsystem. Allowed value "shared", "exclusive".
-                      operator is "In", and the values array contains only "value". The requirements are ANDed.
+                  enum:
-                    type: object
+                    - shared
-                type: object
+                    - exclusive
-                x-kubernetes-map-type: atomic
+                  type: string
-              ovsHardwareOffloadConfig:
+              type: object
-                description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
+            status:
-                  for selected Nodes
+              description: SriovNetworkPoolConfigStatus defines the observed state of
-                properties:
+                SriovNetworkPoolConfig
-                  name:
+              type: object
-                    description: |-
+          type: object
-                      Name is mandatory and must be unique.
+      served: true
-                      On Kubernetes:
+      storage: true
-                      Name is the name of OvsHardwareOffloadConfig
+      subresources:
-                      On OpenShift:
+        status: {}
-                      Name is the name of MachineConfigPool to be enabled with OVS hardware offload
-                    type: string
-                type: object
-            type: object
-          status:
-            description: SriovNetworkPoolConfigStatus defines the observed state of
-              SriovNetworkPoolConfig
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworks.yaml

@@ -14,123 +14,123 @@ spec:
     singular: sriovnetwork
   scope: Namespaced
   versions:
-  - name: v1
+    - name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: SriovNetwork is the Schema for the sriovnetworks API
+          description: SriovNetwork is the Schema for the sriovnetworks API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: SriovNetworkSpec defines the desired state of SriovNetwork
+              description: SriovNetworkSpec defines the desired state of SriovNetwork
-            properties:
+              properties:
-              capabilities:
+                capabilities:
-                description: |-
+                  description: |-
-                  Capabilities to be configured for this network.
+                    Capabilities to be configured for this network.
-                  Capabilities supported: (mac|ips), e.g. '{"mac": true}'
+                    Capabilities supported: (mac|ips), e.g. '{"mac": true}'
-                type: string
+                  type: string
-              ipam:
+                ipam:
-                description: IPAM configuration to be used for this network.
+                  description: IPAM configuration to be used for this network.
-                type: string
+                  type: string
-              linkState:
+                linkState:
-                description: VF link state (enable|disable|auto)
+                  description: VF link state (enable|disable|auto)
-                enum:
+                  enum:
-                - auto
+                    - auto
-                - enable
+                    - enable
-                - disable
+                    - disable
-                type: string
+                  type: string
-              logFile:
+                logFile:
-                description: |-
+                  description: |-
-                  LogFile sets the log file of the SRIOV CNI plugin logs. If unset (default), this will log to stderr and thus
+                    LogFile sets the log file of the SRIOV CNI plugin logs. If unset (default), this will log to stderr and thus
-                  to multus and container runtime logs.
+                    to multus and container runtime logs.
-                type: string
+                  type: string
-              logLevel:
+                logLevel:
-                default: info
+                  default: info
-                description: |-
+                  description: |-
-                  LogLevel sets the log level of the SRIOV CNI plugin - either of panic, error, warning, info, debug. Defaults
+                    LogLevel sets the log level of the SRIOV CNI plugin - either of panic, error, warning, info, debug. Defaults
-                  to info if left blank.
+                    to info if left blank.
-                enum:
+                  enum:
-                - panic
+                    - panic
-                - error
+                    - error
-                - warning
+                    - warning
-                - info
+                    - info
-                - debug
+                    - debug
-                - ""
+                    - ""
-                type: string
+                  type: string
-              maxTxRate:
+                maxTxRate:
-                description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
+                  description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
-                  rate limiting)
+                    rate limiting)
-                minimum: 0
+                  minimum: 0
-                type: integer
+                  type: integer
-              metaPlugins:
+                metaPlugins:
-                description: |-
+                  description: |-
-                  MetaPluginsConfig configuration to be used in order to chain metaplugins to the sriov interface returned
+                    MetaPluginsConfig configuration to be used in order to chain metaplugins to the sriov interface returned
-                  by the operator.
+                    by the operator.
-                type: string
+                  type: string
-              minTxRate:
+                minTxRate:
-                description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
+                  description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
-                  rate limiting). min_tx_rate should be <= max_tx_rate.
+                    rate limiting). min_tx_rate should be <= max_tx_rate.
-                minimum: 0
+                  minimum: 0
-                type: integer
+                  type: integer
-              networkNamespace:
+                networkNamespace:
-                description: Namespace of the NetworkAttachmentDefinition custom resource
+                  description: Namespace of the NetworkAttachmentDefinition custom resource
-                type: string
+                  type: string
-              resourceName:
+                resourceName:
-                description: SRIOV Network device plugin endpoint resource name
+                  description: SRIOV Network device plugin endpoint resource name
-                type: string
+                  type: string
-              spoofChk:
+                spoofChk:
-                description: VF spoof check, (on|off)
+                  description: VF spoof check, (on|off)
-                enum:
+                  enum:
-                - "on"
+                    - "on"
-                - "off"
+                    - "off"
-                type: string
+                  type: string
-              trust:
+                trust:
-                description: VF trust mode (on|off)
+                  description: VF trust mode (on|off)
-                enum:
+                  enum:
-                - "on"
+                    - "on"
-                - "off"
+                    - "off"
-                type: string
+                  type: string
-              vlan:
+                vlan:
-                description: VLAN ID to assign for the VF. Defaults to 0.
+                  description: VLAN ID to assign for the VF. Defaults to 0.
-                maximum: 4096
+                  maximum: 4096
-                minimum: 0
+                  minimum: 0
-                type: integer
+                  type: integer
-              vlanProto:
+                vlanProto:
-                description: VLAN proto to assign for the VF. Defaults to 802.1q.
+                  description: VLAN proto to assign for the VF. Defaults to 802.1q.
-                enum:
+                  enum:
-                - 802.1q
+                    - 802.1q
-                - 802.1Q
+                    - 802.1Q
-                - 802.1ad
+                    - 802.1ad
-                - 802.1AD
+                    - 802.1AD
-                type: string
+                  type: string
-              vlanQoS:
+                vlanQoS:
-                description: VLAN QoS ID to assign for the VF. Defaults to 0.
+                  description: VLAN QoS ID to assign for the VF. Defaults to 0.
-                maximum: 7
+                  maximum: 7
-                minimum: 0
+                  minimum: 0
-                type: integer
+                  type: integer
-            required:
+              required:
-            - resourceName
+                - resourceName
-            type: object
+              type: object
-          status:
+            status:
-            description: SriovNetworkStatus defines the observed state of SriovNetwork
+              description: SriovNetworkStatus defines the observed state of SriovNetwork
-            type: object
+              type: object
-        type: object
+          type: object
-    served: true
+      served: true
-    storage: true
+      storage: true
-    subresources:
+      subresources:
-      status: {}
+        status: {}

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml

@@ -14,101 +14,101 @@ spec:
     singular: sriovoperatorconfig
   scope: Namespaced
   versions:
-  - name: v1
+    - name: v1
-    schema:
+      schema:
-      openAPIV3Schema:
+        openAPIV3Schema:
-        description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
+          description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
-          API
+            API
-        properties:
+          properties:
-          apiVersion:
+            apiVersion:
-            description: |-
+              description: |-
-              APIVersion defines the versioned schema of this representation of an object.
+                APIVersion defines the versioned schema of this representation of an object.
-              Servers should convert recognized schemas to the latest internal value, and
+                Servers should convert recognized schemas to the latest internal value, and
-              may reject unrecognized values.
+                may reject unrecognized values.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
-            type: string
+              type: string
-          kind:
+            kind:
-            description: |-
+              description: |-
-              Kind is a string value representing the REST resource this object represents.
+                Kind is a string value representing the REST resource this object represents.
-              Servers may infer this from the endpoint the client submits requests to.
+                Servers may infer this from the endpoint the client submits requests to.
-              Cannot be updated.
+                Cannot be updated.
-              In CamelCase.
+                In CamelCase.
-              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-            type: string
+              type: string
-          metadata:
+            metadata:
-            type: object
+              type: object
-          spec:
+            spec:
-            description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
+              description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
-            properties:
+              properties:
-              configDaemonNodeSelector:
+                configDaemonNodeSelector:
-                additionalProperties:
+                  additionalProperties:
-                  type: string
+                    type: string
-                description: NodeSelector selects the nodes to be configured
+                  description: NodeSelector selects the nodes to be configured
-                type: object
+                  type: object
-              configurationMode:
+                configurationMode:
-                description: |-
+                  description: |-
-                  Flag to enable the sriov-network-config-daemon to use a systemd service to configure SR-IOV devices on boot
+                    Flag to enable the sriov-network-config-daemon to use a systemd service to configure SR-IOV devices on boot
-                  Default mode: daemon
+                    Default mode: daemon
-                enum:
-                - daemon
-                - systemd
-                type: string
-              disableDrain:
-                description: Flag to disable nodes drain during debugging
-                type: boolean
-              disablePlugins:
-                description: DisablePlugins is a list of sriov-network-config-daemon
-                  plugins to disable
-                items:
-                  description: PluginNameValue defines the plugin name
                   enum:
-                  - mellanox
+                    - daemon
+                    - systemd
                   type: string
-                type: array
+                disableDrain:
-              enableInjector:
+                  description: Flag to disable nodes drain during debugging
-                description: Flag to control whether the network resource injector
-                  webhook shall be deployed
-                type: boolean
-              enableOperatorWebhook:
-                description: Flag to control whether the operator admission controller
-                  webhook shall be deployed
-                type: boolean
-              enableOvsOffload:
-                description: Flag to enable OVS hardware offload. Set to 'true' to
-                  provision switchdev-configuration.service and enable OpenvSwitch
-                  hw-offload on nodes.
-                type: boolean
-              featureGates:
-                additionalProperties:
                   type: boolean
-                description: FeatureGates to enable experimental features
+                disablePlugins:
-                type: object
+                  description: DisablePlugins is a list of sriov-network-config-daemon
-              logLevel:
+                    plugins to disable
-                description: Flag to control the log verbose level of the operator.
+                  items:
-                  Set to '0' to show only the basic logs. And set to '2' to show all
+                    description: PluginNameValue defines the plugin name
-                  the available logs.
+                    enum:
-                maximum: 2
+                      - mellanox
-                minimum: 0
+                    type: string
-                type: integer
+                  type: array
-              useCDI:
+                enableInjector:
-                description: Flag to enable Container Device Interface mode for SR-IOV
+                  description: Flag to control whether the network resource injector
-                  Network Device Plugin
+                    webhook shall be deployed
-                type: boolean
+                  type: boolean
-            type: object
+                enableOperatorWebhook:
-          status:
+                  description: Flag to control whether the operator admission controller
-            description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
+                    webhook shall be deployed
-            properties:
+                  type: boolean
-              injector:
+                enableOvsOffload:
-                description: Show the runtime status of the network resource injector
+                  description: Flag to enable OVS hardware offload. Set to 'true' to
-                  webhook
+                    provision switchdev-configuration.service and enable OpenvSwitch
-                type: string
+                    hw-offload on nodes.
-              operatorWebhook:
+                  type: boolean
-                description: Show the runtime status of the operator admission controller
+                featureGates:
-                  webhook
+                  additionalProperties:
-                type: string
+                    type: boolean
-            type: object
+                  description: FeatureGates to enable experimental features
-        type: object
+                  type: object
-    served: true
+                logLevel:
-    storage: true
+                  description: Flag to control the log verbose level of the operator.
-    subresources:
+                    Set to '0' to show only the basic logs. And set to '2' to show all
-      status: {}
+                    the available logs.
+                  maximum: 2
+                  minimum: 0
+                  type: integer
+                useCDI:
+                  description: Flag to enable Container Device Interface mode for SR-IOV
+                    Network Device Plugin
+                  type: boolean
+              type: object
+            status:
+              description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
+              properties:
+                injector:
+                  description: Show the runtime status of the network resource injector
+                    webhook
+                  type: string
+                operatorWebhook:
+                  description: Show the runtime status of the operator admission controller
+                    webhook
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}

sriov-network-operator-chart/.checks_helm.yaml

@@ -1,10 +1,2 @@
 extra_apis:
-    - k8s.cni.cncf.io/v1/NetworkAttachmentDefinition
+    - k8s.cni.cncf.io/v1/NetworkAttachmentDefinition
-image_exceptions:
-    - rancher/hardened-sriov-network-operator
-    - rancher/hardened-sriov-network-config-daemon
-    - rancher/hardened-sriov-cni
-    - rancher/hardened-ib-sriov-cni
-    - rancher/hardened-sriov-network-device-plugin
-    - rancher/hardened-sriov-network-resources-injector
-    - rancher/hardened-sriov-network-webhook