From 095ccbbef1a03d74f683e6eebcc0fbe4cfb29135 Mon Sep 17 00:00:00 2001 From: Grzegorz Bialas Date: Fri, 27 Jun 2025 15:34:34 +0200 Subject: [PATCH 1/3] adding rl9.6 --- etc/kayobe/kolla/kolla-build.conf | 11 +++++++- etc/kayobe/pulp-repo-versions.yml | 19 ++++++++++---- etc/kayobe/pulp.yml | 4 +-- etc/kayobe/trivy/allowed-vulnerabilities.yml | 25 +++++++++++++++++++ .../notes/rl9.6-f46ea1230214a657.yaml | 8 ++++++ 5 files changed, 59 insertions(+), 8 deletions(-) create mode 100644 releasenotes/notes/rl9.6-f46ea1230214a657.yaml diff --git a/etc/kayobe/kolla/kolla-build.conf b/etc/kayobe/kolla/kolla-build.conf index 95562f5c0..35373c019 100644 --- a/etc/kayobe/kolla/kolla-build.conf +++ b/etc/kayobe/kolla/kolla-build.conf @@ -15,4 +15,13 @@ build_args = {{ (kolla_build_args | default({})).items() | map('join', ':') | jo [openstack-base] type = git location = https://github.com/stackhpc/requirements -reference = stackhpc/{{ openstack_release }} +#reference = stackhpc/{{ openstack_release }} +reference = rl9.6 + +[etcd] +version = 3.5.21 +sha256 = amd64:adddda4b06718e68671ffabff2f8cee48488ba61ad82900e639d108f2148501c,arm64:95bf6918623a097c0385b96f139d90248614485e781ec9bee4768dbb6c79c53f + +[letsencrypt-lego] +version = v4.23.1 +sha256 = amd64:1fd60b1fd59c239bed22719a5de402cb745d1f933540cb1ec196e2c03e6e8882,arm64:1114745108343286d4bff189b4bdee3cba9d07ebcacc673860d91ab951d31e0d \ No newline at end of file diff --git a/etc/kayobe/pulp-repo-versions.yml b/etc/kayobe/pulp-repo-versions.yml index e2636862b..b9aebc40e 100644 --- a/etc/kayobe/pulp-repo-versions.yml +++ b/etc/kayobe/pulp-repo-versions.yml @@ -9,11 +9,11 @@ stackhpc_pulp_repo_centos_stream_9_storage_ceph_reef_version: 20240923T233036 stackhpc_pulp_repo_ceph_reef_debian_version: 20240925T152022 stackhpc_pulp_repo_docker_ce_ubuntu_jammy_version: 20241218T154614 stackhpc_pulp_repo_docker_ce_ubuntu_noble_version: 20250401T001425 -stackhpc_pulp_repo_elrepo_9_version: 20241129T235743 -stackhpc_pulp_repo_epel_9_version: 20241216T235733 -stackhpc_pulp_repo_grafana_version: 20241216T002739 -stackhpc_pulp_repo_opensearch_2_x_version: 20241106T010702 -stackhpc_pulp_repo_opensearch_dashboards_2_x_version: 20241106T010702 +stackhpc_pulp_repo_elrepo_9_version: 20250610T235426 +stackhpc_pulp_repo_epel_9_version: 20250615T000221 +stackhpc_pulp_repo_grafana_version: 20250615T005738 +stackhpc_pulp_repo_opensearch_2_x_version: 20250430T014638 +stackhpc_pulp_repo_opensearch_dashboards_2_x_version: 20250430T014638 stackhpc_pulp_repo_rhel9_rabbitmq_erlang_version: 20241217T002152 stackhpc_pulp_repo_rhel9_rabbitmq_server_version: 20241217T002152 stackhpc_pulp_repo_rhel_9_influxdb_version: 20241217T002152 @@ -47,6 +47,11 @@ stackhpc_pulp_repo_rocky_9_5_crb_version: 20241217T005008 stackhpc_pulp_repo_rocky_9_5_extras_version: 20241216T004230 stackhpc_pulp_repo_rocky_9_5_highavailability_version: 20241202T003154 stackhpc_pulp_repo_rocky_9_sig_security_common_version: 20241127T003858 +stackhpc_pulp_repo_rocky_9_6_appstream_version: 20250614T015933 +stackhpc_pulp_repo_rocky_9_6_baseos_version: 20250614T030644 +stackhpc_pulp_repo_rocky_9_6_crb_version: 20250614T015933 +stackhpc_pulp_repo_rocky_9_6_extras_version: 20250605T150141 +stackhpc_pulp_repo_rocky_9_6_highavailability_version: 20250605T150141 stackhpc_pulp_repo_ubuntu_cloud_archive_version: 20250416T042645 stackhpc_pulp_repo_ubuntu_jammy_security_version: 20250417T070229 stackhpc_pulp_repo_ubuntu_jammy_version: 20250417T070229 @@ -56,3 +61,7 @@ stackhpc_pulp_repo_rhel_9_4_doca_version: 20241211T153620 stackhpc_pulp_repo_rhel_9_4_doca_modules_version: 20241213T112245 stackhpc_pulp_repo_rhel_9_5_doca_version: 20241211T171301 stackhpc_pulp_repo_rhel_9_5_doca_modules_version: 20250115T150314 +##### NOTE: Dummy variables, currently no RL9.6 DOCA +stackhpc_pulp_repo_rhel_9_6_doca_modules_version: 00000000T000000 +stackhpc_pulp_repo_rhel_9_6_doca_version: 00000000T000000 +###### diff --git a/etc/kayobe/pulp.yml b/etc/kayobe/pulp.yml index 2397bd20e..634d573f0 100644 --- a/etc/kayobe/pulp.yml +++ b/etc/kayobe/pulp.yml @@ -242,8 +242,8 @@ stackhpc_pulp_distribution_deb_production: >- # Whether to sync Rocky Linux 9 packages. stackhpc_pulp_sync_rocky_9: "{{ os_distribution == 'rocky' }}" -# Rocky 9 minor version number. Supported values: 1, 2, 3, 4, 5. Default is 5 -stackhpc_pulp_repo_rocky_9_minor_version: 5 +# Rocky 9 minor version number. Supported values: 1, 2, 3, 4, 5, 6. Default is 6 +stackhpc_pulp_repo_rocky_9_minor_version: 6 # Rocky 9 Snapshot versions. The defaults use the appropriate version from # pulp-repo-versions.yml for the selected minor release. stackhpc_pulp_repo_rocky_9_appstream_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_9_%s_appstream_version' % stackhpc_pulp_repo_rocky_9_minor_version) }}" diff --git a/etc/kayobe/trivy/allowed-vulnerabilities.yml b/etc/kayobe/trivy/allowed-vulnerabilities.yml index 11356a930..11084cc88 100644 --- a/etc/kayobe/trivy/allowed-vulnerabilities.yml +++ b/etc/kayobe/trivy/allowed-vulnerabilities.yml @@ -18,6 +18,31 @@ grafana_allowed_vulnerabilities: - CVE-2024-8986 skyline_apiserver_allowed_vulnerabilities: - CVE-2024-33663 +influxdb_allowed_vulnerabilities: + - CVE-2024-45337 +magnum_conductor_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_blackbox_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_memcached_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_mysqld_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_elasticsearch_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_node_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_openstack_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_libvirt_exporter_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_cadvisor_allowed_vulnerabilities: + - CVE-2024-41110 + - CVE-2024-45337 +prometheus_msteams_allowed_vulnerabilities: + - CVE-2024-45337 +prometheus_v2_server_allowed_vulnerabilities: + - CVE-2024-45337 ############################################################################### # Dummy variable to allow Ansible to accept this file. diff --git a/releasenotes/notes/rl9.6-f46ea1230214a657.yaml b/releasenotes/notes/rl9.6-f46ea1230214a657.yaml new file mode 100644 index 000000000..3213dd820 --- /dev/null +++ b/releasenotes/notes/rl9.6-f46ea1230214a657.yaml @@ -0,0 +1,8 @@ +--- +features: + - | + Added support for Rocky Linux 9.6, including host packages and a full + container image refresh. +upgrade: + - | + 9.6 is now the default release for Rocky Linux. From 12d983431f3e865ab740044f3a067c6ad2eae0b8 Mon Sep 17 00:00:00 2001 From: Seunghun Lee Date: Tue, 10 Jun 2025 14:27:08 +0100 Subject: [PATCH 2/3] backporting skyline disable --- .../environments/ci-builder/stackhpc-ci.yml | 1 - etc/kayobe/kolla-image-tags.yml | 27 ++----------------- etc/kayobe/kolla/kolla-build.conf | 3 +-- etc/kayobe/pulp.yml | 2 -- etc/kayobe/trivy/allowed-vulnerabilities.yml | 2 -- ...drop-skyline-support-31d683f58f125335.yaml | 4 +++ ...ble-building-skyline-61a41c13cfcd54a1.yaml | 5 ---- 7 files changed, 7 insertions(+), 37 deletions(-) create mode 100644 releasenotes/notes/drop-skyline-support-31d683f58f125335.yaml delete mode 100644 releasenotes/notes/enable-building-skyline-61a41c13cfcd54a1.yaml diff --git a/etc/kayobe/environments/ci-builder/stackhpc-ci.yml b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml index e67a472c4..103d797e1 100644 --- a/etc/kayobe/environments/ci-builder/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml @@ -29,7 +29,6 @@ kolla_enable_octavia: true kolla_enable_opensearch: true kolla_enable_prometheus: true kolla_enable_redis: true -kolla_enable_skyline: true kolla_build_neutron_ovs: true ############################################################################### diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml index 45de13c17..06c2cbe49 100644 --- a/etc/kayobe/kolla-image-tags.yml +++ b/etc/kayobe/kolla-image-tags.yml @@ -4,74 +4,51 @@ # where the key is the OS distro and the value is the tag to deploy. kolla_image_tags: openstack: - rocky-9: 2024.1-rocky-9-20241218T141751 + rocky-9: 2024.1-rocky-9-20250704T120124 ubuntu-jammy: 2024.1-ubuntu-jammy-20241218T141809 ubuntu-noble: 2024.1-ubuntu-noble-20250404T150323 bifrost: - rocky-9: 2024.1-rocky-9-20250325T141125 ubuntu-jammy: 2024.1-ubuntu-jammy-20250325T141125 glance: - rocky-9: 2024.1-rocky-9-20250213T103134 ubuntu-jammy: 2024.1-ubuntu-jammy-20250213T103134 horizon: - rocky-9: 2024.1-rocky-9-20250227T091118 ubuntu-jammy: 2024.1-ubuntu-jammy-20250227T091118 ironic: - rocky-9: 2024.1-rocky-9-20250213T110505 ubuntu-jammy: 2024.1-ubuntu-jammy-20250213T110505 ironic_dnsmasq: - rocky-9: 2024.1-rocky-9-20241218T141751 ubuntu-jammy: 2024.1-ubuntu-jammy-20241218T141809 ironic_prometheus_exporter: - rocky-9: 2024.1-rocky-9-20250124T081816 ubuntu-jammy: 2024.1-ubuntu-jammy-20250124T081816 kolla_toolbox: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 magnum: - rocky-9: 2024.1-rocky-9-20250522T143506 ubuntu-jammy: 2024.1-ubuntu-jammy-20250522T143506 ubuntu-noble: 2024.1-ubuntu-noble-20250522T143506 manila: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 neutron: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 neutron_bgp_dragent: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 nova: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 octavia: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 openvswitch: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 ovn: - rocky-9: 2024.1-rocky-9-20250529T081147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250529T081147 ubuntu-noble: 2024.1-ubuntu-noble-20250529T081147 prometheus: rocky-9: 2024.1-rocky-9-20250219T145255 ubuntu-jammy: 2024.1-ubuntu-jammy-20250219T145255 prometheus_alertmanager: - rocky-9: 2024.1-rocky-9-20250422T103147 ubuntu-jammy: 2024.1-ubuntu-jammy-20250422T103147 - skyline_apiserver: - rocky-9: 2024.1-rocky-9-20250408T133253 - ubuntu-jammy: 2024.1-ubuntu-jammy-20250408T133253 - ubuntu-noble: 2024.1-ubuntu-noble-20250415T123136 - skyline_console: - rocky-9: 2024.1-rocky-9-20250408T133253 - ubuntu-jammy: 2024.1-ubuntu-jammy-20250408T133253 - ubuntu-noble: 2024.1-ubuntu-noble-20250415T123136 + diff --git a/etc/kayobe/kolla/kolla-build.conf b/etc/kayobe/kolla/kolla-build.conf index 35373c019..ea3b25473 100644 --- a/etc/kayobe/kolla/kolla-build.conf +++ b/etc/kayobe/kolla/kolla-build.conf @@ -15,8 +15,7 @@ build_args = {{ (kolla_build_args | default({})).items() | map('join', ':') | jo [openstack-base] type = git location = https://github.com/stackhpc/requirements -#reference = stackhpc/{{ openstack_release }} -reference = rl9.6 +reference = stackhpc/{{ openstack_release }} [etcd] version = 3.5.21 diff --git a/etc/kayobe/pulp.yml b/etc/kayobe/pulp.yml index 634d573f0..4fd521761 100644 --- a/etc/kayobe/pulp.yml +++ b/etc/kayobe/pulp.yml @@ -585,8 +585,6 @@ stackhpc_pulp_images_kolla: - rabbitmq - redis - redis-sentinel - - skyline-apiserver - - skyline-console # List of images for each base distribution which should not/cannot be built. stackhpc_kolla_unbuildable_images: diff --git a/etc/kayobe/trivy/allowed-vulnerabilities.yml b/etc/kayobe/trivy/allowed-vulnerabilities.yml index 11084cc88..579ed3194 100644 --- a/etc/kayobe/trivy/allowed-vulnerabilities.yml +++ b/etc/kayobe/trivy/allowed-vulnerabilities.yml @@ -16,8 +16,6 @@ fluentd_allowed_vulnerabilities: - CVE-2024-27280 grafana_allowed_vulnerabilities: - CVE-2024-8986 -skyline_apiserver_allowed_vulnerabilities: - - CVE-2024-33663 influxdb_allowed_vulnerabilities: - CVE-2024-45337 magnum_conductor_allowed_vulnerabilities: diff --git a/releasenotes/notes/drop-skyline-support-31d683f58f125335.yaml b/releasenotes/notes/drop-skyline-support-31d683f58f125335.yaml new file mode 100644 index 000000000..60541ce0c --- /dev/null +++ b/releasenotes/notes/drop-skyline-support-31d683f58f125335.yaml @@ -0,0 +1,4 @@ +--- +deprecations: + - | + Disabled building of Kolla container images for Skyline diff --git a/releasenotes/notes/enable-building-skyline-61a41c13cfcd54a1.yaml b/releasenotes/notes/enable-building-skyline-61a41c13cfcd54a1.yaml deleted file mode 100644 index 681c338e6..000000000 --- a/releasenotes/notes/enable-building-skyline-61a41c13cfcd54a1.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - | - Enable building of ``Skyline`` an alternative to ``Horizon``. - From a3cbe389fc91a1127237f7cb667e3aff5b114f99 Mon Sep 17 00:00:00 2001 From: Grzegorz Bialas Date: Fri, 4 Jul 2025 17:19:25 +0200 Subject: [PATCH 3/3] linter --- etc/kayobe/kolla-image-tags.yml | 1 - etc/kayobe/kolla/kolla-build.conf | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml index 06c2cbe49..0e9d06a83 100644 --- a/etc/kayobe/kolla-image-tags.yml +++ b/etc/kayobe/kolla-image-tags.yml @@ -51,4 +51,3 @@ kolla_image_tags: ubuntu-jammy: 2024.1-ubuntu-jammy-20250219T145255 prometheus_alertmanager: ubuntu-jammy: 2024.1-ubuntu-jammy-20250422T103147 - diff --git a/etc/kayobe/kolla/kolla-build.conf b/etc/kayobe/kolla/kolla-build.conf index ea3b25473..95692e5ef 100644 --- a/etc/kayobe/kolla/kolla-build.conf +++ b/etc/kayobe/kolla/kolla-build.conf @@ -23,4 +23,4 @@ sha256 = amd64:adddda4b06718e68671ffabff2f8cee48488ba61ad82900e639d108f2148501c, [letsencrypt-lego] version = v4.23.1 -sha256 = amd64:1fd60b1fd59c239bed22719a5de402cb745d1f933540cb1ec196e2c03e6e8882,arm64:1114745108343286d4bff189b4bdee3cba9d07ebcacc673860d91ab951d31e0d \ No newline at end of file +sha256 = amd64:1fd60b1fd59c239bed22719a5de402cb745d1f933540cb1ec196e2c03e6e8882,arm64:1114745108343286d4bff189b4bdee3cba9d07ebcacc673860d91ab951d31e0d