Skip to content

[release-4.21] OCPBUGS-69722: use CAPZ to provision ssh rule#10172

Merged
openshift-merge-bot[bot] merged 1 commit into
openshift:release-4.21from
openshift-cherrypick-robot:cherry-pick-10162-to-release-4.21
Dec 18, 2025
Merged

[release-4.21] OCPBUGS-69722: use CAPZ to provision ssh rule#10172
openshift-merge-bot[bot] merged 1 commit into
openshift:release-4.21from
openshift-cherrypick-robot:cherry-pick-10162-to-release-4.21

Conversation

@openshift-cherrypick-robot
Copy link
Copy Markdown

@openshift-cherrypick-robot openshift-cherrypick-robot commented Dec 18, 2025

This is an automated cherry-pick of #10162

/assign patrickdillon

@patrickdillon
OCPBUGS-64775: use CAPZ to provision ssh rule
5ecb7ff 
A change to CAPZ[0], creates an SSH rule if one is not specified in
the cluster spec. Prior to this commit, we had been creating the
SSH rule with installer SDK hooks, which is still somewhat necessary
to add the inbound NAT rules, because we are not yet using CAPZ
to provision a public load balancer.

But we can use CAPZ to just create the rule, which will stop CAPZ
from preventing a redundant SSH rule which we were leaking during
bootstrap destroy.

This change will also result in creating an SSH rule for private clusters
which is fine, and something we do on other providers.

0: kubernetes-sigs/cluster-api-provider-azure#5525
@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Dec 18, 2025
Merged
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Dec 18, 2025

@openshift-cherrypick-robot: Jira Issue OCPBUGS-64775 has been cloned as Jira Issue OCPBUGS-69722. Will retitle bug to link to clone.
/retitle [release-4.21] OCPBUGS-69722: use CAPZ to provision ssh rule

Details

In response to this:

This is an automated cherry-pick of #10162

/assign patrickdillon

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci Bot changed the title [release-4.21] OCPBUGS-64775: use CAPZ to provision ssh rule [release-4.21] OCPBUGS-69722: use CAPZ to provision ssh rule Dec 18, 2025
@openshift-ci-robot openshift-ci-robot added jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Dec 18, 2025
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Dec 18, 2025

@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-69722, which is invalid:

  • release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

This is an automated cherry-pick of #10162

/assign patrickdillon

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci Bot requested review from jhixson74 and rna-afk December 18, 2025 00:56
@jinyunma
Copy link
Copy Markdown
Contributor

jinyunma commented Dec 18, 2025

/jira refresh

@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Dec 18, 2025
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Dec 18, 2025

@jinyunma: This pull request references Jira Issue OCPBUGS-69722, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.21.0) matches configured target version for branch (4.21.0)
  • bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
  • release note type set to "Release Note Not Required"
  • dependent bug Jira Issue OCPBUGS-64775 is in the state MODIFIED, which is one of the valid states (MODIFIED, ON_QA, VERIFIED)
  • dependent Jira Issue OCPBUGS-64775 targets the "4.22.0" version, which is one of the valid target versions: 4.22.0
  • bug has dependents

Requesting review from QA contact:
/cc @jinyunma

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci Bot requested a review from jinyunma December 18, 2025 01:17
tthvo
tthvo reviewed Dec 18, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@tthvo tthvo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Dec 18, 2025
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Dec 18, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tthvo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 18, 2025
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Dec 18, 2025

@openshift-cherrypick-robot: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/azure-ovn-marketplace-images 5ecb7ff link false /test azure-ovn-marketplace-images
ci/prow/e2e-azurestack 5ecb7ff link false /test e2e-azurestack
ci/prow/e2e-azure-ovn-shared-vpc 5ecb7ff link false /test e2e-azure-ovn-shared-vpc

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@tthvo
Copy link
Copy Markdown
Member

tthvo commented Dec 18, 2025

/cc @sadasu

@openshift-ci openshift-ci Bot requested a review from sadasu December 18, 2025 06:07
@jinyunma
Copy link
Copy Markdown
Contributor

jinyunma commented Dec 18, 2025
edited
Loading

Both public cluster and private cluster installation passed, and only one ssh rule is created for public cluster, deleted when destroying bootstrap.
/verified by CI

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Dec 18, 2025
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Dec 18, 2025

@jinyunma: This PR has been marked as verified by CI.

Details

In response to this:

Both public cluster and private cluster installation passed.
/verified by CI

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@sadasu
Copy link
Copy Markdown
Contributor

sadasu commented Dec 18, 2025

/label backport-risk-assessed

@openshift-ci openshift-ci Bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Dec 18, 2025
@openshift-merge-bot openshift-merge-bot Bot merged commit 061076a into openshift:release-4.21 Dec 18, 2025
16 of 19 checks passed
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Dec 18, 2025

@openshift-cherrypick-robot: Jira Issue Verification Checks: Jira Issue OCPBUGS-69722
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-69722 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

This is an automated cherry-pick of #10162

/assign patrickdillon

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-merge-robot
Copy link
Copy Markdown
Contributor

openshift-merge-robot commented Dec 21, 2025

Fix included in accepted release 4.21.0-0.nightly-2025-12-21-094231

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jhixson74 jhixson74 Awaiting requested review from jhixson74

@rna-afk rna-afk Awaiting requested review from rna-afk

@jinyunma jinyunma Awaiting requested review from jinyunma

@sadasu sadasu Awaiting requested review from sadasu

1 more reviewer

@tthvo tthvo tthvo left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@patrickdillon patrickdillon

@tthvo tthvo

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@openshift-cherrypick-robot @openshift-ci-robot @jinyunma @tthvo @sadasu @openshift-merge-robot @patrickdillon