diff --git a/Dockerfile.rhel8 b/Dockerfile.rhel8 index a3ad938afdb..ed672f63e9b 100644 --- a/Dockerfile.rhel8 +++ b/Dockerfile.rhel8 @@ -17,6 +17,7 @@ COPY payload-manifests/crds/* /usr/share/bootkube/manifests/manifests # these are applied by the CVO COPY manifests /manifests COPY payload-manifests/crds/* /manifests +COPY payload-manifests/featuregates/* /manifests COPY payload-command/empty-resources /manifests LABEL io.openshift.release.operator true diff --git a/Makefile b/Makefile index 3155c683086..30ce998bd45 100644 --- a/Makefile +++ b/Makefile @@ -50,6 +50,7 @@ verify-scripts: bash -x hack/verify-group-versions.sh bash -x hack/verify-prerelease-lifecycle-gen.sh hack/verify-payload-crds.sh + hack/verify-payload-featuregates.sh .PHONY: verify verify: verify-scripts verify-crd-schema verify-codegen-crds @@ -77,7 +78,7 @@ verify-%: ################################################################################################ .PHONY: update-scripts -update-scripts: update-compatibility update-openapi update-deepcopy update-protobuf update-swagger-docs tests-vendor update-prerelease-lifecycle-gen update-payload-crds +update-scripts: update-compatibility update-openapi update-deepcopy update-protobuf update-swagger-docs tests-vendor update-prerelease-lifecycle-gen update-payload-crds update-payload-featuregates .PHONY: update-compatibility update-compatibility: @@ -107,6 +108,10 @@ update-prerelease-lifecycle-gen: update-payload-crds: hack/update-payload-crds.sh +.PHONY: update-payload-featuregates +update-payload-featuregates: + hack/update-payload-featuregates.sh + ##################### # # END: Update scripts diff --git a/hack/update-payload-featuregates.sh b/hack/update-payload-featuregates.sh new file mode 100755 index 00000000000..07fec70324c --- /dev/null +++ b/hack/update-payload-featuregates.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +source "$(dirname "${BASH_SOURCE}")/lib/init.sh" + +go run --mod=vendor -trimpath github.com/openshift/api/payload-command/cmd/write-available-featuresets --asset-output-dir=./payload-manifests/featuregates diff --git a/hack/verify-payload-featuregates.sh b/hack/verify-payload-featuregates.sh new file mode 100755 index 00000000000..24fb0fbdd1c --- /dev/null +++ b/hack/verify-payload-featuregates.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +source "$(dirname "${BASH_SOURCE}")/lib/init.sh" + +VERIFY_DIR=$(mktemp -d -t featuregates-verify-XXXXXX) + +go run --mod=vendor -trimpath github.com/openshift/api/payload-command/cmd/write-available-featuresets --asset-output-dir="${VERIFY_DIR}" + +diff -r "${VERIFY_DIR}" ./payload-manifests/featuregates + +rm -rf "${VERIFY_DIR}" diff --git a/payload-command/render/config.go b/payload-command/render/config.go index f2685989546..d98b39b45c3 100644 --- a/payload-command/render/config.go +++ b/payload-command/render/config.go @@ -1,6 +1,8 @@ package render import ( + "encoding/json" + configv1 "github.com/openshift/api/config/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/serializer" @@ -26,5 +28,20 @@ func readFeatureGateV1OrDie(objBytes []byte) *configv1.FeatureGate { } func writeFeatureGateV1OrDie(obj *configv1.FeatureGate) string { - return runtime.EncodeOrDie(configCodecs.LegacyCodec(configv1.SchemeGroupVersion), obj) + asMap, err := runtime.DefaultUnstructuredConverter.ToUnstructured(obj) + if err != nil { + panic(err) + } + if _, ok := asMap["apiVersion"]; !ok { + asMap["apiVersion"] = configv1.GroupVersion.Identifier() + } + if _, ok := asMap["kind"]; !ok { + asMap["kind"] = "FeatureGate" + } + + ret, err := json.MarshalIndent(asMap, "", " ") + if err != nil { + panic(err) + } + return string(ret) + "\n" } diff --git a/payload-manifests/featuregates/featureGate-CustomNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-CustomNoUpgrade.yaml new file mode 100644 index 00000000000..7484b3960f0 --- /dev/null +++ b/payload-manifests/featuregates/featureGate-CustomNoUpgrade.yaml @@ -0,0 +1,20 @@ +{ + "apiVersion": "config.openshift.io/v1", + "kind": "FeatureGate", + "metadata": { + "creationTimestamp": null, + "name": "cluster" + }, + "spec": { + "featureSet": "CustomNoUpgrade" + }, + "status": { + "featureGates": [ + { + "disabled": null, + "enabled": null, + "version": "" + } + ] + } +} diff --git a/payload-manifests/featuregates/featureGate-Default.yaml b/payload-manifests/featuregates/featureGate-Default.yaml new file mode 100644 index 00000000000..3dff66aa125 --- /dev/null +++ b/payload-manifests/featuregates/featureGate-Default.yaml @@ -0,0 +1,143 @@ +{ + "apiVersion": "config.openshift.io/v1", + "kind": "FeatureGate", + "metadata": { + "creationTimestamp": null, + "name": "cluster" + }, + "spec": {}, + "status": { + "featureGates": [ + { + "disabled": [ + { + "name": "AdminNetworkPolicy" + }, + { + "name": "AutomatedEtcdBackup" + }, + { + "name": "CSIDriverSharedResource" + }, + { + "name": "ClusterAPIInstall" + }, + { + "name": "DNSNameResolver" + }, + { + "name": "DisableKubeletCloudCredentialProviders" + }, + { + "name": "DynamicResourceAllocation" + }, + { + "name": "EventedPLEG" + }, + { + "name": "GCPClusterHostedDNS" + }, + { + "name": "GCPLabelsTags" + }, + { + "name": "GatewayAPI" + }, + { + "name": "InsightsConfigAPI" + }, + { + "name": "InstallAlternateInfrastructureAWS" + }, + { + "name": "MachineAPIOperatorDisableMachineHealthCheckController" + }, + { + "name": "MachineAPIProviderOpenStack" + }, + { + "name": "MachineConfigNodes" + }, + { + "name": "ManagedBootImages" + }, + { + "name": "MaxUnavailableStatefulSet" + }, + { + "name": "MetricsServer" + }, + { + "name": "MixedCPUsAllocation" + }, + { + "name": "NetworkLiveMigration" + }, + { + "name": "NodeSwap" + }, + { + "name": "OnClusterBuild" + }, + { + "name": "PinnedImages" + }, + { + "name": "RouteExternalCertificate" + }, + { + "name": "SignatureStores" + }, + { + "name": "SigstoreImageVerification" + }, + { + "name": "VSphereControlPlaneMachineSet" + }, + { + "name": "VSphereStaticIPs" + }, + { + "name": "ValidatingAdmissionPolicy" + } + ], + "enabled": [ + { + "name": "AlibabaPlatform" + }, + { + "name": "AzureWorkloadIdentity" + }, + { + "name": "BuildCSIVolumes" + }, + { + "name": "CloudDualStackNodeIPs" + }, + { + "name": "ExternalCloudProvider" + }, + { + "name": "ExternalCloudProviderAzure" + }, + { + "name": "ExternalCloudProviderExternal" + }, + { + "name": "ExternalCloudProviderGCP" + }, + { + "name": "KMSv1" + }, + { + "name": "OpenShiftPodSecurityAdmission" + }, + { + "name": "PrivateHostedZoneAWS" + } + ], + "version": "" + } + ] + } +} diff --git a/payload-manifests/featuregates/featureGate-LatencySensitive.yaml b/payload-manifests/featuregates/featureGate-LatencySensitive.yaml new file mode 100644 index 00000000000..fb594b5ada4 --- /dev/null +++ b/payload-manifests/featuregates/featureGate-LatencySensitive.yaml @@ -0,0 +1,145 @@ +{ + "apiVersion": "config.openshift.io/v1", + "kind": "FeatureGate", + "metadata": { + "creationTimestamp": null, + "name": "cluster" + }, + "spec": { + "featureSet": "LatencySensitive" + }, + "status": { + "featureGates": [ + { + "disabled": [ + { + "name": "AdminNetworkPolicy" + }, + { + "name": "AutomatedEtcdBackup" + }, + { + "name": "CSIDriverSharedResource" + }, + { + "name": "ClusterAPIInstall" + }, + { + "name": "DNSNameResolver" + }, + { + "name": "DisableKubeletCloudCredentialProviders" + }, + { + "name": "DynamicResourceAllocation" + }, + { + "name": "EventedPLEG" + }, + { + "name": "GCPClusterHostedDNS" + }, + { + "name": "GCPLabelsTags" + }, + { + "name": "GatewayAPI" + }, + { + "name": "InsightsConfigAPI" + }, + { + "name": "InstallAlternateInfrastructureAWS" + }, + { + "name": "MachineAPIOperatorDisableMachineHealthCheckController" + }, + { + "name": "MachineAPIProviderOpenStack" + }, + { + "name": "MachineConfigNodes" + }, + { + "name": "ManagedBootImages" + }, + { + "name": "MaxUnavailableStatefulSet" + }, + { + "name": "MetricsServer" + }, + { + "name": "MixedCPUsAllocation" + }, + { + "name": "NetworkLiveMigration" + }, + { + "name": "NodeSwap" + }, + { + "name": "OnClusterBuild" + }, + { + "name": "PinnedImages" + }, + { + "name": "RouteExternalCertificate" + }, + { + "name": "SignatureStores" + }, + { + "name": "SigstoreImageVerification" + }, + { + "name": "VSphereControlPlaneMachineSet" + }, + { + "name": "VSphereStaticIPs" + }, + { + "name": "ValidatingAdmissionPolicy" + } + ], + "enabled": [ + { + "name": "AlibabaPlatform" + }, + { + "name": "AzureWorkloadIdentity" + }, + { + "name": "BuildCSIVolumes" + }, + { + "name": "CloudDualStackNodeIPs" + }, + { + "name": "ExternalCloudProvider" + }, + { + "name": "ExternalCloudProviderAzure" + }, + { + "name": "ExternalCloudProviderExternal" + }, + { + "name": "ExternalCloudProviderGCP" + }, + { + "name": "KMSv1" + }, + { + "name": "OpenShiftPodSecurityAdmission" + }, + { + "name": "PrivateHostedZoneAWS" + } + ], + "version": "" + } + ] + } +} diff --git a/payload-manifests/featuregates/featureGate-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-TechPreviewNoUpgrade.yaml new file mode 100644 index 00000000000..1b23aff774e --- /dev/null +++ b/payload-manifests/featuregates/featureGate-TechPreviewNoUpgrade.yaml @@ -0,0 +1,145 @@ +{ + "apiVersion": "config.openshift.io/v1", + "kind": "FeatureGate", + "metadata": { + "creationTimestamp": null, + "name": "cluster" + }, + "spec": { + "featureSet": "TechPreviewNoUpgrade" + }, + "status": { + "featureGates": [ + { + "disabled": [ + { + "name": "ClusterAPIInstall" + }, + { + "name": "DisableKubeletCloudCredentialProviders" + }, + { + "name": "EventedPLEG" + }, + { + "name": "MachineAPIOperatorDisableMachineHealthCheckController" + } + ], + "enabled": [ + { + "name": "AdminNetworkPolicy" + }, + { + "name": "AlibabaPlatform" + }, + { + "name": "AutomatedEtcdBackup" + }, + { + "name": "AzureWorkloadIdentity" + }, + { + "name": "BuildCSIVolumes" + }, + { + "name": "CSIDriverSharedResource" + }, + { + "name": "CloudDualStackNodeIPs" + }, + { + "name": "DNSNameResolver" + }, + { + "name": "DynamicResourceAllocation" + }, + { + "name": "ExternalCloudProvider" + }, + { + "name": "ExternalCloudProviderAzure" + }, + { + "name": "ExternalCloudProviderExternal" + }, + { + "name": "ExternalCloudProviderGCP" + }, + { + "name": "GCPClusterHostedDNS" + }, + { + "name": "GCPLabelsTags" + }, + { + "name": "GatewayAPI" + }, + { + "name": "InsightsConfigAPI" + }, + { + "name": "InstallAlternateInfrastructureAWS" + }, + { + "name": "KMSv1" + }, + { + "name": "MachineAPIProviderOpenStack" + }, + { + "name": "MachineConfigNodes" + }, + { + "name": "ManagedBootImages" + }, + { + "name": "MaxUnavailableStatefulSet" + }, + { + "name": "MetricsServer" + }, + { + "name": "MixedCPUsAllocation" + }, + { + "name": "NetworkLiveMigration" + }, + { + "name": "NodeSwap" + }, + { + "name": "OnClusterBuild" + }, + { + "name": "OpenShiftPodSecurityAdmission" + }, + { + "name": "PinnedImages" + }, + { + "name": "PrivateHostedZoneAWS" + }, + { + "name": "RouteExternalCertificate" + }, + { + "name": "SignatureStores" + }, + { + "name": "SigstoreImageVerification" + }, + { + "name": "VSphereControlPlaneMachineSet" + }, + { + "name": "VSphereStaticIPs" + }, + { + "name": "ValidatingAdmissionPolicy" + } + ], + "version": "" + } + ] + } +}