kubevirt / hyperconverged-cluster-operator

72%

main: 76%

LAST BUILD ON BRANCH release-1.14

branch: release-1.14

CHANGE BRANCH

x

Reset

• release-1.14
• 1.12_fix_ha_discovery
• 1.14_update_bump_bot_assignees
• 2.1_test
• CNV-50892
• CNV-55543
• CNV-56071
• CNV-56467-vmStateStorageClass-rwx-removal
• CNV-56467-vmStateStorageClass-rwx-removal-release-1.14
• CNV-56955
• CNV-59575
• CNV-61568
• CNV-62116
• CNV-64433
• CNV-70251
• CNV_67871
• InstancetypeReferencePolicy
• TerminationMessagePolicy
• aaq-reset
• add-alert-HCODICTWithNoSupportedArchitecture
• add-cluster-level-rbac-handlers
• add-liveUpdateConfiguration
• add-metric
• add-missing-ports-nob
• add-np-labels
• add-observability-controller-alerts
• add-sa-to-virt-dl
• add-sync-controller-image
• add-videoConfig-feature-to-hyper-converged
• add-wasp-related-monitoring
• add_alert_for_vms_with_deprecated_machine_type
• add_e2e_tests_for_perses_crs_deployment
• add_kmp_ranges_api
• add_memory_overcommit_perse_dashboard
• add_observability_policy
• add_required_scc_annotation
• alloc
• allow-custom-images
• allow-running-smoke-on-4.18
• allow_virt_operator_hcp
• backport-3630
• backport-3630-1.13
• backport-3630-1.14
• backportf
• better-bump-kvci
• builder-image
• builder-multi-arch
• bump-controller-runtime-v0.22.4
• bump-deps-nightly
• bump-functest-builder-image
• bump-go-1.23
• bump-go-images-1.24
• bump-golang-1.24
• bump-golang-1.25
• bump-golang.org/x/net
• bump-golang.org/x/net/html
• bump-golangci-lint
• bump-golangci-lint_v2.6.0
• bump-k8s-api-1.33
• bump-k8s-api-v0.34.1
• bump-kubevirtci
• bump-linters
• bump-self-1.16
• bump-version-1.14.1
• bump-version-to-1.15
• bump_AAQ_v1.3.1_release-1.13
• bump_AAQ_v1.3.1_release-1.14
• bump_AAQ_v1.4.0_main
• bump_AAQ_v1.5.0_main
• bump_AAQ_v1.6.0_main
• bump_CDI_v1.18.0
• bump_CDI_v1.19.0
• bump_CDI_v1.20.1
• bump_CDI_v1.21.0
• bump_CDI_v1.22.0
• bump_CDI_v1.23.1
• bump_CDI_v1.23.2
• bump_CDI_v1.23.4
• bump_CDI_v1.23.5
• bump_CDI_v1.24.0
• bump_CDI_v1.24.1
• bump_CDI_v1.24.2
• bump_CDI_v1.25.0
• bump_CDI_v1.26.0
• bump_CDI_v1.26.1
• bump_CDI_v1.59.2_release-1.12
• bump_CDI_v1.60.5_release-1.13
• bump_CDI_v1.61.1_release-1.14
• bump_CDI_v1.61.2_main
• bump_CDI_v1.61.2_release-1.14
• bump_CDI_v1.61.4_main
• bump_CDI_v1.61.4_release-1.14
• bump_CDI_v1.61.5_main
• bump_CDI_v1.61.5_release-1.14
• bump_CDI_v1.62.0_main
• bump_CDI_v1.63.0-alpha.0_main
• bump_CDI_v1.64.0_main
• bump_CNAO_v0.98.0
• bump_CSI_SNAPSHOT_v8.1.1_release-1.13
• bump_CSI_SNAPSHOT_v8.2.0_main
• bump_CSI_SNAPSHOT_v8.2.1_main
• bump_CSI_SNAPSHOT_v8.2.1_release-1.14
• bump_CSI_SNAPSHOT_v8.3.0_main
• bump_CSI_SNAPSHOT_v8.4.0_main
• bump_HPPO_v0.22.0_main
• bump_HPPO_v0.23.0_main
• bump_HPPO_v0.24.0_main
• bump_HPPO_v0.4.2
• bump_HPPO_v0.4.3
• bump_HPPO_v0.5.0
• bump_HPPO_v0.5.2
• bump_HPPO_v0.6.0
• bump_HPP_v0.22.0_main
• bump_HPP_v0.23.0_main
• bump_HPP_v0.24.0_main
• bump_HPP_v0.5.1
• bump_KUBEVIRT_CONSOLE_PLUGIN_v4.18.0_main
• bump_KUBEVIRT_CONSOLE_PLUGIN_v4.19.0_main
• bump_KUBEVIRT_CONSOLE_PLUGIN_v4.20.0_main
• bump_KUBEVIRT_v0.29.0
• bump_KUBEVIRT_v0.30.0-rc.1
• bump_KUBEVIRT_v0.30.0-rc.2
• bump_KUBEVIRT_v0.30.1
• bump_KUBEVIRT_v0.30.2
• bump_KUBEVIRT_v0.30.3
• bump_KUBEVIRT_v0.31.0-rc.1
• bump_KUBEVIRT_v0.32.0-rc.2
• bump_KUBEVIRT_v0.33.0-rc.0
• bump_KUBEVIRT_v0.35.0-rc.0
• bump_KUBEVIRT_v0.36.0-rc.0
• bump_KUBEVIRT_v0.59.2_release-1.8
• bump_KUBEVIRT_v1.4.1_release-1.14
• bump_KUBEVIRT_v1.5.0-alpha.0_main
• bump_KUBEVIRT_v1.5.0-beta.0_main
• bump_KUBEVIRT_v1.5.0-rc.0_main
• bump_KUBEVIRT_v1.5.0-rc.1_main
• bump_KUBEVIRT_v1.5.0-rc.2_main
• bump_KUBEVIRT_v1.5.0_main
• bump_KUBEVIRT_v1.5.1_release-1.15
• bump_KUBEVIRT_v1.5.2_release-1.15
• bump_KUBEVIRT_v1.5.3_release-1.15
• bump_KUBEVIRT_v1.6.0-alpha.0_main
• bump_KUBEVIRT_v1.6.0-beta.0_main
• bump_KUBEVIRT_v1.6.0-rc.0_main
• bump_KUBEVIRT_v1.6.0-rc.1_main
• bump_KUBEVIRT_v1.6.0_main
• bump_KUBEVIRT_v1.6.1_release-1.16
• bump_KUBEVIRT_v1.6.2_release-1.16
• bump_KUBEVIRT_v1.6.3_release-1.16
• bump_KUBEVIRT_v1.7.0-alpha.0_main
• bump_KUBEVIRT_v1.7.0-beta.0_main
• bump_KUBEVIRT_v1.7.0-rc.0_main
• bump_KUBEVIRT_v1.7.0-rc.1_main
• bump_KUBEVIRT_v1.7.0_main
• bump_LIVENESS_PROBE_v2.15.0_main
• bump_LIVENESS_PROBE_v2.17.0_main
• bump_MIGRATION_CONTROLLER_v0.0.3_main
• bump_MIGRATION_CONTROLLER_v0.0.3_release-1.17
• bump_MIGRATION_OPERATOR_v0.0.14_main
• bump_MIGRATION_OPERATOR_v0.0.14_release-1.17
• bump_NETWORK_ADDONS_0.37.0
• bump_NETWORK_ADDONS_0.38.0
• bump_NETWORK_ADDONS_0.39.0
• bump_NETWORK_ADDONS_0.39.2
• bump_NETWORK_ADDONS_0.40.0
• bump_NETWORK_ADDONS_0.41.0
• bump_NETWORK_ADDONS_v0.100.0-rc0_main
• bump_NETWORK_ADDONS_v0.100.0-rc1_main
• bump_NETWORK_ADDONS_v0.100.0_main
• bump_NETWORK_ADDONS_v0.100.1_main
• bump_NETWORK_ADDONS_v0.100.2_main
• bump_NETWORK_ADDONS_v0.100.3_release-1.16
• bump_NETWORK_ADDONS_v0.101.0-rc-0_main
• bump_NETWORK_ADDONS_v0.101.1_main
• bump_NETWORK_ADDONS_v0.101.1_release-1.17
• bump_NETWORK_ADDONS_v0.42.1
• bump_NETWORK_ADDONS_v0.42.2
• bump_NETWORK_ADDONS_v0.42.3
• bump_NETWORK_ADDONS_v0.42.4
• bump_NETWORK_ADDONS_v0.97.0_main
• bump_NETWORK_ADDONS_v0.97.4_release-1.14
• bump_NETWORK_ADDONS_v0.97.5_release-1.14
• bump_NETWORK_ADDONS_v0.97.6_release-1.14
• bump_NETWORK_ADDONS_v0.97.7_release-1.14
• bump_NETWORK_ADDONS_v0.98.1_main
• bump_NETWORK_ADDONS_v0.98.2_main
• bump_NETWORK_ADDONS_v0.99.0_main
• bump_NETWORK_ADDONS_v0.99.1_main
• bump_NMO_v0.7.0
• bump_NODE_DRIVER_REG_v2.13.0_main
• bump_NODE_DRIVER_REG_v2.14.0_main
• bump_SSP_v0.22.1_main
• bump_SSP_v0.22.2_main
• bump_SSP_v0.22.2_release-1.14
• bump_SSP_v0.22.3_main
• bump_SSP_v0.22.3_release-1.14
• bump_SSP_v0.23.0_main
• bump_SSP_v0.23.1_main
• bump_SSP_v0.23.1_release-1.15
• bump_SSP_v0.24.0-alpha.0_main
• bump_SSP_v0.24.0_main
• bump_SSP_v0.24.1_main
• bump_SSP_v0.24.1_release-1.16
• bump_SSP_v0.25.0_main
• bump_SSP_v1.0.32
• bump_SSP_v1.0.36
• bump_SSP_v1.0.37
• bump_SSP_v1.2.0
• bump_VM_IMPORT_v0.0.3
• bump_VM_IMPORT_v0.0.4
• bump_VM_IMPORT_v0.1.0
• bump_cdi_1.61.1_main
• bump_cnao_0391
• bump_hco_to_v1.17.0
• bump_hco_to_v1.18.0
• bump_k8s_0.32
• bumpovercommit
• bundle-docs
• cherry-pick-3155-to-release-1.13
• cherry-pick-3174-to-release-1.13
• cherry-pick-3186-to-release-1.13
• cherry-pick-3211-to-release-1.12
• cherry-pick-3211-to-release-1.13
• cherry-pick-3219-to-release-1.13
• cherry-pick-3220-to-release-1.14
• cherry-pick-3242-to-release-1.14
• cherry-pick-3245-to-release-1.14
• cherry-pick-3249-to-release-1.14
• cherry-pick-3262-to-release-1.14
• cherry-pick-3272-to-1.14
• cherry-pick-3283-to-release-1.14
• cherry-pick-3289-to-release-1.14
• cherry-pick-3291-to-release-1.13
• cherry-pick-3332-to-release-1.14
• cherry-pick-3360-to-release-1.14
• cherry-pick-3379-to-release-1.13
• cherry-pick-3379-to-release-1.14
• cherry-pick-3385-1.13
• cherry-pick-3476-to-release-1.15
• cherry-pick-3482-to-release-1.15
• cherry-pick-3494-to-release-1.13
• cherry-pick-3494-to-release-1.14
• cherry-pick-3494-to-release-1.15
• cherry-pick-3512-to-release-1.14
• cherry-pick-3512-to-release-1.15
• cherry-pick-3533-to-release-1.14
• cherry-pick-3533-to-release-1.15
• cherry-pick-3554-to-release-1.15
• cherry-pick-3570-to-release-1.15
• cherry-pick-3592-to-release-1.15
• cherry-pick-3647-to-release-1.14
• cherry-pick-3647-to-release-1.15
• cherry-pick-3726-to-release-1.16
• cherry-pick-3736-to-release-1.16
• cherry-pick-3744-to-release-1.16
• cherry-pick-3753-to-release-1.16
• cherry-pick-3764-to-release-1.14
• cherry-pick-3764-to-release-1.15
• cherry-pick-3764-to-release-1.16
• cherry-pick-3766-to-release-1.16
• cherry-pick-3782-to-release-1.15
• cherry-pick-3782-to-release-1.16
• cherry-pick-3807-to-release-1.16
• cherry-pick-3815-to-release-1.15
• cherry-pick-3829-to-release-1.16
• cherry-pick-3833-to-release-1.16
• cherry-pick-3834-to-release-1.16
• cherry-pick-3844-to-release-1.16
• cherry-pick-3845-to-release-1.16
• cherry-pick-3847-to-release-1.16
• cherry-pick-3850-to-release-1.15
• cherry-pick-3851-to-release-1.14
• cherry-pick-3853-to-release-1.13
• cherry-pick-3854-to-release-1.16
• cherry-pick-3856-to-release-1.12
• cherry-pick-3861-to-release-1.11
• cherry-pick-3862-to-release-1.10
• cherry-pick-3889-to-release-1.14
• cherry-pick-3889-to-release-1.15
• cherry-pick-3889-to-release-1.16
• cherry-pick-3897-to-release-1.14
• cherry-pick-3900-to-release-1.16
• cherry-pick-3954-to-release-1.16
• cherry-pick-3954-to-release-1.17
• cherrypick_3294_to_release_1.14
• chore-refactorings
• cleanup-upgrade
• cli-dl-health
• cna-def-net-nad
• cnao-in-nightly
• cnv-65873
• common-instancetypes-config
• common-instancetypes-config-release-1.14
• containerized-generate
• create-nightly-floating-tag
• csv-merge-files
• csv-merger-pass-files
• customize-dl-link
• debug-e2e-alerts
• debug-flacky-test
• debug-flaky
• debug-kv-1.6.0
• debug_kv_1.6
• declarative-hotplug
• default_eviction_strategy_none_for_arm_clusters
• defaults/adapt-completionTimeoutPerGiB-to-kubevirt
• dependabot/go_modules/github.com/docker/docker-28.3.3incompatible
• dependabot/go_modules/github.com/golang-jwt/jwt/v5-5.2.2
• dependabot/go_modules/golang.org/x/crypto-0.45.0
• dependabot/go_modules/tools/release-notes/git/golang.org/x/crypto-0.31.0
• dependabot/go_modules/tools/release-notes/github.com/cloudflare/circl-1.6.1
• dependabot/go_modules/tools/release-notes/github.com/golang/glog-1.2.4
• dependabot/go_modules/tools/release-notes/golang.org/x/crypto-0.45.0
• dependabot/go_modules/tools/release-notes/golang.org/x/net-0.36.0
• dependabot/go_modules/tools/release-notes/golang.org/x/net-0.38.0
• dependabot/pip/tools/k8s-label-visualizer/marshmallow-3.26.2
• dependabot/pip/tools/k8s-label-visualizer/requests-2.32.4
• dependabot/pip/tools/k8s-label-visualizer/urllib3-2.5.0
• dependabot/pip/tools/k8s-label-visualizer/urllib3-2.6.0
• dependabot/pip/tools/k8s-label-visualizer/urllib3-2.6.3
• deploy-wasp-agent-refactored
• deprecate-highBurst
• descheduler_profile
• dict-arch-annotation-tool
• doc-multi-arch
• docker1
• drop_tls13_workaround
• dump-np-with-crd
• dump-py-deps
• dv_gc_deprecate
• e2e-alert-to
• e2e-dict-cleanup
• e2e-node-archs
• enable-ksm-by-default
• enable-video-config-fg-by-default
• enable_cdi_webhook_pvc_rendering_featuregate
• enabled-bare-return
• fake-please-ignore
• fbc-icon-desc
• fix--hco-health-metric
• fix-CNV-62721
• fix-CNV-71826
• fix-CVE-2024-21626
• fix-CVE-2025-22870
• fix-admission-policy-watch
• fix-assignees-in-action
• fix-bug-in-bearer-secret
• fix-builder-build
• fix-bump-bot
• fix-bundle-issue
• fix-ci
• fix-ci-aws
• fix-cnv-75031
• fix-cnv-75752
• fix-cnv-75753
• fix-cnv-75754
• fix-cnv-75755
• fix-community-release
• fix-createbuild-image
• fix-delete-ssp
• fix-dict-annotation
• fix-disable-nic-alert
• fix-docgen
• fix-e2e-alertmanager
• fix-flacky
• fix-flaky
• fix-flaky-test
• fix-functest-flakiness
• fix-go-mod
• fix-go-mod-plus-3898
• fix-ha
• fix-hc-predicate
• fix-json
• fix-log
• fix-metrics-linter
• fix-monitoring-functest
• fix-multi-arch-build
• fix-multi-arch-image-build
• fix-multi-arch-images
• fix-multi-archs-api
• fix-nightly
• fix-non-stand-alone-unit-tests
• fix-np-label
• fix-os-nightly
• fix-override-bot
• fix-owner-ref
• fix-publish-community
• fix-publish-job
• fix-push-artifacts-server-target
• fix-quantity-bug
• fix-release-bumper
• fix-rn-dependencies
• fix-script-name
• fix-secret-labels
• fix-time-slack
• fix-upgrade-test
• fix-upgrade-tests
• fix-version
• fix-wasp-alert
• fix-wh-metrics
• fix3360
• fix_HCOOperatorConditionsUnhealthy_alert
• fix_cert
• fix_daemonsets_fields
• fix_infra_ha_no_masters
• fix_ingress_controller
• fix_operator_health_metric
• fix_ui_ipv6_singlestack
• force-recreate-metrics-endpoint-secret
• free-diskspace-image-build
• go-1.25.3
• golangci-lint-v2
• golden-images-multi-arch
• graduate_descheduler_profile
• ibm_s390x_architecture_configuration
• improve-json-patch
• improve-machine-type
• improve-slack-msg
• integration
• kubevirt-migration-operator
• label-reconcile
• main
• main-fix-publish-job
• make_replaces_csv_optional
• master
• metrics-port-8443
• migcontreller-reconcile-fix
• minor_fix_3219
• move-DeployVMConsoleProxy-fg
• move-enableCommonBootImageImport-fg
• multi-arch-images
• mv-EnableApplicationAwareQuota
• mv-deployKubeSecondaryDNS
• mv-nightly-to-kubevirt-repo
• new-metric-multi-arch
• node-arches
• nodeplacement_no_masters
• np-in-manifests
• ns-policy
• object-graph
• passt
• passtFG
• passtRefactor
• passt_e2e
• passt_with_ns
• patch-6
• pr-desc-for-bump-kvci
• pre-compute-crd
• prepare-image-url-params-for-wasp
• prepare_version_1.15.3
• prepare_version_1.16.1
• r.15-fix-disable-nic-alert
• r1.10-add-avlitman
• r1.11-add-avlitman
• r1.12-remove-aadmi
• r1.13-fix-disable-nic-alert
• r1.14-fix-disable-nic-alert
• r1.14-fix-monitoring-linter
• r1.14_add_required_scc_annotation
• r1.15-revert-mv-deployKubeSecondaryDNS
• r1.16-fix-CNV-7182
• r1.16-fix-secret-labels
• r1.17-fix-secret-labels
• r1.8-add-avlitman
• r1.9-add-avlitman
• r110-bump-golang.org/x/net/html
• r110-csv-merge-files
• r111-allow-custom-labels-pc
• r111-bump-golang.org/x/net/html
• r112-allow-custom-labels-pc
• r112-bump-golang.org/x/net/html
• r113-bump-golang.org/x/net/html
• r113-csv-merge-files
• r113-fix-CVE-2025-30204
• r113-fix-ha
• r114-add-missing-upgrade-patch
• r114-bump_cnao_0.97.3
• r114-csv-merge-files
• r114-fix-CVE-2025-30204
• r114-fix-multi-arch
• r114-fix-publish-community
• r114-fix-sanity
• r114-fix_operator_health_metric
• r114-multi-arch
• r115-csv-merge-files
• r115-fix-owner-ref
• r115-fix-publish-community
• r115-fix-wh-metrics
• r115-fix_operator_health_metric
• r116-bump_AAQ_v1.6.0
• r116-fix-owner-ref
• r117-fix-owner-ref
• r13_remove_old_ssp_apiversion_crd
• r18-bump-golang.org/x/net/html
• r18-csv-merge-files
• r19-bump-golang.org/x/net/html
• re-enable-vm-console-log
• re-revive
• readd-health-metric-test
• recommended-cpu
• redeploy-pods
• refactor-operands
• release-0.4
• release-1.0
• release-1.1
• release-1.1.0
• release-1.10
• release-1.11
• release-1.12
• release-1.13
• release-1.15
• release-1.15-bump-to-v1.15.2
• release-1.16
• release-1.17
• release-1.2
• release-1.4
• release-1.5
• release-1.6
• release-1.7
• release-1.8
• release-1.9
• release-2.1
• release-2.2
• release-2.3
• release-2.4
• release-4.2
• release-4.3
• release-4.4
• release-4.5
• release-4.6
• release-4.7
• release-4.8
• rem_fg
• remove-alert
• remove-cert-check-from-functests
• remove-deprecated-kv-fg
• remove-git-action
• remove-obselete-iss
• remove-old-nps-on-upgrade
• remove-operator-np
• remove-rwx-storage-class-line-main
• remove-sa-cert-usage-from-func-tests
• remove_old_ssp_apiversion_crd
• removelimitgate
• rename-np-lbls
• rename-passt-annotation
• renovate/go-github.com-cloudflare-circl-vulnerability
• renovate/go-github.com-docker-docker-vulnerability
• renovate/go-golang.org-x-crypto-vulnerability
• renovate/go-golang.org-x-oauth2-vulnerability
• renovate/main-go-golang.org-x-oauth2-vulnerability
• renovate/pypi-marshmallow-vulnerability
• renovate/pypi-requests-vulnerability
• renovate/pypi-urllib3-vulnerability
• renovate/release-1.10-go-github.com-containers-image-v5-vulnerability
• renovate/release-1.10-go-github.com-docker-docker-vulnerability
• renovate/release-1.10-go-github.com-go-git-go-git-v5-vulnerability
• renovate/release-1.10-go-github.com-golang-glog-vulnerability
• renovate/release-1.10-go-github.com-opencontainers-runc-vulnerability
• renovate/release-1.10-go-github.com-u-root-u-root-vulnerability
• renovate/release-1.10-go-golang.org-x-crypto-vulnerability
• renovate/release-1.10-go-google.golang.org-protobuf-vulnerability
• renovate/release-1.10-pypi-certifi-vulnerability
• renovate/release-1.10-pypi-idna-vulnerability
• renovate/release-1.10-pypi-requests-vulnerability
• renovate/release-1.10-pypi-urllib3-vulnerability
• renovate/release-1.11-go-github.com-containers-image-v5-vulnerability
• renovate/release-1.11-go-github.com-docker-docker-vulnerability
• renovate/release-1.11-go-github.com-go-git-go-git-v5-vulnerability
• renovate/release-1.11-go-github.com-opencontainers-runc-vulnerability
• renovate/release-1.11-go-golang.org-x-crypto-vulnerability
• renovate/release-1.11-go-google.golang.org-protobuf-vulnerability
• renovate/release-1.11-pypi-idna-vulnerability
• renovate/release-1.11-pypi-requests-vulnerability
• renovate/release-1.12-go-github.com-containers-image-v5-vulnerability
• renovate/release-1.12-go-github.com-docker-docker-vulnerability
• renovate/release-1.12-go-github.com-go-git-go-git-v5-vulnerability
• renovate/release-1.12-go-github.com-golang-glog-vulnerability
• renovate/release-1.12-go-github.com-opencontainers-runc-vulnerability
• renovate/release-1.12-go-golang.org-x-crypto-vulnerability
• renovate/release-1.12-pypi-requests-vulnerability
• renovate/release-1.12-pypi-urllib3-vulnerability
• renovate/release-1.13-go-github.com-go-git-go-git-v5-vulnerability
• renovate/release-1.13-go-golang.org-x-crypto-vulnerability
• renovate/release-1.14-go-github.com-go-git-go-git-v5-vulnerability
• renovate/release-1.14-go-golang.org-x-crypto-vulnerability
• restore-dep-fgs
• retry-push
• retry-retag
• revert-310-drop_v2v_2.1
• revert-3525-bump_KUBEVIRT_v1.6.0-beta.0_main
• revert-3735-bump_AAQ_v1.3.1_release-1.14
• revert-3845
• revert-3845-free-diskspace-image-build
• revert-429-gen-changed-predicate
• revert-466-ssp_v1.0.22
• revert-524-kv-pc
• revert-583-no_kubevirtnodelabellerbundles_ssp
• revert-mv-deployKubeSecondaryDNS
• revert/eviction_strategy_none_arm
• revert_passt
• rm-depracated-fg
• rm-ga-net-fg
• rm-kv-mincpumodel
• rm-mtq-crd
• rm-old-flags
• sanity-action
• secure-execution-gate
• set-kv-MultiArchitecture-fg
• set-multi-arch-fields-in-ssp
• set_cpumodel_upgrade_test
• skip_observability_tests_if_no_preconditions
• slack-bot
• split-crd-validation
• split-ha-from-cluster-info
• split-own-ref
• ssp-api-v1beta3
• start-bumping-go-1.25
• stop-use-real-files-inunittests
• streaming
• sync-once-tests
• test-nps
• ui-network-policies
• ui_pods_use_dedicated_sa
• update-NodeNetworkInterfaceDown-expression
• update-image-digests
• update_component_graphs
• upstream/bump_CDI_v1.20.1
• use-alertmanager-route-instead
• use-official-coveralls-action
• use-operator-observability-toolkit
• v0.0.4
• v0.3.0
• v0.3.1
• v0.4.0
• v1.0.0
• v1.1.0
• v1.2.0
• validate_bundles_remove_sudo

Build # 20689747098

Build Type

push

github

Committed by web-flow

Commit Message

[release 1.14] Add ValidatingAdmissionPolicy to validate the HyperConverged namespace (#3940)

* Add the new admission policy controller

The current implementation of preventing the creation of the
HyperConverged CR in non-allowed namespace, is not working in Openshift,
where becasue of a race condition, the webhook's namespace selector is
removed by OLM.

This commit adds a new controller, to create and reconcile a
ValidatingAdmissionPolicy and the related
ValidatingAdmissionPolicyBinding, to perform the same validation.

The reason we're doing it in a new controller, is because we need the
ValidatingAdmissionPolicy to be set, even if the HyperConverged CR is
not deployed, while our main controller only reconciles resources if
the HyperConverged CR is deployed.



* Register the admission policy controller on boot



* Remove the current validation

Remove the existing validation of the HyperConverged CR namespace from
the validation webhook, as it is now done by the policy, created by the
admission policy controller.



* Don't remove the namespace selector from the validation wh

OLM adds a namespace selection on the validation webhook CR, causing the
namespace validation to be not relevant.

The webhook setup logic removes this selector, but actually this is
reconciled by OLM, and eventually, user can still create the
HyperConverged CR in any namespace.

The issue is now handled by a ValidationgAdmissionPolicy, and so we
don't need this logic anymore, and so this commit removes it.



---------

Signed-off-by: Nahshon Unna Tsameret <nahsh.ut@gmail.com>

Run Details

138 of 215 new or added lines in 3 files covered. (64.19%)

6 existing lines in 2 files now uncovered.

6675 of 9238 relevant lines covered (72.26%)

0.8 hits per line