From e599ef67efa870e674e0530ba4612cbeda59f550 Mon Sep 17 00:00:00 2001 From: Madhu Rajanna Date: Mon, 25 Nov 2024 19:02:25 +0100 Subject: [PATCH 1/3] csi: update to latest cephcsi release cephcsi fixed a bug related to data loss and its fixed in 3.12.3 release, This commit updates the cephcsi to 3.12.3 release. Signed-off-by: Madhu Rajanna --- Documentation/Helm-Charts/operator-chart.md | 2 +- .../Storage-Configuration/Ceph-CSI/ceph-csi-drivers.md | 6 +++--- .../Storage-Configuration/Ceph-CSI/custom-images.md | 2 +- deploy/charts/rook-ceph/values.yaml | 2 +- deploy/examples/images.txt | 2 +- deploy/examples/operator-openshift.yaml | 2 +- deploy/examples/operator.yaml | 2 +- pkg/operator/ceph/csi/spec.go | 2 +- pkg/operator/ceph/csi/util_test.go | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) diff --git a/Documentation/Helm-Charts/operator-chart.md b/Documentation/Helm-Charts/operator-chart.md index 7fc7ec887b3b..2fc1f37c0716 100644 --- a/Documentation/Helm-Charts/operator-chart.md +++ b/Documentation/Helm-Charts/operator-chart.md @@ -60,7 +60,7 @@ The following table lists the configurable parameters of the rook-operator chart | `csi.cephFSPluginUpdateStrategy` | CSI CephFS plugin daemonset update strategy, supported values are OnDelete and RollingUpdate | `RollingUpdate` | | `csi.cephFSPluginUpdateStrategyMaxUnavailable` | A maxUnavailable parameter of CSI cephFS plugin daemonset update strategy. | `1` | | `csi.cephcsi.repository` | Ceph CSI image repository | `"quay.io/cephcsi/cephcsi"` | -| `csi.cephcsi.tag` | Ceph CSI image tag | `"v3.12.2"` | +| `csi.cephcsi.tag` | Ceph CSI image tag | `"v3.12.3"` | | `csi.cephfsLivenessMetricsPort` | CSI CephFS driver metrics port | `9081` | | `csi.cephfsPodLabels` | Labels to add to the CSI CephFS Deployments and DaemonSets Pods | `nil` | | `csi.clusterName` | Cluster name identifier to set as metadata on the CephFS subvolume and RBD images. This will be useful in cases like for example, when two container orchestrator clusters (Kubernetes/OCP) are using a single ceph cluster | `nil` | diff --git a/Documentation/Storage-Configuration/Ceph-CSI/ceph-csi-drivers.md b/Documentation/Storage-Configuration/Ceph-CSI/ceph-csi-drivers.md index d06bb58ae9d4..b812ff173e67 100644 --- a/Documentation/Storage-Configuration/Ceph-CSI/ceph-csi-drivers.md +++ b/Documentation/Storage-Configuration/Ceph-CSI/ceph-csi-drivers.md @@ -217,10 +217,10 @@ CSI-Addons supports the following operations: Ceph-CSI supports encrypting PersistentVolumeClaims (PVCs) for both RBD and CephFS. This can be achieved using LUKS for RBD and fscrypt for CephFS. More details on encrypting RBD PVCs can be found -[here](https://github.com/ceph/ceph-csi/blob/v3.12.2/docs/deploy-rbd.md#encryption-for-rbd-volumes), +[here](https://github.com/ceph/ceph-csi/blob/v3.12.3/docs/deploy-rbd.md#encryption-for-rbd-volumes), which includes a full list of supported encryption configurations. -More details on encrypting CephFS PVCs can be found [here](https://github.com/ceph/ceph-csi/blob/v3.12.2/docs/deploy-cephfs.md#cephfs-volume-encryption). -A sample KMS configmap can be found [here](https://github.com/ceph/ceph-csi/blob/v3.12.2/examples/kms/vault/kms-config.yaml). +More details on encrypting CephFS PVCs can be found [here](https://github.com/ceph/ceph-csi/blob/v3.12.3/docs/deploy-cephfs.md#cephfs-volume-encryption). +A sample KMS configmap can be found [here](https://github.com/ceph/ceph-csi/blob/v3.12.3/examples/kms/vault/kms-config.yaml). !!! note Not all KMS are compatible with fscrypt. Generally, KMS that either store secrets to use directly (like Vault) diff --git a/Documentation/Storage-Configuration/Ceph-CSI/custom-images.md b/Documentation/Storage-Configuration/Ceph-CSI/custom-images.md index 86beab48d9a1..3e483a908a57 100644 --- a/Documentation/Storage-Configuration/Ceph-CSI/custom-images.md +++ b/Documentation/Storage-Configuration/Ceph-CSI/custom-images.md @@ -18,7 +18,7 @@ kubectl -n $ROOK_OPERATOR_NAMESPACE edit configmap rook-ceph-operator-config The default upstream images are included below, which you can change to your desired images. ```yaml -ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.12.2" +ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.12.3" ROOK_CSI_REGISTRAR_IMAGE: "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1" ROOK_CSI_PROVISIONER_IMAGE: "registry.k8s.io/sig-storage/csi-provisioner:v5.0.1" ROOK_CSI_ATTACHER_IMAGE: "registry.k8s.io/sig-storage/csi-attacher:v4.6.1" diff --git a/deploy/charts/rook-ceph/values.yaml b/deploy/charts/rook-ceph/values.yaml index 8b5ceb82f197..c6bdda1f7238 100644 --- a/deploy/charts/rook-ceph/values.yaml +++ b/deploy/charts/rook-ceph/values.yaml @@ -480,7 +480,7 @@ csi: # -- Ceph CSI image repository repository: quay.io/cephcsi/cephcsi # -- Ceph CSI image tag - tag: v3.12.2 + tag: v3.12.3 registrar: # -- Kubernetes CSI registrar image repository diff --git a/deploy/examples/images.txt b/deploy/examples/images.txt index b84f8adbdd97..d8c62fdfef73 100644 --- a/deploy/examples/images.txt +++ b/deploy/examples/images.txt @@ -2,7 +2,7 @@ gcr.io/k8s-staging-sig-storage/objectstorage-sidecar:v20240513-v0.1.0-35-gefb3255 quay.io/ceph/ceph:v18.2.4 quay.io/ceph/cosi:v0.1.2 - quay.io/cephcsi/cephcsi:v3.12.2 + quay.io/cephcsi/cephcsi:v3.12.3 quay.io/csiaddons/k8s-sidecar:v0.10.0 registry.k8s.io/sig-storage/csi-attacher:v4.6.1 registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1 diff --git a/deploy/examples/operator-openshift.yaml b/deploy/examples/operator-openshift.yaml index 1186fd1841b9..23d69fb09564 100644 --- a/deploy/examples/operator-openshift.yaml +++ b/deploy/examples/operator-openshift.yaml @@ -189,7 +189,7 @@ data: # The default version of CSI supported by Rook will be started. To change the version # of the CSI driver to something other than what is officially supported, change # these images to the desired release of the CSI driver. - # ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.12.2" + # ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.12.3" # ROOK_CSI_REGISTRAR_IMAGE: "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1" # ROOK_CSI_RESIZER_IMAGE: "registry.k8s.io/sig-storage/csi-resizer:v1.11.1" # ROOK_CSI_PROVISIONER_IMAGE: "registry.k8s.io/sig-storage/csi-provisioner:v5.0.1" diff --git a/deploy/examples/operator.yaml b/deploy/examples/operator.yaml index b11549be5d32..75d92b585afc 100644 --- a/deploy/examples/operator.yaml +++ b/deploy/examples/operator.yaml @@ -119,7 +119,7 @@ data: # The default version of CSI supported by Rook will be started. To change the version # of the CSI driver to something other than what is officially supported, change # these images to the desired release of the CSI driver. - # ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.12.2" + # ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.12.3" # ROOK_CSI_REGISTRAR_IMAGE: "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1" # ROOK_CSI_RESIZER_IMAGE: "registry.k8s.io/sig-storage/csi-resizer:v1.11.1" # ROOK_CSI_PROVISIONER_IMAGE: "registry.k8s.io/sig-storage/csi-provisioner:v5.0.1" diff --git a/pkg/operator/ceph/csi/spec.go b/pkg/operator/ceph/csi/spec.go index 0f587270f848..ae84d8df076c 100644 --- a/pkg/operator/ceph/csi/spec.go +++ b/pkg/operator/ceph/csi/spec.go @@ -131,7 +131,7 @@ var ( // manually challenging. var ( // image names - DefaultCSIPluginImage = "quay.io/cephcsi/cephcsi:v3.12.2" + DefaultCSIPluginImage = "quay.io/cephcsi/cephcsi:v3.12.3" DefaultRegistrarImage = "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1" DefaultProvisionerImage = "registry.k8s.io/sig-storage/csi-provisioner:v5.0.1" DefaultAttacherImage = "registry.k8s.io/sig-storage/csi-attacher:v4.6.1" diff --git a/pkg/operator/ceph/csi/util_test.go b/pkg/operator/ceph/csi/util_test.go index 3c8afc0ba40d..2e974a1d0f3d 100644 --- a/pkg/operator/ceph/csi/util_test.go +++ b/pkg/operator/ceph/csi/util_test.go @@ -284,7 +284,7 @@ func Test_getImage(t *testing.T) { args: args{ data: map[string]string{}, settingName: "ROOK_CSI_CEPH_IMAGE", - defaultImage: "quay.io/cephcsi/cephcsi:v3.12.2", + defaultImage: "quay.io/cephcsi/cephcsi:v3.12.3", }, want: DefaultCSIPluginImage, }, From 4dc001b7849920ce88e5b902fb866db1e8caa330 Mon Sep 17 00:00:00 2001 From: Travis Nielsen Date: Mon, 25 Nov 2024 12:27:11 -0700 Subject: [PATCH 2/3] ci: add 1.16 branch to mergify rules With the creation of the 1.16 branch, add the branch to the mergify rules. Signed-off-by: Travis Nielsen --- .mergify.yml | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/.mergify.yml b/.mergify.yml index 28efa4c2c534..fcac66285e1d 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -291,6 +291,65 @@ pull_request_rules: dismiss_reviews: {} delete_head_branch: {} + # release-1.16 branch + - name: automerge backport release-1.16 + conditions: + - author=mergify[bot] + - base=release-1.16 + - label!=do-not-merge + - "status-success=DCO" + - "check-success=linux-build-all (1.22)" + - "check-success=unittests" + - "check-success=golangci-lint" + - "check-success=codegen" + - "check-success=codespell" + - "check-success=lint" + - "check-success=modcheck" + - "check-success=Shellcheck" + - "check-success=yaml-linter" + - "check-success=lint-test" + - "check-success=gen-rbac" + - "check-success=crds-gen" + - "check-success=docs-check" + - "check-success=pylint" + - "check-success=canary-tests / canary (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / raw-disk-with-object (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / two-osds-in-device (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / osd-with-metadata-partition-device (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / osd-with-metadata-device (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / lvm (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / pvc (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / pvc-db (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / pvc-db-wal (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption-pvc (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption-pvc-db (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption-pvc-db-wal (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption-pvc-kms-vault-token-auth (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption-pvc-kms-vault-k8s-auth (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / lvm-pvc (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / multi-cluster-mirroring (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / rgw-multisite-testing (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / encryption-pvc-kms-ibm-kp (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / multus-public-and-cluster (quay.io/ceph/ceph:v18)" + - "check-success=canary-tests / csi-hostnetwork-disabled (quay.io/ceph/ceph:v18)" + - "check-success=TestCephSmokeSuite (v1.27.16)" + - "check-success=TestCephSmokeSuite (v1.31.0)" + - "check-success=TestCephHelmSuite (v1.27.16)" + - "check-success=TestCephHelmSuite (v1.31.0)" + - "check-success=TestCephMultiClusterDeploySuite (v1.31.0)" + - "check-success=TestCephObjectSuite (v1.27.16)" + - "check-success=TestCephObjectSuite (v1.31.0)" + - "check-success=TestCephUpgradeSuite (v1.27.16)" + - "check-success=TestCephUpgradeSuite (v1.31.0)" + - "check-success=TestHelmUpgradeSuite (v1.27.16)" + - "check-success=TestHelmUpgradeSuite (v1.31.0)" + actions: + merge: + method: merge + dismiss_reviews: {} + delete_head_branch: {} + # release-1.11 branch - actions: backport: @@ -335,3 +394,12 @@ pull_request_rules: conditions: - label=backport-release-1.15 name: backport release-1.15 + + # release-1.16 branch + - actions: + backport: + branches: + - release-1.16 + conditions: + - label=backport-release-1.16 + name: backport release-1.16 From 4e727f302cadde7c8503ecc067899ee51e92413e Mon Sep 17 00:00:00 2001 From: Travis Nielsen Date: Mon, 25 Nov 2024 12:29:19 -0700 Subject: [PATCH 3/3] ci: remove 1.11 and 1.12 branches from mergify rules Remove the 1.11 and 1.12 backport rules from mergify since no longer needed. Signed-off-by: Travis Nielsen --- .mergify.yml | 123 --------------------------------------------------- 1 file changed, 123 deletions(-) diff --git a/.mergify.yml b/.mergify.yml index fcac66285e1d..45938a112319 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -15,111 +15,6 @@ pull_request_rules: comment: message: Hi @{{author}}, this pull request was opened against a release branch, is it expected? Normally patches should go in the master branch first and then be backported to release branches. - # release-1.11 branch - - name: automerge backport release-1.11 - conditions: - - author=mergify[bot] - - base=release-1.11 - - label!=do-not-merge - - "status-success=DCO" - - "check-success=linux-build-all (1.19)" - - "check-success=unittests" - - "check-success=golangci-lint" - - "check-success=codegen" - - "check-success=codespell" - - "check-success=lint" - - "check-success=modcheck" - - "check-success=Shellcheck" - - "check-success=yaml-linter" - - "check-success=lint-test" - - "check-success=gen-rbac" - - "check-success=crds-gen" - - "check-success=docs-check" - - "check-success=pylint" - - "check-success=canary" - - "check-success=raw-disk" - - "check-success=two-osds-in-device" - - "check-success=osd-with-metadata-device" - - "check-success=encryption" - - "check-success=lvm" - - "check-success=pvc" - - "check-success=pvc-db" - - "check-success=pvc-db-wal" - - "check-success=encryption-pvc" - - "check-success=encryption-pvc-db" - - "check-success=encryption-pvc-db-wal" - - "check-success=encryption-pvc-kms-vault-token-auth" - - "check-success=encryption-pvc-kms-vault-k8s-auth" - - "check-success=lvm-pvc" - - "check-success=rgw-multisite-testing" - - "check-success=TestCephSmokeSuite (v1.21.14)" - - "check-success=TestCephSmokeSuite (v1.26.1)" - - "check-success=TestCephHelmSuite (v1.21.14)" - - "check-success=TestCephHelmSuite (v1.26.1)" - - "check-success=TestCephMultiClusterDeploySuite (v1.26.1)" - - "check-success=TestCephUpgradeSuite (v1.21.14)" - - "check-success=TestCephUpgradeSuite (v1.26.1)" - - "check-success=TestHelmUpgradeSuite (v1.21.14)" - - "check-success=TestHelmUpgradeSuite (v1.26.1)" - actions: - merge: - method: merge - dismiss_reviews: {} - delete_head_branch: {} - - # release-1.12 branch - - name: automerge backport release-1.12 - conditions: - - author=mergify[bot] - - base=release-1.12 - - label!=do-not-merge - - "status-success=DCO" - - "check-success=linux-build-all (1.21)" - - "check-success=unittests" - - "check-success=golangci-lint" - - "check-success=codegen" - - "check-success=codespell" - - "check-success=lint" - - "check-success=modcheck" - - "check-success=Shellcheck" - - "check-success=yaml-linter" - - "check-success=lint-test" - - "check-success=gen-rbac" - - "check-success=crds-gen" - - "check-success=docs-check" - - "check-success=pylint" - - "check-success=canary" - - "check-success=raw-disk" - - "check-success=two-osds-in-device" - - "check-success=osd-with-metadata-device" - - "check-success=encryption" - - "check-success=lvm" - - "check-success=pvc" - - "check-success=pvc-db" - - "check-success=pvc-db-wal" - - "check-success=encryption-pvc" - - "check-success=encryption-pvc-db" - - "check-success=encryption-pvc-db-wal" - - "check-success=encryption-pvc-kms-vault-token-auth" - - "check-success=encryption-pvc-kms-vault-k8s-auth" - - "check-success=lvm-pvc" - - "check-success=rgw-multisite-testing" - - "check-success=TestCephSmokeSuite (v1.22.17)" - - "check-success=TestCephSmokeSuite (v1.28.0)" - - "check-success=TestCephHelmSuite (v1.22.17)" - - "check-success=TestCephHelmSuite (v1.28.0)" - - "check-success=TestCephMultiClusterDeploySuite (v1.28.0)" - - "check-success=TestCephObjectSuite (v1.27.2)" - - "check-success=TestCephUpgradeSuite (v1.22.17)" - - "check-success=TestCephUpgradeSuite (v1.28.0)" - - "check-success=TestHelmUpgradeSuite (v1.22.17)" - - "check-success=TestHelmUpgradeSuite (v1.28.0)" - actions: - merge: - method: merge - dismiss_reviews: {} - delete_head_branch: {} - # release-1.13 branch - name: automerge backport release-1.13 conditions: @@ -350,24 +245,6 @@ pull_request_rules: dismiss_reviews: {} delete_head_branch: {} - # release-1.11 branch - - actions: - backport: - branches: - - release-1.11 - conditions: - - label=backport-release-1.11 - name: backport release-1.11 - - # release-1.12 branch - - actions: - backport: - branches: - - release-1.12 - conditions: - - label=backport-release-1.12 - name: backport release-1.12 - # release-1.13 branch - actions: backport: