NO-ISSUE: rebase-main-4.19.0-0.nightly-2025-01-25-021606_amd64-2025-01-25_arm64-2025-01-25

[microshift-rebase-script]

amd64: 4.19.0-0.nightly-2025-01-25-021606
arm64: 4.19.0-0.nightly-arm64-2025-01-25-000530
prow job: https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-openshift-microshift-main-rebase-on-nightlies/1883726970630443008

• api embedded-component c21a6eb290e4c665e7c986b11657dee5d48a510e to a770960d61e0f5518549477e96ee4d1f5a8bc047

  • ffe2efd1 2025-01-24T12:26:45-05:00 Update to k8s 1.32
  • e8a4d21e 2025-01-22T18:11:00+00:00 Add example of using two required featuregates for one validation
  • 57973618 2025-01-08T10:25:36+00:00 Handle requiredFeatureGates in partial manifests and manifest merge
  • 0b156575 2025-01-08T10:25:35+00:00 Update controller-tools
  • 52d7b3fe 2025-01-08T10:25:28+00:00 Add Example2 feature gate to demonstrate FG dependencies

• cluster-ingress-operator embedded-component 2856e6ddee396b3cb5492ac128c3015956651b51 to cba3e44da2e6b48bc84e80cd715d6637e2713368

  • 1385b13 2025-01-22T09:23:46+00:00 OCPBUGS-43745: Add support for idle connection termination policy
  • 9a6016e 2025-01-13T15:43:39+00:00 OCPBUGS-43745: vendor OCPBUGS-43745: Add IdleCloseOnResponse field to IngressControllerSpec api#2102
  • 79aee04 2025-01-09T17:03:37+00:00 test/http2: enhance response handlers

• cluster-kube-apiserver-operator embedded-component fef044da6d5f71c44327ff78fb64502f264acb00 to bb90f17b3978b41882ecb12e28d0012e8324d69a

  • cb8d752 2025-01-23T09:47:20+08:00 ART requests updates to 4.19 image ose-cluster-kube-apiserver-operator-container

• cluster-kube-scheduler-operator embedded-component b1cc4471e2f6c5dc81b2b9471f4634f1ecdb88b4 to fcefcca15b1e7812f45bfeec10ee771011551635

  • 1230099 2025-01-22T11:15:40-05:00 Bump library-go for static pod controller apply fixes.

• cluster-network-operator embedded-component 0dfccc148f815b67cc472945d8d7aec68e0b6a74 to 51a6fc7c63b778f1d6640f6dbb0ebad9f1d4c078

  • 4e57dcd 2025-01-23T21:24:25+01:00 Keep ovn ipsec enabled during the upgrade     The following change on the machine pool status.MachineCount == status.UpdatedMachineCount && hasSourceInMachineConfigStatus(status, machineConfigs) is introduced with PR OCPBUGS-32525: Check every MachineConfigPool for IPsec plugin existence cluster-network-operator#2349 which ensures IPsec machine config is always installed on all the nodes in the cluster, So this is deleting the IPsec daemonset as per the CNO state machine for IPsec when the condition is not met. But this is also accidentally disabling IPsec in OVN which is not an expected behavior. This causes ovs-monitor-ipsec to refresh existing ipsec connections unnecessarily when IPsec pod comes up as it is not able to find remote_name from the tunnel. This may also trigger deleting IPsec connection entries from openshift.conf file if ovs-monitor-ipsec is not killed timely when ipsec daemonset is removed. So this commit enables ovn ipsec option as long as the API is set with Full mode.

• kubernetes embedded-component 4b2db1ec33faa3ffc305e5ffa7376908cc955370 to d6d0ba181b25cdd0db6ca436038fe39c90a58ac3

  • 9213bbed2 2025-01-20T10:29:13-03:00 UPSTREAM: : hack/update-vendor.sh, make update and update image
  • a78aa4712 2024-12-10T11:37:26+00:00 Release commit for Kubernetes v1.31.4
  • 80964efae 2024-11-27T13:29:30+00:00 fix isLikelyNotMountPointStatx relative path issue
  • 779a0827a 2024-11-21T14:55:35+01:00 Bump images, dependencies and versions to go 1.22.9 and distroless iptables
  • 953a3a8aa 2024-11-19T14:02:11+00:00 Update CHANGELOG/CHANGELOG-1.31.md for v1.31.3
  • ea299acf9 2024-11-14T20:00:41+02:00 Ensure that a node's CIDR isn't released until the node is deleted

• machine-config-operator embedded-component 11b9ad07624cf75365c7897b922a54716f1951e5 to 38fb1b8bd28da78a79bb96eb3c9e978bab2752ff

  • 9117787c 2025-01-09T08:50:55-06:00 Revert "OCPBUGS-44832: Revert MCS CA rotation"
  • 13e7ac90 2025-01-08T11:13:20-06:00 client go bump
  • 6a53bc91 2024-12-18T10:11:20-05:00 controller: add extension validation to controller

• ovn-kubernetes image-amd64 cd2cd1bf1da301ac11aaa0b75b55966ff886d97a to fcf25ea44a89c3cd9d6a287a7e7b3f04fb1e36d7

  • 41eaacfa 2025-01-21T10:32:09+01:00 Bump OVN to ovn24.09-24.09.1-10.el9fdp

• kubernetes image-amd64 4b2db1ec33faa3ffc305e5ffa7376908cc955370 to d6d0ba181b25cdd0db6ca436038fe39c90a58ac3

  • 9213bbed2 2025-01-20T10:29:13-03:00 UPSTREAM: : hack/update-vendor.sh, make update and update image
  • a78aa4712 2024-12-10T11:37:26+00:00 Release commit for Kubernetes v1.31.4
  • 80964efae 2024-11-27T13:29:30+00:00 fix isLikelyNotMountPointStatx relative path issue
  • 779a0827a 2024-11-21T14:55:35+01:00 Bump images, dependencies and versions to go 1.22.9 and distroless iptables
  • 953a3a8aa 2024-11-19T14:02:11+00:00 Update CHANGELOG/CHANGELOG-1.31.md for v1.31.3
  • ea299acf9 2024-11-14T20:00:41+02:00 Ensure that a node's CIDR isn't released until the node is deleted

• ovn-kubernetes image-arm64 cd2cd1bf1da301ac11aaa0b75b55966ff886d97a to fcf25ea44a89c3cd9d6a287a7e7b3f04fb1e36d7

  • 41eaacfa 2025-01-21T10:32:09+01:00 Bump OVN to ovn24.09-24.09.1-10.el9fdp

• kubernetes image-arm64 4b2db1ec33faa3ffc305e5ffa7376908cc955370 to d6d0ba181b25cdd0db6ca436038fe39c90a58ac3

  • 9213bbed2 2025-01-20T10:29:13-03:00 UPSTREAM: : hack/update-vendor.sh, make update and update image
  • a78aa4712 2024-12-10T11:37:26+00:00 Release commit for Kubernet

The change list was truncated. See scripts/auto-rebase/changelog.txt in the PR for the full details.

/label tide/merge-method-squash
/label cherry-pick-approved
/label backport-risk-assessed
/label jira/valid-bug

[openshift-ci-robot]

@microshift-rebase-script[bot]: This pull request explicitly references no jira issue.

In response to this:

amd64: 4.19.0-0.nightly-2025-01-25-021606
arm64: 4.19.0-0.nightly-arm64-2025-01-25-000530
prow job: https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-openshift-microshift-main-rebase-on-nightlies/1883726970630443008

• api embedded-component c21a6eb290e4c665e7c986b11657dee5d48a510e to a770960d61e0f5518549477e96ee4d1f5a8bc047

• ffe2efd1 2025-01-24T12:26:45-05:00 Update to k8s 1.32

• e8a4d21e 2025-01-22T18:11:00+00:00 Add example of using two required featuregates for one validation

• 57973618 2025-01-08T10:25:36+00:00 Handle requiredFeatureGates in partial manifests and manifest merge

• 0b156575 2025-01-08T10:25:35+00:00 Update controller-tools

• 52d7b3fe 2025-01-08T10:25:28+00:00 Add Example2 feature gate to demonstrate FG dependencies

• cluster-ingress-operator embedded-component 2856e6ddee396b3cb5492ac128c3015956651b51 to cba3e44da2e6b48bc84e80cd715d6637e2713368

• 1385b13 2025-01-22T09:23:46+00:00 OCPBUGS-43745: Add support for idle connection termination policy

• 9a6016e 2025-01-13T15:43:39+00:00 OCPBUGS-43745: vendor OCPBUGS-43745: Add IdleCloseOnResponse field to IngressControllerSpec api#2102

• 79aee04 2025-01-09T17:03:37+00:00 test/http2: enhance response handlers

• cluster-kube-apiserver-operator embedded-component fef044da6d5f71c44327ff78fb64502f264acb00 to bb90f17b3978b41882ecb12e28d0012e8324d69a

• cb8d752 2025-01-23T09:47:20+08:00 ART requests updates to 4.19 image ose-cluster-kube-apiserver-operator-container

• cluster-kube-scheduler-operator embedded-component b1cc4471e2f6c5dc81b2b9471f4634f1ecdb88b4 to fcefcca15b1e7812f45bfeec10ee771011551635

• 1230099 2025-01-22T11:15:40-05:00 Bump library-go for static pod controller apply fixes.

• cluster-network-operator embedded-component 0dfccc148f815b67cc472945d8d7aec68e0b6a74 to 51a6fc7c63b778f1d6640f6dbb0ebad9f1d4c078

• 4e57dcd 2025-01-23T21:24:25+01:00 Keep ovn ipsec enabled during the upgrade     The following change on the machine pool status.MachineCount == status.UpdatedMachineCount && hasSourceInMachineConfigStatus(status, machineConfigs) is introduced with PR OCPBUGS-32525: Check every MachineConfigPool for IPsec plugin existence cluster-network-operator#2349 which ensures IPsec machine config is always installed on all the nodes in the cluster, So this is deleting the IPsec daemonset as per the CNO state machine for IPsec when the condition is not met. But this is also accidentally disabling IPsec in OVN which is not an expected behavior. This causes ovs-monitor-ipsec to refresh existing ipsec connections unnecessarily when IPsec pod comes up as it is not able to find remote_name from the tunnel. This may also trigger deleting IPsec connection entries from openshift.conf file if ovs-monitor-ipsec is not killed timely when ipsec daemonset is removed. So this commit enables ovn ipsec option as long as the API is set with Full mode.

• kubernetes embedded-component 4b2db1ec33faa3ffc305e5ffa7376908cc955370 to d6d0ba181b25cdd0db6ca436038fe39c90a58ac3

• 9213bbed2 2025-01-20T10:29:13-03:00 UPSTREAM: : hack/update-vendor.sh, make update and update image

• a78aa4712 2024-12-10T11:37:26+00:00 Release commit for Kubernetes v1.31.4

• 80964efae 2024-11-27T13:29:30+00:00 fix isLikelyNotMountPointStatx relative path issue

• 779a0827a 2024-11-21T14:55:35+01:00 Bump images, dependencies and versions to go 1.22.9 and distroless iptables

• 953a3a8aa 2024-11-19T14:02:11+00:00 Update CHANGELOG/CHANGELOG-1.31.md for v1.31.3

• ea299acf9 2024-11-14T20:00:41+02:00 Ensure that a node's CIDR isn't released until the node is deleted

• machine-config-operator embedded-component 11b9ad07624cf75365c7897b922a54716f1951e5 to 38fb1b8bd28da78a79bb96eb3c9e978bab2752ff

• 9117787c 2025-01-09T08:50:55-06:00 Revert "OCPBUGS-44832: Revert MCS CA rotation"

• 13e7ac90 2025-01-08T11:13:20-06:00 client go bump

• 6a53bc91 2024-12-18T10:11:20-05:00 controller: add extension validation to controller

• ovn-kubernetes image-amd64 cd2cd1bf1da301ac11aaa0b75b55966ff886d97a to fcf25ea44a89c3cd9d6a287a7e7b3f04fb1e36d7

• 41eaacfa 2025-01-21T10:32:09+01:00 Bump OVN to ovn24.09-24.09.1-10.el9fdp

• kubernetes image-amd64 4b2db1ec33faa3ffc305e5ffa7376908cc955370 to d6d0ba181b25cdd0db6ca436038fe39c90a58ac3

• 9213bbed2 2025-01-20T10:29:13-03:00 UPSTREAM: : hack/update-vendor.sh, make update and update image

• a78aa4712 2024-12-10T11:37:26+00:00 Release commit for Kubernetes v1.31.4

• 80964efae 2024-11-27T13:29:30+00:00 fix isLikelyNotMountPointStatx relative path issue

• 779a0827a 2024-11-21T14:55:35+01:00 Bump images, dependencies and versions to go 1.22.9 and distroless iptables

• 953a3a8aa 2024-11-19T14:02:11+00:00 Update CHANGELOG/CHANGELOG-1.31.md for v1.31.3

• ea299acf9 2024-11-14T20:00:41+02:00 Ensure that a node's CIDR isn't released until the node is deleted

• ovn-kubernetes image-arm64 cd2cd1bf1da301ac11aaa0b75b55966ff886d97a to fcf25ea44a89c3cd9d6a287a7e7b3f04fb1e36d7

• 41eaacfa 2025-01-21T10:32:09+01:00 Bump OVN to ovn24.09-24.09.1-10.el9fdp

• kubernetes image-arm64 4b2db1ec33faa3ffc305e5ffa7376908cc955370 to d6d0ba181b25cdd0db6ca436038fe39c90a58ac3

• 9213bbed2 2025-01-20T10:29:13-03:00 UPSTREAM: : hack/update-vendor.sh, make update and update image

• a78aa4712 2024-12-10T11:37:26+00:00 Release commit for Kubernet

The change list was truncated. See scripts/auto-rebase/changelog.txt in the PR for the full details.

/label tide/merge-method-squash
/label cherry-pick-approved
/label backport-risk-assessed
/label jira/valid-bug

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[microshift-rebase-script]

Extra messages:

• Deleted following branches: rebase-main-4.19.0-0.nightly-2025-01-21-163021_amd64-2025-01-21_arm64-2025-01-23

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: microshift-rebase-script[bot]
Once this PR has been reviewed and has the lgtm label, please assign pacevedom for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[pacevedom]

/retest
Issues with CI infra, base images were not pulled correctly.

[pacevedom]

/retest

[openshift-ci]

@microshift-rebase-script[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/test-unit	12a0cfe	link	true	/test test-unit
ci/prow/e2e-aws-tests-bootc-arm	12a0cfe	link	true	/test e2e-aws-tests-bootc-arm
ci/prow/ocp-full-conformance-rhel-eus	12a0cfe	link	true	/test ocp-full-conformance-rhel-eus
ci/prow/e2e-aws-tests	12a0cfe	link	true	/test e2e-aws-tests
ci/prow/e2e-aws-tests-bootc	12a0cfe	link	true	/test e2e-aws-tests-bootc
ci/prow/e2e-aws-tests-arm	12a0cfe	link	true	/test e2e-aws-tests-arm
ci/prow/test-rpm	12a0cfe	link	true	/test test-rpm
ci/prow/ocp-full-conformance-serial-rhel-eus	12a0cfe	link	true	/test ocp-full-conformance-serial-rhel-eus
ci/prow/verify	12a0cfe	link	true	/test verify

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.