openshift/v4.17: Use fcos 1.5 & ignition 3.4 specs

Step down to non expermental features Additionaly remove GRUB password support See: https://issues.redhat.com/browse/MCO-630
coreos · Sep 18, 2024 · dbfeabe · dbfeabe
1 parent d83bd0d
commit dbfeabe
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 126 deletions.
diff --git a/config/openshift/v4_17/result/schema.go b/config/openshift/v4_17/result/schema.go
@@ -15,7 +15,7 @@
 package result
 
 import (
-	"github.com/coreos/ignition/v2/config/v3_5_experimental/types"
+	"github.com/coreos/ignition/v2/config/v3_4/types"
 )
 
 const (

diff --git a/config/openshift/v4_17/schema.go b/config/openshift/v4_17/schema.go
@@ -15,7 +15,7 @@
 package v4_17
 
 import (
-	fcos "github.com/coreos/butane/config/fcos/v1_6_exp"
+	fcos "github.com/coreos/butane/config/fcos/v1_5"
 )
 
 const ROLE_LABEL_KEY = "machineconfiguration.openshift.io/role"

diff --git a/config/openshift/v4_17/translate.go b/config/openshift/v4_17/translate.go
@@ -24,7 +24,7 @@ import (
 	"github.com/coreos/butane/translate"
 
 	"github.com/coreos/ignition/v2/config/util"
-	"github.com/coreos/ignition/v2/config/v3_5_experimental/types"
+	"github.com/coreos/ignition/v2/config/v3_4/types"
 	"github.com/coreos/vcontext/path"
 	"github.com/coreos/vcontext/report"
 )
@@ -113,11 +113,10 @@ func (c Config) FieldFilters() *cutil.FieldFilters {
 // can be tracked back to their source in the source config.  No config
 // validation is performed on input or output.
 func (c Config) ToMachineConfig4_17Unvalidated(options common.TranslateOptions) (result.MachineConfig, translate.TranslationSet, report.Report) {
-	cfg, ts, r := c.Config.ToIgn3_5Unvalidated(options)
+	cfg, ts, r := c.Config.ToIgn3_4Unvalidated(options)
 	if r.IsFatal() {
 		return result.MachineConfig{}, ts, r
 	}
-	ts = translateUserGrubCfg(&cfg, &ts)
 
 	// wrap
 	ts = ts.PrefixPaths(path.New("yaml"), path.New("json", "spec", "config"))
@@ -174,11 +173,11 @@ func (c Config) ToMachineConfig4_17(options common.TranslateOptions) (result.Mac
 	return cfg.(result.MachineConfig), r, err
 }
 
-// ToIgn3_5Unvalidated translates the config to an Ignition config.  It also
+// ToIgn3_4Unvalidated translates the config to an Ignition config.  It also
 // returns the set of translations it did so paths in the resultant config
 // can be tracked back to their source in the source config.  No config
 // validation is performed on input or output.
-func (c Config) ToIgn3_5Unvalidated(options common.TranslateOptions) (types.Config, translate.TranslationSet, report.Report) {
+func (c Config) ToIgn3_4Unvalidated(options common.TranslateOptions) (types.Config, translate.TranslationSet, report.Report) {
 	mc, ts, r := c.ToMachineConfig4_17Unvalidated(options)
 	cfg := mc.Spec.Config
 
@@ -194,12 +193,12 @@ func (c Config) ToIgn3_5Unvalidated(options common.TranslateOptions) (types.Conf
 	return cfg, ts, r
 }
 
-// ToIgn3_5 translates the config to an Ignition config.  It returns a
+// ToIgn3_4 translates the config to an Ignition config.  It returns a
 // report of any errors or warnings in the source and resultant config.  If
 // the report has fatal errors or it encounters other problems translating,
 // an error is returned.
-func (c Config) ToIgn3_5(options common.TranslateOptions) (types.Config, report.Report, error) {
-	cfg, r, err := cutil.Translate(c, "ToIgn3_5Unvalidated", options)
+func (c Config) ToIgn3_4(options common.TranslateOptions) (types.Config, report.Report, error) {
+	cfg, r, err := cutil.Translate(c, "ToIgn3_4Unvalidated", options)
 	return cfg.(types.Config), r, err
 }
 
@@ -208,7 +207,7 @@ func (c Config) ToIgn3_5(options common.TranslateOptions) (types.Config, report.
 // translating, an error is returned.
 func ToConfigBytes(input []byte, options common.TranslateBytesOptions) ([]byte, report.Report, error) {
 	if options.Raw {
-		return cutil.TranslateBytes(input, &Config{}, "ToIgn3_5", options)
+		return cutil.TranslateBytes(input, &Config{}, "ToIgn3_4", options)
 	} else {
 		return cutil.TranslateBytesYAML(input, &Config{}, "ToMachineConfig4_17", options)
 	}
@@ -302,26 +301,3 @@ func validateMCOSupport(mc result.MachineConfig) report.Report {
 	}
 	return r
 }
-
-// fcos config generates a user.cfg file using append; however, OpenShift config
-// does not support append (since MCO does not support it). Let change the file to use contents
-func translateUserGrubCfg(config *types.Config, ts *translate.TranslationSet) translate.TranslationSet {
-	newMappings := translate.NewTranslationSet("json", "json")
-	for i, file := range config.Storage.Files {
-		if file.Path == "/boot/grub2/user.cfg" {
-			if len(file.Append) != 1 {
-				// The number of append objects was different from expected, this file
-				// was created by the user and not via butane GRUB sugar
-				return *ts
-			}
-			fromPath := path.New("json", "storage", "files", i, "append", 0)
-			translatedPath := path.New("json", "storage", "files", i, "contents")
-			config.Storage.Files[i].FileEmbedded1.Contents = file.Append[0]
-			config.Storage.Files[i].FileEmbedded1.Append = nil
-			newMappings.AddFromCommonObject(fromPath, translatedPath, config.Storage.Files[i].FileEmbedded1.Contents)
-
-			return ts.Map(newMappings)
-		}
-	}
-	return *ts
-}
diff --git a/config/openshift/v4_17/translate_test.go b/config/openshift/v4_17/translate_test.go
@@ -19,15 +19,15 @@ import (
 	"testing"
 
 	baseutil "github.com/coreos/butane/base/util"
-	base "github.com/coreos/butane/base/v0_6_exp"
+	base "github.com/coreos/butane/base/v0_5"
 	"github.com/coreos/butane/config/common"
-	fcos "github.com/coreos/butane/config/fcos/v1_6_exp"
+	fcos "github.com/coreos/butane/config/fcos/v1_5"
 	"github.com/coreos/butane/config/openshift/v4_17/result"
 	confutil "github.com/coreos/butane/config/util"
 	"github.com/coreos/butane/translate"
 
 	"github.com/coreos/ignition/v2/config/util"
-	"github.com/coreos/ignition/v2/config/v3_5_experimental/types"
+	"github.com/coreos/ignition/v2/config/v3_4/types"
 	"github.com/coreos/vcontext/path"
 	"github.com/coreos/vcontext/report"
 	"github.com/stretchr/testify/assert"
@@ -52,7 +52,7 @@ func TestElidedFieldWarning(t *testing.T) {
 	expected.AddOnWarn(path.New("yaml", "openshift", "fips"), common.ErrFieldElided)
 	expected.AddOnWarn(path.New("yaml", "openshift", "kernel_type"), common.ErrFieldElided)
 
-	_, _, r := in.ToIgn3_5Unvalidated(common.TranslateOptions{})
+	_, _, r := in.ToIgn3_4Unvalidated(common.TranslateOptions{})
 	assert.Equal(t, expected, r, "report mismatch")
 }
 
@@ -84,7 +84,7 @@ func TestTranslateConfig(t *testing.T) {
 				Spec: result.Spec{
 					Config: types.Config{
 						Ignition: types.Ignition{
-							Version: "3.5.0-experimental",
+							Version: "3.4.0",
 						},
 					},
 				},
@@ -159,7 +159,7 @@ func TestTranslateConfig(t *testing.T) {
 				Spec: result.Spec{
 					Config: types.Config{
 						Ignition: types.Ignition{
-							Version: "3.5.0-experimental",
+							Version: "3.4.0",
 						},
 						Storage: types.Storage{
 							Filesystems: []types.Filesystem{
@@ -272,89 +272,6 @@ func TestTranslateConfig(t *testing.T) {
 				{From: path.New("yaml", "openshift", "fips"), To: path.New("json", "spec", "fips")},
 			},
 		},
-		// Test Grub config
-		{
-			Config{
-				Metadata: Metadata{
-					Name: "z",
-					Labels: map[string]string{
-						ROLE_LABEL_KEY: "z",
-					},
-				},
-				Config: fcos.Config{
-					Grub: fcos.Grub{
-						Users: []fcos.GrubUser{
-							{
-								Name:         "root",
-								PasswordHash: util.StrToPtr("grub.pbkdf2.sha512.10000.874A958E526409..."),
-							},
-						},
-					},
-				},
-			},
-			result.MachineConfig{
-				ApiVersion: result.MC_API_VERSION,
-				Kind:       result.MC_KIND,
-				Metadata: result.Metadata{
-					Name: "z",
-					Labels: map[string]string{
-						ROLE_LABEL_KEY: "z",
-					},
-				},
-				Spec: result.Spec{
-					Config: types.Config{
-						Ignition: types.Ignition{
-							Version: "3.5.0-experimental",
-						},
-						Storage: types.Storage{
-							Filesystems: []types.Filesystem{
-								{
-									Device: "/dev/disk/by-label/boot",
-									Format: util.StrToPtr("ext4"),
-									Path:   util.StrToPtr("/boot"),
-								},
-							},
-							Files: []types.File{
-								{
-									Node: types.Node{
-										Path: "/boot/grub2/user.cfg",
-									},
-									FileEmbedded1: types.FileEmbedded1{
-										Contents: types.Resource{
-											Source:      util.StrToPtr("data:,%23%20Generated%20by%20Butane%0A%0Aset%20superusers%3D%22root%22%0Apassword_pbkdf2%20root%20grub.pbkdf2.sha512.10000.874A958E526409...%0A"),
-											Compression: util.StrToPtr(""),
-										},
-									},
-								},
-							},
-						},
-					},
-				},
-			},
-			[]translate.Translation{
-				{From: path.New("yaml", "version"), To: path.New("json", "apiVersion")},
-				{From: path.New("yaml", "version"), To: path.New("json", "kind")},
-				{From: path.New("yaml", "version"), To: path.New("json", "spec")},
-				{From: path.New("yaml"), To: path.New("json", "spec", "config")},
-				{From: path.New("yaml", "ignition"), To: path.New("json", "spec", "config", "ignition")},
-				{From: path.New("yaml", "version"), To: path.New("json", "spec", "config", "ignition", "version")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0)},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "path")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "device")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "format")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0)},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "path")},
-				// "append" field is a remnant of translations performed in fcos config
-				// TODO: add a delete function to translation.TranslationSet and delete "append" translation
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "append")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents", "source")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents", "compression")},
-			},
-		},
 	}
 
 	for i, test := range tests {

diff --git a/docs/config-openshift-v4_17.md b/docs/config-openshift-v4_17.md
@@ -13,7 +13,7 @@ The OpenShift configuration is a YAML document conforming to the following speci
 <div id="spec-docs"></div>
 
 * **variant** (string): used to differentiate configs for different operating systems. Must be `openshift` for this specification.
-* **version** (string): the semantic version of the spec for this document. This document is for version `4.17.0` and generates Ignition configs with version `3.5.0-experimental`.
+* **version** (string): the semantic version of the spec for this document. This document is for version `4.17.0` and generates Ignition configs with version `3.4.0`.
 * **metadata** (object): metadata about the generated MachineConfig resource. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config.
   * **name** (string): a unique [name](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names) for this MachineConfig resource.
   * **labels** (object): string key/value pairs to apply as [Kubernetes labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) to this MachineConfig resource. `machineconfiguration.openshift.io/role` is required.
@@ -158,7 +158,6 @@ The OpenShift configuration is a YAML document conforming to the following speci
 * **_boot_device_** (object): describes the desired boot device configuration. At least one of `luks` or `mirror` must be specified.
   * **_layout_** (string): the disk layout of the target OS image. Supported values are `aarch64`, `ppc64le`, and `x86_64`. Defaults to `x86_64`.
   * **_luks_** (object): describes the clevis configuration for encrypting the root filesystem.
-    * **_device_** (string): the whole-disk device (not partitions), referenced by their absolute path. Must start with `/dev/dasd` for `s390x-eckd` layout or `/dev/sd` for `s390x-zfcp` layouts.
     * **_tang_** (list of objects): describes a tang server. Every server must have a unique `url`.
       * **url** (string): url of the tang server.
       * **thumbprint** (string): thumbprint of a trusted signing key.

diff --git a/docs/release-notes.md b/docs/release-notes.md
@@ -94,7 +94,7 @@ key](https://getfedora.org/security/).
 ### Docs changes
 
 - Document consequence of setting `systemd.units.mask` to false
-- Document `grub` section _(openshift 4.15.0-exp)_
+- Document `grub` section _(openshift 4.18.0-exp)_
 - Document `/dev/disk/by-id/coreos-boot-disk` _(fcos, openshift 4.11.0+)_
 - Don't claim to support generating swap units _(openshift 4.8.0 - 4.13.0)_
 - Document `key_file` `compression` field  _(openshift 4.8.0 - 4.9.0)_