Add a .gitleaks.toml file to avoid the false positive leak for the
example certificate when deploying for Elasticsearch.

Update the check to use bool filter instead of a bar var.
By default, ansible parses vars as strings, and without the | bool
filter, this check is invalid, as it will always resolve to true, since
it is a non-empty string. Other instances of the same check did this,
but this one was missed.

* [allow_skip_clone] Use <repo>_dir instead of hardcoding all directories relative to base_dir

This will allow configuration of the repo clone destination, so we can
use pre-cloned dirs instead of explicitly cloning the dirs each time.

This is essential for CI systems like zuul, that set-up the repos with
particular versions/branches prior to running the test scripts.

* [zuul] List the other infrawatch repos as required for the job

* [zuul] Set the {sgo,sg-bridge,sg-core,prometheus-webhook-snmp}_dir vars

Add in the repo dir locations where the repos should be pre-cloned by
zuul

* Replace base_dir with sto_dir

* set sto_dir relative to base_dir is it isn't already set

* [ci] use absolute dir for requirements.txt

* [ci] Update sto_dir using explicit reference

zuul.project.src_dir refers to the current project dir. When using the jobs
in another infrawatch project, this becomes invalid.
Instead, sto_dir is explicitly set using
zuul.projects[<project_name>].src_dir, the same way that the other repo dirs
are set in vars-zuul-common

---------

Co-authored-by: Chris Sibbitt <[email protected]>

* Fix qdr auth one_time_upgrade label check

* Fix incorrect variable naming on one_time_upgrade label check

* Adjust QDR authentication password generation (#520)

Adjust the passwords being generated for QDR authentication since
certain characters (such as colon) will cause a failure in the parsing
routine within qpid-dispatch. Updates the lookup function to only use
ascii_letters and digits and increases the length to 32 characters.

---------

Co-authored-by: Leif Madsen <[email protected]>

* [allow_skip_clone] Add docs for clone_repos and *_dir vars

* Align README table column spacing (#516)

* Align README table column spacing

* Update build/stf-run-ci/README.md

---------

Co-authored-by: Emma Foley <[email protected]>

---------

Co-authored-by: Leif Madsen <[email protected]>

It appears that STO is not included explictly when running jobs from
SGO [1]. This will be the case in all the other repos.
This change explicitly add it, in case it's not already included by
zuul.

[1] https://review.rdoproject.org/zuul/build/edd8f17bfdac4360a94186b46c4cea3f

* QDR Auth in smoketest

* Added qdr-test as a mock of the OSP-side QDR
* Connection from qdr-test -> default-interconnect is TLS+Auth
* Collectors point at qdr-test instead of default-interconnect directly
* Much more realistic than the existing setup
* Eliminated a substitution in sensubility config
* Used default QDR basic auth in Jenkinsfile

* QDR Auth for infrared 17.1 script

* Fix missing substitution for AMQP_PASS in infrared script

* [allow_skip_clone] Use <repo>_dir instead of hardcoding all directories relative to base_dir

This will allow configuration of the repo clone destination, so we can
use pre-cloned dirs instead of explicitly cloning the dirs each time.

This is essential for CI systems like zuul, that set-up the repos with
particular versions/branches prior to running the test scripts.

* [zuul] List the other infrawatch repos as required for the job

* [zuul] Set the {sgo,sg-bridge,sg-core,prometheus-webhook-snmp}_dir vars

Add in the repo dir locations where the repos should be pre-cloned by
zuul

* Replace base_dir with sto_dir

* set sto_dir relative to base_dir is it isn't already set

* [ci] use absolute dir for requirements.txt

* [ci] Update sto_dir using explicit reference

zuul.project.src_dir refers to the current project dir. When using the jobs
in another infrawatch project, this becomes invalid.
Instead, sto_dir is explicitly set using
zuul.projects[<project_name>].src_dir, the same way that the other repo dirs
are set in vars-zuul-common

* [zuul] Define a project template for stf-crc-jobs

Instead of listing all the jobs for each preoject in-repo, and needing to update the list every time
that a new job is added, the project template can be updated and the changes propogated to the
other infrawatch projects

* [zuul] don't enable using the template

* Revert "[zuul] don't enable using the template"

This reverts commit 56e2009.

---------

Co-authored-by: Chris Sibbitt <[email protected]>

* Restart QDR after changing the password

* Fixes bug reported here: #517 (comment)
* Avoids an extra manual step when changing password
* Would affect users who upgrade from earlier STF and subsequently enable basic auth
* Also users who need to change their passwords

* Fixing ansible lint

* Update roles/servicetelemetry/tasks/component_qdr.yml

* Adjust QDR restarts to account for HA

* [smoketest] Wait for qdr-test to be Running

* [smoketest] Wait for QDR password upgrade

* Remove zuul QDR auth override

* Add crc_ocp_bundle value to select OCP version
* zuul: add log collection post-task to get crc logs
* Add ocp v13 and a timeout to the job

* Update README for 17.1 IR test

Update the 17.1 infrared test script README to show how to deploy a
virtualized workload on the deployed overcloud infrastructure. Helps
with testing by providing additional telemetry to STF required in
certain dashboards.

* Update tests/infrared/17.1/README.md

Co-authored-by: Chris Sibbitt <[email protected]>

* Update tests/infrared/17.1/README.md

---------

Co-authored-by: Chris Sibbitt <[email protected]>

Support STF 1.5.3 starting at OpenShift version 4.12 due to
incompatibility with 4.11 due to dependency requirements. Our primary
target is support of OCP EUS releases.

Closes: STF-1632

The "Question the deployment" task didn't have
ignore_errors: true set, so when the task fails, the play
is finished. This means that we don't get to the
"copy logs" task and can't see the job logs in zuul.

ignore_errors is set to true to be consistent with other tasks

* update stf-collect-logs tasks
* Update log path
* solve log bugs in stf-run-ci tasks
* create log directory

Adjust the operator package dependency requirements to align to known
required versions. Primarily reduce the version of
openshift-cert-manager from 1.10 to 1.7 in order to support the
tech-preview channel which was previously used.

Lowering the version requirement allows for the
openshift-cert-manager-operator installed previously to be used during
the STF 1.5.2 to 1.5.3 update, removing the update from being blocked.

Related: STF-1636

Update the stf-run-ci base setup to no longer need testing against OCP
4.10 and earlier, meaning we can rely on a single workflow for
installation. Also update the deployment to use
cluster-observability-operator via the redhat-operators CatalogSource
for installation via use_redhat and use_hybrid strategies.

* [zuul] Add job to build locally and do an index-based deployment

* Only require Interconnect and Smart Gateway

Update the dependency management within Service Telemetry Operator to
only require AMQ Interconnect and Smart Gateway Operator, which is
enough to deploy STF with observabilityStrategy: none. Other Operators
can be installed in order to satisfy data storage of telemetry and
events.

Installation of cert-manager is also required, but needs to be
pre-installed similar to Cluster Observability Operator, either as a
cluster-scoped operator with the tech-preview channel, or a single time
on the cluster as a namespace scoped operator, which is how the
stable-v1 channel installs.

Documentation will be updated to adjust for this change.

Related: STF-1636

* Perform CI update to match docs install changes (#542)

* Perform CI update to match docs install changes

Update the stf-run-ci scripting to match the documented installation
procedures which landed in
infrawatch/documentation#513. These changes are
also reflected in #541.

* Update build/stf-run-ci/tasks/setup_base.yml

Co-authored-by: Emma Foley <[email protected]>

---------

Co-authored-by: Emma Foley <[email protected]>

* Also drop cert-manager project

The cert-manager project gets created with workload items when deploying
the cert-manager from the cert-manager-operator project. When removing
cert-manager this project is not cleaned up, so we need to delete it as
well.

---------

Co-authored-by: Emma Foley <[email protected]>

…545)

In [1], the validate_deployment step is successful, despite the
deployment not being successful.
This causes the job to timeout because the following steps continue to
run despite an invalid state.

To get the expected behaviour, the output should be checked for a string
indicating success.
i.e. * [info] CI Build complete. You can now run tests.
[2] shows the output for a successful run.

[1] https://review.rdoproject.org/zuul/build/245ae63e41884dc09353d938ec9058d7/console#5/0/144/controller
[2] https://review.rdoproject.org/zuul/build/802432b23da24649b818985b7b1633bb/console#5/0/82/controller

* Implement dashboard management

Implement a new configuration option graphing.grafana.dashboards.enabled
which results in dashboards objects being created for the Grafana
Operator. Previously loading dashboards would be done manually via 'oc
apply' using instructions from documentation.

The new CRD parameters to the ServiceTelemetry object allows the Service
Telemetry Operator to now make the GrafanaDashboard objects directly.

Related: OSPRH-825

* Drop unnecessary cluster roles

* Update CSV for owned parameter

* Only openshift auth will be allowed

* This matches recent changes in prometheus[1] and grafana[2]

[1] https://github.com/infrawatch/service-telemetry-operator/pull/549/files#diff-2cf84bcf66f12393c86949ec0d3f16c473a650173d55549bb02556d23aa22bd2R46
[2] https://github.com/infrawatch/service-telemetry-operator/pull/550/files#diff-ae71801975adb4f8dd4aa5479a66ad46e46f17de40f9d147b2e09e13ce26633eR45

This reverts commit 0f94fd5.

* Auth to prometheus using token instead of basicauth

* Add present/absent logic to prometheus-reader resources

* s/password/token in smoketest output

* [zuul] Make nightly_bundles jobs non-voting (#551)

---------

Co-authored-by: Emma Foley <[email protected]>

I think it got broken by an oops recently[1].

Since that change, working_branch (`branch` at that point) is never used because version_branches.sgo has a default value.

This breaks the branch co-ordination in Jenkins[2] and in local testing[3].

[1] https://github.com/infrawatch/service-telemetry-operator/pull/512/files#diff-c073fe1e346d08112920aa0bbc8a7453bbd3032b7a9b09ae8cbc70df4db4ea2dR19
[2] https://github.com/infrawatch/service-telemetry-operator/blob/0f94fd577617aee6a85fc4141f98ebdfc49a9f92/Jenkinsfile#L157
[3] https://github.com/infrawatch/service-telemetry-operator/blob/0f94fd577617aee6a85fc4141f98ebdfc49a9f92/README.md?plain=1#L62

* This matches recent changes in prometheus[1] and grafana[2]

[1] https://github.com/infrawatch/service-telemetry-operator/pull/549/files#diff-2cf84bcf66f12393c86949ec0d3f16c473a650173d55549bb02556d23aa22bd2R46
[2] https://github.com/infrawatch/service-telemetry-operator/pull/550/files#diff-ae71801975adb4f8dd4aa5479a66ad46e46f17de40f9d147b2e09e13ce26633eR45

The way we generate our CSVs uses OLM's skipRange functionality. This is fine,
but using only this leads to older versions becoming unavailable after the
fact -- see the warning at [1].

By adding an optional spec.replaces to our CSV we allow update testing as
well as actual production updates for downstream builds that leverage it.

Populating the field requires knowledge of the latest-released bundle,
so we take it from an environment variable to be provided by the
builder. If this is unset we don't include the spec.replaces field at
all -- leaving previous behavior unchanged.

Resolves #559
Related: STF-1658

[1] https://olm.operatorframework.io/docs/concepts/olm-architecture/operator-catalog/creating-an-update-graph/#skiprange

Add optional spec.replaces field to CSV for update graph compliance

Update the __service_telemetry_storage_persistent_storage_class to use CRC PVs
Use the default value (false) for __service_telemetry_storage_ephemeral_enabled

* [zuul] Update base job for stf-base

* Add in required projects: dataplane-operator, infra-operator, openstack-operator

* Remove nodeset from stf-base
  it overrides the nodeset set in the base job.
  The nodeset is going to be used to select the OCP version

* [zuul] define nodesets for easy reuse

* Define the nodeset
* Rename the base
* Select OCP version with the nodeset

* [zuul] Add a login command to get initial kubeconfig file

* [stf-run-ci] Add retries to pre-clean

* Update galaxy requirements

* [ci] Add retry to login command

* [ci] Configure kubeconfig for rhol_crc role

* Apply suggestions from code review

* Zuul: Update how we get the initial kubeconfig (#558)

* use ci-framework infra playbook
* add make targets to do set-up
* link the kubeconfig files
* Remove pre-get_kubeconfig.yml; the script is no longer used

* [ci] Add common-tasks.yml to cover the tasks that setup every play (#556)

* [zuul] Update the labels used for extracted CRC

* Remove non-default cifmw_rhol_crc_kubeconfig value

* Implement support for Grafana Operator v5

Implement changes to support Grafana Operator v5 when the new
grafana.integreatly.org CRD is available. Use the new CRDs as default
when they are available. Fallover to deploying with Grafana Operator v4
when the Grafana Operator v5 CRDs are not available, thereby providing
backwards compatibility to allow administrators time to migrate.

Additionally, the polystat plugin has been removed from the rhos-cloud
dashboard due to compatibility issues with grafana-cli usage when
dynamically loading plugins. Usage of Grafana Operator v5 is also a
target for disconnected support, and dynamically loading plugins in
these environments is expected to be a problem.

Related: OSPRH-2577
Closes: STF-1667

* Default Grafana role set to Admin

In order to match the previous (Grafana Operator v4) role, set
auto_assign_org_role to the Admin value. Default is Viewer.

Remove the old 0.1.0 vendored collection operator_sdk/util from the
upstream Dockerfile and repository. Instead use the default
operator_sdk/util in the base image which is a newer version of 0.4.0.

We only use the util collection for one call to k8s_status when
ephemeral storage is enabled. The newer collection also provides a
k8s_event module which could be useful in the future.

Closes: STF-1683

The nightly_bundle jobs will run once a day

Remove the hard-coded Prometheus version in the Prometheus template when
using observabilityStrategy use_redhat, which uses Cluster Observability
Operator to manage the Prometheus instance requests.

Previously this value was hard-coded to prevent a potential rollback
when moving from Community Prometheus Operator to Cluster Observability
Operator.

Resolves: JIRA#OSPRH-2140

STF can now be deployed in disconnected mode. This change updates
the features.operators.openshift.io/disconnected annotation to
reflect this.

* [stf-run-ci] Update validation check for bundle URLs

An empty string passed as the bundle URL will pass the existing test
of "is defined" and "is not None" and still be invalid.

The validation for the bundle URL can be done in one check per var:

* If the var is undefined, it becomes "", and the check fails, because of length
* If the var is None, there's an error because None does not have a length
* If the var is an empty string, the check fails because of the length

This simplifies the check and improves readability

Prefer usage of Grafana 9 container image from RHCC. Grafana 7 is EOL
upstream and receives no security support. Prefer use of Grafana 9 which
is still supported.

* Add related images for Prometheus and Alertmanager

Add support for RELATED_IMAGES for other artifacts we need in a default
deployment when installing via disconnected.

These images are required to be specifically called out in disconnected
environments as the Prometheus and Alertmanager controllers in the
Cluster Observability Operator (COO) don't use the RELATED_IMAGE
environment variables specified in the downstream CSV for COO, so we
need to specify them ourselves and then deploy Prometheus and
Alertmanager using the spec.image reference in the Custom Resource.

Closes: JIRA#STF-1713

* Place related images in correct deploy manifest

* Use grafana_path_image by default

Remove the baseImage configuration for Grafana from the example CR so
that in the OLM UI (OCP console) the baseImage isn't a populated value
by default.

Use the value from grafana_image_path as the preferred default as it
will be populated from the RELATED_IMAGES_GRAFANA_IMAGE environment
variable, which then itself has a default of the base_image value in
defaults/main.yml. Only if the administrator sets a specific value for
baseImage should we deploy with that image.

We do this to allow for a better disconnected environment experience out
of the box.

* Drop setting Grafana related images

For upstream, there isn't a good option that is on quay.io (which
doesn't have quotas), and since it's out of scope for this effort, I'm
just going to drop it and revert back to how it worked before.

* Revert removal of Grafana default image path

* Fix issue with alertmanager related image tag var

Bumps [ansible-core](https://github.com/ansible/ansible) from 2.12.10 to 2.15.9.
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](ansible/ansible@v2.12.10...v2.15.9)

---
updated-dependencies:
- dependency-name: ansible-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Leif Madsen <[email protected]>

* Fix env var naming issue

Fix an environment variable naming issue in the CSV for STO when
attempting to install alertmanager disconnected. The env var being
looked up should have a postfix of _IMAGE to match the other env vars.

Found in testing by vkmc.

* Run operator-sdk generate bundle

Run the generate bundle command to make sure everything is in sync.
Fixes CI found issue in previous commit.

Changed default-alertmanager URL to v2

Dependencies for STF are being handled by OLM since
STF 1.5.3.

Related change #423

Except for Prometheus/COO and cert-manager (since
those are scoped cluster-wide and OLM cannot
automatically resolve conflicts)

Related change #472

So there is no need to pre subscribe to those when
deploying for index or bundles.

It is required, though, for local installs.

The only operator that was on this condition is
the AMQ Interconnect operator.
So this change updates the check to reflect this.

OCP 4.13 jobs were added as a way to test ocp-latest before 4.14 was released

We are now using Zuul to replace Jenkins

* Bump actions checkout to v4.1.3

Node.js 16 actions are deprecated. We need to update to
Node.js 20, which is included in actions/checkout@v4.

Also bumps helm kind-action to v1.10.0

* Describe the Zuul jobs
* Update the job description in .zuul.yaml
* Update FAQs and level of detail
* Add info about triggering jobs

Co-authored-by: Chris Sibbitt <[email protected]>
Co-authored-by: Leif Madsen <[email protected]>

* Set a default image for ElasticSearch to use

Currently we are not selecting the image for ElasticSearch
that the ElasticSearch Operator pulls, we are allowing
the default (in ElasticSearch registry) to be used

Add the option to select the ElasticSearch image to use

Also bumps the version to ElasticSearch 7.17.20, since 7.16.1
has several vulnerabilities

* Fix ElasticSearch image and version setting

The ElasticSearch CRD expects a version (X.Y.Z format)
and a URL without version for the location of the image

Correct how we set this in the default variables

* Fail earlier when registry creds are not set

Move the credential setup for the internal registry
up in the execution and perform a simple check
with the "oc image info" command to fail earlier
in case the credentials haven't been set properly

* Add assert to the internal registry creds check

Enhance debugging experience by adding more
information when trying to access to the required
bundles in the internal registry

* Change "internal registry" for "bundles registry"

Use a more accurate term when refering to the registry
in which the bundles are located when doing the early
registry access check

* Keep logic for checking bundle registry creds

Maintain the conditionals when checking the config
for the bundle registry credentials and cert

* Change STO/SGO bundles sanity check

stdout for "oc image info" should be checked
instead of the rc to make sure that the correct
bundle is being used

* Drop the "successful read bundles" assertion

Make checks simpler and more granular by using the
fail module instead of the assertion for each of
the bundles.

* Update build/stf-run-ci/tasks/setup_registry_auth.yml

Co-authored-by: Chris Sibbitt <[email protected]>

---------

Co-authored-by: Chris Sibbitt <[email protected]>

* Add __deploy_disconnected option

This new option if stf-run-ci allows the utilization of
the setup_base and setup_stf roles for the purpose of deploying
STF on OCP Disconnected

It is expected that this is run in an environment in which the
catalogsources have been defined and the precise catalogsource for
each of the dependency operators needs to be passed to the role.

For this, the catalogsource for each of the operators can be modified
with the new parameters redhat_operators, community_operators
and certified_operators

Default values for these are set to the previous values to keep
backwards compatibility

* Small README fix in the __disconnected_deploy opt

* Small README fix in the __disconnected_deploy opt

* Define infrawatch_operators in default

* Add a fail check when __disconnected_deploy is set

For now, we should fail when __disconnected_deploy
is set with other deployment options. At the moment,
we deploy in OCP disconnected by using pre catalog
generated by the oc-mirror tool

* Pass fail conditions as list instead of a oneliner

Make conditions easier to read by passing them
as a list instead of a single line

See https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html#conditionals-based-on-ansible-facts

* [zuul] Give OCP 4.12 jobs more resources

* [zuul] Add new nodeset for OCP4.12

Editing the existing nodeset caused an error because the nodeset
definition on master was different.

* Add multiple 412 jobs with different nodesets

This change is blocking the gates, due to jobs being queued
indefinitely.

This reverts commit 429cc3b.

* Make port 5671 listen on all interfaces (IPv4 and IPv6)

* Update roles/servicetelemetry/tasks/component_qdr.yml

Co-authored-by: Chris Sibbitt <[email protected]>

---------

Co-authored-by: [email protected] <[email protected]>
Co-authored-by: Chris Sibbitt <[email protected]>
Co-authored-by: Emma Foley <[email protected]>

Lower ES memory reqs so we don't exhaust resources in CI environments.

This is reproducible in OCP 4.12 jobs.

updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Victoria Martinez de la Cruz <[email protected]>

* Move from ServiceMonitor to ScrapeConfig
* Clean up legacy servicemonitors
* Emulate servicemonitor-compatible labels
* Update roles/servicetelemetry/tasks/component_scrapeconfig.yml

Co-authored-by: Jaromír Wysoglad <[email protected]>

* Create index image from pre-built bundles

Deploy from bundles can now be used along with
deploy from index enabled.

This way, an index image can be created with
specific pre built bundles and deploy STF with
those.

* Fix set_fact syntax for SGO/SGO bundle info dicts

* Add ImageStreams for STO and SGO

* Fix minor typo in STO/SGO bundle info dict

* Set correct STO and SGO bundles path

We need to use the internal registry address
to build the index image that will serve
as base for the catalog

* Drop build number from SGO and STO bundles

We only need the tag when creating the index image
Keeping this value will generate errors

* Get STO and SGO tags from the bundle path

* Fix typo on SGO and STO images path

* Update README with bundle + index instructions

Add more details on how to deploy from index with
pre built bundles

* Use stf_channel on the deploy_stf step

Define this value to stable-1.5 when deploying
from bundles and index, unstable (the default)
if bundles have been built locally.

Also, honor the sgo and sto bundles tags. Ideally,
we would update the sgo and sto image path to be
only the path (without the tag) and define the tag
separately. In this case, it is responsibility
from the user to make sure that the tag in the
image path and the tag provided in sto and sgo
image path match when deploying from externally
built bundles and index.

* Update missing reference to SGO bundles channel

* Update some logic paths to simplify the execution

* Honor the stf_channel variable

Nightly bundles use the "unstable" channel while
RH catalog bundles use "stable-1.5" channel

We should use nightly bundles "unstable" by default
and pass "stable-1.5" when deploying from RH catalog

* Get opm for getting bundles information

We need opm to get the bundle version when deploying
from index with pre-built bundles

Get opm following the same logic we use for operator-sdk

* Get the operator bundle version for STO and SGO

Inspect the provided bundles with opm render and
obtain the operator bundle version for each of them.

* Set a default version for opm

Let's stick to latest-4.14 for now, with the option
of updating to a different one if needed

* Fix typo when executing opm render

* Revert "Fix typo when executing opm render"

This reverts commit 1050227.

* Revert "Set a default version for opm"

This reverts commit d6a51df.

* Revert "Get the operator bundle version for STO and SGO"

This reverts commit c1d9db3.

* Revert "Get opm for getting bundles information"

This reverts commit 642df50.

* Get STO and SGO operator bundle version using oc

oc image info command provides operator bundle
version information. Use this to get the proper
version numbers when building the index image

* Get STO and SGO bundle versions from info

Parse the oc image info output to get
the STO and SGO bundle versions

* Add extra logic to avoid variables overwrite

sto_bundle_info and sgo_bundle_info is overriding
even though the step is skipped

Add an extra logic check to avoid variables
override

* Add a Zuul job for nightly bundles and index deploy

* Minor typo fix on zuul.yaml

The job needs to use nightly_bundles-index_deploy vars

The CI jobs does not need to be force use one cloud provider in the CI.
This commit set the label that is defined in multiple cloud provider in
Zuul. Available labels you can find [1].

[1] https://review.rdoproject.org/zuul/labels

- Doesn't work unless resource name is plural form
- The "group" property is called "resourceAPIGroup" in SARs
  -"to avoid confusion with the 'groups' field when inlined"[1]

[1] https://docs.openshift.com/container-platform/4.14/rest_api/authorization_apis/subjectaccessreview-authorization-openshift-io-v1.html

This reverts commit fe6ee95.

* In OCP 4.16, these are no long created by default

See https://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html#ocp-4-16-deprecated-features_release-notes (Legacy service account API token secrets are no longer generated for each service account)

* [zuul] Add 4.16 jobs

* Add local_build variation

* [zuul] Update OCP 4.16 nodeset to use biggest flavor

This is to see if sg-core just needs more resource to build. Eventually, the size will be reduced again to not-the-largest-available.

* Update the nodeset label for CRC 2.39

* Update supported openshift versions to 4.16

* fix typo

* [stf-collect-logs] Add oc get deployment to logs

* [zuul] Update 4.16 node to use any cloud provider

* [zuul] Only run the nightly bundles job

All the jobs are currently failing for the same reason, disable all but the fastest one to save resources

* fix typo on stf-collect-logs

* Re-add vexxhost

* [tmp] Check whether failures are due to the new OCP version

* Update .zuul.yaml

Switching from nightly bundles to local builds in order to test 4.16 fixes

* test all 4.16 jobs

* Re-enable all 4.16 jobs and remove 4.12

* Remove commented lines

* Un-update stf-collectd-logs and update ci/README

---------

Co-authored-by: Chris Sibbitt <[email protected]>

Update repositories for openstack-collectd and
openstack-ceilometer-notification

* Use bundle version instead of latest as tag

And use external registry instead of internal
when creating the index image with bundles
(no need to use the internal one)

* Revert use external registry instead of internal

We need to update the tags in the internal registry,
since the default points to latest

OCP 4.12 maintenance support has finished, so we
should remove OCP 4.12 from the supported versions

Set the BUNDLE_CHANNELS and BUNDLE_DEFAULT_CHANNEL when
doing a local build. This is required when doing a deployment
from index with local builds.