Release Metal3 0.8.2

[hardys]

Update Ironic/IPA images

Update Ironic image to 24.1.3.0 which fixes the following issues:

• Ironic rebase to pick up changes related to CVE-2024-44082
• Fix issue related to net.ifnames in Ironic configuration - see https://gitlab.com/sylva-projects/sylva-core/-/issues/1669
• Fix issue related to ironicclient version which prevented debug usage as described in Metal3 enable debug access to Ironic CLI #121

Update IPA downloader image to 2.0.1, which includes corresponding changes related to CVE-2024-44082

[hardys]

@Kristian-ZH please could you review when you get a moment - I published a preview at https://hardys.github.io/charts/

Also @zioc if you can review or provide any feedback from the Sylva perspective re https://gitlab.com/sylva-projects/sylva-core/-/issues/1669 that would be great, thanks!

[zioc]

Also @zioc if you can review or provide any feedback from the Sylva perspective re https://gitlab.com/sylva-projects/sylva-core/-/issues/1669 that would be great, thanks!

I've initiated a downstream MR to test that, and all deployment/lifecyle tests passed in the associated pipeline: https://gitlab.com/sylva-projects/sylva-core/-/pipelines/1498162287

[hardys]

Also @zioc if you can review or provide any feedback from the Sylva perspective re https://gitlab.com/sylva-projects/sylva-core/-/issues/1669 that would be great, thanks!

I've initiated a downstream MR to test that, and all deployment/lifecyle tests passed in the associated pipeline: https://gitlab.com/sylva-projects/sylva-core/-/pipelines/1498162287

Thanks! I see from https://gitlab.com/sylva-projects/sylva-core/-/issues/1669#note_2161469174 that all tests passed, does that include coverage to verify the DHCP-less issue related to net.ifnames?

I tested that locally to verify the kernel cmdline args for both IPA boots included the parameter, but didn't fully test the Sylva scenario e2e yet

[zioc]

does that include coverage to verify the DHCP-less issue related to net.ifnames?

Yes, in the test merge-request, I was targeting your repo and removing the fix that we had to force net.ifnames here.

In the pipeline, we validated the deployment and rolling upgrade (that used to fail systematically) of DHCP-less deployments

Change looks good to me from a functional point of view, changes are a bit hard to review though, as we can't see a concise diff with previous version...

[hardys]

does that include coverage to verify the DHCP-less issue related to net.ifnames?

Yes, in the test merge-request, I was targeting your repo and removing the fix that we had to force net.ifnames here.

In the pipeline, we validated the deployment and rolling upgrade (that used to fail systematically) of DHCP-less deployments

Change looks good to me from a functional point of view, changes are a bit hard to review though, as we can't see a concise diff with previous version...

Thanks for the feedback @zioc - glad to hear this is confirmed as resolving the issue, hopefully we can merge next week when @Kristian-ZH and @fdegir complete their validation too.

Re review, we generally split the chart changes so the make charts/html step is a separate commit, meaning you can review the chart diff e.g in this first commit

If you would like to review the Ironic Image changes you can refer to https://build.opensuse.org/package/revisions/isv:SUSE:Edge:Metal3:Ironic:2024.1/ironic-24130-image with the change relevant to Sylva being in the ironic.conf.j2 file

Admittedly reviewing the Ironic package changes related to the CVE fixes is harder, but FYI those are also in OBS

[fdegir]

This passed our validation as well.