From 7333478d254111b8e73ce80df24979057b0063ad Mon Sep 17 00:00:00 2001
From: Disaiah Bennett <dbennett@redhat.com>
Date: Thu, 7 Nov 2024 17:52:52 -0500
Subject: [PATCH] Updated hive commit to latest mce-2.8 (#1081)

* updated hive commit to latest mce-2.8

Signed-off-by: dislbenn <dbennett@redhat.com>

* updated hive commit to latest mce-2.8

Signed-off-by: dislbenn <dbennett@redhat.com>

* added backplane-2.5 to matrix list for regenerating sha commits

Signed-off-by: dislbenn <dbennett@redhat.com>

---------

Signed-off-by: dislbenn <dbennett@redhat.com>
---
 .github/workflows/regenerate-sha-commit.yml   |  2 +-
 Makefile.dev                                  |  2 +-
 hack/bundle-automation/config.yaml            |  4 +--
 .../templates/hive-operator.yaml              |  2 --
 ...ft.io_clusterdeploymentcustomizations.yaml | 25 ++++++++++++++-----
 .../hive.openshift.io_clusterdeployments.yaml | 24 +++++++++++++++---
 ...hive.openshift.io_clusterdeprovisions.yaml |  5 ++++
 .../hive.openshift.io_clusterpools.yaml       | 24 +++++++++++++++---
 .../hive.openshift.io_hiveconfigs.yaml        | 18 +++++++++++++
 .../hive.openshift.io_machinepools.yaml       |  7 ++++++
 10 files changed, 95 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/regenerate-sha-commit.yml b/.github/workflows/regenerate-sha-commit.yml
index 143c6c787..87711720c 100644
--- a/.github/workflows/regenerate-sha-commit.yml
+++ b/.github/workflows/regenerate-sha-commit.yml
@@ -21,7 +21,7 @@ jobs:
       fail-fast: false # If one jobs fail, we still want the other jobs to run.
       matrix:
         python-version: [3.9]
-        branch: ['main', 'backplane-2.6', 'backplane-2.7']
+        branch: ['main', 'backplane-2.5', 'backplane-2.6', 'backplane-2.7']
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
diff --git a/Makefile.dev b/Makefile.dev
index 590f853db..b1af79a5a 100644
--- a/Makefile.dev
+++ b/Makefile.dev
@@ -5,7 +5,7 @@ REPO ?= installer-dev-tools
 BRANCH ?= main
 
 PIPELINE_REPO ?= backplane-pipeline
-PIPELINE_BRANCH ?= 2.7-integration
+PIPELINE_BRANCH ?= 2.8-integration
 
 .PHONY: subscriptions
 
diff --git a/hack/bundle-automation/config.yaml b/hack/bundle-automation/config.yaml
index 7dffa76b9..c28c42d0c 100644
--- a/hack/bundle-automation/config.yaml
+++ b/hack/bundle-automation/config.yaml
@@ -1,11 +1,11 @@
-- branch: mce-2.7
+- branch: master
   bundlePath: /tmp/hive-operator-manifests
   gen_command: ./hack/bundle-automation/gen-hive-bundle.sh
   imageMappings:
     hive: openshift_hive
   name: hive-operator
   repo_name: hive
-  sha: 1714563860a304775cc803e133e7aa2f1ce15b22
+  sha: 00f84cc1aaf6e0068588013c4b57dcddeaf420af
 - branch: backplane-2.8
   github_ref: https://github.com/openshift/image-based-install-operator.git
   operators:
diff --git a/pkg/templates/charts/toggle/hive-operator/templates/hive-operator.yaml b/pkg/templates/charts/toggle/hive-operator/templates/hive-operator.yaml
index 8b98cd4cf..7d7aa4a5c 100644
--- a/pkg/templates/charts/toggle/hive-operator/templates/hive-operator.yaml
+++ b/pkg/templates/charts/toggle/hive-operator/templates/hive-operator.yaml
@@ -105,11 +105,9 @@ spec:
 {{- end }}
       securityContext:
         runAsNonRoot: true
-{{- if .Values.global.deployOnOCP }}
 {{- if semverCompare ">=4.11.0" .Values.hubconfig.ocpVersion }}
         seccompProfile:
           type: RuntimeDefault
-{{- end }}
 {{- end }}
       serviceAccountName: hive-operator
       terminationGracePeriodSeconds: 10
diff --git a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeploymentcustomizations.yaml b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeploymentcustomizations.yaml
index 6857a72cc..183f5602e 100644
--- a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeploymentcustomizations.yaml
+++ b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeploymentcustomizations.yaml
@@ -44,27 +44,40 @@ spec:
                 description: InstallConfigPatches is a list of patches to be applied
                   to the install-config.
                 items:
-                  description: PatchEntity represent a json patch (RFC 6902) to be
-                    applied to the install-config
+                  description: PatchEntity represents a json patch (RFC 6902) to be
+                    applied
                   properties:
                     from:
                       description: From is the json path to copy or move the value
                         from
                       type: string
                     op:
-                      description: 'Op is the operation to perform: add, remove, replace,
-                        move, copy, test'
+                      description: Op is the operation to perform.
+                      enum:
+                      - add
+                      - remove
+                      - replace
+                      - move
+                      - copy
+                      - test
                       type: string
                     path:
                       description: Path is the json path to the value to be modified
                       type: string
                     value:
-                      description: Value is the value to be used in the operation
+                      description: |-
+                        Value is the *string* value to be used in the operation. For more complex values, use
+                        ValueJSON.
+                      type: string
+                    valueJSON:
+                      description: |-
+                        ValueJSON is a string representing a JSON object to be used in the operation. As such,
+                        internal quotes must be escaped. If nonempty, Value is ignored.
+                      format: byte
                       type: string
                   required:
                   - op
                   - path
-                  - value
                   type: object
                 type: array
             type: object
diff --git a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeployments.yaml b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeployments.yaml
index e674e40a7..052b6253e 100644
--- a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeployments.yaml
+++ b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeployments.yaml
@@ -722,10 +722,28 @@ spec:
                                   contains the service attachment.
                                 properties:
                                   cidr:
-                                    description: Cidr configures the network cidr
-                                      of the subnetwork that contains the service
-                                      attachment.
+                                    description: Cidr specifies the cidr to use when
+                                      creating a service attachment subnet.
                                     type: string
+                                  existing:
+                                    description: |-
+                                      Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet.
+                                      This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be
+                                      configured with a purpose of "Private Service Connect", and have sufficient routing and firewall rules
+                                      to access the api-int load balancer.
+                                    properties:
+                                      name:
+                                        description: Name specifies the name of the
+                                          existing subnet.
+                                        type: string
+                                      project:
+                                        description: |-
+                                          Project specifies the project the subnet exists in.
+                                          This is required for Shared VPC.
+                                        type: string
+                                    required:
+                                    - name
+                                    type: object
                                 type: object
                             type: object
                         required:
diff --git a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeprovisions.yaml b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeprovisions.yaml
index c8421bcb2..06605a448 100644
--- a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeprovisions.yaml
+++ b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterdeprovisions.yaml
@@ -124,6 +124,11 @@ spec:
                   azure:
                     description: Azure contains Azure-specific deprovision settings
                     properties:
+                      baseDomainResourceGroupName:
+                        description: |-
+                          BaseDomainResourceGroupName is the name of the resource group where the cluster's DNS records
+                          were created, if different from the default or the custom ResourceGroupName.
+                        type: string
                       cloudName:
                         description: |-
                           cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK
diff --git a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterpools.yaml b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterpools.yaml
index 340e3548a..daf3adc96 100644
--- a/pkg/templates/crds/hive-operator/hive.openshift.io_clusterpools.yaml
+++ b/pkg/templates/crds/hive-operator/hive.openshift.io_clusterpools.yaml
@@ -562,10 +562,28 @@ spec:
                                   contains the service attachment.
                                 properties:
                                   cidr:
-                                    description: Cidr configures the network cidr
-                                      of the subnetwork that contains the service
-                                      attachment.
+                                    description: Cidr specifies the cidr to use when
+                                      creating a service attachment subnet.
                                     type: string
+                                  existing:
+                                    description: |-
+                                      Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet.
+                                      This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be
+                                      configured with a purpose of "Private Service Connect", and have sufficient routing and firewall rules
+                                      to access the api-int load balancer.
+                                    properties:
+                                      name:
+                                        description: Name specifies the name of the
+                                          existing subnet.
+                                        type: string
+                                      project:
+                                        description: |-
+                                          Project specifies the project the subnet exists in.
+                                          This is required for Shared VPC.
+                                        type: string
+                                    required:
+                                    - name
+                                    type: object
                                 type: object
                             type: object
                         required:
diff --git a/pkg/templates/crds/hive-operator/hive.openshift.io_hiveconfigs.yaml b/pkg/templates/crds/hive-operator/hive.openshift.io_hiveconfigs.yaml
index b813baba5..143a35aa3 100644
--- a/pkg/templates/crds/hive-operator/hive.openshift.io_hiveconfigs.yaml
+++ b/pkg/templates/crds/hive-operator/hive.openshift.io_hiveconfigs.yaml
@@ -225,6 +225,12 @@ spec:
                   ClusterVersionPollInterval is a string duration indicating how much time must pass before checking
                   whether we need to update the hive.openshift.io/version* labels on ClusterDeployment. If zero or unset,
                   we'll only reconcile when the ClusterDeployment changes.
+                  This is a Duration value; see https://pkg.go.dev/time#ParseDuration for accepted formats.
+                  Note: due to discrepancies in validation vs parsing, we use a Pattern instead of `Format=duration`. See
+                  https://bugzilla.redhat.com/show_bug.cgi?id=2050332
+                  https://github.com/kubernetes/apimachinery/issues/131
+                  https://github.com/kubernetes/apiextensions-apiserver/issues/56
+                pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
                 type: string
               controllersConfig:
                 description: ControllersConfig is used to configure different hive
@@ -698,6 +704,12 @@ spec:
                   remote resources related to MachinePools need to be reapplied. Set to zero to disable polling -- we'll
                   only reconcile when hub objects change.
                   The default interval is 30m.
+                  This is a Duration value; see https://pkg.go.dev/time#ParseDuration for accepted formats.
+                  Note: due to discrepancies in validation vs parsing, we use a Pattern instead of `Format=duration`. See
+                  https://bugzilla.redhat.com/show_bug.cgi?id=2050332
+                  https://github.com/kubernetes/apimachinery/issues/131
+                  https://github.com/kubernetes/apiextensions-apiserver/issues/56
+                pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
                 type: string
               maintenanceMode:
                 description: |-
@@ -1015,6 +1027,12 @@ spec:
                   SyncSetReapplyInterval is a string duration indicating how much time must pass before SyncSet resources
                   will be reapplied.
                   The default reapply interval is two hours.
+                  This is a Duration value; see https://pkg.go.dev/time#ParseDuration for accepted formats.
+                  Note: due to discrepancies in validation vs parsing, we use a Pattern instead of `Format=duration`. See
+                  https://bugzilla.redhat.com/show_bug.cgi?id=2050332
+                  https://github.com/kubernetes/apimachinery/issues/131
+                  https://github.com/kubernetes/apiextensions-apiserver/issues/56
+                pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
                 type: string
               targetNamespace:
                 description: |-
diff --git a/pkg/templates/crds/hive-operator/hive.openshift.io_machinepools.yaml b/pkg/templates/crds/hive-operator/hive.openshift.io_machinepools.yaml
index 407018379..4abfcfdbd 100644
--- a/pkg/templates/crds/hive-operator/hive.openshift.io_machinepools.yaml
+++ b/pkg/templates/crds/hive-operator/hive.openshift.io_machinepools.yaml
@@ -513,6 +513,13 @@ spec:
                     description: OpenStack is the configuration used when installing
                       on OpenStack.
                     properties:
+                      additionalSecurityGroupIDs:
+                        description: |-
+                          AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID
+                          is presented in the format sg-xxxx.
+                        items:
+                          type: string
+                        type: array
                       flavor:
                         description: |-
                           Flavor defines the OpenStack Nova flavor.