openshift
CORS-4029: Promote AWSClusterHostedDNSInstall to Default
This promotes AWS Cluster Hosted DNS feature from techpreview to available by default.
Pipeline controller notification
This repository is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.
For optional jobs, comment /test ? to see a list of all defined jobs. Review these jobs and use /test <job> to manually trigger optional jobs most likely to be impacted by the proposed changes.
@sadasu: This pull request references CORS-4029 which is a valid jira issue.
Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.
In response to this:
This promotes AWS Cluster Hosted DNS feature from techpreview to available by default.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.
Hello @sadasu! Some important instructions when contributing to openshift/api: API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.
![openshift-ci[bot] avatar](https://avatars.githubusercontent.com/in/91280?v=4 "Published by a pub.dev verified publisher"){kind=small}
Walkthrough
The PR extends Infrastructure and MachineConfiguration CRDs by introducing cloudLoadBalancerConfig field for AWS and GCP providers, featuring DNS type selection, immutability constraints, and cloud load balancer IP configuration. Enables AWSClusterHostedDNSInstall feature gate by default and updates corresponding test manifests.
Changes
| Cohort / File(s) | Summary |
|---|---|
CRD Schema - Infrastructure Config config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml, payload-manifests/crds/0000_10_config-operator_01_infrastructures-Default.crd.yaml |
Adds cloudLoadBalancerConfig object under AWS and GCP platformSpec with nested clusterHosted containing three IP array fields (apiLoadBalancerIPs, apiIntLoadBalancerIPs, ingressLoadBalancerIPs), each with 16-item limits and IP format validation. Introduces dnsType enum (ClusterHosted, PlatformDefault) with default PlatformDefault and immutability rule. Adds cross-field validation restricting clusterHosted only when dnsType is ClusterHosted. |
CRD Schema - Machine Configuration machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml, payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml |
Mirrors Infrastructure CRD additions with identical cloudLoadBalancerConfig structure, nested clusterHosted IP lists, dnsType enum with immutability, and cross-field validation for both AWS and GCP provider sections. |
Feature Gate Configuration features/features.go, features.md, payload-manifests/featuregates/featureGate-Hypershift-Default.yaml, payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml |
Adds Default enablement level to ConsolePluginCSP and AWSClusterHostedDNSInstall feature gates. Moves AWSClusterHostedDNSInstall from disabled to enabled list in Hypershift-Default and SelfManagedHA-Default feature gate manifests. |
Test Infrastructure Manifests config/v1/tests/infrastructures.config.openshift.io/AAA_ungated.yaml, config/v1/tests/infrastructures.config.openshift.io/AWSClusterHostedDNS.yaml, config/v1/tests/infrastructures.config.openshift.io/AWSClusterHostedDNSInstall.yaml |
Replaces feature gate references from AWSClusterHostedDNSInstall to AzureClusterHostedDNSInstall. Adds cloudLoadBalancerConfig with dnsType: PlatformDefault and ipFamily: IPv4 to AWS platformStatus blocks across multiple test scenarios. Updates expected status configurations to include new nested load balancer config fields. |
Estimated code review effort
🎯 3 (Moderate) | ⏱️ ~30–40 minutes
Areas requiring extra attention:
-
CRD validation rules: Verify cross-field validation logic (
clusterHostedonly permitted whendnsTypeis ClusterHosted) is correctly implemented for both AWS and GCP with proper oldSelf/self references for immutability enforcement -
Consistency between providers: Ensure AWS and GCP
cloudLoadBalancerConfigstructures, defaults, enum values, and validation rules are identical - IP validation constraints: Confirm IP format validation patterns and 16-item limits are consistently applied across all three IP list fields (apiLoadBalancerIPs, apiIntLoadBalancerIPs, ingressLoadBalancerIPs)
- Test coverage adequacy: Review test manifests for comprehensive coverage of immutability behavior, cross-field validation constraints, and edge cases with new nested structures
✨ Finishing touches
- [ ] 📝 Generate docstrings
🧪 Generate unit tests (beta)
- [ ] Create PR with unit tests
- [ ] Post copyable unit tests in a comment
[!WARNING] There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.
🔧 golangci-lint (2.5.0)
Error: build linters: unable to load custom analyzer "kubeapilinter": tools/_output/bin/kube-api-linter.so, plugin: not implemented The command is terminated due to an error: build linters: unable to load custom analyzer "kubeapilinter": tools/_output/bin/kube-api-linter.so, plugin: not implemented
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot] avatar](https://avatars.githubusercontent.com/in/347564?v=4 "Published by a pub.dev verified publisher"){kind=small}
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign everettraven for approval. For more information see the Code Review Process.
The full list of commands accepted by this bot can be found here.
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@sadasu: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:
| Test name | Commit | Details | Required | Rerun command |
|---|---|---|---|---|
| ci/prow/verify-feature-promotion | 6266c16f58942bfb86cda4638e17b0d03050b75e | link | true | /test verify-feature-promotion |
Full PR test history. Your PR dashboard.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.
@sadasu Looking at the verify, I don't see any hypershift testing, I assume this feature isn't being supported on HyperShift at present?
