openshift/v4.14: Stabilize 4.14.0 spec

config/config.go

@@ -32,7 +32,7 @@ import (
 	openshift4_11 "github.com/coreos/butane/config/openshift/v4_11"
 	openshift4_12 "github.com/coreos/butane/config/openshift/v4_12"
 	openshift4_13 "github.com/coreos/butane/config/openshift/v4_13"
-	openshift4_14_exp "github.com/coreos/butane/config/openshift/v4_14_exp"
+	openshift4_14 "github.com/coreos/butane/config/openshift/v4_14"
 	openshift4_15_exp "github.com/coreos/butane/config/openshift/v4_15_exp"
 	openshift4_8 "github.com/coreos/butane/config/openshift/v4_8"
 	openshift4_9 "github.com/coreos/butane/config/openshift/v4_9"
@@ -72,7 +72,7 @@ func init() {
 	RegisterTranslator("openshift", "4.11.0", openshift4_11.ToConfigBytes)
 	RegisterTranslator("openshift", "4.12.0", openshift4_12.ToConfigBytes)
 	RegisterTranslator("openshift", "4.13.0", openshift4_13.ToConfigBytes)
-	RegisterTranslator("openshift", "4.14.0-experimental", openshift4_14_exp.ToConfigBytes)
+	RegisterTranslator("openshift", "4.14.0", openshift4_14.ToConfigBytes)
 	RegisterTranslator("openshift", "4.15.0-experimental", openshift4_15_exp.ToConfigBytes)
 	RegisterTranslator("r4e", "1.0.0", r4e1_0.ToIgn3_3Bytes)
 	RegisterTranslator("r4e", "1.1.0", r4e1_1.ToIgn3_4Bytes)

config/openshift/v4_14_exp/schema.go → config/openshift/v4_14/schema.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.)
 
-package v4_14_exp
+package v4_14
 
 import (
 	fcos "github.com/coreos/butane/config/fcos/v1_6_exp"

config/openshift/v4_14_exp/translate.go → config/openshift/v4_14/translate.go

@@ -12,14 +12,14 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.)
 
-package v4_14_exp
+package v4_14
 
 import (
 	"net/url"
 	"strings"
 
 	"github.com/coreos/butane/config/common"
-	"github.com/coreos/butane/config/openshift/v4_14_exp/result"
+	"github.com/coreos/butane/config/openshift/v4_14/result"
 	cutil "github.com/coreos/butane/config/util"
 	"github.com/coreos/butane/translate"
 

config/openshift/v4_14_exp/translate_test.go → config/openshift/v4_14/translate_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.)
 
-package v4_14_exp
+package v4_14
 
 import (
 	"fmt"
@@ -22,7 +22,7 @@ import (
 	base "github.com/coreos/butane/base/v0_6_exp"
 	"github.com/coreos/butane/config/common"
 	fcos "github.com/coreos/butane/config/fcos/v1_6_exp"
-	"github.com/coreos/butane/config/openshift/v4_14_exp/result"
+	"github.com/coreos/butane/config/openshift/v4_14/result"
 	confutil "github.com/coreos/butane/config/util"
 	"github.com/coreos/butane/translate"
 

config/openshift/v4_14_exp/validate.go → config/openshift/v4_14/validate.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.)
 
-package v4_14_exp
+package v4_14
 
 import (
 	"github.com/coreos/butane/config/common"

config/openshift/v4_14_exp/validate_test.go → config/openshift/v4_14/validate_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.)
 
-package v4_14_exp
+package v4_14
 
 import (
 	"fmt"

docs/config-openshift-v4_14-exp.md → docs/config-openshift-v4_14.md

@@ -1,21 +1,19 @@
 ---
 # This file is automatically generated from internal/doc and Ignition's
 # config/doc.  Do not edit.
-title: OpenShift v4.14.0-experimental
+title: OpenShift v4.14.0
 parent: Configuration specifications
-nav_order: 150
+nav_order: 143
 ---
 
-# OpenShift Specification v4.14.0-experimental
-
-**Note: This configuration is experimental and has not been stabilized. It is subject to change without warning or announcement.**
+# OpenShift Specification v4.14.0
 
 The OpenShift configuration is a YAML document conforming to the following specification, with **_italicized_** entries being optional:
 
 <div id="spec-docs"></div>
 
 * **variant** (string): used to differentiate configs for different operating systems. Must be `openshift` for this specification.
-* **version** (string): the semantic version of the spec for this document. This document is for version `4.14.0-experimental` and generates Ignition configs with version `3.5.0-experimental`.
+* **version** (string): the semantic version of the spec for this document. This document is for version `4.14.0` and generates Ignition configs with version `3.5.0-experimental`.
 * **metadata** (object): metadata about the generated MachineConfig resource. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config.
   * **name** (string): a unique [name](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names) for this MachineConfig resource.
   * **labels** (object): string key/value pairs to apply as [Kubernetes labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) to this MachineConfig resource. `machineconfiguration.openshift.io/role` is required.
@@ -123,14 +121,11 @@ The OpenShift configuration is a YAML document conforming to the following speci
     * **_label_** (string): the label of the luks device.
     * **_uuid_** (string): the uuid of the luks device.
     * **_options_** (list of strings): any additional options to be passed to `cryptsetup luksFormat`.
-    * **_discard_** (boolean): whether to issue discard commands to the underlying block device when blocks are freed. Enabling this improves performance and device longevity on SSDs and space utilization on thinly provisioned SAN devices, but leaks information about which disk blocks contain data. If omitted, it defaults to false.
-    * **_open_options_** (list of strings): any additional options to be passed to `cryptsetup luksOpen`. Supported options will be persistently written to the luks volume.
     * **_wipe_volume_** (boolean): whether or not to wipe the device before volume creation, see [Ignition's documentation on filesystems](https://coreos.github.io/ignition/operator-notes/#filesystem-reuse-semantics) for more information.
     * **_clevis_** (object): describes the clevis configuration for the luks device.
       * **_tang_** (list of objects): describes a tang server. Every server must have a unique `url`.
         * **url** (string): url of the tang server.
         * **thumbprint** (string): thumbprint of a trusted signing key.
-        * **_advertisement_** (string): the advertisement JSON. If not specified, the advertisement is fetched from the tang server during provisioning.
       * **_tpm2_** (boolean): whether or not to use a tpm2 device.
       * **_threshold_** (integer): sets the minimum number of pieces required to decrypt the device. Default is 1.
       * **_custom_** (object): overrides the clevis configuration. The `pin` & `config` will be passed directly to `clevis luks bind`. If specified, all other clevis options must be omitted.
@@ -146,33 +141,24 @@ The OpenShift configuration is a YAML document conforming to the following speci
     * **_enabled_** (boolean): whether or not the service shall be enabled. When true, the service is enabled. When false, the service is disabled. When omitted, the service is unmodified. In order for this to have any effect, the unit must have an install section.
     * **_mask_** (boolean): whether or not the service shall be masked. When true, the service is masked by symlinking it to `/dev/null`. When false, the service is unmasked by deleting the symlink to `/dev/null` if it exists.
     * **_contents_** (string): the contents of the unit. Mutually exclusive with `contents_local`.
-    * **_contents_local_** (string): a local path to the contents of the unit, relative to the directory specified by the `--files-dir` command-line argument. Mutually exclusive with `contents`.
     * **_dropins_** (list of objects): the list of drop-ins for the unit. Every drop-in must have a unique `name`.
       * **name** (string): the name of the drop-in. This must be suffixed with ".conf".
       * **_contents_** (string): the contents of the drop-in. Mutually exclusive with `contents_local`.
-      * **_contents_local_** (string): a local path to the contents of the drop-in, relative to the directory specified by the `--files-dir` command-line argument. Mutually exclusive with `contents`.
 * **_passwd_** (object): describes the desired additions to the passwd database.
   * **_users_** (list of objects): the list of accounts that shall exist. All users must have a unique `name`.
     * **name** (string): the username for the account. Must be `core`.
     * **_password_hash_** (string): the hashed password for the account.
     * **_ssh_authorized_keys_** (list of strings): a list of SSH keys to be added as an SSH key fragment at `.ssh/authorized_keys.d/ignition` in the user's home directory. All SSH keys must be unique.
-    * **_ssh_authorized_keys_local_** (list of strings): a list of local paths to SSH key files, relative to the directory specified by the `--files-dir` command-line argument, to be added as SSH key fragments at `.ssh/authorized_keys.d/ignition` in the user's home directory. All SSH keys must be unique. Each file may contain multiple SSH keys, one per line.
 * **_boot_device_** (object): describes the desired boot device configuration. At least one of `luks` or `mirror` must be specified.
   * **_layout_** (string): the disk layout of the target OS image. Supported values are `aarch64`, `ppc64le`, and `x86_64`. Defaults to `x86_64`.
   * **_luks_** (object): describes the clevis configuration for encrypting the root filesystem.
     * **_tang_** (list of objects): describes a tang server. Every server must have a unique `url`.
       * **url** (string): url of the tang server.
       * **thumbprint** (string): thumbprint of a trusted signing key.
-      * **_advertisement_** (string): the advertisement JSON. If not specified, the advertisement is fetched from the tang server during provisioning.
     * **_tpm2_** (boolean): whether or not to use a tpm2 device.
     * **_threshold_** (integer): sets the minimum number of pieces required to decrypt the device. Default is 1.
-    * **_discard_** (boolean): whether to issue discard commands to the underlying block device when blocks are freed. Enabling this improves performance and device longevity on SSDs and space utilization on thinly provisioned SAN devices, but leaks information about which disk blocks contain data. If omitted, it defaults to false.
   * **_mirror_** (object): describes mirroring of the boot disk for fault tolerance.
     * **_devices_** (list of strings): the list of whole-disk devices (not partitions) to include in the disk array, referenced by their absolute path. At least two devices must be specified.
-* **_grub_** (object): describes the desired GRUB bootloader configuration.
-  * **_users_** (list of objects): the list of GRUB superusers.
-    * **name** (string): the user name.
-    * **password_hash** (string): the PBKDF2 password hash, generated with `grub2-mkpasswd-pbkdf2`.
 * **_openshift_** (object): describes miscellaneous OpenShift configuration. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config.
   * **_kernel_type_** (string): which kernel to use on the node. Must be `default` or `realtime`.
   * **_kernel_arguments_** (list of strings): arguments to be added to the kernel command line.

docs/specs.md

@@ -25,6 +25,7 @@ We recommend that you always use the latest **stable** specification for your op
   - [v1.1.0](config-flatcar-v1_1.md)
   - [v1.0.0](config-flatcar-v1_0.md)
 - OpenShift (`openshift`)
+  - [v4.14.0](config-openshift-v4_14.md)
   - [v4.13.0](config-openshift-v4_13.md)
   - [v4.12.0](config-openshift-v4_12.md)
   - [v4.11.0](config-openshift-v4_11.md)
@@ -70,7 +71,7 @@ Each version of the Butane specification corresponds to a version of the Ignitio
 | `openshift`    | 4.11.0              | 3.2.0              |
 | `openshift`    | 4.12.0              | 3.2.0              |
 | `openshift`    | 4.13.0              | 3.2.0              |
-| `openshift`    | 4.14.0-experimental | 3.5.0-experimental |
+| `openshift`    | 4.14.0              | 3.4.0              |
 | `openshift`    | 4.15.0-experimental | 3.5.0-experimental |
 | `r4e`          | 1.0.0               | 3.3.0              |
 | `r4e`          | 1.1.0               | 3.4.0              |

docs/upgrading-openshift.md

@@ -15,6 +15,12 @@ Occasionally, changes are made to OpenShift Butane configs (those that specify `
 
 {% comment %}
 
+## From Version 4.14.0 to 4.15.0
+
+There are no breaking changes between versions 4.14.0 and 4.15.0 of the `openshift` configuration specification. Any valid 4.14.0 configuration can be updated to a 4.15.0 configuration by changing the version string in the config.
+
+{% endcomment %}
+
 ## From Version 4.13.0 to 4.14.0
 
 There are no breaking changes between versions 4.13.0 and 4.14.0 of the `openshift` configuration specification. Any valid 4.13.0 configuration can be updated to a 4.14.0 configuration by changing the version string in the config.
@@ -26,7 +32,7 @@ SSH keys and systemd units are now embeddable via file references to local files
 <!-- butane-config -->
 ```yaml
 variant: openshift
-version: 4.14.0-experimental
+version: 4.14.0
 metadata:
   name: minimal-config
   labels:
@@ -46,8 +52,6 @@ passwd:
         - id_rsa.pub
 ```
 
-{% endcomment %}
-
 ## From Version 4.12.0 to 4.13.0
 
 There are no breaking changes between versions 4.12.0 and 4.13.0 of the `openshift` configuration specification. Any valid 4.12.0 configuration can be updated to a 4.13.0 configuration by changing the version string in the config.

internal/doc/butane.yaml

@@ -39,7 +39,7 @@ mode:
       replacement: are not supported
       if:
         - variant: openshift
-          min: 4.14.0-experimental
+          min: 4.14.0
 
 append-contents-local:
   # Mention contents_local on specs that support it.
@@ -212,7 +212,7 @@ root:
                   replacement: "or swap"
                   if:
                     - variant: openshift
-                      min: 4.14.0-experimental
+                      min: 4.14.0
             - name: with_mount_unit
               after: $
               desc: whether to additionally generate a generic mount unit for this filesystem or a swap unit for this swap area. If a more specific unit is needed, a custom one can be specified in the `systemd.units` section. The unit will be named with the [escaped](https://www.freedesktop.org/software/systemd/man/systemd-escape.html) version of the `path` or `device`, depending on the unit type. If your filesystem is located on a Tang-backed LUKS device, the unit will automatically require network access if you specify the device as `/dev/mapper/<device-name>` or `/dev/disk/by-id/dm-name-<device-name>`.

internal/doc/main.go

@@ -49,7 +49,7 @@ import (
 	openshift4_11 "github.com/coreos/butane/config/openshift/v4_11"
 	openshift4_12 "github.com/coreos/butane/config/openshift/v4_12"
 	openshift4_13 "github.com/coreos/butane/config/openshift/v4_13"
-	openshift4_14_exp "github.com/coreos/butane/config/openshift/v4_14_exp"
+	openshift4_14 "github.com/coreos/butane/config/openshift/v4_13"
 	openshift4_15_exp "github.com/coreos/butane/config/openshift/v4_15_exp"
 	openshift4_8 "github.com/coreos/butane/config/openshift/v4_8"
 	openshift4_9 "github.com/coreos/butane/config/openshift/v4_9"
@@ -122,13 +122,13 @@ func generate(dir string) error {
 			[]version{
 				// inverse order of website navbar
 				{"4.15.0-experimental", openshift4_15_exp.Config{}},
-				{"4.14.0-experimental", openshift4_14_exp.Config{}},
 				{"4.8.0", openshift4_8.Config{}},
 				{"4.9.0", openshift4_9.Config{}},
 				{"4.10.0", openshift4_10.Config{}},
 				{"4.11.0", openshift4_11.Config{}},
 				{"4.12.0", openshift4_12.Config{}},
 				{"4.13.0", openshift4_13.Config{}},
+				{"4.14.0", openshift4_14.Config{}},
 			},
 		},
 		{