Skip to content

OCPBUGS-66940: fix default image for confidential VMs #1443

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
patrickdillon wants to merge 1 commit into
base: main
Choose a base branch
from
Open

OCPBUGS-66940: fix default image for confidential VMs #1443

patrickdillon wants to merge 1 commit into from

Conversation

@patrickdillon
Copy link
Contributor

@patrickdillon patrickdillon commented Dec 4, 2025

The installer still creates an image gallery for confidfential VMs, and we can tell its a confidential VM from the machine provider spec, so this updates the default to point to an installer-created gallery rather than the marketplace image.

@openshift-ci-robot openshift-ci-robot added jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Dec 4, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Dec 4, 2025

@patrickdillon: This pull request references Jira Issue OCPBUGS-66244, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.21.0) matches configured target version for branch (4.21.0)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @sunzhaohua2

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

The installer still creates an image gallery for confidfential VMs, and we can tell its a confidential VM from the machine provider spec, so this updates the default to point to an installer-created gallery rather than the marketplace image.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested a review from sunzhaohua2 December 4, 2025 20:47
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 4, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign theobarberbany for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@patrickdillon
OCPBUGS-66244: fix default image for confidential VMs
0e9cb0c 
The installer still creates an image gallery for confidfential
VMs, and we can tell its a confidential VM from the machine
provider spec, so this updates the default to point to an
installer-created gallery rather than the marketplace image.
@patrickdillon patrickdillon force-pushed the az-confidential-vm-img branch from 1364696 to 0e9cb0c Compare December 4, 2025 20:50
@damdo
Copy link
Member

damdo commented Dec 5, 2025

/test unit

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 5, 2025

@patrickdillon: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@sunzhaohua2
Copy link
Contributor

sunzhaohua2 commented Dec 5, 2025
edited
Loading

/verified by @sunzhaohua2
Tested on confidential VM cluster, with this pr, if we don't specify image, machine can be created succeed.

$ oc get machine                                                                                             
NAME                                                   PHASE     TYPE                 REGION       ZONE   AGE
ci-op-x4r75bt8-b6d04-7tsnr-master-0                    Running   Standard_DC4es_v5    westeurope   2      97m
ci-op-x4r75bt8-b6d04-7tsnr-master-1                    Running   Standard_DC4es_v5    westeurope   2      97m
ci-op-x4r75bt8-b6d04-7tsnr-master-2                    Running   Standard_DC4es_v5    westeurope   2      97m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope2-47h44    Running   Standard_DC4ads_v5   westeurope   2      91m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope2-nwhqb    Running   Standard_DC4ads_v5   westeurope   2      91m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope2-qr8gt    Running   Standard_DC4ads_v5   westeurope   2      91m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope21-9jsgx   Running   Standard_DC4ads_v5   westeurope   2      5m39s
$ oc get machine ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope21-9jsgx -o yaml                               
      image:
        offer: ""
        publisher: ""
        resourceID: /resourceGroups/ci-op-x4r75bt8-b6d04-7tsnr-rg/providers/Microsoft.Compute/galleries/gallery_ci_op_x4r75bt8_b6d04_7tsnr/images/ci-op-x4r75bt8-b6d04-7tsnr-gen2/versions/latest
        sku: ""
        version: ""

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Dec 5, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Dec 5, 2025

@sunzhaohua2: This PR has been marked as verified by @sunzhaohua2.

Details

In response to this:

/verified by @sunzhaohua2
With pr 1443, if we don't specify image, machine can be created succeed.

$ oc get machine                                                                                             
NAME                                                   PHASE     TYPE                 REGION       ZONE   AGE
ci-op-x4r75bt8-b6d04-7tsnr-master-0                    Running   Standard_DC4es_v5    westeurope   2      97m
ci-op-x4r75bt8-b6d04-7tsnr-master-1                    Running   Standard_DC4es_v5    westeurope   2      97m
ci-op-x4r75bt8-b6d04-7tsnr-master-2                    Running   Standard_DC4es_v5    westeurope   2      97m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope2-47h44    Running   Standard_DC4ads_v5   westeurope   2      91m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope2-nwhqb    Running   Standard_DC4ads_v5   westeurope   2      91m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope2-qr8gt    Running   Standard_DC4ads_v5   westeurope   2      91m
ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope21-9jsgx   Running   Standard_DC4ads_v5   westeurope   2      5m39s
$ oc get machine ci-op-x4r75bt8-b6d04-7tsnr-worker-westeurope21-9jsgx -o yaml                               
     image:
       offer: ""
       publisher: ""
       resourceID: /resourceGroups/ci-op-x4r75bt8-b6d04-7tsnr-rg/providers/Microsoft.Compute/galleries/gallery_ci_op_x4r75bt8_b6d04_7tsnr/images/ci-op-x4r75bt8-b6d04-7tsnr-gen2/versions/latest
       sku: ""
       version: ""

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@nrb
Copy link
Contributor

nrb commented Dec 10, 2025

/title OCPBUGS-66240: fix default image for confidential VMs

@nrb
Copy link
Contributor

nrb commented Dec 10, 2025

/retitle OCPBUGS-66240: fix default image for confidential VMs

@openshift-ci openshift-ci bot changed the title OCPBUGS-66244: fix default image for confidential VMs OCPBUGS-66240: fix default image for confidential VMs Dec 10, 2025
@openshift-ci-robot openshift-ci-robot added jira/severity-important Referenced Jira bug's severity is important for the branch this PR is targeting. and removed jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Dec 10, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Dec 10, 2025

@patrickdillon: This pull request references Jira Issue OCPBUGS-66240, which is invalid:

  • expected the bug to target either version "4.21." or "openshift-4.21.", but it targets "4.20.z" instead
  • expected the bug to be in one of the following states: NEW, ASSIGNED, POST, but it is Verified instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

The installer still creates an image gallery for confidfential VMs, and we can tell its a confidential VM from the machine provider spec, so this updates the default to point to an installer-created gallery rather than the marketplace image.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot openshift-ci-robot added the jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. label Dec 10, 2025
@sunzhaohua2
Copy link
Contributor

sunzhaohua2 commented Dec 11, 2025

/retitle OCPBUGS-66940: fix default image for confidential VMs

@openshift-ci openshift-ci bot changed the title OCPBUGS-66240: fix default image for confidential VMs OCPBUGS-66940: fix default image for confidential VMs Dec 11, 2025
@openshift-ci-robot openshift-ci-robot removed the jira/severity-important Referenced Jira bug's severity is important for the branch this PR is targeting. label Dec 11, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Dec 11, 2025

@patrickdillon: This pull request references Jira Issue OCPBUGS-66940, which is invalid:

  • expected the bug to target the "4.21.0" version, but no target version was set

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

The installer still creates an image gallery for confidfential VMs, and we can tell its a confidential VM from the machine provider spec, so this updates the default to point to an installer-created gallery rather than the marketplace image.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot openshift-ci-robot added the jira/severity-low Referenced Jira bug's severity is low for the branch this PR is targeting. label Dec 11, 2025
@damdo
Copy link
Member

damdo commented Dec 12, 2025

/cherry-pick release-4.21

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Dec 12, 2025

@damdo: once the present PR merges, I will cherry-pick it on top of release-4.21 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick release-4.21

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@tthvo
Copy link
Member

tthvo commented Dec 12, 2025

/jira refresh

@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Dec 12, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Dec 12, 2025

@tthvo: This pull request references Jira Issue OCPBUGS-66940, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @sunzhaohua2

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sunzhaohua2 sunzhaohua2 Awaiting requested review from sunzhaohua2

@mdbooth mdbooth Awaiting requested review from mdbooth

@theobarberbany theobarberbany Awaiting requested review from theobarberbany

Assignees

No one assigned

Labels

jira/severity-low Referenced Jira bug's severity is low for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@patrickdillon @openshift-ci-robot @damdo @sunzhaohua2 @nrb @openshift-cherrypick-robot @tthvo