diff --git a/blocked-edges/4.10.0-fc.2-modified-aws-load-balancer-service.yaml b/blocked-edges/4.10.0-fc.2-modified-aws-load-balancer-service.yaml deleted file mode 100644 index a01b6b7f8..000000000 --- a/blocked-edges/4.10.0-fc.2-modified-aws-load-balancer-service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -to: 4.10.0-fc.2 -from: 4[.]10[.].* -url: https://bugzilla.redhat.com/show_bug.cgi?id=2039339 -name: ModifiedAWSLoadBalancerServiceTags -message: |- - On AWS clusters for Services in the openshift-ingress namespace, service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags annotations that diverge from Infrastructure's status.platformStatus.aws.resourceTags are expected to be clobbered on update to 4.11. There may or may not be Service annotations like that on this cluster, and you can check by comparing: - - $ oc get -o custom-columns=TAGS:.status.platformStatus.aws.resourceTags infrastructure cluster - - with: - - $ oc -n openshift-ingress get -o custom-columns=NAMESPACE:.metadata.namespace,NAME:.metadata.name,ANNOTATIONS:.metadata.annotations services | grep service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags - - This will not cause issues updating between 4.10 releases. This conditional update is just a demonstration of the conditional update system. -matchingRules: -- type: PromQL - promql: - promql: | - cluster_infrastructure_provider{type="AWS"} - or - 0 * cluster_infrastructure_provider diff --git a/blocked-edges/4.10.0-fc.4-alibaba-storage-fixes.yaml b/blocked-edges/4.10.0-fc.4-alibaba-storage-fixes.yaml deleted file mode 100644 index d73eaea41..000000000 --- a/blocked-edges/4.10.0-fc.4-alibaba-storage-fixes.yaml +++ /dev/null @@ -1,13 +0,0 @@ -to: 4.10.0-fc.4 -from: 4[.]10[.].* -url: https://bugzilla.redhat.com/show_bug.cgi?id=2047190 -name: AlibabaStorageDriverDemo -message: |- - The Alibaba storage driver was updated from a patched 1.1.4 to a patched 1.1.6 in 4.10.0-rc.0. That is unlikely to fix anything that regressed in this provider from fc.3 to fc.4, but this conditional update is pretending it does, as a demonstration of the conditional update system. -matchingRules: -- type: PromQL - promql: - promql: | - cluster_infrastructure_provider{type="AlibabaCloud"} - or - 0 * cluster_infrastructure_provider diff --git a/blocked-edges/4.10.10-parallel-ceph_fsync.yaml b/blocked-edges/4.10.10-parallel-ceph_fsync.yaml index b5ee4c094..71cba5abb 100644 --- a/blocked-edges/4.10.10-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.10-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.11-parallel-ceph_fsync.yaml b/blocked-edges/4.10.11-parallel-ceph_fsync.yaml index 50ce5cb2a..ea328d44e 100644 --- a/blocked-edges/4.10.11-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.11-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.12-parallel-ceph_fsync.yaml b/blocked-edges/4.10.12-parallel-ceph_fsync.yaml index ca37a63e4..3626c0bf9 100644 --- a/blocked-edges/4.10.12-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.12-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.13-parallel-ceph_fsync.yaml b/blocked-edges/4.10.13-parallel-ceph_fsync.yaml index 5cab7cbb3..9f8a39fcd 100644 --- a/blocked-edges/4.10.13-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.13-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.14-parallel-ceph_fsync.yaml b/blocked-edges/4.10.14-parallel-ceph_fsync.yaml index 9ff4b78c0..e8113d052 100644 --- a/blocked-edges/4.10.14-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.14-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.14-release-data-with-hyphen-prefix.yaml b/blocked-edges/4.10.14-release-data-with-hyphen-prefix.yaml index a3fb149ae..c798c2670 100644 --- a/blocked-edges/4.10.14-release-data-with-hyphen-prefix.yaml +++ b/blocked-edges/4.10.14-release-data-with-hyphen-prefix.yaml @@ -5,11 +5,4 @@ name: ReleaseDataWithHyphenPrefix message: |- Clusters updating out of 4.10.14 may, depending on their past history, fail to initiate the update to any later release. In order to avoid this trouble, we recommend avoiding updates to this release. The linked solution includes steps to avoid the issue if you do decide to update to 4.10.14. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(cluster_version{type="initial",version=~"4[.][0-9][.].*"}),"born_by_4_9", "yes, so possibly touched a hyphen-hashing version", "", "") - or - label_replace(0 * group(cluster_version{type="initial",version!~"4[.][0-9][.].*"}),"born_by_4_9", "no, so will not have touched a hyphen-hashing version", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.15-parallel-ceph_fsync.yaml b/blocked-edges/4.10.15-parallel-ceph_fsync.yaml index 13a1b880a..533d41f54 100644 --- a/blocked-edges/4.10.15-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.15-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.15-release-data-with-hyphen-prefix.yaml b/blocked-edges/4.10.15-release-data-with-hyphen-prefix.yaml index ccbe0a644..6fbe80b53 100644 --- a/blocked-edges/4.10.15-release-data-with-hyphen-prefix.yaml +++ b/blocked-edges/4.10.15-release-data-with-hyphen-prefix.yaml @@ -5,11 +5,4 @@ name: ReleaseDataWithHyphenPrefix message: |- Clusters updating out of 4.10.15 may, depending on their past history, fail to initiate the update to any later release. In order to avoid this trouble, we recommend avoiding updates to this release. The linked solution includes steps to avoid the issue if you do decide to update to 4.10.15. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(cluster_version{type="initial",version=~"4[.][0-9][.].*"}),"born_by_4_9", "yes, so possibly touched a hyphen-hashing version", "", "") - or - label_replace(0 * group(cluster_version{type="initial",version!~"4[.][0-9][.].*"}),"born_by_4_9", "no, so will not have touched a hyphen-hashing version", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.16-parallel-ceph_fsync.yaml b/blocked-edges/4.10.16-parallel-ceph_fsync.yaml index e70dbd4be..c7829607d 100644 --- a/blocked-edges/4.10.16-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.16-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.16-release-data-with-hyphen-prefix.yaml b/blocked-edges/4.10.16-release-data-with-hyphen-prefix.yaml index 5670acdf8..7c135fbbe 100644 --- a/blocked-edges/4.10.16-release-data-with-hyphen-prefix.yaml +++ b/blocked-edges/4.10.16-release-data-with-hyphen-prefix.yaml @@ -5,11 +5,4 @@ name: ReleaseDataWithHyphenPrefix message: |- Clusters updating out of 4.10.16 may, depending on their past history, fail to initiate the update to any later release. In order to avoid this trouble, we recommend avoiding updates to this release. The linked solution includes steps to avoid the issue if you do decide to update to 4.10.16. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(cluster_version{type="initial",version=~"4[.][0-9][.].*"}),"born_by_4_9", "yes, so possibly touched a hyphen-hashing version", "", "") - or - label_replace(0 * group(cluster_version{type="initial",version!~"4[.][0-9][.].*"}),"born_by_4_9", "no, so will not have touched a hyphen-hashing version", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.17-release-data-with-hyphen-prefix.yaml b/blocked-edges/4.10.17-release-data-with-hyphen-prefix.yaml index 1440b21a1..d202a40ee 100644 --- a/blocked-edges/4.10.17-release-data-with-hyphen-prefix.yaml +++ b/blocked-edges/4.10.17-release-data-with-hyphen-prefix.yaml @@ -5,11 +5,4 @@ name: ReleaseDataWithHyphenPrefix message: |- Clusters updating out of 4.10.17 may, depending on their past history, fail to initiate the update to any later release. In order to avoid this trouble, we recommend avoiding updates to this release. The linked solution includes steps to avoid the issue if you do decide to update to 4.10.17. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(cluster_version{type="initial",version=~"4[.][0-9][.].*"}),"born_by_4_9", "yes, so possibly touched a hyphen-hashing version", "", "") - or - label_replace(0 * group(cluster_version{type="initial",version!~"4[.][0-9][.].*"}),"born_by_4_9", "no, so will not have touched a hyphen-hashing version", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.18-release-data-with-hyphen-prefix.yaml b/blocked-edges/4.10.18-release-data-with-hyphen-prefix.yaml index d702595db..e33db4082 100644 --- a/blocked-edges/4.10.18-release-data-with-hyphen-prefix.yaml +++ b/blocked-edges/4.10.18-release-data-with-hyphen-prefix.yaml @@ -5,11 +5,4 @@ name: ReleaseDataWithHyphenPrefix message: |- Clusters updating out of 4.10.18 may, depending on their past history, fail to initiate the update to any later release. In order to avoid this trouble, we recommend avoiding updates to this release. The linked solution includes steps to avoid the issue if you do decide to update to 4.10.18. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(cluster_version{type="initial",version=~"4[.][0-9][.].*"}),"born_by_4_9", "yes, so possibly touched a hyphen-hashing version", "", "") - or - label_replace(0 * group(cluster_version{type="initial",version!~"4[.][0-9][.].*"}),"born_by_4_9", "no, so will not have touched a hyphen-hashing version", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.38-node-creation-fails.yaml b/blocked-edges/4.10.38-node-creation-fails.yaml index f495009ba..2caa07dd9 100644 --- a/blocked-edges/4.10.38-node-creation-fails.yaml +++ b/blocked-edges/4.10.38-node-creation-fails.yaml @@ -5,9 +5,4 @@ name: OpenStackNodeCreationFails message: |- Adding new nodes to the exsiting cluster on OpenStack will fail. matchingRules: -- type: PromQL - promql: - promql: | - cluster_infrastructure_provider{type="OpenStack"} - or - 0 * cluster_infrastructure_provider +- type: Always diff --git a/blocked-edges/4.10.4-parallel-ceph_fsync.yaml b/blocked-edges/4.10.4-parallel-ceph_fsync.yaml index 9c5eb9df7..95c02b68f 100644 --- a/blocked-edges/4.10.4-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.4-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.5-parallel-ceph_fsync.yaml b/blocked-edges/4.10.5-parallel-ceph_fsync.yaml index b94b31bfb..82947c813 100644 --- a/blocked-edges/4.10.5-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.5-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.6-parallel-ceph_fsync.yaml b/blocked-edges/4.10.6-parallel-ceph_fsync.yaml index f60890458..a80b4d1bb 100644 --- a/blocked-edges/4.10.6-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.6-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.7-parallel-ceph_fsync.yaml b/blocked-edges/4.10.7-parallel-ceph_fsync.yaml index 8d8dab1dc..a560e5d06 100644 --- a/blocked-edges/4.10.7-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.7-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.8-parallel-ceph_fsync.yaml b/blocked-edges/4.10.8-parallel-ceph_fsync.yaml index ba9fa81a8..13291c937 100644 --- a/blocked-edges/4.10.8-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.8-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.10.9-parallel-ceph_fsync.yaml b/blocked-edges/4.10.9-parallel-ceph_fsync.yaml index d2dab13cb..34cf0e466 100644 --- a/blocked-edges/4.10.9-parallel-ceph_fsync.yaml +++ b/blocked-edges/4.10.9-parallel-ceph_fsync.yaml @@ -5,11 +5,4 @@ name: CephParallelFsync message: |- This update would introduce a CephFS kernel driver regression, exposing a kernel panic when workloads make parallel ceph_fsync calls to the same file. The update also introduces many bug fixes as described in the errata, so weigh those against the risk of Ceph kernel panics when deciding whether to update or wait for an OpenShift release that also fixes the Ceph regression. matchingRules: -- type: PromQL - promql: - promql: | - topk(1, - label_replace(group(ceph_health_status), "ceph", "yes", "", "") - or - label_replace(0 * group(cluster_version), "ceph", "no", "", "") - ) +- type: Always diff --git a/blocked-edges/4.11.0-fc.0-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-fc.0-stale-insights-run-level-label.yaml index 6717fa178..905ae528c 100644 --- a/blocked-edges/4.11.0-fc.0-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-fc.0-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-fc.0. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-fc.0-stale-selinux-policies.yaml b/blocked-edges/4.11.0-fc.0-stale-selinux-policies.yaml index e2f44a288..590285e47 100644 --- a/blocked-edges/4.11.0-fc.0-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-fc.0-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-fc.0. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-fc.3-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-fc.3-stale-insights-run-level-label.yaml index 454c80046..5ac1d1eb8 100644 --- a/blocked-edges/4.11.0-fc.3-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-fc.3-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-fc.3. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-fc.3-stale-selinux-policies.yaml b/blocked-edges/4.11.0-fc.3-stale-selinux-policies.yaml index e8a930da4..1dd9c73b4 100644 --- a/blocked-edges/4.11.0-fc.3-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-fc.3-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-fc.3. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.0-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.0-stale-insights-run-level-label.yaml index 6632a62d4..a9060602f 100644 --- a/blocked-edges/4.11.0-rc.0-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.0-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.0. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.0-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.0-stale-selinux-policies.yaml index 55f007fe3..7fc044ae8 100644 --- a/blocked-edges/4.11.0-rc.0-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.0-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.0. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.1-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.1-stale-insights-run-level-label.yaml index 51b4f87e2..16c61456e 100644 --- a/blocked-edges/4.11.0-rc.1-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.1-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.1. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.1-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.1-stale-selinux-policies.yaml index 638bdb1fd..7975e1d05 100644 --- a/blocked-edges/4.11.0-rc.1-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.1-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.1. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.2-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.2-stale-insights-run-level-label.yaml index 10b4970d8..16b9e8057 100644 --- a/blocked-edges/4.11.0-rc.2-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.2-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.2. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.2-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.2-stale-selinux-policies.yaml index 02c71dbdd..c82db77c4 100644 --- a/blocked-edges/4.11.0-rc.2-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.2-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.2. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.3-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.3-stale-insights-run-level-label.yaml index 08d8b6cfe..bd63ba296 100644 --- a/blocked-edges/4.11.0-rc.3-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.3-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.3. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.3-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.3-stale-selinux-policies.yaml index 098191735..fc9cd8f7f 100644 --- a/blocked-edges/4.11.0-rc.3-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.3-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.3. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.4-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.4-stale-insights-run-level-label.yaml index 03ea60b17..dc4bcc956 100644 --- a/blocked-edges/4.11.0-rc.4-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.4-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.4. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.4-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.4-stale-selinux-policies.yaml index 93218565d..d0fd04fe6 100644 --- a/blocked-edges/4.11.0-rc.4-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.4-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.4. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.5-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.5-stale-insights-run-level-label.yaml index db96350be..0dab206b1 100644 --- a/blocked-edges/4.11.0-rc.5-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.5-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.5. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.5-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.5-stale-selinux-policies.yaml index 58db036bc..8806bb679 100644 --- a/blocked-edges/4.11.0-rc.5-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.5-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.5. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.6-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.6-stale-insights-run-level-label.yaml index 053338bf6..2eb031614 100644 --- a/blocked-edges/4.11.0-rc.6-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.6-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.6. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.6-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.6-stale-selinux-policies.yaml index 1dd98c0ef..83a639d45 100644 --- a/blocked-edges/4.11.0-rc.6-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.6-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.6. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-rc.7-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-rc.7-stale-insights-run-level-label.yaml index 60e9ac5cc..67338c36e 100644 --- a/blocked-edges/4.11.0-rc.7-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-rc.7-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0-rc.7. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-rc.7-stale-selinux-policies.yaml b/blocked-edges/4.11.0-rc.7-stale-selinux-policies.yaml index 986462527..630f39577 100644 --- a/blocked-edges/4.11.0-rc.7-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-rc.7-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0-rc.7. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.0-stale-insights-run-level-label.yaml b/blocked-edges/4.11.0-stale-insights-run-level-label.yaml index d99c8230a..3f4841058 100644 --- a/blocked-edges/4.11.0-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.0-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.0. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.0-stale-selinux-policies.yaml b/blocked-edges/4.11.0-stale-selinux-policies.yaml index 49a2fb714..81b67c1d6 100644 --- a/blocked-edges/4.11.0-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.0-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.0. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.1-stale-insights-run-level-label.yaml b/blocked-edges/4.11.1-stale-insights-run-level-label.yaml index 3481b3d71..0a11ef226 100644 --- a/blocked-edges/4.11.1-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.1-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.1. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.1-stale-selinux-policies.yaml b/blocked-edges/4.11.1-stale-selinux-policies.yaml index 185f92dbb..5bbd74de9 100644 --- a/blocked-edges/4.11.1-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.1-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.1. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.2-PodmanTermStorageCorruption.yaml b/blocked-edges/4.11.2-PodmanTermStorageCorruption.yaml index ce6f72bc5..c9903f423 100644 --- a/blocked-edges/4.11.2-PodmanTermStorageCorruption.yaml +++ b/blocked-edges/4.11.2-PodmanTermStorageCorruption.yaml @@ -5,9 +5,4 @@ name: PodmanTermStorageCorruption message: |- BareMetal, Nutanix, OpenStack, oVirt, and VSphere platforms may fail to update nodes in environments where it takes over 20 seconds to retrieve the Machine Config Daemon image. matchingRules: -- type: PromQL - promql: - promql: | - cluster_infrastructure_provider{type=~"BareMetal|Nutanix|OpenStack|oVirt|VSphere"} - or - 0 * cluster_infrastructure_provider +- type: Always diff --git a/blocked-edges/4.11.2-stale-insights-run-level-label.yaml b/blocked-edges/4.11.2-stale-insights-run-level-label.yaml index 8046e259d..bd1a6b8f4 100644 --- a/blocked-edges/4.11.2-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.2-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.2. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.2-stale-selinux-policies.yaml b/blocked-edges/4.11.2-stale-selinux-policies.yaml index a860fc689..f20b980d9 100644 --- a/blocked-edges/4.11.2-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.2-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.2. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.3-stale-insights-run-level-label.yaml b/blocked-edges/4.11.3-stale-insights-run-level-label.yaml index 2ab55c333..2ae80764f 100644 --- a/blocked-edges/4.11.3-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.3-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.3. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.3-stale-selinux-policies.yaml b/blocked-edges/4.11.3-stale-selinux-policies.yaml index 9e9a340e0..ec0fc5620 100644 --- a/blocked-edges/4.11.3-stale-selinux-policies.yaml +++ b/blocked-edges/4.11.3-stale-selinux-policies.yaml @@ -5,9 +5,4 @@ name: StaleSELinuxPolicies message: |- Custom SELinux policies, such as those installed by OpenShift Virtualization, may result in kubelet issues when updating to 4.11.3. matchingRules: -- type: PromQL - promql: - promql: | - group(csv_succeeded{name=~"kubevirt-hyperconverged-operator[.].*"}) - or - 0 * group(csv_count) +- type: Always diff --git a/blocked-edges/4.11.4-stale-insights-run-level-label.yaml b/blocked-edges/4.11.4-stale-insights-run-level-label.yaml index 4b78074fc..db90feb55 100644 --- a/blocked-edges/4.11.4-stale-insights-run-level-label.yaml +++ b/blocked-edges/4.11.4-stale-insights-run-level-label.yaml @@ -5,9 +5,4 @@ name: StaleInsightsRunLevelLabel message: |- An 'openshift.io/run-level: 1' annotation on the openshift-insights namespace may cause "container has runAsNonRoot" for the insights operator when updating to 4.11.4. matchingRules: -- type: PromQL - promql: - promql: | - kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level="1"} - or - 0 * kube_namespace_labels{namespace="openshift-insights",label_openshift_io_run_level=""} +- type: Always diff --git a/blocked-edges/4.11.6-ovn-namespace.yaml b/blocked-edges/4.11.6-ovn-namespace.yaml index e7656184e..db94ba280 100644 --- a/blocked-edges/4.11.6-ovn-namespace.yaml +++ b/blocked-edges/4.11.6-ovn-namespace.yaml @@ -5,9 +5,4 @@ name: OVNNetworkPolicyLongName message: |- A regression may lead to OVN control plane failure and workload disruption when updating to 4.11.6. matchingRules: -- type: PromQL - promql: - promql: | - group(max_over_time(cluster:usage:resources:sum{resource="egressips.k8s.ovn.org"}[1h])) - or - 0 * group(max_over_time(cluster:usage:resources:sum[1h])) +- type: Always diff --git a/blocked-edges/4.11.7-ovn-namespace.yaml b/blocked-edges/4.11.7-ovn-namespace.yaml index cc13d1576..e2d2913e1 100644 --- a/blocked-edges/4.11.7-ovn-namespace.yaml +++ b/blocked-edges/4.11.7-ovn-namespace.yaml @@ -5,9 +5,4 @@ name: OVNNetworkPolicyLongName message: |- A regression may lead to OVN control plane failure and workload disruption when updating to 4.11.7. matchingRules: -- type: PromQL - promql: - promql: | - group(max_over_time(cluster:usage:resources:sum{resource="egressips.k8s.ovn.org"}[1h])) - or - 0 * group(max_over_time(cluster:usage:resources:sum[1h])) +- type: Always diff --git a/blocked-edges/4.11.8-ovn-namespace.yaml b/blocked-edges/4.11.8-ovn-namespace.yaml index 5b438809f..a2ad93f99 100644 --- a/blocked-edges/4.11.8-ovn-namespace.yaml +++ b/blocked-edges/4.11.8-ovn-namespace.yaml @@ -5,9 +5,4 @@ name: OVNNetworkPolicyLongName message: |- A regression may lead to OVN control plane failure and workload disruption when updating to 4.11.8. matchingRules: -- type: PromQL - promql: - promql: | - group(max_over_time(cluster:usage:resources:sum{resource="egressips.k8s.ovn.org"}[1h])) - or - 0 * group(max_over_time(cluster:usage:resources:sum[1h])) +- type: Always diff --git a/blocked-edges/4.11.9-ovn-namespace.yaml b/blocked-edges/4.11.9-ovn-namespace.yaml index fa72fb9f6..123979aac 100644 --- a/blocked-edges/4.11.9-ovn-namespace.yaml +++ b/blocked-edges/4.11.9-ovn-namespace.yaml @@ -5,9 +5,4 @@ name: OVNNetworkPolicyLongName message: |- A regression may lead to OVN control plane failure and workload disruption when updating to 4.11.9. matchingRules: -- type: PromQL - promql: - promql: | - group(max_over_time(cluster:usage:resources:sum{resource="egressips.k8s.ovn.org"}[1h])) - or - 0 * group(max_over_time(cluster:usage:resources:sum[1h])) +- type: Always