OSASINFRA-3976: Sync main with latest upstream (release-0.13)

[stephenfin]

Please review individual commits for an overview of what I've done here.

❯ git diff upstream/release-0.13 -- \
    ':!vendor' ':!hack/tools/vendor' ':!openshift' \
    ':!DOWNSTREAM_OWNERS' ':!DOWNSTREAM_OWNERS_ALIASES' \
    ':!.ci-operator.yaml' ':!.snyk' ':!Dockerfile.rhel'

diff --git .gitignore .gitignore
index fbf39d817..bc191173f 100644
--- .gitignore
+++ .gitignore
@@ -187,5 +187,7 @@ docs/book/book/
 # Development container files (https://containers.dev/)
 .devcontainer
 
-# CAPO doesn't use vendorings
-vendor/
+# Don't ignore anything in vendor directories
+!/vendor/**
+!/hack/tools/vendor/**
diff --git Makefile Makefile
index 7b550dc74..0dbe0e743 100644
--- Makefile
+++ Makefile
@@ -290,6 +290,18 @@ modules: ## Runs go mod to ensure proper vendoring.
        go mod tidy
        cd $(TOOLS_DIR); go mod tidy
 
+.PHONY: merge-bot
+merge-bot: full-vendoring generate generate-openshift ## Runs targets that help merge-bot to rebase downstream CAPO.
+
+.PHONY: full-vendoring
+full-vendoring: ## Runs commands that complete vendoring tasks for downstream CAPO.
+       go mod tidy && go mod vendor
+       cd $(TOOLS_DIR); go mod tidy; go mod vendor
+
+.PHONY: generate-openshift
+generate-openshift:
+       $(MAKE) -C $(REPO_ROOT)/openshift generate
+
 .PHONY: generate
 generate: templates generate-controller-gen generate-codegen generate-go generate-manifests generate-api-docs ## Generate all generated code
 
@@ -610,6 +622,17 @@ verify-security: ## Verify code and images for vulnerabilities
                exit 1; \
        fi
 
+.PHONY: vendor verify-vendoring
+vendor:
+       go mod vendor
+       cd $(TOOLS_DIR); go mod vendor
+
+verify-vendoring: vendor
+       @if !(git diff --quiet HEAD); then \
+               git diff; \
+               echo "vendored files are out of date, run go mod vendor"; exit 1; \
+       fi
+
 .PHONY: compile-e2e
 compile-e2e: ## Test e2e compilation
        go test -c -o /dev/null -tags=e2e ./test/e2e/suites/conformance
diff --git hack/update-codegen.sh hack/update-codegen.sh
index f7161d819..377947de8 100755
--- hack/update-codegen.sh
+++ hack/update-codegen.sh
@@ -49,7 +49,6 @@ declare -a gen_openapi_args=(
     --extra-pkgs sigs.k8s.io/cluster-api/api/core/v1beta2
     --extra-pkgs sigs.k8s.io/cluster-api/api/ipam/v1beta2
     --extra-pkgs sigs.k8s.io/cluster-api/api/core/v1beta1
-    --extra-pkgs sigs.k8s.io/cluster-api/api/ipam/v1beta1
     --extra-pkgs k8s.io/api/core/v1
 )

The last hunk will disappear once kubernetes-sigs#2884 merges upstream.

[openshift-ci-robot]

@stephenfin: This pull request references Jira Issue OCPBUGS-64813, which is valid.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.21.0) matches configured target version for branch (4.21.0)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

No GitHub users were found matching the public email listed for the QA contact in Jira (imatza@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Please review individual commits for an overview of what I've done here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[stephenfin]

/assign @mandre

[mandre]

/lgtm
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mandre

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• DOWNSTREAM_OWNERS [mandre]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[stephenfin]

/retitle OSASINFRA-3976: Sync main with latest upstream (release-0.13)

[openshift-ci-robot]

@stephenfin: This pull request references OSASINFRA-3976 which is a valid jira issue.

Details

In response to this:

Please review individual commits for an overview of what I've done here.

❯ git diff upstream/release-0.13 -- \
   ':!vendor' ':!hack/tools/vendor' ':!openshift' \
   ':!DOWNSTREAM_OWNERS' ':!DOWNSTREAM_OWNERS_ALIASES' \
   ':!.ci-operator.yaml' ':!.snyk' ':!Dockerfile.rhel'

diff --git .gitignore .gitignore
index fbf39d817..bc191173f 100644
--- .gitignore
+++ .gitignore
@@ -187,5 +187,7 @@ docs/book/book/
# Development container files (https://containers.dev/)
.devcontainer

-# CAPO doesn't use vendorings
-vendor/
+# Don't ignore anything in vendor directories
+!/vendor/**
+!/hack/tools/vendor/**
diff --git Makefile Makefile
index 7b550dc74..0dbe0e743 100644
--- Makefile
+++ Makefile
@@ -290,6 +290,18 @@ modules: ## Runs go mod to ensure proper vendoring.
       go mod tidy
       cd $(TOOLS_DIR); go mod tidy

+.PHONY: merge-bot
+merge-bot: full-vendoring generate generate-openshift ## Runs targets that help merge-bot to rebase downstream CAPO.
+
+.PHONY: full-vendoring
+full-vendoring: ## Runs commands that complete vendoring tasks for downstream CAPO.
+       go mod tidy && go mod vendor
+       cd $(TOOLS_DIR); go mod tidy; go mod vendor
+
+.PHONY: generate-openshift
+generate-openshift:
+       $(MAKE) -C $(REPO_ROOT)/openshift generate
+
.PHONY: generate
generate: templates generate-controller-gen generate-codegen generate-go generate-manifests generate-api-docs ## Generate all generated code

@@ -610,6 +622,17 @@ verify-security: ## Verify code and images for vulnerabilities
               exit 1; \
       fi

+.PHONY: vendor verify-vendoring
+vendor:
+       go mod vendor
+       cd $(TOOLS_DIR); go mod vendor
+
+verify-vendoring: vendor
+       @if !(git diff --quiet HEAD); then \
+               git diff; \
+               echo "vendored files are out of date, run go mod vendor"; exit 1; \
+       fi
+
.PHONY: compile-e2e
compile-e2e: ## Test e2e compilation
       go test -c -o /dev/null -tags=e2e ./test/e2e/suites/conformance
diff --git hack/update-codegen.sh hack/update-codegen.sh
index f7161d819..377947de8 100755
--- hack/update-codegen.sh
+++ hack/update-codegen.sh
@@ -49,7 +49,6 @@ declare -a gen_openapi_args=(
    --extra-pkgs sigs.k8s.io/cluster-api/api/core/v1beta2
    --extra-pkgs sigs.k8s.io/cluster-api/api/ipam/v1beta2
    --extra-pkgs sigs.k8s.io/cluster-api/api/core/v1beta1
-    --extra-pkgs sigs.k8s.io/cluster-api/api/ipam/v1beta1
    --extra-pkgs k8s.io/api/core/v1
)

The last hunk will disappear once kubernetes-sigs#2884 merges upstream.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[stephenfin]

/label acknowledge-critical-fixes-only

[stephenfin]

/verified by CI
/override ci/prow/e2e-hypershift

[openshift-ci-robot]

@stephenfin: This PR has been marked as verified by CI.

Details

In response to this:

/verified by CI
/override ci/prow/e2e-hypershift

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@stephenfin: Overrode contexts on behalf of stephenfin: ci/prow/e2e-hypershift

Details

In response to this:

/verified by CI
/override ci/prow/e2e-hypershift

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

@stephenfin: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.