Merge branch 'stackhpc/yoga' into yoga-octavia-bump

bbezak · web-flow · commit d288f2e869a3 · 2023-09-21T09:32:48.000+02:00
diff --git a/etc/kayobe/environments/ci-builder/stackhpc-ci.yml b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml
@@ -18,6 +18,7 @@ kolla_enable_etcd: true
 kolla_enable_grafana: true
 kolla_enable_influxdb: true
 kolla_enable_ironic: true
+kolla_enable_kibana: "{{ kolla_base_distro not in ['rocky'] }}"
 kolla_enable_magnum: true
 kolla_enable_manila: true
 kolla_enable_mariabackup: true
diff --git a/etc/kayobe/kolla/globals.yml b/etc/kayobe/kolla/globals.yml
@@ -17,49 +17,37 @@ kayobe_image_tags:
   openstack:
     centos: yoga-20230905T130221
     rocky: yoga-20230310T170929
-    ubuntu: yoga-20230220T181235
+    ubuntu: yoga-20230913T160015
   bifrost:
     rocky: yoga-20230310T194732
-    ubuntu: yoga-20230220T184947
   blazar:
     rocky: yoga-20230315T130918
-    ubuntu: yoga-20230315T125441
   caso:
     rocky: yoga-20230315T130918
-    ubuntu: yoga-20230315T125441
   grafana:
     rocky: yoga-20230419T111514
-    ubuntu: yoga-20230426T084340
   ironic:
     rocky: yoga-20230316T170311
-    ubuntu: yoga-20230316T154704
   ironic_dnsmasq:
     rocky: yoga-20230310T170929
-    ubuntu: yoga-20230220T181235
   kibana:
     centos: yoga-20230907T152300
   magnum:
     rocky: yoga-20230825T142202
-    ubuntu: yoga-20230825T142202
   neutron:
     rocky: yoga-20230728T081242
-    ubuntu: yoga-20230728T081242
   nova:
     rocky: yoga-20230718T112646
-    ubuntu: yoga-20230718T112646
   nova_libvirt:
     # Live-migration is broken from qemu-kvm-6.2.0-20.module_el8.7.0+1218+f626c2ff to qemu-kvm-6.2.0-39.module_el8+669+76cc32af
     # with signature: `Missing section footer for 0000:00:01.3/piix4_pm`. Test carefully before bumping.
     centos: yoga-20230718T112646
   openvswitch:
     rocky: yoga-20230515T150233
-    ubuntu: yoga-20230515T150233
   ovn:
     rocky: yoga-20230515T150233
-    ubuntu: yoga-20230515T150233
   prometheus_node_exporter:
     rocky: yoga-20230315T170614
-    ubuntu: yoga-20230315T170541
 
 bifrost_tag: "{% raw %}{{ kayobe_image_tags['bifrost'][kolla_base_distro] | default(openstack_tag) }}{% endraw %}"
 blazar_tag: "{% raw %}{{ kayobe_image_tags['blazar'][kolla_base_distro] | default(openstack_tag) }}{% endraw %}"
diff --git a/etc/kayobe/pulp-repo-versions.yml b/etc/kayobe/pulp-repo-versions.yml
@@ -16,7 +16,7 @@ stackhpc_pulp_repo_centos_stream_9_nfv_openvswitch_version: 20230510T072502
 stackhpc_pulp_repo_centos_stream_9_openstack_yoga_version: 20230310T163106
 stackhpc_pulp_repo_centos_stream_9_opstools_version: 20230301T034123
 stackhpc_pulp_repo_centos_stream_9_storage_ceph_pacific_version: 20230308T155704
-stackhpc_pulp_repo_docker_ce_ubuntu_version: 20230811T005529
+stackhpc_pulp_repo_docker_ce_ubuntu_version: 20230908T013529
 stackhpc_pulp_repo_docker_version: 20230801T003759
 stackhpc_pulp_repo_elasticsearch_logstash_kibana_7_x_version: 20230727T144020
 stackhpc_pulp_repo_epel_9_version: 20230302T031902
@@ -51,8 +51,8 @@ stackhpc_pulp_repo_rocky_9_2_crb_version: 20230825T131407
 stackhpc_pulp_repo_rocky_9_2_extras_version: 20230825T131407
 stackhpc_pulp_repo_rocky_9_2_highavailability_version: 20230805T012805
 stackhpc_pulp_repo_treasuredata_4_version: 20230903T003752
-stackhpc_pulp_repo_ubuntu_cloud_archive_version: 20230811T105337
-stackhpc_pulp_repo_ubuntu_focal_security_version: 20230825T083004
-stackhpc_pulp_repo_ubuntu_focal_version: 20230825T083004
-stackhpc_pulp_repo_ubuntu_jammy_security_version: 20230811T044829
-stackhpc_pulp_repo_ubuntu_jammy_version: 20230811T044829
+stackhpc_pulp_repo_ubuntu_cloud_archive_version: 20230908T112533
+stackhpc_pulp_repo_ubuntu_focal_security_version: 20230908T101641
+stackhpc_pulp_repo_ubuntu_focal_version: 20230908T101641
+stackhpc_pulp_repo_ubuntu_jammy_security_version: 20230908T053616
+stackhpc_pulp_repo_ubuntu_jammy_version: 20230908T053616
diff --git a/releasenotes/notes/bump-ubuntu-snapshots-2023-09-15-22ca5250d40bd5b6.yaml b/releasenotes/notes/bump-ubuntu-snapshots-2023-09-15-22ca5250d40bd5b6.yaml
@@ -0,0 +1,8 @@
+---
+security:
+  - |
+    Bumps Ubuntu repository snapshots and container images to bring in latest
+    security patches. This includes the microcode to patch Inception
+    (CVE-2023-20569) and Downfall (CVE-2022-40982). Zenbleed (CVE-2023-20593)
+    was patched in the previous snapshot bump. To apply the microcode updates,
+    it is recommended to reboot each host after upgrading all of the packages.
