Add 'TEST PR' section to README

Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>

Dockerfile

@@ -1,7 +1,7 @@
 # syntax=docker/dockerfile:1
 
-# Use immutable image tags rather than mutable tags (like ubuntu:22.04)
-FROM ubuntu:22.04@sha256:149d67e29f765f4db62aa52161009e99e389544e25a8f43c8c89d4a445a7ca37
+# Use immutable image tags rather than mutable tags (like ubuntu:24.04)
+FROM ubuntu:noble-20260113@sha256:cd1dba651b3080c3686ecf4e3c4220f026b521fb76978881737d24f200828b2b
 
 # Some tools like yamllint need this
 # Pip needs this as well at the moment to install ansible
@@ -29,7 +29,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
 
 RUN --mount=type=bind,source=requirements.txt,target=requirements.txt \
     --mount=type=cache,sharing=locked,id=pipcache,mode=0777,target=/root/.cache/pip \
-    pip install --no-compile --no-cache-dir -r requirements.txt \
+    pip install --break-system-packages --no-compile --no-cache-dir -r requirements.txt \
     && find /usr -type d -name '*__pycache__' -prune -exec rm -rf {} \;
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]

README.md

@@ -1,3 +1,6 @@
+TEST PR 
+
+
 # Deploy a Production Ready Kubernetes Cluster
 
 ![Kubernetes Logo](https://raw.githubusercontent.com/kubernetes-sigs/kubespray/master/docs/img/kubernetes-logo.png)

pipeline.Dockerfile

@@ -1,5 +1,5 @@
-# Use immutable image tags rather than mutable tags (like ubuntu:22.04)
-FROM ubuntu:jammy-20230308
+# Use immutable image tags rather than mutable tags (like ubuntu:24.04)
+FROM ubuntu:noble-20260113@sha256:cd1dba651b3080c3686ecf4e3c4220f026b521fb76978881737d24f200828b2b
 # Some tools like yamllint need this
 # Pip needs this as well at the moment to install ansible
 # (and potentially other packages)
@@ -27,14 +27,14 @@ RUN apt update -q \
          ca-certificates \
          curl \
          gnupg2 \
-         software-properties-common \
          unzip \
          libvirt-clients \
          qemu-utils \
          qemu-kvm \
          dnsmasq \
-    && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
-    && add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
+        && curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc \
+        && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+            $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | tee /etc/apt/sources.list.d/docker.list \
     && apt update -q \
     && apt install --no-install-recommends -yq docker-ce \
     && apt autoremove -yqq --purge && apt clean && rm -rf /var/lib/apt/lists/* /var/log/*
@@ -44,9 +44,8 @@ ADD ./requirements.txt  /kubespray/requirements.txt
 ADD ./tests/requirements.txt /kubespray/tests/requirements.txt
 
 RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1 \
-    && pip install --no-compile --no-cache-dir pip -U \
-    && pip install --no-compile --no-cache-dir -r tests/requirements.txt \
-    && pip install --no-compile --no-cache-dir -r requirements.txt \
+    && pip install --break-system-packages --ignore-installed --no-compile --no-cache-dir pip -U \
+    && pip install --break-system-packages --no-compile --no-cache-dir -r tests/requirements.txt \
     && curl -L https://dl.k8s.io/release/v1.34.3/bin/linux/$(dpkg --print-architecture)/kubectl -o /usr/local/bin/kubectl \
     && echo $(curl -L https://dl.k8s.io/release/v1.34.3/bin/linux/$(dpkg --print-architecture)/kubectl.sha256) /usr/local/bin/kubectl | sha256sum --check \
     && chmod a+x /usr/local/bin/kubectl \
@@ -56,5 +55,5 @@ RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1 \
     && rm vagrant_${VAGRANT_VERSION}-1_$(dpkg --print-architecture).deb \
     && vagrant plugin install vagrant-libvirt \
     # Install Kubernetes collections
-    && pip install --no-compile --no-cache-dir kubernetes \
+    && pip install --break-system-packages --no-compile --no-cache-dir kubernetes \
     && ansible-galaxy collection install kubernetes.core

requirements.txt

@@ -1,6 +1,6 @@
 ansible==10.7.0
 # Needed for community.crypto module
-cryptography==46.0.3
+cryptography==46.0.4
 # Needed for jinja2 json_query templating
 jmespath==1.1.0
 # Needed for ansible.utils.ipaddr

roles/container-engine/docker/tasks/main.yml

@@ -55,7 +55,7 @@
   register: keyserver_task_result
   until: keyserver_task_result is succeeded
   retries: 4
-  delay: "{{ retry_stagger | d(3) }}"
+  delay: "{{ retry_stagger }}"
   with_items: "{{ docker_repo_key_info.repo_keys }}"
   environment: "{{ proxy_env }}"
   when: ansible_pkg_mgr == 'apt'
@@ -128,7 +128,7 @@
   register: docker_task_result
   until: docker_task_result is succeeded
   retries: 4
-  delay: "{{ retry_stagger | d(3) }}"
+  delay: "{{ retry_stagger }}"
   notify: Restart docker
   when:
     - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]

roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml

@@ -8,3 +8,4 @@ local_path_provisioner_is_default_storageclass: "true"
 local_path_provisioner_debug: false
 local_path_provisioner_helper_image_repo: "busybox"
 local_path_provisioner_helper_image_tag: "latest"
+local_path_provisioner_resources: {}

roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-deployment.yml.j2

@@ -35,6 +35,10 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.namespace
+{% if local_path_provisioner_resources %}
+        resources:
+          {{ local_path_provisioner_resources | to_nice_yaml | indent(10) | trim }}
+{% endif %}
       volumes:
         - name: config-volume
           configMap:

roles/kubernetes/node-taint/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+node_taints: []

roles/kubernetes/node-taint/tasks/main.yml

@@ -14,13 +14,13 @@
 
 - name: Populate inventory node taint
   set_fact:
-    inventory_node_taints: "{{ inventory_node_taints + ['%s' | format(item)] }}"
-  loop: "{{ node_taints | d([]) }}"
+    inventory_node_taints: "{{ inventory_node_taints + node_taints }}"
   when:
     - node_taints is defined
     - node_taints is not string
     - node_taints is not mapping
     - node_taints is iterable
+
 - debug:  # noqa name[missing]
     var: role_node_taints
 - debug:  # noqa name[missing]

roles/validate_inventory/tasks/main.yml

@@ -20,7 +20,7 @@
   when:
     - not ignore_assert_errors
 
-- name: Warn if `kube_network_plugin` is `none
+- name: Warn if `kube_network_plugin` is `none`
   debug:
     msg: |
       "WARNING! => `kube_network_plugin` is set to `none`. The network configuration will be skipped.

scripts/Dockerfile.j2

@@ -1,7 +1,7 @@
 # syntax=docker/dockerfile:1
 
-# Use immutable image tags rather than mutable tags (like ubuntu:22.04)
-FROM ubuntu:22.04@sha256:149d67e29f765f4db62aa52161009e99e389544e25a8f43c8c89d4a445a7ca37
+# Use immutable image tags rather than mutable tags (like ubuntu:24.04)
+FROM ubuntu:noble-20260113@sha256:cd1dba651b3080c3686ecf4e3c4220f026b521fb76978881737d24f200828b2b
 
 # Some tools like yamllint need this
 # Pip needs this as well at the moment to install ansible
@@ -29,7 +29,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
 
 RUN --mount=type=bind,source=requirements.txt,target=requirements.txt \
     --mount=type=cache,sharing=locked,id=pipcache,mode=0777,target=/root/.cache/pip \
-    pip install --no-compile --no-cache-dir -r requirements.txt \
+    pip install --break-system-packages --no-compile --no-cache-dir -r requirements.txt \
     && find /usr -type d -name '*__pycache__' -prune -exec rm -rf {} \;
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]

scripts/component_hash_update/src/component_hash_update/components.py

@@ -116,4 +116,9 @@ infos = {
         "graphql_id": "R_kgDODQ6RZw",
         "binary": True,
     },
+    "prometheus_operator_crds": {
+        "url": "https://github.com/prometheus-operator/prometheus-operator/releases/download/v{version}/stripped-down-crds.yaml",
+        "graphql_id": "R_kgDOBBxPpw",
+        "binary": True,
+    },
 }

scripts/pipeline.Dockerfile.j2

@@ -1,5 +1,5 @@
-# Use immutable image tags rather than mutable tags (like ubuntu:22.04)
-FROM ubuntu:jammy-20230308
+# Use immutable image tags rather than mutable tags (like ubuntu:24.04)
+FROM ubuntu:noble-20260113@sha256:cd1dba651b3080c3686ecf4e3c4220f026b521fb76978881737d24f200828b2b
 # Some tools like yamllint need this
 # Pip needs this as well at the moment to install ansible
 # (and potentially other packages)
@@ -27,14 +27,14 @@ RUN apt update -q \
          ca-certificates \
          curl \
          gnupg2 \
-         software-properties-common \
          unzip \
          libvirt-clients \
          qemu-utils \
          qemu-kvm \
          dnsmasq \
-    && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
-    && add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
+        && curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc \
+        && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+            $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | tee /etc/apt/sources.list.d/docker.list \
     && apt update -q \
     && apt install --no-install-recommends -yq docker-ce \
     && apt autoremove -yqq --purge && apt clean && rm -rf /var/lib/apt/lists/* /var/log/*
@@ -44,9 +44,8 @@ ADD ./requirements.txt  /kubespray/requirements.txt
 ADD ./tests/requirements.txt /kubespray/tests/requirements.txt
 
 RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1 \
-    && pip install --no-compile --no-cache-dir pip -U \
-    && pip install --no-compile --no-cache-dir -r tests/requirements.txt \
-    && pip install --no-compile --no-cache-dir -r requirements.txt \
+    && pip install --break-system-packages --ignore-installed --no-compile --no-cache-dir pip -U \
+    && pip install --break-system-packages --no-compile --no-cache-dir -r tests/requirements.txt \
     && curl -L https://dl.k8s.io/release/v{{ kube_version }}/bin/linux/$(dpkg --print-architecture)/kubectl -o /usr/local/bin/kubectl \
     && echo $(curl -L https://dl.k8s.io/release/v{{ kube_version }}/bin/linux/$(dpkg --print-architecture)/kubectl.sha256) /usr/local/bin/kubectl | sha256sum --check \
     && chmod a+x /usr/local/bin/kubectl \
@@ -56,5 +55,5 @@ RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1 \
     && rm vagrant_${VAGRANT_VERSION}-1_$(dpkg --print-architecture).deb \
     && vagrant plugin install vagrant-libvirt \
     # Install Kubernetes collections
-    && pip install --no-compile --no-cache-dir kubernetes \
+    && pip install --break-system-packages --no-compile --no-cache-dir kubernetes \
     && ansible-galaxy collection install kubernetes.core

tests/scripts/testcases_run.sh

@@ -18,7 +18,7 @@ if [ "${UPGRADE_TEST}" != "false" ]; then
   # Checkout the current tests/ directory ; even when testing old version,
   # we want the up-to-date test setup/provisionning
   git checkout "${CI_COMMIT_SHA}" -- tests/
-  pip install --no-compile --no-cache-dir -r requirements.txt
+  pip install --break-system-packages --no-compile --no-cache-dir -r requirements.txt
 fi
 
 export ANSIBLE_BECOME=true
@@ -58,7 +58,7 @@ fi
 if [ "${UPGRADE_TEST}" != "false" ]; then
   git checkout "${CI_COMMIT_SHA}"
 
-  pip install --no-compile --no-cache-dir -r requirements.txt
+  pip install --break-system-packages --no-compile --no-cache-dir -r requirements.txt
 
   case "${UPGRADE_TEST}" in
     "basic")