Skip to content

Add support for RHCOS4 nodes based on RHEL8 #14301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
xiaojiey wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add support for RHCOS4 nodes based on RHEL8 #14301

xiaojiey wants to merge 1 commit into from
+39 −1

Conversation

@xiaojiey
Copy link
Collaborator

@xiaojiey xiaojiey commented Jan 14, 2026
edited
Loading

Description:

  1. Add support for RHCOS4 nodes based on RHEL8
  2. Update the regex patterns to make the quotes optional for REAL_VERSION

Rationale:

For clusters based on different platforms, you can see the quotes is optional

$ oc debug node/xiyun414updateovn-011-dhgjp-master-0 -- chroot /host cat /etc/os-release
Starting pod/xiyun414updateovn-011-dhgjp-master-0-debug ...
To use host binaries, run `chroot /host`
NAME="Red Hat Enterprise Linux CoreOS"
ID="rhcos"
ID_LIKE="rhel fedora"
VERSION="414.92.202511122212-0"
VERSION_ID="4.14"
VARIANT="CoreOS"
VARIANT_ID=coreos
PLATFORM_ID="platform:el9"
PRETTY_NAME="Red Hat Enterprise Linux CoreOS 414.92.202511122212-0 (Plow)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:9::coreos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://docs.openshift.com/container-platform/4.14/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="OpenShift Container Platform"
REDHAT_BUGZILLA_PRODUCT_VERSION="4.14"
REDHAT_SUPPORT_PRODUCT="OpenShift Container Platform"
REDHAT_SUPPORT_PRODUCT_VERSION="4.14"
OPENSHIFT_VERSION="4.14"
RHEL_VERSION="9.2"
OSTREE_VERSION="414.92.202511122212-0"

Removing debug pod ...
$ oc debug node/ip-10-0-50-231.us-east-2.compute.internal -- chroot /host cat /etc/os-release
Starting pod/ip-10-0-50-231us-east-2computeinternal-debug ...
To use host binaries, run `chroot /host`
NAME="Red Hat Enterprise Linux CoreOS"
ID="rhcos"
ID_LIKE="rhel fedora"
VERSION="417.94.202601080818-0"
VERSION_ID="4.17"
VARIANT="CoreOS"
VARIANT_ID=coreos
PLATFORM_ID="platform:el9"
PRETTY_NAME="Red Hat Enterprise Linux CoreOS 417.94.202601080818-0"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:9::baseos::coreos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://docs.okd.io/latest/welcome/index.html"
BUG_REPORT_URL="https://access.redhat.com/labs/rhir/"
REDHAT_BUGZILLA_PRODUCT="OpenShift Container Platform"
REDHAT_BUGZILLA_PRODUCT_VERSION="4.17"
REDHAT_SUPPORT_PRODUCT="OpenShift Container Platform"
REDHAT_SUPPORT_PRODUCT_VERSION="4.17"
OPENSHIFT_VERSION="4.17"
RHEL_VERSION=9.4
OSTREE_VERSION="417.94.202601080818-0"

Removing debug pod ...

Review Hints:

@github-actions
Copy link

github-actions bot commented Jan 14, 2026
edited
Loading

ATEX Test Results

Test artifacts have been submitted to Testing Farm.

Results: View Test Results
Workflow Run: View Workflow Details

This comment was automatically generated by the ATEX workflow.

@xiaojiey
Add support for RHCOS4 nodes based on RHEL8
d972290 
Update the regex patterns to make the quotes optional
@xiaojiey xiaojiey mentioned this pull request Jan 14, 2026
Merged
@xiaojiey
Copy link
Collaborator Author

xiaojiey commented Jan 14, 2026
edited
Loading

With this PR, the scan with rhcos4 profiles won't return NOT-APPLICABLE:

$ oc get clusterversion
NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.12.0-0.nightly-2026-01-13-171406   True        False         3h39m   Cluster version is 4.12.0-0.nightly-2026-01-13-171406
$ oc debug node/ip-10-0-132-193.us-east-2.compute.internal -- chroot /host cat /etc/os-release
...
Starting pod/ip-10-0-132-193us-east-2computeinternal-debug ...
To use host binaries, run `chroot /host`
NAME="Red Hat Enterprise Linux CoreOS"
ID="rhcos"
ID_LIKE="rhel fedora"
VERSION="412.86.202601081314-0"
VERSION_ID="4.12"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux CoreOS 412.86.202601081314-0 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8::coreos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://docs.openshift.com/container-platform/4.12/"
BUG_REPORT_URL="https://access.redhat.com/labs/rhir/"
REDHAT_BUGZILLA_PRODUCT="OpenShift Container Platform"
REDHAT_BUGZILLA_PRODUCT_VERSION="4.12"
REDHAT_SUPPORT_PRODUCT="OpenShift Container Platform"
REDHAT_SUPPORT_PRODUCT_VERSION="4.12"
OPENSHIFT_VERSION="4.12"
RHEL_VERSION="8.6"
OSTREE_VERSION="412.86.202601081314-0"

Removing debug pod ...
$ oc get scan -n openshift-compliance
upstream-rhcos4-moderate-master      DONE    NON-COMPLIANT
upstream-rhcos4-moderate-worker      DONE    NON-COMPLIANT

Also test with a rhel9 based 4.14 cluster, the scan will return the same result.

@jan-cerny jan-cerny added the OpenShift OpenShift product related. label Jan 14, 2026
Vincent056
Vincent056 reviewed Jan 14, 2026
View reviewed changes
shared/checks/oval/installed_OS_is_rhcos4.xml
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_rhcos4_rhel8_rhel_version" version="1">
<ind:subexpression operation="pattern match">^8\.</ind:subexpression>
Copy link
Contributor

@Vincent056 Vincent056 Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we need to capture the value if it is just an 8, but we can fix it in another PR

Copy link
Member

@yuumasato yuumasato Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically we don't need it, however think it is a good pattern to have an object and state.
We can understand better if a fail is because the line doesn't exist or has wrong value.

And actually, a future optimization would be to unify obj_rhcos4_rhel8_rhel_version and obj_rhcos4_rhel9_rhel_version, since they collect the same line on the same file.

Vincent056
Vincent056 approved these changes Jan 14, 2026
View reviewed changes
Copy link
Contributor

@Vincent056 Vincent056 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

yuumasato
yuumasato approved these changes Jan 14, 2026
View reviewed changes
Copy link
Member

@yuumasato yuumasato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

shared/checks/oval/installed_OS_is_rhcos4.xml
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_rhcos4_rhel8_rhel_version" version="1">
<ind:subexpression operation="pattern match">^8\.</ind:subexpression>
Copy link
Member

@yuumasato yuumasato Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically we don't need it, however think it is a good pattern to have an object and state.
We can understand better if a fail is because the line doesn't exist or has wrong value.

And actually, a future optimization would be to unify obj_rhcos4_rhel8_rhel_version and obj_rhcos4_rhel9_rhel_version, since they collect the same line on the same file.

@yuumasato yuumasato self-assigned this Jan 14, 2026
@yuumasato yuumasato added the CoreOS CoreOS product related. label Jan 14, 2026
@yuumasato yuumasato added this to the 0.1.80 milestone Jan 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yuumasato yuumasato yuumasato approved these changes

@Vincent056 Vincent056 Vincent056 approved these changes

Assignees

@yuumasato yuumasato

Labels

CoreOS CoreOS product related. OpenShift OpenShift product related.

Projects

None yet

Milestone

0.1.80

Development

Successfully merging this pull request may close these issues.

4 participants

@xiaojiey @yuumasato @Vincent056 @jan-cerny