This document describes the relevant changes between releases of the rosa
command line tool.
-
Adding password argument to create admin
-
Add stop and run instance permissions for support
-
Send rosa cli login event to pendo
-
Generate static assets for STS support permissions
-
Fix linter errors
-
Update to version 4 of JWT library
-
Update to Ginkgo 2
-
Bump go version to 1.16
-
fix etcdEncryption
-
OVN: Add network type selection
-
fixed issue with operator role upgrade
-
fixed upgade' to 'upgrade'
-
fix issue with delete operatorrole/oidcprovider role
-
clean up upgrade command
-
idp: Enable interactive mode when missing required flags
-
add rosa cli version to header
-
Add gate support in rosa cli cluster upgrade
-
Add version gate ackto ROSA
-
updated
-
remove openshift version from operator role name
-
Fix missing vendored module
-
Addsupportforwarningmessage
-
Avoid nil pointer dereference in cluster create
-
Verify chosen machine pool type is available
-
Revert "Verify chosen machine pool type is available"
-
ocp: Add ack gate support
-
ocp: Add cluster flag for list gates
-
ocp: Add word wrapping to list gates output
-
Fix crash when calling link cmd internally
-
Fix call to link cmd
-
Add org external id to ocm role name
-
ROSA: Support editing cluster-wide proxy
-
link: Allow linking multiple role ARNs
-
create-cluster: Allow FIPS mode support
-
ocm-role: Add permission to describe VPCs
-
add org admin validation for ocm-role
-
improve UX in ROSA edit cluster and ROSA delete roles
-
Change rosa init help message
-
fix org admin validation
-
Ignore .envrc (DirEnv)
-
Ignoring environment config
-
add permission for describe region and route tables
-
aws: Remove hard dependency on default region
-
Add pendo eventor account roles manual mode
-
Add --admin option to create ocm-role command
-
Make
--admin
flag idempotent -
added validation for ocm-role
-
Update OWNERS file
-
ROSA: Support cluster-wide proxy during cluster creation
-
Add missing update message for default machine pool
-
Handle minor issues in delete handling
-
clusters: Fix proxy config validations
-
updated pendo event for rosa
-
Clarify
verify permissions
cmd is only for non-STS clusters -
fix minor typo
-
Check for pre-existing operator roles and error if they exist
-
add rosa upgrade account/operator role
-
removed --enable_proxy argument
-
changing cluster proxy attirbutes to pointers
-
aws: Add ROSACLI/version to User-Agent string
-
validate sts roles on sts cluster upgrade
-
fix interactive setting of
mode
option -
SDA-5022 : fix operator role upgrade being blocked by account role upgrade
-
SDA-5017 : improve cluster upgrade manual mode to print operator role commands
-
SDA-5018 : improve cluster upgrade manual flow to prompt user to upgrade roles
-
clean/fix role validation for upgrade
-
Added support for master-iam-role
-
Add ocm user role
-
STS: Create OCM Role
-
added support for operator prefix
-
add interactive mode for link user/ocm role
-
added edit support for UVM
-
Autocomplete cluster names on --cluster flag
-
completion: Add providers for various shells
-
account-roles: Merge compatible policies
-
account-roles: Attach permission policies to roles
-
delete oidc provider and operator roles
-
added account role deletion
-
sts: Group account roles by prefix
-
SDA-4911 : Fix creating operator roles prefix
-
SDA-4916 add validation to sts cluster create mode flag
-
Unhide Spot instances
-
print spot instances when listing machinepools
-
fix sts mode validation
-
Add '--sts' to interactive command output
-
SDA-4912 add retryer to aws client
-
Update delete cluster
-
removed operator roles check from oidcprovider
-
updated
-
create-cluster: Respect disable-uwm flag default
-
add --mode to create command output
-
aws: Fix NPE when fetching AWS statement principals
-
fix issue with delete account roles for older rosa
-
SDA-4744 : Add account role validation on cluster create
-
create-cluster: Do not validate Role ARN on IAM clusters
-
sts: Rename master instance role to control plane
-
Bump OCM SDK
-
Don’t print info logs when redirecting
create account-roles
-
SDA-4773 : Support --mode on create cluster --sts
-
add rosa list account roles
-
hack: Add script to list JIRA tickets addressed on current release
-
add disable workload monitoring to ROSA
-
update user tag regexp to include unicode spaces
-
cluster: Support custom properties
-
Remove ROSA init account command
-
Add StopInstances action to support Hibernation
-
add kmskey for sts
-
RemoveSTSfrominit
-
Bump OCM SDK to v0.1.209
-
aws: Silently ignore AccessDenied errors when validating resources
-
SDA-4829 update getThumbprints to use http package instead of tls
-
policies: Allow compatible policies to create clusters
-
add check and prompt for required true addon parameters
-
create-cluster: Allow setting --output flag
-
idp: Allow empty URL and CA Path in interactive mode
-
create: Return error when request fails
-
permissions-boundary: Fix help and error messages
-
fix broken links
-
create-cluster: Ensure operator roles are unique
-
create-cluster: Replace account role ARNs with account roles prefix
-
create-cluster: Add STS flag
-
create-cluster: Use AWS Tags to find pre-configured account roles
-
create-cluster: Remove account roles prefix flag
-
Add validation to user tags
-
use default version on create account-roles
-
create-cluster: Force AWS PrivateLink for private STS clusters
-
logs: Suppress spinner on non-terminal output
-
hack: Fix query to fetch changelog
-
create-operatorroles: Fix prefix prompt text
-
create-cluster: Validate operator roles prefix
-
Fix validation of spot max price
-
confirm: Add confirmation prompt with default of 'Y'
-
create-cluster: Remove etcd encryption from interactive mode
-
config: Use standard config path for ocm.json
-
events: Track mode for AWS resource creation
-
scp-policy: Remove optional policy checks
-
scp-policy: Update to minimum required SCP
-
Update OWNERS file
-
logs: Exit once done watching logs
-
Add customer managed key for rosa cluster
-
interactive: Provide real-time validators
-
create-accountroles: Use interactive validators
-
create-cluster: Use interactive validators
-
create-idp: Use interactive validators
-
create-machinepool: Use interactive validators
-
create-operatorroles: Use interactive validators
-
Add jhernand to reviewer list
-
Bump OCM SDK version to v0.1.199
-
Bump golang version to 1.15
-
reporter: Determine whether output is meant for terminal
-
interactive: Add validator for CIDRs
-
interactive: Add validators for labels and taints
-
interactive: Ensure regexp validation allows empty values
-
interactive: Add validator for host prefix
-
aws: Allow creating roles with permissions boundary
-
logs-install: Do not redact install log output
-
region: Move flag up a level
-
updated error message
-
confirm: Move to interactive package
-
properties: Move to separate package
-
cluster: Move to ocm package
-
ocm: Move all OCM API wrappers to ocm package
-
ocm: Split resources into files
-
ocm: Refactor OCM client code
-
ocm: Do not expose internal API structure
-
add etcd-encryption flag to buildCommand
-
ocm: Bump SDK version
-
ocm: Bump SDK version
-
aws: Filter clusters by AWS account ID
-
output: Add flag for JSON and YAML output
-
Add region tag for older versions
-
There is no "user" anymore
-
Added hibernation and resume support to rosa cli
-
hack: Add directory with development scripts
-
Update cmd/create/idp/cmd.go
-
output: Ensure that JSON output for empty arrays looks correct
-
reporter: Send WARN output to STDERR
-
aws: Refactor AWS client code
-
init: Replace --delete-stack flag with --delete
-
init: Confirm delete operation
-
create: Add new account-roles resource
-
vendor: Update AWS SDK
-
account-roles: Add tags to AWS resources
-
init: Add 'account' to init command
-
login: Provide a way to externally call command
-
accountroles: Output Role ARN once created
-
Update URLs for upcoming move to console.redhat.com
-
reattempt login in case of sso outage
-
Reduce EBS quota checks
-
create: Add operator-roles command
-
ocm: Find cluster by external ID
-
Report all insufficient quotas
-
create: Add oidc-provider command
-
create-cluster: Update help text for etcd encryption
-
create-cluster: Automatically populate operator IAM roles
-
account-roles: Output sample create cluster command
-
bump ocm-sdk v0.1.197
-
update get addon parameters to use addon-inquiries request
-
Validate operator roles exist
-
verify-permissions: Add user-friendly error
-
aws: Add input validation for role names
-
create-oidcprovider: Fix help text for mode flag
-
create-oidcprovider: Verify if OIDC Provider already exists
-
mode: Error out when using invalid mode
-
account-roles: Ensure that roles and policies can be upgraded
-
Add support for machine pool spot instances
-
Hide spot instance flags
-
list-machinepool: Fix spot instance decimal representation
-
roles: Update trust policy
-
create-cluster: Ensure all role ARNs are required
-
clusters: Ensure blocking pending clusters are non-STS
-
create-operatorroles: Auto-find policies for roles
-
create-operatorroles: Prompt user to create policies
-
account-roles: Add permissions required for PrivateLink
-
Add Priya to reviewers list
-
describe: Display STS configuration
-
versions: Ensure versions with STS support
-
create: Add missing flags to re-create script
-
lint: Remove interfacer linter
-
sts: Ensure operator IAM roles
-
Added quota validation for listing instance types
-
Add option to enable etcd encryption
-
Added SSO Validation
-
Removed default region from CloudFormation stack check
-
verify: Include note about quota limitations
-
Disable IAM user checks for STS
-
Added wait for accountclaims to get ready
-
Fix tests with missing TagUser call
-
Increase golangci timeout to 5 minutes
-
Added new rosa list instance-types api
-
Support STS users (#351)
-
sts: Normalize instace role parameters
-
sts: Expose all flags
-
sts: Ensure interactive mode for STS credentials without role ARN
-
sts: Add support role ARN attribute
-
Allow setting 0 replicas to autoscaling machine pool (Not default)
-
Updated the details link
-
Added custom IAM Roles
-
Remove default region
-
describe: Display description during Pending state
-
Enable PrivateLink on clusters
-
PrivateLink: Hide references to PrivateLink
-
Correctly use the --disable-scp-checks parameter when supplied to init command
-
Add support for STS clusters
-
describe: Output OIDC Endpoint URL if available
-
aws: Enable skip SCP check on init
-
ocm-sdk-go: Bump version
-
init: Track ad-hoc authenticated events
-
addons: Error when editing non-editable parameters
-
describe: Remove instance type
-
logs: Display logs when cluster is in error state
-
errors: Display legal terms URL
-
logs: Filter out misleading output
-
delete: Fix example command
-
describe: Fix command help example
-
aws: Add helpful error message when using STS credentials
-
logs: Redact KUBECONFIG line
-
arguments: Parse help flag when overriding flag parsing
-
revoke: Fix example and help text
-
grant: Remove unnecessary interactive flag
-
addons: When setting CLI params skip unset values
-
upgrade: Display expected format in error
-
addons: Display availability
-
addons: Allow editing of addon parameters
-
addons: Accept numeric parameters as floats
-
upgrade: Display datetime format in error output
-
upgrade: Display upgrade state whenever showing existing upgrades
-
login: Update URL for integration environment
-
addons: Allow installation parameters in CLI
-
ingress: Better message when deleting non-existent ingress
-
versions: Align version list with cluster creation
-
Add missing region flags
-
idp: Allow schema-less hosted domains on Google IDP
-
addons: Disallow editing addons without parameters
-
addons: Disallow editing params of a non-ready addon
-
addons: Use integer for numeric params
-
logs: Report better errors for incompatible installation states
-
machinepools: Display default machine pool as Default
-
clusters: Remove count flag
-
machinepools: Allow editing labels and taints
-
addons: Check existence of addon installation before installing
-
addons: Send empty string when CIDR is nil
-
machinepool: Skip autoscaling prompt when setting replicas
-
machinepool: Error out on invalid min-replica
-
cluster-admin: Format the success message
-
flags: Fix description of cluster flags
-
edit-cluster: Skip interactive mode if any flag is set
-
login: Print link to get new token on expired session
-
flag: Remove unnecessary flags
-
interactive: Remove flag from global create
-
addons: Enforce interactive mode if required params are missing
-
version: Align sort with OCM version list
-
users: Disallow grant and revoke on cluster-admin
-
describe: Add cluster network configuration
-
arguments: Move region and profile flags
-
addon: Validation message should show parameter name
-
describe: Display total worker nodes across all machine pools
-
describe: Fix text capitalization
-
Add region flag to list cmd
-
Rebuild docs on list cluster command
-
addons: Use quota_cost to determine compatibility
-
Remove vendor dir from linter
-
addons: Filter list of addons to those compatible with ROSA
-
addons: Verify compatibility of addons on cluster
-
interactive: Ensure that required inputs are same type as non-required
-
docs: Remove from repo and refer users to official docs
-
docs: Update copyright year for man pages
-
Remove asset build dependency
-
cmd: Fix programmatically-run commands
-
init: Fix empty flavour when validating cluster creation
-
Fix Makefile build command
-
cmd: Use Run instead of PreRun
-
upgrade: Validate node drain grace period
-
upgrades: Fix list of recommendations
-
fix example
-
Align command with auto-generated docs
-
machinepools: Fix doc typos
-
machinepools: Fix default taints in interactive mode
-
upgrade: Ensure interactive mode for schedule
-
upgrade: Display explicit values in grace period help
-
upgrade: Specify UTC for schedule time
-
Trim user-provided machine-friendly names
-
ocm-sdk: Update version
-
addons: Fix parameter defaults in interactive prompt
-
interactive: Output command to rerun cluster creation
-
cluster: Remove suggestion to run init
-
user: Avoid calling API after failed validation
-
google: Only force interactive mode when necessary
-
idp: Validate mapping method input
-
Show success message on write operations
-
args: Clean up argument and flag requirements
-
Cleaning up some leftover obsolete code from autoscaling PR
-
cluster: Add hidden flag to set cluster flavour
-
cluster: Allow the creation of fake clusters
-
cluster: Use correct privacy flag on describe
-
Fix go-bindata command and downgrade go version
-
cluster-admins: Remove explicit enable
-
machines: Sort machine types by CPU cores
-
add multi-az status to describe
-
init: Use explicit login flag checks
-
Require min/max replicas on interactive mode iff existing machinepool autoscaling is disabled
-
addon: Support addon uninstallation form cluster
-
addons: Support add-on installation parameters
-
add openshift version to describe output
-
Adding Orange team members to OWNERS file
-
Update OWNERS
-
aws: Advise user to run init for failed credentials
-
init: Advise user to run init for failed credentials
-
user: Determine if user exists before revoking
-
rosa: Rename repository from moactl to rosa
-
create-cluster: Set default version
-
multi-az: Validate that compute nodes are multiple of 3
-
login: Hide 'env' parameter
-
cluster: Show warnings when user makes cluster private
-
replicas: Fix local validation for worker nodes and machinepool replicas
-
describe-cluster: Display scheduled upgrades
-
login: Add link to retrieve tokens
-
Disable
maligned
linter -
Fix formatting and add generated docs
-
Add autoscaling support
-
addons: Enable all commands
-
addons: Use install command instead of create
-
addons: Allow listing of all available addons
-
create: Ask user before showing subnets
-
Dont ignore subnets from command line args if provided
-
[rosa create cluster] Verify provided subnets for Existing VPC exist in AWS
-
Remove paid AMI flag and finalize ROSA transition
-
add taints to machinepool commands
-
upgrades: Allow scheduling, listing, canceling cluster upgrades
-
Remove API ingress when listing ingress
-
idp: Always use interactive mode on unset required flags
-
Added Confirmation option for default network parameters
-
Update implementation to include the default values in the interactive mode only
-
Enabling Interactive mode if no arguments specified
-
machinepool: Fix interactive mode
-
Add support for existing VPC
-
[rosa create cluster] Return more clear error message when no versions are found.
-
refactor(init): verify permissions for osdccsadmin using ValidateSCP
-
machinepools: Support full CRUD operations for machine pools
-
Added validation for name
-
Added Details Page Link
-
machinepool: Allow managing 'default' machinepool
-
Rotate osdCcsAdmin credentails on creation of each cluster (#118)
-
admin: Rename IDP to Cluster-Admin
-
ingress: Enable interactive mode
-
Red Hat OpenShift Service on AWS
-
Remove shard info from describe cluster
-
roles: Update flow to use grant and revoke
-
Add tags to template, not working
-
Add Check Admin User function, and add tests to verify
-
Added Display Name and Domain name to describe
-
errors: Fall back to full error message
-
cluster: Fail name check before calling API
-
aws: Check region after profile credentials have been validated
-
admin: Advise user to store password securely
-
addressing vkareh review
-
Fix idp name generation
-
Adressing code review items
-
describe-cluster: Display Provision Shard if available
-
openid: Always show help text for claims
-
users: Do not show cluster-admin user
-
ccs: Ensure CCS is enabled before asking to disable SCP checks
-
edit-cluster: Fallback to interactive mode
-
aws: Default to free AMI
-
init: Ensure osdCcsAdmin exists before attempting cluster dry-run
-
github: Provide guidance on using GitHub organizations when creating IdP
-
logs: Show example command for install logs
-
idp-google: Make hosted_domain required unless mapping method is lookup
-
idp: Provide help link for mapping method
-
idp: Allow insecure connections on LDAP IdP
-
idp: Add extra scopes to OpenID IdP
-
ocm: Keep error opIds and codes behind debug flag
-
aws: Allow using AWS_PROFILE env var
-
htpasswd: Add admin resource to login to cluster
-
nodes: Bring the default number of nodes down
-
cluster: Default to using paid AMI
-
cluster: Add flag to disable SCP checks
-
Init test cluster name to less than 15 char
-
idp: Add support for certificate bundles
-
Added New Error Message Implementation
-
Updated OCM SDK version
-
idp: Add support for GitLab
-
create-cluster: Add --dry-run flag
-
init: Simulate cluster creation
-
Makefile: only download go-bindata when not available
-
Move main.go to moactl directory, add make install target
-
Add Provision Type and Reason for error cluster
-
Review Comments
-
Fixed lint and reverted wrong line
-
idp: Warn the user that it will take about 1 minute to add IdP
-
aws: Add support for AWS profiles
-
logs: Improve warnings when cluster is pending
-
Adding validations to cluster create command
-
remove validations from create command
-
aws: Split configuration to ensure early failure
-
README: Update based on output of newer commands
-
Added Detailed Granular Status to match with ocm UI
-
verify-quota: Check for only 100 vCPU
-
verify-oc: Only warn when oc client missing
-
verify-quota: Avoid nil pointer dereferencing
-
versions: Use OpenShift versions that have MOA marketplace images
-
create-cluster: Allow selective override of the paid AMI
-
Correct typos and incorrect commands in README
-
Update README.md
-
versions: Expose channel-group
-
Use OCM SDK to get token expiration
-
reporter: Do not use colors on Windows
-
list-versions: Add command to list enabled versions
-
logs: Add progress indicator when waiting for logs
-
verify-permissions: Do not check ViewBilling policy
-
Add 'Channel Group' attribute to 'moactl describe cluster'
-
tests: Fix expected text comparison
-
Use default region for CloudFormation stack
-
login: Ensure token is required
-
refactor(create): add credential check for osdCcsAdmin when cluster starts to be created
-
Added Timestamp to created date
-
versions: Allow querying for channel-groups
-
AWS Rate limiting: Limit number of retries for API calls
-
Prow: Add OWNERS file and pieces to support prow
-
create-cluster: List regions using user AWS creds
-
list-regions: Add command to list available regions
-
create-cluster: Ensure region is set when creating AWS client
-
logs: Change how SDK logs are propagated
-
verify-oc: Do not error out on invalid version
-
create-cluster: Set compute node defaults based on AZ
-
create-idp: Allow user to specify IdP name
-
addons: Add list and describe commands for add-ons
-
addons: Direct the user to check add-on status after install
-
aws: Return error if using root account
-
improve moactl verify quota error messages
-
Check cloudformation stack exists
-
Add tests for EnsureOsdCcsAdminUser
-
create-cluster: Deprecate --name in favor of --cluster-name
-
describe-cluster: Show AWS account ID used to create cluster
-
fix long line
-
Change from ginkgo to to go test
-
logs: Make command more intuitive
-
logs: Update SDK client
-
logs: Add uninstall logs
-
logs: Add separate install/uninstall logs
-
logs: Update API endpoints
-
interactive: Fix function call from broken dependency
-
addons: Remove global list of add-ons
-
delete-user: Fix confirmation output
-
verify: Add command to verify OpenShift client tools
-
download: Add command to download openshift-client tools
-
create-cluster: Allow user to watch cluster installation logs
-
delete-cluster: Allow user to watch cluster uninstallation logs
-
create-cluster: Describe cluster automatically after creation
-
logs: Detach logs once operation is complete
-
logs: Fix help text
-
addons: Hide addons until it’s feature-complete
-
addons: Confirm add-on installation
-
Added Detailed Error Message for Throttling
-
README: updates from second moa hackday
-
Don’t validate AWS Organization List Policies
-
Validate permissions in the AWS client region
-
Validate only permissions in the OSD SCP policy document
-
README: update adding IDP section
-
docs: link to aws scp doc
-
GitHub IdP: Change label name for Hostname
-
interactive: Display optional marker for non-required fields
-
delete: Confirm operation
-
README: adding a tldr section to quickstart
-
create-idp: Fallback to interactive mode
-
addons: Compare quota correctly to display available add-ons
-
README: updates to the quickstart
-
README: add moactl logs example
-
README: add sentence describing whoami
-
README: add whoami
-
logger: Define CreateLoggerOrExit
-
cmd: Switch to use CreateLoggerOrExit
-
whoami: Use Create[Reporter|Logger]OrExit
-
Add golangci version for CI
-
Custom cluster properties.
-
AWS Region: Allow passing --region to verify and init commands
-
linter: Fix small linter issues
-
interactive: Add interactive flag to create
-
interactive: Add interactive mode to edit cluster
-
interactive: Add interactive flag to create idp
-
create-idp: Add interactive mode to LDAP
-
create-idp: Add interactive mode to OpenID
-
create-idp: Fix linter errors
-
create-idp: Make client-id a non-password field
-
addons: Add list and create commands for add-ons
-
adding quickstart
-
Add support for Windows binary build
-
login: Update token URL
-
errors: Expand error messages
-
linter: Fix unnecessary conversion
-
create-cluster: Track version of moactl used for cluster creation
-
whoami: Prefix output with source API
-
logs: Allow the use of --cluster as identifier
-
cmd: Switch to use CreateReporterOrExit
-
reporter: Define CreateReporterOrExit
-
whoami: Fallback to JWT for account data
-
whoami: Add command to display account information
-
ocm: Get arbitrary token data
-
linter: Add golangci-lint configuration and fix all lint warnings
-
cluster: Allow the use of --cluster as identifier
-
list-user: Check cluster_admin_enabled before listing cluster-admins
-
idp: Fix command help after creating IdP
-
Limit API retires and set minimum throttle delay between reties
Initial pre-release of moactl. Contains the following commands:
-
completion Generates bash completion scripts
-
create Create a resource from stdin
-
delete Delete a specific resource
-
describe Show details of a specific resource
-
edit Edit a specific resource
-
help Help about any command
-
init Applies templates to support Managed OpenShift on AWS clusters
-
list List all resources of a specific type
-
login Log in to your Red Hat account
-
logout Log out
-
logs Show logs of a specific resource
-
verify Verify resources are configured correctly for cluster install
-
version Prints the version of the tool