From 79900f547c23cdd08c5fcf8298636219d86623f3 Mon Sep 17 00:00:00 2001 From: Sanket Date: Fri, 12 Jun 2026 11:49:36 +0530 Subject: [PATCH] Fix Local Zone subnet validation in cucushift-installer-check-aws-custom-vpc Problem: The validation step cucushift-installer-check-aws-custom-vpc fails for Local Zone configurations because it expects ALL subnets to have the kubernetes.io/cluster/:shared tag, but Local Zone subnets are correctly tagged as kubernetes.io/cluster/unmanaged:true instead. Failed Job: periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-aws-ipi-localzone-byo-subnet-sdn-f60-destructive Error: FAIL: check tag [kubernetes.io/cluster/ci-op-ghrnctn8-00fbe-l6scc:shared], found 6, but expect 7 Root Cause Analysis: The script validates ALL subnets from install-config must have the 'shared' tag (lines 73-74), but doesn't account for Edge/Local Zone subnets that are intentionally tagged as 'unmanaged'. The ENABLE_AWS_EDGE_ZONE parameter exists but is only used for EdgeNode validation later (line 193), after the main tag check has already failed. When the provision chain sets ENABLE_AWS_EDGE_ZONE=yes: - 7 total subnets (6 regular + 1 Local Zone) - 6 subnets have 'shared' tag (correct) - 1 Local Zone subnet has 'unmanaged' tag (correct) - Script expects 7 with 'shared' tag (incorrect) Solution: Updated the tag count logic to exclude subnets tagged as 'unmanaged' when ENABLE_AWS_EDGE_ZONE=yes. This allows Local Zone subnets to be properly excluded from the managed subnet count while still validating that all managed subnets have the required cluster tag. Changes: - Added conditional logic to check ENABLE_AWS_EDGE_ZONE parameter - Count unmanaged subnets when Edge Zone is enabled - Subtract unmanaged count from expected managed subnet count - Added INFO logging for Edge Zone subnet count calculation Testing: /test rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-aws-ipi-localzone-byo-subnet-sdn-f60-destructive Expected output after fix: INFO: Edge Zone enabled - total subnets=7, unmanaged subnets=1, expecting managed subnets=6 PASS: check tag [kubernetes.io/cluster/:shared] --- ...ift-installer-check-aws-custom-vpc-commands.sh | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/ci-operator/step-registry/cucushift/installer/check/aws/custom-vpc/cucushift-installer-check-aws-custom-vpc-commands.sh b/ci-operator/step-registry/cucushift/installer/check/aws/custom-vpc/cucushift-installer-check-aws-custom-vpc-commands.sh index 33ec873fed4e7..d801f791a672f 100755 --- a/ci-operator/step-registry/cucushift/installer/check/aws/custom-vpc/cucushift-installer-check-aws-custom-vpc-commands.sh +++ b/ci-operator/step-registry/cucushift/installer/check/aws/custom-vpc/cucushift-installer-check-aws-custom-vpc-commands.sh @@ -71,9 +71,20 @@ jq --arg k $expect_k --arg v $expect_v -r '[.Subnets[] | select(any(.Tags[]; .Ke echo "--------------------------------" cnt=$(jq --arg k $expect_k --arg v $expect_v -r '[.Subnets[] | select(any(.Tags[]; .Key == $k and .Value == $v))] | length' $out) -expect_cnt=$(echo ${ic_subnets} | wc -w) + +# Calculate expected count based on whether Edge Zones are enabled +if [[ ${ENABLE_AWS_EDGE_ZONE:-no} == "yes" ]]; then + # For Edge Zone scenarios, exclude subnets tagged as 'kubernetes.io/cluster/unmanaged:true' + unmanaged_cnt=$(jq -r '[.Subnets[] | select(any(.Tags[]; .Key == "kubernetes.io/cluster/unmanaged" and .Value == "true"))] | length' $out) + total_subnets=$(echo ${ic_subnets} | wc -w) + expect_cnt=$((total_subnets - unmanaged_cnt)) + echo "INFO: Edge Zone enabled - total subnets=${total_subnets}, unmanaged subnets=${unmanaged_cnt}, expecting managed subnets=${expect_cnt}" +else + expect_cnt=$(echo ${ic_subnets} | wc -w) +fi + if [[ "${cnt}" != "${expect_cnt}" ]]; then - echo "FAIL: check tag $kv_str, found ${cnt}, but expect ${expect_cnt}, please check following subents:" + echo "FAIL: check tag $kv_str, found ${cnt}, but expect ${expect_cnt}, please check following subnets:" jq --arg k $expect_k --arg v $expect_v -r '[.Subnets[] | select(any(.Tags[]; .Key == $k and .Value == $v) | not) | {subnet: .SubnetId, tags: .Tags}]' $out ret=$((ret+1)) else