MCO-1976: [Dev] Fix RHEL9-specific MCD Logic for RHEL10/CentOS10 Compatibility

[dkhater-redhat]

- What I did
Added RHEL10 support to the MCD for SSH key path selection and binary compatibility across RHEL versions.

Changes made:

1. SSH Key Path Selection (pkg/daemon/update.go:2291): Added IsEL10() check to useNewSSHKeyPath() so RHEL10 correctly uses the new SSH key path (/home/core/.ssh/authorized_keys.d/ignition) instead of the legacy path (/home/core/.ssh/authorized_keys).

2. Binary Selection (pkg/daemon/daemon.go:540-548): Extended ReexecuteForTargetRoot() to handle RHEL10 containers managing RHEL8 or RHEL9 hosts by selecting the appropriate binary suffix (.rhel8 or .rhel9).

This addresses items [2] and [4] from the RHEL10 MCD compatibility spike, ensuring the MCD works correctly on RHEL10 and can manage older RHEL versions during dual-stream operations.

- How to verify it
For SSH Key Path (Item 2):

On a RHEL10 cluster:

1. Deploy the updated MCO image
2. Debug into a node and check MCD logs:

   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "ssh"

3. Should see: Writing SSH keys to "/home/core/.ssh/authorized_keys.d/ignition"
4. Should NOT see: Writing SSH keys to "/home/core/.ssh/authorized_keys"
5. Verify SSH keys are written to the correct location:
   oc debug node/
   chroot /host
   ls -la /home/core/.ssh/authorized_keys.d/ignition

For Binary Selection (Item 4):

When RHEL10 container images are available:

1. Deploy RHEL10 MCO container to a cluster with RHEL9 or RHEL8 nodes
2. Check MCD logs during re-execution:
   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "container is rhel10"
3. Should see appropriate log:
   - "container is rhel10, target is rhel9" (for RHEL9 nodes)
   - "container is rhel10, target is rhel8" (for RHEL8 nodes)

Note: Item 4 also requires Dockerfile updates to include compiled .rhel9 binary when building RHEL10 container images. When the MCO team builds RHEL10-based container images, we will be able to see this change.
- Description for the changelog

[openshift-ci-robot]

@dkhater-redhat: This pull request references MCO-1976 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

- What I did
Added RHEL10 support to the MCD for SSH key path selection and binary compatibility across RHEL versions.

Changes made:

1. SSH Key Path Selection (pkg/daemon/update.go:2291): Added IsEL10() check to useNewSSHKeyPath() so
   RHEL10 correctly uses the new SSH key path (/home/core/.ssh/authorized_keys.d/ignition) instead of the legacy
   path (/home/core/.ssh/authorized_keys).

2. Binary Selection (pkg/daemon/daemon.go:540-548): Extended ReexecuteForTargetRoot() to handle RHEL10
   containers managing RHEL8 or RHEL9 hosts by selecting the appropriate binary suffix (.rhel8 or .rhel9).

This addresses items [2] and [4] from the RHEL10 MCD compatibility spike, ensuring the MCD works correctly on
RHEL10 and can manage older RHEL versions during dual-stream operations.
- How to verify it
For SSH Key Path (Item 2):

On a RHEL10 cluster:

1. Deploy the updated MCO image
2. Debug into a node and check MCD logs:

   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "Writing SSH keys"

3. Should see: Writing SSH keys to "/home/core/.ssh/authorized_keys.d/ignition"
4. Should NOT see: Writing SSH keys to "/home/core/.ssh/authorized_keys"
5. Verify SSH keys are written to the correct location:
   oc debug node/
   chroot /host
   ls -la /home/core/.ssh/authorized_keys.d/ignition

For Binary Selection (Item 4):

When RHEL10 container images are available:

1. Deploy RHEL10 MCO container to a cluster with RHEL9 or RHEL8 nodes
2. Check MCD logs during re-execution:
   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "container is rhel10"
3. Should see appropriate log:

• "container is rhel10, target is rhel9" (for RHEL9 nodes)
• "container is rhel10, target is rhel8" (for RHEL8 nodes)

Note: Item 4 also requires Dockerfile updates to include compiled .rhel9 binary when building RHEL10 container
images.
- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dkhater-redhat

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [dkhater-redhat]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@dkhater-redhat: This pull request references MCO-1976 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

- What I did
Added RHEL10 support to the MCD for SSH key path selection and binary compatibility across RHEL versions.

Changes made:

1. SSH Key Path Selection (pkg/daemon/update.go:2291): Added IsEL10() check to useNewSSHKeyPath() so RHEL10 correctly uses the new SSH key path (/home/core/.ssh/authorized_keys.d/ignition) instead of the legacy path (/home/core/.ssh/authorized_keys).

2. Binary Selection (pkg/daemon/daemon.go:540-548): Extended ReexecuteForTargetRoot() to handle RHEL10 containers managing RHEL8 or RHEL9 hosts by selecting the appropriate binary suffix (.rhel8 or .rhel9).

This addresses items [2] and [4] from the RHEL10 MCD compatibility spike, ensuring the MCD works correctly on RHEL10 and can manage older RHEL versions during dual-stream operations.

- How to verify it
For SSH Key Path (Item 2):

On a RHEL10 cluster:

1. Deploy the updated MCO image
2. Debug into a node and check MCD logs:

   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "Writing SSH keys"

3. Should see: Writing SSH keys to "/home/core/.ssh/authorized_keys.d/ignition"
4. Should NOT see: Writing SSH keys to "/home/core/.ssh/authorized_keys"
5. Verify SSH keys are written to the correct location:
   oc debug node/
   chroot /host
   ls -la /home/core/.ssh/authorized_keys.d/ignition

For Binary Selection (Item 4):

When RHEL10 container images are available:

1. Deploy RHEL10 MCO container to a cluster with RHEL9 or RHEL8 nodes
2. Check MCD logs during re-execution:
   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "container is rhel10"
3. Should see appropriate log:

• "container is rhel10, target is rhel9" (for RHEL9 nodes)
• "container is rhel10, target is rhel8" (for RHEL8 nodes)

Note: Item 4 also requires Dockerfile updates to include compiled .rhel9 binary when building RHEL10 container
images.
- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@dkhater-redhat: This pull request references MCO-1976 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

- What I did
Added RHEL10 support to the MCD for SSH key path selection and binary compatibility across RHEL versions.

Changes made:

1. SSH Key Path Selection (pkg/daemon/update.go:2291): Added IsEL10() check to useNewSSHKeyPath() so RHEL10 correctly uses the new SSH key path (/home/core/.ssh/authorized_keys.d/ignition) instead of the legacy path (/home/core/.ssh/authorized_keys).

2. Binary Selection (pkg/daemon/daemon.go:540-548): Extended ReexecuteForTargetRoot() to handle RHEL10 containers managing RHEL8 or RHEL9 hosts by selecting the appropriate binary suffix (.rhel8 or .rhel9).

This addresses items [2] and [4] from the RHEL10 MCD compatibility spike, ensuring the MCD works correctly on RHEL10 and can manage older RHEL versions during dual-stream operations.

- How to verify it
For SSH Key Path (Item 2):

On a RHEL10 cluster:

1. Deploy the updated MCO image
2. Debug into a node and check MCD logs:

   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "ssh"

3. Should see: Writing SSH keys to "/home/core/.ssh/authorized_keys.d/ignition"
4. Should NOT see: Writing SSH keys to "/home/core/.ssh/authorized_keys"
5. Verify SSH keys are written to the correct location:
   oc debug node/
   chroot /host
   ls -la /home/core/.ssh/authorized_keys.d/ignition

For Binary Selection (Item 4):

When RHEL10 container images are available:

1. Deploy RHEL10 MCO container to a cluster with RHEL9 or RHEL8 nodes
2. Check MCD logs during re-execution:
   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "container is rhel10"
3. Should see appropriate log:

• "container is rhel10, target is rhel9" (for RHEL9 nodes)
• "container is rhel10, target is rhel8" (for RHEL8 nodes)

Note: Item 4 also requires Dockerfile updates to include compiled .rhel9 binary when building RHEL10 container
images.
- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@dkhater-redhat: This pull request references MCO-1976 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

- What I did
Added RHEL10 support to the MCD for SSH key path selection and binary compatibility across RHEL versions.

Changes made:

1. SSH Key Path Selection (pkg/daemon/update.go:2291): Added IsEL10() check to useNewSSHKeyPath() so RHEL10 correctly uses the new SSH key path (/home/core/.ssh/authorized_keys.d/ignition) instead of the legacy path (/home/core/.ssh/authorized_keys).

2. Binary Selection (pkg/daemon/daemon.go:540-548): Extended ReexecuteForTargetRoot() to handle RHEL10 containers managing RHEL8 or RHEL9 hosts by selecting the appropriate binary suffix (.rhel8 or .rhel9).

This addresses items [2] and [4] from the RHEL10 MCD compatibility spike, ensuring the MCD works correctly on RHEL10 and can manage older RHEL versions during dual-stream operations.

- How to verify it
For SSH Key Path (Item 2):

On a RHEL10 cluster:

1. Deploy the updated MCO image
2. Debug into a node and check MCD logs:

   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "ssh"

3. Should see: Writing SSH keys to "/home/core/.ssh/authorized_keys.d/ignition"
4. Should NOT see: Writing SSH keys to "/home/core/.ssh/authorized_keys"
5. Verify SSH keys are written to the correct location:
   oc debug node/
   chroot /host
   ls -la /home/core/.ssh/authorized_keys.d/ignition

For Binary Selection (Item 4):

When RHEL10 container images are available:

1. Deploy RHEL10 MCO container to a cluster with RHEL9 or RHEL8 nodes
2. Check MCD logs during re-execution:
   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "container is rhel10"
3. Should see appropriate log:

• "container is rhel10, target is rhel9" (for RHEL9 nodes)
• "container is rhel10, target is rhel8" (for RHEL8 nodes)

Note: Item 4 also requires Dockerfile updates to include compiled .rhel9 binary when building RHEL10 container. When the MCO team builds RHEL10-based container images, we will be able to see this change.
images.
- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@dkhater-redhat: This pull request references MCO-1976 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

- What I did
Added RHEL10 support to the MCD for SSH key path selection and binary compatibility across RHEL versions.

Changes made:

1. SSH Key Path Selection (pkg/daemon/update.go:2291): Added IsEL10() check to useNewSSHKeyPath() so RHEL10 correctly uses the new SSH key path (/home/core/.ssh/authorized_keys.d/ignition) instead of the legacy path (/home/core/.ssh/authorized_keys).

2. Binary Selection (pkg/daemon/daemon.go:540-548): Extended ReexecuteForTargetRoot() to handle RHEL10 containers managing RHEL8 or RHEL9 hosts by selecting the appropriate binary suffix (.rhel8 or .rhel9).

This addresses items [2] and [4] from the RHEL10 MCD compatibility spike, ensuring the MCD works correctly on RHEL10 and can manage older RHEL versions during dual-stream operations.

- How to verify it
For SSH Key Path (Item 2):

On a RHEL10 cluster:

1. Deploy the updated MCO image
2. Debug into a node and check MCD logs:

   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "ssh"

3. Should see: Writing SSH keys to "/home/core/.ssh/authorized_keys.d/ignition"
4. Should NOT see: Writing SSH keys to "/home/core/.ssh/authorized_keys"
5. Verify SSH keys are written to the correct location:
   oc debug node/
   chroot /host
   ls -la /home/core/.ssh/authorized_keys.d/ignition

For Binary Selection (Item 4):

When RHEL10 container images are available:

1. Deploy RHEL10 MCO container to a cluster with RHEL9 or RHEL8 nodes
2. Check MCD logs during re-execution:
   oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-daemon | grep "container is rhel10"
3. Should see appropriate log:

• "container is rhel10, target is rhel9" (for RHEL9 nodes)
• "container is rhel10, target is rhel8" (for RHEL8 nodes)

Note: Item 4 also requires Dockerfile updates to include compiled .rhel9 binary when building RHEL10 container images. When the MCO team builds RHEL10-based container images, we will be able to see this change.
- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[dkhater-redhat]

/jira refresh

[openshift-ci-robot]

@dkhater-redhat: This pull request references MCO-1976 which is a valid jira issue.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@dkhater-redhat: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/bootstrap-unit	2cabd9c	link	false	/test bootstrap-unit
ci/prow/e2e-aws-ovn-upgrade	2cabd9c	link	true	/test e2e-aws-ovn-upgrade
ci/prow/e2e-aws-ovn	2cabd9c	link	true	/test e2e-aws-ovn
ci/prow/e2e-hypershift	2cabd9c	link	true	/test e2e-hypershift

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.