airship-core type and reference site manifest update for 2.1 release

Update the airshipctl version pin and fixes in the reference type and site manifests to keep up to date with the airshipctl changes in version 2.1. Change-Id: I19c1cf874f33eeccba5b0fbc74404dd5d462f55d
2021-11-08 20:54:23 +00:00 · 2021-11-08 20:54:23 +00:00 · be4d17a36e
commit be4d17a36e
parent 5afbb354d5
42 changed files with 133 additions and 67 deletions
--- a/manifests/composite/initinfra/kustomization.yaml
+++ b/manifests/composite/initinfra/kustomization.yaml
@ -1,5 +1,6 @@
 resources:
-  - ../../../../airshipctl/manifests/function/baremetal-operator/
+  - ../../../../airshipctl/manifests/function/baremetal-operator/v0.5.0
  - ../../function/clusterctl
+  - ../../../../airshipctl/manifests/function/ironic-deployment/v0.5.0
 commonLabels:
  airshipit.org/stage: initinfra
--- a/manifests/composite/initinfra/replacements/kustomization.yaml
+++ b/manifests/composite/initinfra/replacements/kustomization.yaml
@ -1,3 +1,4 @@
 resources:
-  - ../../../../../airshipctl/manifests/function/baremetal-operator/replacements
+  - ../../../../../airshipctl/manifests/function/baremetal-operator/v0.5.0/replacements
  - ../../../function/clusterctl/replacements
+  - ../../../../../airshipctl/manifests/function/ironic-deployment/v0.5.0/replacements
--- a/manifests/function/hostconfig-operator/kustomization.yaml
+++ b/manifests/function/hostconfig-operator/kustomization.yaml
@ -3,6 +3,8 @@ kind: Kustomization
 resources:
  #- hostconfigs_crd.yaml
  - hostconfig.airshipit.org_hostconfigs_crd.yaml
+  - namespace.yaml
  - rbac
  - deployment.yaml
  - ssh-key.yaml
+namespace: host-config-operator
--- a/manifests/function/hostconfig-operator/namespace.yaml
+++ b/manifests/function/hostconfig-operator/namespace.yaml
@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: host-config-operator
--- a/manifests/function/hostconfig-operator/replacements/ssh-key-replacement.yaml
+++ b/manifests/function/hostconfig-operator/replacements/ssh-key-replacement.yaml
@ -11,8 +11,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.sshKeys.privateKey}"
+      name: combined-target-secrets
+    fieldref: ".secretGroups.[name=targetSshSecrets].values.[name=privateKey].data"
  target:
    objref:
      kind: Secret
--- a/manifests/function/k8scontrol-ha/kustomization.yaml
+++ b/manifests/function/k8scontrol-ha/kustomization.yaml
@ -4,12 +4,12 @@ kind: Kustomization
 namespace: target-infra

 resources:
-  - ../k8scontrol-oidc
+  - ../../../../airshipctl/manifests/function/k8scontrol

 patches:
  - target:
      group: controlplane.cluster.x-k8s.io
-      version: v1alpha3
+      version: v1alpha4
      kind: KubeadmControlPlane
    path:  vrrp_keepalived_patch.yaml

--- a/manifests/function/k8scontrol-ha/replacements/kustomization.yaml
+++ b/manifests/function/k8scontrol-ha/replacements/kustomization.yaml
@ -1,3 +1,3 @@
 resources:
-  - ../../k8scontrol-oidc/replacements
+  - ../../../../../airshipctl/manifests/function/k8scontrol/replacements
  - networking-ha.yaml
--- a/manifests/function/k8scontrol-oidc/kustomization.yaml
+++ b/manifests/function/k8scontrol-oidc/kustomization.yaml
@ -8,12 +8,12 @@ resources:
 patches:
  - target:
      group: controlplane.cluster.x-k8s.io
-      version: v1alpha3
+      version: v1alpha4
      kind: KubeadmControlPlane
    path: oidc-apiserver-ca-cert.json
  - target:
      group: controlplane.cluster.x-k8s.io
-      version: v1alpha3
+      version: v1alpha4
      kind: KubeadmControlPlane
    path: oidc-apiserver-extra-args.yaml

--- a/manifests/function/k8scontrol-oidc/oidc-apiserver-extra-args.yaml
+++ b/manifests/function/k8scontrol-oidc/oidc-apiserver-extra-args.yaml
@ -1,4 +1,4 @@
-apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
+apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
 kind: KubeadmControlPlane
 metadata:
  name: cluster-controlplane
--- a/manifests/function/k8scontrol-vm-infra/kustomization.yaml
+++ b/manifests/function/k8scontrol-vm-infra/kustomization.yaml
@ -7,7 +7,7 @@ resources:
 patchesJson6902:
 - target:
    group: controlplane.cluster.x-k8s.io
-    version: v1alpha3
+    version: v1alpha4
    kind: KubeadmControlPlane
    name: cluster-controlplane
  path:  iptables-setup.yaml
--- a/manifests/function/treasuremap-cleanup/kustomization.yaml
+++ b/manifests/function/treasuremap-cleanup/kustomization.yaml
@ -1,3 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
 resources:
  - ../../../../airshipctl/manifests/function/airshipctl-cleanup/
  # place here more treasuremap specific catalogue kinds
--- a/manifests/function/workers-vm-infra/kustomization.yaml
+++ b/manifests/function/workers-vm-infra/kustomization.yaml
@ -7,7 +7,7 @@ resources:
 patchesJson6902:
 - target:
    group: bootstrap.cluster.x-k8s.io
-    version: v1alpha3
+    version: v1alpha4
    kind: KubeadmConfigTemplate
    name: worker-1
  path: iptables-setup.yaml
--- a/manifests/site/reference-airship-core/encrypted/encryption-keys/kustomization.yaml
+++ b/manifests/site/reference-airship-core/encrypted/encryption-keys/kustomization.yaml
@ -0,0 +1,3 @@
+resources:
+  - ../../ephemeral/catalogues/public-keys/
+  - ../../target/catalogues/public-keys/
--- a/manifests/site/reference-airship-core/encrypted/get/kustomization.yaml
+++ b/manifests/site/reference-airship-core/encrypted/get/kustomization.yaml
@ -0,0 +1,3 @@
+resources:
+  - ../../ephemeral/catalogues/encrypted
+  - ../../target/catalogues/encrypted
--- a/manifests/site/reference-airship-core/encrypted/update/kustomization.yaml
+++ b/manifests/site/reference-airship-core/encrypted/update/kustomization.yaml
@ -0,0 +1,12 @@
+resources:
+  - ../get/
+  - ../encryption-keys/
+  - secrets.yaml
+  - ../../../../../../airshipctl/manifests/function/templater-helpers/secret-generator/ # libs needed for generator
+transformers:
+  - ../../../../type/airship-core/shared/update-secrets/
+  - ../../../../../../airshipctl/manifests/function/templater-helpers/cleanup/ # remove libs after using in all generators
+  - ../../../../type/airship-core/shared/update-secrets/fileplacement # update paths for imports
+  - ../../../../type/airship-core/shared/encrypt-secrets
+  - ../../../../type/airship-core/shared/encrypt-secrets/cleanup
+
--- a/manifests/site/reference-airship-core/encrypted/update/secrets.yaml
+++ b/manifests/site/reference-airship-core/encrypted/update/secrets.yaml
@ -0,0 +1,15 @@
+apiVersion: airshipit.org/v1alpha1
+kind: VariableCatalogue
+metadata:
+  labels:
+    airshipit.org/deploy-k8s: 'false'
+  name: combined-ephemeral-secrets-import
+secretGroups: []
+---
+apiVersion: airshipit.org/v1alpha1
+kind: VariableCatalogue
+metadata:
+  labels:
+    airshipit.org/deploy-k8s: 'false'
+  name: combined-target-secrets-import
+secretGroups: []
--- a/manifests/site/reference-airship-core/ephemeral/bootstrap/baremetalhost.yaml
+++ b/manifests/site/reference-airship-core/ephemeral/bootstrap/baremetalhost.yaml
@ -23,6 +23,7 @@ status:
    ID: ""
  operationHistory: {}
  errorMessage: ""
-  hardwareProfile: ""
+  hardwareProfile: "default"
  operationalStatus: ""
  poweredOn: false
+  errorCount: 0
--- a/manifests/site/reference-airship-core/ephemeral/catalogues/shareable/networking.yaml
+++ b/manifests/site/reference-airship-core/ephemeral/catalogues/shareable/networking.yaml
@ -2,7 +2,6 @@
 # ephemeral cluster, on top of the target cluster networking definition.
 # These values can be overridden at the site, type, etc levels as appropriate.

-## NEWSITE_CHANGEME: update file with ephemeral node ips
 apiVersion: airshipit.org/v1alpha1
 kind: NetworkCatalogue
 metadata:
@ -19,12 +18,6 @@ spec:
    apiserverCertSANs: "[172.64.0.12, 172.63.0.12]"
  ironic:
    # NEWSITE_CHANGEME: Ephemeral node PXE network
-    deployKernelUrl: http://172.63.0.12:80/images/ipa-ubuntu-master.kernel
-    deployRamdiskUrl: http://172.63.0.12:80/images/ipa-ubuntu-master.initramfs
-    httpPort: 6180
-    ironicFastTrack: "false"
-    ironicEndpoint: http://172.63.0.12:6385/v1/
-    ironicInspectorEndpoint: http://172.63.0.12:5050/v1/
    provisioningInterface: "eno4"
    provisioningIp: "172.63.0.12"
    dhcpRange: "172.63.0.31,172.63.0.126"
--- a/manifests/site/reference-airship-core/kubeconfig/kustomization.yaml
+++ b/manifests/site/reference-airship-core/kubeconfig/kustomization.yaml
@ -1,6 +1,7 @@
 resources:
  - kubeconfig.yaml
-  - ../target/catalogues
+  - ../target/catalogues/encrypted
+  - ../ephemeral/catalogues/encrypted

 transformers:
  - update-target.yaml
--- a/manifests/site/reference-airship-core/kubeconfig/update-target.yaml
+++ b/manifests/site/reference-airship-core/kubeconfig/update-target.yaml
@ -10,8 +10,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.targetKubeconfig.certificate-authority-data}"
+      name: combined-target-secrets
+    fieldref: ".secretGroups.[name=targetK8sSecrets].values.[name=caCrt].data"
  target:
    objref:
      kind: KubeConfig
@ -20,8 +20,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.targetKubeconfig.client-certificate-data}"
+      name: combined-target-secrets
+    fieldref: ".secretGroups.[name=targetK8sSecrets].values.[name=crt].data"
  target:
    objref:
      kind: KubeConfig
@ -30,8 +30,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.targetKubeconfig.client-key-data}"
+      name: combined-target-secrets
+    fieldref: ".secretGroups.[name=targetK8sSecrets].values.[name=key].data"
  target:
    objref:
      kind: KubeConfig
@ -40,8 +40,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.ephemeralKubeconfig.certificate-authority-data}"
+      name: combined-ephemeral-secrets
+    fieldref: ".secretGroups.[name=ephemeralK8sSecrets].values.[name=caCrt].data"
  target:
    objref:
      kind: KubeConfig
@ -50,8 +50,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.ephemeralKubeconfig.client-certificate-data}"
+      name: combined-ephemeral-secrets
+    fieldref: ".secretGroups.[name=ephemeralK8sSecrets].values.[name=crt].data"
  target:
    objref:
      kind: KubeConfig
@ -60,8 +60,8 @@ replacements:
 - source:
    objref:
      kind: VariableCatalogue
-      name: generated-secrets
-    fieldref: "{.ephemeralKubeconfig.client-key-data}"
+      name: combined-ephemeral-secrets
+    fieldref: ".secretGroups.[name=ephemeralK8sSecrets].values.[name=key].data"
  target:
    objref:
      kind: KubeConfig
--- a/manifests/site/reference-airship-core/phases/baremetal-plan.yaml
+++ b/manifests/site/reference-airship-core/phases/baremetal-plan.yaml
@ -1,7 +1,7 @@
 apiVersion: airshipit.org/v1alpha1
 kind: PhasePlan
 metadata:
-  name: deploy-baremetal
+  name: deploy-gating
 description: "Phase plan for airship-core deployment on bare metals"
 phases:
  # Deploy ephemeral node using redfish with iso
@ -99,11 +99,13 @@ phases:
  # To get ConfigMap for this phase, execute `airshipctl phase render --source config -k ConfigMap`
  # and find ConfigMap with name kubectl-wait-cluster
  - name: kubectl-wait-cluster-target
+  # Eject virtual media Ephemeral baremetal host to ensure it can reused.
+  - name: eject-virtual-media-ephemeral
  # Power off Ephemeral baremetal host avoid DHCP conflict
  - name: power-off-ephemeral
  # (TODO) Need to add manifests for controlplane-target phase
  # Create target k8s cluster resources
-  # - name: controlplane-target
+  - name: controlplane-target
  # List all nodes in target cluster
  # Scripts for this phase placed in manifests/function/phase-helpers/get_node/
  # To get ConfigMap for this phase, execute `airshipctl phase render --source config -k ConfigMap`
--- a/manifests/site/reference-airship-core/phases/kustomization.yaml
+++ b/manifests/site/reference-airship-core/phases/kustomization.yaml
@ -9,4 +9,5 @@ transformers:

 ## TODO Consider making a catalogue combined with variable substitution instead
 patchesStrategicMerge:
+  - baremetal-plan.yaml
  - phase-patch.yaml
--- a/manifests/site/reference-airship-core/phases/phase-patch.yaml
+++ b/manifests/site/reference-airship-core/phases/phase-patch.yaml
@ -10,3 +10,12 @@ spec:
    remoteDirect:
      ## NEWSITE_CHANGEME: URL to the ephemeral node iso 
      isoURL: http://10.254.195.209/ephemeral.iso
+---
+apiVersion: airshipit.org/v1alpha1
+kind: BaremetalManager
+metadata:
+  name: PowerOffEphemeral
+spec:
+  hostSelector:
+    ## NEWSITE_CHANGEME: ephemeral node
+    name: stl3r01s02
--- a/manifests/site/reference-airship-core/target/catalogues/shareable/hosts.yaml
+++ b/manifests/site/reference-airship-core/target/catalogues/shareable/hosts.yaml
@ -1,7 +1,6 @@
 # Site-level host catalogue.  This info feeds the Templater
 # kustomize plugin config in the hostgenerator-m3 function.

-## NEWSITE_CHANGEME: update the whole file with the site specific host details
 apiVersion: airshipit.org/v1alpha1
 kind: VariableCatalogue
 metadata:
@ -19,6 +18,8 @@ hosts:
      bmcUsername: root
      bmcPassword: WWTwwt1!
      disableCertificateVerification: true
+      macAddresses:
+        pxe: E4:43:4B:EE:F4:CB
      ipAddresses:
        oam-ipv4: 10.254.125.230
        pxe-ipv4: 172.63.0.11
@ -32,6 +33,8 @@ hosts:
      bmcUsername: root
      bmcPassword: WWTwwt1!
      disableCertificateVerification: true
+      macAddresses:
+        pxe: E4:43:4B:EE:B0:43
      ipAddresses:
        oam-ipv4: 10.254.125.231
        pxe-ipv4: 172.63.0.12
@ -46,6 +49,8 @@ hosts:
      bmcUsername: root
      bmcPassword: WWTwwt1!
      disableCertificateVerification: true
+      macAddresses:
+        pxe: E4:43:4B:EE:D7:D9
      ipAddresses:
        oam-ipv4: 10.254.125.232
        pxe-ipv4: 172.63.0.13
@ -60,6 +65,8 @@ hosts:
      bmcUsername: root
      bmcPassword: WWTwwt1!
      disableCertificateVerification: true
+      macAddresses:
+        pxe: E4:43:4B:EE:DD:0F
      ipAddresses:
        oam-ipv4: 10.254.125.233
        pxe-ipv4: 172.63.0.14
@ -74,6 +81,8 @@ hosts:
      bmcUsername: root
      bmcPassword: WWTwwt1!
      disableCertificateVerification: true
+      macAddresses:
+        pxe: E4:43:4B:EE:D7:2F
      ipAddresses:
        oam-ipv4: 10.254.125.234
        pxe-ipv4: 172.63.0.15
@ -88,6 +97,8 @@ hosts:
      bmcUsername: root
      bmcPassword: WWTwwt1!
      disableCertificateVerification: true
+      macAddresses:
+        pxe: E4:43:4B:EE:F3:B7
      ipAddresses:
        oam-ipv4: 10.254.125.235
        pxe-ipv4: 172.63.0.16
--- a/manifests/site/reference-airship-core/target/catalogues/shareable/networking-ha.yaml
+++ b/manifests/site/reference-airship-core/target/catalogues/shareable/networking-ha.yaml
@ -1,7 +1,6 @@
 # This catalogue alone needs to be overriden at site level based on the
 # networkign requirement like HA

-## NEWSITE_CHANGEME: Update the file with the vrrp ips
 apiVersion: airshipit.org/v1alpha1
 kind: VariableCatalogue
 metadata:
--- a/manifests/site/reference-airship-core/target/catalogues/shareable/versions-airshipctl.yaml
+++ b/manifests/site/reference-airship-core/target/catalogues/shareable/versions-airshipctl.yaml
@ -1,6 +1,5 @@
 # Override default controlplane image location

-## NEWSITE_CHANGEME: update the file with the ephemeral node pxe ip
 apiVersion: airshipit.org/v1alpha1
 kind: VersionsCatalogue
 metadata:
--- a/manifests/site/reference-airship-core/target/controlplane/kustomization.yaml
+++ b/manifests/site/reference-airship-core/target/controlplane/kustomization.yaml
@ -7,8 +7,10 @@ resources:
  - ../catalogues
  - metal3machinetemplate.yaml

+namespace: target-infra
+
 patchesStrategicMerge:
-        #- versions-catalogue-patch.yaml
+  - versions-catalogue-patch.yaml
  - patch_controlplane.yaml

 transformers:
--- a/manifests/site/reference-airship-core/target/controlplane/patch_controlplane.yaml
+++ b/manifests/site/reference-airship-core/target/controlplane/patch_controlplane.yaml
@ -1,11 +1,11 @@
 kind: KubeadmControlPlane
-apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
+apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
 metadata:
  name: cluster-controlplane
 spec:
  replicas: 3
-  infrastructureTemplate:
+  machineTemplate:
+    infrastructureRef:
      kind: Metal3MachineTemplate
-    apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
+      apiVersion: infrastructure.cluster.x-k8s.io/v1alpha5
      name: cluster-controlplane-2
-
--- a/manifests/site/reference-airship-core/target/controlplane/versions-catalogue-patch.yaml
+++ b/manifests/site/reference-airship-core/target/controlplane/versions-catalogue-patch.yaml
@ -1,7 +1,7 @@
 # Patch the versions catalogue to use the site-specific local image URL
 # TODO: patch this in from a site-networking catalogue in the future
 apiVersion: airshipit.org/v1alpha1
-kind: VariableCatalogue
+kind: VersionsCatalogue
 metadata:
  name: versions-airshipctl
 spec:
@ -10,6 +10,5 @@ spec:
      # Host the image in a locally served location for CI
      cluster_controlplane_image:
        ## NEWSITE_CHANGEME: update with the first target node pxe ip
-        url: http://172.63.0.11:80/images/ubuntu-18.04-server-cloudimg-amd64.img
+        url: http://172.63.0.11/images/control-plane.qcow2
        checksum: "e0d74d3d37e70e4eec1b204f8402ed3c"
-
--- a/manifests/site/reference-airship-core/target/workers/provision/kubeadmconfigtemplate.yaml
+++ b/manifests/site/reference-airship-core/target/workers/provision/kubeadmconfigtemplate.yaml
@ -1,4 +1,4 @@
-apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
+apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
 kind: KubeadmConfigTemplate
 metadata:
  name: worker-1
--- a/manifests/site/reference-airship-core/target/workers/provision/machinedeployment.yaml
+++ b/manifests/site/reference-airship-core/target/workers/provision/machinedeployment.yaml
@ -1,4 +1,4 @@
-apiVersion: cluster.x-k8s.io/v1alpha3
+apiVersion: cluster.x-k8s.io/v1alpha4
 kind: MachineDeployment
 metadata:
  name: worker-1
@ -17,14 +17,14 @@ spec:
        cluster.x-k8s.io/cluster-name: target-cluster
    spec:
      clusterName: target-cluster
-      version: v1.18.3
+      version: v1.19.14
      bootstrap:
        configRef:
          name: worker-1
-          apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
+          apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
          kind: KubeadmConfigTemplate
      infrastructureRef:
        name: worker-1
-        apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
+        apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
        kind: Metal3MachineTemplate
 ---
--- a/manifests/site/reference-multi-tenant/ephemeral/bootstrap/baremetalhost.yaml
+++ b/manifests/site/reference-multi-tenant/ephemeral/bootstrap/baremetalhost.yaml
@ -26,3 +26,4 @@ status:
  hardwareProfile: ""
  operationalStatus: ""
  poweredOn: false
+  errorCount: 0
--- a/manifests/site/reference-multi-tenant/target/controlplane/patch_controlplane.yaml
+++ b/manifests/site/reference-multi-tenant/target/controlplane/patch_controlplane.yaml
@ -4,8 +4,8 @@ metadata:
  name: cluster-controlplane
 spec:
  replicas: 3
-  infrastructureTemplate:
+  machineTemplate:
+    infrastructureRef:
      kind: Metal3MachineTemplate
-    apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
+      apiVersion: infrastructure.cluster.x-k8s.io/v1alpha5
      name: cluster-controlplane-2
-
--- a/manifests/site/virtual-airship-core/ephemeral/bootstrap/baremetalhost.yaml
+++ b/manifests/site/virtual-airship-core/ephemeral/bootstrap/baremetalhost.yaml
@ -24,3 +24,4 @@ status:
  hardwareProfile: ""
  operationalStatus: ""
  poweredOn: false
+  errorCount: 0
--- a/manifests/site/virtual-airship-core/phases/kustomization.yaml
+++ b/manifests/site/virtual-airship-core/phases/kustomization.yaml
@ -7,4 +7,5 @@ transformers:
  - ../../../../../airshipctl/manifests/function/clusterctl/replacements
 ## TODO Consider making a catalogue combined with variable substitution instead
 patchesStrategicMerge:
+  - plan-patch.yaml
  - phase-patch.yaml
--- a/manifests/site/virtual-airship-core/phases/plan-patch.yaml
+++ b/manifests/site/virtual-airship-core/phases/plan-patch.yaml
@ -162,3 +162,4 @@ validation:
    - RemoteDirectConfiguration
    - VariableCatalogue
    - StorageCatalogue
+
--- a/manifests/site/virtual-multi-tenant/ephemeral/bootstrap/baremetalhost.yaml
+++ b/manifests/site/virtual-multi-tenant/ephemeral/bootstrap/baremetalhost.yaml
@ -24,3 +24,4 @@ status:
  hardwareProfile: ""
  operationalStatus: ""
  poweredOn: false
+  errorCount: 0
--- a/manifests/type/airship-core/phases/kustomization.yaml
+++ b/manifests/type/airship-core/phases/kustomization.yaml
@ -4,6 +4,3 @@ resources:
  - executors.yaml
  - phases.yaml
  - workload-config.yaml
-
-patchesStrategicMerge:
-   - plan-patch.yaml
--- a/manifests/type/airship-core/target/workload/kustomization.yaml
+++ b/manifests/type/airship-core/target/workload/kustomization.yaml
@ -6,7 +6,7 @@ resources:
  - ../../../../function/ingress
  - ../../../../function/helm-chart-repository
  - ../../../../function/local-storage
-  - dex-aio
+  # - dex-aio

 patches:
  - patch: |-
--- a/manifests/type/airship-core/target/workload/replacements/kustomization.yaml
+++ b/manifests/type/airship-core/target/workload/replacements/kustomization.yaml
@ -1,7 +1,7 @@
 resources:
  - ../../../../../composite/storage-cluster/replacements
  - ../../../../../function/ingress/replacements
-  - ../../../../../function/dex-aio/replacements
+  #  - ../../../../../function/dex-aio/replacements
  - ../../../../../function/helm-chart-repository/replacements
  - ../../../../../function/local-storage/replacements
  - ../../../../../composite/lma-infra/replacements
--- a/manifests/type/multi-tenant/sub-clusters/lma/controlplane/patches/controlplane.yaml
+++ b/manifests/type/multi-tenant/sub-clusters/lma/controlplane/patches/controlplane.yaml
@ -3,5 +3,8 @@ apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
 metadata:
  name: cluster-controlplane
 spec:
-  infrastructureTemplate:
+  machineTemplate:
+    infrastructureRef:
+      kind: Metal3MachineTemplate
+      apiVersion: infrastructure.cluster.x-k8s.io/v1alpha5
      name: cluster-controlplane-lma
--- a/zuul.d/projects.yaml
+++ b/zuul.d/projects.yaml
@ -14,7 +14,7 @@
    vars:
      # NOTE(drewwalters96): Set AIRSHIPCTL_REF to a commit SHA in order to pin
      # the cloned version of airshipctl to a known/compatible reference.
-      AIRSHIPCTL_REF: 1faeb29f43f876e9d1d7be203f2848185ee1aced
+      AIRSHIPCTL_REF: e8992a6bed6a586f44f50f174276b4b57f8b2c65
      sphinx_build_dir: docs/build
    check:
      jobs: