Feature branch sync - pub/k8s_telemetry to staging

common/library/module_utils/input_validation/common_utils/en_us_validation_msg.py

@@ -144,8 +144,6 @@
 PRIMARY_ADMIN_IP_IN_DYNAMIC_RANGE_MSG = "primary_oim_admin_ip should not be within the dynamic_range."
 PRIMARY_BMC_IP_IN_DYNAMIC_RANGE_MSG = "primary_oim_bmc_ip should not be within the dynamic_range."
 DEFAULT_LEASE_TIME_FAIL_MSG = "Please provide a valid default_lease_time."
-TIMEZONE_FAIL_MSG = ("Unsupported Timezone. Please check the timezone.txt file "
-                    "for a list of valid timezones.")
 ENABLE_SWITCH_BASED_FAIL_MSG = "enable_switch_based must be set to either true or false."
 LANGUAGE_FAIL_MSG = "Only en_US.UTF-8 language supported"
 LANGUAGE_EMPTY_MSG = "Language setting cannot be empty"
@@ -321,7 +319,7 @@ def json_file_mandatory(file_path):
 )
 INVALID_DYNAMIC_RANGE_FORMAT_MSG = (
     "Invalid dynamic_range format in network_spec.yml. "
-    "Expected format: 'start_ip-end_ip' (e.g., 192.168.1.10-192.168.1.50)."
+    "Expected format: 'start_ip-end_ip' (e.g., 10.1.1.10-10.1.1.50)."
 )
 ADMIN_IP_HOSTNAME_COLUMN_MISSING_MSG = (
     "ADMIN_IP or HOSTNAME column not found in PXE mapping file. "

common/library/module_utils/input_validation/common_utils/validation_utils.py

@@ -374,26 +374,6 @@ def validate_default_lease_time(default_lease_time):
     return 21600 <= int(default_lease_time) <= 31536000
 
 
-# validate timezone (input_tz: str, available_timezone_file_path: str) -> bool
-def validate_timezone(input_tz, available_timezone_file_path):
-    """
-    Validates the timezone.
-
-    Args:
-        input_tz (str): The input timezone.
-        available_timezone_file_path (str): The path to the file containing available timezones.
-
-    Returns:
-        bool: True if the timezone is valid, False otherwise.
-    """
-    all_timezones = []
-    with open(available_timezone_file_path, "r") as file:
-        content = file.read()
-        for line in content.splitlines():
-            all_timezones.append(line)
-    return input_tz in all_timezones
-
-
 # Checks if the password meets the specified requirements:
 # Length of at least 8 characters. Does not contain '-', '\', "'", or '"'.
 def is_valid_password(password):

common/library/module_utils/input_validation/schema/omnia_config.json

@@ -86,12 +86,18 @@
             "type": "string",
             "pattern": "^(|/?([a-zA-Z0-9._-]+/)*[a-zA-Z0-9._-]+\\.yaml)$"
 
+          },
+          "k8s_crio_storage_size": {
+            "description": "Storage size for CRI-O in Gigabytes only (example: 10G, 15G, 100G)",
+            "type": "string",
+            "pattern": "^[1-9][0-9]*G$"
           }
         },
         "required": [
           "cluster_name",
           "k8s_cni",
-          "k8s_service_addresses"
+          "k8s_service_addresses",
+          "k8s_crio_storage_size"
         ],
         "allOf": [
         {

common/library/module_utils/input_validation/schema/provision_config.json

@@ -6,11 +6,6 @@
       "type": "string",
       "description": "Path to the PXE mapping file."
     },
-    "timezone": {
-      "type": "string",
-      "description": "Timezone setting.",
-      "default": "GMT"
-    },
     "language": {
       "type": "string",
       "description": "Language setting.",
@@ -25,7 +20,6 @@
   },
   "required": [
     "pxe_mapping_file_path",
-    "timezone",
     "language",
     "default_lease_time"
   ]

common/library/module_utils/input_validation/schema/storage_config.json

@@ -31,11 +31,11 @@
             },
             "server_share_path": {
               "type": "string",
-              "pattern": "^/(?:[^/]+(?:/[^/]+)*)?$"
+              "pattern": "^/(?:[^/]+(?:/[^/]+)*)?/?$"
             },
             "client_share_path": {
               "type": "string",
-              "pattern": "^/(?:[^/]+(?:/[^/]+)*)?$"
+              "pattern": "^/(?:[^/]+(?:/[^/]+)*)?/?$"
             },
             "client_mount_options": {
               "type": "string"
@@ -54,4 +54,4 @@
     "required": [
       "nfs_client_params"
     ]
-  }
+  }

common/library/module_utils/input_validation/validation_flows/provision_validation.py

@@ -30,15 +30,6 @@
 create_error_msg = validation_utils.create_error_msg
 create_file_path = validation_utils.create_file_path
 
-def load_oim_metadata(metadata_file_path):
-    with open(metadata_file_path, 'r') as file:
-        metadata = yaml.safe_load(file)
-    return metadata
-
-metadata_file_path = '/opt/omnia/.data/oim_metadata.yml'
-metadata = load_oim_metadata(metadata_file_path)
-oim_timezone = metadata['oim_timezone']
-
 # Expected header columns (case-insensitive)
 required_headers = [
     "FUNCTIONAL_GROUP_NAME",
@@ -635,9 +626,6 @@ def validate_provision_config(
             create_error_msg("language", input_file_path, en_us_validation_msg.LANGUAGE_FAIL_MSG)
         )
 
-    timezone_file_path = os.path.join(
-        module_utils_base, "input_validation", "common_utils", "timezone.txt"
-    )
     pxe_mapping_file_path = data.get("pxe_mapping_file_path", "")
     if pxe_mapping_file_path and validation_utils.verify_path(pxe_mapping_file_path):
         try:
@@ -672,31 +660,6 @@ def validate_provision_config(
             )
         )
 
-    timezone = data["timezone"]
-    if not validation_utils.validate_timezone(timezone, timezone_file_path):
-        errors.append(
-            create_error_msg(
-                "timezone",
-                timezone,
-                en_us_validation_msg.TIMEZONE_FAIL_MSG,
-            )
-        )
-
-    # Normalize input and system timezones for comparison
-    input_timezone = (timezone or "").strip()
-    system_timezone = (oim_timezone or "").strip()
-
-    # Compare both timezones (case-insensitive)
-    if system_timezone.lower() != input_timezone.lower():
-        errors.append(
-            create_error_msg(
-                "timezone_mismatch",
-                f"Input: {input_timezone}, OIM: {system_timezone}",
-                "Timezone mismatch detected. Ensure both timezones match; "
-                "refer to timezone.txt.",
-            )
-        )
-
     default_lease_time = data["default_lease_time"]
     if not validation_utils.validate_default_lease_time(default_lease_time):
         errors.append(

common/library/module_utils/local_repo/process_parallel.py

@@ -20,9 +20,9 @@
 import subprocess
 import time
 import threading
+import requests
 import traceback
 import yaml
-import requests
 from jinja2 import Template
 from ansible.module_utils.local_repo.common_functions import (
     load_yaml_file,
@@ -41,7 +41,12 @@
 def load_docker_credentials(vault_yml_path, vault_password_file):
     """
     Decrypts an Ansible Vault YAML file, extracts docker_username and docker_password,
-    and optionally validates them by logging in to Docker Hub if both are present.
+    and validates them using Docker Hub API.
+
+    Validation Logic:
+        - Validates credentials via Docker Hub REST API
+        - Returns credentials if authentication succeeds (HTTP 200)
+        - Raises RuntimeError for all authentication failures
 
     Args:
         vault_yml_path (str): Path to the encrypted Ansible Vault YAML file.
@@ -51,7 +56,9 @@ def load_docker_credentials(vault_yml_path, vault_password_file):
         tuple: (docker_username, docker_password) or (None, None) if not provided.
 
     Raises:
-        RuntimeError: If decryption, parsing, or Docker login fails (when credentials are provided).
+        RuntimeError: If vault decryption fails, YAML parsing fails, Docker Hub API 
+                     authentication fails, network errors occur, or requests module 
+                     is not installed.
     """
     try:
         env = os.environ.copy()
@@ -72,24 +79,48 @@ def load_docker_credentials(vault_yml_path, vault_password_file):
         if not docker_username or not docker_password:
             return None, None
 
-        # Validate Docker Hub credentials
-        response = requests.post(
-            "https://hub.docker.com/v2/users/login/",
-            json={"username": docker_username, "password": docker_password},
-            timeout=10
-        )
+        # Validate credentials using Docker Hub API
+        try:
+            response = requests.post(
+                "https://hub.docker.com/v2/users/login/",
+                json={"username": docker_username, "password": docker_password},
+                timeout=30
+            )
+
+            if response.status_code == 200:
+                return docker_username, docker_password
+
+            if response.status_code == 429:
+                raise RuntimeError("Docker Hub rate limit exceeded. Please try again later.")
+
+            # Handle authentication failures
+            if response.status_code == 401:
+                raise RuntimeError("Invalid Docker Hub username or password.")
+
+            # Handle malformed client request
+            if response.status_code == 400:
+                raise RuntimeError("Bad request sent to Docker Hub. Check username/password format.")
+
+            # Handle server-side errors (5xx)
+            if 500 <= response.status_code < 600:
+                raise RuntimeError(
+                    f"Docker Hub server error (status {response.status_code}). Try again later."
+                )
 
-        if response.status_code != 200:
-            raise RuntimeError("Docker Hub authentication failed: Invalid username or password.")
+            # Catch-all for other unexpected statuses
+            raise RuntimeError(
+                f"Docker Hub authentication failed with unexpected status {response.status_code}."
+            )
 
-        return docker_username, docker_password
+        except requests.RequestException as error:
+            raise RuntimeError(
+                "Unable to reach Docker Hub (network DNS/timeout/SSL issue)."
+            ) from error
 
     except subprocess.CalledProcessError as error:
         raise RuntimeError(f"Vault decryption failed: {error.stderr.strip()}") from error
     except yaml.YAMLError as error:
         raise RuntimeError(f"Failed to parse decrypted YAML: {error}") from error
-    except requests.RequestException as error:
-        raise RuntimeError(f"Failed to contact Docker Hub: {error}") from error
 
 def log_table_output(table_output, log_file):
     """