Unify version checks in pre-config and install steps for 4.N to 5.N compatibility

ci-operator/step-registry/aws/c2s/init-token-service/aws-c2s-init-token-service-commands.sh

@@ -2,6 +2,13 @@
 
 set -o nounset
 
+# Version comparison functions using sort -V
+function version_ge() {
+  # Returns 0 (true) if $1 >= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -381,11 +388,9 @@ EOF
 cp ${CLUSTER_PROFILE_DIR}/pull-secret /tmp/pull-secret
 oc registry login --to /tmp/pull-secret
 ocp_version=$(oc adm release info --registry-config /tmp/pull-secret ${RELEASE_IMAGE_LATEST} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 rm /tmp/pull-secret
 
-if (( ocp_major_version == 4 && ocp_minor_version >= 12 )) || (( ocp_major_version > 4 )); then
+if version_ge "${ocp_version}" "4.12"; then
   echo "For 4.12+, using batch API version: batch/v1"
   cat <<EOF > /tmp/cap-token-cronjob_412plus-patch.yaml
 apiVersion: batch/v1

ci-operator/step-registry/aws/c2s/instance-metadata/aws-c2s-instance-metadata-commands.sh

@@ -5,6 +5,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_le() {
+  # Returns 0 (true) if $1 <= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$1" "$2" | sort -V | head -n1)" == "$1" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -91,8 +98,6 @@ create_mco_config_for_c2s_instance_metadata "${SHARED_DIR}/manifest_instance_met
 cp ${CLUSTER_PROFILE_DIR}/pull-secret /tmp/pull-secret
 oc registry login --to /tmp/pull-secret
 ocp_version=$(oc adm release info --registry-config /tmp/pull-secret ${RELEASE_IMAGE_LATEST} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 rm /tmp/pull-secret
 
 ca_file=`mktemp`
@@ -103,7 +108,7 @@ else
     cat "/var/run/vault/mirror-registry/client_ca.crt" >> ${ca_file}
 fi
 
-if (( ocp_major_version == 4 && ocp_minor_version <= 9 )); then
+if version_le "${ocp_version}" "4.9"; then
   echo "C2S: workaround for C2S emulator (BZ#1926975)"
   cat << EOF > ${SHARED_DIR}/manifest_c2s_emulator_patch_cloud-provider-config.yaml
 apiVersion: v1

ci-operator/step-registry/aws/cluster/public-to-private/aws-cluster-public-to-private-commands.sh

@@ -4,6 +4,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_le() {
+  # Returns 0 (true) if $1 <= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$1" "$2" | sort -V | head -n1)" == "$1" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -31,10 +38,8 @@ mkdir -p "${XDG_RUNTIME_DIR}"
 KUBECONFIG="" oc --loglevel=8 registry login
 ocp_version=$(oc adm release info ${RELEASE_IMAGE_LATEST_FROM_BUILD_FARM} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
 echo "OCP Version: $ocp_version"
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 
-if (( ocp_major_version == 4 && ocp_minor_version <= 11 )); then
+if version_le "${ocp_version}" "4.11"; then
   echo "CPMS support for AWS was added in 4.12, the following step is not applicable for this OCP version, quit now."
   exit 1
 fi

ci-operator/step-registry/aws/provision/security-group/aws-provision-security-group-commands.sh

@@ -4,6 +4,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_le() {
+  # Returns 0 (true) if $1 <= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$1" "$2" | sort -V | head -n1)" == "$1" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -31,10 +38,8 @@ mkdir -p "${XDG_RUNTIME_DIR}"
 KUBECONFIG="" oc --loglevel=8 registry login
 ocp_version=$(oc adm release info ${RELEASE_IMAGE_LATEST_FROM_BUILD_FARM} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
 echo "OCP Version: $ocp_version"
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 
-if (( ocp_major_version == 4 && ocp_minor_version <= 13 )); then
+if version_le "${ocp_version}" "4.13"; then
   echo "Custom SG in 4.13- is not applicable, skip now."
   exit 0
 fi

ci-operator/step-registry/azure/cluster/public-to-private/azure-cluster-public-to-private-commands.sh

@@ -4,6 +4,12 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_lt() {
+  # Returns 0 (true) if $1 < $2
+  [[ "$1" != "$2" ]] && [[ "$(printf '%s\n' "$1" "$2" | sort -V | head -n1)" == "$1" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -12,10 +18,9 @@ set -o pipefail
 EXIT_CODE=101
 trap 'if [[ "$?" == 0 ]]; then EXIT_CODE=0; fi; echo "${EXIT_CODE}" > "${SHARED_DIR}/install-pre-config-status.txt"' EXIT TERM
 
-ocp_major_version=$(oc version -o json | jq -r '.openshiftVersion' | cut -d '.' -f1)
-ocp_minor_version=$(oc version -o json | jq -r '.openshiftVersion' | cut -d '.' -f2)
+ocp_version=$(oc version -o json | jq -r '.openshiftVersion' | cut -d '.' -f1,2)
 
-if (( ocp_major_version == 4 && ocp_minor_version < 17 )); then
+if version_lt "${ocp_version}" "4.17"; then
     echo "This step only supports to covert cluster into private one in day2 on 4.17+ currently!"
     exit 1
 fi

ci-operator/step-registry/azure/provision/custom-role/azure-provision-custom-role-commands.sh

@@ -4,6 +4,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_ge() {
+  # Returns 0 (true) if $1 >= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -97,8 +104,6 @@ mkdir -p "${XDG_RUNTIME_DIR}"
 KUBECONFIG="" oc --loglevel=8 registry login
 ocp_version=$(oc adm release info ${RELEASE_IMAGE_LATEST_FROM_BUILD_FARM} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
 echo "OCP Version: $ocp_version"
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 
 # az should already be there
 command -v az
@@ -264,7 +269,7 @@ ${required_permissions}
 """
 
     # New permissions are instroduced when using CAPZ to provision IPI cluster
-    if [[ "${CLUSTER_TYPE_MIN_PERMISSOIN}" == "IPI" ]] && ( (( ocp_major_version == 4 && ocp_minor_version >= 17 )) || (( ocp_major_version > 4 )) ); then
+    if [[ "${CLUSTER_TYPE_MIN_PERMISSOIN}" == "IPI" ]] && version_ge "${ocp_version}" "4.17"; then
         # routeTables relevant perssions can be removed once OCPBUGS-37663 is fixed.
         required_permissions="""
 \"Microsoft.Network/routeTables/read\",
@@ -374,7 +379,7 @@ ${required_permissions}
     fi
 
     # optional permissions when installing cluster in existing vnet
-    if [[ -n ${install_config_vnet} ]] && ( (( ocp_major_version == 4 && ocp_minor_version >= 17 )) || (( ocp_major_version > 4 )) ); then
+    if [[ -n ${install_config_vnet} ]] && version_ge "${ocp_version}" "4.17"; then
         required_permissions="""
 \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",
 ${required_permissions}

ci-operator/step-registry/azure/provision/disk-encryption-set/grant-permission/azure-provision-disk-encryption-set-grant-permission-commands.sh

@@ -4,6 +4,12 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_gt() {
+  # Returns 0 (true) if $1 > $2
+  [[ "$1" != "$2" ]] && [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -24,10 +30,9 @@ then
     source "${SHARED_DIR}/proxy-conf.sh"
 fi
 
-ocp_major_version=$(oc version -o json | jq -r '.openshiftVersion' | cut -d '.' -f1)
-ocp_minor_version=$(oc version -o json | jq -r '.openshiftVersion' | cut -d '.' -f2)
+ocp_version=$(oc version -o json | jq -r '.openshiftVersion' | cut -d '.' -f1,2)
 
-if (( ocp_major_version == 4 && ocp_minor_version > 12 )) || (( ocp_major_version > 4 )); then
+if version_gt "${ocp_version}" "4.12"; then
     echo "No need to grant permissions to cluster identity on scope of disk encryption set on 4.13+, skip this step!"
     exit 0
 fi

ci-operator/step-registry/azure/provision/vnet/azure-provision-vnet-commands.sh

@@ -4,6 +4,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_ge() {
+  # Returns 0 (true) if $1 >= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -39,7 +46,7 @@ function create_disconnected_network() {
     for nsg in $subnet_nsgs; do
         run_command "az network nsg rule create -g ${rg} --nsg-name '${nsg}' -n 'DenyInternet' --priority 1010 --access Deny --source-port-ranges '*' --source-address-prefixes 'VirtualNetwork' --destination-address-prefixes 'Internet' --destination-port-ranges '*' --direction Outbound"
         if [[ "${CLUSTER_TYPE}" != "azurestack" ]]; then
-            if [[ "${ALLOW_AZURE_CLOUD_ACCESS}" == "no" ]] && ( (( ocp_major_version == 4 && ocp_minor_version >= 17 )) || (( ocp_major_version > 4 )) ); then
+            if [[ "${ALLOW_AZURE_CLOUD_ACCESS}" == "no" ]] && version_ge "${ocp_version}" "4.17"; then
                 run_command "az network nsg rule create -g ${rg} --nsg-name '${nsg}' -n 'DenyAzureCloud' --priority 1009 --access Deny --source-port-ranges '*' --source-address-prefixes 'VirtualNetwork' --destination-address-prefixes 'AzureCloud' --destination-port-ranges '*' --direction Outbound"
 	        else
                 run_command "az network nsg rule create -g ${rg} --nsg-name '${nsg}' -n 'AllowAzureCloud' --priority 1009 --access Allow --source-port-ranges '*' --source-address-prefixes 'VirtualNetwork' --destination-address-prefixes 'AzureCloud' --destination-port-ranges '*' --direction Outbound"
@@ -106,8 +113,6 @@ mkdir -p "${XDG_RUNTIME_DIR}"
 KUBECONFIG="" oc --loglevel=8 registry login
 ocp_version=$(oc adm release info ${RELEASE_IMAGE_LATEST_FROM_BUILD_FARM} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
 echo "OCP Version: $ocp_version"
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 
 # az should already be there
 command -v az

ci-operator/step-registry/edge-nodes/machineset-manifests/edge-nodes-machineset-manifests-commands.sh

@@ -4,6 +4,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_ge() {
+  # Returns 0 (true) if $1 >= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -37,8 +44,6 @@ mkdir -p "${XDG_RUNTIME_DIR}"
 KUBECONFIG="" oc --loglevel=8 registry login
 ocp_version=$(oc adm release info ${RELEASE_IMAGE_LATEST_FROM_BUILD_FARM} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
 echo "OCP Version: $ocp_version"
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 
 if [[ ${EDGE_NODE_INSTANCE_TYPE} != "" ]]; then
   instance_type=${EDGE_NODE_INSTANCE_TYPE}
@@ -113,7 +118,7 @@ EOF
 
 # SG group patch
 sg_patch=`mktemp`
-if (( ocp_major_version == 4 && ocp_minor_version >= 16 )) || (( ocp_major_version > 4 )); then
+if version_ge "${ocp_version}" "4.16"; then
   # CAPI
   cat <<EOF > ${sg_patch}
 spec:

ci-operator/step-registry/edge-nodes/machineset-manifests/outpost/edge-nodes-machineset-manifests-outpost-commands.sh

@@ -4,6 +4,13 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
+# Version comparison functions using sort -V
+function version_ge() {
+  # Returns 0 (true) if $1 >= $2
+  [[ "$1" == "$2" ]] && return 0
+  [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # save the exit code for junit xml file generated in step gather-must-gather
 # pre configuration steps before running installation, exit code 100 if failed,
 # save to install-pre-config-status.txt
@@ -37,8 +44,6 @@ mkdir -p "${XDG_RUNTIME_DIR}"
 KUBECONFIG="" oc --loglevel=8 registry login
 ocp_version=$(oc adm release info ${RELEASE_IMAGE_LATEST_FROM_BUILD_FARM} --output=json | jq -r '.metadata.version' | cut -d. -f 1,2)
 echo "OCP Version: $ocp_version"
-ocp_major_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $1}' )
-ocp_minor_version=$( echo "${ocp_version}" | awk --field-separator=. '{print $2}' )
 
 
 if [[ ${EDGE_NODE_INSTANCE_TYPE} != "" ]]; then
@@ -113,7 +118,7 @@ EOF
 
 # SG group patch
 sg_patch=`mktemp`
-if (( ocp_major_version == 4 && ocp_minor_version >= 16 )) || (( ocp_major_version > 4 )); then
+if version_ge "${ocp_version}" "4.16"; then
   # CAPI
   cat <<EOF > ${sg_patch}
 spec:

ci-operator/step-registry/enable-qe-catalogsource/disconnected/enable-qe-catalogsource-disconnected-commands.sh

@@ -6,6 +6,13 @@
 # The script exit 0 if fail to mirror images. this allows the other test can be executed continuously
 # The script exit 0 if fail to create catalogsource. this allows  the other test can be executed continuously
 set -u
+
+# Version comparison functions using sort -V
+function version_gt() {
+  # Returns 0 (true) if $1 > $2
+  [[ "$1" != "$2" ]] && [[ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" == "$2" ]]
+}
+
 # use it as a bool
 marketplace=0
 mirror=0
@@ -146,10 +153,8 @@ function disable_default_catalogsource () {
         echo "!!! fail to disable default Catalog Source"
         return 1
     fi
-    ocp_version=$(oc get -o jsonpath='{.status.desired.version}' clusterversion version)
-    ocp_major_version=$(echo ${ocp_version} | cut -d '.' -f1)
-    ocp_minor_version=$(echo ${ocp_version} | cut -d '.' -f2)
-    if (( ocp_major_version == 4 && ocp_minor_version > 17 )) || (( ocp_major_version > 4 )); then
+    ocp_version=$(oc get -o jsonpath='{.status.desired.version}' clusterversion version | cut -d '.' -f1,2)
+    if version_gt "${ocp_version}" "4.17"; then
         echo "disable olmv1 default clustercatalog"
         run_command "oc patch clustercatalog openshift-certified-operators -p '{\"spec\": {\"availabilityMode\": \"Unavailable\"}}' --type=merge"
         run_command "oc patch clustercatalog openshift-redhat-operators -p '{\"spec\": {\"availabilityMode\": \"Unavailable\"}}' --type=merge"