From cf40e03d9e2bf40e1e55d3f0c42dd5f0c56c49ac Mon Sep 17 00:00:00 2001
From: zhengzongwei <zhengzongwei@foxmail.com>
Date: Wed, 11 Jun 2025 15:53:23 +0800
Subject: [PATCH 1/8] add venv path check when set dev mode

Closes-Bug: #2113874
Change-Id: I71003e0d454deaf75f8e2ad2080077a1118af12c
---
 docker/base/install_projects.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docker/base/install_projects.sh b/docker/base/install_projects.sh
index a9a7948d04..c3f7182b55 100644
--- a/docker/base/install_projects.sh
+++ b/docker/base/install_projects.sh
@@ -5,7 +5,9 @@
 # The projects are mounted there when dev mode is enabled for them
 # in kolla-ansible
 
-if [ -d "/dev-mode" ]; then
+VENV_PATH="/var/lib/kolla/venv"
+
+if [ -d "/dev-mode" ] && [ -d "$VENV_PATH" ]; then
     for project in /dev-mode/*; do
         pip install -U "$project"
     done

From 01fef6fc62c4dbf3c7f75bde1cdcf73e1b1745aa Mon Sep 17 00:00:00 2001
From: Antony Messerli <antony@mes.ser.li>
Date: Wed, 11 Mar 2026 17:43:08 -0500
Subject: [PATCH 2/8] Remove dsa from haproxy-ssh host key types

CentOS/Rocky 10 no longer supports DSA keys, causing haproxy-ssh
to fail on startup with "unknown key type dsa". This aligns
haproxy-ssh with the same fix already applied to keystone-ssh
and nova-ssh.

Closes-Bug: #2143880
Change-Id: I3990c2c67756378063e0867edcd004e8d28574dd
Signed-off-by: Antony Messerli <antony@mes.ser.li>
---
 docker/haproxy/haproxy-ssh/extend_start.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/haproxy/haproxy-ssh/extend_start.sh b/docker/haproxy/haproxy-ssh/extend_start.sh
index 421e4bd6ff..4b2239100c 100644
--- a/docker/haproxy/haproxy-ssh/extend_start.sh
+++ b/docker/haproxy/haproxy-ssh/extend_start.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-SSH_HOST_KEY_TYPES=( "rsa" "dsa" "ecdsa" "ed25519" )
+SSH_HOST_KEY_TYPES=( "rsa" "ecdsa" "ed25519" )
 
 for key_type in ${SSH_HOST_KEY_TYPES[@]}; do
     KEY_PATH=/etc/ssh/ssh_host_${key_type}_key

From 250cdef268c725cbeddc3298541250860f940e1c Mon Sep 17 00:00:00 2001
From: Pierre Riteau <pierre@stackhpc.com>
Date: Tue, 24 Mar 2026 10:24:51 +0100
Subject: [PATCH 3/8] Bump OVN to 25.09 in Rocky Linux 10 images

This matches the version used by Ubuntu images since Flamingo [1][2].
Debian Trixie still uses 25.03 [3].

Support for 25.03 has ended on 7 March, 2026 [4] while 25.09 is
supported until 5 September, 2026 [5].

[1] https://openstack-ci-reports.ubuntu.com/reports/cloud-archive/flamingo_versions.html
[2] https://openstack-ci-reports.ubuntu.com/reports/cloud-archive/gazpacho_versions.html
[3] https://packages.debian.org/source/trixie/ovn
[4] https://www.ovn.org/en/releases/25.03/
[5] https://www.ovn.org/en/releases/25.09/

Change-Id: I323ea4e7dabecfcf20fa890e028eeb1c3766be0b
Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
---
 doc/source/ovn_versions.csv                              | 2 +-
 docker/base/Dockerfile.j2                                | 2 +-
 releasenotes/notes/rocky-ovn-25.09-345468aec8cc8073.yaml | 4 ++++
 3 files changed, 6 insertions(+), 2 deletions(-)
 create mode 100644 releasenotes/notes/rocky-ovn-25.09-345468aec8cc8073.yaml

diff --git a/doc/source/ovn_versions.csv b/doc/source/ovn_versions.csv
index 2c2ff50cd7..f0a8c52102 100644
--- a/doc/source/ovn_versions.csv
+++ b/doc/source/ovn_versions.csv
@@ -1,5 +1,5 @@
 Distro,OVN,
 ,Source,Release
-Rocky Linux,CentOS NFV SIG,25.03
+Rocky Linux,CentOS NFV SIG,25.09
 Ubuntu,UCA,25.09
 Debian,DEB,25.03
diff --git a/docker/base/Dockerfile.j2 b/docker/base/Dockerfile.j2
index 6c758207af..0503098dff 100644
--- a/docker/base/Dockerfile.j2
+++ b/docker/base/Dockerfile.j2
@@ -40,7 +40,7 @@ ENV PS1="$(tput bold)($(printenv KOLLA_SERVICE_NAME))$(tput sgr0)[$(id -un)@$(ho
 # desire such functionality.  I think we will :)
 
 ENV KOLLA_RPM_OVS_VERSION=3.5 \
-    KOLLA_RPM_OVN_VERSION=25.03
+    KOLLA_RPM_OVN_VERSION=25.09
 
 RUN cat /tmp/kolla_bashrc >> /etc/bashrc \
     && sed -i 's|^\(override_install_langs=.*\)|# \1|' /etc/dnf/dnf.conf
diff --git a/releasenotes/notes/rocky-ovn-25.09-345468aec8cc8073.yaml b/releasenotes/notes/rocky-ovn-25.09-345468aec8cc8073.yaml
new file mode 100644
index 0000000000..5af6125309
--- /dev/null
+++ b/releasenotes/notes/rocky-ovn-25.09-345468aec8cc8073.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Updates OVN to version 25.09 on Rocky Linux 10.

From e2a72800f074ccadc814e80083158e631cdd4b67 Mon Sep 17 00:00:00 2001
From: Seunghun Lee <seunghun@stackhpc.com>
Date: Wed, 11 Mar 2026 15:47:44 +0000
Subject: [PATCH 4/8] Update Ceph Squid RPM repo to centos-10-stream

Change-Id: I530a0f710507c8f959ccf10e4d3560372e800a05
Signed-off-by: Seunghun Lee <seunghun@stackhpc.com>
---
 kolla/template/repos.yaml   | 2 +-
 kolla/tests/test_methods.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/kolla/template/repos.yaml b/kolla/template/repos.yaml
index 2a40375e0e..d559f6f092 100644
--- a/kolla/template/repos.yaml
+++ b/kolla/template/repos.yaml
@@ -112,7 +112,7 @@ ubuntu-aarch64:
 rpm:
   ceph:
     gpgkey: "https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage"
-    metalink: "https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-9-stream&arch=$basearch"
+    metalink: "https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-10-stream&arch=$basearch"
     name: "centos-ceph-squid"
   crb:
     distro: True
diff --git a/kolla/tests/test_methods.py b/kolla/tests/test_methods.py
index f304623625..e1dc810d1d 100644
--- a/kolla/tests/test_methods.py
+++ b/kolla/tests/test_methods.py
@@ -58,7 +58,7 @@ def test_enable_repos_centos_metalink(self):
         expectCmd += ">>/etc/yum.repos.d/ceph.repo && "
         expectCmd += "echo 'gpgkey=https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage' "  # noqa: E501
         expectCmd += ">>/etc/yum.repos.d/ceph.repo && "
-        expectCmd += "echo 'metalink=https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-9-stream&arch=$basearch' "  # noqa: E501
+        expectCmd += "echo 'metalink=https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-10-stream&arch=$basearch' "  # noqa: E501
         expectCmd += ">>/etc/yum.repos.d/ceph.repo"
         self.assertEqual(expectCmd, result)
 

From 63024ee8a26f08f5f65fec3f58be6bbb690365b7 Mon Sep 17 00:00:00 2001
From: Maximilian Stinsky <maximilian.stinsky-damke@wiit.cloud>
Date: Wed, 17 Jul 2024 09:37:05 +0200
Subject: [PATCH 5/8] Add Dockerfile for neutron-ovn-vpn-agent

This patch adds support for the standalone neutron-ovn-vpn-agent.
The new agent was added in the 2024.1 and is required for vpnaas
when using ovn.

[1] https://review.opendev.org/c/openstack/neutron-vpnaas/+/765353

Related-Bug: #2048392
Change-Id: I552b9fbc8fa0b49d3e0e3212dd11962b02837b9f
Signed-off-by: Joachim de Groot <joachim.de.groot@menzel-it.net>
Signed-off-by: Pablo COLSON <colson.pablo@gmail.com>
Signed-off-by: Piotr Milewski <vurmil@gmail.com>
---
 .../neutron-ovn-vpn-agent/Dockerfile.j2       | 31 +++++++++++++++++++
 ...pn-agent-kolla-image-979df04014ed9440.yaml |  4 +++
 2 files changed, 35 insertions(+)
 create mode 100644 docker/neutron/neutron-ovn-vpn-agent/Dockerfile.j2
 create mode 100644 releasenotes/notes/releasenotes/notes/neutron-ovn-vpn-agent-kolla-image-979df04014ed9440.yaml

diff --git a/docker/neutron/neutron-ovn-vpn-agent/Dockerfile.j2 b/docker/neutron/neutron-ovn-vpn-agent/Dockerfile.j2
new file mode 100644
index 0000000000..e4166c58db
--- /dev/null
+++ b/docker/neutron/neutron-ovn-vpn-agent/Dockerfile.j2
@@ -0,0 +1,31 @@
+FROM {{ namespace }}/{{ image_prefix }}neutron-base:{{ tag }}
+{% block labels %}
+LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}"
+{% endblock %}
+
+{% block neutron_ovn_vpn_agent_header %}{% endblock %}
+
+{% import "macros.j2" as macros with context %}
+
+# Note: VPN is currently not working on RHEL 10 due to a known issue:
+# https://bugs.launchpad.net/neutron/+bug/2146308
+{% if base_package_type == 'rpm' %}
+   {% set neutron_ovn_vpn_agent_packages = [
+      'libreswan'
+   ] %}
+{% elif base_package_type == 'deb' %}
+   {% set neutron_ovn_vpn_agent_packages = [
+      'strongswan',
+      'strongswan-starter',
+      'strongswan-charon'
+   ] %}
+{% endif %}
+
+{{ macros.install_packages(neutron_ovn_vpn_agent_packages | customizable("packages")) }}
+
+{{ macros.kolla_patch_sources() }}
+
+{% block neutron_ovn_vpn_agent_footer %}{% endblock %}
+{% block footer %}{% endblock %}
+
+USER neutron
diff --git a/releasenotes/notes/releasenotes/notes/neutron-ovn-vpn-agent-kolla-image-979df04014ed9440.yaml b/releasenotes/notes/releasenotes/notes/neutron-ovn-vpn-agent-kolla-image-979df04014ed9440.yaml
new file mode 100644
index 0000000000..fa67df9754
--- /dev/null
+++ b/releasenotes/notes/releasenotes/notes/neutron-ovn-vpn-agent-kolla-image-979df04014ed9440.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Added the neutron ovn vpn agent container image (``neutron-ovn-vpn-agent``)

From d749a6a6772b798a73d535473d43a907ee1197e4 Mon Sep 17 00:00:00 2001
From: Piotr Milewski <vurmil@gmail.com>
Date: Thu, 12 Feb 2026 16:50:08 +0100
Subject: [PATCH 6/8] Prometheus: add valkey exporter image

Adds a new prometheus-valkey-exporter image to support
monitoring of Valkey instances.

Change-Id: Id0ad47301e48fc4e2cb1f93865a5c5d58f521467
Signed-off-by: Piotr Milewski <vurmil@gmail.com>
---
 .../prometheus-valkey-exporter/Dockerfile.j2  | 25 +++++++++++++++++++
 kolla/common/sources.py                       | 11 ++++++++
 .../add-valkey-exporter-e21762a106307538.yaml |  5 ++++
 3 files changed, 41 insertions(+)
 create mode 100644 docker/prometheus/prometheus-valkey-exporter/Dockerfile.j2
 create mode 100644 releasenotes/notes/add-valkey-exporter-e21762a106307538.yaml

diff --git a/docker/prometheus/prometheus-valkey-exporter/Dockerfile.j2 b/docker/prometheus/prometheus-valkey-exporter/Dockerfile.j2
new file mode 100644
index 0000000000..7f38bae193
--- /dev/null
+++ b/docker/prometheus/prometheus-valkey-exporter/Dockerfile.j2
@@ -0,0 +1,25 @@
+FROM {{ namespace }}/{{ image_prefix }}prometheus-base:{{ tag }}
+{% block labels %}
+LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}"
+{% endblock %}
+
+{% import "macros.j2" as macros with context %}
+
+{% block prometheus_valkey_exporter_header %}{% endblock %}
+
+{{ macros.install_packages(prometheus_valkey_exporter_packages | customizable("packages")) }}
+
+{% block prometheus_valkey_exporter_install %}
+ADD prometheus-valkey-exporter-archive /prometheus-valkey-exporter-source
+
+RUN ln -s /prometheus-valkey-exporter-source/* prometheus-valkey-exporter \
+    && cp /prometheus-valkey-exporter/redis_exporter /opt/valkey-exporter
+
+{% endblock %}
+
+{{ macros.kolla_patch_sources() }}
+
+{% block prometheus_valkey_exporter_footer %}{% endblock %}
+{% block footer %}{% endblock %}
+
+USER prometheus
diff --git a/kolla/common/sources.py b/kolla/common/sources.py
index 0ef76cfe70..9966003f83 100644
--- a/kolla/common/sources.py
+++ b/kolla/common/sources.py
@@ -391,6 +391,17 @@
                      'releases/download/v${version}/'
                      'prometheus'
                      '-${version}.linux-${debian_arch}.tar.gz')},
+    'prometheus-valkey-exporter': {
+        'version': '1.82.0',
+        'type': 'url',
+        'sha256': {
+            'amd64': '2d98dd0888f46e206bf3ad1b7c1784934a3a39cd8774cf47615f4c15594547cd',  # noqa: E501
+            'arm64': '13aaa6acbb145848cb97ed3bab22747e094b3f0ed22df83c8ace593e3c527c95'},  # noqa: E501
+        'location': ('https://github.com/'
+                     'oliver006/redis_exporter/'
+                     'releases/download/v${version}/'
+                     'redis_exporter'
+                     '-v${version}.linux-${debian_arch}.tar.gz')},
     'skyline-apiserver': {
         'type': 'url',
         'location': ('$tarballs_base/openstack/skyline-apiserver/'
diff --git a/releasenotes/notes/add-valkey-exporter-e21762a106307538.yaml b/releasenotes/notes/add-valkey-exporter-e21762a106307538.yaml
new file mode 100644
index 0000000000..78cf5d4f8b
--- /dev/null
+++ b/releasenotes/notes/add-valkey-exporter-e21762a106307538.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Adds support for Valkey monitoring by introducing a new
+    ``prometheus-valkey-exporter`` container image.

From cbca935b87b4606534fc08d2cae80d864af51c7c Mon Sep 17 00:00:00 2001
From: Piotr Milewski <vurmil@gmail.com>
Date: Tue, 23 Dec 2025 10:30:02 +0100
Subject: [PATCH 7/8] Add OCI standard labels to container images

Currently, Kolla images lack standard metadata, making it difficult
to identify their build source, creation time, or exact version solely
by inspecting the image artifact.

This patch introduces the addition of Open Container Initiative (OCI)
standard labels to all generated images. The build process now detects
metadata (utilizing `direct_url.json` for pip-installed packages to
avoid subprocess calls) and injects the following labels into the
container runtime config:

* org.opencontainers.image.authors
* org.opencontainers.image.created
* org.opencontainers.image.description
* org.opencontainers.image.licenses
* org.opencontainers.image.revision
* org.opencontainers.image.source
* org.opencontainers.image.title
* org.opencontainers.image.url
* org.opencontainers.image.version

Example output:
    "Labels": {
        "org.opencontainers.image.authors": "Kolla Project (https://launchpad.net/kolla)",
        "org.opencontainers.image.created": "2025-12-22T14:02:47.015819",
        "org.opencontainers.image.description": "OpenStack Kolla keystone-ssh image",
        "org.opencontainers.image.licenses": "Apache-2.0",
        "org.opencontainers.image.revision": "96b54022857ccef8dc6bb11789abe32119827109",
        "org.opencontainers.image.source": "https://opendev.org/openstack/kolla",
        "org.opencontainers.image.title": "keystone-ssh",
        "org.opencontainers.image.url": "https://opendev.org/openstack/kolla",
        "org.opencontainers.image.version": "master-ubuntu-noble"
    }

This enhancement improves the interoperability of Kolla images with
standard container tools and registries that display OCI metadata.

Change-Id: I3451940c90180ba91759c839987434e94251e32e
Signed-off-by: Piotr Milewski <vurmil@gmail.com>
---
 kolla/image/kolla_worker.py                   | 74 ++++++++++++++++++-
 kolla/image/tasks.py                          |  3 +
 ...-oci-standard-labels-f68cc6eb3a4db7c7.yaml | 10 +++
 3 files changed, 84 insertions(+), 3 deletions(-)
 create mode 100644 releasenotes/notes/add-oci-standard-labels-f68cc6eb3a4db7c7.yaml

diff --git a/kolla/image/kolla_worker.py b/kolla/image/kolla_worker.py
index 723914f5a5..680595f866 100644
--- a/kolla/image/kolla_worker.py
+++ b/kolla/image/kolla_worker.py
@@ -11,6 +11,8 @@
 # limitations under the License.
 
 import datetime
+import git
+import importlib.metadata
 import json
 import os
 import queue
@@ -42,7 +44,7 @@
 class Image(object):
     def __init__(self, name, canonical_name, path, parent_name='',
                  status=Status.UNPROCESSED, parent=None,
-                 source=None, logger=None, engine_client=None):
+                 source=None, logger=None, engine_client=None, labels=None):
         self.name = name
         self.canonical_name = canonical_name
         self.path = path
@@ -57,11 +59,12 @@ def __init__(self, name, canonical_name, path, parent_name='',
         self.plugins = []
         self.additions = []
         self.engine_client = engine_client
+        self.labels = labels or {}
 
     def copy(self):
         c = Image(self.name, self.canonical_name, self.path,
                   logger=self.logger, parent_name=self.parent_name,
-                  status=self.status, parent=self.parent)
+                  status=self.status, parent=self.parent, labels=self.labels)
         if self.source:
             c.source = self.source.copy()
         if self.children:
@@ -143,6 +146,9 @@ def __init__(self, conf):
         self.image_statuses_allowed_to_fail = dict()
         self.maintainer = conf.maintainer
         self.patches_path = conf.patches_path
+        self.scm_labels = self._get_scm_labels()
+        self.build_created = (datetime.datetime.now(datetime.timezone.utc)
+                              .strftime('%Y-%m-%dT%H:%M:%SZ'))
 
         try:
             self.engine_client = engine.getEngineClient(self.conf)
@@ -157,6 +163,53 @@ def __init__(self, conf):
                 LOG.info("Exception caught: {0}".format(e))
                 sys.exit(1)
 
+    def _get_scm_labels(self):
+        labels = {}
+
+        # Method 1: Install via PIP (direct_url.json)
+        try:
+            dist = importlib.metadata.distribution('kolla')
+            direct_url_file = [
+                p for p in dist.files if p.name == 'direct_url.json'
+            ]
+
+            if direct_url_file:
+                content = dist.read_text('direct_url.json')
+                if content:
+                    data = json.loads(content)
+                    if 'url' in data:
+                        labels['org.opencontainers.image.source'] = data['url']
+                    if 'vcs_info' in data and 'commit_id' in data['vcs_info']:
+                        labels['org.opencontainers.image.revision'] = (
+                            data['vcs_info']['commit_id'])
+        except Exception as e:
+            LOG.debug(f"Could not retrieve PIP direct_url info: {e}")
+
+        # Method 2: Fallback to Git (if PIP info is local or missing)
+        source = labels.get('org.opencontainers.image.source', '')
+        if not labels.get('org.opencontainers.image.revision') or \
+           source.startswith('file:'):
+            try:
+                repo = git.Repo(PROJECT_ROOT, search_parent_directories=True)
+
+                labels['org.opencontainers.image.revision'] = (
+                    repo.head.object.hexsha)
+
+                if source.startswith('file:') or not source:
+                    labels['org.opencontainers.image.source'] = (
+                        'https://opendev.org/openstack/kolla')
+
+                LOG.debug("Detected SCM info via Git fallback: %s", labels)
+            except Exception as e:
+                LOG.debug("Git fallback failed: %s", e)
+
+        source_url = labels.get('org.opencontainers.image.source', '')
+        if source_url.startswith('file:'):
+            labels['org.opencontainers.image.source'] = (
+                'https://opendev.org/openstack/kolla')
+
+        return labels
+
     def _get_images_dir(self):
         possible_paths = (
             PROJECT_ROOT,
@@ -694,10 +747,25 @@ def process_source_installation(image, section):
             else:
                 parent_name = ''
             del match
+
+            oci_labels = self.scm_labels.copy()
+            oci_labels.update({
+                "org.opencontainers.image.title": image_name,
+                "org.opencontainers.image.description": (
+                    "OpenStack Kolla {} image".format(image_name)),
+                "org.opencontainers.image.version": self.tag,
+                "org.opencontainers.image.created": self.build_created,
+                "org.opencontainers.image.authors": self.maintainer,
+                "org.opencontainers.image.url": (
+                    "https://opendev.org/openstack/kolla"),
+                "org.opencontainers.image.licenses": "Apache-2.0"
+            })
+
             image = Image(image_name, canonical_name, path,
                           parent_name=parent_name,
                           logger=utils.make_a_logger(self.conf, image_name),
-                          engine_client=self.engine_client)
+                          engine_client=self.engine_client,
+                          labels=oci_labels)
 
             # NOTE(jeffrey4l): register the opts if the section didn't
             # register in the kolla/common/config.py file
diff --git a/kolla/image/tasks.py b/kolla/image/tasks.py
index 39d7593907..6bee905f7c 100644
--- a/kolla/image/tasks.py
+++ b/kolla/image/tasks.py
@@ -407,6 +407,9 @@ def reset_userinfo(tarinfo):
         buildargs = self.update_buildargs()
 
         kwargs = {}
+        if hasattr(image, 'labels') and image.labels:
+            kwargs['labels'] = image.labels
+
         if self.conf.engine == engine.Engine.PODMAN.value:
             # TODO(kevko): dockerfile path is a workaround,
             # should be removed as soon as it will be fixed in podman-py
diff --git a/releasenotes/notes/add-oci-standard-labels-f68cc6eb3a4db7c7.yaml b/releasenotes/notes/add-oci-standard-labels-f68cc6eb3a4db7c7.yaml
new file mode 100644
index 0000000000..e9ba30dfbe
--- /dev/null
+++ b/releasenotes/notes/add-oci-standard-labels-f68cc6eb3a4db7c7.yaml
@@ -0,0 +1,10 @@
+---
+features:
+  - |
+    Implemented support for Open Container Initiative (OCI) standard labels
+    in generated container images.
+
+    Kolla images are now tagged with standard metadata to improve traceability
+    and observability. The build process automatically detects source
+    information and populates labels such as build creation time, version,
+    source URL, and commit revision.

From bb1a4dda640d9dddb536a604e7c4147e2fc862fc Mon Sep 17 00:00:00 2001
From: Bartosz Bezak <bartosz@stackhpc.com>
Date: Tue, 31 Mar 2026 15:55:52 +0200
Subject: [PATCH 8/8] CI: publish aarch64 noble images

Change-Id: I5041828f1cf7a143784f0ac479b6669e8a747b0c
Signed-off-by: Bartosz Bezak <bartosz@stackhpc.com>
---
 zuul.d/ubuntu.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/zuul.d/ubuntu.yaml b/zuul.d/ubuntu.yaml
index c40e0b936f..8247892877 100644
--- a/zuul.d/ubuntu.yaml
+++ b/zuul.d/ubuntu.yaml
@@ -29,6 +29,20 @@
       - name: kolla_quay_io_api
         secret: kolla_quay_io_api_jan_2026
 
+- job:
+    name: kolla-publish-ubuntu-noble-arm64-quay
+    parent: kolla-build-ubuntu-noble-arm64
+    post-run: tests/playbooks/publish.yml
+    vars:
+      publisher: true
+      kolla_registry: quay.io
+      kolla_namespace: openstack.kolla
+    secrets:
+      - name: kolla_quay_io_creds
+        secret: kolla_quay_io_creds_jan_2026
+      - name: kolla_quay_io_api
+        secret: kolla_quay_io_api_jan_2026
+
 - job:
     name: kolla-build-ubuntu-noble-no-infra-wheels
     parent: kolla-build-no-infra-wheels-base
@@ -55,3 +69,4 @@
     periodic:
       jobs:
         - kolla-publish-ubuntu-noble-quay
+        - kolla-publish-ubuntu-noble-arm64-quay