ROX-30638: Remove tenant Route53 record management

.github/workflows/ci.yaml

@@ -54,8 +54,6 @@ jobs:
       AWS_ACCOUNT_ID: aws_accountid
       AWS_ACCESS_KEY: aws_accesskey
       AWS_SECRET_ACCESS_KEY: aws_secretaccesskey # pragma: allowlist secret - dummy value
-      ROUTE53_ACCESS_KEY: aws_route53_access_key # pragma: allowlist secret - dummy value
-      ROUTE53_SECRET_ACCESS_KEY: aws_route53_secret_access_key # pragma: allowlist secret - dummy value
       TEST_TIMEOUT: 30m
     services:
       postgres:

.github/workflows/multicluster-e2e.yaml

@@ -95,7 +95,6 @@ jobs:
       - name: "Run"
         env:
           RUN_MULTICLUSTER_E2E: "true"
-          ENABLE_CENTRAL_EXTERNAL_DOMAIN: "true"
         run: "scripts/ci/multicluster_tests/entrypoint.sh"
 
   cleanup-clusters:

.secrets.baseline

@@ -259,7 +259,7 @@
         "filename": "internal/central/pkg/services/centralservice_moq.go",
         "hashed_secret": "44e17306b837162269a410204daaa5ecee4ec22c",
         "is_verified": false,
-        "line_number": 1180
+        "line_number": 1048
       }
     ],
     "pkg/client/fleetmanager/impl/testdata/token": [
@@ -296,63 +296,63 @@
         "filename": "templates/service-template.yml",
         "hashed_secret": "13032f402fed753c2248419ea4f69f99931f6dbc",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "30025f80f6e22cdafb85db387d50f90ea884576a",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "355f24fd038bcaf85617abdcaa64af51ed19bbcf",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "3d8a1dcd2c3c765ce35c9a9552d23273cc4ddace",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "4ac7b0522761eba972467942cd5cd7499dd2c361",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "7639ab2a6bcf2ea30a055a99468c9cd844d4c22a",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "b56360daf4793d2a74991a972b34d95bc00fb2da",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "c9a73ef9ee8ce9f38437227801c70bcc6740d1a1",
         "is_verified": false,
-        "line_number": 476
+        "line_number": 471
       },
       {
         "type": "Secret Keyword",
         "filename": "templates/service-template.yml",
         "hashed_secret": "4e199b4a1c40b497a95fcd1cd896351733849949",
         "is_verified": false,
-        "line_number": 659,
+        "line_number": 654,
         "is_secret": false
       }
     ],
@@ -382,5 +382,5 @@
       }
     ]
   },
-  "generated_at": "2025-09-04T08:53:01Z"
+  "generated_at": "2025-10-16T10:28:36Z"
 }

Makefile

@@ -364,7 +364,6 @@ test/cluster/cleanup:
 test/e2e: $(GINKGO_BIN)
 	CLUSTER_ID=1234567890abcdef1234567890abcdef \
 	RUN_E2E=true \
-	ENABLE_CENTRAL_EXTERNAL_DOMAIN=$(ENABLE_CENTRAL_EXTERNAL_DOMAIN) \
 	GITOPS_CONFIG_PATH=$(GITOPS_CONFIG_FILE) \
 	$(GINKGO_BIN) -r $(GINKGO_FLAGS) \
 		--randomize-suites \
@@ -379,7 +378,6 @@ test/e2e: $(GINKGO_BIN)
 
 test/e2e/multicluster: $(GINKGO_BIN)
 	CLUSTER_ID=1234567890abcdef1234567890abcdef \
-	ENABLE_CENTRAL_EXTERNAL_DOMAIN=$(ENABLE_CENTRAL_EXTERNAL_DOMAIN) \
 	GITOPS_CONFIG_PATH=$(GITOPS_CONFIG_FILE) \
 	RUN_MULTICLUSTER_E2E=true \
 	$(GINKGO_BIN) -r $(GINKGO_FLAGS) \
@@ -610,8 +608,6 @@ image/push/fleetshard-operator/internal: docker/login/internal
 secrets/touch:
 	touch secrets/aws.accesskey \
           secrets/aws.accountid \
-          secrets/aws.route53accesskey \
-          secrets/aws.route53secretaccesskey \
           secrets/aws.secretaccesskey \
           secrets/db.host \
           secrets/db.name \
@@ -639,8 +635,6 @@ aws/setup:
 	@echo -n "$(AWS_ACCOUNT_ID)" > secrets/aws.accountid
 	@echo -n "$(AWS_ACCESS_KEY)" > secrets/aws.accesskey
 	@echo -n "$(AWS_SECRET_ACCESS_KEY)" > secrets/aws.secretaccesskey
-	@echo -n "$(ROUTE53_ACCESS_KEY)" > secrets/aws.route53accesskey
-	@echo -n "$(ROUTE53_SECRET_ACCESS_KEY)" > secrets/aws.route53secretaccesskey
 .PHONY: aws/setup
 
 redhatsso/setup:
@@ -689,8 +683,6 @@ deploy/secrets:
 		-p AWS_ACCESS_KEY="$(shell ([ -s './secrets/aws.accesskey' ] && [ -z '${AWS_ACCESS_KEY}' ]) && cat ./secrets/aws.accesskey || echo '${AWS_ACCESS_KEY}')" \
 		-p AWS_ACCOUNT_ID="$(shell ([ -s './secrets/aws.accountid' ] && [ -z '${AWS_ACCOUNT_ID}' ]) && cat ./secrets/aws.accountid || echo '${AWS_ACCOUNT_ID}')" \
 		-p AWS_SECRET_ACCESS_KEY="$(shell ([ -s './secrets/aws.secretaccesskey' ] && [ -z '${AWS_SECRET_ACCESS_KEY}' ]) && cat ./secrets/aws.secretaccesskey || echo '${AWS_SECRET_ACCESS_KEY}')" \
-		-p ROUTE53_ACCESS_KEY="$(shell ([ -s './secrets/aws.route53accesskey' ] && [ -z '${ROUTE53_ACCESS_KEY}' ]) && cat ./secrets/aws.route53accesskey || echo '${ROUTE53_ACCESS_KEY}')" \
-		-p ROUTE53_SECRET_ACCESS_KEY="$(shell ([ -s './secrets/aws.route53secretaccesskey' ] && [ -z '${ROUTE53_SECRET_ACCESS_KEY}' ]) && cat ./secrets/aws.route53secretaccesskey || echo '${ROUTE53_SECRET_ACCESS_KEY}')" \
 		-p SSO_CLIENT_ID="$(shell ([ -s './secrets/redhatsso-service.clientId' ] && [ -z '${SSO_CLIENT_ID}' ]) && cat ./secrets/redhatsso-service.clientId || echo '${SSO_CLIENT_ID}')" \
 		-p SSO_CLIENT_SECRET="$(shell ([ -s './secrets/redhatsso-service.clientSecret' ] && [ -z '${SSO_CLIENT_SECRET}' ]) && cat ./secrets/redhatsso-service.clientSecret || echo '${SSO_CLIENT_SECRET}')" \
 		-p CENTRAL_IDP_CLIENT_SECRET="$(shell ([ -s './secrets/central.idp-client-secret' ] && [ -z '${CENTRAL_IDP_CLIENT_SECRET}' ]) && cat ./secrets/central.idp-client-secret || echo '${CENTRAL_IDP_CLIENT_SECRET}')" \
@@ -724,7 +716,6 @@ deploy/service: FLEET_MANAGER_IMAGE ?= $(SHORT_IMAGE_REF)
 deploy/service: IMAGE_TAG ?= $(image_tag)
 deploy/service: FLEET_MANAGER_ENV ?= "development"
 deploy/service: REPLICAS ?= "1"
-deploy/service: ENABLE_CENTRAL_EXTERNAL_DOMAIN ?= "false"
 deploy/service: ENABLE_CENTRAL_LIFE_SPAN ?= "false"
 deploy/service: CENTRAL_LIFE_SPAN ?= "48"
 deploy/service: OCM_URL ?= "https://api.stage.openshift.com"
@@ -758,7 +749,6 @@ endif
 		-p REPO_DIGEST="$(FLEET_MANAGER_IMAGE)" \
 		-p IMAGE_TAG=$(IMAGE_TAG) \
 		-p REPLICAS="${REPLICAS}" \
-		-p ENABLE_CENTRAL_EXTERNAL_DOMAIN="${ENABLE_CENTRAL_EXTERNAL_DOMAIN}" \
 		-p ENABLE_CENTRAL_LIFE_SPAN="${ENABLE_CENTRAL_LIFE_SPAN}" \
 		-p CENTRAL_LIFE_SPAN="${CENTRAL_LIFE_SPAN}" \
 		-p ENABLE_OCM_MOCK=$(ENABLE_OCM_MOCK) \

README.md

@@ -2,7 +2,6 @@
 
 ACS fleet-manager repository for the ACS managed service.
 
-
 ## Quickstart
 
 ### Overview

cmd/fleet-manager/main.go

@@ -14,18 +14,14 @@ import (
 )
 
 func main() {
-	// This is needed to make `glog` believe that the flags have already been parsed, otherwise
-	// every log messages is prefixed by an error message stating that the flags haven't been
-	// parsed.
-	_ = flag.CommandLine.Parse([]string{})
-
-	// pflag.CommandLine.AddGoFlagSet(flag.CommandLine)
-
 	// Always log to stderr by default
 	if err := flag.Set("logtostderr", "true"); err != nil {
 		glog.Infof("Unable to set logtostderr to true")
 	}
 
+	flag.Parse()
+	defer glog.Flush()
+
 	env, err := environments.New(environments.GetEnvironmentStrFromEnv(),
 		central.ConfigProviders(),
 	)

cmd/fleet-manager/main_test.go

@@ -52,7 +52,7 @@ func TestInjections(t *testing.T) {
 
 	var workerList []workers.Worker
 	env.MustResolve(&workerList)
-	Expect(workerList).To(HaveLen(10))
+	Expect(workerList).To(HaveLen(9))
 }
 
 func createServicesCommand(env *environments.Env) *cobra.Command {

dev/env/defaults/00-defaults.env

@@ -32,12 +32,9 @@ export OCM_SERVICE_TOKEN_DEFAULT=""
 export OCM_ADDON_SERVICE_CLIENT_ID_DEFAULT=""
 export OCM_ADDON_SERVICE_CLIENT_SECRET_DEFAULT=""
 export OCM_ADDON_SERVICE_TOKEN_DEFAULT=""
-export ROUTE53_ACCESS_KEY_DEFAULT=""
-export ROUTE53_SECRET_ACCESS_KEY_DEFAULT=""
 export SPAWN_LOGGER_DEFAULT="false"
 export DUMP_LOGS_DEFAULT="false"
 export SKIP_TESTS_DEFAULT="false"
-export ENABLE_CENTRAL_EXTERNAL_DOMAIN_DEFAULT=false
 
 export FLEETSHARD_SYNC_RESOURCES_DEFAULT='{"requests":{"cpu":"200m","memory":"300Mi"},"limits":{"cpu":"200m","memory":"300Mi"}}'
 export EMAIL_SENDER_RESOURCES_DEFAULT='{"requests":{"cpu":"200m","memory":"300Mi"},"limits":{"cpu":"200m","memory":"300Mi"}}'

dev/env/defaults/cluster-type-crc/env

@@ -1,3 +1,2 @@
-export ENABLE_CENTRAL_EXTERNAL_DOMAIN="true"
 export ENABLE_EXTERNAL_CONFIG_DEFAULT="true"
 export AWS_AUTH_HELPER_DEFAULT="aws-saml"

dev/env/defaults/cluster-type-infra-openshift/env

@@ -3,4 +3,3 @@ export EXPOSE_OPENSHIFT_ROUTER_DEFAULT="true"
 export ENABLE_EXTERNAL_CONFIG_DEFAULT="true"
 export AWS_AUTH_HELPER_DEFAULT="aws-saml"
 export INHERIT_IMAGEPULLSECRETS_DEFAULT="true" # pragma: allowlist secret
-export ENABLE_CENTRAL_EXTERNAL_DOMAIN_DEFAULT="true"

dev/env/defaults/cluster-type-openshift-ci/env

@@ -1,6 +1,5 @@
 export SPAWN_LOGGER_DEFAULT="true"
 export DUMP_LOGS_DEFAULT="true"
 export GOTESTSUM="/usr/local/bin/gotestsum"
-export ENABLE_CENTRAL_EXTERNAL_DOMAIN=true
 # To be adjusted for runnign in OpenShift CI
 # export FLEETSHARD_SYNC_RESOURCES_DEFAULT='{"requests":{"cpu":"200m","memory":"300Mi"},"limits":{"cpu":"200m","memory":"300Mi"}}'

dev/env/scripts/docker.sh

@@ -95,6 +95,9 @@ should_skip_image_build() {
     if [[ "$CLUSTER_TYPE" == "openshift-ci" ]]; then
         return 0
     fi
+    if [[ "$DEVCONTAINER" == "true" ]]; then
+        return 1
+    fi    
     if is_running_inside_docker; then
         return 0
     fi

dev/env/scripts/lib.sh

@@ -94,15 +94,12 @@ init() {
     export OCM_ADDON_SERVICE_CLIENT_ID=${OCM_ADDON_SERVICE_CLIENT_ID:-$OCM_ADDON_SERVICE_CLIENT_ID_DEFAULT}
     export OCM_ADDON_SERVICE_CLIENT_SECRET=${OCM_ADDON_SERVICE_CLIENT_SECRET:-$OCM_ADDON_SERVICE_CLIENT_SECRET_DEFAULT}
     export OCM_ADDON_SERVICE_TOKEN=${OCM_ADDON_SERVICE_TOKEN:-$OCM_ADDON_SERVICE_TOKEN_DEFAULT}
-    export ROUTE53_ACCESS_KEY=${ROUTE53_ACCESS_KEY:-$ROUTE53_ACCESS_KEY_DEFAULT}
-    export ROUTE53_SECRET_ACCESS_KEY=${ROUTE53_SECRET_ACCESS_KEY:-$ROUTE53_SECRET_ACCESS_KEY_DEFAULT}
     export SPAWN_LOGGER=${SPAWN_LOGGER:-$SPAWN_LOGGER_DEFAULT}
     export DUMP_LOGS=${DUMP_LOGS:-$DUMP_LOGS_DEFAULT}
     export ENABLE_DB_PORT_FORWARDING=${ENABLE_DB_PORT_FORWARDING:-$ENABLE_DB_PORT_FORWARDING_DEFAULT}
     export ENABLE_FM_PORT_FORWARDING=${ENABLE_FM_PORT_FORWARDING:-$ENABLE_FM_PORT_FORWARDING_DEFAULT}
     export FLEETSHARD_SYNC_RESOURCES=${FLEETSHARD_SYNC_RESOURCES:-$FLEETSHARD_SYNC_RESOURCES_DEFAULT}
     export SKIP_TESTS=${SKIP_TESTS:-$SKIP_TESTS_DEFAULT}
-    export ENABLE_CENTRAL_EXTERNAL_DOMAIN=${ENABLE_CENTRAL_EXTERNAL_DOMAIN:-$ENABLE_CENTRAL_EXTERNAL_DOMAIN_DEFAULT}
     export FLEET_MANAGER_IMAGE=${FLEET_MANAGER_IMAGE:-$FLEET_MANAGER_IMAGE_DEFAULT}
     export ENABLE_EMAIL_SENDER=${ENABLE_EMAIL_SENDER:-$ENABLE_EMAIL_SENDER_DEFAULT}
     export EMAIL_SENDER_IMAGE=${EMAIL_SENDER_IMAGE:-$EMAIL_SENDER_IMAGE_DEFAULT}
@@ -118,11 +115,6 @@ init() {
         log "FLEET_MANAGER_IMAGE not set, using ${FLEET_MANAGER_IMAGE}"
     fi
 
-    if [[ "$ENABLE_CENTRAL_EXTERNAL_DOMAIN" != "false" && ("$ROUTE53_ACCESS_KEY" == "" || "$ROUTE53_SECRET_ACCESS_KEY" == "") ]]; then
-        log "setting ENABLE_CENTRAL_EXTERNAL_DOMAIN to false since no Route53 credentials were provided"
-        ENABLE_CENTRAL_EXTERNAL_DOMAIN=false
-    fi
-
     if [[ "$CLUSTER_TYPE" == "minikube" ]]; then
         eval "$(minikube docker-env)"
     fi
@@ -162,15 +154,12 @@ ARGOCD_TENANT_APP_TARGET_REVISION: ${ARGOCD_TENANT_APP_TARGET_REVISION}
 OCM_SERVICE_CLIENT_ID: ********
 OCM_SERVICE_CLIENT_SECRET: ********
 OCM_SERVICE_TOKEN: ********
-ROUTE53_ACCESS_KEY: ********
-ROUTE53_SECRET_ACCESS_KEY: ********
 SPAWN_LOGGER: ${SPAWN_LOGGER}
 DUMP_LOGS: ${DUMP_LOGS}
 ENABLE_DB_PORT_FORWARDING: ${ENABLE_DB_PORT_FORWARDING}
 ENABLE_FM_PORT_FORWARDING: ${ENABLE_FM_PORT_FORWARDING}
 FLEETSHARD_SYNC_RESOURCES: ${FLEETSHARD_SYNC_RESOURCES}
 SKIP_TESTS: ${SKIP_TESTS}
-ENABLE_CENTRAL_EXTERNAL_DOMAIN: ${ENABLE_CENTRAL_EXTERNAL_DOMAIN}
 FLEET_MANAGER_IMAGE: ${FLEET_MANAGER_IMAGE}
 FLEETSHARD_SYNC_CONTAINER_COMMAND: ${FLEETSHARD_SYNC_CONTAINER_COMMAND}
 EMAIL_SENDER_IMAGE: ${EMAIL_SENDER_IMAGE}

docs/development/implementation.md

@@ -63,9 +63,9 @@ See [adding a new endpoint](./adding-a-new-endpoint.md) documentation for more i
 The Central Workers are responsible for reconciling Centrals as requested by an end-user.
 There are currently 7 central workers, which are located in the [centrals_mgrs folder](../internal/central/pkg/workers/centrals_mgrs):
 - [`centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/centrals_mgr.go) responsible for reconciling central metrics and performing cleanup of trial centrals, and cleanup of centrals of denied owners.
-- [`deleting_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/deleting_centrals_mgr.go) responsible for handling the deletion of centrals e.g removing resources like AWS Route53 entry, IAM secrets client
+- [`deleting_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/deleting_centrals_mgr.go) responsible for handling the deletion of centrals e.g removing resources like IAM secrets client
 - [`accepted_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/accepted_centrals_mgr.go) responsible for checking if user is within Quota before provisioning a central. Afterwards, it will periodically reconcile on all pending Central resources, attempt to find a valid OpenShift cluster to fit it's requirements (cloud provider, region, etc.) and provision a Central instance to the cluster. Once a suitable Dataplane cluster has been found, we'll update the status of the Central resource to reflect it's current progress.
-- [`preparing_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/preparing_centrals_mgr.go) responsible for creating external resources e.g AWS Route53 DNS, IAM authentication secrets
+- [`preparing_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/preparing_centrals_mgr.go) responsible for creating external resources e.g IAM authentication secrets
 - [`provisioning_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/provisioning_centrals_mgr.go) responsible for checking if a provisioned central is ready as reported by the fleetshard-operator
 - [`ready_centrals_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/ready_centrals_mgr.go) responsible for reconciling external resources of a ready centrals
 - [`centrals_routes_cname_mgr.go`](../internal/central/pkg/workers/centrals_mgrs/centrals_routes_cname_mgr.go) responsible for reconciliation of DNS records for each centrals' routes.

docs/development/populating-configuration.md

@@ -57,21 +57,13 @@ make ocm/setup OCM_OFFLINE_TOKEN=<your-retrieved-ocm-offline-token>
 Fleet Manager interacts with AWS to provide the following functionalities:
 * To be able to create and manage Data Plane clusters in a specific AWS account
   by passing the needed credentials to OpenShift Cluster Management
-* To create [AWS's Route53](https://aws.amazon.com/route53/) DNS records in a
-  specific AWS account. These records are DNS records that point to some
-  routes related to Central instances that are created.
-  > NOTE: The domain name used for these records can be configured by setting
-    the domain name to be used for Central instances. This can be done
-    through the `--central-domain-name` Fleet Manager binary CLI flag
 For both functionalities, the same underlying AWS account is used.
 
 In order for the Fleet Manager to be able to start, create the following files:
 ```
 touch secrets/aws.accountid
 touch secrets/aws.accesskey
 touch secrets/aws.secretaccesskey
-touch secrets/aws.route53accesskey
-touch secrets/aws.route53secretaccesskey
 ```
 
 If you need any of those functionalities keep reading. Otherwise, this section
@@ -84,8 +76,6 @@ IAM user credentials to the control plane by running:
 AWS_ACCOUNT_ID=<aws-account-id> \
 AWS_ACCESS_KEY=<aws-iam-user-access-key> \
 AWS_SECRET_ACCESS_KEY=<aws-iam-user-secret-access-key> \
-ROUTE53_ACCESS_KEY=<aws-iam-user-for-route-53-access-key> \
-ROUTE53_SECRET_ACCESS_KEY=<aws-iam-user-for-route-53-secret-access-key> \
 make aws/setup
 ```
 > NOTE: If you are in Red Hat, the following [documentation](./getting-credentials-and-accounts.md#aws)

docs/development/setup-test-environment.md

@@ -91,23 +91,6 @@ To clean up the environment run
 $ make undeploy/dev # points to down.sh
 ```
 
-### DNS tests
-
-The test suite has auto-sensing logic built in to skip DNS e2e tests when the test environment does  not support execution of DNS e2e tests. Currently this is only supported in OpenShift environments.
-
-To run the DNS e2e tests additionally to the default e2e test setup the cluster you're running against needs to have the openshift Route Custom Resource Definition installed and you need to set following environment variables:
-
-```shell
-export ROUTE53_ACCESS_KEY="<key-id>"
-export ROUTE53_SECRET_ACCESS_KEY="<secret-key>"
-
-# Depending on cluster type and its default configuration you might need
-export ENABLE_CENTRAL_EXTERNAL_DOMAIN_DEFAULT=true
-
-# If the domain you test against is not the default dev domain
-export CENTRAL_DOMAIN_NAME="<domain>"
-```
-
 
 ## Cluster setup
 Bootstrap a local cluster using one of the options below.

docs/legacy/feature-flags.md

@@ -35,7 +35,6 @@ This lists the feature flags and their sub-configurations to enable/disable and
 ## Central
 - **enable-deletion-of-expired-central**: Enables deletion of eval Central instances when its life span has expired.
     - `central-lifespan` [Optional]: The desired lifespan of a Central instance in hour(s) (default: `48`).
-- **enable-central-external-domain**: Enables custom Central domain.
 - **enable-evaluator-instance**: Enable the creation of one central evaluator instances per user
 
 - **central-idp-***: A collection of flags describing _static_ auth config for Central.

dp-terraform/helm/rhacs-terraform/templates/fleetshard-sync.yaml

@@ -45,6 +45,8 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /usr/local/bin/fleetshard-sync
+        args:
+        - '-v=10'
         env:
         - name: OCM_TOKEN
           value: {{ .Values.fleetshardSync.ocmToken }}