33 changed files with 22 additions and 4 deletions
--- a/.cloud-init.metadata
+++ b/.cloud-init.metadata
@ -1 +0,0 @@
-e73116733f5636eb4bc1a5e47e802c3635b9bfa2 SOURCES/23.4.tar.gz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,5 @@
-SOURCES/23.4.tar.gz
+SOURCES/cloud-init-22.1.tar.gz
+/cloud-init-22.1.tar.gz
+/cloud-init-23.1.1.tar.gz
+/*.tar.gz
+/*.rpm
--- a/SOURCES/0003-Do-not-write-NM_CONTROLLED-no-in-generated-interface.patch
+++ b/SOURCES/0003-Do-not-write-NM_CONTROLLED-no-in-generated-interface.patch
--- a/SOURCES/0004-include-NOZEROCONF-yes-in-etc-sysconfig-network.patch
+++ b/SOURCES/0004-include-NOZEROCONF-yes-in-etc-sysconfig-network.patch
--- a/SOURCES/0005-settings.py-update-settings-for-rhel.patch
+++ b/SOURCES/0005-settings.py-update-settings-for-rhel.patch
--- a/SOURCES/0013-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
+++ b/SOURCES/0013-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
--- a/SOURCES/ci-Retain-exit-code-in-cloud-init-status-for-recoverabl.patch
+++ b/SOURCES/ci-Retain-exit-code-in-cloud-init-status-for-recoverabl.patch
--- a/SOURCES/ci-Revert-Use-grep-for-faster-parsing-of-cloud-config-i.patch
+++ b/SOURCES/ci-Revert-Use-grep-for-faster-parsing-of-cloud-config-i.patch
--- a/SOURCES/ci-Revert-systemd-Standardize-cloud-init-systemd-enable.patch
+++ b/SOURCES/ci-Revert-systemd-Standardize-cloud-init-systemd-enable.patch
--- a/SOURCES/ci-ci-Pin-pytest-8.0.0.-4816.patch
+++ b/SOURCES/ci-ci-Pin-pytest-8.0.0.-4816.patch
--- a/SOURCES/ci-feat-apply-global-DNS-to-interfaces-in-network-manag.patch
+++ b/SOURCES/ci-feat-apply-global-DNS-to-interfaces-in-network-manag.patch
--- a/SOURCES/ci-feat-sysconfig-Add-DNS-from-interface-config-to-reso.patch
+++ b/SOURCES/ci-feat-sysconfig-Add-DNS-from-interface-config-to-reso.patch
--- a/SOURCES/ci-fix-Add-subnet-ipv4-ipv6-to-network-schema-5191.patch
+++ b/SOURCES/ci-fix-Add-subnet-ipv4-ipv6-to-network-schema-5191.patch
--- a/SOURCES/ci-fix-Add-types-to-network-v1-schema-4841.patch
+++ b/SOURCES/ci-fix-Add-types-to-network-v1-schema-4841.patch
--- a/SOURCES/ci-fix-Always-use-single-datasource-if-specified-5098.patch
+++ b/SOURCES/ci-fix-Always-use-single-datasource-if-specified-5098.patch
--- a/SOURCES/ci-fix-Clean-cache-if-no-datasource-fallback-5499.patch
+++ b/SOURCES/ci-fix-Clean-cache-if-no-datasource-fallback-5499.patch
--- a/SOURCES/ci-fix-Correct-v2-NetworkManager-route-rendering-4637.patch
+++ b/SOURCES/ci-fix-Correct-v2-NetworkManager-route-rendering-4637.patch
--- a/SOURCES/ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch
+++ b/SOURCES/ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch
--- a/SOURCES/ci-fix-Fall-back-to-cached-local-ds-if-no-valid-ds-foun.patch
+++ b/SOURCES/ci-fix-Fall-back-to-cached-local-ds-if-no-valid-ds-foun.patch
--- a/SOURCES/ci-fix-Undeprecate-network-in-schema-route-definition-5.patch
+++ b/SOURCES/ci-fix-Undeprecate-network-in-schema-route-definition-5.patch
--- a/SOURCES/ci-fix-clean-stop-warning-when-running-clean-command-47.patch
+++ b/SOURCES/ci-fix-clean-stop-warning-when-running-clean-command-47.patch
--- a/SOURCES/ci-fix-cloudstack-Use-parsed-lease-file-for-virtual-rou.patch
+++ b/SOURCES/ci-fix-cloudstack-Use-parsed-lease-file-for-virtual-rou.patch
--- a/SOURCES/ci-fix-python3.13-Fix-import-error-for-passlib-on-Pytho.patch
+++ b/SOURCES/ci-fix-python3.13-Fix-import-error-for-passlib-on-Pytho.patch
--- a/SOURCES/ci-fix-rh_subscription-add-string-type-to-org-5453.patch
+++ b/SOURCES/ci-fix-rh_subscription-add-string-type-to-org-5453.patch
--- a/SOURCES/ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch
+++ b/SOURCES/ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch
--- a/SOURCES/ci-net-allow-dhcp6-configuration-from-generate_fallback.patch
+++ b/SOURCES/ci-net-allow-dhcp6-configuration-from-generate_fallback.patch
--- a/SOURCES/ci-net-network_manager-do-not-set-may-fail-to-False-for.patch
+++ b/SOURCES/ci-net-network_manager-do-not-set-may-fail-to-False-for.patch
--- a/SOURCES/ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch
+++ b/SOURCES/ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch
--- a/SOURCES/ci-test-jsonschema-Pin-jsonschema-version-4781.patch
+++ b/SOURCES/ci-test-jsonschema-Pin-jsonschema-version-4781.patch
--- a/SOURCES/cloud-init-tmpfiles.conf
+++ b/SOURCES/cloud-init-tmpfiles.conf
--- a/SPECS/cloud-init.spec
+++ b/SPECS/cloud-init.spec
@ -6,7 +6,7 @@

 Name:           cloud-init
 Version:        23.4
-Release:        7%{?dist}.10
+Release:        7%{?dist}.11
 Summary:        Cloud instance init scripts

 Group:          System Environment/Base
@ -253,6 +253,7 @@ fi
 %doc               %{_sysconfdir}/cloud/cloud.cfg.d/README
 %dir               %{_sysconfdir}/cloud/templates
 %config(noreplace) %{_sysconfdir}/cloud/templates/*
+%config(noreplace) %{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf
 %{_unitdir}/cloud-config.service
 %{_unitdir}/cloud-config.target
 %{_unitdir}/cloud-final.service
@ -273,13 +274,17 @@ fi
 %{_datadir}/bash-completion/completions/cloud-init
 %{_bindir}/cloud-id
 /usr/lib/systemd/system-generators/cloud-init-generator
-%{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf


 %dir %{_sysconfdir}/rsyslog.d
 %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf

 %changelog
+* Mon Dec 15 2025 Jon Maloy <jmaloy@redhat.com> - 23.4-7.el8.11
+- ci-do-not-overwrite-local-changes-in-disable-sshd-keyge.patch [RHEL-128877]
+- Resolves: RHEL-128877
+  ([rhel-8.10] cloud-init upgrade is overwriting modifications in disable-sshd-keygen-if-cloud-init-active.conf)
+
 * Mon Jul 14 2025 Miroslav Rezanina <mrezanin@redhat.com> - 23.4-7.el8.10
 - ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch [RHEL-100606]
 - ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch [RHEL-100606]
--- a/gating.yaml
+++ b/gating.yaml
@ -0,0 +1,9 @@
+--- !Policy
+product_versions:
+    - rhel-8
+decision_context: osci_compose_gate
+rules:
+    - !PassingTestCaseRule {test_case_name: 3rd-azure-ci.brew-build.tier1.functional}
+    - !PassingTestCaseRule {test_case_name: 3rd-esxi-x86_64.brew-build.tier1.functional}
+    - !PassingTestCaseRule {test_case_name: s1-aws-ci.brew-build.tier1.functional}
+    - !PassingTestCaseRule {test_case_name: 3rd-openstack-cloudinit-ci.brew-build.tier1.functional}
--- a/1
+++ b/1
@ -0,0 +1 @@
+SHA512 (23.4.tar.gz) = e425a957cb38f2be2fcb83693696d0177ad84150f8a55759226d8696344ddd75e33e23a7230c492087784ef96ddd71305bc3462479e2c1a3ed0e704ac0f2d879
				`@ -1 +0,0 @@`
				`e73116733f5636eb4bc1a5e47e802c3635b9bfa2 SOURCES/23.4.tar.gz`
				`@ -0,0 +1 @@`
				`SHA512 (23.4.tar.gz) = e425a957cb38f2be2fcb83693696d0177ad84150f8a55759226d8696344ddd75e33e23a7230c492087784ef96ddd71305bc3462479e2c1a3ed0e704ac0f2d879`