feat(rgw/kafka): add mTLS client certificate authentication for Kafka notifications
Add support for mutual TLS (mTLS) client certificate authentication
when publishing bucket notifications to Kafka brokers. RGW can now
present a client certificate and private key to authenticate with
brokers that require ssl.client.auth=required.
Changes:
- Add ssl-certificate-location, ssl-key-location, and ssl-key-password
  topic attributes for configuring client certificates
- Validate that ssl_certificate and ssl_key are provided together
- Include ssl_key_password in connection identity (hash/equality)
- Add kafka-security.sh script for generating broker and client TLS certs
- Add mTLS test (test_notification_kafka_security_ssl_mtls) using
  use_mtls=True flag on the existing SSL security path
- Update RGW notifications documentation with mTLS parameters

Fixes: http://tracker.ceph.com/issues/67427
Signed-off-by: Jan Radon <jan.fabian.radon@sap.com>

Merge pull request #67315 from timqn22/misreporting_count_osd_services

mgr/cephadm: verify spec service_id before applying

Reviewed-by: Kefu Chai <k.chai@proxmox.com>
Reviewed-by: Shweta Bhosale <Shweta.Bhosale1@ibm.com>
Reviewed-by: Adam King <adking@redhat.com>

Merge pull request #66477 from xelexin/fix_cephadm_agent_volume_gatherer

orch/cephadm: Fixes an unlimited env append in cephadm agent

Reviewed-by: Adam King <adking@redhat.com>

Merge pull request #68902 from timqn22/logrotate-list

src/cephadm: added ceph-exporter to post-rotate signal list

Reviewed-by: Redouane Kachach <rkachach@ibm.com>
Reviewed-by: Kefu Chai <k.chai@proxmox.com>

Merge pull request #68915 from kginonredhat/issue-76564-mgr-daemon-ports-list-grows-unbounded-across-redeploys

mgr daemon ports list grows unbounded across redeploys

Reviewed-by: Redouane Kachach <rkachach@ibm.com>

Merge pull request #68976 from kginonredhat/issue-76295-nfs-sample-enable-udp-false

cephadm: disable UDP in samples/nfs.json for test_cephadm Ganesha

Reviewed-by: Redouane Kachach <rkachach@ibm.com>
Reviewed-by: Shweta Bhosale <Shweta.Bhosale1@ibm.com>

Merge pull request #68358 from ronen-fr/wip-rf-notazns

crimson/os/seastore: do not treat non-ZNS devices as errors

Reviewed-by: Matan Breizman <mbreizma@redhat.com>
Reviewed-by: Kefu Chai <k.chai@proxmox.com>

Merge pull request #68948 from ronen-fr/wip-rf-fix-trimsnap

crimson/osd: decouple snap trim initiation from scrub completion

Reviewed-by: Matan Breizman <mbreizma@redhat.com>

Merge pull request #68873 from cbodley/wip-73475

librados/asio: clear cancellation slot in associated executor

Reviewed-by: Adam Emerson <aemerson@redhat.com>
Reviewed-by: Shilpa Jagannath <smanjara@redhat.com>

Merge pull request #68985 from djgalloway/nfs-ganesha-selinux

Revert "Use GANESHA_REPO_BASEURL for NFS-Ganesha on all distros"

Merge pull request #69013 from bluikko/wip-doc-rados-ops-pool-fix-label

doc/rados: move label to right place in pools.rst

Merge pull request #69014 from bluikko/wip-doc-man-cephadm-fix-markup

doc/man: fix broken markup in cephadm.rst

Revert "Use GANESHA_REPO_BASEURL for NFS-Ganesha on all distros"

The ganesha spec file is calling in a system package that is in CentOS 10 Stream but not yet in Rocky/Alma/RHEL/whatever.

This reverts commit 1163bd6b01560bb435821d1ec14b69a5a4f3b0cc.

Fixes: https://tracker.ceph.com/issues/76681
Signed-off-by: David Galloway <david.galloway@ibm.com>

Merge PR #68907 into main

* refs/pull/68907/head:
qa: ignore pg stuck peering

Reviewed-by: Yuri Weinstein <yweins@redhat.com>

Merge PR #68896 into main

* refs/pull/68896/head:
qa: ignore cephadm failed daemon warnings during thrashing

Reviewed-by: Yuri Weinstein <yweins@redhat.com>

Merge PR #68998 into main

* refs/pull/68998/head:
.github/workflows/releng-audit: update python to 3.12
.github/workflows/releng-audit: update workflows

Reviewed-by: Yuri Weinstein <yweins@redhat.com>

Merge PR #68893 into main

* refs/pull/68893/head:
qa: ignore expected OSD_ROOT_DOWN
qa: ignore fs offline warning
qa: add MDS_INSUFFICIENT_STANDBY to ignorelist
qa/suites/upgrade: use common ignorelist

Reviewed-by: Laura Flores <lflores@redhat.com>

Merge PR #68897 into main

* refs/pull/68897/head:
qa/suites/upgrade: ignore undersized PG during stress splits

Reviewed-by: Laura Flores <lflores@redhat.com>

Merge PR #69004 into main

* refs/pull/69004/head:
script/ptl-tool: allow automatic links for commit sha

Reviewed-by: Yuri Weinstein <yweins@redhat.com>

Merge pull request #68962 from afreen23/remove-fa

mgr/dashboard: Remove font awesome icon package

Reviewed-by: Nizamudeen A <nia@redhat.com>

Merge pull request #68796 from ronen-fr/wip-rf-snapreset-crimson

Crimson/osd/snap-mapper: flush pending writes on pg interval change

Reviewed-by: Xuehan Xu <xuxuehan@qianxin.com>
Reviewed-by: Aishwarya Mathuria <amathuri@redhat.com>
Reviewed-by: Matan Breizman <mbreizma@redhat.com>

Merge pull request #68880 from ronen-fr/wip-rf-asokassert-crimson

crimson/osd,qa: support and test the 'assert' ASOK command

Reviewed-by: Matan Breizman <mbreizma@redhat.com>

Merge pull request #67010 from bluikko/wip-doc-radosgw-ref-links-split5

doc/radosgw: change all intra-docs links to use ref (6 of 6)

Merge pull request #67008 from bluikko/wip-doc-radosgw-ref-links-split3

doc/radosgw: change all intra-docs links to use ref (4 of 6)

Merge pull request #68991 from bill-scales/dev_doc_index

doc/dev/internals: Improve Ceph Internals TOC

Reviewed-by: Ville Ojamo <git2233+ceph@ojamo.eu>
Reviewed-by: Anthony D Atri <anthony.datri@gmail.com>

Merge pull request #68728 from Hezko/bugfix-14187

mgr/dashboard: raise an error when invalid server-address was provided

doc/man: fix broken markup in cephadm.rst

Signed-off-by: Ville Ojamo <git2233+ceph@ojamo.eu>

doc/rados: move label to right place in pools.rst

The label is named setting and not unsetting, so move it from the
unsetting section to the setting section.
The label is used only once and the context in which it is used is also
more fitting for the setting section.

Signed-off-by: Ville Ojamo <git2233+ceph@ojamo.eu>

Merge pull request #67700 from mheler/wip-lc-versioned-deletes

rgw: group lifecycle versioned deletes to reduce OLH contention

Merge pull request #68575 from benhanokh/dedup_filter_buckets_and_sc

rgw/dedup: add --allow/deny lists for bucket/storage-class

Merge pull request #65611 from NitzanMordhai/wip-nitzan-autotune-mgr-stats-period

mgr/DaemonServer: auto-tune stats period when message queue gets backed up

Reviewed-by: Sridhar Seshasayee <sridhar.seshasayee@ibm.com>

crimson/osd: decouple snap trim initiation from scrub completion

Add SnapTrimInitiate operation so kick_snap_trim() no longer calls
on_active_actmap() inline during scrub completion, which nested
conflicting with_interruption contexts and hit an assertion.

Fixes: https://tracker.ceph.com/issues/76550
Signed-off-by: Ronen Friedman <rfriedma@redhat.com>

Merge PR #68987 into main

* refs/pull/68987/head:
script/ptl-tool: use provided base even in conflict

Reviewed-by: Yuri Weinstein <yweins@redhat.com>

Merge pull request #68810 from tchaikov/doc-min-compat-client-kernel

doc/rados: add kernel client notes to require_min_compat_client

Reviewed-by: Anthony D Atri <anthony.datri@gmail.com>

Merge pull request #68997 from tchaikov/wip-debian-strip-osd

debian/rules: strip ceph-osd-classic and ceph-osd-crimson

Reviewed-by: Casey Bodley <cbodley@redhat.com>

Merge pull request #68966 from anthonyeleven/nobuild

doc/start: Clarify doc building and begin list of conventions

script/ptl-tool: allow automatic links for commit sha

Wrapping in backticks renders it as teletype text and prevents Github
from automatically generating links to the commits.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>

Merge pull request #68799 from tchaikov/debian-cephfs-top-manpage

debian: package manpage for cephfs-top

Reviewed-by: John Mulligan <jmulligan@redhat.com>

mgr/DaemonServer: auto-tune stats period when message queue gets backed up

The mgr can get overwhelmed when there's a lot of cluster activity and
daemons are sending stats reports faster than we can process them.
This commit adds logic to monitor the messenger queue depth and bump
up mgr_stats_period when things get congested. This reduces the
frequency of daemon stat reports, allowing the mgr to process existing
reports without being overwhelmed by new ones. The period automatically
scales back down when the queue clears up.

Added mgr_stats_period_autotune (on by default) and a queue threshold
setting. Recovery happens automatically when the queue clears up.
Max period is capped at 60 seconds to prevent excessive stat delays.

Fixes: https://tracker.ceph.com/issues/73151
Signed-off-by: Nitzan Mordechai <nmordech@ibm.com>

.github/workflows/releng-audit: update python to 3.12

py3.10 is EOL this year.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>

.github/workflows/releng-audit: update workflows

To avoid this warning:

> Warning: Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/checkout@v3, actions/setup-python@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>

Merge pull request #68137 from lumir-sliva/fix/rgw-replication-duplicate-arn

rgw: avoid doubled ARN in GetBucketReplication for pre-existing data

Reviewed-by: Casey Bodley <cbodley@redhat.com>

debian/rules: strip ceph-osd-classic and ceph-osd-crimson

override_dh_strip enumerates each binary package explicitly. It was not
updated when ceph-osd was split into the ceph-osd-classic and
ceph-osd-crimson implementation packages, so the OSD binaries in those
two packages are shipped unstripped (ceph-osd-crimson installs at ~4.6
GiB) and their -dbg packages are left empty.

Add the missing dh_strip invocations so the OSD binaries are stripped
and their debug symbols land in the corresponding -dbg packages, as is
already done for every other binary package.

Fixes: a37b5b5bde8c
Signed-off-by: Kefu Chai <k.chai@proxmox.com>

mgr/dashboard: fix remaining FA icon references and test failures

- Fix icon size mismatches and HTML lint errors
- Fix remaining FA icon references in tests
- Replace FA icons with Carbon in upgrade component:
  use cds-inline-loading for spinners, cd-icon for status icons
- Update test selectors for Carbon icon queries

Fixes: https://tracker.ceph.com/issues/76631
Signed-off-by: Afreen Misbah <afreen23@gmail.com>
Assisted-by: Claude

mgr/dashboard: fix filter icon alignment in table toolbar

Replace Bootstrap inline styles with proper CSS class for filter
icon and select dropdowns alignment. Created filter-wrapper class
to properly align filter icon with select elements using flexbox.

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631

mgr/dashboard: fix missing loader and zone group icon

- Add state="active" to cds-inline-loading in card-row component
  to properly show loading spinner for table row actions
- Replace parentChild icon with clusterIcon (web-services--cluster)
  for zone group representation in RGW multisite
- Remove parentChild from Icons enum and replace with
  WebServicesCluster in components.module.ts
- Import ComponentsModule in rgw.module.ts for cd-icon support

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631

mgr/dashboard: update health-icon pipe tests for Carbon icons

Update test expectations to match Carbon icon names instead of
fork-awesome class names:
- 'fa fa-check-circle' -> 'success'
- 'fa fa-exclamation-triangle' -> 'warningAltFilled'
- 'fa fa-exclamation-circle' -> 'error'

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631

mgr/dashboard: replace icons.spin with Carbon loading components

Replace fork-awesome spinner classes with appropriate Carbon loading components:

- cds-inline-loading: for inline spinners (action feedback, status updates)
  * table row actions (executing/removing)
  * upgrade status text/buttons
  * loading panel alerts

- cds-loading size="sm": for section data loading
  * tree view loading (crushmap, multisite-details, cephfs-directories)
  * progress component operations

- cds-loading size="lg": for dashboard/overview loading
  * rgw-overview-dashboard cards
  * multi-cluster overview

Added LoadingModule and InlineLoadingModule imports to:
- block.module.ts
- cephfs.module.ts
- cluster.module.ts
(rgw.module.ts and components.module.ts already had them)

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631

mgr/dashboard: replace fork-awesome size classes with Carbon sizes

Replace icons.large/large2x/large3x with Carbon icon sizes:
- icons.large -> icons.size24
- icons.large2x -> icons.size32
- icons.large3x -> icons.size32

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631
 Conflicts:
src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-overview-dashboard/rgw-overview-dashboard.component.html
     - rebase conflicts

mgr/dashboard: remove fork-awesome package dependency

- Remove fork-awesome 1.2.0 from dependencies
- Update package-lock.json accordingly

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631

mgr/dashboard: remove font awesome references

- Remove .fa and .fa-* class styles from component SCSS files
- Remove FA icon spacing rules from global styles
- Clean up .fa-stack styles (FA stacking feature)
- Remove FA-specific color styles
- Remove FA icons

Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude
Fixes: https://tracker.ceph.com/issues/76631

Merge pull request #68986 from rhcs-dashboard/carbonize-rgw-dash

mgr/dashboard: carbonize RGW overview dashboard

Reviewed-by: Nizamudeen A <nia@redhat.com>

doc/dev/internals: Improve Ceph Internals TOC

The Ceph internals section of the docs is a bit of a mess
as far as the table of contents is concerned. This commit
tries to add a bit more structure grouping topics by
area and trying to arrange them in a more logical order.

Signed-off-by: Bill Scales <bill_scales@uk.ibm.com>

Merge PR #68816 into main

* refs/pull/68816/head:
common/admin_socket: use POSIX timer for delayed signal delivery

Reviewed-by: Patrick Donnelly <pdonnell@ibm.com>
Reviewed-by: Venky Shankar <vshankar@redhat.com>

Merge PR #68560 into main

* refs/pull/68560/head:
test/mds: fix flaky RepeatedQuiesceAwait

Reviewed-by: Patrick Donnelly <pdonnell@ibm.com>

Merge pull request #68988 from rhcs-dashboard/fix-tag-color-table

mgr/dashboard: fix tag colors not applied in table cells

Reviewed-by: Nizamudeen A <nia@redhat.com>

Merge pull request #68478 from mheler/wip-bug-75958

rgw/gc: mark rgw_gc_max_objs as startup-only

Merge pull request #68213 from lumir-sliva/fix/mgr-perf-schema-empty-counters

mgr: guard close_section calls in get_perf_schema_python

mgr/dashboard: carbonize RGW overview dashboard

Fixes: https://tracker.ceph.com/issues/76684
Signed-off-by: Afreen Misbah <afreen23.git@gmail.com>
Assisted-by: Claude

Merge pull request #67763 from kamoltat/wip-ksirivad-fix-cmpiler-warn

src/msg/async/Event: collect and ignore return value for read()

Merge pull request #68952 from rhcs-dashboard/remove-ng-click-outside

mgr/dashboard: Remove `ng-click-outside` and `ngx-toast`

Reviewed-by: Nizamudeen A <nia@redhat.com>

Merge pull request #68872 from ceph/kchheda3-fix-build-break

osd/test: Fix build breakage when WITH_EC_ISA_PLUGIN is OFF

Reviewed-by: Alex Ainscow <aainscow@uk.ibm.com>
Reviewed-by: Kefu Chai <k.chai@proxmox.com>

rgw/dedup: dedup-filter - add empty-file validation, fix dump default param, fix typos

Signed-off-by: Gabriel BenHanokh <gbenhano@redhat.com>

Merge pull request #68946 from tchaikov/wip-doc-vstart

doc/dev: refresh vstart.sh options in dev_cluster_deployment

Reviewed-by: Vikhyat Umrao <vikhyat@ibm.com>

Merge pull request #68758 from tchaikov/cmake-build-isal-lib

cmake/BuildISAL: build and install library targets only

Reviewed-by: Jamie Pryde <jamiepry@uk.ibm.com>

mgr/dashboard: fix tag colors not applied in table cells

Regression from 15ca5d7ab9c.

Changed class to ngClass due to same attribute linter error.
This caused color classes to be overwritten  by carbon classes.

Fixes: https://tracker.ceph.com/issues/76685
Signed-off-by: Afreen Misbah <afreen@ibm.com>
Assisted-by: Claude

script/ptl-tool: use provided base even in conflict

It is sometimes useful to base off a local branch instead of a common
branch.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>

Merge pull request #68178 from rhcs-dashboard/start-with-libvirt-group

mgr/dashboard: run kcli commands in libvritd group

Reviewed-by: Afreen Misbah <afreen@ibm.com>

doc/start: Clarify doc building and begin list of conventions

Signed-off-by: Anthony D'Atri <anthonyeleven@users.noreply.github.com>

mgr/dashboard: fix build and test failures from ngx-toastr removal

Assisted-by: Claude
Signed-off-by: Afreen Misbah <afreen@ibm.com>

rgw/dedup: fix negative errno codes in filter and radosgw-admin

Signed-off-by: benhanokh <gbenhano@redhat.com>

rgw/dedup: add --allow/deny-bucket-list and --allow/deny-storage-class-list to dedup commands
Resolves: bz#2413730
Signed-off-by: Gabriel BenHanokh <gbenhano@redhat.com>

librados/asio: clear cancellation slot in associated executor

the librados callback function `AsyncOp::aio_dispatch()` runs on
Objecter's finisher strand executor, and dispatches the completion
handler to its associated executor

asio cancellation is not thread-safe, so should be synchronized on that
associated executor. move the call to `slot.clear()` from that librados
callback into the AsyncHandler wrapper so it doesn't run until we've
switched to the correct executor

because our `op_cancellation` handler depends on an `AioCompletion`
pointer, we have to clear the cancellation slot before that
`AioCompletion` lifetime ends

Fixes: https://tracker.ceph.com/issues/73475
Signed-off-by: Casey Bodley <cbodley@redhat.com>

librados/asio: extend lifetime of AioCompletion

pass the unique_aio_completion_ptr into a wrapped completion handler to
extend its lifetime past the end of the AsyncOp::aio_dispatch() callback

Signed-off-by: Casey Bodley <cbodley@redhat.com>

Merge pull request #68967 from rhcs-dashboard/remove-mirroing

mgr/dashboard: Remove cephfs mirroring navigation from Umbrella

Reviewed-by: Afreen Misbah <afreen@ibm.com>
Reviewed-by: Nizamudeen A <nia@redhat.com>

Merge pull request #68970 from rhcs-dashboard/nfs-terminology

mgr/dashboard: NFS enhancements - terminology alignment

Reviewed-by: Afreen Misbah <afreen@ibm.com>

Merge pull request #68782 from smanjara/wip-fix-frontend-exception

rgw: catch exception from abort_early() on client disconnect

mgr/dashboard: Remove `ng-click-outside` and `ngx-toastr`package

Fixes https://tracker.ceph.com/issues/70934
Fixes https://tracker.ceph.com/issues/76631

Signed-off-by: Afreen Misbah <afreen@ibm.com>

Merge pull request #68685 from perezjosibm/wip-perezjos-doc-crimson-dev

doc: crimson/dev - add a vstart.sh example using SeaStore options, minor formatting fixes

Merge pull request #68891 from rhcs-dashboard/carbonize-cluster-wide-osd-flags-modal

mgr/dashboard: Carbonize cluster-wide OSD flags modal

Reviewed-by: Afreen Misbah <afreen@ibm.com>
Reviewed-by: pujaoshahu <pshahu@redhat.com>

Merge pull request #68971 from rhcs-dashboard/carbonize-upgrade

Carbonize upgrade page

Reviewed-by: Devika Babrekar <devika.babrekar@ibm.com>

doc:crimson-dev: add RANDOM_BLOCK_SSD usage example, fix indentation

Signed-off-by: Jose J Palacios-Perez <perezjos@uk.ibm.com>

Merge PR #68937 into main

* refs/pull/68937/head:
.github/workflows/releng-audit: group events to serialize executions
.github/workflows/releng-audit: remove override on reopen
.github/workflows/releng-audit: refactor auth check to function

Reviewed-by: Yuri Weinstein <yweins@redhat.com>

cephadm: disable UDP in samples/nfs.json for test_cephadm Ganesha
test_cephadm.sh deploys NFS through cephadm _orch deploy using
src/cephadm/samples/nfs.json. That sample is separate from the mgr
ganesha.conf.j2 template, which already sets Enable_UDP = false.
Without that setting, Ganesha on Rocky 10 (ceph-ci image) fails during
startup with "Cannot register NFS V3 on UDP", so test_cephadm.sh never
sees ganesha.nfsd listening on port 2049.
Add Protocols = 3, 4 and Enable_UDP = false to NFS_CORE_PARAM so the
sample matches the orchestrator defaults.
Fixes: https://tracker.ceph.com/issues/76295
Signed-off-by: Kobi Ginon <kginon@redhat.com>

Merge pull request #68868 from rhcs-dashboard/fix-edit

mgr/dashboard: Fix edit and delete access for pool-manager role

Reviewed-by: Abhishek Desai <abhishek.desai1@ibm.com>

Merge pull request #68951 from rhcs-dashboard/revert-nx

Revert: mgr/dashboard: reverting the nx tool changes

Reviewed-by: Nizamudeen A <nia@redhat.com>

mgr/dashboard: Remove cephfs mirroring navigation from Umbrella

Fixes: https://tracker.ceph.com/issues/76649
Signed-off-by: Dnyaneshwari Talwekar <dtalweka@redhat.com>

Merge pull request #67547 from mheler/wip-list-restorestatus

rgw: add RestoreStatus support to object listings

mgr/dashboard: fix logs e2e tests after carbonization

Update e2e test selectors to match the new Carbon component structure.
The .card-body and .message classes were replaced with .log-viewer
and .log-entry__message after carbonizing the logs component.

Assisted-by: Claude
Signed-off-by: Afreen Misbah <afreen@ibm.com>

Merge pull request #68953 from rhcs-dashboard/linter-modernization-research

mgr/dashboard: Replace htmllint with Prettier for HTML linting

Reviewed-by: Nizamudeen A <nia@redhat.com>

Revert "mgr/dashboard: set up dashboard as a app shell"

Fixes https://tracker.ceph.com/issues/74006

This reverts commit a0dd52fe100932922ceab9277490bfa2f8631431.

 Conflicts:
src/pybind/mgr/dashboard/frontend/module-federation.config.ts
src/pybind/mgr/dashboard/frontend/package-lock.json
src/pybind/mgr/dashboard/frontend/package.json
src/pybind/mgr/dashboard/frontend/project.json

Signed-off-by: Afreen Misbah <afreen@ibm.com>

Revert " mgr/dashboard: add rollup as optional deps"

This reverts commit 6f14d6f25f06ed3d78a4c603e1ad9f10fc9c17d8.

 Conflicts:
src/pybind/mgr/dashboard/frontend/package-lock.json
src/pybind/mgr/dashboard/frontend/package.json

Signed-off-by: Afreen Misbah <afreen@ibm.com>

mgr/dashboard: remove unused upgradable component

The upgradable component is no longer used after converting
the upgrade page to use Carbon tiles directly.

Assisted-by: Claude
Signed-off-by: Afreen Misbah <afreenmisbah@ibm.com>

mgr/dashboard: carbonize logs component

Fixes https://tracker.ceph.com/issues/68260

Assisted-by: Claude
Signed-off-by: Afreen Misbah <afreenmisbah@ibm.com>

mgr/dashboard: Carbonize upgrade page

- Made cluster status clickable to navigate to overview when not HEALTH_OK
- Replaced Bootstrap classes with Carbon design tokens
- Updated upgrade.component.scss to use CSS custom properties

Assisted-by: Claude
Signed-off-by: Afreen Misbah <afreenmisbah@ibm.com>

Merge pull request #66908 from rkachach/fix_nvmeof_dashboard_interface

mgr/cephadm: Add a new cephadm's API to get nvmeof TLS bundle

Reviewed-by: Nizamudeen A <nia@redhat.com>
Reviewed-by: Adam King <adking@redhat.com>

mgr/dashboard: NFS enhancements - terminology alignment

Fixes: https://tracker.ceph.com/issues/76655
Signed-off-by: Dnyaneshwari Talwekar <dtalweka@redhat.com>

Merge pull request #68686 from rishabh-d-dave/fs-scrub-set-flag-for-dirfrags

mds/ScrubStack: set added_children to true for dirfrags too

Reviewed-by: Venky Shankar <vshankar@redhat.com>

Merge pull request #67752 from supriti/wip-s3-policy-keystone-role

rgw: Inject keystone roles into IAM policy

Merge pull request #68740 from smanjara/wip-fix-multi-delete-crash

rgw: remove redundant close_section() call in RGWDeleteMultiObj end_response()