From c53a118b32cf9f51a909913dd9eb222500495160 Mon Sep 17 00:00:00 2001 From: Bryan Cox Date: Fri, 5 Jun 2026 15:59:31 -0400 Subject: [PATCH] chore: improve AI skill quality based on review comment analysis Analyzed 78 review comments (62 actionable) from 2025-01-01 to 2026-06-05. Added rules for fleet-wide rollout awareness, unrelated change prohibition, codebase pattern adherence, validation regex correctness, dead code prevention, test coverage requirements, and real-world test fixtures. Signed-off-by: JIRA Agent Commit-Message-Assisted-by: Claude (via Claude Code) --- AGENTS.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/AGENTS.md b/AGENTS.md index fcd98509cac..ca9dff2f6e7 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -191,6 +191,9 @@ This means: - Use `make verify` before submitting PRs to catch formatting/generation issues. - Platform-specific controllers require their respective cloud credentials for testing. - E2E tests need proper cloud infrastructure setup (S3 buckets, DNS zones, etc.). +- **Fleet-wide rollout impact**: Changes to config data, secrets, or any value that feeds into a NodePool config hash will trigger a rollout across **all** HostedClusters. Before adding new data to ignition configs, MachineConfigs, or any resource reconciled into the data plane, check whether the change affects the NodePool config hash (search for `hashStruct` / `configHash`). If it does, the PR **must** pass `e2e-aws-upgrade-hypershift-operator` to prove the rollout is safe. +- **No unrelated changes in PRs**: Do not include cosmetic formatting, whitespace, or import reordering changes in files unrelated to the PR's purpose. Unrelated changes increase review surface and make PRs harder to revert cleanly. If you notice something worth cleaning up, do it in a separate PR. +- **Follow existing codebase patterns**: Before implementing a new approach (e.g., using service-ca operator for TLS), search the codebase for how similar problems are already solved (e.g., `reconcileSelfSignedCA`). HyperShift self-signs certificates — use the existing self-signing pattern instead of relying on external certificate operators. ## Commit Messages @@ -231,4 +234,11 @@ After addressing review feedback, use the `restructure-hypershift-commits` skill - Prefer Gherkin Syntax to define unit test cases, e.g. "When... it should..." - Prefer gomega for unit test assertions +- Do not leave TODO comments in validation regex patterns or CEL rules — resolve them before submitting. Reviewers have blocked PRs for shipping regex patterns with placeholder character classes (e.g., allowing `{` and `}` in UUID fields, or missing anchoring constraints). +- When writing regex for API validation, match the upstream format exactly. For UUIDs, use `[0-9a-f]{8}-...`; for Azure resource names, verify the allowed character set against Azure documentation. Do not over-broaden patterns with catch-all classes like `[a-zA-Z0-9-_().{}]`. +- Do not export functions that are only used in tests. Use unexported helpers or keep them in `_test.go` files. +- Do not leave dead code (functions defined but never called). Remove unused code before submitting. +- Use real-world values in test fixtures when possible (e.g., `quay.io/openshift-release-dev/ocp-release:4.21.10-x86_64` instead of `example.com/image:latest`). Real values catch edge cases that synthetic values miss. +- When adding new exported functions or methods, cover them with unit tests. For controller reconciliation methods, test at minimum: happy path, missing/empty input, disabled capability, and the primary error path. +- When adding test assertions for OwnerReferences, check that they were actually set during reconciliation — not just that the object exists.