accept risks e2e becomes blocking

[hongkailiu]

As June 4, 2026, the passing rate in Sippy is

The failure looks similar to this one:

started: 1/34/46 "[sig-cli][OCPFeatureGate:ClusterUpdateAcceptRisks] oc can operate accept risks [Serial]"

Running 'oc --kubeconfig=/tmp/kubeconfig-4043812754 get configmap microshift-version -n kube-public -o jsonpath={.data.version}'
ERROR: Command failed with error: exit status 1
Output: Error from server (NotFound): configmaps "microshift-version" not found

  [FAILED] in [BeforeEach] - /go/src/github.com/openshift/oc/test/e2e/accept.go:39 @ 06/04/26 06:13:14.427
  [FAILED] in [AfterEach] - /go/src/github.com/openshift/oc/test/e2e/accept.go:57 @ 06/04/26 06:13:14.53

fail [github.com/openshift/oc/test/e2e/accept.go:39]: Expected
    <[]v1.AcceptRisk | len:1, cap:1>: [
        {
            Name: "TestAlertFeatureE2ETestOTA1813",
        },
    ]
to be empty
failed: (400ms) 2026-06-04T06:13:14 "[sig-cli][OCPFeatureGate:ClusterUpdateAcceptRisks] oc can operate accept risks [Serial]"

It is because the cleanup in the previous test cases failed

started: 0/1/46 "[Jira:\"Cluster Version Operator\"] cluster-version-operator should work with risks from alerts"

  STEP: Using fauxinnati as the upstream and its simple channel @ 06/04/26 05:38:40.344
  STEP: Create a critical alert for testing @ 06/04/26 05:38:40.387
  STEP: Checking if the risk shows up in ClusterVersion's status @ 06/04/26 05:38:40.443
  STEP: Checking that no updates is recommended if alert is firing @ 06/04/26 05:39:10.474
  STEP: Checking that there are recommended conditional updates promoted to available updates after the risk from alert is accepted @ 06/04/26 05:39:10.508
  STEP: Checking that there are no duplicated versions in conditional updates @ 06/04/26 05:39:40.642
  STEP: Checking that there are no duplicated versions in available updates @ 06/04/26 05:39:40.671
  STEP: Checking that there are no recommended conditional updates after the alert is resolved @ 06/04/26 05:39:40.673
  STEP: Checking that there are available updates after the alert is resolved @ 06/04/26 05:40:40.737
  [FAILED] in [AfterEach] - /go/src/github.com/openshift/cluster-version-operator/test/cvo/accept_risks.go:79 @ 06/04/26 05:40:40.824

fail [github.com/openshift/cluster-version-operator/test/cvo/accept_risks.go:79]: Unexpected error:
    <*errors.StatusError | 0xc0004d0c80>: 
    Operation cannot be fulfilled on clusterversions.config.openshift.io "version": the object has been modified; please apply your changes to the latest version and try again
    {
        ErrStatus: {
            TypeMeta: {Kind: "", APIVersion: ""},
            ListMeta: {
                SelfLink: "",
                ResourceVersion: "",
                Continue: "",
                RemainingItemCount: nil,
            },
            Status: "Failure",
            Message: "Operation cannot be fulfilled on clusterversions.config.openshift.io \"version\": the object has been modified; please apply your changes to the latest version and try again",
            Reason: "Conflict",
            Details: {
                Name: "version",
                Group: "config.openshift.io",
                Kind: "clusterversions",
                UID: "",
                Causes: nil,
                RetryAfterSeconds: 0,
            },
            Code: 409,
        },
    }
occurred
failed: (2m1s) 2026-06-04T05:40:40 "[Jira:\"Cluster Version Operator\"] cluster-version-operator should work with risks from alerts"

We hope that openshift/cluster-version-operator#1399 will help. Let us review the stats again after a while.

/hold

Summary by CodeRabbit

• Tests

  • Simplified test configuration for cluster update acceptance test case by removing unused options and cleaning up redundant imports.

• Chores

  • Removed unused dependencies from test files.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: d6971727-4180-49bf-acd9-f1f5c8d6d543

📥 Commits

Reviewing files that changed from the base of the PR and between 9557cf3 and ba02b6e.

📒 Files selected for processing (1)

• test/e2e/accept.go

---

Walkthrough

The PR removes the oteginkgo.Informing() option from a test case definition and removes the corresponding unused import from test/e2e/accept.go.

Changes

Test case cleanup

Layer / File(s)	Summary
Remove unused Informing option and import test/e2e/accept.go	Removed oteginkgo import and updated the [sig-cli][OCPFeatureGate:ClusterUpdateAcceptRisks] serial tech-preview test case to remove the oteginkgo.Informing() option.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

---

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error, 1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Container-Privileges	❌ Error	PR adds pod templates with privileged: true and hostPID: true in copytonode and restartkubelet admin utilities for justified host-level operations.	Review and document justification for privileged pods, or refactor to use non-privileged alternatives if possible; ensure proper RBAC/access controls limit usage to administrators.
Test Structure And Quality	⚠️ Warning	The verifyAcceptRisks() helper function has 3 assertions without meaningful failure messages (lines 92-94), violating requirement 4. This reduces debuggability when tests fail.	Add meaningful error messages to the 3 assertions in verifyAcceptRisks(): 'o.Expect(err).NotTo(o.HaveOccurred(), "failed to get ClusterVersion")' and similar for other assertions.
Title check	❓ Inconclusive	The title 'accept risks e2e becomes blocking' is vague and does not clearly reflect the actual change, which is removing the Informing() option from a test case.	The title should be more specific about what 'becomes blocking' means. Consider clarifying whether it refers to making the test blocking, changing test behavior, or something else.

✅ Passed checks (12 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	Test names in test/e2e/accept.go are stable and deterministic with no dynamic elements, generated identifiers, or variable substitution.
Microshift Test Compatibility	✅ Passed	Test uses ClusterVersion API (unavailable on MicroShift) but is protected by skipIfMicroShift() in BeforeEach, which detects MicroShift and calls g.Skip().
Single Node Openshift (Sno) Test Compatibility	✅ Passed	Test is a cluster-wide configuration API test (ClusterVersion) with no multi-node assumptions, node topology queries, pod scheduling, or HA failover requirements. Works on SNO.
Topology-Aware Scheduling Compatibility	✅ Passed	PR adds only a test file (test/e2e/accept.go) with no deployment manifests, operator code, or scheduling constraints. The check applies only to production code changes.
Ote Binary Stdout Contract	✅ Passed	PR removes oteginkgo.Informing() label from test definition. No process-level stdout writes found; file lacks main(), TestMain(), or stdout-emitting code.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	Test contains no IPv4 assumptions (no hardcoded addresses/CIDRs/parsing) and no external connectivity requirements; uses only cluster-internal Kubernetes APIs.
No-Weak-Crypto	✅ Passed	File test/e2e/accept.go contains no weak crypto algorithms, custom crypto implementations, or non-constant-time secret comparisons. It is purely an E2E test orchestration file.
No-Sensitive-Data-In-Logs	✅ Passed	New file test/e2e/accept.go contains only test infrastructure code with public test data (RiskA, RiskB, RiskD); no passwords, tokens, API keys, PII, session IDs, or credentials are logged.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: hongkailiu
Once this PR has been reviewed and has the lgtm label, please assign ardaguclu for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[hongkailiu]

/test e2e-agnostic-ovn-cmd

[openshift-ci]

@hongkailiu: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.