Skip to content

NO-JIRA: Sync downstream#155

Merged
matzew merged 4 commits intoopenshift:mainfrom
swghosh:openshift-main
Feb 23, 2026
Merged

NO-JIRA: Sync downstream#155
matzew merged 4 commits intoopenshift:mainfrom
swghosh:openshift-main

Conversation

@swghosh
Copy link
Member

@swghosh swghosh commented Feb 23, 2026
edited
Loading

Sync with upstream containers@9a33b10 and i.e. pull in containers#764.

Adding this PR as #51 depends on the func CanI(..) that was added recently upstream.

manusa and others added 4 commits February 19, 2026 13:48
@manusa
feat(logging): centralize K8s error logging in MCP tool handler (cont…
3f3dee4 
…ainers#792)

* feat(logging): centralize K8s error logging in MCP tool handler

Move HandleK8sError calls from individual tool handlers to the central
ServerToolToGoSdkTool dispatch point in gosdk.go. This eliminates
duplicated logging across ~20 call sites and ensures consistent error
categorization for all tools automatically.

Add errors.As guard in HandleK8sError fallback to only log actual K8s
API errors, silently ignoring non-K8s errors (e.g. access control
denials). Extract README logging section into docs/logging.md.

Add unit tests for HandleK8sError covering all K8s error types, wrapped
error chain traversal, and non-K8s error filtering. Add integration
tests verifying non-K8s errors produce no log notifications (pods,
helm) and K8s forbidden errors from Helm produce correct notifications.
Add RequireNoLogNotification test helper.

Signed-off-by: Marc Nuri <marc@marcnuri.com>

* test(logging): assert on log level and message in K8s error tests

Extract classifyK8sError to make error-to-log mapping directly testable.
Unit tests now verify the correct Level and message for each K8s error
type instead of only asserting NotPanics.

Signed-off-by: Marc Nuri <marc@marcnuri.com>

---------

Signed-off-by: Marc Nuri <marc@marcnuri.com>
@nader-ziada
fix(ci): resolve race conditions in tests and MCP server (containers#793
128b37c 
)

- Add mutex protection to shared state accessed by concurrent goroutines
- Fix SIGHUP handler goroutine leak by returning a stop function that
properly cleans up signal notification and waits for goroutine exit

Signed-off-by: Nader Ziada <nziada@redhat.com>
@nader-ziada
feat(validation): add pre-execution validation layer (containers#764)
9a33b10 
* feat(validation): add pre-execution validation layer

Add validation middleware that catches errors before they reach the
Kubernetes API.

Signed-off-by: Nader Ziada <nziada@redhat.com>

* simplify config and merge into AccessControlRoundTripper

Signed-off-by: Nader Ziada <nziada@redhat.com>

* remove redundant ResourceValidator and simplify validation

cleanup up unused func and fields

Signed-off-by: Nader Ziada <nziada@redhat.com>

---------

Signed-off-by: Nader Ziada <nziada@redhat.com>
@swghosh
Merge remote-tracking branch 'upstream/main' into sync-downstream-202…
733fb2c 
…60223-1731

Signed-off-by: Swarup Ghosh <swghosh@redhat.com>
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 23, 2026

@swghosh: This pull request explicitly references no jira issue.

Details

In response to this:

Sync with upstream containers@9a33b10 and i.e. pull in containers#764.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Feb 23, 2026
@swghosh
Copy link
Member Author

swghosh commented Feb 23, 2026

/assign @matzew

@openshift-ci
Copy link

openshift-ci bot commented Feb 23, 2026

@swghosh: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

matzew
matzew approved these changes Feb 23, 2026
View reviewed changes
Copy link
Member

@matzew matzew left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@matzew matzew merged commit f21224a into openshift:main Feb 23, 2026
7 of 9 checks passed
@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 23, 2026
@openshift-ci
Copy link

openshift-ci bot commented Feb 23, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: matzew, swghosh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matzew matzew matzew approved these changes

@Cali0707 Cali0707 Awaiting requested review from Cali0707

@Kaustubh-pande Kaustubh-pande Awaiting requested review from Kaustubh-pande

Assignees

@matzew matzew

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@swghosh @openshift-ci-robot @matzew @manusa @nader-ziada