Add OCP 4.22 to prow#81141
Conversation
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
WalkthroughThe PR updates two downstream-candidate CI configs to enable Kata RPM installation, pin the Kata RPM version, and change must-gather behavior across scheduled Azure, ARO, and AWS jobs. It also adds a README note for Konflux prowjobs network-access settings. ChangesSandboxed containers operator CI changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Suggested labels
🚥 Pre-merge checks | ✅ 15✅ Passed checks (15 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
/pj-rehearse ack |
|
@tbuskey: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
openshift-merge-bot
Bot
added
the
rehearsals-ack
openshift-ci
Bot
added
the
approved
|
/test generated-config |
|
/lgtm |
openshift-ci
Bot
added
lgtm
openshift-merge-bot
Bot
removed
the
rehearsals-ack
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.claude/scripts/step_finder.py:
- Around line 113-123: `build_reference_index()` is currently scanning
serialized YAML text, so literal examples inside markdown-style blocks are being
counted as real references. Update this function to traverse the parsed YAML
objects instead of using regex over raw text, and only record structural `ref`,
`chain`, and `workflow` fields from the YAML tree. Keep the indexing logic in
`build_reference_index()` and `ReferenceIndex` the same, but change the input
processing so documentation snippets are ignored.
- Around line 353-367: Resolve the repo root to an absolute path before any
downstream path derivation in step_finder.py so the paths used by
read_yaml_corpus, build_reference_index, lookup_config_usage, and
lookup_reverse_deps all share the same base. Update the logic around
parse_args(), repo_root_from_script(), and the subsequent
registry_dir/config_dir setup so a relative --repo-root like "." is normalized
once up front. This will keep usage and reverse-deps lookups from missing
matches due to relative-vs-absolute prefix comparisons.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: ff8b80f9-0fb7-4107-92ba-6306d040dd26
📒 Files selected for processing (12)
.claude/scripts/README.md.claude/scripts/step_finder.py.claude/skills/step-finder/SKILL.mdci-operator/step-registry/cluster-profiles/cluster-profiles-config.yamlci-operator/step-registry/openshift/agentic/trt/review-responder/openshift-agentic-trt-review-responder-commands.shclusters/hosted-mgmt/hive/pools/openstack-k8s-operators/openstack-k8s-operators-4-18-vexxhost-hybrid_clusterpool.yamlclusters/hosted-mgmt/hive/pools/openstack-k8s-operators/openstack-k8s-operators-4-20-vexxhost-hybrid_clusterpool.yamlcore-services/ci-secret-bootstrap/_config.yamlcore-services/prow/02_config/openshift-online/gcp-hcp-infra/_prowconfig.yamlcore-services/prow/02_config/openshift/faas-console-plugin/_prowconfig.yamlcore-services/prow/02_config/redhat-developer/rhdh-operator/_prowconfig.yamlcore-services/prow/02_config/terraform-redhat/terraform-provider-rhcs/_prowconfig.yaml
💤 Files with no reviewable changes (1)
- ci-operator/step-registry/openshift/agentic/trt/review-responder/openshift-agentic-trt-review-responder-commands.sh
✅ Files skipped from review due to trivial changes (2)
- .claude/skills/step-finder/SKILL.md
- .claude/scripts/README.md
| def build_reference_index(*corpora: dict[str, str]) -> ReferenceIndex: | ||
| """Index ref, chain, and workflow references across YAML corpora.""" | ||
| index = ReferenceIndex() | ||
| for corpus in corpora: | ||
| for path_str, text in corpus.items(): | ||
| for match in REF_LINE.finditer(text): | ||
| index.steps.setdefault(match.group(1), []).append(path_str) | ||
| for match in CHAIN_LINE.finditer(text): | ||
| index.chains.setdefault(match.group(1), []).append(path_str) | ||
| for match in WORKFLOW_LINE.finditer(text): | ||
| index.workflows.setdefault(match.group(1), []).append(path_str) |
There was a problem hiding this comment.
🎯 Functional Correctness | 🟠 Major | 🏗️ Heavy lift
Parse references from YAML structure, not raw text.
build_reference_index() greps serialized YAML, so example snippets inside documentation: | blocks such as - ref: ... or workflow: ... get counted as real usages. That will overstate the “Reverse deps” count and can assign the wrong impact label for documented components. Walk the parsed YAML tree and index only structural ref/chain/workflow fields instead.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.claude/scripts/step_finder.py around lines 113 - 123,
`build_reference_index()` is currently scanning serialized YAML text, so literal
examples inside markdown-style blocks are being counted as real references.
Update this function to traverse the parsed YAML objects instead of using regex
over raw text, and only record structural `ref`, `chain`, and `workflow` fields
from the YAML tree. Keep the indexing logic in `build_reference_index()` and
`ReferenceIndex` the same, but change the input processing so documentation
snippets are ignored.
openshift-ci
Bot
added
approved
|
/retest-required |
Other changes: MUST_GATHER_ON_FAILURE_ONLY: "false" # so prow always runs kata must-gather INSTALL_KATA_RPM: true KATA_RPM_VERSION: 3.31.0-1.rhaos4.19.el9 # 4.19 -> 4.21 KATA_RPM_VERSION: 3.31.0-1.rhaos4.22.el9 # 4.22 https://redhat.atlassian.net/browse/KATA-5459 openshift#80932 Signed-off-by: Tom Buskey <tbuskey@redhat.com>
|
/pj-rehearse ack |
|
@tbuskey: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
openshift-merge-bot
Bot
added
the
rehearsals-ack
|
/pj-rehearse ack |
openshift-merge-bot
Bot
removed
the
rehearsals-ack
|
[REHEARSALNOTIFIER]
The following jobs are not rehearsable without the
Interacting with pj-rehearseComment: Once you are satisfied with the results of the rehearsals, comment: |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
`@ci-operator/config/openshift/sandboxed-containers-operator/openshift-sandboxed-containers-operator-devel__downstream-candidate422.yaml`:
- Line 152: Update the ARO job configuration so the ARO_CLUSTER_VERSION used by
the downstream-candidate422 periodic jobs matches the advertised 4.22 release
instead of remaining pinned to 4.17. Adjust both occurrences in this config, or
derive the value from the release metadata in the relevant job definitions, so
the ARO jobs in downstream-candidate422 actually exercise 4.22 and use the
matching Kata RPM.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 74aa0da4-be83-468d-b97d-9015fbf1477f
📒 Files selected for processing (1)
ci-operator/config/openshift/sandboxed-containers-operator/openshift-sandboxed-containers-operator-devel__downstream-candidate422.yaml
|
@tbuskey: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
openshift-merge-bot
Bot
added
the
rehearsals-ack
|
@tbuskey: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/lgtm |
|
/approve |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: tbuskey, wainersm The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
3 participants
Other changes:
MUST_GATHER_ON_FAILURE_ONLY: "false" # so prow always runs kata must-gather
INSTALL_KATA_RPM: true
KATA_RPM_VERSION: 3.31.0-1.rhaos4.19.el9 # 4.19 -> 4.21
KATA_RPM_VERSION: 3.31.0-1.rhaos4.22.el9 # 4.22
KATA-5459
Previous PR
Summary by CodeRabbit
Updated
ci-operator/config/openshift/sandboxed-containers-operatorgenerated downstream scheduled e2e prow jobs to ensure OpenShift Container Platform 4.22 runs with Kata RPM enabled and must-gather always collected (not limited to failures). Concretely:MUST_GATHER_ON_FAILURE_ONLY: "false".INSTALL_KATA_RPM: "true") and pinned the Kata RPM version to3.31.0-1.rhaos4.22.el9for the new OCP 4.22 config (openshift-sandboxed-containers-operator-devel__downstream-candidate422.yaml)....__downstream-candidate419.yamland...__downstream-candidate420.yaml) to useKATA_RPM_VERSION: 3.31.0-1.rhaos4.19.el9while keeping the same must-gather change (MUST_GATHER_ON_FAILURE_ONLY: "false").Also updated
ci-operator/step-registry/sandboxed-containers-operator/README.mdwith guidance for Konflux prowjobsrestrict_network_access:falseby default,truewhen running/pj-rehearse, then reverting tofalseafter merge.