From d85a3633e0d05d043f6e046796bf06e3f1e09a8a Mon Sep 17 00:00:00 2001 From: Kasturi Narra Date: Fri, 26 Jun 2026 19:45:03 +0530 Subject: [PATCH 1/2] Send LVMS CI Doctor Slack notification to #team-ocp-edge-notifications The LVMS CI Doctor report currently only notifies #lvms-release-coordination via Prow reporter_config. Since Prow only supports a single Slack channel, add a webhook-based notification in the post step to also send the report link to #team-ocp-edge-notifications. Co-Authored-By: Claude Opus 4.6 --- ...shift-edge-tooling-lvms-ci-post-commands.sh | 18 ++++++++++++++++++ ...penshift-edge-tooling-lvms-ci-post-ref.yaml | 5 +++++ 2 files changed, 23 insertions(+) diff --git a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh index c356fdc387180..f3183a0952473 100644 --- a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh +++ b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh @@ -28,3 +28,21 @@ if [[ -f "${SHARED_DIR}/claude-report-available" ]]; then else echo "No Claude report found. Skipping." fi + +# +# Send Slack notification to #team-ocp-edge-notifications +# (Prow reporter_config already sends to #lvms-release-coordination) +# +WEBHOOK_FILE="/var/run/slack-webhook/team-ocp-edge-notifications" +if [[ -f "${WEBHOOK_FILE}" ]] && [[ "${JOB_TYPE:-}" == "periodic" ]]; then + REPORT_URL="${GCSWEB_JOB_URL}/artifacts/lvms-ci-doctor/openshift-edge-tooling-lvms-ci-doctor/artifacts/report-lvm-operator-ci-doctor.html" + MESSAGE=":robot_face: *LVMS CI Doctor* report available.\n| <${REPORT_URL}|Report> | |" + PAYLOAD=$(jq -nc --arg text "${MESSAGE}" '{"text": $text}') + curl -sf -X POST -H 'Content-type: application/json' \ + --data "${PAYLOAD}" \ + "$(cat "${WEBHOOK_FILE}")" \ + && echo "Slack notification sent to #team-ocp-edge-notifications." \ + || echo "Warning: Slack notification failed (non-fatal)." +else + echo "Skipping Slack notification (webhook not available or not a periodic job)." +fi diff --git a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml index 5ce99a2ba2146..348a22d774f80 100644 --- a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml +++ b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml @@ -6,6 +6,10 @@ ref: tag: latest best_effort: true commands: openshift-edge-tooling-lvms-ci-post-commands.sh + credentials: + - namespace: test-credentials + name: edge-tooling-ci-monitor-slack-webhook + mount_path: /var/run/slack-webhook resources: requests: cpu: 100m @@ -14,3 +18,4 @@ ref: documentation: |- Post step that downloads the LVMS CI Doctor HTML report from GCS artifacts and saves it with a summary suffix so Spyglass displays it as a tab. + Also sends a notification to the team-ocp-edge Slack channel. From 5b42d69a19e255b6ac0a2f87796bd9ecdc67ca96 Mon Sep 17 00:00:00 2001 From: Kasturi Narra Date: Fri, 26 Jun 2026 22:22:21 +0530 Subject: [PATCH 2/2] Harden Slack webhook post: suppress xtrace, add timeout, fix docs - Disable xtrace around the curl that reads the webhook secret so the URL does not leak into CI logs - Add --connect-timeout 10 --max-time 30 to prevent indefinite hangs - Fix documentation to say team-ocp-edge-notifications (not team-ocp-edge) Co-Authored-By: Claude Opus 4.6 --- .../post/openshift-edge-tooling-lvms-ci-post-commands.sh | 4 +++- .../lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh index f3183a0952473..d3030c2ffa55c 100644 --- a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh +++ b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-commands.sh @@ -38,11 +38,13 @@ if [[ -f "${WEBHOOK_FILE}" ]] && [[ "${JOB_TYPE:-}" == "periodic" ]]; then REPORT_URL="${GCSWEB_JOB_URL}/artifacts/lvms-ci-doctor/openshift-edge-tooling-lvms-ci-doctor/artifacts/report-lvm-operator-ci-doctor.html" MESSAGE=":robot_face: *LVMS CI Doctor* report available.\n| <${REPORT_URL}|Report> | |" PAYLOAD=$(jq -nc --arg text "${MESSAGE}" '{"text": $text}') - curl -sf -X POST -H 'Content-type: application/json' \ + set +x + curl -sf --connect-timeout 10 --max-time 30 -X POST -H 'Content-type: application/json' \ --data "${PAYLOAD}" \ "$(cat "${WEBHOOK_FILE}")" \ && echo "Slack notification sent to #team-ocp-edge-notifications." \ || echo "Warning: Slack notification failed (non-fatal)." + set -x else echo "Skipping Slack notification (webhook not available or not a periodic job)." fi diff --git a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml index 348a22d774f80..c190166b5e7fa 100644 --- a/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml +++ b/ci-operator/step-registry/openshift/edge-tooling/lvms-ci/post/openshift-edge-tooling-lvms-ci-post-ref.yaml @@ -18,4 +18,4 @@ ref: documentation: |- Post step that downloads the LVMS CI Doctor HTML report from GCS artifacts and saves it with a summary suffix so Spyglass displays it as a tab. - Also sends a notification to the team-ocp-edge Slack channel. + Also sends a notification to the team-ocp-edge-notifications Slack channel.