-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
blocked-edges/4.14.*-ConsoleImplicitlyEnabled: Tune from versions #4337
blocked-edges/4.14.*-ConsoleImplicitlyEnabled: Tune from versions #4337
Conversation
57e8eb7
to
f3489ab
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: LalatenduMohanty, wking The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The regression occured in 4.14.0-rc.2 [1], so updates like 4.14.0 to 4.14.1 are not exposed. The new regular expression covers: * Updates from 4.14.0-ec.*, since these predate the rc.2 regression. * Updates from 4.14.0-rc.[01], since these predate the rc.2 regression. * Updates from 4.13.*, since these predate the 4.14 regression. 4.14.0 is coming back, after 897f57f (blocked-edges/4.14.0-ConsoleImplicitlyEnabled: Drop conditional risk from 4.13, 2023-10-31, openshift#4326) had dropped it, with a special 'from' regular expression that replaces the 4.13.* with 4.13.19, to avoid having 4.13.17 -> 4.14.0 and 4.13.18 -> 4.14.0 sneak back in, as discussed in 897f57f. The history of the updates from 4.13 to 4.14.0 is now: * f0dc7e8 (blocked-edges/4.14.0: Drop updates from 4.13.17 and 18, 2023-10-26, openshift#4301) dropped 4.13.17 and 18 from 4.14.0 update sources completely, and merged 2023-10-27, before 4.14.0 entered candidate-4.* channels. * 82ac96beb5 (blocked-edges/4.14.0*: Declare ConsoleImplicitlyEnabled, 2023-10-13, openshift#4234) landed 2023-10-30 via 6db078f, accidentally pulling updates from 4.13.17 and 18 back into channels because of how Cincinnati currently handles the overlap between: $ hack/show-edges.py --revision 6db078f candidate-4.14 | grep ' 4[.]14[.]0$' 4.13.17 -(risks: SILENT-BLOCK-CINCINNATI-WILL-IGNORE, ConsoleImplicitlyEnabled)-> 4.14.0 4.13.18 -(risks: SILENT-BLOCK-CINCINNATI-WILL-IGNORE, ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-ec.0 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 ... 4.14.0-rc.1 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-rc.2 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 # not actually exposed, but 'from' wildcard wasn't precise at this point ... 4.14.0-rc.7 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 # not actually exposed, but 'from' wildcard wasn't precise at this point * c3fc9f0 (Merge pull request openshift#4318 from openshift-ota-bot/promote-4.13.19-to-candidate-4.14, 2023-10-30) lands, and 4.13.19 to 4.14.0 has ConsoleImplicitlyEnabled, as intended: $ hack/show-edges.py --revision c3fc9f0 candidate-4.14 | grep '^4[.]13[.].* 4[.]14[.]0$' 4.13.17 -(risks: SILENT-BLOCK-CINCINNATI-WILL-IGNORE, ConsoleImplicitlyEnabled)-> 4.14.0 4.13.18 -(risks: SILENT-BLOCK-CINCINNATI-WILL-IGNORE, ConsoleImplicitlyEnabled)-> 4.14.0 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 But we still don't like 4.13.17 and 18 showing up there with only ConsoleImplicitlyEnabled declared. * ba3396f (Merge pull request openshift#4326 from wking/4.14.0-drop-ConsoleImplicitlyEnabled, 2023-10-31) lands, removing the updates from 4.13.17 and 18 which 82ac96beb5 and [2] had added, but leaving ConsoleImplicitlyEnabled undeclared for 4.13.19 to 4.14.0: $ hack/show-edges.py --revision ba3396f candidate-4.14 | grep '^4[.]13[.].* 4[.]14[.]0$' 4.13.17 -(SILENT-BLOCK)-> 4.14.0 4.13.18 -(SILENT-BLOCK)-> 4.14.0 4.13.19 -> 4.14.0 # but this is exposed to ConsoleImplicitlyEnabled, although we no longer declare the risk * This commit restores the ConsoleImplicitlyEnabled risk for 4.14.0, and the fancy 'from' regular expressions get the whole thing the way we want it: $ hack/show-edges.py candidate-4.14 | grep ' 4[.]14[.]0$' 4.13.17 -(SILENT-BLOCK)-> 4.14.0 4.13.18 -(SILENT-BLOCK)-> 4.14.0 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 # now declares ConsoleImplicitlyEnabled again, fixing ba3396f's issues 4.14.0-ec.0 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 # continues to declare ConsoleImplicitlyEnabled 4.14.0-ec.1 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-ec.2 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-ec.3 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-ec.4 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-rc.0 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-rc.1 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.14.0-rc.2 -> 4.14.0 # this and later no longer claim ConsoleImplicitlyEnabled exposure, because both the source and target release are in the impacted set, and those updates do not increase exposure 4.14.0-rc.3 -> 4.14.0 4.14.0-rc.4 -> 4.14.0 4.14.0-rc.5 -> 4.14.0 4.14.0-rc.6 -> 4.14.0 4.14.0-rc.7 -> 4.14.0 [1]: https://issues.redhat.com/browse/OTA-1031 [2]: https://issues.redhat.com/browse/OTA-1043
f3489ab
to
361e132
Compare
New changes are detected. LGTM label has been removed. |
/retest-required |
@wking: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
I'm confident Lala will be ok with my |
…from 4.13 again Repeating 897f57f (blocked-edges/4.14.0-ConsoleImplicitlyEnabled: Drop conditional risk from 4.13, 2023-10-31, openshift#4326). I'd thought the tuned 'from' regular expressions in 361e132 (blocked-edges/4.14.*-ConsoleImplicitlyEnabled: Tune from versions, 2023-11-01, openshift#4337) would avoid the issue, but apparently not: $ curl -s 'https://api.openshift.com/api/upgrades_info/graph?arch=amd64&channel=fast-4.14' | jq -r '.nodes[] | select(.version == "4.14.0").metadata["io.openshift.upgrades.graph.previous.remove_regex"]' 4[.](13[.]19|14[.]0-(ec[.].*|rc[.][01])) showing Cincinnati using the 'from' from the ConsoleImplicitlyEnabled, and apparently forgetting about the silent-drop from 4.14.0.yaml: $ hack/show-edges.py --cincinnati https://api.openshift.com/api/upgrades_info/graph --root-version 4.13.17 fast-4.14 4.13.17 -> 4.13.18 4.13.17 -> 4.13.19 4.13.17 -> 4.14.0 4.13.18 -> 4.13.19 4.13.18 -> 4.14.0 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.1 4.14.0 -> 4.14.1 This commit is expected to transition us to: $ hack/show-edges.py --root-version 4.13.17 fast-4.14 4.13.17 -> 4.13.18 4.13.17 -> 4.13.19 4.13.17 -(SILENT-BLOCK)-> 4.14.0 # better than the current unqualified recommendation 4.13.18 -> 4.13.19 4.13.18 -(SILENT-BLOCK)-> 4.14.0 # better than the current unqualified recommendation 4.13.19 -> 4.14.0 # we'd like this to mention ConsoleImplicitlyEnabled, but I'm back to not knowing how to get that to happen 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.1 4.14.0 -> 4.14.1
…from 4.13 again Repeating 897f57f (blocked-edges/4.14.0-ConsoleImplicitlyEnabled: Drop conditional risk from 4.13, 2023-10-31, openshift#4326). I'd thought the tuned 'from' regular expressions in 361e132 (blocked-edges/4.14.*-ConsoleImplicitlyEnabled: Tune from versions, 2023-11-01, openshift#4337) would avoid the issue, but apparently not: $ curl -s 'https://api.openshift.com/api/upgrades_info/graph?arch=amd64&channel=fast-4.14' | jq -r '.nodes[] | select(.version == "4.14.0").metadata["io.openshift.upgrades.graph.previous.remove_regex"]' 4[.](13[.]19|14[.]0-(ec[.].*|rc[.][01])) showing Cincinnati using the 'from' from the ConsoleImplicitlyEnabled, and apparently forgetting about the silent-drop from 4.14.0.yaml: $ hack/show-edges.py --cincinnati https://api.openshift.com/api/upgrades_info/graph --root-version 4.13.17 fast-4.14 4.13.17 -> 4.13.18 4.13.17 -> 4.13.19 4.13.17 -> 4.14.0 # this unqualified recommendation misses the mutated-SCC guard from 4.14.0.yaml 4.13.18 -> 4.13.19 4.13.18 -> 4.14.0 # this unqualified recommendation misses the mutated-SCC guard from 4.14.0.yaml 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.0 # we'd like to keep this 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.1 4.14.0 -> 4.14.1 This commit is expected to transition us to: $ hack/show-edges.py --root-version 4.13.17 fast-4.14 4.13.17 -> 4.13.18 4.13.17 -> 4.13.19 4.13.17 -(SILENT-BLOCK)-> 4.14.0 # better than the current unqualified recommendation 4.13.18 -> 4.13.19 4.13.18 -(SILENT-BLOCK)-> 4.14.0 # better than the current unqualified recommendation 4.13.19 -> 4.14.0 # we'd like this to mention ConsoleImplicitlyEnabled, but I'm back to not knowing how to get that to happen 4.13.19 -(risks: ConsoleImplicitlyEnabled)-> 4.14.1 4.14.0 -> 4.14.1
The regression occured in 4.14.0-rc.2, so updates like 4.14.0 to 4.14.1 are not exposed. The new regular expression covers:
4.14.0-ec.*
, since these predate the rc.2 regression.4.14.0-rc.[01]
, since these predate the rc.2 regression.4.13.*
, since these predate the 4.14 regression.4.14.0 is coming back, after 897f57f
(#4326) had dropped it, with a special
from
regular expression that replaces the4.13.*
with4.13.19
, to avoid having 4.13.17 -> 4.14.0 and 4.13.18 -> 4.14.0 sneak back in, as discussed in 897f57f. The history of the updates from 4.13 to 4.14.0 is now:f0dc7e8 (blocked-edges/4.14.0: Drop updates from 4.13.17 and 18 #4301) dropped 4.13.17 and 18 from 4.14.0 update sources completely, and merged 2023-10-27, before 4.14.0 entered
candidate-4.*
channels.82ac96beb5 (OTA-1031: blocked-edges/4.14.0*: Declare ConsoleImplicitlyEnabled #4234) landed 2023-10-30 via 6db078f, accidentally pulling updates from 4.13.17 and 18 back into channels because of how Cincinnati currently handles the overlap between:
c3fc9f0 (channels/candidate-4.14: Promote 4.13.19 #4318) lands, and 4.13.19 to 4.14.0 has
ConsoleImplicitlyEnabled
, as intended:But Cincinnati still has the:
that we don't want.
ba3396f (blocked-edges/4.14.0-ConsoleImplicitlyEnabled: Drop conditional risk from 4.13 #4326) lands, removing the updates from 4.13.17 and 18 which 82ac96beb5 and OTA-1043 had added, but leaving
ConsoleImplicitlyEnabled
undeclared for 4.13.19 to 4.14.0:This commit restores the
ConsoleImplicitlyEnabled
risk for 4.14.0, and the fancyfrom
regular expressions get the whole thing the way we want it: