NO-JIRA: add --max-depth flag to nav order verification

[jparrill]

Summary

• Adds --max-depth CLI argument to hack/verify-docs-nav-order.py to control how many nav levels are checked for alphabetical order
• Default is 1 (top-level only), use -1 for unlimited (previous behavior)
• Keeps the script flexible for future needs without enforcing order on deeply nested sections

Test plan

• python3 hack/verify-docs-nav-order.py passes with default (top-level only)
• python3 hack/verify-docs-nav-order.py --max-depth -1 checks all levels
• python3 hack/verify-docs-nav-order.py --max-depth 2 checks two levels deep

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features
  • Validator gains a configurable depth option (--max-depth) for nested navigation checks; default restricts to top-level, -1 enables unlimited depth.
• Documentation
  • Reordered Disaster Recovery docs so Prerequisites now appears before the CLI guide.

[openshift-merge-bot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[coderabbitai]

📝 Walkthrough

Walkthrough

The script hack/verify-docs-nav-order.py now accepts a --max-depth command-line argument to control recursive validation depth of nested navigation sections. The check_section_order function signature was updated to include a max_depth parameter (default 1). The function only recurses into subsections when the depth limit permits, decrementing the counter at each nesting level; -1 denotes unlimited recursion. Alphabetical ordering checks and error reporting behavior for ordering violations are unchanged.

🚥 Pre-merge checks | ✅ 11 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (11 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a --max-depth flag to the nav order verification script.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	This PR modifies only non-test files (hack/verify-docs-nav-order.py and docs/mkdocs.yml), so the stable and deterministic test names check does not apply.
Test Structure And Quality	✅ Passed	This check is not applicable to the provided pull request. The PR modifies only two files: hack/verify-docs-nav-order.py (a Python script for documentation navigation verification) and docs/mkdocs.yml (a YAML configuration file). Neither file contains Ginkgo tests or any Go test code. The custom check specifically targets Ginkgo test quality requirements, which are not relevant to this PR's scope.
Microshift Test Compatibility	✅ Passed	This PR modifies only documentation tooling (Python script and YAML config) with no Ginkgo e2e test code introduced.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This pull request does not add any Ginkgo e2e tests. Changes are exclusively to a Python documentation verification script and configuration file. Since the custom check targets SNO compatibility issues in newly added e2e tests and no e2e tests are present, the check is not applicable and passes by default.
Topology-Aware Scheduling Compatibility	✅ Passed	Changes to documentation tooling and structure files have no impact on cluster topology or scheduling requirements.
Ote Binary Stdout Contract	✅ Passed	The OTE Binary Stdout Contract check is not applicable to this pull request. The PR modifies only documentation verification utility and configuration files, not Go-level binaries.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR modifies only Python utility script and documentation config file with no Ginkgo e2e test patterns present.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Review rate limit: 8/10 reviews remaining, refill in 7 minutes and 46 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci-robot]

@jparrill: This pull request explicitly references no jira issue.

Details

In response to this:

Summary

• Adds --max-depth CLI argument to hack/verify-docs-nav-order.py to control how many nav levels are checked for alphabetical order
• Default is 1 (top-level only), use -1 for unlimited (previous behavior)
• Keeps the script flexible for future needs without enforcing order on deeply nested sections

Test plan

• python3 hack/verify-docs-nav-order.py passes with default (top-level only)
• python3 hack/verify-docs-nav-order.py --max-depth -1 checks all levels
• python3 hack/verify-docs-nav-order.py --max-depth 2 checks two levels deep

🤖 Generated with Claude Code

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[jparrill]

/jira rerfesh

[jparrill]

/area ci-tooling

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@hack/verify-docs-nav-order.py`:
- Around line 140-145: The --max-depth flag currently uses type=int which allows
0 and other negatives that the recursion treats as unlimited; update the
argument handling for parser.add_argument('--max-depth', ...) so that after
parsing you validate args.max_depth is either -1 or a positive integer (>0) and
call parser.error(...) (or raise argparse.ArgumentTypeError via a custom type)
for any other value (e.g., 0 or < -1) to enforce the documented semantics;
reference the parser, the add_argument call for '--max-depth' and args.max_depth
when locating and applying this validation.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 1a79ac0d-8efe-4307-9f8e-7ea46d412beb

📥 Commits

Reviewing files that changed from the base of the PR and between 60802b1 and 79793a1.

📒 Files selected for processing (1)

• hack/verify-docs-nav-order.py

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 36.46%. Comparing base (60802b1) to head (1e05faf).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8372   +/-   ##
=======================================
  Coverage   36.46%   36.46%           
=======================================
  Files         765      765           
  Lines       93256    93256           
=======================================
  Hits        34010    34010           
  Misses      56532    56532           
  Partials     2714     2714           

Flag	Coverage Δ
cmd-support	30.34% <ø> (ø)
cpo-hostedcontrolplane	37.05% <ø> (ø)
cpo-other	35.69% <ø> (ø)
hypershift-operator	47.89% <ø> (ø)
other	28.37% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

🧹 Nitpick comments (1)

hack/verify-docs-nav-order.py (1)

130-130: Use iterator access instead of materializing a list.

Line 130 can avoid creating an intermediate list for a single value lookup.

♻️ Proposed micro-refactor

-                value = list(entry.values())[0]
+                value = next(iter(entry.values()))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@hack/verify-docs-nav-order.py` at line 130, Replace the materialization of a
list for a single lookup by using an iterator: instead of value =
list(entry.values())[0], obtain the first value with next(iter(entry.values()))
(or next(iter(entry.values()), None) if empty dicts must be handled) so you
avoid creating an intermediate list; update the assignment where variable entry
is used to use this iterator-based access.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@hack/verify-docs-nav-order.py`:
- Line 130: Replace the materialization of a list for a single lookup by using
an iterator: instead of value = list(entry.values())[0], obtain the first value
with next(iter(entry.values())) (or next(iter(entry.values()), None) if empty
dicts must be handled) so you avoid creating an intermediate list; update the
assignment where variable entry is used to use this iterator-based access.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 7186bf5d-e7ba-44f0-a4e6-79de76af30b9

📥 Commits

Reviewing files that changed from the base of the PR and between 79793a1 and c5ea42f.

📒 Files selected for processing (1)

• hack/verify-docs-nav-order.py

[bryan-cox]

/lgtm

[coderabbitai]

🧹 Nitpick comments (1)

hack/verify-docs-nav-order.py (1)

129-131: Extract single dict value more idiomatically.

On line 130, list(entry.values())[0] unnecessarily allocates an intermediate list. Use next(iter(entry.values())) instead. Note: the same pattern appears on line 69 and should also be refactored.

♻️ Proposed refactor

-                value = list(entry.values())[0]
+                value = next(iter(entry.values()))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@hack/verify-docs-nav-order.py` around lines 129 - 131, Replace the
non-idiomatic extraction of the sole dict value that uses
list(entry.values())[0] with an iterator-based approach to avoid allocating an
intermediate list; update both occurrences (the one shown around the conditional
that checks isinstance(entry, dict) and the similar pattern earlier around line
69) to use next(iter(entry.values())) when pulling the single value from entry
so the variable handling (entry -> value) remains identical but without the
extra list allocation.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@hack/verify-docs-nav-order.py`:
- Around line 129-131: Replace the non-idiomatic extraction of the sole dict
value that uses list(entry.values())[0] with an iterator-based approach to avoid
allocating an intermediate list; update both occurrences (the one shown around
the conditional that checks isinstance(entry, dict) and the similar pattern
earlier around line 69) to use next(iter(entry.values())) when pulling the
single value from entry so the variable handling (entry -> value) remains
identical but without the extra list allocation.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 4cc6100c-337a-4330-838e-79c2a9569d6c

📥 Commits

Reviewing files that changed from the base of the PR and between c5ea42f and 1e05faf.

📒 Files selected for processing (2)

• docs/mkdocs.yml
• hack/verify-docs-nav-order.py

✅ Files skipped from review due to trivial changes (1)

• docs/mkdocs.yml

[jparrill]

/verified by presubmits

[openshift-ci-robot]

@jparrill: This PR has been marked as verified by presubmits.

Details

In response to this:

/verified by presubmits

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-merge-bot]

Scheduling tests matching the pipeline_run_if_changed or not excluded by pipeline_skip_if_only_changed parameters:
/test e2e-aks
/test e2e-aws
/test e2e-aws-upgrade-hypershift-operator
/test e2e-azure-self-managed
/test e2e-kubevirt-aws-ovn-reduced
/test e2e-v2-aws

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bryan-cox, jparrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [bryan-cox,jparrill]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[jparrill]

/retest-required

[cwbotbot]

Test Results

e2e-aws

• Status: ✅ PASS
• Started: 2026-04-29T14:30:22Z
• View Job
• View Job History

e2e-aks

• Status: ❌ FAIL
• Started: 2026-04-29T14:16:45Z
• View Job
• View Job History

[hypershift-jira-solve-ci]

AI Test Failure Analysis

Job: pull-ci-openshift-hypershift-main-e2e-azure-self-managed | Build: 2049492974848446464 | Cost: $3.272927999999999 | Failed step: hypershift-azure-run-e2e-self-managed

View full analysis report

---

_{Generated by hypershift-analyze-e2e-failure post-step using Claude claude-opus-4-6}

[openshift-merge-bot]

/retest-required

Remaining retests: 0 against base HEAD 60802b1 and 2 for PR HEAD 1e05faf in total

[bryan-cox]

/retest

[hypershift-jira-solve-ci]

I now have all the evidence needed. Here is the complete analysis:

Test Failure Analysis Complete

Job Information

• Prow Job: pull-ci-openshift-hypershift-main-e2e-azure-self-managed
• Build ID: 2049492974848446464
• Target: e2e-azure-self-managed
• PR: NO-JIRA: add --max-depth flag to nav order verification #8372 (NO-JIRA: add --max-depth flag to nav order verification)
• Author: jparrill
• Start: 2026-04-29T14:16:17Z
• State: failure
• Test Results: 279 passed, 2 failed, 27 skipped

Test Failure Analysis

Error

RESPONSE 409: 409 Conflict
ERROR CODE: OperationNotAllowed

Operation could not be completed as it results in exceeding approved
standardDSv5Family Cores quota. Additional details:
  Location: centralus, Current Limit: 350, Current Usage: 348,
  Additional Required: 4, (Minimum) New Limit Required: 352

Summary

The TestAzurePrivateTopology test failed because the Azure subscription's standardDSv5Family vCPU quota in centralus was nearly exhausted (348 of 350 cores in use). The test needed 4 additional cores (2 VMs × 2 cores) but only 2 were available, causing Azure to reject both VM creation requests with a 409 OperationNotAllowed error. This is a transient infrastructure issue completely unrelated to PR #8372, which only modifies a documentation navigation verification script (hack/verify-docs-nav-order.py). All other tests (TestCreateCluster, TestAutoscaling, TestNodePool, TestUpgradeControlPlane, TestHAEtcdChaos, TestAzureOAuthLoadBalancer) passed successfully.

Root Cause

Azure vCPU Quota Exhaustion (Infrastructure Issue — NOT related to PR)

The failure chain:

1. The Azure subscription (237432b9-...) had 348 of 350 standardDSv5Family cores in use in centralus when TestAzurePrivateTopology attempted to provision its hosted cluster
2. Both CAPI machines (azure-private-topology-xpfc4-tjpld-lfn7x and azure-private-topology-xpfc4-tjpld-mc8zt) received 409 OperationNotAllowed from Azure at 14:57:15Z when attempting to create VMs (needed 4 cores, only 2 available)
3. Machine InfrastructureReady condition was set to False with reason Failed and the quota error message
4. Machines remained in Pending phase — NodeHealthy and NodeReady stuck at Unknown with reason InspectionFailed ("Waiting for AzureMachine to report spec.providerID")
5. No nodes joined the hosted cluster → AllNodesHealthy=False: WaitingForNodeRef
6. Ignition endpoint was never reached → ReachedIgnitionEndpoint=False: ignitionNotReached
7. NodePool timed out after 30 minutes waiting for 2 replicas (got 0)
8. HostedCluster conditions reflected missing worker nodes — 11 cluster operators (console, dns, image-registry, ingress, insights, kube-storage-version-migrator, monitoring, node-tuning, openshift-samples, service-ca, storage) could not become available
9. TestAzurePrivateTopology/ValidateHostedCluster failed, then parent TestAzurePrivateTopology failed

PR #8372 only modifies hack/verify-docs-nav-order.py and documentation ordering — it does not touch any Go code, controllers, or Azure infrastructure logic.

Recommendations

1. Retry the job — This is a transient Azure quota exhaustion issue. Other CI jobs sharing the same subscription likely freed resources since the failure occurred.
2. Request quota increase — If this failure recurs, request an increase to the standardDSv5Family core quota in centralus beyond the current 350-core limit for subscription 237432b9-9dc5-4b0b-b058-8868ac6a774b.
3. No code changes needed — The PR changes are completely unrelated to the test failure.

Evidence

Evidence	Detail
Azure Error	409 OperationNotAllowed: exceeding approved standardDSv5Family Cores quota (Current: 348/350, Required: +4)
Failed Machine 1	azure-private-topology-xpfc4-tjpld-lfn7x — InfrastructureReady=False, reason: Failed
Failed Machine 2	azure-private-topology-xpfc4-tjpld-mc8zt — InfrastructureReady=False, reason: Failed
NodePool Status	Ready=False: WaitingForAvailableMachines — 0 of 2 required replicas available
Ignition	ReachedIgnitionEndpoint=False: ignitionNotReached
Failure Time	VM creation failed at 2026-04-29T14:57:15Z
Other Tests	6 of 7 test suites passed (TestCreateCluster, TestAutoscaling, TestNodePool, TestUpgradeControlPlane, TestHAEtcdChaos, TestAzureOAuthLoadBalancer)
PR Scope	Only modifies hack/verify-docs-nav-order.py — no Go code or Azure logic changes

---

[openshift-ci]

@jparrill: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.