[release-4.22] OCPBUGS-85156: Bootloader update attempt should be conditional by openshift-cherrypick-robot · Pull Request #6011 · openshift/machine-config-operator

openshift-cherrypick-robot · 2026-05-06T19:33:10Z

This is an automated cherry-pick of #5907

/assign djoshy

Only invoke bootupd during a layered OS update when Secure Boot is active (via mokutil) and the installed shim is below 15.8-3.el9_2 (the minimum version with safe signing keys), using rpmvercmp for ordering. Both checks fail open: if mokutil or the rpm query is unavailable the update proceeds rather than being silently skipped.

openshift-merge-bot · 2026-05-06T19:33:13Z

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

coderabbitai · 2026-05-06T19:33:19Z

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: aa3f5e1b-fb2e-4505-b2b8-19f3f46fea2f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

openshift-ci-robot · 2026-05-06T19:34:22Z

@openshift-cherrypick-robot: Jira Issue OCPBUGS-84842 has been cloned as Jira Issue OCPBUGS-85156. Will retitle bug to link to clone.

WARNING: Unexpected sprint field type []interface {} on source issue. Please update sprint manually on clone.

/retitle [release-4.22] OCPBUGS-85156: Bootloader update attempt should be conditional

Details

In response to this:

This is an automated cherry-pick of #5907

/assign djoshy

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2026-05-06T19:34:33Z

@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-85156, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.22.0) matches configured target version for branch (4.22.0)
bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
release note type set to "Release Note Not Required"
dependent bug Jira Issue OCPBUGS-84842 is in the state MODIFIED, which is one of the valid states (MODIFIED, ON_QA, VERIFIED)
dependent Jira Issue OCPBUGS-84842 targets the "5.0.0" version, which is one of the valid target versions: 5.0.0
bug has dependents

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

This is an automated cherry-pick of #5907

/assign djoshy

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

djoshy · 2026-05-06T19:35:38Z

/lgtm

/label backport-risk-assessed

/verified later @sergiordlr

This has already been pre merge tested on main(5.0), so will be verified post merge by QE

openshift-ci-robot · 2026-05-06T19:35:52Z

@djoshy: This PR has been marked to be verified later by @sergiordlr.

Details

In response to this:

/lgtm

/label backport-risk-assessed

/verified later @sergiordlr

This has already been pre merge tested on main(5.0), so will be verified post merge by QE

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-merge-bot · 2026-05-06T19:36:13Z

Scheduling tests matching the pipeline_run_if_changed or not excluded by pipeline_skip_if_only_changed parameters:
/test e2e-aws-ovn
/test e2e-aws-ovn-upgrade
/test e2e-gcp-op-part1
/test e2e-gcp-op-part2
/test e2e-gcp-op-single-node
/test e2e-hypershift

openshift-merge-bot · 2026-05-06T20:04:41Z

/retest-required

Remaining retests: 0 against base HEAD 6a6d654 and 2 for PR HEAD 5a2dee7 in total

yuqi-zhang

/lgtm
/label backport-risk-assessed

Not mandatory for 4.22.0 but nice to get merged regardless

openshift-ci · 2026-05-06T21:11:44Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: djoshy, openshift-cherrypick-robot, yuqi-zhang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [djoshy,yuqi-zhang]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

djoshy · 2026-05-06T23:34:31Z

/retest-required

openshift-ci · 2026-05-07T02:06:14Z

@openshift-cherrypick-robot: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-gcp-op-ocl	`5a2dee7`	link	false	`/test e2e-gcp-op-ocl`

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci-robot · 2026-05-07T02:09:33Z

@openshift-cherrypick-robot: Jira Issue OCPBUGS-85156: All pull requests linked via external trackers have merged:

openshift/machine-config-operator#6011

This pull request has the verified-later tag and will need to be manually moved to VERIFIED after testing. Jira Issue OCPBUGS-85156 has been moved to the MODIFIED state.

Details

In response to this:

This is an automated cherry-pick of #5907

/assign djoshy

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-merge-robot · 2026-05-07T11:01:45Z

Fix included in release 4.22.0-0.nightly-2026-05-07-043024

openshift-cherrypick-robot mentioned this pull request May 6, 2026

OCPBUGS-84842: Bootloader update attempt should be conditional #5907

Merged

openshift-cherrypick-robot assigned djoshy May 6, 2026

openshift-ci Bot requested review from RishabhSaini and yuqi-zhang May 6, 2026 19:34

openshift-ci Bot changed the title ~~[release-4.22] OCPBUGS-84842: Bootloader update attempt should be conditional~~ [release-4.22] OCPBUGS-85156: Bootloader update attempt should be conditional May 6, 2026

openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels May 6, 2026

openshift-ci Bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label May 6, 2026

openshift-ci Bot assigned anuragthehatter, imatza-rh, mhanss, ptalgulk01, rbbratta and sergiordlr May 6, 2026

openshift-ci-robot added verified-later verified Signifies that the PR passed pre-merge verification criteria labels May 6, 2026

openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label May 6, 2026

openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 6, 2026

yuqi-zhang approved these changes May 6, 2026

View reviewed changes

openshift-ci Bot assigned yuqi-zhang May 6, 2026

openshift-merge-bot Bot merged commit 0730621 into openshift:release-4.22 May 7, 2026
18 of 19 checks passed

Conversation

openshift-cherrypick-robot commented May 6, 2026

Uh oh!

openshift-merge-bot Bot commented May 6, 2026

Uh oh!

coderabbitai Bot commented May 6, 2026

Review skipped

Uh oh!

openshift-ci-robot commented May 6, 2026

Uh oh!

openshift-ci-robot commented May 6, 2026

Uh oh!

djoshy commented May 6, 2026

Uh oh!

openshift-ci-robot commented May 6, 2026

Uh oh!

openshift-merge-bot Bot commented May 6, 2026

Uh oh!

openshift-merge-bot Bot commented May 6, 2026

Uh oh!

yuqi-zhang left a comment

Choose a reason for hiding this comment

Uh oh!

openshift-ci Bot commented May 6, 2026

Uh oh!

djoshy commented May 6, 2026

Uh oh!

openshift-ci Bot commented May 7, 2026

Uh oh!

Uh oh!

openshift-ci-robot commented May 7, 2026

Uh oh!

openshift-merge-robot commented May 7, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

11 participants