[release-4.19] OCPBUGS-58284: Safely handle changes to description fields(#2023)

[anik120]

Motivation:

When attempting to upgrade argocd-operator from v0.5.0 to v0.7.0, the upgrade process fails during the preflight CRD safety validation. The validation correctly detects that the argocds.argoproj.io CRD has been modified between the two versions.

The specific error reported is:

CustomResourceDefinition argocds.argoproj.io failed upgrade safety validation. "ChangeValidator" validation failed: version "v1alpha1", field "^.status.applicationController" has unknown change, refusing to determine that change is safe

However, changes between the CRD versions in this instance are limited to non-functional updates in the description fields of various properties (e.g., status.applicationController).ChangeValidator lacks a specific rule to classify a description-only update as safe, which blocks legitimate and otherwise safe operator upgrades.

Solution:

This PR enhances the CRD upgrade safety validation logic to correctly handle changes to description fields by introducing a new ChangeValidation check for Description, and registering the check by adding it to the default list of ChangeValidations used by ChangeValidator.

Result:

Non-functional updates to documentation fields are now deemed safe(which resolves the upgrade failure for argocd-operator from v0.5.0 to v0.7.0)

[openshift-ci-robot]

@anik120: This pull request references Jira Issue OCPBUGS-58284, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.19.z) matches configured target version for branch (4.19.z)
• bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
• release note type set to "Release Note Not Required"
• dependent bug Jira Issue OCPBUGS-55051 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
• dependent Jira Issue OCPBUGS-55051 targets the "4.20.0" version, which is one of the valid target versions: 4.20.0
• bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Jira (jiazha@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

Motivation:

When attempting to upgrade argocd-operator from v0.5.0 to v0.7.0, the upgrade process fails during the preflight CRD safety validation. The validation correctly detects that the argocds.argoproj.io CRD has been modified between the two versions.

The specific error reported is:

CustomResourceDefinition argocds.argoproj.io failed upgrade safety validation. "ChangeValidator" validation failed: version "v1alpha1", field "^.status.applicationController" has unknown change, refusing to determine that change is safe

However, changes between the CRD versions in this instance are limited to non-functional updates in the description fields of various properties (e.g., status.applicationController).ChangeValidator lacks a specific rule to classify a description-only update as safe, which blocks legitimate and otherwise safe operator upgrades.

Solution:

This PR enhances the CRD upgrade safety validation logic to correctly handle changes to description fields by introducing a new ChangeValidation check for Description, and registering the check by adding it to the default list of ChangeValidations used by ChangeValidator.

Result:

Non-functional updates to documentation fields are now deemed safe(which resolves the upgrade failure for argocd-operator from v0.5.0 to v0.7.0)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[oceanc80]

/label backport-risk-assessed

[jianzhangbjz]

Test pass, details: https://issues.redhat.com/browse/OCPBUGS-58284
/label qe-approved
/label cherry-pick-approved

[openshift-ci-robot]

@anik120: This pull request references Jira Issue OCPBUGS-58284, which is valid.

7 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.19.z) matches configured target version for branch (4.19.z)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)
• release note type set to "Release Note Not Required"
• dependent bug Jira Issue OCPBUGS-55051 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
• dependent Jira Issue OCPBUGS-55051 targets the "4.20.0" version, which is one of the valid target versions: 4.20.0
• bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Jira (jiazha@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

Motivation:

When attempting to upgrade argocd-operator from v0.5.0 to v0.7.0, the upgrade process fails during the preflight CRD safety validation. The validation correctly detects that the argocds.argoproj.io CRD has been modified between the two versions.

The specific error reported is:

CustomResourceDefinition argocds.argoproj.io failed upgrade safety validation. "ChangeValidator" validation failed: version "v1alpha1", field "^.status.applicationController" has unknown change, refusing to determine that change is safe

However, changes between the CRD versions in this instance are limited to non-functional updates in the description fields of various properties (e.g., status.applicationController).ChangeValidator lacks a specific rule to classify a description-only update as safe, which blocks legitimate and otherwise safe operator upgrades.

Solution:

This PR enhances the CRD upgrade safety validation logic to correctly handle changes to description fields by introducing a new ChangeValidation check for Description, and registering the check by adding it to the default list of ChangeValidations used by ChangeValidator.

Result:

Non-functional updates to documentation fields are now deemed safe(which resolves the upgrade failure for argocd-operator from v0.5.0 to v0.7.0)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[jianzhangbjz]

/approve
/lgtm

[anik120]

/approve

[anik120]

Nope, doesn't work, can't author can't approve own PR

[anik120]

/test openshift-e2e-aws

[openshift-ci]

@anik120: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/openshift-e2e-aws-techpreview	fe31f0f	link	false	/test openshift-e2e-aws-techpreview

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[tmshort]

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anik120, camilamacedo86, jianzhangbjz, tmshort

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• DOWNSTREAM_OWNERS [tmshort]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@anik120: Jira Issue OCPBUGS-58284: All pull requests linked via external trackers have merged:

• openshift/operator-framework-operator-controller#390

Jira Issue OCPBUGS-58284 has been moved to the MODIFIED state.

In response to this:

Motivation:

When attempting to upgrade argocd-operator from v0.5.0 to v0.7.0, the upgrade process fails during the preflight CRD safety validation. The validation correctly detects that the argocds.argoproj.io CRD has been modified between the two versions.

The specific error reported is:

CustomResourceDefinition argocds.argoproj.io failed upgrade safety validation. "ChangeValidator" validation failed: version "v1alpha1", field "^.status.applicationController" has unknown change, refusing to determine that change is safe

However, changes between the CRD versions in this instance are limited to non-functional updates in the description fields of various properties (e.g., status.applicationController).ChangeValidator lacks a specific rule to classify a description-only update as safe, which blocks legitimate and otherwise safe operator upgrades.

Solution:

This PR enhances the CRD upgrade safety validation logic to correctly handle changes to description fields by introducing a new ChangeValidation check for Description, and registering the check by adding it to the default list of ChangeValidations used by ChangeValidator.

Result:

Non-functional updates to documentation fields are now deemed safe(which resolves the upgrade failure for argocd-operator from v0.5.0 to v0.7.0)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-bot]

[ART PR BUILD NOTIFIER]

Distgit: ose-olm-catalogd
This PR has been included in build ose-olm-catalogd-container-v4.19.0-202507031537.p0.g8f42f09.assembly.stream.el9.
All builds following this will include this PR.

[openshift-bot]

[ART PR BUILD NOTIFIER]

Distgit: ose-olm-operator-controller
This PR has been included in build ose-olm-operator-controller-container-v4.19.0-202507031937.p0.g8f42f09.assembly.stream.el9.
All builds following this will include this PR.