Skip to content

MG-272: Added Hypershift weekly job for support-log-gather operator #79339

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
shivprakashmuley wants to merge 3 commits into
base: main
Choose a base branch
from
+151 −0
Open

MG-272: Added Hypershift weekly job for support-log-gather operator #79339

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b684072
MG-272: Added Hypershift weekly job for support-log-gather operator
shivprakashmuley May 15, 2026
7e9f05f
MG-272: Added --multi-arch
shivprakashmuley May 15, 2026
17f335c
MG-272: Added --multi-arch in create-hostedcluster step
shivprakashmuley May 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 62 additions & 0 deletions ...or/config/openshift/must-gather-operator/openshift-must-gather-operator-release-4.22.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,68 @@ tests:
requests:
cpu: 100m
workflow: ipi-gcp
- as: e2e-hypershift-operator-weekly
cron: '@weekly'
steps:
cluster_profile: openshift-org-aws
dependency_overrides:
OO_INDEX: quay.io/redhat-user-workloads/ocp-art-tenant/art-fbc:ocp__4.22__ose-support-log-gather-rhel9-operator
env:
EXTRA_ARGS: --multi-arch --image-content-sources ${SHARED_DIR}/mgmt_icsp.yaml
OO_CHANNEL: tech-preview
OO_INSTALL_NAMESPACE: must-gather-operator
OO_PACKAGE: support-log-gather-operator
OO_TARGET_NAMESPACES: '!all'
test:
- ref: ipi-install-rbac
- as: setup-konflux-image-access
cli: latest
commands: |
oc extract secret/pull-secret -n openshift-config --confirm --to /tmp
jq -s '.[0].auths += .[1].auths | .[0]' /tmp/.dockerconfigjson /var/run/secrets/pull-secret/.dockerconfigjson > /tmp/merged-pullsecret.json
oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=/tmp/merged-pullsecret.json
cat > ${SHARED_DIR}/mgmt_icsp.yaml <<'EOF'
- mirrors:
- quay.io/redhat-user-workloads/ocp-art-tenant/art-images-share
source: registry.redhat.io/openshift4/ose-support-log-gather-rhel9-operator
- mirrors:
- quay.io/redhat-user-workloads/ocp-art-tenant/art-images-share
source: registry.redhat.io/openshift4/ose-support-log-gather-operator-bundle
- mirrors:
- quay.io/redhat-user-workloads/ocp-art-tenant/art-images-share
source: registry.redhat.io/openshift4/ose-must-gather-rhel9
EOF
credentials:
- mount_path: /var/run/secrets/pull-secret
name: deploy-konflux-operator-art-image-share
namespace: test-credentials
from: src
resources:
requests:
cpu: 100m
- ref: optional-operators-subscribe
- as: verify-install
cli: latest
commands: |
oc -n must-gather-operator rollout status deployment must-gather-operator
from: src
Comment on lines +234 to +238
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot May 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

What is the default timeout behavior of oc rollout statuswhen--timeout is not specified?

💡 Result:

If you run oc rollout status without --timeout, it will keep watching until the rollout finishes (i.e., it does not end watch early due to a client-side timeout). This is because the command’s --timeout option (“length of time to wait before ending watch”) defaults to 0, and 0 means “never” [1]. Note: this timeout controls ending the watch, not per-request connection/watch timeouts; those are governed by a separate --request-timeout flag [1].

Citations:

🏁 Script executed:

# Search for other oc rollout status commands in CI configuration to check typical timeout patterns
rg "rollout status" --type yaml -B 2 -A 2

Repository: openshift/release

Length of output: 50373

Add an explicit rollout timeout to prevent stuck weekly runs.

oc rollout status without --timeout waits indefinitely and can tie up periodic capacity.

Proposed fix 
-        oc -n must-gather-operator rollout status deployment must-gather-operator
+        oc -n must-gather-operator rollout status deployment must-gather-operator --timeout=15m
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- as: verify-install
cli: latest
commands: |
oc -n must-gather-operator rollout status deployment must-gather-operator
from: src
- as: verify-install
cli: latest
commands: |
oc -n must-gather-operator rollout status deployment must-gather-operator --timeout=15m
from: src
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/config/openshift/must-gather-operator/openshift-must-gather-operator-release-4.22.yaml`
around lines 234 - 238, The oc rollout status invocation in the commands block
(the line invoking "oc -n must-gather-operator rollout status deployment
must-gather-operator") can hang indefinitely; update that command to include an
explicit timeout (e.g., add "--timeout=10m" or another appropriate duration) so
the verify-install step fails fast instead of blocking periodic runs.

resources:
requests:
cpu: 100m
- as: test
cli: latest
commands: |
export CASE_MANAGEMENT_CREDS_CONFIG_DIR=/var/run/secrets/must-gather-operator/case-management-creds
make test-e2e
credentials:
- mount_path: /var/run/secrets/must-gather-operator/case-management-creds
name: case-management-creds
namespace: test-credentials
from: src
resources:
requests:
cpu: 100m
workflow: hypershift-hostedcluster-workflow
- always_run: false
as: e2e-gcp-operator-rhcos10-fips
optional: true
Expand Down
85 changes: 85 additions & 0 deletions ...openshift/must-gather-operator/openshift-must-gather-operator-release-4.22-periodics.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,3 +84,88 @@ periodics:
- name: result-aggregator
secret:
secretName: result-aggregator
- agent: kubernetes
cluster: build05
cron: '@weekly'
decorate: true
decoration_config:
sparse_checkout_files:
- .ci-operator.yaml
- Dockerfile.openshift
extra_refs:
- base_ref: release-4.22
org: openshift
repo: must-gather-operator
sparse_checkout_files:
- .ci-operator.yaml
- Dockerfile.openshift
labels:
ci-operator.openshift.io/cloud: aws
ci-operator.openshift.io/cloud-cluster-profile: openshift-org-aws
ci.openshift.io/generator: prowgen
pj-rehearse.openshift.io/can-be-rehearsed: "true"
name: periodic-ci-openshift-must-gather-operator-release-4.22-e2e-hypershift-operator-weekly
spec:
containers:
- args:
- --gcs-upload-secret=/secrets/gcs/service-account.json
- --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson
- --lease-server-credentials-file=/etc/boskos/credentials
- --report-credentials-file=/etc/report/credentials
- --secret-dir=/secrets/ci-pull-credentials
- --target=e2e-hypershift-operator-weekly
command:
- ci-operator
env:
- name: HTTP_SERVER_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest
imagePullPolicy: Always
name: ""
ports:
- containerPort: 8080
name: http
resources:
requests:
cpu: 10m
volumeMounts:
- mountPath: /etc/boskos
name: boskos
readOnly: true
- mountPath: /secrets/ci-pull-credentials
name: ci-pull-credentials
readOnly: true
- mountPath: /secrets/gcs
name: gcs-credentials
readOnly: true
- mountPath: /secrets/manifest-tool
name: manifest-tool-local-pusher
readOnly: true
- mountPath: /etc/pull-secret
name: pull-secret
readOnly: true
- mountPath: /etc/report
name: result-aggregator
readOnly: true
serviceAccountName: ci-operator
volumes:
- name: boskos
secret:
items:
- key: credentials
path: credentials
secretName: boskos-credentials
- name: ci-pull-credentials
secret:
secretName: ci-pull-credentials
- name: manifest-tool-local-pusher
secret:
secretName: manifest-tool-local-pusher
- name: pull-secret
secret:
secretName: registry-pull-credentials
- name: result-aggregator
secret:
secretName: result-aggregator
4 changes: 4 additions & 0 deletions ...tedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,10 @@ case "${PLATFORM}" in
ARGS+=( --feature-set "${GUEST_FEATURE_SET}")
fi

if [[ -n "${EXTRA_ARGS}" ]]; then
ARGS+=( ${EXTRA_ARGS} )
fi
Comment on lines +147 to +149
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot May 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash

# Check if file exists and examine the relevant section
if [[ -f "ci-operator/step-registry/hypershift/hostedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh" ]]; then
  echo "=== File head (first 10 lines) ==="
  head -10 "ci-operator/step-registry/hypershift/hostedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh"
  
  echo ""
  echo "=== Lines 140-160 (around the target) ==="
  sed -n '140,160p' "ci-operator/step-registry/hypershift/hostedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh" | cat -n
  
  echo ""
  echo "=== Search for EXTRA_ARGS usage ==="
  grep -n "EXTRA_ARGS" "ci-operator/step-registry/hypershift/hostedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh"
else
  echo "File not found"
fi

Repository: openshift/release

Length of output: 1507

Guard EXTRA_ARGS for nounset and append it safely.

Line 147 can abort the script under set -u when EXTRA_ARGS is unset, and Line 148 performs unsafe word splitting/globbing. Default the check and split into a temporary array before appending.

Suggested fix 
-    if [[ -n "${EXTRA_ARGS}" ]]; then
-      ARGS+=( ${EXTRA_ARGS} )
+    if [[ -n "${EXTRA_ARGS:-}" ]]; then
+      read -r -a extra_args <<< "${EXTRA_ARGS}"
+      ARGS+=("${extra_args[@]}")
     fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if [[ -n "${EXTRA_ARGS}" ]]; then
ARGS+=( ${EXTRA_ARGS} )
fi
if [[ -n "${EXTRA_ARGS:-}" ]]; then
read -r -a extra_args <<< "${EXTRA_ARGS}"
ARGS+=("${extra_args[@]}")
fi
🧰 Tools
🪛 Shellcheck (0.11.0)

[warning] 148-148: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.

(SC2206)

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/step-registry/hypershift/hostedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh`
around lines 147 - 149, The script currently tests and appends EXTRA_ARGS
unsafely (uses [[ -n "${EXTRA_ARGS}" ]] which can fail under set -u and performs
unquoted word splitting/globbing when appending to ARGS). Change the check to
guard against unset (use a default or parameter expansion like "${EXTRA_ARGS-}"
or test for set) and split EXTRA_ARGS into a temporary array (e.g.,
tmp=($EXTRA_ARGS) but using proper safe splitting like read -r -a tmp <<<
"${EXTRA_ARGS-}") before appending elements to ARGS in a loop so each element is
added quoted (refer to EXTRA_ARGS and ARGS in the script), avoiding
word-splitting and globbing.


echo "Creating cluster with the following arguments:"
echo "${ARGS[@]}"
/usr/bin/hypershift create cluster aws "${ARGS[@]}"
Expand Down