NO-JIRA: Add Quay OMR 3 disconnected presubmit#81766
Conversation
Build the PR's Dockerfile.mirror image and install OMR 3 on the standard AWS disconnected bastion with runtime credentials and trust material. Mirror OpenShift 4.22 payload and component signatures, validate cluster-time mirror pulls, collect secret-safe diagnostics, and retain the established disconnected teardown path. Add the optional quay/quay job plus generated step-registry metadata and Prow configuration.
|
@jbpratt: This pull request explicitly references no jira issue. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: jbpratt The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository YAML (base), Central YAML (inherited) Review profile: CHILL Plan: Enterprise Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (21)
Cache: Disabled due to data retention organization setting Knowledge base: Disabled due to data retention organization setting WalkthroughAdds CI orchestration and step-registry support for disconnected Quay OMR-3 AWS deployments, including installation, release and signature mirroring, diagnostics gathering, and cluster validation. ChangesQuay OMR-3 disconnected workflow
Estimated code review effort: 4 (Complex) | ~60 minutes Sequence Diagram(s)sequenceDiagram
participant CI
participant AWSBastion
participant Quay
participant OpenShiftCluster
CI->>AWSBastion: install OMR-3 and publish runtime artifacts
CI->>Quay: mirror release images and signatures
AWSBastion->>Quay: serve mirrored registry content
CI->>OpenShiftCluster: configure mirror credentials and CA
OpenShiftCluster->>Quay: request mirrored release content
CI->>OpenShiftCluster: validate IDMS, OMR requests, and mirrored CLI
Suggested reviewers: ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
[REHEARSALNOTIFIER]
A total of 1637 jobs have been affected by this change. The above listing is non-exhaustive and limited to 25 jobs. A full list of affected jobs can be found here Interacting with pj-rehearseComment: Once you are satisfied with the results of the rehearsals, comment: |
Summary
quay/quaypresubmit for stable OpenShift 4.22 through OMR 3Dockerfile.mirror, install the PR image on the standard disconnected AWS bastion, and publish runtime endpoint, credentials, and CA materialVerification
make registry-metadataand registry metadata validationmake ci-operator-configand deterministic config comparisonmake ci-operator-checkconfig SKIP_PULL=truemake jobs WHAT=quay/quay SKIP_PULL=trueand generated Prow job inspectiongit diff --checkA live AWS run was not performed locally. The optional presubmit is the end-to-end rehearsal path.
Summary by CodeRabbit
Adds an optional disconnected AWS presubmit for Quay’s stable OpenShift 4.22 OMR 3 workflow. It builds and installs the PR’s mirror image on a bastion, publishes runtime registry credentials and trust material, mirrors release signatures and payloads, and validates cluster health, IDMS mappings, OMR traffic, and mirrored CLI execution.
Introduces the supporting CI configuration and step-registry workflows, including OMR installation, validation, and secret-safe diagnostics collection. Existing mirror configuration now accepts runtime credentials and CA files, while bastion provisioning permits the OMR service port and signature mirroring includes retries, cleanup, and proof artifacts.
Verification covers shell validation, security and fixture checks, CI generation, Prow inspection, metadata validation, and whitespace checks. No live AWS run was performed locally.