ROSA-745: MintMaker gomod batch + automerge via boilerplate renovate#748
Conversation
|
@MitaliBhalla: This pull request references ROSA-745 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the initiative to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
WalkthroughRenovate config: adds ChangesRenovate Automation Rules
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 15✅ Passed checks (15 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
|
/label tide/merge-method-squash |
|
Please don't merge until https://github.com/openshift/release/pulls/MitaliBhalla all PRs here except the one for rosa are merged. |
|
/lgtm |
Point renovate.json at draft/rosa-745-gomod-batch-monday on MitaliBhalla/boilerplate until openshift/boilerplate#748 merges. Align Dependabot docker labels and Mon 03:00 UTC schedule with boilerplate template for tide automerge pilot. Co-authored-by: Cursor <cursoragent@cursor.com>
e8f674f to
4d5a5d8
Compare
|
/retest |
|
/unhold |
Enable grouped gomod manager in shared renovate.json with Mon-Fri 02:00-04:59 UTC batch window; pre-label lgtm/approved on safe patch/minor/digest updates; major gomod and Tekton updates open for manual review. Add lgtm/approved and Mon 03:00 UTC schedule to Dependabot docker template. Co-authored-by: Cursor <cursoragent@cursor.com>
4d5a5d8 to
38a86e9
Compare
|
/retest |
Revert the pilot fork extends (MitaliBhalla/boilerplate#draft/rosa-745-gomod-batch-monday) so this repo inherits renovate config from openshift/boilerplate master like the rest of the fleet. Dependabot docker labels/schedule from #285 are unchanged. After openshift/boilerplate#748 merges, gomod MintMaker rules apply via upstream extends. Co-authored-by: Cursor <cursoragent@cursor.com>
|
Looks good, approving with a hold, you can unhold and do testing when you are online. /lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: joshbranham, MitaliBhalla The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/unhold |
* ROSA-745: branch-protection for non-boilerplate repos Require mandatory ci/prow/* presubmits (non-optional, always_run) for repos that do not inherit dependency automerge config from openshift/boilerplate#748. rosa: Konflux on-pull-request + mandatory prow (supersedes #79948). aws-account-shredder: not in openshift/release — DPP-only for required checks. Repos: backplane-cli, backplane-tools, cluster-api-provider-aws, managed-cluster-config, osdctl, rosa * Fix _config.yaml repo ordering for prow-config (release before rosa) determinize-prow-config requires alphabetical ordering under tide.context_options.orgs.openshift.repos. * Revert managed-cluster-config from ROSA-745 branch-protection PR Branch protection for MCC is already live via #77430 (ci/prow/pr-check). No functional change needed for non-boilerplate ROSA-745 scope. * ROSA-745: require enterprise-contract for openshift/rosa master Add Red Hat Konflux / rh-rosa-cli-enterprise-contract / rosa alongside rosa-on-pull-request per release review; EC reports success on rosa dependency PRs (not neutral like most OSD operators). Co-authored-by: Cursor <cursoragent@cursor.com> * ROSA-745: drop cluster-api-provider-aws from branch-protection Soft-fork kept in sync with kubernetes-sigs/cluster-api-provider-aws; dependency updates flow via upstream rebase/sync, not downstream Dependabot/automerge (per maintainer review). Co-authored-by: Cursor <cursoragent@cursor.com> * ROSA-745: require osdctl format and verify-docs on master Align branch-protection with always-run presubmits from openshift-osdctl-master-presubmits.yaml. Co-authored-by: Cursor <cursoragent@cursor.com> * Address review: align required checks and drop CAPA tide edits - osdctl: format + verify-docs (prior commit) - backplane-cli: add always-run ci/prow/scan-optional - rosa: add always-run images/e2e-presubmits prow contexts - cluster-api-provider-aws: fully restore _prowconfig.yaml to main Co-authored-by: Cursor <cursoragent@cursor.com> * ROSA-745: drop scan-optional from backplane-cli branch-protection The presubmit is optional: true in ci-operator; requiring it repo-wide would gate every PR on an advisory scan job. Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: Cursor <cursoragent@cursor.com>
* ROSA-745: branch-protection for non-boilerplate repos Require mandatory ci/prow/* presubmits (non-optional, always_run) for repos that do not inherit dependency automerge config from openshift/boilerplate#748. rosa: Konflux on-pull-request + mandatory prow (supersedes openshift#79948). aws-account-shredder: not in openshift/release — DPP-only for required checks. Repos: backplane-cli, backplane-tools, cluster-api-provider-aws, managed-cluster-config, osdctl, rosa * Fix _config.yaml repo ordering for prow-config (release before rosa) determinize-prow-config requires alphabetical ordering under tide.context_options.orgs.openshift.repos. * Revert managed-cluster-config from ROSA-745 branch-protection PR Branch protection for MCC is already live via openshift#77430 (ci/prow/pr-check). No functional change needed for non-boilerplate ROSA-745 scope. * ROSA-745: require enterprise-contract for openshift/rosa master Add Red Hat Konflux / rh-rosa-cli-enterprise-contract / rosa alongside rosa-on-pull-request per release review; EC reports success on rosa dependency PRs (not neutral like most OSD operators). Co-authored-by: Cursor <cursoragent@cursor.com> * ROSA-745: drop cluster-api-provider-aws from branch-protection Soft-fork kept in sync with kubernetes-sigs/cluster-api-provider-aws; dependency updates flow via upstream rebase/sync, not downstream Dependabot/automerge (per maintainer review). Co-authored-by: Cursor <cursoragent@cursor.com> * ROSA-745: require osdctl format and verify-docs on master Align branch-protection with always-run presubmits from openshift-osdctl-master-presubmits.yaml. Co-authored-by: Cursor <cursoragent@cursor.com> * Address review: align required checks and drop CAPA tide edits - osdctl: format + verify-docs (prior commit) - backplane-cli: add always-run ci/prow/scan-optional - rosa: add always-run images/e2e-presubmits prow contexts - cluster-api-provider-aws: fully restore _prowconfig.yaml to main Co-authored-by: Cursor <cursoragent@cursor.com> * ROSA-745: drop scan-optional from backplane-cli branch-protection The presubmit is optional: true in ci-operator; requiring it repo-wide would gate every PR on an advisory scan job. Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: Cursor <cursoragent@cursor.com>
Summary
Re-introduces ROSA-745 MintMaker gomod batching + tide automerge via shared boilerplate config, after revert #747.
.github/renovate.jsonwith grouped minor/patch updates and production UTC schedule (02:00–04:59, Mon–Fri).lgtm/approvedon patch/minor/digest gomod + Tekton rules so tide automerges when required checks pass.major-update/manual-review-required/ok-to-test— nolgtm/approved, no automerge (manual/lgtmafter CI).lgtm/approved+ok-to-test+area/dependency; weekly Mon 03:00 UTC (aligned with MintMaker batch window).Who opens what
/lgtm/lgtm/buildDo not add gomod to Dependabot where MintMaker runs — avoids duplicate PRs. Gomod majors are MintMaker’s job (e.g. module line v4→v5).
Lessons from #741 / #746 rollback (#747)
"groupName": "gomod dependencies"(patch/minor only)timezone/updateNotScheduled"timezone": "UTC","updateNotScheduled": falseOut of scope
dependency-pr-automerge.ymlor boilerplate update-script workflow install.Prerequisites before fleet impact
ci/prow/*+ primary Konflux*-on-pull-requestper repo (see ROSA-745 DPP handoff).boilerplate-updateto pick updependabot.ymllabel + schedule changes.Test plan (after merge)
major-updatelabels and does not merge without human/lgtm.lgtm/approvedand automerges after required CI green.Related
Summary by CodeRabbit