Add strict protection for hulk managed operators #81052
Conversation
…the auto-merge impact
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository YAML (base), Central YAML (inherited) Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (5)
WalkthroughThe Prow branch-protection configs now require additional CI status checks for several OpenShift operator repositories, and ChangesProw branch protection updates
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 15✅ Passed checks (15 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@core-services/prow/02_config/openshift/ocm-agent-operator/_prowconfig.yaml`:
- Line 5: The Tide/branch-protection repo key is mismatched: the config
currently targets ocm-agent while this prow config is for
openshift/ocm-agent-operator. Update the branch-protection target in the
_prowconfig.yaml config so it matches the repo used by Tide, and verify the
repository key is consistent across the affected branch protection and Tide
settings.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: a3199391-0761-4f71-a571-aa9db5ab2fe9
📒 Files selected for processing (4)
core-services/prow/02_config/openshift/certman-operator/_prowconfig.yamlcore-services/prow/02_config/openshift/managed-node-metadata-operator/_prowconfig.yamlcore-services/prow/02_config/openshift/managed-upgrade-operator/_prowconfig.yamlcore-services/prow/02_config/openshift/ocm-agent-operator/_prowconfig.yaml
|
[REHEARSALNOTIFIER] Note: If this PR includes changes to step registry files ( Interacting with pj-rehearseComment: Once you are satisfied with the results of the rehearsals, comment: |
|
@tkong-redhat: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/lgtm |
|
/pj-rehearse ack |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: TheUndeadKing, tkong-redhat The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@TheUndeadKing: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
|
@tkong-redhat: Updated the following 2 configmaps:
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
* Add strict protection for hulk managed operators in prow to minimize the auto-merge impact * Add validate and e2e-build-success condition
Add strict protection for hulk managed operators in prow to minimize the auto-merge impact.
Currently only check image build then it will merge which brings a lot of trouble.
Summary by CodeRabbit
Updated OpenShift Prow branch-protection configuration to make auto-merge for hulk-managed operator repositories stricter. For the following repos/branches, merges now require additional required Prow status checks (beyond Konflux PR checks and image builds), including
ci/prow/coverage,ci/prow/lint,ci/prow/test,ci/prow/validate, andci/prow/e2e-binary-build-success:openshift/certman-operator(master),openshift/managed-node-metadata-operator(main),openshift/managed-upgrade-operator(master), andopenshift/ocm-agent(master). Also added/expanded a new protected branch rule foropenshift/ocm-agent-operator(master) to enforce the same expanded set of required checks, reducing the likelihood of merging changes without full validation and successful end-to-end build signals.