OCPBUGS-88531: Propagate restart-date annotation to CNO operand pod templates#3030
OCPBUGS-88531: Propagate restart-date annotation to CNO operand pod templates#3030bryan-cox wants to merge 1 commit into
Conversation
openshift-ci-robot
added
jira/severity-moderate
|
@bryan-cox: This pull request references Jira Issue OCPBUGS-88531, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository: openshift/coderabbit/.coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (3)
🚧 Files skipped from review as they are similar to previous changes (3)
WalkthroughAdds a ChangesHyperShift restart-date annotation propagation
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes 🚥 Pre-merge checks | ✅ 13 | ❌ 2❌ Failed checks (2 warnings)
✅ Passed checks (13 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 golangci-lint (2.12.2)level=error msg="Running error: context loading failed: failed to load packages: failed to load packages: failed to load with go/packages: err: exit status 1: stderr: go: inconsistent vendoring in :\n\tgithub.com/Masterminds/semver@v1.5.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tgithub.com/Masterminds/sprig/v3@v3.2.3: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tgithub.com/containernetworking/cni@v0.8.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tgithub.com/ghodss/yaml@v1.0.1-0.20190212211648-25d852aebe32: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tgithub.com/go-bindata/go-bindata@v3.1.2+incompatible: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tgithub.com/onsi/gomega@v1.39.1: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tgithub.com/ope ... [truncated 17357 characters] ... red in go.mod, but not marked as explicit in vendor/modules.txt\n\tk8s.io/gengo/v2@v2.0.0-20251215205346-5ee0d033ba5b: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tk8s.io/kms@v0.35.2: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tk8s.io/kube-aggregator@v0.35.1: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tsigs.k8s.io/randfill@v1.0.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\tsigs.k8s.io/structured-merge-diff/v6@v6.3.2: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt\n\n\tTo ignore the vendor directory, use -mod=readonly or -mod=mod.\n\tTo sync the vendor directory, run:\n\t\tgo mod vendor\n" Comment |
openshift-ci
Bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@pkg/hypershift/hypershift_test.go`:
- Around line 154-155: The test code is discarding error returns by using blank
identifiers (_) instead of capturing them, which can mask test failures and
produce misleading passes. Identify all instances in the test file where
function calls return errors that are being ignored (such as calls to
unstructured.NestedStringMap and similar utility functions), capture the
returned error values instead of discarding them with _, and add appropriate
assertions or error handling using the test assertion framework (e.g.,
g.Expect(err).NotTo(HaveOccurred())) to verify these operations succeed as
expected during test setup and assertions.
In `@pkg/hypershift/hypershift.go`:
- Line 291: The call to unstructured.NestedStringMap is discarding the error
return value (the third return value) by using a blank identifier, which means
any errors from malformed annotations are silently ignored. Instead of ignoring
the error, capture it as a named variable in the assignment to
unstructured.NestedStringMap, check if the error is non-nil, and handle it
appropriately before proceeding to mutate the pod-template annotations. This
ensures that rendering defects in the annotations are surfaced rather than
silently hidden.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 37272bb8-3d49-4c7b-9530-3c9966bb18b4
📒 Files selected for processing (3)
pkg/controller/operconfig/operconfig_controller.gopkg/hypershift/hypershift.gopkg/hypershift/hypershift_test.go
|
/jira refresh |
openshift-ci
Bot
removed
the
do-not-merge/work-in-progress
openshift-ci-robot
added
jira/valid-bug
|
@bryan-cox: This pull request references Jira Issue OCPBUGS-88531, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
…emplates When the hypershift.openshift.io/restart-date annotation is set on a HostedControlPlane, CNO now reads it and injects it into the pod template annotations of all rendered Deployments, DaemonSets, and StatefulSets. This triggers Kubernetes rolling restarts for all CNO operands, including cloud-network-config-controller which was previously missed. The fix follows the existing pattern of reading HCP annotations in ParseHostedControlPlane (like priority-class) and modifying rendered objects post-Render (like setOVNObjectAnnotation). This is the correct architectural location for this logic since CNO owns these operands. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
@bryan-cox: This pull request references Jira Issue OCPBUGS-88531, which is valid. 3 validation(s) were run on this bug
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest-required |
openshift-ci-robot
added
the
verified
|
@bryan-cox: This PR has been marked as verified by DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest |
|
@bryan-cox: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
|
||
| restartDate, _, err := unstructured.NestedString(hcp.UnstructuredContent(), "metadata", "annotations", RestartDateAnnotation) | ||
| if err != nil { | ||
| return nil, fmt.Errorf("failed to extract restart date annotation: %v", err) |
There was a problem hiding this comment.
Nit: It would be better to use %w to preserve the error chain but since all other calls in this file use %v let's keep it.
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: bryan-cox, mgencur The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
3 participants
Summary
When the
hypershift.openshift.io/restart-dateannotation is set on a HostedControlPlane CR, CNO-managed operands likecloud-network-config-controllerwere not being restarted. This happened because CNO uses server-side apply with deterministic manifests — applying the same manifest twice is a no-op, so operands don't roll out unless something in the pod template changes.This PR fixes the issue by:
hypershift.openshift.io/restart-dateannotation from the HostedControlPlane CR inParseHostedControlPlane()SetRestartDateAnnotation()helper that injects the restart-date into pod template annotations of all rendered Deployments, DaemonSets, and StatefulSetsRender()returns, gated on HyperShift mode and a non-empty restart-date valueThis follows the existing patterns in CNO:
ParseHostedControlPlane(likecontrol-plane-priority-class)setOVNObjectAnnotation)This is the architecturally correct location for this logic since CNO owns these operands and should be responsible for their lifecycle.
Test plan
ParseHostedControlPlanewith restart-date annotationSetRestartDateAnnotationcovering Deployments, DaemonSets, StatefulSets, non-apps objects, annotation preservation, and multi-object handlinggo build ./...passesgo test ./pkg/... ./cmd/...passesgo vetpasseshypershift.openshift.io/restart-dateannotation on an HCP and verify cloud-network-config-controller pods restartFixes: https://issues.redhat.com/browse/OCPBUGS-88531
🤖 Generated with Claude Code via
/jira:solve OCPBUGS-88531Summary by CodeRabbit
Release Notes
New Features
Bug Fixes
Tests