Skip to content

tooling: Update verify-feature-promotion logic for installer-focused features#2903

Open
everettraven wants to merge 2 commits into
openshift:masterfrom
everettraven:tooling/installer-feature-gate-promotion-updates
Open

tooling: Update verify-feature-promotion logic for installer-focused features#2903
everettraven wants to merge 2 commits into
openshift:masterfrom
everettraven:tooling/installer-feature-gate-promotion-updates

Conversation

@everettraven

Copy link
Copy Markdown
Contributor

No description provided.

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

@openshift-ci openshift-ci Bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 25, 2026
@openshift-ci

openshift-ci Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@coderabbitai

coderabbitai Bot commented Jun 25, 2026

Copy link
Copy Markdown

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

The PR marks AWSDualStackInstall as enabled in feature metadata, feature-gate definitions, and payload manifests. It removes self-managed-high-availability include annotations from several CRDs. It also updates featuregate-test-analyzer to use a job-based Sippy verification path for Install feature gates, and adds Sippy JSON models and URL builders used by that flow.

Suggested reviewers

  • JoelSpeed
  • cheesesashimi
🚥 Pre-merge checks | ✅ 13 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 7.14% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check ❓ Inconclusive No pull request description was provided, so there is no meaningful summary to assess beyond the change set itself. Add a brief description of the feature-promotion logic updates and affected installer-focused feature gates.
✅ Passed checks (13 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately summarizes the main change: updating verify-feature-promotion logic for installer-focused features.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed Changed Ginkgo titles are static strings; fixture-driven Entry names come from checked-in dirs, not runtime-generated values.
Test Structure And Quality ✅ Passed No Ginkgo test files or It/BeforeEach/Eventually blocks were changed in this PR, so the test-quality check is not applicable.
Microshift Test Compatibility ✅ Passed Changed files are docs, feature-gate manifests, and tooling only; no new Ginkgo e2e tests or MicroShift-unsupported APIs were added.
Single Node Openshift (Sno) Test Compatibility ✅ Passed PASS: the new Ginkgo code is envtest/eval harnessing, not cluster e2e tests, and it makes no multi-node or HA assumptions.
Topology-Aware Scheduling Compatibility ✅ Passed PASS: The PR only changes feature-gate metadata, CRD annotations, and codegen/test-analyzer logic; no pod affinity, selectors, replicas, PDBs, or topology assumptions were added.
Ote Binary Stdout Contract ✅ Passed No new stdout writes were added in main/init/TestMain or top-level initializers; added fmt.Printf/Println calls stay inside normal helper methods.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed No new Ginkgo e2e tests were added in the changed files; the PR only touches docs, manifests, and tooling code.
No-Weak-Crypto ✅ Passed No MD5/SHA1/DES/RC4/3DES/Blowfish/ECB or custom secret-comparison code was added; the only crypto-related change is TLS InsecureSkipVerify, which is outside this check.
Container-Privileges ✅ Passed Changed files are feature-gate/docs/code only; searches found no privileged, hostPID/Network/IPC, SYS_ADMIN, or allowPrivilegeEscalation settings in the modified manifests.
No-Sensitive-Data-In-Logs ✅ Passed No added logs print secrets, PII, or customer data; new output is limited to feature gates, job names, test names, and a testgrid URL.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@everettraven

Copy link
Copy Markdown
Contributor Author

/test verify-feature-promotion

@openshift-ci

openshift-ci Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Hello @everettraven! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

@openshift-ci openshift-ci Bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jun 25, 2026
@openshift-ci

openshift-ci Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign everettraven for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tools/codegen/cmd/featuregate-test-analyzer.go`:
- Around line 1092-1104: The hardcoded stub in getJobsForFeatureGateFromSippy is
bypassing the real Sippy lookup and ignoring the release, featureGate, and
variant inputs. Remove the temporary out slice and early return so the function
proceeds to the actual query logic, and keep the existing
getJobsForFeatureGateFromSippy path using the provided parameters to fetch the
correct jobs.
- Around line 1046-1078: The triage handling in verifyJobPassRate is too coarse
and is using all job runs in the pass-rate calculation, which causes triaged
failures to suppress unrelated variants and still count against the denominator.
Update the flow around getTriagedTestFailuresFromSippy and verifyJobPassRate so
triage is keyed by the full variant identity returned by Sippy, not just test
name, and filter out triaged failures before setting
TestResults.TotalRuns/SuccessfulRuns/FailedRuns. Make sure the loop over jobRuns
only increments failures for non-triaged failing runs and that pass-rate math
reflects the filtered set consistently in both affected call sites.
- Around line 1051-1052: The triage lookup result from
getTriagedTestFailuresFromSippy in featuregate-test-analyzer.go is using the
returned err without handling it, which can make failures look untriaged. Update
the logic around triagedTestFailures, err to check and handle the error
immediately: propagate it or stop processing rather than continuing with an
empty triaged set. Keep the fix localized to the code path that consumes
getTriagedTestFailuresFromSippy so the triage counting logic only runs when the
lookup succeeds.
- Around line 999-1008: The defaultTransport setup in featuregate-test-analyzer
should not disable TLS verification for Sippy requests. Remove the
InsecureSkipVerify setting from the tls.Config used by defaultTransport, and
rely on normal certificate validation so the HTTP client still enforces HTTPS
trust checks while preserving the existing transport configuration.
- Around line 993-1016: `verifyInstallFeatureGatePromotion` and the Sippy helper
chain are not propagating cancellation, so requests can outlive `Run(ctx)`.
Update `verifyInstallFeatureGatePromotion` to pass `ctx` into
`getJobsForFeatureGateFromSippy`, then thread it through `getJobRunsFromSippy`
and `getTriagedTestFailuresFromSippy`, and use it when building the HTTP
requests instead of calling `client.Get(...)` directly. Keep the existing
symbols in place, only add context plumbing so request lifetimes follow the
caller’s deadline/cancelation.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 382c96e4-2e33-4b88-b0fe-749c605219d5

📥 Commits

Reviewing files that changed from the base of the PR and between fcee122 and c07aa2f.

📒 Files selected for processing (7)
  • features.md
  • features/features.go
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • tools/codegen/cmd/featuregate-test-analyzer.go

Comment thread tools/codegen/cmd/featuregate-test-analyzer.go Outdated
Comment on lines +999 to +1008
defaultTransport := &http.Transport{
Proxy: http.ProxyFromEnvironment,
ForceAttemptHTTP2: true,
MaxIdleConns: 100,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},

@coderabbitai coderabbitai Bot Jun 25, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

file="tools/codegen/cmd/featuregate-test-analyzer.go"

echo "== line count =="
wc -l "$file"

echo "== around reported lines =="
sed -n '960,1035p' "$file"

echo "== later helper context =="
sed -n '1035,1125p' "$file"

Repository: openshift/api

Length of output: 5480


🏁 Script executed:

#!/bin/bash
set -euo pipefail

file="tools/codegen/cmd/featuregate-test-analyzer.go"

echo "== line count =="
wc -l "$file"

echo "== around reported lines =="
sed -n '960,1035p' "$file"

echo "== later helper context =="
sed -n '1035,1125p' "$file"

Repository: openshift/api

Length of output: 5480


🏁 Script executed:

#!/bin/bash
set -euo pipefail

file="tools/codegen/cmd/featuregate-test-analyzer.go"

echo "== line count =="
wc -l "$file"

echo "== around reported lines =="
sed -n '960,1035p' "$file"

echo "== later helper context =="
sed -n '1035,1125p' "$file"

Repository: openshift/api

Length of output: 5480


Don't disable TLS verification for Sippy requests.

InsecureSkipVerify: true allows a MITM to tamper with the job/triage data used here, which can change promotion decisions.

Suggested fix
 	defaultTransport := &http.Transport{
 		Proxy:                 http.ProxyFromEnvironment,
 		ForceAttemptHTTP2:     true,
 		MaxIdleConns:          100,
 		IdleConnTimeout:       90 * time.Second,
 		TLSHandshakeTimeout:   10 * time.Second,
 		ExpectContinueTimeout: 1 * time.Second,
-		TLSClientConfig: &tls.Config{
-			InsecureSkipVerify: true,
-		},
 	}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
defaultTransport := &http.Transport{
Proxy: http.ProxyFromEnvironment,
ForceAttemptHTTP2: true,
MaxIdleConns: 100,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
defaultTransport := &http.Transport{
Proxy: http.ProxyFromEnvironment,
ForceAttemptHTTP2: true,
MaxIdleConns: 100,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
}
🧰 Tools
🪛 ast-grep (0.44.0)

[warning] 1005-1007: MinVersionis missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. AddMinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.
Context: tls.Config{
InsecureSkipVerify: true,
}
Note: [CWE-327]: Use of a Broken or Risky Cryptographic Algorithm [OWASP A03:2017]: Sensitive Data Exposure [OWASP A02:2021]: Cryptographic Failures

(missing-ssl-minversion-go)

🪛 OpenGrep (1.23.0)

[ERROR] 1006-1008: TLS certificate verification is disabled via InsecureSkipVerify. This allows man-in-the-middle attacks. Remove InsecureSkipVerify or set it to false.

(coderabbit.tls.go-insecure-skip-verify)


[ERROR] 1006-1008: TLS certificate verification is disabled via InsecureSkipVerify. This allows man-in-the-middle attacks. Remove InsecureSkipVerify or set it to false.

(coderabbit.tls.go-insecure-skip-verify)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` around lines 999 - 1008, The
defaultTransport setup in featuregate-test-analyzer should not disable TLS
verification for Sippy requests. Remove the InsecureSkipVerify setting from the
tls.Config used by defaultTransport, and rely on normal certificate validation
so the HTTP client still enforces HTTPS trust checks while preserving the
existing transport configuration.

Source: Linters/SAST tools

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already do this everywhere else and this hasn't been a problem.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@everettraven Fair point on consistency. I agree this isn’t unique to this PR, but I still think the concern is valid: InsecureSkipVerify: true disables certificate validation for data that feeds promotion decisions, so “it hasn’t been a problem yet” is more luck than guarantee.

That said, if you’d rather keep this PR scoped to the installer-logic change, I’m okay deferring this as broader cleanup instead of blocking here. If you want, I can help turn it into a follow-up issue to remove the insecure TLS config across the related Sippy clients.

Comment thread tools/codegen/cmd/featuregate-test-analyzer.go
Comment thread tools/codegen/cmd/featuregate-test-analyzer.go Outdated
Comment thread tools/codegen/cmd/featuregate-test-analyzer.go Outdated
return false
}

func verifyInstallFeatureGatePromotion(featureGate string, jobVariant JobVariant) (*TestingResults, error) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggest going generic, there may be other components that have to prove their fg is ready via a job overall result, not tests within the job.

ColumnField: "variants",
OperatorValue: "contains",
Value: fmt.Sprintf("Topology:%s", variant.Topology),
},

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! So in a couple days we could make this a query for variant Capability:FGName (assuming we name this correctly to match the fg)

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
tools/codegen/cmd/featuregate-test-analyzer.go (1)

1105-1129: 🎯 Functional Correctness | 🟠 Major

Count empty failed-run cases as failures

Failed job runs with no reported FailedTestNames still fall through to SuccessfulRuns++, so installer or early infra failures get counted as passes. Treat those runs as failures unless they’re explicitly known/triaged.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` around lines 1105 - 1129, The
job-run counting logic in the loop over jobRuns is treating failed runs with no
FailedTestNames as successes because only untriagedTestFailures increments
FailedRuns. Update the featuregate test analyzer to count any jobRun with
OverallResult == "F" and not KnownFailure as a failed run, even when
FailedTestNames is empty, while still preserving the existing triage filtering
for reporting untriaged failures in the jobRun/triagedTestFailures path.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@tools/codegen/cmd/featuregate-test-analyzer.go`:
- Around line 1105-1129: The job-run counting logic in the loop over jobRuns is
treating failed runs with no FailedTestNames as successes because only
untriagedTestFailures increments FailedRuns. Update the featuregate test
analyzer to count any jobRun with OverallResult == "F" and not KnownFailure as a
failed run, even when FailedTestNames is empty, while still preserving the
existing triage filtering for reporting untriaged failures in the
jobRun/triagedTestFailures path.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 39488995-d772-40a5-9c03-1230580f496e

📥 Commits

Reviewing files that changed from the base of the PR and between c07aa2f and dbd3ddd.

📒 Files selected for processing (2)
  • tools/codegen/cmd/featuregate-test-analyzer.go
  • tools/codegen/pkg/sippy/json_types.go

@openshift-ci openshift-ci Bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jun 28, 2026
@everettraven everettraven force-pushed the tooling/installer-feature-gate-promotion-updates branch from dbd3ddd to 7b54774 Compare June 30, 2026 16:37

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (2)
tools/codegen/cmd/featuregate-test-analyzer.go (2)

1100-1100: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Use %w to wrap the error. %q quotes the error string and breaks errors.Is/As chaining; the sibling helpers all use %w.

♻️ Proposed change
-		return nil, fmt.Errorf("getting triaged test failures from sippy: %q", err)
+		return nil, fmt.Errorf("getting triaged test failures from sippy: %w", err)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` at line 1100, The error
handling in the triaged test failures path should wrap the underlying error
instead of quoting it. Update the fmt.Errorf call in the helper that fetches
triaged test failures from sippy to use %w so errors.Is/errors.As continue to
work, matching the pattern used by the sibling helper functions in
featuregate-test-analyzer.go.

1043-1067: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Reuse existing constants instead of hardcoding 14/95. requiredNumberOfTestRunsPerVariant = 14 (and requiredPassRateOfTestsPerVariant = 0.95) already exist; hardcoding the same thresholds here risks them drifting out of sync. Consider runs < requiredNumberOfTestRunsPerVariant and deriving the pass-rate check from the existing constant.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` around lines 1043 - 1067, The
promotion-threshold checks in the test results logic are hardcoding the same
limits already defined elsewhere, so update the logic in the feature gate test
analyzer to use the existing constants instead of literal values. In the code
around the early-return path and pass-rate gate, reference
requiredNumberOfTestRunsPerVariant and derive the 95% check from
requiredPassRateOfTestsPerVariant so the thresholds stay consistent.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tools/codegen/cmd/featuregate-test-analyzer.go`:
- Around line 1139-1141: The error formatting uses the wrong verb for
resp.StatusCode, which is an int, so update the fmt.Errorf messages to use %d
instead of %s at this check and the other two matching status-code checks in
featuregate-test-analyzer.go. Make the same change wherever the code compares
resp.StatusCode against http.StatusOK so the returned error string is correct
and passes go vet.

---

Nitpick comments:
In `@tools/codegen/cmd/featuregate-test-analyzer.go`:
- Line 1100: The error handling in the triaged test failures path should wrap
the underlying error instead of quoting it. Update the fmt.Errorf call in the
helper that fetches triaged test failures from sippy to use %w so
errors.Is/errors.As continue to work, matching the pattern used by the sibling
helper functions in featuregate-test-analyzer.go.
- Around line 1043-1067: The promotion-threshold checks in the test results
logic are hardcoding the same limits already defined elsewhere, so update the
logic in the feature gate test analyzer to use the existing constants instead of
literal values. In the code around the early-return path and pass-rate gate,
reference requiredNumberOfTestRunsPerVariant and derive the 95% check from
requiredPassRateOfTestsPerVariant so the thresholds stay consistent.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: cdadfacc-d083-4ec7-82ab-69094b8ab2b3

📥 Commits

Reviewing files that changed from the base of the PR and between dbd3ddd and 7b54774.

📒 Files selected for processing (8)
  • features.md
  • features/features.go
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • tools/codegen/cmd/featuregate-test-analyzer.go
  • tools/codegen/pkg/sippy/json_types.go
✅ Files skipped from review due to trivial changes (2)
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • features.md
🚧 Files skipped from review as they are similar to previous changes (5)
  • features/features.go
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • tools/codegen/pkg/sippy/json_types.go

Comment on lines +1139 to +1141
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("expected a 200 OK status code but got %s", resp.StatusCode)
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Wrong format verb: %s with an int status code.

resp.StatusCode is an int, so %s renders as %!s(int=404) instead of the actual code, and go vet (run by make lint) will flag this. Use %d. Same issue at Lines 1165-1167 and 1196-1198.

🐛 Proposed fix (apply to all three sites)
-		return nil, fmt.Errorf("expected a 200 OK status code but got %s", resp.StatusCode)
+		return nil, fmt.Errorf("expected a 200 OK status code but got %d", resp.StatusCode)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("expected a 200 OK status code but got %s", resp.StatusCode)
}
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("expected a 200 OK status code but got %d", resp.StatusCode)
}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` around lines 1139 - 1141, The
error formatting uses the wrong verb for resp.StatusCode, which is an int, so
update the fmt.Errorf messages to use %d instead of %s at this check and the
other two matching status-code checks in featuregate-test-analyzer.go. Make the
same change wherever the code compares resp.StatusCode against http.StatusOK so
the returned error string is correct and passes go vet.

@everettraven everettraven force-pushed the tooling/installer-feature-gate-promotion-updates branch from 7b54774 to 35352b3 Compare June 30, 2026 16:54
@openshift-ci openshift-ci Bot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jun 30, 2026
@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown

Caution

Failed to replace (edit) comment. This is likely due to insufficient permissions or the comment being deleted.

Error details
{"name":"HttpError","status":500,"request":{"method":"PATCH","url":"https://api.github.com/repos/openshift/api/issues/comments/4801241087","headers":{"accept":"application/vnd.github.v3+json","user-agent":"octokit.js/0.0.0-development octokit-core.js/7.0.6 Node.js/24","content-type":"application/json; charset=utf-8"},"body":{"body":"<!-- This is an auto-generated comment: summarize by coderabbit.ai -->\n<!-- walkthrough_start -->\n\n<details>\n<summary>📝 Walkthrough</summary>\n\n## Walkthrough\nThe PR marks AWSDualStackInstall as enabled in the feature matrix, feature-gate definitions, payload manifests, and related CRD annotations. It also changes `featuregate-test-analyzer` so `Install` feature gates use a job-based verification path that reads Sippy job listings, job runs, and triage data. Minor formatting and file-permission updates are included.\n\n## Suggested reviewers\n- JoelSpeed\n- memodi\n\n</details>\n\n<!-- walkthrough_end -->\n<!-- pre_merge_checks_walkthrough_start -->\n\n<details>\n<summary>🚥 Pre-merge checks | ✅ 13 | ❌ 2</summary>\n\n### ❌ Failed checks (1 warning, 1 inconclusive)\n\n|     Check name     | Status         | Explanation                                                                                                  | Resolution                                                                                                             |\n| :----------------: | :------------- | :----------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------- |\n| Docstring Coverage | ⚠️ Warning     | Docstring coverage is 7.14% which is insufficient. The required threshold is 80.00%.                         | Write docstrings for the functions missing them to satisfy the coverage threshold.                                     |\n|  Description check | ❓ Inconclusive | No pull request description was provided, so the change intent cannot be assessed from the author's summary. | Add a brief description explaining the feature-promotion verification changes and affected installer-focused features. |\n\n<details>\n<summary>✅ Passed checks (13 passed)</summary>\n\n|                    Check name                    | Status   | Explanation                                                                                                                                                                               |\n| :----------------------------------------------: | :------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n|                    Title check                   | ✅ Passed | The title clearly describes the tooling update for installer-focused feature-promotion verification.                                                                                      |\n|                Linked Issues check               | ✅ Passed | Check skipped because no linked issues were found for this pull request.                                                                                                                  |\n|            Out of Scope Changes check            | ✅ Passed | Check skipped because no linked issues were found for this pull request.                                                                                                                  |\n|        Stable And Deterministic Test Names       | ✅ Passed | Touched Ginkgo titles are static strings (e.g. \"API Review Evaluation\", \"Golden Tests\"); no dynamic values were introduced.                                                               |\n|            Test Structure And Quality            | ✅ Passed | No Ginkgo test code changed; the PR only updates tooling, feature-gates, docs, and generated manifests.                                                                                   |\n|           Microshift Test Compatibility          | ✅ Passed | No new Ginkgo e2e tests were added; touched files are codegen/docs/manifests and contain no It/Describe/Context/When or MicroShift-specific test logic.                                   |\n|  Single Node Openshift (Sno) Test Compatibility  | ✅ Passed | No new Ginkgo e2e tests were added; the PR only changes tooling, docs, manifests, and feature-gate metadata.                                                                              |\n|      Topology-Aware Scheduling Compatibility     | ✅ Passed | Changes only adjust feature-gate state, Sippy/test tooling, and CRD annotations; no pod specs, replicas, node selectors, affinities, PDBs, or topology-aware scheduling logic were added. |\n|            Ote Binary Stdout Contract            | ✅ Passed | No stdout writes were added in main/init/top-level setup; the new fmt.Printf/Println calls are in helper functions, outside the check’s scope.                                            |\n| Ipv6 And Disconnected Network Test Compatibility | ✅ Passed | No new Ginkgo e2e tests were added; the patch only changes manifests and tooling, and the touched Go files contain no It/Describe/Context calls.                                          |\n|                  No-Weak-Crypto                  | ✅ Passed | Changed files add Sippy/feature-gate logic only; no MD5/SHA1/DES/RC4/3DES/Blowfish/ECB, custom crypto, or secret comparisons were introduced.                                             |\n|               Container-Privileges               | ✅ Passed | Changed files are feature-gate and CRD manifests only; no privileged/hostPID/hostNetwork/hostIPC/allowPrivilegeEscalation/SYS_ADMIN fields were found.                                    |\n|             No-Sensitive-Data-In-Logs            | ✅ Passed | PASS: New output only includes feature-gate names, variant metadata, release, and public Sippy/TestGrid URLs; no passwords, tokens, PII, or customer data are logged.                     |\n\n</details>\n\n</details>\n\n<!-- pre_merge_checks_walkthrough_end -->\n<!-- finishing_touch_checkbox_start -->\n\n<details>\n<summary>✨ Finishing Touches</summary>\n\n<details>\n<summary>🧪 Generate unit tests (beta)</summary>\n\n- [ ] <!-- {\"checkboxId\": \"f47ac10b-58cc-4372-a567-0e02b2c3d479\", \"radioGroupId\": \"utg-output-choice-group-unknown_comment_id\"} -->   Create PR with unit tests\n\n</details>\n\n</details>\n\n<!-- finishing_touch_checkbox_end -->\n<!-- This is an auto-generated comment: all tool run failures by coderabbit.ai -->\n\n> [!WARNING]\n> There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.\n> \n> <details>\n> <summary>🔧 golangci-lint (2.12.2)</summary>\n> \n> Error: build linters: unable to load custom analyzer \"kubeapilinter\": tools/_output/bin/kube-api-linter.so, plugin: not implemented\n> The command is terminated due to an error: build linters: unable to load custom analyzer \"kubeapilinter\": tools/_output/bin/kube-api-linter.so, plugin: not implemented\n> \n> \n> \n> \n> </details>\n\n<!-- end of auto-generated comment: all tool run failures by coderabbit.ai -->\n<!-- tips_start -->\n\n---\n\n\n\n\n<sub>Comment `@coderabbitai help` to get the list of available commands.</sub>\n\n<!-- tips_end -->\n<!-- internal state start -->\n\n\n<!-- N4IgzgxgFgpgtgQwGowE5gJYHsB2IBcAjADTgAuqArhGZajACYDKZCZMBoYF1t9K6bHiKkADqgDyAIwBWMGhgBuMMARABidQAIACgCUtYSnESoAngB0cAFQxkANjHxaA6gEkdzsliz2MOAHNnAFVRBjYYLQADZVQMADMzAFp4mDY6GCTxLDgsMiEorXssAIwILXisVC1/bgR7R1QUrAhKMEYKtL4VLS0rADljKTRnACYATgAGAGZeq2C9ABlnKDIyUTB8AHot0rIoSikAOggcraxRGBwwKASyLYRRDC3RSgatiZm5nGD21GcYLEYGtUAhlDhvkwsHQIJEpKCcNAvD4/IEtrVWA00CkuhkkgEIllUDk8kIkpQwhEwN9rAhUAFgVp4QhEVBnIhuGhIaxaJstBcrt8ACKg+JkLxUSJ9HB6QEYGAAdzQfOliwQw3sfJwMEYYCS9CkCHaxEMGAAXjAtosTQwsEkcHkknA0AytgqqgBrJL+IklehganSgDC9AiDC0bDGk1GADYkpM46MAKzWQhJ/AAFkm+FjAC1vlZNFogzlnTgyNSjCY6ZYbLB+Th7GZdAZTiYrmRDFAsAqIRhqQgtPQAI6UFSd7xDygQ/aRdjcLRtxA4cNRLbzzuxBLJVLpei+3L5XBRI4gUighVMYymMwAWUenBAu+6YCOcAYaiLAEE3Pirmgw0Ma8a35eJFygFkGTAKwrDcCEomfDJX3fKITVnaIvxcJghUoeoWAQCAPTguoGkKRD9wJdghx7LQFSNId4CwZRw3iYk4BqCstDSVA/C5UQsEwI8+xnetyMiRAKAwAAPLQAAphjIJVBSiTDsMYMowwACQEitChZVdVIAUToAUWShIEMACHAg2KSgGGIzF7CiABKCMVy0WcIX3BAGAYDp7Aiap/A8+tWCkRwanbBgMAiJsIzFLkVKwmy2nYVBtM5BghX6JgHPqJyji0ax6283yOmJBUtA9HUNgwrCcLw1hCLy0itFMarw3oqJDJwdVHAYPSIGJAMIwaIp+3YcNRACshKlQdjTnsYxriOGCcG/ew0rYIRqUndC/IgALQSE6ksDAmApP41BJv5apXnCsouPLOx5WgnABlwGA1sWfwemgSDGGcABqQgtiSQg1sM7gMAkjpTj8hjFHlSqYHiObxS0RYezPJ9cX9LYxNfAIsE/bQfz/bVjo6Ksb1A8CAbe2D4MJgm8ZUI5idQkLIiiAAxNmAHEIlUhr7Hw5rrkcsi2a0SiYEATAJqSiK4+pgWSjg15zCnaTs6OpC7RH0jpJ38Q67J5/whVRhA3jIWStbc1d/AkABpIV7cKYKfOioSPKwbmtHEOVoTAOKVfCjoon8ax5CgHR6CRxV+iwUIAlBPyPcd6JLcBeO5STlPRDTny1a11b3vWsnNoAk6/YDg6ju23BTvOy6qhuqpA8OPxyg7F6VDW5PtW+37qX+wJAa0EGwYhiuofyWHw3hyIE+Rri0fb5xb3U4wccNsxih8p0WQSccwFZvcYDl8+xKF9gkgzcHJiSTSzEudBbjFJIrfiG3NqOMwCA4D2FJlocmDJKaARpiBM69MJ6MxwHBAOfNBYREKMuU+C45rILNpyVA0tL6GGBGhesSVsK4TFk1Iikt8qFDljUak9BcjMQqGxaIYBLgQCOHUXkRxb5UgANoAF0jjRTAKrAaWdvbG39lEDh8huE8jaHw1B85hFHHDv1E8Whk78lnNUMSssIhaF6s6U61QjCoGJNOaKgRDA8BoHQeoFR5T2AYNSYK6EMGpAXHSSI48GQMHLoWKuW1a57XrA3OkTdrh0wNu3Dond7o9yevkfIA8K5Dy+hXH62ox4QQngwYG0wwbTEhtDRei4sAI1Xoqde6NnBYwVCPPJcDAnFNKeUhegFl6IzXqjBpWht7RV3mIBAB8sBH28WfC+3Rr6zIyHfTIj9CDP1fu/G4dwkiuyFAAoBID8AaDJr+CBNdqbAXMHTAJGSmbRH3ofBgx8cCYIrAs+g8z+H3xWWst+ypP5kG2W7PZwCuboTIaLcW1CSJOU6IQ+hesGLMI6KxHIyCxESMKH4Xx7lpHhgiTzTRjBMUTS0DYrkYLcFpQId0IxVFsHoR2bCmlOsTQBP8AEDi+s0byHyMoexxjPG3GpNM7gwTK5gOrsdHadd9ryEbrXWB8TrqJLut3R6fd0kIKyS0v6BT2lTxKUkMpc8Kk9OqSvfOKMN7XS3jvOAe9xkPKeS8m+bMPmqOWU/JITAYD2HiPeXqgTNJfm/tbW2wKDlHLASc/8VNwzQMubA65CCkFRHuZMx5IrXliXdZfJZD8vU+r9QGhAQaQ0/z/mQCNoLRIy3oeCihkKWowoRUwpiyK2FyKUa+T5Kh1HoojpI/SEYyp4tkTw5RvawDqMJQNQqui8iwAMXWqkNQRKRHiBgCKSp6BtMYGKjaYTpX4q0FEqVzc4lt2VeGJJare7PU1YPT6Or8kAyKQazpJruk3V6bUq1gzhkYGMC+vd76gaGuNVYeeMMzU1MtfUzeQy7UOomVMk+Pjs1uqpG8mA+bvnet9f6lkpbGDBsBbswBwDQHgNjVAi5zYk16puXWHmItG1UObdSjItLIgdkuYKnm/M81oLauh8cdzHUZudRh11l9c3dDw4WwjJay3kerQwtq7aWKdonT2j106REDq0XXLt6Q9PCbUSI2d2iF36KZdx+hfHXq3VE88jDLjfXuK7D2YS9cEhgT8aBg9oSa7Hv9rKw60SFWtyuh3VVD171pNek+4eOTR6gY6UarpMGf3mr6XUgZiHAOjJAN4Xw59l4QK2BAd8OG5ZJA3EkYjTYLSoA5iTQ534Y2QJugmhjYFk1rQQlh++jXmtmFa4UB0lUFRxHnNEMSB5SS4CSH1t8ki2jsv5DQZx784D9kwLgaIkwsAxgzBmT2ks0g3rAlEBM53tFuE7PUMA/tEDVWFf4TuCpbjzkNrCLY4UWRelRBuqoEl8h2J8jIVKZZOICa0Jpawt5FhZ3vKgD0tpey0Tm8qE0w7k3RAkKgPy9AGAACksBSCQHSGK5ZXyLBUGAKIitojakUp6SFxPSdkU7YoOkhRJxRHwAAXkKAqOw3ZKDPclVttshs4ivYhMMCCSMqhit5tOBQuBnHXOcFELFZAY7cFlEYTavMqg07iCyMgU2aLyIgDFewSQIBGh6IY6+VTywIH8FtqIFgQDNoD4UKQzZQ+GwDFt9C4hsDVCiBuHQbA0o4DXBifK5LxOjjQM2Q2+ws7RXoDQOK9A+DPKh1oGQVOkiGnaOGLcm7Xe+39LbLQSNBwxDQNuSnUgABCbuGBCYUxEeOJIhInkHnUyvUhq/98DmxZbEJ68aV9vEYoCp8BWCSNEevZhu999r4PxZw/59j43xCLQW+/JpX2609CrB6SMgkEGHQDFHBu+IFYXoW/UhkGgD0NPWI1QU+1I9K9YpQ4I9mu69CQM0Q3eVudOtureMUWgTAGAogogzYskUQDIZA3eYAFuqAh+9ASyvMbEqB6BZgLkH+5+W+S+PQaQ0AFeVOpKmAdiHecQiQ3eieAYegaC1BX+EYAQacV8q6zem0Hi5Y/s7exukOAQputszOFQnc6E/O1u5Y5cW+7BXeVO3BYAvB7Awun+F+/K10IBnaU+RwQYdA9A5Yeg04zOWwUQFhVhViHYuhKgqERhW+CQ0QVAsSAAPAxKOBgGToMHAMMJIPEDIcziaHYBGJQAEHDowvYS8EaO0NSBLnnkHGrm0FUtOJxMOiXnQLEtxHFJkVAFUnAK8DdL/FuuVNOHkfTnJOUdCJ2H5DAO/G5PUGYJgGAM5PwcYT4RHowsYlgcMSoFsH4czq5P2NEAAHwi5BGUAhGMC6H6EwASBRFnw6BoDwE25cxFGoAlF0hlGS6VHVHIo+79RTgQinD5FgADFb6LpoAS7tCdC/6wCMLyAdhMFSA3FmGorkEYFKHVDoQBQLgAB+hAGYp64y1IWBOB3edh1wpBOQQJlBrkw6P+f+u01ugSDEwhAYxs4mpi7uyhJUvqaQbxMBqhCBck2BwI1geJjAMhvMVxSEqJcA6JVBXhjRBRvxNxEYIBVxiSjYzYP2ykEgsQ+U8hm0WgIuixAevMweJoUQAAhC7NNjgGyVuhkFzMOmwEUFSZ2J9BUCKXiiSUApELMQAFQOhkA2lz4qA/EI6SQkbhjvL+iHYQg6wADcHEc+/gnE+RzJLE7J/odc3Ato0uJozxqArx1piITCHYlY1AsIAY8Qbw/xGhOiioWwF07AK4HQ6JiO1g1gL+sA9gGyZ+AhDJuBVO+BVQRBuGEQnJ3JzgAshk1gu09YwBT0DA/EQZIJAcHuEQkxlJbuWwtJNuWc04pgNwL2Achx2o4YU+40oqvJdZSJ9hbZaBGBwuWgnZ3ZDEsI5YApUxck4JnYUJMJ4QPRmJ7kc5dIC5mo0Q6J251wspiBFUr4m5OBTJMUgSrJ4ZKgu5FBB5R5Y8OQ/E2oZ5oYtiTOHkzJDxgcJ8EAp0EICwqOCubxtRS09AJom6kqXxhJ3p1Ioer+VJkQw605Z5SecQUg0uPQskOgM0c0cAWw1gFwvgJQZgWwX4qA0AdgPKGQJo00uRFwQkzi/QwI7oGOkKWwEgTA/RWcy5A47CwIr4PqiBsCnpTOxJC4pJv5Fch6oWF6J6Z6MSLcXEV6cWXcCWqS/cWqz6aWrS1yYGsYoMSQSY2WlSv68GhWNqiOlkUAOMZWmo1W5qVWogHoAQWwmAFBWwMgSuAA+mQL8kTB1lGjRj1uctWImgNkxggsVLMURdRb5NSNqCjLZR0OTkwBIP0Jpn5PYB5BlcOfQEHO0M9HYglcCWuYbuygOO5FPvqNOOOaRUIOuMybCawPSe+VTlzFEPNVIMiYtctciXoSoLbGtXuWYABSRk9vADtRQbKBNceM5IVE9qNK9muhQNUtQD0BziYgVjVeGFhUyMsW4lyJWdWdED3p9cwLtXgQQc2UslherJrHpO5FEP9VuoDRQR+Y2agN3uDRrEcGXH9QDctUjaDREKjZDR9XDUNaWeWUwNEA8E8ElQ2YUO9fsIaTrOpQhFulSloFnpcgrlaWlF7qwL7uXnVQ1UkFcMvPGrtazWOJcrJBdGbLYhylENqLEKtmFI4FDauKWsIXLANIRczZ3nYhRYtvQq7obFIFunYDnktLtNxcUAEHxdNGwOxQ8IJb9iJQRVnJJUIPlM2N7H7jJRzvJVQirUTkwFQVnAzcgvQG/u0IUGzTntEs6GlIVDDVjUDVThtQQSjUsBDejSHgDcTUjqTeTY8M8MAZMfYTTUsCFPTZpRGAttrfgmLdnqhaCHHVyKcN7rzRyoOPzf0ILYiOaiLRQfXZctgiyDZQRJ2E4VTv0FaegmwIwQadEAvOOEAqIFoAsYUK3dwKCEOZtmwYvXUFUUcMEM8lJB7Pju5KHVEOHVRYUOJSAdJNTO3OyqkaUL1L7NHY3ZzcqPSa9tdLzK4gwCLnvawFUYtT/WQCLn5JAIte/IngyCLtCdAyRiLpMC5IVF+AvTDDAJ7FUe3LRPRLipGRSLFgHEA8vVoAUgwKiAEMFhKkeuZeFpEnKlFtKoqq9S5skuqg+slhXFvjJZVOlZcCOn5O+vHr8igcnX8ZvbwJdgvSiBVlFVcC8LFfFbtUlalQI+zJzJvrmfw2I7ivrho+IwjSnQ0VIzQDI/HnI5FX5NFco71XxclbgGlRle1v7jgLw3UoY/owvWI+tfYV+fYlQOY2urI+VtY1fIozFXFfY2o04xo5lW4x47o4I946I4I+iftQyIdexGY4gcFJY2E5VpE3Y6o44zgM45cAk9o3w61Sk6OgY747tadV6UIIE9IyEwUxFUUzgEo9E6U+oy41o+4zoxUFrr7Kk5mYiFoLDW4tjSDR6uDb2iaFfe/n7PxFbWYKyrZAwPjo7cJY4i7eznJR6JCrGZWJJIEK5JveyhY+FfIzY8U304lWUxU5o1gIkyM5M9rhCBM1rtM0ncYytTuVUOnYsLJCs8aL8VPc6IE+ymhJg/vSvYvUcLYM6FcxcwELc1Y9070yo88wM5U64yBu5cDNCQABxgyTC+WwYWqJz/pFbIZjKoaZpibcAVYk7nyTBcuTApWrIpWt2boBBJACjHRVApWTCEApX+CsRGgOIvgvy/IfxbIVrhpDRBKUaRpdYUxnLxr0ZXJFVrQlXUhBh6BChNUJDL6tMUjhDzZgpx0+RsAIBHAsj2lWXayMgUVtpIx2JgqmxLR+RHAQswBHACjXD/JHDYDxWEZPLulJC3ABBQBNb85brqgm3pXOAB48BfQgBQ2utCSFTFQWoLiwLoQmtmut2Fmdg3A+aIo+6xJa5MY7NrrS1R4UmIDt2UVu76i+qAQut5BWVSJjRyKcJkT/3GUhK0NmWxIWVMPnqxKsOxYqr2UpIarcMfSpZWC5K6pvrAyTAzzUu5ZwZ0sIZBXFb2pMtOpZrsvuJbDcs8t8sCuWTCvvxsBisStSs4Ayu5NIQKsbL/JqZqsRrUbdY6tAT5X9Z7oprrrRBwRftytISFBluuYvIkI8z2s2tOt9s8g7SFB8bNhRyIj+vBtBshuXBht3ARtYBRt+oxuBJxshVJtXGpt+Dpt9ClaSjB54NfFIpBJFRtt1tbZBtuR5vSpYF+vmyBsTntCkdXCbJiiUfohSBwAu7bO0eTyZscc5tZyX1SfBuhtydVqRtSA+AVgUCPDdvBFk4ZvsdjjB7ovjIhO22wg0NfiSoDszuRZzvWVKp2UcOJZOUpbZKbvpYktTx7vgwHtwx5Z/onsYxnsoaXusuvJqucvcspVks8uIBCXagu64CCviuSsVvEiAGPsBB6jrJ/LKthr/yAcavAfatxpge0yMYMyGv1hlus5RDoeOvOs4AifNzi70TWuASeuMTescq+uEcSckf6fhuRvtA0fLixvxuJtghMfG0sdmDWdZucdYcxL+n5R6JLpARWLQgrhbZ7e1zDqlumuGCcK1vBQNtvoudufhIMORCWXRY2WLs3rxYrtcPMbaquXbuFK7v7tfo5ZRdHv9LWpxeMsgDppoZuYzIpe3tpcZcpVZe3A5elcFf8u4B3Uld5eWTleKsGcAck5AedbHINd0bgf6utcVxGvFi3cACaX4KOpKlItrpC3XrAvX/X1wIexQhETIzYXrrbFsU3AbM3ZHBnCnC38QanjyK3jHKbG3pt23mnub/b+bEqLVcZ3m2OSH37u6hR8AAnUOfXuvon4nMtAcbgPet4xY2zrm7pzbRHWcYKsvsnc3VHi2OsmK6ovqmJu6T3hSL3dD0773p6s7A7C7CSv3y7nDSWgPLlwXbljbYPEXEPfl0XAVsPtqIy9qAAvqQFfuaSWH5D3iLyc/RrwfAgQAIqAAiFkx+Icq3zAClfEAAOxSAQA9/xCTAIAIDD9ksOr7BqCEzrY4x1DXRbsEDTAkAgBXAMAL/4DTCjCkB9ZqCyg8fIJsaNQERQpSzUSVQorsToT63GJK2RASm7pxHZHYBtBxSPCXB+LhgKRKTwQizqSN6kY6RFCw6MhMZGJDv8cA5kNADAEsjWRtmnGU8KQGXg18WgHoEsFUUcBSRTaagNfCADL4t8AYbgdviAE768tfIMYGANMDJaUDN+4/MZJP0OTT93ws/e/GQHX7jAMwpAVfmwI4HgB6MagYiGgBuhgpD+lCY/pxjP5FBAoITK/mzHxA39VYkUZ0NFFiie0EoceVSClDwQZRJo2UXKDQlIgmgdYshOqOQiP4SxoUguWRD1AxTDlDui0ZaJWG7C9gEBIAJAbXzQHTQLoWAw5DgLwHECCBRAkgWSwQAZcYwDAHvpMAgBkse+SYCfqFQYFsxZML4drMwLpCsDfoBAMlkmBjCcCVw6/LITkN4Hgc1AoQG1pHFxrsARBTafQTCknCEpbBvkF6DrhaqUo0ALwYkGVW5oFlyKntRoWwRzi/xbYmcYAc7DdiZwT0Xg6GGwUJSZ0HYhuFwW4JQEeCMB3gkAL4OID4CJ4hAtQCQKTAZge+MYGMD30IAwBxgCAeIDGDiFqBEeLLZHmy2qwcs0eXLXljy1K7Psa4b7SVtK1BCm8VAv7Srl/BVY1dKedXbfiwPX499cha/DIfgDJbb8+BhyLrsCAdb89LuOHExP7GKATwgo0vHoAR2lrEddOMncjvJ3m7RsludHVXmt3V5pstubHHbjm39LoRtQUkZ7Nb2w5HZKgDQHsH7jt6EiI6enOXn70U7KdDo0IW4e6S162ctOsxHTgKOJHy8jOJnTeuZxHDLErO9I7XgsPNTIDCIywrwelWwHYw/BnfbYR3wBi8se+UwBgFIHiBktf4w/K4YchuHSYUejwu9i8Px6fsn2IrV9qgDx7fDZWQTeVhVyVZfwdkJwEEfslSHz8YRkIlfnkJhFwiihN4NQC4Elz5M+emHdkW61Q7ZxcRkneUbNwo5kjFuxGSkQx2pEBQNe6VHXhyIhAIpmqwIRgCaDfzjd8xBIwsVRQVHCiMASnFTuKOV4B05R3Y4saSKo7Gc8gKo0QBZ3VFEpSUrIZ7jjEWF6joKKww0T4ONEbD/BWwwIRaMOHTA/ISYKQJMF8gMBpgTohHpJiR4uoHhN7D0Rjyx6/Rcu3ogIHjyK6+BGgpXUnn+yq6DDgR6raMWCLSH5CoRoElMTWF35jdjYpCPkV2Ldw9iSxVHRXsr3o4Js1e1Y2kVKOza4dywQ9NhDdzNZIjWAGHAXjbwG6ti0g7Y9CIbyDbehcRwncibEiDJj1tR1fdwWuINFmAjRCoXAduNNF7iJ4KVM4dMHGDTApAg/K0RAHiCXiXRV7O8al2eGPiCI2PTILj3fYfiier4n8QCIBQRjauQE8gCBLjFgSTJEE8wFBP36TdOxPvEkYZ2QnkjyxjANCat2TaYTNu2Ezjnh1YSopiJKI7MYL2ZxsSYAuo1AZxMwEbi1hW4zYW3x2EWipADAcYEmDJbjALhGYXyD31knXjbht4nNNhl7QFpVk/wsMQCiBFVpQRRk2MdqAICjBJgpk6qTmGmDwjihiIqoRxhqGexqQTYmogRNIRGZ5xo5ebIbjkhxFZiDoIoLgAZB3R/QLpaDu0CzyIg4QslHUD/3qh/8tIgA4cUZBMjgDIB9AGATZHFGcYLqfEmKTADNE7iGQKVUYAwCoGEAIhFAjMOMFoFXj6BV45lq6PuF5T5wOGRTEVNDHk8ypQHYCVVI4A5gUp9UsGRMB4E79Wp9UdjGII6kaZagggjoEGRj7Kxeog6LjFAVXTDSYYSgmKOwFf5qCTBmgtKNoMYC6D4Bp0y6edMElXSswUwUYDAAlYMB4g0wDgHQPiHvTEudwzDHJnykepCpPyX8eGKBQVS5+6QhqaMB4FcCYRsYZqamMOR78tMB/eGWYJP60JUk+E1FGCn6lDorEDnUAjzFaF11DEOsYKaFP1ERTuJm43iSaICFxShJMAQ4UmEIAIAKBHswgBACykfT5J30iYgVPwwAz/2EYyWeCIVnjBl+8smWWJKVmQTDkX4UdOrNMGiDzBp/bySekxk2C6QoIZsCbOiBmycZkQS2cuJ1EcT0BXEnibTIEnOyrpZLXyGS1RiHjRgUgGMFID9l8zcpI2IOcLPwxFoiMgaUjOWmq7lTDJUs9frVMhk1SYZCIkAKrJYTCCNZ6crWa1G8kX80U/YGwdfyoj4zoOpmXhFOj0hGyzAVsyuZ4Ntk1zHZu4+uV30bnjAe+EQ0YMmHGCGgu5UmAOb3KSFH4vkSmYtE5IYBkYgZEc4yTLKoEzzwZSYBORZMOQCDr0qciFO1IsE6zmw6M5BNZkgKZB6E+85BLphUQWYPCEYU+efKWHhTVh6ws6RdJIETBnpb8+IEmHiCxhLh3M64dlM+kCy5kQswhSLIIwALh5QCkNOHInmRyZZcsxMTLOgXmS7ZC86CT2VYwrzqhKCjeb1J5j4Kp0/abedjPXKdhZIN1OIuNKxFTSIw6BbiAOC6laLrigqWYlmlZwdVE+WCohGQBOmICK5ZCquVfPtm1ynZ5ooSQwEmDHCzsYQjuVIEIAfybxMmOrNwqHx/yipg8lTCPLUygLQZNUrIZAtGDRCYFMi5OV5mXlpylFmcvCc2GznqL9MM6LGcZmGl6L/YcRN/mYqFJPQJE0goVMhwwx2KOiDii2cCBcWuC3Fq4jxRQuil0zqFFoyITGCTCnjUpQ/LlpeLubhMqsNWBgFEtGzjgmsvUFrGgBSEgzpZUMiZekr2XSKSh3PR6qJDqJNVIgbQDoBKQbFzY/ci2bIIeDJBrYUIPk9iHdjOwXYTMJ2D5SeHLnsT3Fl8wZQ7P4k+K6ZKVBKVQJ75ktRgdohgGENmXYsFGPTRZcssyBjZ1lE2TZcTBjE7LF+GYKRbHLBnTBDhWStQMnJhxstaITtDhAREtBA4cAIOX6CCQhxbZagGABGFEFmzCUkcKOTkjHHQEiYWi0uNpFHngC20qIOFOFi4gihDQugQgWMtUAujyBpcrTK2mUFIX9LAVkUyhcMoZld8e+owaYIPzJb4rXcZLTuawsORzKcWKKwOQ1lWXjZWsWyyqbiszBpKEx0IhqRmDJbJjYZIAe8B9jahfZQSW9KhoDgCgMqkgoOZlUnjlxFUIwE4esKvzpicrccMhdlOjg9BCgfMekUmbf1li0Z82fykKRfPXEyKdVdc3xYzKkDJTOZowCAOlPukIrCmSK6rLVjtXoruiTq7FdsvX7jK6pHqvtUmCamHK4F8EbnFAIpxU49i9OI4IzgDBcxCcctWSpzioQTq66n3VppvJiAC4TMoucXLcAijVQOikvQwFaVEzoELu7kKoKTjlzQVacSuV8MWutnkLtVQyytWCp74ZgdQxwm6QgB74IAwllq0rIioebIr21vc+1dwDWVdqsVJMXtUmJjDJjCVmQr9aSrHXRBDcMhL8gQRnW25lmHRAKOmQDhP8Q4a6aFNiAdwWtyg8eccInjWBoAU8a6F6PUHNAxIs4ABRoIPQLlr5aIZxEegTPUjGImxlEVpkLh3x75+8FQmACPkeXHgqVgoGQXCmMQVs62SsAPEHhzYaqwpAyyKYTN3g3zYpVarvhAHGAwA++J4w0O3IvHAbrVra21ZBs7UbK2sPal1WwPGBb9B1MIwgLLPGDoaQAOS+Rb8Rny15yNjkPiCflaZL5G8rTGGJ4LhwxIz8mhCTVTn3yMBpNsmhfNLA+L/4ahXIPsm3iMbAkDSQhd5KunfhJA1yYhTiNupS1SA1iImdBVEHTWBAvyQU7RloU4I6E0i6xG+mgHYr6wTiyQZchNNKDlAa8opG4rl3yJAQ0YZQeUIiE9ruRhi+oG/lAH9Ddg3EKFYdHGQTLvEcSJ5H4lVvsJyQbysJe8l71DIEkWm9DWPo7gRgSk7MeFJCMQrnCSgzSupCMooGpAegtS12pnKJxjzdUOUIZQCpcU+2PV/YUZVohdW0aBaitzYPOhWV9QbJogiJBsvM0IVgV9yqpdHUCxRJkFdq+paGv+VDLAUId+BQneBRGnS8tshsZ5OUCOxukGQWgd6jhQ3QgVXIk4EvHEEBDUV3IRFLmsyJ1DCNfiU1MHTNSdbPrS11cw5Ct28W3zjN6XCSYQE34+yR+SYUYM2q6atqomeLDArE3KbxNnVk8pMZAt9Xzz4dYKRetg2IaTgjA6BXBqQyqLkN9IVDZpZECqrBaLy71RinDU2XS6AVZa6+SCsV1gqMwMYSIVmHSnTAMwCAGza9J5l2awNuLGJi82N2ubTdDU5Kebr82jrA8eE+6sRq90+dqYotLuucpaq5MQCncNclmLmoSNg6I1Pwmf3hJLUJGq1FSs3pO3Va29fjT8ltU2jB1mdFqM6hCDTjQgngdiLAhk2ZLZNg65vMfTrOcwz6mmV8G7SnhUp28tsFezdJ5g8ilohqN6UQFJRap76tt2mm2asP02l9Q9Rmz9X5H/Wa625EQi1YnrUDJ6ImPTPXWnoJZvMcVU8pMASokVEqMl/m+HYnThpzMmyCzDOmjS1ispm4crC7loC7o91hapoAeoLq5Dtpqg79YSnAHhLlEbKuCaVNgmXUK06gEcYcWrTK2TQuYu8/xI8GY6m0z6Y6dZrxReBsVwcDtISuwAOaRBRwrGvfegH9Ju1mhr/CqtEB9rHNIUw4pSi5FUrAhiiV6kmjoDJprhC6VNKQIoXerEGmakqYcUGyjri0Y6TdZsegEv2vqZFN+hXffqCGTA9hZLCAMMAiGOjbNoGr/anv6ZxNBm8GtzTCOmDTAB1KGjfkhvANSHIDszDvcC2RpU58aWdRA5LGDEoG0DQtPupgeBLYGDEncEehdDHrRAp80LLBqJg+LadndK9NeiwT9wVHD6x9U+kodLyqGkdGhimkXQbIl0herO8uvoeyOLVjDbBlxFJAfrXRn6/gdjRzWbqWHA9mq4PYclsMl8hE54S1IwDQH7YyAhA1QPgAESuCAlI/GFf338XRhe+ThqQEEfNWEB7pto4lQwpCWXHEpQGkADaPPFnj3ZSU12cPykD1qI9J4wgPaKtHsyTxFA6YBMviDjApgOMPvnsKfnfrPZp4+0TAAkk1qGAjC+PT3yNXNy35SYdUBABZmj8ZJpAEEyCbbnTBUg4y5w/EEuPQkThEAS46MAiE+rfI9J0SaSYzBSBv1IAJYwj3oDbwH8QYWAIRC2OgB+wUpNAHEDKjCBf4moGAKQH7D6BQpqx0sG4R0iMACAUp40OAClxuJQp+gNUy9hlNPH2VyJbNRABYBxBAgYAfk/IA9AEAs25fI09OFsAOAYAVpwiLaclCuK/IvBKQMbTIAuBiQ7AeOE6ccB6npT9phgMaZUBDQ0CQkV0zafwB2m1h/gDqG4ADBjgwAZptQDjCvJxm2tTfUAH/kIjFG1AwZ/xAKZtPATeQ7pscJwMugRqYkJZ0KHYBlVv4eIzYSBtGeGBBbwqW2YbnSk7icbsQlQVoKFvuWRajs0WmJC4P9C+AVVuAAgDgDeD2BSAuQPyGoDohHF2UOMQvMTwCAZBQzGpqoJZHGP2A4zxZq1c2Y4B+DCzHoc8yACtiQA4gJ+1pjedSFVn8A6pg0wbHrNCQ1AuiV4GNDVHiYOzT532AimyBIxhGhgmPtcluo/FXc7IpkNRSJJEltMes+sDbH2BVAAA5KmXA7TmVAs5380nN8jV14Q8oMCCBZjOtNvzlvCbrWkvhLZfYk532ITgNLcoaAaMvLU0GHOXKWIiQlwaubBkgANzZeAINufkC7n9zCZj0yACPMv16gZ5q0moCovPn5z158s3eZNPXM7EJYaUgyDfNtADzX5us8RmIv3mWgOljlKcH0vWlqQPfI4NCQACkVKsoBUVmK1BKAc2x3B2ALYUlLOMEjbb4HDCzEMuRwLlk5YIuvYlo5l/08JVPSWWMWNe0EqJDGbSp9skeH1rAEv5Q7toYARIAHBssAQWd+wIK24kEvmp1zdIMSzjHksnmlLzoFS4lfNNldaZN5u87kg6haBUzRgXVNacMtbHEztF1+kIDUBxnDAHoPch0GGCu5LlGI8aAyrRlpmegO6MHDYmHL7BZiAFlqkBdFQ4whLVVzc4EFqtxAFLp5zS8pZ8HJnGAPV9M1+BQtgA4cbVi641cOQSBhVsCJgKcEEb8mGY4Efq5WaMsyWazK/UyyNfnOHJxrYASa6Ys/7yAbYbxQxddZCvLWMiUApQutdAJbWlzSxccBVbXOHJRLW50gHVfWUNXhLrRTYl9YFC/X4E919Io9Y7DPXrTd5/CBHDATuQrY1+X3NDHKAyEdEVpVQIDcGuyWdzr46S5+drO21wbwgEAFxWoCwBwwAsZM8TA8iXmBwu6HhI9Csvwlg21DNjl+B0BuAtAsoY9oZH5xLQYkAeE0AHgFjBXBQ0RAPM5H9LjSGAZgUxI9AtvpnaI6NoMsSAYAPUgkEl6K3OeECLmGgK5yq4cjFNVATrx5smy9eEsjnvAt+gs4nZLPiYzTvAbjF+HcgABFChFgOFvVmDTYtwVhLf1NS2fzo1w5LomVsMrVbG4KpAjHcpMj6w+gBsHFD7OQ7fAUqxgyhVtDoVBjpyRrleyitEWa74d5cyAAOuE3qrxNuS6dfqvp3DkydnIMzaLOXX/VZQYaP8iKjiYPB20GsdxOLvA3S7kl8W/QGMtV2zLNdkALoi9313Yq/sGACzI8hnwfbZvUdEyOhB/4WIdRDW/4lbWD3z4V7LOKpuCjjSnsWwB852ctAlhywBZLYC4FgAQhO4t4He1gCYD/sqNDed+wuDVVcJg7E9iG1PcjsE2RL8946yTaXsJ2WbW9te6ndcEr2QAqBQIBFGTgIwJAQou4HJCYAOhXI/Nw+/kGPsDWS7yx0rhXbDOg3pbDZ2u/7Efsq2X7b9jcGja/vCM27kQDu7gDiiE4ezgQG0JZZNBXtBjjBtqMiNInEOYrk9pc+Q+EtE3qHi9+O4pZYeMON7t5re1xQ4PW0kgX4Dc5EC+uK23gW2YR32NpFiOz7EjqS1fY/OV2ZH1diGyAFptQRO7vQilZ2DMc8IZTCO9cOJn0cBBBjSHNEc3Bdv+x+I8aThChQ6o9wjQJoB0AjAW48oqg22ubc8k1QmgdAQoHvChWUKW1eKTWfx4YD/vBO7EhDz++VWEbj3rHpD2xzPajuUOjr4lmh84/Ov0PXrrg1KOvY0trPhLEgKiD3nGOXIWA0ZTsAg7M40AIniZsu5ZCkcanhrcj++1DrIAnOccwlNRxM64uiZ/A6INp+uAuBRq+dVe5Q6IE0fPVz+cAKtPHCDLxAtgUL8sPYFuL5RAHITH6lyC+YnRYy0uTAAjHQg3nWckAAUFM9DsLnZns9lfqd1QBx2zr5NtQG4+2eb31nbgUQIoBjAc3wwQofsK3W1CcXwwMhz0PvYXChPRHp9q5xffLsxPJb8T2+4k4ft1In7qt1+3OA/urWhGjAUF7nkYI6PmwhOMB9dxRBSrruoUX+4rcPL+wyqUFNuhCCgf3BYHDFeBwTwLKLgkXRL4i2Q7mcUOHHSzpx9S9cebOmH7Vre8nCSAuA0gXoEMG/G8CXPRbYrm5xK7if3PzLyT5FAA6EY5OzHYzrV6U6GRCgkwWwJgMGlBhChDITALYHoCDAZgtg0wItyW+QEKhN0NwLYIZCDA95WUfrxcOYBP1YAFVRCWVZ2HlwPqL0Krv20Xv3RWPiX+AN12S5juUvlnPrnZ7S79fuO7zZzuttiChdIxHAUEKNyDeud7m430jhN3faTf/3HAyLsx8OiQ5gPM381mPBu4iZLLuw3AI20KC2CPuyAfLjHK+50geAgwDwbkQqHXd1EGQUMV3DNEmpMBWeTAFKl+CFC3g3AjVc/V5hVeVAbELrmxxHfdfCXp3VL5e/O9XuLv6XHj9Z0G59TXAXoygb+I6ySBwQkgWMVqyK+jeSP93dzsGw850BfgmATAZwDU1aLVFUnHvc2CAVkH0IjKJoWip2CzEEaBRgxvzjk5kICxxT3RxYGACzfDE5K7iNCFgGqjXAOnbgNwN28YdcgMOr20bYEjQ8zOMPU7ilzh7ocMuk7BHrk1eX0Clm1A2QpMIPxCEZhRgJww0BMsIDjAXDGYWk5zJ9PniIADAOPaSfIGsyIAw/SYOdihXjKYwhABgLVKYVQqTxGYQgGEMmA4wQHGLPS8VfOmIOjiR/dgI+E/0LKINgslZdBsdVwaKv/bewJrkRAnQCAqyUgOi52jpj9g2lpK+17L4gaW1Ken/T4aN1+HGvmIFr98y2M8CuvzcHr1AD68tWtjkwEvut9ICYWsAieS5fhHK/4BQATnhG4wC/BkBTbyMRUyYDsAlh8iBANb8saRjelHwXK9gBdIlapT/PVo7ygwufhPyYw0wavD6ufg+qmFSUwfkF+PG4D1vQAA=== -->\n\n<!-- internal state end -->"},"request":{"retryCount":3,"signal":{},"retries":3,"retryAfter":16}}}

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tools/codegen/cmd/featuregate-test-analyzer.go`:
- Around line 1039-1068: The promotion gate in featuregate-test-analyzer’s
early-return logic is using the wrong run-count threshold; update the checks in
the job analysis flow to use the 14-run promotion requirement instead of
`requiredNumberOfTests` (5). In the `AnalyzeJob`/test result calculation path
where `runs` and `passes` are compared, ensure both the “insufficient results”
branch and the 95% pass-rate early exit are keyed off the 14-run minimum so
installer jobs can’t promote on too little history. Keep the existing pass-rate
behavior unchanged, but align the count guard with the promotion comments and
logic.
- Around line 1135-1149: Move the resp.Body.Close defer to immediately after the
successful client.Get in the affected helpers so every return path closes the
Sippy response body. In the functions that fetch job info and the other two
matching helpers, place defer resp.Body.Close() before any status-code check or
io.ReadAll call, then keep the existing error handling unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 5011f437-de39-4e5e-bd2a-b2e7140fb99d

📥 Commits

Reviewing files that changed from the base of the PR and between 7b54774 and 35352b3.

⛔ Files ignored due to path filters (8)
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Hypershift-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Hypershift-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-SelfManagedHA-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-SelfManagedHA-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Hypershift-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Hypershift-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
📒 Files selected for processing (16)
  • features.md
  • features/features.go
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-SelfManagedHA-Default.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-SelfManagedHA-OKD.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-Default.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-OKD.crd.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • tools/codegen/cmd/featuregate-test-analyzer.go
  • tools/codegen/pkg/sippy/json_types.go
💤 Files with no reviewable changes (4)
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-Default.crd.yaml
✅ Files skipped from review due to trivial changes (1)
  • features.md
🚧 Files skipped from review as they are similar to previous changes (6)
  • features/features.go
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • tools/codegen/pkg/sippy/json_types.go

Comment thread tools/codegen/cmd/featuregate-test-analyzer.go
Comment on lines +1135 to +1149
resp, err := client.Get(sippy.BuildSippyJobsForFeatureGateURL(featureGate, release, variant.Topology, variant.Cloud, variant.Architecture, variant.NetworkStack, variant.OS))
if err != nil {
return nil, fmt.Errorf("getting job info: %w", err)
}

if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("expected a 200 OK status code but got %s", resp.StatusCode)
}

body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, fmt.Errorf("reading response body: %w", err)
}

defer resp.Body.Close()

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Locate the file and map the relevant helpers.
git ls-files tools/codegen/cmd/featuregate-test-analyzer.go
wc -l tools/codegen/cmd/featuregate-test-analyzer.go
ast-grep outline tools/codegen/cmd/featuregate-test-analyzer.go --view expanded || true

# Show the relevant line ranges around the cited code and the other helpers.
sed -n '1110,1215p' tools/codegen/cmd/featuregate-test-analyzer.go

Repository: openshift/api

Length of output: 7159


Close the Sippy response body before any early return.

defer resp.Body.Close() needs to run immediately after a successful client.Get; placing it after io.ReadAll leaves non-200 and read-error paths unclosed. Apply the same move in all three helpers.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` around lines 1135 - 1149,
Move the resp.Body.Close defer to immediately after the successful client.Get in
the affected helpers so every return path closes the Sippy response body. In the
functions that fetch job info and the other two matching helpers, place defer
resp.Body.Close() before any status-code check or io.ReadAll call, then keep the
existing error handling unchanged.

@everettraven everettraven force-pushed the tooling/installer-feature-gate-promotion-updates branch from 8914d71 to 9945916 Compare June 30, 2026 17:09
@everettraven everettraven marked this pull request as ready for review June 30, 2026 17:09
@everettraven everettraven changed the title WIP: tooling: Update verify-feature-promotion logic for installer-focused features tooling: Update verify-feature-promotion logic for installer-focused features Jun 30, 2026
@openshift-ci openshift-ci Bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 30, 2026
@everettraven

Copy link
Copy Markdown
Contributor Author

Holding on dropping the temporary promotion commit.

/hold

@openshift-ci openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 30, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tools/codegen/cmd/featuregate-test-analyzer.go`:
- Around line 1187-1190: The URL parse error handling in the sippy triages setup
is using fmt.Sprintf with %w and panicking, which should be replaced. In the
code around the reqURL/url.Parse logic, return the wrapped error directly from
the function instead of panic, and use proper error wrapping so the caller
receives the parse failure from this path.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 942d9c4d-1489-44e6-8a48-74d08c681735

📥 Commits

Reviewing files that changed from the base of the PR and between 7b54774 and 9945916.

⛔ Files ignored due to path filters (8)
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Hypershift-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Hypershift-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-SelfManagedHA-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-SelfManagedHA-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Hypershift-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Hypershift-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-Default.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
  • machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-OKD.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
📒 Files selected for processing (16)
  • features.md
  • features/features.go
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-SelfManagedHA-Default.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-SelfManagedHA-OKD.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-Default.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-SelfManagedHA-OKD.crd.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • tools/codegen/cmd/featuregate-test-analyzer.go
  • tools/codegen/pkg/sippy/json_types.go
💤 Files with no reviewable changes (4)
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-OKD.crd.yaml
  • payload-manifests/crds/0000_10_config-operator_01_infrastructures-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-Default.crd.yaml
  • payload-manifests/crds/0000_80_machine-config_01_controllerconfigs-Hypershift-OKD.crd.yaml
✅ Files skipped from review due to trivial changes (2)
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml
  • features.md
🚧 Files skipped from review as they are similar to previous changes (5)
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml
  • payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml
  • features/features.go
  • payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml
  • tools/codegen/pkg/sippy/json_types.go

Comment on lines +1187 to +1190
reqURL, err := url.Parse("https://sippy.dptools.openshift.org/api/component_readiness/triages")
if err != nil {
panic(fmt.Sprintf("couldn't parse sippy triages url: %w", err))
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

%w is not supported by fmt.Sprintf — and prefer returning the error over panic.

fmt.Sprintf doesn't honor the %w wrapping verb, so this renders as %!w(...) and go vet (via make lint) will fail. Since the function already returns error, return the wrapped error instead of panicking.

🐛 Proposed fix
 	reqURL, err := url.Parse("https://sippy.dptools.openshift.org/api/component_readiness/triages")
 	if err != nil {
-		panic(fmt.Sprintf("couldn't parse sippy triages url: %w", err))
+		return nil, fmt.Errorf("couldn't parse sippy triages url: %w", err)
 	}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
reqURL, err := url.Parse("https://sippy.dptools.openshift.org/api/component_readiness/triages")
if err != nil {
panic(fmt.Sprintf("couldn't parse sippy triages url: %w", err))
}
reqURL, err := url.Parse("https://sippy.dptools.openshift.org/api/component_readiness/triages")
if err != nil {
return nil, fmt.Errorf("couldn't parse sippy triages url: %w", err)
}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tools/codegen/cmd/featuregate-test-analyzer.go` around lines 1187 - 1190, The
URL parse error handling in the sippy triages setup is using fmt.Sprintf with %w
and panicking, which should be replaced. In the code around the reqURL/url.Parse
logic, return the wrapped error directly from the function instead of panic, and
use proper error wrapping so the caller receives the parse failure from this
path.

so that they can be gated on jobs that install a cluster in the new state
that is passing conformance consistently.

Signed-off-by: Bryce Palmer <bpalmer@redhat.com>
@everettraven everettraven force-pushed the tooling/installer-feature-gate-promotion-updates branch from 9945916 to e80c0a3 Compare June 30, 2026 18:00
Signed-off-by: Bryce Palmer <bpalmer@redhat.com>
@everettraven everettraven force-pushed the tooling/installer-feature-gate-promotion-updates branch from e80c0a3 to 11e45e9 Compare June 30, 2026 18:11
@openshift-ci openshift-ci Bot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Jun 30, 2026
@openshift-ci

openshift-ci Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

@everettraven: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/integration 11e45e9 link true /test integration
ci/prow/verify-feature-promotion 11e45e9 link true /test verify-feature-promotion

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants