CNTRLPLANE-3652: Add TLS ownership for 5 unowned artifacts#31348
CNTRLPLANE-3652: Add TLS ownership for 5 unowned artifacts#31348oceanc80 wants to merge 4 commits into
Conversation
|
Pipeline controller notification For optional jobs, comment This repository is configured in: automatic mode |
|
@oceanc80: This pull request references CNTRLPLANE-3652 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository YAML (base), Central YAML (inherited) Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (5)
WalkthroughThis PR populates previously-empty ChangesTLS ownership metadata population
Estimated code review effort: 2 (Simple) | ~12 minutes Sequence Diagram(s)Not applicable — this PR consists of metadata field population and documentation renumbering with no new control flow or component interactions. Estimated code review effort: 2 (Simple) | ~12 minutes 🚥 Pre-merge checks | ✅ 15✅ Passed checks (15 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
|
@oceanc80: you cannot LGTM your own PR. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: oceanc80 The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
Set owningJiraComponent and description for: - ns/kube-system configmap/extension-apiserver-authentication (kube-apiserver) - ns/openshift-config-managed configmap/default-ingress-cert (Networking / router) - ns/openshift-console configmap/default-ingress-cert (Networking / router) - ns/openshift-ingress secret/router-certs-default (Networking / router) - ns/openshift-ingress-operator secret/router-ca (Networking / router) Ownership info updated in raw-data files and all derived files regenerated via `go run -mod vendor ./cmd/update-tls-artifacts generate-ownership`.
9a99e04 to
a9a7155
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@tls/ownership/ownership.md`:
- Around line 23-25: The table of contents links use manually written
title-cased anchor fragments that do not match the generated markdown heading
IDs, so update the TOC entries to use the actual lowercase slug format. Fix the
links for the relevant headings in ownership.md, including the entries
associated with Networking / router and kube-apiserver, and keep the fragment
text consistent with the rendered markdown anchors so the TOC resolves
correctly.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 28e46bfa-6e01-4e2b-89f3-66924722bb99
📒 Files selected for processing (24)
tls/autoregenerate-after-expiry/autoregenerate-after-expiry.jsontls/autoregenerate-after-expiry/autoregenerate-after-expiry.mdtls/descriptions/descriptions.jsontls/descriptions/descriptions.mdtls/ownership/ownership.jsontls/ownership/ownership.mdtls/raw-data/raw-tls-artifacts-ha-amd64-aws-ovn-default.jsontls/raw-data/raw-tls-artifacts-ha-amd64-aws-ovn-techpreviewnoupgrade.jsontls/raw-data/raw-tls-artifacts-ha-amd64-azure-ovn-default.jsontls/raw-data/raw-tls-artifacts-ha-amd64-azure-ovn-techpreviewnoupgrade.jsontls/raw-data/raw-tls-artifacts-ha-amd64-gcp-ovn-default.jsontls/raw-data/raw-tls-artifacts-ha-amd64-gcp-ovn-techpreviewnoupgrade.jsontls/raw-data/raw-tls-artifacts-ha-amd64-metal-ovn-default.jsontls/raw-data/raw-tls-artifacts-ha-amd64-metal-ovn-techpreviewnoupgrade.jsontls/raw-data/raw-tls-artifacts-ha-amd64-openstack-ovn-default.jsontls/raw-data/raw-tls-artifacts-ha-amd64-vsphere-ovn-default.jsontls/raw-data/raw-tls-artifacts-ha-amd64-vsphere-ovn-techpreviewnoupgrade.jsontls/raw-data/raw-tls-artifacts-single-amd64-aws-ovn-default.jsontls/raw-data/raw-tls-artifacts-single-amd64-aws-ovn-techpreviewnoupgrade.jsontls/refresh-period/refresh-period.jsontls/refresh-period/refresh-period.mdtls/testcase/testcase.jsontls/testcase/testcase.mdtls/violations/ownership/ownership-violations.json
✅ Files skipped from review due to trivial changes (10)
- tls/ownership/ownership.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-aws-ovn-techpreviewnoupgrade.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-azure-ovn-techpreviewnoupgrade.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-gcp-ovn-default.json
- tls/raw-data/raw-tls-artifacts-single-amd64-aws-ovn-techpreviewnoupgrade.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-vsphere-ovn-default.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-vsphere-ovn-techpreviewnoupgrade.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-aws-ovn-default.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-azure-ovn-default.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-gcp-ovn-techpreviewnoupgrade.json
🚧 Files skipped from review as they are similar to previous changes (4)
- tls/raw-data/raw-tls-artifacts-ha-amd64-metal-ovn-default.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-metal-ovn-techpreviewnoupgrade.json
- tls/raw-data/raw-tls-artifacts-single-amd64-aws-ovn-default.json
- tls/raw-data/raw-tls-artifacts-ha-amd64-openstack-ovn-default.json
The markdown TOC generator was producing title-cased anchor fragments (e.g. #Certificates-2, #Certificate-Authority-Bundles-2) that don't match the lowercase heading IDs rendered by GitHub/markdown processors (e.g. #certificates-2, #certificate-authority-bundles-2). Add strings.ToLower() to the tocLink generation in the vendored library-go markdown package and regenerate all TLS ownership markdown. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Register the strings.ToLower() carry patch in vendor/github.com/openshift/library-go/pkg/markdown/markdown.go as an approved vendor override in deps.diff so that the verify-deps CI check passes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@deps.diff`:
- Around line 1-3: Keep the lowercasing in the TOC helper: the markdown slug
generation in markdown.go’s TOC logic should continue to call
strings.ToLower(tocLink) so mixed-case headings like those in ownership docs
still produce matching fragment links. Restore or preserve this behavior in the
TOC helper path that builds tocLink, and ensure any related slug normalization
remains case-insensitive.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 60d477f8-6d44-4108-8ef2-df68ba72a5f1
📒 Files selected for processing (1)
deps.diff
Remove the strings.ToLower() vendor modification from library-go/pkg/markdown/markdown.go and clear deps.diff. Regenerate all TLS ownership markdown files to reflect the original title-cased TOC anchors. The ownership data additions for the 5 TLS artifacts (extension-apiserver-authentication, default-ingress-cert, router-certs-default, router-ca) are preserved intact. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Scheduling required tests: |
|
@oceanc80: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Add ownership information for 5 TLS artifacts that were listed as missing owners in the TLS registry:
Updates ownership.json, ownership.md, all raw-data files, and empties the ownership-violations.json file.
Ref: CNTRLPLANE-3652
Summary by CodeRabbit
Documentation
Bug Fixes