Skip to content

OLS-3509: Regenerate bundle with OTEL collector related image#1832

Open
blublinsky wants to merge 1 commit into
openshift:mainfrom
blublinsky:audit-crd-bundle
Open

OLS-3509: Regenerate bundle with OTEL collector related image#1832
blublinsky wants to merge 1 commit into
openshift:mainfrom
blublinsky:audit-crd-bundle

Conversation

@blublinsky

@blublinsky blublinsky commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Description

Summary
Follow-up to #1830 (OLS-3509): regenerate the OLM bundle so it matches the merged audit/OTEL CRD and operator wiring.

  • Add lightspeed-otel-collector to related_images.json (pinned revision/digest, operator_arg: otel-collector-image)
  • Wire --otel-collector-image through deployment-patch → CSV deployment args and spec.relatedImages
  • Regenerate bundle CRD/CSV for the new audit schema (audit.logging, audit.tracingEndpoint, ols.auditEventsEnabled, ols.deployment.otelCollector)
  • Refresh Konflux operand digests (operator, console, agentic-console, bundle) and align bundle version at 1.1.2
  • Pin make bundle to bin/operator-sdk v1.36.1 (avoid Homebrew SDK stamping wrong builder version)
  • Update Config.Replicas CSV/CRD description to include OTEL Collector

Related work

Type of change

  • Refactor
  • [ x] New feature
  • Bug fix
  • CVE fix
  • Optimization
  • Documentation Update
  • Configuration Update
  • Bump-up dependent library

Related Tickets & Documents

Checklist before requesting a review

  • I have performed a self-review of my code.
  • PR has passed all pre-merge test jobs.
  • If it is a core feature, I have added thorough tests.

Testing

  • Please provide detailed steps to perform tests related to this code change.
  • How were the fix/results from this change verified? Please provide relevant screenshots or results.

Summary by CodeRabbit

  • New Features
    • Added granular OTEL Collector audit configuration (logging toggle and tracing export endpoint).
    • Added an option to enable/disable structured audit JSON event output.
    • Expanded CRD UI descriptors to cover OTEL Collector and MCP server deployment settings, including fixed replica behavior.
  • Bug Fixes
    • Updated the OTEL Collector image default resolution so missing related-image entries now fall back to the correct OTEL Collector image.
  • Chores
    • Refreshed bundle/CSV metadata, operator-sdk build logic, and bundle version/tag and image labels; updated deployment arguments and related image digests.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jul 15, 2026
@openshift-ci-robot

openshift-ci-robot commented Jul 15, 2026

Copy link
Copy Markdown

@blublinsky: This pull request references OLS-3509 which is a valid jira issue.

Details

In response to this:

Description

Summary
Follow-up to #1830 (OLS-3509): regenerate the OLM bundle so it matches the merged audit/OTEL CRD and operator wiring.

  • Add lightspeed-otel-collector to related_images.json (pinned revision/digest, operator_arg: otel-collector-image)
  • Wire --otel-collector-image through deployment-patch → CSV deployment args and spec.relatedImages
  • Regenerate bundle CRD/CSV for the new audit schema (audit.logging, audit.tracingEndpoint, ols.auditEventsEnabled, ols.deployment.otelCollector)
  • Refresh Konflux operand digests (operator, console, agentic-console, bundle) and align bundle version at 1.1.2
  • Pin make bundle to bin/operator-sdk v1.36.1 (avoid Homebrew SDK stamping wrong builder version)
  • Update Config.Replicas CSV/CRD description to include OTEL Collector

Related work

Type of change

  • Refactor
  • [ x] New feature
  • Bug fix
  • CVE fix
  • Optimization
  • Documentation Update
  • Configuration Update
  • Bump-up dependent library

Related Tickets & Documents

Checklist before requesting a review

  • I have performed a self-review of my code.
  • PR has passed all pre-merge test jobs.
  • If it is a core feature, I have added thorough tests.

Testing

  • Please provide detailed steps to perform tests related to this code change.
  • How were the fix/results from this change verified? Please provide relevant screenshots or results.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@coderabbitai

coderabbitai Bot commented Jul 15, 2026

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 5d1710fb-7982-42d4-9ff0-f62c672ce16a

📥 Commits

Reviewing files that changed from the base of the PR and between d7ddee1 and aee56ed.

⛔ Files ignored due to path filters (3)
  • bundle/manifests/ols.openshift.io_olsconfigs.yaml is excluded by !bundle/manifests/ols.openshift.io_olsconfigs.yaml
  • config/crd/bases/ols.openshift.io_olsconfigs.yaml is excluded by !config/crd/bases/**
  • related_images.json is excluded by !related_images.json
📒 Files selected for processing (9)
  • .ai/spec/what/templog.md
  • Makefile
  • api/v1alpha1/olsconfig_types.go
  • bundle.Dockerfile
  • bundle/manifests/lightspeed-operator.clusterserviceversion.yaml
  • config/default/deployment-patch.yaml
  • config/manifests/bases/lightspeed-operator.clusterserviceversion.yaml
  • hack/bundle.Dockerfile
  • internal/controller/utils/constants.go
🚧 Files skipped from review as they are similar to previous changes (7)
  • bundle.Dockerfile
  • hack/bundle.Dockerfile
  • api/v1alpha1/olsconfig_types.go
  • config/manifests/bases/lightspeed-operator.clusterserviceversion.yaml
  • internal/controller/utils/constants.go
  • Makefile
  • bundle/manifests/lightspeed-operator.clusterserviceversion.yaml

📝 Walkthrough

Walkthrough

The operator’s OTEL Collector image defaults and deployment wiring are updated, audit and replica descriptors are expanded, and bundle generation metadata and tooling are refreshed.

Changes

OTEL Collector and bundle update

Layer / File(s) Summary
OTEL Collector image wiring
.ai/spec/what/templog.md, internal/controller/utils/constants.go, config/default/deployment-patch.yaml, bundle/manifests/...
OTEL Collector image lookup, fallback, deployment arguments, CSV image digests, and related images use the updated image reference.
Audit and replica descriptors
api/v1alpha1/olsconfig_types.go, config/manifests/bases/..., bundle/manifests/...
Audit descriptors now expose logging, tracing, and audit-event settings; replica descriptions identify fixed non-APIContainer counts and add OTEL Collector deployment settings.
Bundle build metadata and tooling
Makefile, bundle.Dockerfile, hack/bundle.Dockerfile
The default bundle tag, operator-sdk download behavior, bundle script environment, and metrics builder labels are updated.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Possibly related PRs

Suggested reviewers: joshuawilson, xrajesh

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title is concise and accurately summarizes the main change: regenerating the bundle with the OTEL collector related image.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot requested review from joshuawilson and xrajesh July 15, 2026 08:53

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
Makefile (1)

380-386: 🩺 Stability & Availability | 🟡 Minor | ⚡ Quick win

Add the -f flag to curl to fail fast on HTTP errors.

If the download URL returns an HTTP error (e.g., a 404 due to an invalid OPERATOR_SDK_VERSION), curl without -f will silently download the HTML error page and write it to $(OPERATOR_SDK). This results in a corrupted binary that causes cryptic syntax errors later during execution, requiring manual cleanup of the file to recover. Adding -f (or --fail) ensures the curl command exits immediately on HTTP errors, stopping the Make recipe.

🔧 Proposed fix
 	@{ \
 	set -e ;\
 	mkdir -p $(dir $(OPERATOR_SDK)) ;\
 	OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \
-	curl -sSLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk_$${OS}_$${ARCH} ;\
+	curl -sSLf -o $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk_$${OS}_$${ARCH} ;\
 	chmod +x $(OPERATOR_SDK) ;\
 	}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` around lines 380 - 386, Update the curl invocation in the operator
SDK download recipe to include the fail-on-HTTP-error option, while preserving
the existing silent and error-reporting behavior and download destination.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@Makefile`:
- Around line 380-386: Update the curl invocation in the operator SDK download
recipe to include the fail-on-HTTP-error option, while preserving the existing
silent and error-reporting behavior and download destination.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 434d5a55-c071-4da4-ace0-34f027f2f47b

📥 Commits

Reviewing files that changed from the base of the PR and between 3d2f911 and d7ddee1.

⛔ Files ignored due to path filters (3)
  • bundle/manifests/ols.openshift.io_olsconfigs.yaml is excluded by !bundle/manifests/ols.openshift.io_olsconfigs.yaml
  • config/crd/bases/ols.openshift.io_olsconfigs.yaml is excluded by !config/crd/bases/**
  • related_images.json is excluded by !related_images.json
📒 Files selected for processing (9)
  • .ai/spec/what/templog.md
  • Makefile
  • api/v1alpha1/olsconfig_types.go
  • bundle.Dockerfile
  • bundle/manifests/lightspeed-operator.clusterserviceversion.yaml
  • config/default/deployment-patch.yaml
  • config/manifests/bases/lightspeed-operator.clusterserviceversion.yaml
  • hack/bundle.Dockerfile
  • internal/controller/utils/constants.go

Comment thread internal/controller/utils/constants.go Outdated
agenticConsoleUIImageFallback = "quay.io/redhat-user-workloads/crt-nshift-lightspeed-tenant/lightspeed-agentic-console:main"
alertsAdapterImageFallback = "quay.io/redhat-user-workloads/crt-nshift-lightspeed-tenant/lightspeed-agentic-alerts-adapter:main"
otelCollectorImageFallback = "quay.io/redhat-user-workloads/crt-nshift-lightspeed-tenant/lightspeed-otel-postgres-collector:main"
otelCollectorImageFallback = "quay.io/redhat-user-workloads/crt-nshift-lightspeed-tenant/lightspeed-otel-collector:0a1798f2dbeebd36b83a9339b7e02fa015dbab61"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can add :main tag to ols-otel-collector also

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @vimalk78 — agreed. Updated otelCollectorImageFallback to use :main, same as agentic-console and alerts-adapter.

:main is not on Quay for otel-collector yet (only git-SHA tags today), but matching the convention keeps the fallback ready once Konflux tagging is in place. The bundle still uses the digest pin from related_images.json.

@vimalk78 vimalk78 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI Review — PR #1832 (OLS-3509 bundle follow-up)

Score: 97/100 · Jira mode · Round 1

Bundle regeneration looks clean: version alignment at 1.1.2 across all files, image digests match between related_images.json and CSV, CRD schemas consistent, --otel-collector-image properly wired through deployment-patch. Pinning make bundle to bin/operator-sdk v1.36.1 is a good fix.

Should-fix: Inconsistent otel-collector fallback image tag

internal/controller/utils/constants.go:500otelCollectorImageFallback uses a commit SHA (0a1798f2dbeebd36b83a9339b7e02fa015dbab61) as the tag, while all other fallbacks use :main:

agenticConsoleUIImageFallback = "...lightspeed-agentic-console:main"
alertsAdapterImageFallback    = "...lightspeed-agentic-alerts-adapter:main"
otelCollectorImageFallback    = "...lightspeed-otel-collector:0a1798f2dbeebd36b83a9339b7e02fa015dbab61"  // ← SHA, not :main
rhokpImageFallback            = "...rhokp-rhel9:latest"

The SHA appears copy-pasted from the revision field in related_images.json. If the SHA-tagged image is garbage-collected from the registry, local development without related_images.json will break. Consider using :main to match the pattern.

🤖 Generated with Claude Code

@vimalk78

Copy link
Copy Markdown
Contributor

/lgtm

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Jul 15, 2026
@openshift-ci

openshift-ci Bot commented Jul 15, 2026

Copy link
Copy Markdown

@blublinsky: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/bundle-e2e-4-21 aee56ed link true /test bundle-e2e-4-21

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@blublinsky

Copy link
Copy Markdown
Contributor Author

/approve

@openshift-ci

openshift-ci Bot commented Jul 15, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: blublinsky

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants