Skip to content

Add changes for checking E2E coverage with lgtm based approach for External-Secrets-Operator#81660

Open
siddhibhor-56 wants to merge 2 commits into
openshift:mainfrom
siddhibhor-56:more-codecov
Open

Add changes for checking E2E coverage with lgtm based approach for External-Secrets-Operator#81660
siddhibhor-56 wants to merge 2 commits into
openshift:mainfrom
siddhibhor-56:more-codecov

Conversation

@siddhibhor-56

@siddhibhor-56 siddhibhor-56 commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Adds Separates E2E coverage instrumentation from the main e2e-operator presubmit into a standalone e2e-operator-coverage test with always_run: false, gated on LGTM via pipeline-controller

Summary by CodeRabbit

This PR updates the OpenShift CI setup for openshift/external-secrets-operator to split E2E coverage collection out of the main presubmit path. The existing e2e-operator job now focuses on the operator install and E2E test execution, while coverage-specific steps are moved into a separate e2e-operator-coverage job.

The new coverage job is not run automatically (always_run: false) and is configured to be triggered only when LGTM conditions are met through pipeline-controller. This keeps normal presubmit validation lighter while still preserving a dedicated coverage check for the repo’s main branch.

@openshift-ci openshift-ci Bot requested review from Prucek and bharath-b-rh July 9, 2026 08:54
@siddhibhor-56 siddhibhor-56 changed the title Add changes for checking E2E coverage with lgtm based approach Add changes for checking E2E coverage with lgtm based approach for External-Secrets-Operator Jul 9, 2026
@coderabbitai

coderabbitai Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)
  • ci-operator/jobs/openshift/external-secrets-operator/openshift-external-secrets-operator-main-presubmits.yaml is excluded by !ci-operator/jobs/**

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: b1954a74-4081-45ac-b7e3-0228571e01fe

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review

Walkthrough

This PR restructures the CI configuration for the external-secrets-operator. The e2e-operator test flow is simplified to only run bundle install and make test-e2e, coverage steps are moved to a new e2e-operator-coverage job, and the repo is registered in the LGTM config for the main branch.

Changes

CI Job Restructuring

Layer / File(s) Summary
Split e2e-operator test flow and add coverage job
ci-operator/config/openshift/external-secrets-operator/openshift-external-secrets-operator-main.yaml
e2e-operator's test steps are reduced to bundle install (namespace creation, operator-sdk run bundle, wait for deployment) and make test-e2e; coverage setup/collection steps are removed from this flow and moved to a new e2e-operator-coverage job with always_run: false and the existing cluster claim settings.
Add LGTM config entry for external-secrets-operator
core-services/pipeline-controller/lgtm-config.yaml
Adds a new external-secrets-operator repository entry under the openshift org, restricted to the main branch.

Estimated code review effort: 2 (Simple) | ~10 minutes

Suggested labels: lgtm

Suggested reviewers: bear-redhat, jhadvig

🚥 Pre-merge checks | ✅ 15
✅ Passed checks (15 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title matches the main change: splitting External-Secrets-Operator E2E coverage into an LGTM-gated approach.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed PR only changes CI/pipeline YAML; no Ginkgo test titles or dynamic test-name strings were added.
Test Structure And Quality ✅ Passed Only CI/job YAML changed; no Ginkgo test source or It/BeforeEach/Eventually code was modified.
Microshift Test Compatibility ✅ Passed No new Ginkgo test declarations were added; the PR only changes CI/job YAML and generated presubmit config.
Single Node Openshift (Sno) Test Compatibility ✅ Passed PASS: The PR only changes CI job YAML and LGTM config; no new Ginkgo tests or SNO-sensitive assumptions were added.
Topology-Aware Scheduling Compatibility ✅ Passed Only CI/pipeline config changed; no deployment manifests, operator code, or controllers were modified, so no topology-sensitive scheduling constraints were introduced.
Ote Binary Stdout Contract ✅ Passed PR only edits ci/pipeline YAML; no OTE binaries or process-level stdout code changed, so the stdout contract isn't affected.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed The PR only changes CI YAML; no Go/Ginkgo test files or new It/Describe bodies were added, so there are no IPv4 or external-connectivity assumptions to review.
No-Weak-Crypto ✅ Passed Touched files are YAML config only; diff and content scans found no MD5/SHA1/DES/RC4/3DES/Blowfish/ECB or secret-comparison code.
Container-Privileges ✅ Passed Changed YAML adds no privileged, hostPID/Network/IPC, allowPrivilegeEscalation, SYS_ADMIN, or root settings; e2e uses restricted install mode.
No-Sensitive-Data-In-Logs ✅ Passed No new log output or inline secrets were added; the YAML only references an existing codecov token secret by name.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@openshift-ci

openshift-ci Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: siddhibhor-56
Once this PR has been reviewed and has the lgtm label, please assign hector-vido, mytreya-rh for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
core-services/pipeline-controller/lgtm-config.yaml (1)

17-17: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Stray blank line in repos list.

An empty line was inserted into the openshift org's repos: list right where external-secrets-operator would alphabetically sort. This looks like an editing artifact rather than an intentional change — the actual entry was correctly added separately at Lines 35-37.

🧹 Proposed cleanup
       - egress-router-cni
-
       - gcp-workload-identity-federation-webhook
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@core-services/pipeline-controller/lgtm-config.yaml` at line 17, Remove the
stray blank line from the openshift org repos list in lgtm-config.yaml so the
list stays alphabetically contiguous; keep the external-secrets-operator entry
in its correct sorted position and do not add any empty separator line in that
section.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@core-services/pipeline-controller/lgtm-config.yaml`:
- Line 17: Remove the stray blank line from the openshift org repos list in
lgtm-config.yaml so the list stays alphabetically contiguous; keep the
external-secrets-operator entry in its correct sorted position and do not add
any empty separator line in that section.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 65acbb1c-b1dc-459c-8c57-59f44bd48d7b

📥 Commits

Reviewing files that changed from the base of the PR and between f159d36 and a9b4f0b.

⛔ Files ignored due to path filters (1)
  • ci-operator/jobs/openshift/external-secrets-operator/openshift-external-secrets-operator-main-presubmits.yaml is excluded by !ci-operator/jobs/**
📒 Files selected for processing (2)
  • ci-operator/config/openshift/external-secrets-operator/openshift-external-secrets-operator-main.yaml
  • core-services/pipeline-controller/lgtm-config.yaml

@siddhibhor-56 siddhibhor-56 force-pushed the more-codecov branch 2 times, most recently from 4c433eb to 01762cb Compare July 9, 2026 09:46
Co-authored-by: Cursor <cursoragent@cursor.com>
@siddhibhor-56

Copy link
Copy Markdown
Contributor Author

/pj-rehearse max

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@siddhibhor-56: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@siddhibhor-56

Copy link
Copy Markdown
Contributor Author

/pj-rehearse pull-ci-openshift-external-secrets-operator-main-e2e-operator-coverage

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@siddhibhor-56: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@siddhibhor-56

Copy link
Copy Markdown
Contributor Author

/pj-rehearse pull-ci-openshift-external-secrets-operator-main-e2e-operator

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@siddhibhor-56: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@siddhibhor-56

Copy link
Copy Markdown
Contributor Author

/pj-rehearse pull-ci-openshift-external-secrets-operator-main-e2e-operator

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@siddhibhor-56: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@openshift-ci

openshift-ci Bot commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

@siddhibhor-56: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/rehearse/openshift/external-secrets-operator/main/e2e-operator c915261 link unknown /pj-rehearse pull-ci-openshift-external-secrets-operator-main-e2e-operator

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@bharath-b-rh

Copy link
Copy Markdown
Contributor

/pj-rehearse pull-ci-openshift-external-secrets-operator-main-e2e-operator

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@bharath-b-rh: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants