Skip to content

CNTRLPLANE-3699: Filter VolumeSnapshot resources from dump when CSISnapshot capability is disabled#8986

Open
hypershift-jira-solve-ci[bot] wants to merge 1 commit into
openshift:mainfrom
hypershift-community:fix-CNTRLPLANE-3699
Open

CNTRLPLANE-3699: Filter VolumeSnapshot resources from dump when CSISnapshot capability is disabled#8986
hypershift-jira-solve-ci[bot] wants to merge 1 commit into
openshift:mainfrom
hypershift-community:fix-CNTRLPLANE-3699

Conversation

@hypershift-jira-solve-ci

@hypershift-jira-solve-ci hypershift-jira-solve-ci Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

What this PR does / why we need it:

Adds CSISnapshot as a new OptionalCapability and filters VolumeSnapshotClass and VolumeSnapshotContent resources from the guest cluster dump when the CSISnapshot capability is disabled.

Previously, the dump always attempted to collect VolumeSnapshot resources regardless of whether the CSISnapshot capability was enabled, which could cause errors or unnecessary noise when the capability was disabled. This resolves a TODO that was left in the code.

Changes:

  • Add CSISnapshot to the OptionalCapability enum and define CSISnapshotCapability constant
  • Update DumpGuestCluster to accept *hyperv1.Capabilities and conditionally include VolumeSnapshot resources only when CSISnapshot is enabled
  • Add IsCSISnapshotCapabilityEnabled helper in the capabilities package with unit tests
  • Update CLI help text for --disable-cluster-capabilities and --enable-cluster-capabilities to include CSISnapshot
  • Regenerate CRDs and docs

Which issue(s) this PR fixes:

Fixes https://redhat.atlassian.net/browse/CNTRLPLANE-3699

Special notes for your reviewer:

The IsCSISnapshotCapabilityEnabled function follows the same pattern as the existing IsIngressCapabilityEnabled and IsImageRegistryCapabilityEnabled helpers.

Checklist:

  • Subject and description added to both, commit and PR.
  • Relevant issues have been referenced.
  • This change includes docs.
  • This change includes unit tests.

Always review AI generated responses prior to use.
Generated with Claude Code via openshift-developer plugin


Note: This PR was auto-generated by the jira-agent periodic CI job in response to CNTRLPLANE-3699. See the full report for token usage, cost breakdown, and detailed phase output.

…bility is disabled

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@openshift-merge-bot

Copy link
Copy Markdown
Contributor

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jul 10, 2026
@openshift-ci-robot

openshift-ci-robot commented Jul 10, 2026

Copy link
Copy Markdown

@hypershift-jira-solve-ci[bot]: This pull request references CNTRLPLANE-3699 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "5.0.0" version, but no target version was set.

Details

In response to this:

What this PR does / why we need it:

Adds CSISnapshot as a new OptionalCapability and filters VolumeSnapshotClass and VolumeSnapshotContent resources from the guest cluster dump when the CSISnapshot capability is disabled.

Previously, the dump always attempted to collect VolumeSnapshot resources regardless of whether the CSISnapshot capability was enabled, which could cause errors or unnecessary noise when the capability was disabled. This resolves a TODO that was left in the code.

Changes:

  • Add CSISnapshot to the OptionalCapability enum and define CSISnapshotCapability constant
  • Update DumpGuestCluster to accept *hyperv1.Capabilities and conditionally include VolumeSnapshot resources only when CSISnapshot is enabled
  • Add IsCSISnapshotCapabilityEnabled helper in the capabilities package with unit tests
  • Update CLI help text for --disable-cluster-capabilities and --enable-cluster-capabilities to include CSISnapshot
  • Regenerate CRDs and docs

Which issue(s) this PR fixes:

Fixes https://redhat.atlassian.net/browse/CNTRLPLANE-3699

Special notes for your reviewer:

The IsCSISnapshotCapabilityEnabled function follows the same pattern as the existing IsIngressCapabilityEnabled and IsImageRegistryCapabilityEnabled helpers.

Checklist:

  • Subject and description added to both, commit and PR.
  • Relevant issues have been referenced.
  • This change includes docs.
  • This change includes unit tests.

Always review AI generated responses prior to use.
Generated with Claude Code via openshift-developer plugin

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci Bot requested review from devguyio and sdminonne July 10, 2026 14:18
@openshift-ci openshift-ci Bot added area/api Indicates the PR includes changes for the API area/cli Indicates the PR includes changes for CLI area/control-plane-operator Indicates the PR includes changes for the control plane operator - in an OCP release and removed do-not-merge/needs-area labels Jul 10, 2026
@openshift-ci

openshift-ci Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: hypershift-jira-solve-ci[bot]
Once this PR has been reviewed and has the lgtm label, please assign enxebre for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added area/documentation Indicates the PR includes changes for documentation area/hypershift-operator Indicates the PR includes changes for the hypershift operator and API - outside an OCP release labels Jul 10, 2026
@codecov

codecov Bot commented Jul 10, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 43.68%. Comparing base (e708f6f) to head (3681ae2).

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #8986   +/-   ##
=======================================
  Coverage   43.67%   43.68%           
=======================================
  Files         771      771           
  Lines       95840    95832    -8     
=======================================
- Hits        41862    41860    -2     
+ Misses      51067    51061    -6     
  Partials     2911     2911           
Files with missing lines Coverage Δ
cmd/cluster/core/create.go 61.66% <ø> (-0.09%) ⬇️
cmd/cluster/core/dump.go 4.31% <ø> (+0.03%) ⬆️
.../capabilities/hosted_control_plane_capabilities.go 56.36% <ø> (ø)
Flag Coverage Δ
cpo-hostedcontrolplane 45.91% <ø> (ø)
hypershift-operator 53.91% <ø> (ø)
other 32.08% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@hypershift-jira-solve-ci

hypershift-jira-solve-ci Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

Now I have the complete picture from both jobs. Let me verify one more thing — looking at the exact error from the GHA job and the Prow job:

GitHub Actions (verify / Verify): The failure is at the git update-index --refresh step which detects that docs/content/reference/aggregated-docs.md and docs/content/reference/api.md need updating after make generate update runs in CI. This means the committed docs are stale.

Prow (verify-deps): The failure is a transient Go module proxy HTTP/2 stream error when downloading golang.org/x/net@v0.56.0.

These are two distinct failures with different root causes. Let me provide the final report:

Test Failure Analysis Complete

Job Information

Test Failure Analysis

Error

Job 1 — GitHub Actions (verify / Verify):
  docs/content/reference/aggregated-docs.md: needs update
  docs/content/reference/api.md: needs update
  ##[error]Process completed with exit code 1.

Job 2 — Prow (verify-deps):
  golang.org/x/net@v0.56.0: read "https://proxy.golang.org/golang.org/x/net/@v/v0.56.0.zip":
  stream error: stream ID 265; INTERNAL_ERROR; received from peer

Summary

Two independent failures occurred. The GitHub Actions verify job failed because the PR's committed documentation files (docs/content/reference/aggregated-docs.md and docs/content/reference/api.md) are stale — they do not match what make generate update produces on CI. All code checks (staticcheck, fmt, vet, verify-api-deps, verify-crd-schema) passed; only the final git-dirty check failed. The Prow verify-deps job failed due to a transient HTTP/2 stream error from proxy.golang.org while downloading golang.org/x/net@v0.56.0 — this is an infrastructure flake, not a code issue.

Root Cause

GitHub Actions (verify / Verify) — Stale generated docs (real failure, requires code fix):

The PR adds CSISnapshot as a new OptionalCapability to api/hypershift/v1beta1/hostedcluster_types.go. While the PR does include changes to the generated doc files, the committed versions do not match what CI's make generate update produces. The CI workflow runs all generation steps, then executes git update-index --refresh to verify no files changed. Two doc files are detected as dirty:

  1. docs/content/reference/aggregated-docs.md
  2. docs/content/reference/api.md

This typically happens when the PR branch is not rebased on the latest main, causing the generated output to diverge from what was committed. The tool gen-crd-api-reference-docs runs during make generate update and produces output that depends on the full state of the API types — if main has had other API changes merged since the PR branch was created, the generated docs will differ.

Prow (verify-deps) — Transient Go module proxy failure (infrastructure flake):

The go-verify-deps step runs go mod tidy and go mod verify. During execution, downloading golang.org/x/net@v0.56.0 from proxy.golang.org failed with an HTTP/2 INTERNAL_ERROR (stream ID 265). This error was repeated for 10 different subpackages of the same module. This is a well-known transient failure pattern with the Go module proxy — the proxy closed the HTTP/2 stream mid-transfer.

Recommendations
  1. Fix the stale docs (GitHub Actions failure): Rebase the PR branch onto the latest main, then re-run make generate update locally and commit the updated docs/content/reference/aggregated-docs.md and docs/content/reference/api.md files.

  2. Retry the Prow verify-deps job: The proxy.golang.org HTTP/2 stream error is transient. Simply re-trigger the job with /retest or /test verify-deps — no code changes needed.

  3. Verify the vendor directory: The PR directly modifies vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hostedcluster_types.go with the same changes as the source file. This is correct for this self-vendoring repo pattern, but after rebasing, re-run go mod vendor to ensure consistency.

Evidence
Evidence Detail
GHA failed step Step 11: git update-index --refresh detected dirty working tree after make generate update
GHA dirty files docs/content/reference/aggregated-docs.md: needs update, docs/content/reference/api.md: needs update
GHA all code checks passed staticcheck ✅, fmt ✅, vet ✅, verify-api-deps ✅, verify-crd-schema ✅, verify-docs-nav ✅
Prow error golang.org/x/net@v0.56.0: stream error: stream ID 265; INTERNAL_ERROR; received from peer (×10 subpackages)
Prow failed step verify-deps-go-verify-depsgo mod tidy could not download dependencies
PR changes Added CSISnapshot to OptionalCapability enum, updated 40 files including CRD manifests, API types, vendor, and docs

@openshift-ci

openshift-ci Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

@hypershift-jira-solve-ci[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/verify-deps 3681ae2 link true /test verify-deps

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/api Indicates the PR includes changes for the API area/cli Indicates the PR includes changes for CLI area/control-plane-operator Indicates the PR includes changes for the control plane operator - in an OCP release area/documentation Indicates the PR includes changes for documentation area/hypershift-operator Indicates the PR includes changes for the hypershift operator and API - outside an OCP release jira/valid-reference Indicates that this PR references a valid Jira ticket of any type.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant