OCPBUGS-97602: Use glance image with stable name to avoid race condition#81445
OCPBUGS-97602: Use glance image with stable name to avoid race condition#81445winiciusallan wants to merge 1 commit into
Conversation
|
@winiciusallan: This pull request references Jira Issue OCPBUGS-97602, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
WalkthroughThis PR changes an OpenStack RHCOS image configuration script to derive the target image name from the installer's stream JSON version instead of the OCP minor version, and simplifies the upload logic from sha256-comparison/rename-based promotion to a straightforward existence check followed by direct image creation. Documentation is updated to match. ChangesRHCOS Image Naming and Upload Flow
Estimated code review effort: 3 (Moderate) | ~20 minutes Related PRs: None identified. Suggested labels: ci-operator, openstack, documentation Suggested reviewers: None identified. 🐰 A rabbit hopped through streams and names, 🚥 Pre-merge checks | ✅ 5 | ❌ 10❌ Failed checks (10 inconclusive)
✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
[REHEARSALNOTIFIER]
A total of 1161 jobs have been affected by this change. The above listing is non-exhaustive and limited to 25 jobs. A full list of affected jobs can be found here Interacting with pj-rehearseComment: Once you are satisfied with the results of the rehearsals, comment: |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mandre, winiciusallan The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
`@ci-operator/step-registry/openstack/conf/rhcosimage/openstack-conf-rhcosimage-commands.sh`:
- Around line 70-73: The skip logic in the RHCOS image upload flow is too broad
and currently reuses any matching image instead of only a ready one. Update the
check in the image lookup/upload path to inspect the OpenStack image JSON status
via .[0].status and only skip when the existing image is active; for queued,
saving, or killed states, do not reuse it and instead refresh or fail so the
upload path can proceed correctly. Use the existing IMAGE_NAME/EXISTING_COUNT
handling in the openstack-conf-rhcosimage-commands.sh flow to locate the
condition.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 503b4181-a334-4ed3-ae6d-bde904d3791e
📒 Files selected for processing (2)
ci-operator/step-registry/openstack/conf/rhcosimage/openstack-conf-rhcosimage-commands.shci-operator/step-registry/openstack/conf/rhcosimage/openstack-conf-rhcosimage-ref.yaml
| if [[ "$EXISTING_COUNT" -eq 1 ]]; then | ||
| echo "RHCOS image '${IMAGE_NAME}' already exists. Skipping upload." | ||
| else | ||
| echo "RHCOS image '${IMAGE_NAME}' needs to be uploaded (current sha256: '${CURRENT_SHA256}', expected: '${UNCOMPRESSED_SHA256}')" | ||
| echo "RHCOS image '${IMAGE_NAME}' not found. Uploading..." |
There was a problem hiding this comment.
🩺 Stability & Availability | 🟠 Major | ⚡ Quick win
🧩 Analysis chain
🏁 Script executed:
sed -n '1,180p' ci-operator/step-registry/openstack/conf/rhcosimage/openstack-conf-rhcosimage-commands.shRepository: openshift/release
Length of output: 2105
🏁 Script executed:
rg -n "openstack image list -f json|\\.Status|\\.status|image list -f json" ci-operator/step-registry/openstack -SRepository: openshift/release
Length of output: 2105
🏁 Script executed:
python3 - <<'PY'
import json, re, sys, pathlib
p = pathlib.Path("ci-operator/step-registry/openstack/conf/rhcosimage/openstack-conf-rhcosimage-commands.sh")
text = p.read_text()
for m in re.finditer(r'openstack image list -f json.*?jq -r \'([^\']+)\'', text, re.S):
print(m.group(1))
PYRepository: openshift/release
Length of output: 2105
🌐 Web query:
OpenStackClient openstack image list -f jsonJSON field names status casingStatus status docs
💡 Result:
When using the OpenStackClient command openstack image list -f json, the field name for the image status is lowercase status [1][2][3]. It is not capitalized as Status [1][3][4]. The OpenStack Image Service API (Glance), which backs this command, consistently uses the lowercase status key in its JSON response objects [2][5][3]. Similarly, the internal Python-OpenStackClient code that formats these results maps the field to status [1], and the OpenStack SDK resource definition for an image also uses status as the attribute name [4].
Citations:
- 1: https://github.com/openstack/python-openstackclient/blob/master/openstackclient/image/v2/image.py
- 2: https://docs.openstack.org/api-ref/image/v2/index.html?expanded=show-image-schema-detail
- 3: https://github.com/openstack/glance/blob/master/api-ref/source/v2/images-images-v2.inc
- 4: https://static.opendev.org/docs/openstacksdk/2025.2/user/resources/image/v2/image.html
- 5: https://docs.openstack.org/api-ref/image/v2/
Only skip when the existing image is active. openstack image list -f json uses the lowercase status field, so check .[0].status here and fail/refresh on queued, saving, or killed images instead of reusing them.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
`@ci-operator/step-registry/openstack/conf/rhcosimage/openstack-conf-rhcosimage-commands.sh`
around lines 70 - 73, The skip logic in the RHCOS image upload flow is too broad
and currently reuses any matching image instead of only a ready one. Update the
check in the image lookup/upload path to inspect the OpenStack image JSON status
via .[0].status and only skip when the existing image is active; for queued,
saving, or killed states, do not reuse it and instead refresh or fail so the
upload path can proceed correctly. Use the existing IMAGE_NAME/EXISTING_COUNT
handling in the openstack-conf-rhcosimage-commands.sh flow to locate the
condition.
|
/pj-rehearse rehearsing a few jobs first. |
|
/pj-rehearse |
|
@winiciusallan: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
|
/pj-rehearse pull-ci-openshift-origin-release-4.22-e2e-openstack-ovn |
|
@winiciusallan: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
|
/pj-rehearse pull-ci-openshift-origin-release-4.22-e2e-openstack-ovn Error related with openshift/openstack-test@ecdba93, however the fix is now merged on 4.22. Rehearsing again |
|
@winiciusallan: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel. |
|
@winiciusallan: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
In the current script, when two jobs are triggered in close succession, there is a risk that one of them might overwrite the image name the other was using, causing one of the tests to fail.
This PR changes the script to use a stable image name.
Summary by CodeRabbit
This updates the OpenStack RHCOS image pre-upload flow used by OpenShift CI so jobs share a stable Glance image name instead of racing to rename or replace versioned images. In practice, the script now derives the image name from the installer’s embedded RHCOS stream version, creates the image directly under that final name when needed, and cleans up duplicate entries before continuing.
The accompanying CI config documentation was updated to describe the new naming behavior, so downstream jobs and maintainers have the correct expectation for how the shared RHCOS image name is formed.