Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Comments

OCPBUGS-74530: Remove the featuregate related to StoragePerformantSecurityPolicy#2674

Open
gnufied wants to merge 1 commit intoopenshift:master from
gnufied:remove-storage-performant-fg
Open

OCPBUGS-74530: Remove the featuregate related to StoragePerformantSecurityPolicy #2674
gnufied wants to merge 1 commit intoopenshift:master from
gnufied:remove-storage-performant-fg

Conversation

@gnufied
Copy link
Member

@gnufied gnufied commented Jan 27, 2026
edited by qodo-code-review bot
Loading

User description

xref https://issues.redhat.com/browse/OCPBUGS-74530

PR Type

Enhancement

Description

  • Remove FeatureGateStoragePerformantSecurityPolicy feature gate definition

  • Delete feature gate from all payload manifest configurations

  • Update feature gates documentation to reflect removal

  • Fix indentation in FeatureGateKMSEncryption definition

Diagram Walkthrough

flowchart LR
 A["StoragePerformantSecurityPolicy<br/>Feature Gate"] -->|removed from| B["features.go"]
 A -->|removed from| C["features.md"]
 A -->|removed from| D["Payload Manifests<br/>8 YAML files"]
 E["KMSEncryption<br/>Indentation"] -->|fixed in| B
Loading

File Walkthrough
Relevant files
Enhancement
1 files
features.go
Remove StoragePerformantSecurityPolicy gate definition
+6/-14
Documentation
1 files
features.md
Remove StoragePerformantSecurityPolicy from documentation
+0/-1
Configuration changes
8 files
featureGate-Hypershift-Default.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-Hypershift-DevPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-Hypershift-OKD.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-Hypershift-TechPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-Default.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-OKD.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3

Copy link

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

@openshift-ci-robot openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Jan 27, 2026
Copy link

@gnufied: This pull request references Jira Issue OCPBUGS-74530, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

No GitHub users were found matching the public email listed for the QA contact in Jira (wduan@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

xref https://issues.redhat.com/browse/OCPBUGS-74530

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

Copy link
Contributor

openshift-ci bot commented Jan 27, 2026

Hello @gnufied! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

Copy link

coderabbitai bot commented Jan 27, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This pull request removes the StoragePerformantSecurityPolicy feature gate from the codebase. The changes include deletion of the feature gate declaration in the Go source code, removal from the feature documentation table, and deletion of the feature gate entry from eight different feature gate manifest files covering various deployment profiles (Hypershift and SelfManagedHA configurations with multiple preview and upgrade options). These changes consistently remove the feature gate from enabled or disabled lists depending on the manifest context.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately summarizes the main change: removing the StoragePerformantSecurityPolicy feature gate across all files in the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check ✅ Passed The PR description clearly describes the changes made: removing StoragePerformantSecurityPolicy feature gate definition from code, configuration, and documentation, plus fixing indentation in KMSEncryption definition.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link

@gnufied: This pull request references Jira Issue OCPBUGS-74530, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

No GitHub users were found matching the public email listed for the QA contact in Jira (wduan@redhat.com), skipping review request.

Details

In response to this:

User description

xref https://issues.redhat.com/browse/OCPBUGS-74530

PR Type

Enhancement

Description

  • Remove FeatureGateStoragePerformantSecurityPolicy feature gate definition

  • Delete feature gate from all payload manifest configurations

  • Update feature gates documentation to reflect removal

  • Fix indentation in FeatureGateKMSEncryption definition

Diagram Walkthrough

flowchart LR
 A["StoragePerformantSecurityPolicy<br/>Feature Gate"] -->|removed from| B["features.go"]
 A -->|removed from| C["features.md"]
 A -->|removed from| D["Payload Manifests<br/>8 YAML files"]
 E["KMSEncryption<br/>Indentation"] -->|fixed in| B
Loading

File Walkthrough
Relevant files
Enhancement
1 files
features.go
Remove StoragePerformantSecurityPolicy gate definition
+6/-14
Documentation
1 files
features.md
Remove StoragePerformantSecurityPolicy from documentation
+0/-1
Configuration changes
8 files
featureGate-Hypershift-Default.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-Hypershift-DevPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-Hypershift-OKD.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-Hypershift-TechPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-Default.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-OKD.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3
featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml
Remove StoragePerformantSecurityPolicy from manifest
+0/-3

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

Copy link

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢
No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
🎫 No ticket provided
  • Create ticket/issue
Codebase Duplication Compliance
Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance
🟢
Generic: Comprehensive Audit Trails

Objective: To create a detailed and reliable record of critical system actions for security analysis
and compliance.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Meaningful Naming and Self-Documenting Code

Objective: Ensure all identifiers clearly express their purpose and intent, making code
self-documenting

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Robust Error Handling and Edge Case Management

Objective: Ensure comprehensive error handling that provides meaningful context and graceful
degradation

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Error Handling

Objective: To prevent the leakage of sensitive system information through error messages while
providing sufficient detail for internal debugging.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Logging Practices

Objective: To ensure logs are useful for debugging and auditing without exposing sensitive
information like PII, PHI, or cardholder data.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Security-First Input Validation and Data Handling

Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent
vulnerabilities

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend 🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label
@openshift-ci openshift-ci bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Jan 27, 2026
Copy link

PR Code Suggestions ✨

Explore these optional code suggestions:

CategorySuggestion Impact
Possible issue
Remove feature gate annotations from code

Find and remove all
+openshift:enable:FeatureGate=StoragePerformantSecurityPolicy annotations from
the codebase to prevent build failures caused by the removed feature gate.

features/features.go [778] 

-	FeatureGateHighlyAvailableArbiter = newFeatureGate("HighlyAvailableArbiter").
-						reportProblemsToJiraComponent("Two Node with Arbiter").
-						contactPerson("eggfoobar").
-						productScope(ocpSpecific).
-						enhancementPR("https://github.com/openshift/enhancements/pull/1683").
-						enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
-						mustRegister()
+// This suggestion applies to other files not included in the PR diff.
+// As an example, if the annotation was in a hypothetical `pkg/apis/foo/v1/types.go`:
 
-	FeatureGateMultiDiskSetup = newFeatureGate("MultiDiskSetup").
-					reportProblemsToJiraComponent("splat").
-					contactPerson("jcpowermac").
-					productScope(ocpSpecific).
-					enhancementPR("https://github.com/openshift/enhancements/pull/1812").
-					enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
-					mustRegister()
+// Before:
+// // +openshift:enable:FeatureGate=StoragePerformantSecurityPolicy
+// MyAwesomeField string `json:"myAwesomeField,omitempty"`
 
+// After:
+// MyAwesomeField string `json:"myAwesomeField,omitempty"`
+

[To ensure code accuracy, apply this suggestion manually]

Suggestion importance[1-10]: 8

__

Why: This suggestion correctly identifies a critical and likely missed side-effect of removing a feature gate, which could lead to build failures.

Medium
  • More

Copy link
Member Author

gnufied commented Jan 27, 2026

/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 27, 2026
Copy link
Contributor

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jan 27, 2026
Copy link

Scheduling tests matching the pipeline_run_if_changed or not excluded by pipeline_skip_if_only_changed parameters:
/test e2e-aws-ovn
/test e2e-aws-ovn-hypershift
/test e2e-aws-ovn-hypershift-conformance
/test e2e-aws-ovn-techpreview
/test e2e-aws-serial-1of2
/test e2e-aws-serial-2of2
/test e2e-aws-serial-techpreview-1of2
/test e2e-aws-serial-techpreview-2of2
/test e2e-azure
/test e2e-gcp
/test e2e-upgrade
/test e2e-upgrade-out-of-change

Copy link
Contributor

openshift-ci bot commented Jan 27, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JoelSpeed

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:
  • (削除) OWNERS (削除ここまで) [JoelSpeed]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 27, 2026
Copy link
Contributor

openshift-ci bot commented Jan 28, 2026

@gnufied: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-gcp cfd0306 link true /test e2e-gcp
ci/prow/e2e-aws-ovn cfd0306 link true /test e2e-aws-ovn
ci/prow/e2e-azure cfd0306 link true /test e2e-azure
ci/prow/e2e-aws-ovn-hypershift cfd0306 link true /test e2e-aws-ovn-hypershift
ci/prow/e2e-aws-ovn-hypershift-conformance cfd0306 link true /test e2e-aws-ovn-hypershift-conformance
ci/prow/e2e-aws-ovn-techpreview cfd0306 link true /test e2e-aws-ovn-techpreview

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Copy link
Contributor

@gnufied Removing this gate has caused test failures specific to this gate, is there somewhere that is expecting this gate to be populated still vs setting this feature on by default always?

Copy link
Contributor

/approve cancel

Copy link
Member Author

gnufied commented Jan 28, 2026
edited
Loading

@JoelSpeed I expected these failures and that is why I kept this PR on hold (almost same time as lgtm). We need openshift/kubernetes#2575 PR to merge first and then I will have to fix e2e in https://github.com/openshift/cluster-storage-operator/blob/main/test/e2e/storage_performant_policy.go

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@everettraven everettraven Awaiting requested review from everettraven

@JoelSpeed JoelSpeed Awaiting requested review from JoelSpeed

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. Review effort 2/5 size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /