Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Comments

OTA-253: Add cluster update preflight mode API#2684

Open
fao89 wants to merge 1 commit intoopenshift:master from
fao89:preflight-from-target-release
Open

OTA-253: Add cluster update preflight mode API #2684
fao89 wants to merge 1 commit intoopenshift:master from
fao89:preflight-from-target-release

Conversation

@fao89
Copy link
Member

@fao89 fao89 commented Jan 30, 2026
edited by qodo-code-review bot
Loading

User description

Implements preflight update mode that allows checking update compatibility without committing to performing the actual cluster update.

Changes:

  • Add optional 'mode' field to Update struct with value "Preflight"
  • Gate new field behind ClusterUpdatePreflight feature (TechPreviewNoUpgrade)
  • When mode="Preflight", cluster runs compatibility checks only
  • When mode omitted, normal update behavior is preserved

Related: openshift/enhancements#1930

PR Type

Enhancement

Description

  • Add optional mode field to Update struct supporting "Preflight" value

  • Gate new field behind ClusterUpdatePreflight feature (TechPreviewNoUpgrade)

  • Enable preflight mode for compatibility checks without actual cluster update

  • Add comprehensive test coverage for preflight mode with various configurations

Diagram Walkthrough

flowchart LR
 A["Update struct"] -->|adds optional field| B["mode: UpdateModePolicy"]
 B -->|supports value| C["Preflight"]
 C -->|gated by feature| D["ClusterUpdatePreflight"]
 D -->|enables| E["Compatibility checks only"]
 A -->|preserves| F["Normal update behavior when mode omitted"]
Loading

File Walkthrough
Relevant files
Enhancement
types_cluster_version.go
Define UpdateModePolicy type and add mode field to Update

config/v1/types_cluster_version.go

  • Define new UpdateModePolicy type with enum validation for "Preflight"
  • Add constant UpdateModePolicyPreflight for the preflight mode value
  • Add optional mode field to Update struct with feature gate annotation
  • Field includes comprehensive documentation about preflight behavior
+19/-0
Documentation
zz_generated.swagger_doc_generated.go
Generate swagger documentation for mode field

config/v1/zz_generated.swagger_doc_generated.go

  • Add swagger documentation for the new mode field in Update struct
  • Document allowed values and behavior when mode is set or omitted
+1/-0
zz_generated.openapi.go
Generate OpenAPI schema for mode field

openapi/generated_openapi/zz_generated.openapi.go

  • Add OpenAPI schema definition for mode field in Update struct
  • Include field description and type information for API documentation
+7/-0
Configuration changes
features.go
Register ClusterUpdatePreflight feature gate

features/features.go

  • Register new FeatureGateClusterUpdatePreflight feature gate
  • Configure gate for TechPreviewNoUpgrade scope
  • Set contact person and link to enhancement PR
+7/-0
0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml
Update CRD manifest with mode field schema

config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml

  • Add mode field to CRD schema with enum validation for "Preflight"
  • Include field description and type information in manifest
+10/-0
zz_generated.featuregated-crd-manifests.yaml
Register feature gate in manifest index

config/v1/zz_generated.featuregated-crd-manifests.yaml

  • Add ClusterUpdatePreflight to the list of feature gates for
    clusterversions CRD
+1/-0
ClusterUpdatePreflight.yaml
Generate feature-gated CRD manifest for preflight mode

config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml

  • Generate complete feature-gated CRD manifest for
    ClusterUpdatePreflight
  • Include full schema with mode field and all validations
  • Define enum constraint for "Preflight" value
+775/-0
Tests
ClusterUpdatePreflight.yaml
Add comprehensive preflight mode test suite

config/v1/tests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml

  • Add comprehensive test suite for preflight mode functionality
  • Test setting mode to Preflight with version, image, and architecture
  • Test mode field with acceptRisks configuration
  • Test invalid mode values are rejected
  • Test mode transitions between normal and preflight states
  • Test changing target version while in preflight mode
+181/-0

Copy link

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jan 30, 2026
Copy link

openshift-ci-robot commented Jan 30, 2026
edited by openshift-ci bot
Loading

@fao89: This pull request references OTA-253 which is a valid jira issue.

Details

In response to this:

Implements preflight update mode that allows checking update compatibility without committing to performing the actual cluster update.

Changes:

  • Add optional 'mode' field to Update struct with value "Preflight"
  • Gate new field behind ClusterUpdatePreflight feature (TechPreviewNoUpgrade)
  • When mode="Preflight", cluster runs compatibility checks only
  • When mode omitted, normal update behavior is preserved

Related: openshift/enhancements#1930

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

Copy link

coderabbitai bot commented Jan 30, 2026
edited
Loading

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Adds a new update mode "Preflight" by introducing the UpdateModePolicy type and a Mode field on Update, registers the ClusterUpdatePreflight feature gate, updates OpenAPI and Swagger docs to include the new mode, inserts the gate into feature-gate payloads and documentation, and adds ClusterVersion preflight test configurations.

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically references the main change: adding a cluster update preflight mode API, which aligns with the primary purpose of this PR.
Description check ✅ Passed The description comprehensively explains the preflight update mode feature, lists specific implementation changes, and references the related enhancement PR.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link
Contributor

openshift-ci bot commented Jan 30, 2026

Hello @fao89! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

Copy link

openshift-ci-robot commented Jan 30, 2026
edited by openshift-ci bot
Loading

@fao89: This pull request references OTA-253 which is a valid jira issue.

Details

In response to this:

User description

Implements preflight update mode that allows checking update compatibility without committing to performing the actual cluster update.

Changes:

  • Add optional 'mode' field to Update struct with value "Preflight"
  • Gate new field behind ClusterUpdatePreflight feature (TechPreviewNoUpgrade)
  • When mode="Preflight", cluster runs compatibility checks only
  • When mode omitted, normal update behavior is preserved

Related: openshift/enhancements#1930

PR Type

Enhancement

Description

  • Add optional mode field to Update struct supporting "Preflight" value

  • Gate new field behind ClusterUpdatePreflight feature (TechPreviewNoUpgrade)

  • Enable preflight mode for compatibility checks without actual cluster update

  • Add comprehensive test coverage for preflight mode with various configurations

Diagram Walkthrough

flowchart LR
 A["Update struct"] -->|adds optional field| B["mode: UpdateModePolicy"]
 B -->|supports value| C["Preflight"]
 C -->|gated by feature| D["ClusterUpdatePreflight"]
 D -->|enables| E["Compatibility checks only"]
 A -->|preserves| F["Normal update behavior when mode omitted"]
Loading

File Walkthrough
Relevant files
Enhancement
types_cluster_version.go
Define UpdateModePolicy type and add mode field to Update

config/v1/types_cluster_version.go

  • Define new UpdateModePolicy type with enum validation for "Preflight"
  • Add constant UpdateModePolicyPreflight for the preflight mode value
  • Add optional mode field to Update struct with feature gate annotation
  • Field includes comprehensive documentation about preflight behavior
+19/-0
Documentation
zz_generated.swagger_doc_generated.go
Generate swagger documentation for mode field

config/v1/zz_generated.swagger_doc_generated.go

  • Add swagger documentation for the new mode field in Update struct
  • Document allowed values and behavior when mode is set or omitted
+1/-0
zz_generated.openapi.go
Generate OpenAPI schema for mode field

openapi/generated_openapi/zz_generated.openapi.go

  • Add OpenAPI schema definition for mode field in Update struct
  • Include field description and type information for API documentation
+7/-0
Configuration changes
features.go
Register ClusterUpdatePreflight feature gate

features/features.go

  • Register new FeatureGateClusterUpdatePreflight feature gate
  • Configure gate for TechPreviewNoUpgrade scope
  • Set contact person and link to enhancement PR
+7/-0
0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml
Update CRD manifest with mode field schema

config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml

  • Add mode field to CRD schema with enum validation for "Preflight"
  • Include field description and type information in manifest
+10/-0
zz_generated.featuregated-crd-manifests.yaml
Register feature gate in manifest index

config/v1/zz_generated.featuregated-crd-manifests.yaml

  • Add ClusterUpdatePreflight to the list of feature gates for
    clusterversions CRD
+1/-0
ClusterUpdatePreflight.yaml
Generate feature-gated CRD manifest for preflight mode

config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml

  • Generate complete feature-gated CRD manifest for
    ClusterUpdatePreflight
  • Include full schema with mode field and all validations
  • Define enum constraint for "Preflight" value
+775/-0
Tests
ClusterUpdatePreflight.yaml
Add comprehensive preflight mode test suite

config/v1/tests/clusterversions.config.openshift.io/ClusterUpdatePreflight.yaml

  • Add comprehensive test suite for preflight mode functionality
  • Test setting mode to Preflight with version, image, and architecture
  • Test mode field with acceptRisks configuration
  • Test invalid mode values are rejected
  • Test mode transitions between normal and preflight states
  • Test changing target version while in preflight mode
+181/-0

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot added the size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. label Jan 30, 2026
Copy link

qodo-code-review bot commented Jan 30, 2026
edited
Loading

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢
No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
🎫 No ticket provided
  • Create ticket/issue
Codebase Duplication Compliance
Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance
🟢
Generic: Meaningful Naming and Self-Documenting Code

Objective: Ensure all identifiers clearly express their purpose and intent, making code
self-documenting

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Robust Error Handling and Edge Case Management

Objective: Ensure comprehensive error handling that provides meaningful context and graceful
degradation

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Error Handling

Objective: To prevent the leakage of sensitive system information through error messages while
providing sufficient detail for internal debugging.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Logging Practices

Objective: To ensure logs are useful for debugging and auditing without exposing sensitive
information like PII, PHI, or cardholder data.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Security-First Input Validation and Data Handling

Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent
vulnerabilities

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Comprehensive Audit Trails

Objective: To create a detailed and reliable record of critical system actions for security analysis
and compliance.

Status:
Audit logging unclear: The diff adds a new administrative action surface (desiredUpdate.mode: Preflight) but does
not show whether requests to use this mode are audit-logged with actor/context and
outcome.

Referred Code 
// mode allows an update to be checked for compatibility without committing to updating the cluster.
// Allowed values are "Preflight" and omitted.
// When omitted, the default mode allows existing clients to request normal updates.
// When set to "Preflight", the cluster will run compatibility checks against the target release
// without performing an actual update.
// +openshift:enable:FeatureGate=ClusterUpdatePreflight
// +kubebuilder:validation:Enum=Preflight
// +optional
Mode UpdateModePolicy `json:"mode,omitempty"`

Learn more about managing compliance generic rules or creating your own custom rules

  • Update
Compliance status legend 🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label
Copy link

qodo-code-review bot commented Jan 30, 2026
edited
Loading

PR Code Suggestions ✨

Explore these optional code suggestions:

CategorySuggestion Impact
General
Improve API design for future extensibility

Add an explicit Normal value to the UpdateModePolicy enum alongside Preflight.
This makes the API more explicit and extensible for future modes.

config/v1/types_cluster_version.go [286-293] 

 // UpdateModePolicy defines how an update should be processed.
-// +kubebuilder:validation:Enum=Preflight
+// +kubebuilder:validation:Enum=Normal;Preflight
 type UpdateModePolicy string
 
 const (
+	// UpdateModePolicyNormal is the default update mode and will commit to updating the cluster.
+	UpdateModePolicyNormal UpdateModePolicy = "Normal"
 	// UpdateModePolicyPreflight allows an update to be checked for compatibility without committing to updating the cluster.
 	UpdateModePolicyPreflight UpdateModePolicy = "Preflight"
 )
  • Apply / Chat
Suggestion importance[1-10]: 6

__

Why: This is a valid suggestion that improves API design by making the update modes explicit, which enhances clarity and future extensibility.

Low
  • Update

Copy link
Contributor

openshift-ci bot commented Jan 30, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign everettraven for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@fao89 fao89 force-pushed the preflight-from-target-release branch from 8c3f649 to b2750d9 Compare January 30, 2026 14:16
@openshift-ci openshift-ci bot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Jan 30, 2026
@fao89 fao89 force-pushed the preflight-from-target-release branch from b2750d9 to fb4267a Compare January 30, 2026 16:25
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In `@openapi/generated_openapi/zz_generated.openapi.go`:
- Around line 21484-21490: The OpenAPI schema for the "mode" property currently
allows any string; add an enum constraint so only "Preflight" is permitted by
updating the source validation annotation that defines this field (so the
generator emits Enum: ["Preflight"]) and then regenerate the OpenAPI output;
specifically ensure the generated SchemaProps for "mode" includes an Enum entry
(e.g., Enum: []interface{}{"Preflight"}) rather than only Type/Description, by
changing the validation/tag on the source field that corresponds to the "mode"
schema before running the generator.

Comment on lines 773 to 780
// mode allows an update to be checked for compatibility without committing to updating the cluster.
// Allowed values are "Preflight" and omitted.
// When omitted, the default mode allows existing clients to request normal updates.
// When set to "Preflight", the cluster will run compatibility checks against the target release
// without performing an actual update.
// +openshift:enable:FeatureGate=ClusterUpdatePreflight
// +optional
Mode UpdateModePolicy `json:"mode,omitempty"`
Copy link
Member

@saschagrunert saschagrunert Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I can see from the slack thread, the documentation should reflect that preflight results appear in status.conditionalUpdates:

conditional update risks becomes a union of things coming from the update graph and pre flight checks

How about something like:

Suggested change
// mode allows an update to be checked for compatibility without committing to updating the cluster.
// Allowed values are "Preflight" and omitted.
// When omitted, the default mode allows existing clients to request normal updates.
// When set to "Preflight", the cluster will run compatibility checks against the target release
// without performing an actual update.
// +openshift:enable:FeatureGate=ClusterUpdatePreflight
// +optional
Mode UpdateModePolicy `json:"mode,omitempty"`
// mode determines how an update should be processed.
// The only valid value is "Preflight".
// When omitted, the cluster performs a normal update by applying the specified version or image to the cluster.
// This is the standard update behavior.
// When set to "Preflight", the cluster runs compatibility checks against the target release without
// performing an actual update. The target release's CVO will execute prechecks and report any detected
// risks in status.conditionalUpdates, alongside risks from the update recommendation service.
// This allows administrators to assess update readiness and address issues before committing to the update.
// Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be
// verified across multiple minor versions.
// +openshift:enable:FeatureGate=ClusterUpdatePreflight
// +optional
Mode UpdateModePolicy `json:"mode,omitempty"`

We have to:

  • Explicitly state WHERE results appear (status.conditionalUpdates)
  • Explain the union behavior (update graph + preflight checks)
  • Mention skip-level use case (primary motivation from enhancement PR)

@fao89 fao89 force-pushed the preflight-from-target-release branch from fb4267a to 56aa358 Compare February 6, 2026 19:51
@openshift-ci openshift-ci bot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Feb 6, 2026

// UpdateModePolicy defines how an update should be processed.
// Valid values are defined as constants below.
// +kubebuilder:validation:Enum=Preflight
Copy link
Member

@saschagrunert saschagrunert Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+enum adds an Enum constraint to the OpenAPI schema and appends auto-generated enum documentation to the description.

Suggested change
// +kubebuilder:validation:Enum=Preflight
// +enum
// +kubebuilder:validation:Enum=Preflight

Comment on lines 8 to 51
- name: Should be able to set mode to Preflight
initial: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
mode: Preflight
expected: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
mode: Preflight
- name: Should be able to omit mode field (default behavior)
initial: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
expected: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
- name: Should be able to use Preflight mode with acceptRisks
initial: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
mode: Preflight
acceptRisks:
- name: RiskA
- name: RiskB
Copy link
Member

@saschagrunert saschagrunert Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think those are basic CRUD tests and can be removed.

version: 4.22.0
mode: ""
expectedError: "Unsupported value: \"\""
onUpdate: [] No newline at end of file
Copy link
Member

@saschagrunert saschagrunert Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add transition tests:

Suggested change
onUpdate:[]
onUpdate:
- name: Should be able to transition from normal to Preflight mode
initial: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
updated: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
mode: Preflight
expected: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
mode: Preflight
- name: Should be able to clear Preflight mode
initial: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
mode: Preflight
updated: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0
expected: |
apiVersion: config.openshift.io/v1
kind: ClusterVersion
spec:
clusterID: foo
desiredUpdate:
version: 4.22.0

@fao89 fao89 force-pushed the preflight-from-target-release branch from 56aa358 to b955f04 Compare February 10, 2026 17:46
@openshift-ci openshift-ci bot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Feb 10, 2026
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
config/v1/zz_generated.swagger_doc_generated.go (1)

911-919: ⚠️ Potential issue | 🟡 Minor

Add feature-gate note to avoid user confusion.

The description doesn’t mention that mode is gated behind ClusterUpdatePreflight (TechPreviewNoUpgrade). Without this, users may set the field and be surprised if it’s ignored or rejected when the gate is off.

✅ Suggested doc tweak 
- "mode": "mode determines how an update should be processed. The only valid value is \"Preflight\". When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. This is the standard update behavior. When set to \"Preflight\", the cluster runs compatibility checks against the target release without performing an actual update. The target release's CVO will execute prechecks and report any detected risks in status.conditionalUpdates, alongside risks from the update recommendation service. Results appear in status.conditionalUpdates as a union of risks from both the update graph and preflight checks executed by the target release's CVO. This allows administrators to assess update readiness and address issues before committing to the update. Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be verified across multiple minor versions.",
+ "mode": "mode determines how an update should be processed. The only valid value is \"Preflight\". This field is gated by the ClusterUpdatePreflight feature gate (TechPreviewNoUpgrade). When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. This is the standard update behavior. When set to \"Preflight\", the cluster runs compatibility checks against the target release without performing an actual update. The target release's CVO will execute prechecks and report any detected risks in status.conditionalUpdates, alongside risks from the update recommendation service. Results appear in status.conditionalUpdates as a union of risks from both the update graph and preflight checks executed by the target release's CVO. This allows administrators to assess update readiness and address issues before committing to the update. Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be verified across multiple minor versions.",
🤖 Fix all issues with AI agents 
In `@config/v1/types_cluster_version.go`:
- Around line 775-789: Update the comment for the Mode field (UpdateModePolicy)
to correctly state that preflight risk details are reported in
status.conditionalUpdateRisks and that status.conditionalUpdates contains
references/entries that point to those risk objects; replace the sentence that
says "Results appear in status.conditionalUpdates as a union of risks..." with
wording that clarifies conditionalUpdates references the risk objects and the
detailed risk payloads are stored in status.conditionalUpdateRisks (keeping the
rest of the preflight explanation and the FeatureGate/optional tags intact).

Comment on lines 775 to 789
// mode determines how an update should be processed.
// The only valid value is "Preflight".
// When omitted, the cluster performs a normal update by applying the specified version or image to the cluster.
// This is the standard update behavior.
// When set to "Preflight", the cluster runs compatibility checks against the target release without
// performing an actual update. The target release's CVO will execute prechecks and report any detected
// risks in status.conditionalUpdates, alongside risks from the update recommendation service.
// Results appear in status.conditionalUpdates as a union of risks from both the update graph and
// preflight checks executed by the target release's CVO.
// This allows administrators to assess update readiness and address issues before committing to the update.
// Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be
// verified across multiple minor versions.
// +openshift:enable:FeatureGate=ClusterUpdatePreflight
// +optional
Mode UpdateModePolicy `json:"mode,omitempty"`
Copy link

@coderabbitai coderabbitai bot Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Clarify which status field carries preflight risks.

The doc says risks appear in status.conditionalUpdates, but risk details live in status.conditionalUpdateRisks (with conditionalUpdates referencing them). This could mislead API consumers. Consider tightening the wording.

✏️ Suggested doc tweak 
- // risks in status.conditionalUpdates, alongside risks from the update recommendation service.
- // Results appear in status.conditionalUpdates as a union of risks from both the update graph and
- // preflight checks executed by the target release's CVO.
+ // risks in status.conditionalUpdateRisks, alongside risks from the update recommendation service,
+ // and are referenced by status.conditionalUpdates.
+ // Results appear in status.conditionalUpdateRisks as a union of risks from both the update graph and
+ // preflight checks executed by the target release's CVO.
🤖 Prompt for AI Agents 
In `@config/v1/types_cluster_version.go` around lines 775 - 789, Update the
comment for the Mode field (UpdateModePolicy) to correctly state that preflight
risk details are reported in status.conditionalUpdateRisks and that
status.conditionalUpdates contains references/entries that point to those risk
objects; replace the sentence that says "Results appear in
status.conditionalUpdates as a union of risks..." with wording that clarifies
conditionalUpdates references the risk objects and the detailed risk payloads
are stored in status.conditionalUpdateRisks (keeping the rest of the preflight
explanation and the FeatureGate/optional tags intact).

@fao89 fao89 force-pushed the preflight-from-target-release branch 3 times, most recently from 716fcd7 to 5c1b79e Compare February 10, 2026 19:23
Copy link
Member Author

fao89 commented Feb 11, 2026

/test okd-scos-images
qodo-code-review[bot] reacted with eyes emoji

Copy link

qodo-code-review bot commented Feb 11, 2026
edited
Loading

PR-Agent: could not fine a component named okd-scos-images in a supported language in this PR.

type ClusterID string

// UpdateModePolicy defines how an update should be processed.
// Valid values are defined as constants below.
Copy link
Member

@saschagrunert saschagrunert Feb 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The godoc for types appears in generated API documentation and oc explain output. "Constants below" is a Go source-level reference that means nothing to end users reading the generated docs.

Suggested change
// Valid values are defined as constants below.

fao89 reacted with thumbs up emoji
// When omitted, the cluster performs a normal update by applying the specified version or image to the cluster.
// This is the standard update behavior.
// When set to "Preflight", the cluster runs compatibility checks against the target release without
// performing an actual update. The target release's CVO will execute prechecks and report any detected
Copy link
Member

@saschagrunert saschagrunert Feb 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are force and mode mutually exclusive? If so, then we sould document that and add a CEL XValidation rule including tests.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice catch! I'll work on that

saschagrunert reacted with thumbs up emoji
// Valid values are 'Multi' and empty.
//
// +optional
Architecture ClusterVersionArchitecture `json:"architecture"`
Copy link
Member

@saschagrunert saschagrunert Feb 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does Preflight mode support architecture changes? The documentation should clarify this, ideally with an explicit statement like "When mode is set to Preflight, the same rules for version, image, and architecture apply as for normal updates."

fao89 reacted with thumbs up emoji
@fao89 fao89 force-pushed the preflight-from-target-release branch 4 times, most recently from 4751344 to 6266de1 Compare February 17, 2026 10:09
@openshift-ci openshift-ci bot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Feb 17, 2026
// verified across multiple minor versions.
// When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates.
// The mode and force fields are mutually exclusive - mode cannot be set when force is true.
// +optional
Copy link
Member

@saschagrunert saschagrunert Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess that's missing:

Suggested change
// +optional
// +openshift:enable:FeatureGate=ClusterUpdatePreflight
// +optional

// Update represents an administrator update request.
// +kubebuilder:validation:XValidation:rule="has(self.architecture) && has(self.image) ? (self.architecture == \"\" || self.image == \"\") : true",message="cannot set both Architecture and Image"
// +kubebuilder:validation:XValidation:rule="has(self.architecture) && self.architecture != \"\" ? self.version != \"\" : true",message="Version must be set if Architecture is set"
// +kubebuilder:validation:XValidation:rule="has(self.force) && has(self.mode) && self.force && self.mode != \"\" ? false : true",message="force and mode are mutually exclusive"
Copy link
Member

@saschagrunert saschagrunert Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This must be feature gated as well:

Suggested change
// +kubebuilder:validation:XValidation:rule="has(self.force) && has(self.mode) && self.force && self.mode != \"\" ? false : true",message="force and mode are mutually exclusive"
// +openshift:validation:FeatureGateAwareXValidation:featureGate=ClusterUpdatePreflight,rule="has(self.force) && has(self.mode) && self.force && self.mode != \"\" ? false : true",message="force and mode are mutually exclusive"

We could also make the whole rule more readable, see:

rule="has(self.force) && has(self.mode) && self.force && self.mode != \"\" ? false : true"

to be changed to:

rule="!has(self.mode) || self.mode == \"\" || !has(self.force) || !self.force"

fao89 reacted with heart emoji
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you!

// UpdateModePolicy defines how an update should be processed.
// +enum
// +kubebuilder:validation:Enum=Preflight
type UpdateModePolicy string
Copy link
Member

@saschagrunert saschagrunert Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have we considered dropping Policy, it seems to imply a governance rule rather than a mode selector.

Suggested change
type UpdateModePolicy string
type UpdateMode string

fao89 reacted with thumbs up emoji 
Implements preflight update mode that allows checking update compatibility
without committing to performing the actual cluster update.
Changes:
- Add optional 'mode' field to Update struct with value "Preflight"
- Gate new field behind ClusterUpdatePreflight feature (TechPreviewNoUpgrade)
- When mode="Preflight", cluster runs compatibility checks only
- When mode omitted, normal update behavior is preserved
Related: openshift/enhancements#1930
Signed-off-by: Fabricio Aguiar <fabricio.aguiar@gmail.com>
rh-pre-commit.version: 2.3.2
rh-pre-commit.check-secrets: ENABLED
@fao89 fao89 force-pushed the preflight-from-target-release branch from 6266de1 to 63d0dc6 Compare February 23, 2026 12:40
@openshift-ci openshift-ci bot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Feb 23, 2026
Copy link
Contributor

openshift-ci bot commented Feb 23, 2026

@fao89: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Comment on lines +780 to +783
// performing an actual update. The target release's CVO will execute pre-checks and report any detected
// risks in status.conditionalUpdateRisks, alongside risks from the update recommendation service.
// status.conditionalUpdates contains references/entries that point to the detailed risk objects
// stored in status.conditionalUpdateRisks from both the update graph and preflight checks executed by the target release's CVO.
Copy link
Member

@saschagrunert saschagrunert Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit, I'd simplify this and hide the implementation details:

Suggested change
// performing an actual update. The target release's CVO will execute pre-checks and report any detected
// risks in status.conditionalUpdateRisks, alongside risks from the update recommendation service.
// status.conditionalUpdates contains references/entries that point to the detailed risk objects
// stored in status.conditionalUpdateRisks from both the update graph and preflight checks executed by the target release's CVO.
// performing an actual update. Compatibility results, including any detected risks, are reported
// in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update
// recommendation service.

// Update represents an administrator update request.
// +kubebuilder:validation:XValidation:rule="has(self.architecture) && has(self.image) ? (self.architecture == \"\" || self.image == \"\") : true",message="cannot set both Architecture and Image"
// +kubebuilder:validation:XValidation:rule="has(self.architecture) && self.architecture != \"\" ? self.version != \"\" : true",message="Version must be set if Architecture is set"
// +openshift:validation:FeatureGateAwareXValidation:featureGate=ClusterUpdatePreflight,rule="!has(self.mode) || self.mode == \"\" || !has(self.force) || !self.force",message="force and mode are mutually exclusive"
Copy link
Member

@saschagrunert saschagrunert Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

self.mode == "" seems to be unreachable:

Suggested change
// +openshift:validation:FeatureGateAwareXValidation:featureGate=ClusterUpdatePreflight,rule="!has(self.mode) || self.mode == \"\" || !has(self.force) || !self.force",message="force and mode are mutually exclusive"
// +openshift:validation:FeatureGateAwareXValidation:featureGate=ClusterUpdatePreflight,rule="!has(self.mode) || !has(self.force) || !self.force",message="force and mode are mutually exclusive"

version: 4.22.0
mode: ""
expectedError: "Unsupported value: \"\""
- name: Should reject when both force and mode are set
Copy link
Member

@saschagrunert saschagrunert Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's also add a test for force: false and mode: Preflight:

 - name: Should allow Preflight mode when force is explicitly false
 initial: |
 apiVersion: config.openshift.io/v1
 kind: ClusterVersion
 spec:
 clusterID: foo
 desiredUpdate:
 version: 4.22.0
 mode: Preflight
 force: false
 expected: |
 apiVersion: config.openshift.io/v1
 kind: ClusterVersion
 spec:
 clusterID: foo
 desiredUpdate:
 version: 4.22.0
 mode: Preflight

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@everettraven everettraven Awaiting requested review from everettraven

@JoelSpeed JoelSpeed Awaiting requested review from JoelSpeed

+1 more reviewer

@saschagrunert saschagrunert saschagrunert left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. Review effort 3/5 size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /