Skip to content

feat: add RPM-only build mode for presubmit CI#6961

Draft
agullon wants to merge 4 commits into
openshift:mainfrom
agullon:shiftweek/rpm-presubmit-ci
Draft

feat: add RPM-only build mode for presubmit CI#6961
agullon wants to merge 4 commits into
openshift:mainfrom
agullon:shiftweek/rpm-presubmit-ci

Conversation

@agullon

@agullon agullon commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Summary

Add RPM-only build mode to MicroShift CI that skips ostree/bootc image builds, reducing presubmit build phase from ~30 min to ~13 min. Includes 16 RPM presubmit scenarios covering functional, networking, and lifecycle tests.

What changed

RPM-only build mode:

  • -rpm_only flag for ci_phase_iso_build.sh — builds RPMs only, downloads cached installer ISOs for VM kickstart
  • download_isos action in manage_build_cache.sh — fetches ISOs from S3 cache
  • Skip mirror registry setup for RPM scenarios (pull from CDN instead)

RPM scenario framework (scenario_rpm.sh):

  • rpm_configure_vm: firewall, RHSM, repo setup (RHEL version derived from SCENARIO_TYPE at runtime)
  • rpm_install_microshift: dnf install → NM connectivity check → service start → readiness wait
  • rpm_reboot_and_wait: clean reboot for network-dependent scenarios (dual-stack, ipv6, multi-nic)
  • Scenarios use el-src@ naming — one set of 16 files covers both RHEL 9 and 10

RPM presubmit scenarios (16 files):

  • Standard: configuration1, configuration2, standard1, standard2, kustomize-core-api, networking, validation
  • Network: dual-stack, ipv6, multi-nic
  • Components: router (×2, split for parallelism), optional, storage, telemetry-clusterid
  • Lifecycle: upgrade (Y-1 → current)

Router split for parallel execution:

  • router.robot (18m, 7 tests) → router-ownership.robot (~8m) + router-verify.robot (~10m)
  • Shared keywords extracted to router.resource

Scenario directory reorganization:

  • scenarios/scenarios-ostree/ (naming consistency with scenarios-bootc/ and scenarios-rpm/)
  • Periodics split into periodics-lifecycle/ and periodics-functional/ (bootc, ostree)
  • Bootc/ostree presubmit scenarios moved to nightly periodic directories

Commits

  1. RPM-only build mode + scenario framework — build infrastructure, scenario_rpm.sh helpers
  2. RPM presubmit scenarios — 16 scenario files in scenarios-rpm/presubmits/
  3. Router splitrouter.robot → 2 files + shared resource
  4. Directory reorganization — renames, lifecycle/functional split, presubmits → periodics

Related

Test plan

  • ci_phase_iso_build.sh -rpm_only exits after RPM build
  • RPM presubmit scenarios pass end-to-end on ARM (c7g.metal)
  • Existing bootc/ostree builds unaffected
  • Router split: both robot files parse and run independently
  • Nightly periodics pick up reorganized scenario directories

@openshift-ci openshift-ci Bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 29, 2026
@openshift-ci

openshift-ci Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci

openshift-ci Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: agullon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

Adds RPM-only build handling in ci_phase_iso_build.sh, skips mirror-registry startup for matching presubmits, and changes build_rpms.sh to prepare GNU Parallel citation state with a file.

Changes

RPM-only CI flow

Layer / File(s) Summary
RPM-only build selection
test/bin/ci_phase_iso_build.sh
Recognizes -rpm_only, disables composer CLI builds, and runs ./bin/build_rpms.sh instead of the image and bootc build flow.
Mirror registry gating
test/bin/ci_phase_boot_and_test.sh, test/bin/scenario.sh
Sets SKIP_MIRROR_REGISTRY=true for RPM-only presubmits and checks that flag before starting mirror_registry.sh.
Parallel citation file setup
test/bin/build_rpms.sh
Creates ~/.parallel/will-cite before running parallel build jobs.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 14 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (14 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: adding an RPM-only build mode for presubmit CI.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed Touched files are shell/scenario scripts only; no It/Describe/Context/When test titles were added or changed.
Test Structure And Quality ✅ Passed No Ginkgo test code was modified; the PR only changes shell scripts and scenario scripts, with no *_test.go files or Describe/It blocks touched.
Microshift Test Compatibility ✅ Passed The PR only changes shell/scenario scripts; no new Ginkgo It/Describe tests or MicroShift-unsupported APIs were added.
Single Node Openshift (Sno) Test Compatibility ✅ Passed PR only changes shell scripts; no Go/Ginkgo test declarations or SNO-unsafe test logic were added.
Topology-Aware Scheduling Compatibility ✅ Passed Only CI/test shell scripts changed; no manifests, operators, controllers, or scheduling constraints were introduced.
Ote Binary Stdout Contract ✅ Passed PR only changes CI shell scripts; no OTE binary main/init/test setup code writes to stdout were added.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed PASS: The PR only changes shell orchestration and scenario routing; it adds no new Ginkgo tests or IPv4-sensitive test code.
No-Weak-Crypto ✅ Passed Touched scripts only add rpm-only branching and mirror-registry env handling; no MD5/SHA1/DES/RC4/3DES/Blowfish/ECB, custom crypto, or secret comparisons found.
Container-Privileges ✅ Passed PASS: The PR only changes shell scripts/scenario placement; no container/K8s manifests were added or modified with privileged settings.
No-Sensitive-Data-In-Logs ✅ Passed Touched lines only add RPM-only branching and parallel citation suppression; no new logging of secrets, tokens, PII, or customer data.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 29, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@test/bin/ci_phase_boot_and_test.sh`:
- Around line 56-59: Reset SKIP_MIRROR_REGISTRY before the scenario branching in
ci_phase_boot_and_test.sh so inherited values do not leak into non-RPM jobs.
Update the pre-submit logic around the SCENARIO_TYPE and SCENARIO_SOURCES checks
to initialize SKIP_MIRROR_REGISTRY to false (or explicitly clear it) before
setting it to true for the rpm-presubmits path, and ensure the non-RPM branches
leave it disabled so scenario.sh sees the correct value.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 5ef256d2-d333-4097-a80d-9ac3d8a2059d

📥 Commits

Reviewing files that changed from the base of the PR and between 69eca43 and d7b5067.

📒 Files selected for processing (2)
  • test/bin/ci_phase_boot_and_test.sh
  • test/bin/scenario.sh

Comment thread test/bin/ci_phase_boot_and_test.sh
@agullon agullon force-pushed the shiftweek/rpm-presubmit-ci branch from 286676e to f940d1c Compare June 30, 2026 07:06
agullon added a commit to agullon/release that referenced this pull request Jul 3, 2026
Add SCENARIO_TYPE environment variable to the iso-build step ref so
rpm-presubmits jobs can route to ci_phase_iso_build.sh -rpm_only,
skipping image builds entirely.

Update get_source_dir() in includes-commands.sh:
- Add rpm-presubmits-el9/el10 mappings to scenarios-rpm/presubmits/
- Rename scenarios/ to scenarios-ostree/ for naming consistency
- Split bootc/ostree periodics into lifecycle/functional directories

Write SCENARIO_TYPE to _output/scenario_type for EC2 instances to
read at runtime (only for rpm-presubmits jobs).

Companion to openshift/microshift#6961.

pre-commit.check-secrets: ENABLED
agullon added a commit to agullon/release that referenced this pull request Jul 3, 2026
… periodics

Presubmits (main.yaml):
- Remove 6 bootc/ostree presubmit jobs (e2e-aws-tests, e2e-aws-tests-arm,
  e2e-aws-tests-bootc-{el9,el10}, e2e-aws-tests-bootc-arm-{el9,el10})
- Add 2 RPM-only presubmit jobs on ARM (c7g.metal): rpm-presubmit-el9-arm,
  rpm-presubmit-el10-arm — builds only RPMs, no image builds (~13 min vs 30 min)
- Convert bootc/ostree presubmit periodic jobs into lifecycle/functional split
  with directory-specific run_if_changed triggers

Periodics (release-5.0__periodics.yaml):
- Split bootc/ostree nightly jobs into lifecycle and functional categories
  (4 bootc crons → 8, 2 ostree crons → 4)
- Stagger cron schedules across 03:00-04:45 to avoid AWS quota contention

Naming:
- Standardize all job names to: {type}-{arch}-{trigger}-{el}-{category}
- Add missing -x86 suffix to cache-nightly jobs

Companion to openshift/microshift#6961.

pre-commit.check-secrets: ENABLED
@agullon agullon force-pushed the shiftweek/rpm-presubmit-ci branch from c58ff69 to a6528ce Compare July 3, 2026 11:03
@agullon

agullon commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

/retest

agullon added 4 commits July 3, 2026 16:04
Build infrastructure:
- Add -rpm_only flag to ci_phase_iso_build.sh that skips composer
  config and image builds, only building RPMs (~13 min vs ~30 min)
- Add download_isos action to manage_build_cache.sh to fetch cached
  installer ISOs needed for VM kickstart in RPM-only mode
- Skip mirror registry setup for RPM scenarios in
  ci_phase_boot_and_test.sh (RPM installs pull from CDN, not mirror)
- Add scenarios-rpm to get_scenario_type_from_path() in common.sh

Scenario framework (scenario_rpm.sh):
- rpm_configure_vm: firewall, RHSM registration, repo configuration
- rpm_install_microshift: dnf install, NM connectivity check, service
  start, endpoint readiness wait
- rpm_reboot_and_wait: clean reboot for scenarios needing it
  (dual-stack, ipv6, multi-nic, low-latency)
- configure_rpm_repos/configure_cdn_repo: RHEL version-aware repo setup
  derived from SCENARIO_TYPE at runtime

Companion to openshift/release#81195.

pre-commit.check-secrets: ENABLED
16 scenario files in scenarios-rpm/presubmits/ that run pure k8s
functional tests after RPM-based MicroShift install:

Standard suites: configuration1, configuration2, standard1, standard2,
  kustomize-core-api, networking, validation
Network tests: dual-stack, ipv6, multi-nic (with reboot after install)
Component tests: router (2 scenarios, split for parallelism), optional,
  storage, telemetry-clusterid
Lifecycle: upgrade (Y-1 → current)

Each scenario uses el-src@ naming — RHEL version (el9/el10) is derived
from SCENARIO_TYPE at runtime, so one set of scenarios covers both.

pre-commit.check-secrets: ENABLED
router.robot (18m11s, 7 tests) was a single-file bottleneck. Split into:

router-ownership.robot (~8m): namespace ownership, router disabled,
  exposure configuration tests
router-verify.robot (~10m): tuning, security, access logging tests

Shared keywords and variables extracted to router.resource, imported
by both files. This enables running router tests in two parallel
scenario VMs instead of one sequential run.

pre-commit.check-secrets: ENABLED
Rename scenarios/ → scenarios-ostree/ to align with scenarios-bootc/
and scenarios-rpm/ naming convention.

Split periodic scenarios into lifecycle and functional categories:
- scenarios-ostree/periodics → periodics-lifecycle + periodics-functional
- scenarios-bootc/el9/periodics → periodics-lifecycle + periodics-functional
- scenarios-bootc/el10/periodics → periodics-lifecycle + periodics-functional

Lifecycle: upgrades, rollbacks, backup/recovery, greenboot, auto-recovery
Functional: config, storage, networking, optional, fips, osconfig

Move bootc/ostree presubmit scenarios to periodic directories — these
tests still run but as nightly periodics instead of per-PR presubmits.

Delete old scenarios/presubmits/ and scenarios/periodics/ files that
are superseded by RPM presubmit scenarios or moved to periodics.

pre-commit.check-secrets: ENABLED
@agullon agullon force-pushed the shiftweek/rpm-presubmit-ci branch from 860fe65 to 08cc450 Compare July 3, 2026 14:04
@agullon

agullon commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

/retest

@agullon agullon force-pushed the shiftweek/rpm-presubmit-ci branch from 111ae0c to 08cc450 Compare July 3, 2026 14:23
@openshift-ci

openshift-ci Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

@agullon: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/verify 08cc450 link true /test verify

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant