Conversation
… and update README with troubleshooting steps
WalkthroughPinned multiple ArgoCD application revisions and upstream kustomize resources; README deployment branch updated and Troubleshooting section added; deploy script changed to use kustomize --depth=1 for Gateway API CRDs and to skip Istio download if istioctl exists; CI workflows updated to use rhoai-2.25 and one workflow now pins opendatahub-tests to a specific commit. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✨ Finishing touches🧪 Generate unit tests (beta)
📜 Recent review detailsConfiguration used: defaults Review profile: CHILL Plan: Pro 📒 Files selected for processing (3)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (20)
🔇 Additional comments (3)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
📜 Review details
Configuration used: defaults
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (4)
README.mdcomponents/03-kf-pipelines.yamlcomponents/04-odh-dashboard.yamlcomponents/deploy.py
🧰 Additional context used
🧠 Learnings (3)
📚 Learning: 2025-07-10T07:51:43.680Z
Learnt from: jiridanek
Repo: jiridanek/rhoai-in-kind PR: 28
File: components/deploy.py:58-59
Timestamp: 2025-07-10T07:51:43.680Z
Learning: In Istio 1.26, both PILOT_ENABLE_ALPHA_GATEWAY_API and PILOT_ENABLE_GATEWAY_API flags exist and serve different purposes. PILOT_ENABLE_GATEWAY_API (default: true) enables stable Gateway API features, while PILOT_ENABLE_ALPHA_GATEWAY_API (default: false) enables alpha/experimental Gateway API features. The alpha flag was not deprecated in version 1.26 and is still needed for alpha features.
Applied to files:
components/deploy.py
📚 Learning: 2025-07-10T07:51:43.680Z
Learnt from: jiridanek
Repo: jiridanek/rhoai-in-kind PR: 28
File: components/deploy.py:58-59
Timestamp: 2025-07-10T07:51:43.680Z
Learning: In Istio 1.26, both PILOT_ENABLE_ALPHA_GATEWAY_API and PILOT_ENABLE_GATEWAY_API flags exist and serve different purposes. The PILOT_ENABLE_ALPHA_GATEWAY_API flag is still needed to enable additional alpha features, while PILOT_ENABLE_GATEWAY_API enables general Gateway API support. The alpha flag was not deprecated in version 1.26.
Applied to files:
components/deploy.py
📚 Learning: 2025-06-29T15:23:56.246Z
Learnt from: jiridanek
Repo: jiridanek/rhoai-in-kind PR: 0
File: :0-0
Timestamp: 2025-06-29T15:23:56.246Z
Learning: In deployments without the OpenShift AI (OpenDataHub) operator, hardcoded status fields in DataScienceCluster YAML manifests don't pose drift risks since there's no operator to dynamically manage and potentially conflict with these values.
Applied to files:
components/03-kf-pipelines.yaml
🧬 Code graph analysis (1)
components/deploy.py (1)
components/certs.py (1)
sh(95-109)
🪛 LanguageTool
README.md
[grammar] ~98-~98: Ensure spelling is correct
Context: ...meout. If you're getting timeouts from kubect apply, increase the timeout encoded in...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🔇 Additional comments (8)
components/deploy.py (2)
9-9: LGTM!The pathlib import is appropriately used for file existence checking in the Istio download guard.
74-75: LGTM!Adding
depth=1to the kustomize GitHub reference optimizes the git clone operation by fetching only the latest commit, reducing bandwidth and deployment time.components/03-kf-pipelines.yaml (2)
31-33: LGTM!Pinning the
targetRevisiontov2.18.0improves deployment reproducibility by avoiding the unpinned:latestimages in thestable-2.xbranch. The explanatory comments provide clear rationale for this decision.
51-51: LGTM!The added comments improve maintainability by documenting the rationale for the OAuth proxy configuration and the need to override
params.envvalues.Also applies to: 81-82
README.md (1)
79-79: LGTM!Updating the workbench branch to
rhoai-2.25aligns with the PR's objective of pinning to specific versions for reproducible deployments.components/04-odh-dashboard.yaml (3)
36-39: LGTM!Pinning to
v2.37.1-odhwith clear documentation about avoiding the bring-your-own-id-connect requirement improves deployment stability and provides useful context for future maintainers.
56-65: LGTM!The ConfigMap patch effectively pins the dashboard image to
v2.37.1-odh, and the explanatory comments about kustomize's deprecatedvarfeature provide valuable context for the patching approach.
101-106: LGTM!Using digest-specified image mappings for the OAuth proxy images and pinning the dashboard to
v2.37.1-odhsignificantly improves deployment reproducibility and security. The comments clearly explain the digest requirement.
| if not pathlib.Path(f"istio-{ISTIO_VERSION}/bin/istioctl").exists(): | ||
| sh("curl -L https://istio.io/downloadIstio | sh -", env={ | ||
| "ISTIO_VERSION": ISTIO_VERSION, | ||
| "TARGET_ARCH": TARGET_ARCH, | ||
| }) |
There was a problem hiding this comment.
Consider verifying the Istio version matches.
The guard checks if istioctl exists but doesn't verify that the existing binary matches ISTIO_VERSION. If the version changes, the old binary will be used instead of downloading the new one.
This is primarily a local development concern since CI environments typically start fresh, but it could lead to subtle issues when the version is bumped.
🔎 Suggested enhancement
- if not pathlib.Path(f"istio-{ISTIO_VERSION}/bin/istioctl").exists():
+ istioctl_path = pathlib.Path(f"istio-{ISTIO_VERSION}/bin/istioctl")
+ if not istioctl_path.exists():
sh("curl -L https://istio.io/downloadIstio | sh -", env={
"ISTIO_VERSION": ISTIO_VERSION,
"TARGET_ARCH": TARGET_ARCH,
})Alternatively, for more robust version checking:
istioctl_path = pathlib.Path(f"istio-{ISTIO_VERSION}/bin/istioctl")
needs_download = not istioctl_path.exists()
if istioctl_path.exists():
# Verify version matches
version_output = sh(f"{istioctl_path} version --remote=false --short", capture_output=True, check=False)
if version_output.returncode == 0 and ISTIO_VERSION not in version_output.stdout:
needs_download = True
if needs_download:
sh("curl -L https://istio.io/downloadIstio | sh -", env={
"ISTIO_VERSION": ISTIO_VERSION,
"TARGET_ARCH": TARGET_ARCH,
})🤖 Prompt for AI Agents
In components/deploy.py around lines 77 to 81, the current guard only checks for
the presence of istioctl and may reuse an existing binary even when
ISTIO_VERSION has changed; update the logic to verify the existing istioctl
version and only skip download when it matches ISTIO_VERSION. Specifically,
compute the istioctl path, set a needs_download flag to true if the file is
missing, and if present run istioctl version (non-remote/short) capturing the
output and exit code; if the output does not contain ISTIO_VERSION (or the
command fails) set needs_download true, otherwise leave it false, and only
invoke the curl download when needs_download is true, passing the same env vars.
| ### Troubleshooting | ||
|
|
||
| Setting up the environment using this repo requires fast internet connection, otherwise things tend to timeout. | ||
|
|
||
| If you're getting timeouts from `kubect apply`, increase the timeout encoded in the URL. | ||
|
|
||
| If you're getting timeouts while syncing ArgoCD applications, try increasing the `git clone` timeout in components/01-argocd/gittimeoutconfig.yaml. | ||
| We will have the ability to do shallow clones in ArgoCD 3.0. |
There was a problem hiding this comment.
Fix typo in kubectl command.
The Troubleshooting section is a valuable addition. However, there's a typo on line 98: kubect should be kubectl.
🔎 Proposed fix
-If you're getting timeouts from `kubect apply`, increase the timeout encoded in the URL.
+If you're getting timeouts from `kubectl apply`, increase the timeout encoded in the URL.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| ### Troubleshooting | |
| Setting up the environment using this repo requires fast internet connection, otherwise things tend to timeout. | |
| If you're getting timeouts from `kubect apply`, increase the timeout encoded in the URL. | |
| If you're getting timeouts while syncing ArgoCD applications, try increasing the `git clone` timeout in components/01-argocd/gittimeoutconfig.yaml. | |
| We will have the ability to do shallow clones in ArgoCD 3.0. | |
| ### Troubleshooting | |
| Setting up the environment using this repo requires fast internet connection, otherwise things tend to timeout. | |
| If you're getting timeouts from `kubectl apply`, increase the timeout encoded in the URL. | |
| If you're getting timeouts while syncing ArgoCD applications, try increasing the `git clone` timeout in components/01-argocd/gittimeoutconfig.yaml. | |
| We will have the ability to do shallow clones in ArgoCD 3.0. |
🧰 Tools
🪛 LanguageTool
[grammar] ~98-~98: Ensure spelling is correct
Context: ...meout. If you're getting timeouts from kubect apply, increase the timeout encoded in...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🤖 Prompt for AI Agents
In README.md around lines 94 to 101, there's a typo in the Troubleshooting
section: replace the misspelled command `kubect apply` with the correct `kubectl
apply` so the instructions reference the proper CLI; update that single word in
the sentence and run a quick spell-check of surrounding commands for
consistency.
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: defaults
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/rhoai-in-kind-with-odh-tests-shiftleft.yaml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (20)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/test-jupyterlab-flask-noteb...
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/base-user-shutdown-test.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/test-folder-permissions.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0502__ide_elyra.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/custom-image.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/test-jupyterlab-git-noteboo...
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/minimal-tensorflow-test.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, **/workbenches/testWorkbenchVariables.cy.ts)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/minimal-vscode-test.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/image-iteration.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/test-pipChanges-not-permane...
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/multiple-image-tags.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, **/workbenches/workbenches.cy.ts)
- GitHub Check: rhoai-in-kind (rhoai-2.23, **/workbenches/testWorkbenchControlSuite.cy.ts)
- GitHub Check: rhoai-in-kind (rhoai-2.23, **/workbenches/testWorkbenchCreation.cy.ts)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/long-running-test-generic-d...
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/networkpolicy-test.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, **/workbenches/testWorkbenchImages.cy.ts)
- GitHub Check: rhoai-in-kind (rhoai-2.23, tests/Tests/0500__ide/0501__ide_jupyterhub/test-minimal-image.robot)
- GitHub Check: rhoai-in-kind (rhoai-2.23, **/workbenches/testWorkbenchStatus.cy.ts)
| with: | ||
| repository: opendatahub-io/opendatahub-tests | ||
| ref: main | ||
| ref: 94670b336c632ac2c0022b347444b687d9384327 # Sept 17, 2025 - last known working |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify the commit date matches the inline comment
# Try to get commit date using git ls-remote with rev-list
git ls-remote https://github.com/opendatahub-io/opendatahub-tests.git 94670b336c632ac2c0022b347444b687d9384327 2>&1
# Clone and check commit date locally
echo "---"
echo "Cloning repository to verify commit date..."
git clone --filter=blob:none --no-checkout https://github.com/opendatahub-io/opendatahub-tests.git /tmp/odh-tests-verify 2>&1 | head -5
cd /tmp/odh-tests-verify
git log -1 --format="%ci %s" 94670b336c632ac2c0022b347444b687d9384327 2>&1 || echo "Commit not found or error occurred"Repository: jiridanek/rhoai-in-kind
Length of output: 322
Update the commit date comment to September 18, 2025.
The pinning strategy is solid for CI stability. However, the date in the inline comment is off by one day—the commit hash was created on September 18, 2025, not September 17, 2025. Update the comment to: # Sept 18, 2025 - last known working
🤖 Prompt for AI Agents
In .github/workflows/rhoai-in-kind-with-odh-tests-shiftleft.yaml around line 25,
the inline comment next to the pinned ref has the wrong date; change the comment
text from "# Sept 17, 2025 - last known working" to "# Sept 18, 2025 - last
known working" so the comment matches the actual commit date.
1 participant
… and update README with troubleshooting steps
Summary by CodeRabbit
Documentation
Chores
✏️ Tip: You can customize this high-level summary in your review settings.