Skip to content

rhdh: gzip junit results in SHARED_DIR and align overlays resource limits#81313

Merged
openshift-merge-bot[bot] merged 3 commits into
openshift:mainfrom
zdrapela:gzip-junit-shared-dir
Jul 2, 2026
Merged

rhdh: gzip junit results in SHARED_DIR and align overlays resource limits#81313
openshift-merge-bot[bot] merged 3 commits into
openshift:mainfrom
zdrapela:gzip-junit-shared-dir

Conversation

@zdrapela

@zdrapela zdrapela commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

https://redhat.atlassian.net/browse/RHDHBUGS-3428

Problem

The junit-results.xml on the overlays main branch exceeds the Kubernetes Secret 1 MiB size limit. ci-operator's entrypoint-wrapper syncs SHARED_DIR contents into a Secret, but after base64 encoding the effective raw limit is ~768 KB. The junit file grew past this due to coverage <property> tags and increased test/workspace count.

Run junit size (raw) base64 in Secret vs 1 MiB limit Result
Jun 24 (main, last working) 628 KB ~0.80 MiB under Secret updated, RP report sent
Jun 25 (main, first broken) 2,674 KB ~3.4 MiB way over Secret update fails, SHARED_DIR empty
Jun 30 (main) 1,083 KB ~1.38 MiB over Secret update fails, SHARED_DIR empty
Jun 30 (release-1.10) 609 KB ~0.77 MiB under Secret updated, RP report sent

Fix

1. Gzip junit in SHARED_DIR

Gzip junit XML before writing to SHARED_DIR (XML compresses ~10-15x), decompress in the data-router steps to ARTIFACT_DIR before processing and sending to Data Router.

  • overlays ocp-helm step: gzip junit + 800 KB size check before writing to SHARED_DIR
  • overlays send-data-router step: decompress .gz to ARTIFACT_DIR/data-router/, fall back to plain XML for backward compat
  • rhdh send-data-router step: same decompression + fallback (preventive — activated by a follow-up PR in redhat-developer/rhdh)

2. Align resource limits

  • overlays ocp-helm ref: align resource requests/limits with rhdh ocp-helm step (CPU: 1/10, Memory: 1Gi/5Gi)

3. Harden data-router error handling

Both scripts:

  • Remove set +o nounset (all env vars have default: "" in ref YAML, so nounset is safe)
  • Fix unbound $GIT_PR_NUMBER and $TAG_NAME references in rhdh data-router (${VAR:-})

Overlays data-router — fail on genuine errors (no send-alert step exists for notification):

  • Missing junit (test step crash or gzip overflow): return 1 → step fails → visible in Prow
  • droute send failure after max retries: return 1
  • Missing secrets: return 1 (unchanged)

RHDH data-router — never fail the job (has send-alert as notification backstop):

  • Add explicit exit 0 at end of script
  • Change ERROR to WARNING for missing junit

Follow-up

A separate PR in redhat-developer/rhdh will update .ci/pipelines/lib/testing.sh to gzip junit files before writing to SHARED_DIR. The RHDH data-router change here handles both compressed and uncompressed files, so there is no ordering dependency.

Summary by CodeRabbit

This PR updates the RHDH plugin export CI flow to avoid Secret size failures and to make Data Router processing work with the new compressed junit handoff.

  • The ocp-helm artifact collection step now gzips junit-results.xml before placing it in SHARED_DIR, with a size guard to skip oversized archives that could still break Secret updates.
  • The send-data-router step for ocp-helm now consumes the gzipped junit file from SHARED_DIR, decompresses it into ARTIFACT_DIR, and sends results from that local artifact path.
  • The RHDH send-data-router step was updated to process junit files from ARTIFACT_DIR/data-router, support both gzipped and plain XML inputs, and keep retry-based error handling aligned with CI failure behavior.
  • The ocp-helm step resource requests/limits were adjusted to match the RHDH step profile.

The junit-results.xml on the overlays main branch exceeds the Kubernetes
Secret 1 MiB size limit, causing the SHARED_DIR Secret update to fail
and leaving the send-data-router step with no junit file to report.

Fix by gzipping junit XML before writing to SHARED_DIR (XML compresses
~10-15x) and decompressing in the data-router steps to ARTIFACT_DIR
before processing and sending to Data Router.

Changes:
- overlays ocp-helm: gzip junit + 800 KB size check before SHARED_DIR
- overlays send-data-router: decompress .gz to ARTIFACT_DIR, fall back
  to plain XML for backward compat
- rhdh send-data-router: same decompression + fallback (preventive,
  activated by a follow-up PR in redhat-developer/rhdh)

Assisted-by: OpenCode
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Walkthrough

The PR updates JUnit report handling for Data Router send steps to use artifact-local files, adds gzip support and size checks for exported reports, and changes CI runner CPU and memory values.

Changes

JUnit artifact handling and Data Router send flow

Layer / File(s) Summary
Gzipped JUnit export
ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/ocp/helm/redhat-developer-rhdh-plugin-export-overlays-ocp-helm-commands.sh
Gzips the Playwright JUnit report, measures its compressed size, and removes it when it exceeds the configured threshold.
Overlay send preprocessing and upload
ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh
Stages JUnit input into data-router/, supports gzipped and plain files, validates the processed file, and sends results from the artifact directory with updated retry failure handling.
RHDH send preprocessing and upload
ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh
Stages JUnit input into data-router/, updates metadata defaulting, skips upload when no files are present, and exits successfully after the reporting step.
Runner resources
ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/ocp/helm/redhat-developer-rhdh-plugin-export-overlays-ocp-helm-ref.yaml
Changes the CI runner CPU and memory requests and limits values.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Suggested labels: rehearsals-ack

Sequence Diagram(s)

sequenceDiagram
  participant HelmExportScript
  participant OverlaySendScript
  participant RHDHSendScript
  participant droute

  HelmExportScript->>OverlaySendScript: produce junit-results.xml.gz
  OverlaySendScript->>droute: send staged junit-results.xml
  RHDHSendScript->>droute: send staged junit-results-*.xml
Loading

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error)

Check name Status Explanation Resolution
No-Sensitive-Data-In-Logs ❌ Error FAIL: both data-router scripts use --verbose --wirelog and then echo "${output}", so failures can dump auth headers/hostnames to logs. Remove wirelog/raw output from stdout, or redact it; log only a request ID and sanitized error summary, never credentials, URLs, or headers.
✅ Passed checks (14 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main changes: gzipping JUnit results in SHARED_DIR and aligning overlay resource limits.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed PR only changes shell scripts and YAML; no Ginkgo test titles or dynamic It/Describe/Context/When names were added.
Test Structure And Quality ✅ Passed No Ginkgo test files were changed; the PR only touches shell scripts and YAML, so the test-structure checklist is not applicable.
Microshift Test Compatibility ✅ Passed No Go/Ginkgo test files or added It/Describe/Context/When blocks were changed; the PR only touches CI scripts and YAML configs.
Single Node Openshift (Sno) Test Compatibility ✅ Passed No Ginkgo e2e tests were added or modified; the PR only changes CI shell scripts and a YAML ref, so SNO compatibility is not applicable.
Topology-Aware Scheduling Compatibility ✅ Passed No pod scheduling constraints were added; the PR only changes ci-operator step scripts and resource requests/limits, so topology assumptions are unaffected.
Ote Binary Stdout Contract ✅ Passed PR only changes ci-operator shell step scripts, not OTE binaries or process-level Go entrypoints; no stdout/JSON contract violation is present.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed No new Ginkgo e2e specs were added; the PR only touches step-registry shell/YAML files, and no It/Describe/Context/When or IPv4/external-network patterns were found.
No-Weak-Crypto ✅ Passed No MD5/SHA1/DES/RC4/3DES/Blowfish/ECB, custom crypto, or secret/token comparisons were introduced in the changed scripts.
Container-Privileges ✅ Passed Only CPU/memory resources changed; no privileged, hostPID/Network/IPC, securityContext, capabilities, or allowPrivilegeEscalation fields were added.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 1, 2026
@openshift-ci openshift-ci Bot requested review from albarbaro and gustavolira July 1, 2026 08:52
@zdrapela

zdrapela commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

/pj-rehearse periodic-ci-redhat-developer-rhdh-plugin-export-overlays-main-e2e-ocp-helm-nightly

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@zdrapela: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh`:
- Around line 96-105: Treat the missing JUnit case as a normal skip in
process_junit_file and the downstream send-step check, not as a failure. Update
the logic in
redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh so
that when junit-results.xml.gz and junit-results.xml are both absent, it exits
the helper cleanly and the later verification around the data-router junit
output does not abort the step. Keep the behavior aligned with
process_junit_file and the check near the send-step validation so the
overflow/capped-report path is tolerated.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: adcc4158-ebcb-4431-abc5-f2165ca0b212

📥 Commits

Reviewing files that changed from the base of the PR and between c21770a and 9ece747.

📒 Files selected for processing (3)
  • ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/ocp/helm/redhat-developer-rhdh-plugin-export-overlays-ocp-helm-commands.sh
  • ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh
  • ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh

Match the RHDH ocp-helm step resource specs:
- CPU: 1 request / 10 limit (was 2 / 4)
- Memory: 1Gi request / 5Gi limit (was 6Gi / 8Gi)

Assisted-by: OpenCode
@zdrapela

zdrapela commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

/pj-rehearse periodic-ci-redhat-developer-rhdh-plugin-export-overlays-main-e2e-ocp-helm-nightly

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@zdrapela: your /pj-rehearse request was not processed because the request waited in queue for longer than 5 minutes. Please retry in a few minutes.

@zdrapela zdrapela changed the title rhdh: gzip junit results in SHARED_DIR to avoid Secret size limit rhdh: gzip junit results in SHARED_DIR and align overlays resource limits Jul 1, 2026
@zdrapela

zdrapela commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

/pj-rehearse periodic-ci-redhat-developer-rhdh-plugin-export-overlays-main-e2e-ocp-helm-nightly

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@zdrapela: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@zdrapela

zdrapela commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

/pj-rehearse ack

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@zdrapela: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@openshift-merge-bot openshift-merge-bot Bot added the rehearsals-ack Signifies that rehearsal jobs have been acknowledged label Jul 1, 2026
- Remove set +o nounset (all env vars have defaults in ref YAML)
- Add explicit exit 0 to guarantee the step never fails the CI job
- Change ERROR to WARNING for missing junit (expected in overflow case)
- Fix unbound GIT_PR_NUMBER and TAG_NAME references in rhdh data-router
- Add comments explaining the set +o errexit contract

Assisted-by: OpenCode
@openshift-merge-bot openshift-merge-bot Bot removed the rehearsals-ack Signifies that rehearsal jobs have been acknowledged label Jul 2, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh (1)

103-117: 🗄️ Data Integrity & Integration | 🟠 Major | ⚡ Quick win

Stage decompressed XML atomically before suppressing fallback.

With errexit disabled, a failed gunzip can leave an empty/partial XML at the final path. Line 116 then skips copying a valid plain XML fallback because the file exists.

Proposed fix
   for junit_gz in "${SHARED_DIR}"/junit-results-*.xml.gz; do
     if [[ -f "$junit_gz" ]]; then
       local filename
       filename=$(basename "${junit_gz%.gz}")
-      gunzip -c "$junit_gz" > "${ARTIFACT_DIR}/data-router/${filename}"
-      echo "Decompressed $(basename "$junit_gz") -> ${ARTIFACT_DIR}/data-router/${filename}"
+      local staged_file="${ARTIFACT_DIR}/data-router/${filename}"
+      local tmp_file="${staged_file}.tmp"
+      if gunzip -c "$junit_gz" > "$tmp_file"; then
+        mv "$tmp_file" "$staged_file"
+        echo "Decompressed $(basename "$junit_gz") -> ${staged_file}"
+      else
+        rm -f "$tmp_file"
+        echo "WARNING: Failed to decompress $(basename "$junit_gz"); plain XML fallback will be used if present"
+      fi
     fi
   done
@@
-      if [[ ! -f "${ARTIFACT_DIR}/data-router/${filename}" ]]; then
+      if [[ ! -s "${ARTIFACT_DIR}/data-router/${filename}" ]]; then
         cp "$junit_shared" "${ARTIFACT_DIR}/data-router/${filename}"
         echo "Copied ${filename} from SHARED_DIR to ARTIFACT_DIR"
       fi
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh`
around lines 103 - 117, The fallback copy logic in
redhat-developer-rhdh-send-data-router-commands.sh can be skipped after a failed
gunzip because the decompressed file is written directly to the final artifact
path. Update the junit handling loop around the existing gunzip/cp logic to
stage decompressed output atomically (for example via a temporary file and
rename only on success) or otherwise verify successful decompression before
creating the final XML path, so the plain XML copy in the junit_shared loop
still runs when decompression fails.
🧹 Nitpick comments (2)
ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh (2)

99-104: 🗄️ Data Integrity & Integration | 🔵 Trivial | ⚡ Quick win

Unchecked gunzip/cp exit status can silently propagate a corrupt/empty JUnit file.

Neither the gunzip -c ... > "$junit_file" nor the cp "$junit_shared" "$junit_file" branch checks command success. With errexit disabled, a corrupted .gz or a failed copy still leaves $junit_file present (possibly empty/truncated) — the downstream existence check at Line 269-273 would pass, and a bad/empty report could be sent to Data Router without any error surfaced.

🩹 Proposed fix
   if [[ -f "$junit_gz" ]]; then
-    gunzip -c "$junit_gz" > "$junit_file"
-    echo "Decompressed junit-results.xml.gz -> ${junit_file}"
+    if ! gunzip -c "$junit_gz" > "$junit_file"; then
+      echo "ERROR: Failed to decompress ${junit_gz}"
+      return 1
+    fi
+    echo "Decompressed junit-results.xml.gz -> ${junit_file}"
   elif [[ -f "$junit_shared" ]]; then
-    cp "$junit_shared" "$junit_file"
-    echo "Copied junit-results.xml from SHARED_DIR to ARTIFACT_DIR"
+    if ! cp "$junit_shared" "$junit_file"; then
+      echo "ERROR: Failed to copy ${junit_shared}"
+      return 1
+    fi
+    echo "Copied junit-results.xml from SHARED_DIR to ARTIFACT_DIR"
   else
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh`
around lines 99 - 104, The JUnit file preparation in the data-router commands
script does not verify whether the `gunzip` or `cp` branch actually succeeded,
so a bad archive or failed copy can still leave a bogus `$junit_file` behind.
Update the logic around the `gunzip -c` and `cp` calls to explicitly check their
exit status (or fail fast on error) before proceeding, and only log success when
the file was actually created correctly. Use the `junit_gz`, `junit_shared`, and
`junit_file` branches in this script to locate the fix.

261-261: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

process_junit_file return code is ignored at the call site.

Failures inside process_junit_file (e.g. the sed rewrites, or the fix above returning 1) aren't checked here; the script only detects failure indirectly via the file-existence probe at Line 269-273. Explicitly checking the return value would make the failure path clearer and avoid relying solely on a side-effect check.

♻️ Suggested fix
-  process_junit_file
+  process_junit_file || return 1
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh`
at line 261, The call to process_junit_file is ignoring its return code, so
failures from the function can be missed until the later file-existence check.
Update the call site in the data-router commands script to capture and
immediately check process_junit_file’s exit status, and handle a non-zero result
explicitly before continuing; use the process_junit_file symbol to locate the
fix.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh`:
- Line 231: The `redhat-developer-rhdh-send-data-router-commands.sh` PR metadata
argument is only reading `GIT_PR_NUMBER`, which leaves `pr` empty when the job
is identified by `PULL_NUMBER` instead. Update the `--arg pr` value in the
data-router command assembly to fall back to `PULL_NUMBER` when `GIT_PR_NUMBER`
is unset, while keeping the existing PR-job detection logic consistent. Use the
same PR metadata handling path in this script so the emitted `pr` attribute is
preserved for both environment variable sources.

---

Outside diff comments:
In
`@ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh`:
- Around line 103-117: The fallback copy logic in
redhat-developer-rhdh-send-data-router-commands.sh can be skipped after a failed
gunzip because the decompressed file is written directly to the final artifact
path. Update the junit handling loop around the existing gunzip/cp logic to
stage decompressed output atomically (for example via a temporary file and
rename only on success) or otherwise verify successful decompression before
creating the final XML path, so the plain XML copy in the junit_shared loop
still runs when decompression fails.

---

Nitpick comments:
In
`@ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh`:
- Around line 99-104: The JUnit file preparation in the data-router commands
script does not verify whether the `gunzip` or `cp` branch actually succeeded,
so a bad archive or failed copy can still leave a bogus `$junit_file` behind.
Update the logic around the `gunzip -c` and `cp` calls to explicitly check their
exit status (or fail fast on error) before proceeding, and only log success when
the file was actually created correctly. Use the `junit_gz`, `junit_shared`, and
`junit_file` branches in this script to locate the fix.
- Line 261: The call to process_junit_file is ignoring its return code, so
failures from the function can be missed until the later file-existence check.
Update the call site in the data-router commands script to capture and
immediately check process_junit_file’s exit status, and handle a non-zero result
explicitly before continuing; use the process_junit_file symbol to locate the
fix.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 7f312f2e-367f-40c3-9281-fb02b1edf9c9

📥 Commits

Reviewing files that changed from the base of the PR and between e11ea9f and cd985dd.

📒 Files selected for processing (2)
  • ci-operator/step-registry/redhat-developer/rhdh-plugin-export-overlays/send/data-router/redhat-developer-rhdh-plugin-export-overlays-send-data-router-commands.sh
  • ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh

--arg description "[View job run details](${JOB_URL})" \
--arg job_type "$JOB_TYPE" \
--arg pr "$GIT_PR_NUMBER" \
--arg pr "${GIT_PR_NUMBER:-}" \

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🗄️ Data Integrity & Integration | 🟡 Minor | ⚡ Quick win

Preserve PR metadata from PULL_NUMBER when GIT_PR_NUMBER is absent.

This file already uses PULL_NUMBER to detect PR jobs, but the new default emits an empty pr attribute when only PULL_NUMBER is set.

Proposed fix
-    --arg pr "${GIT_PR_NUMBER:-}" \
+    --arg pr "${GIT_PR_NUMBER:-${PULL_NUMBER:-}}" \
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
--arg pr "${GIT_PR_NUMBER:-}" \
--arg pr "${GIT_PR_NUMBER:-${PULL_NUMBER:-}}" \
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/step-registry/redhat-developer/rhdh/send/data-router/redhat-developer-rhdh-send-data-router-commands.sh`
at line 231, The `redhat-developer-rhdh-send-data-router-commands.sh` PR
metadata argument is only reading `GIT_PR_NUMBER`, which leaves `pr` empty when
the job is identified by `PULL_NUMBER` instead. Update the `--arg pr` value in
the data-router command assembly to fall back to `PULL_NUMBER` when
`GIT_PR_NUMBER` is unset, while keeping the existing PR-job detection logic
consistent. Use the same PR metadata handling path in this script so the emitted
`pr` attribute is preserved for both environment variable sources.

@zdrapela zdrapela force-pushed the gzip-junit-shared-dir branch from cd985dd to 460158c Compare July 2, 2026 07:40
@openshift-merge-bot

Copy link
Copy Markdown
Contributor

[REHEARSALNOTIFIER]
@zdrapela: the pj-rehearse plugin accommodates running rehearsal tests for the changes in this PR. Expand 'Interacting with pj-rehearse' for usage details. The following rehearsable tests have been affected by this change:

Test name Repo Type Reason
pull-ci-redhat-developer-rhdh-plugin-export-overlays-main-e2e-ocp-helm redhat-developer/rhdh-plugin-export-overlays presubmit Registry content changed
pull-ci-redhat-developer-rhdh-plugin-export-overlays-release-1.10-e2e-ocp-helm redhat-developer/rhdh-plugin-export-overlays presubmit Registry content changed
pull-ci-redhat-developer-rhdh-main-e2e-ocp-helm redhat-developer/rhdh presubmit Registry content changed
pull-ci-redhat-developer-rhdh-release-1.10-e2e-ocp-helm redhat-developer/rhdh presubmit Registry content changed
pull-ci-redhat-developer-rhdh-release-1.9-e2e-ocp-helm redhat-developer/rhdh presubmit Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-ocp-v4-21-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-ocp-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-aks-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-ocp-v4-21-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.9-e2e-aks-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-osd-gcp-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-eks-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-ocp-disconnected-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-aks-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-ocp-v4-20-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.9-e2e-gke-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-ocp-disconnected-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-ocp-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-gke-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-osd-gcp-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-gke-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-osd-gcp-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.10-e2e-eks-operator-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-release-1.9-e2e-ocp-v4-16-helm-nightly N/A periodic Registry content changed
periodic-ci-redhat-developer-rhdh-main-e2e-gke-operator-nightly N/A periodic Registry content changed

A total of 60 jobs have been affected by this change. The above listing is non-exhaustive and limited to 25 jobs.

A full list of affected jobs can be found here

Interacting with pj-rehearse

Comment: /pj-rehearse to run up to 5 rehearsals
Comment: /pj-rehearse skip to opt-out of rehearsals
Comment: /pj-rehearse {test-name}, with each test separated by a space, to run one or more specific rehearsals
Comment: /pj-rehearse more to run up to 10 rehearsals
Comment: /pj-rehearse max to run up to 25 rehearsals
Comment: /pj-rehearse auto-ack to run up to 5 rehearsals, and add the rehearsals-ack label on success
Comment: /pj-rehearse list to get an up-to-date list of affected jobs
Comment: /pj-rehearse abort to abort all active rehearsals
Comment: /pj-rehearse network-access-allowed to allow rehearsals of tests that have the restrict_network_access field set to false. This must be executed by an openshift org member who is not the PR author

Once you are satisfied with the results of the rehearsals, comment: /pj-rehearse ack to unblock merge. When the rehearsals-ack label is present on your PR, merge will no longer be blocked by rehearsals.
If you would like the rehearsals-ack label removed, comment: /pj-rehearse reject to re-block merging.

@openshift-ci

openshift-ci Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

@zdrapela: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/rehearse/periodic-ci-redhat-developer-rhdh-plugin-export-overlays-main-e2e-ocp-helm-nightly e11ea9f link unknown /pj-rehearse periodic-ci-redhat-developer-rhdh-plugin-export-overlays-main-e2e-ocp-helm-nightly

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@zdrapela

zdrapela commented Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

/pj-rehearse ack

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

@zdrapela: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

@openshift-merge-bot openshift-merge-bot Bot added the rehearsals-ack Signifies that rehearsal jobs have been acknowledged label Jul 2, 2026

@rm3l rm3l left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Jul 2, 2026
@openshift-ci

openshift-ci Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rm3l, zdrapela

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot Bot merged commit dca4381 into openshift:main Jul 2, 2026
11 checks passed
zdrapela added a commit to zdrapela/rhdh that referenced this pull request Jul 2, 2026
Gzip junit XML before writing to SHARED_DIR to stay under the
Kubernetes Secret 1 MiB size limit. Raw junit XML can exceed this
when coverage <property> tags and many test cases are present. XML
compresses ~10-15x with gzip, keeping even large files well under
the limit.

Also adds a safety check that removes the gzipped file if it still
exceeds 800 KB after compression, and validates the source file
exists before attempting the copy.

The data-router step in openshift/release already handles both .gz
and plain .xml formats (openshift/release#81313).

Assisted-by: OpenCode
openshift-merge-bot Bot pushed a commit to redhat-developer/rhdh that referenced this pull request Jul 2, 2026
Gzip junit XML before writing to SHARED_DIR to stay under the
Kubernetes Secret 1 MiB size limit. Raw junit XML can exceed this
when coverage <property> tags and many test cases are present. XML
compresses ~10-15x with gzip, keeping even large files well under
the limit.

Also adds a safety check that removes the gzipped file if it still
exceeds 800 KB after compression, and validates the source file
exists before attempting the copy.

The data-router step in openshift/release already handles both .gz
and plain .xml formats (openshift/release#81313).

Assisted-by: OpenCode
krisnababu pushed a commit to oharan2/release that referenced this pull request Jul 3, 2026
…mits (openshift#81313)

* rhdh: gzip junit results in SHARED_DIR to avoid Secret size limit

The junit-results.xml on the overlays main branch exceeds the Kubernetes
Secret 1 MiB size limit, causing the SHARED_DIR Secret update to fail
and leaving the send-data-router step with no junit file to report.

Fix by gzipping junit XML before writing to SHARED_DIR (XML compresses
~10-15x) and decompressing in the data-router steps to ARTIFACT_DIR
before processing and sending to Data Router.

Changes:
- overlays ocp-helm: gzip junit + 800 KB size check before SHARED_DIR
- overlays send-data-router: decompress .gz to ARTIFACT_DIR, fall back
  to plain XML for backward compat
- rhdh send-data-router: same decompression + fallback (preventive,
  activated by a follow-up PR in redhat-developer/rhdh)

Assisted-by: OpenCode

* rhdh overlays: align ocp-helm resource requests/limits with rhdh

Match the RHDH ocp-helm step resource specs:
- CPU: 1 request / 10 limit (was 2 / 4)
- Memory: 1Gi request / 5Gi limit (was 6Gi / 8Gi)

Assisted-by: OpenCode

* rhdh: harden data-router scripts error handling

- Remove set +o nounset (all env vars have defaults in ref YAML)
- Add explicit exit 0 to guarantee the step never fails the CI job
- Change ERROR to WARNING for missing junit (expected in overflow case)
- Fix unbound GIT_PR_NUMBER and TAG_NAME references in rhdh data-router
- Add comments explaining the set +o errexit contract

Assisted-by: OpenCode
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. rehearsals-ack Signifies that rehearsal jobs have been acknowledged

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants