refactor(ci): modularize pipeline utilities into lib/ structure #3817

gustavolira · 2025-12-08T14:10:35Z

Description

Extract common functions from utils.sh into focused modules to improve maintainability and reduce code duplication.

Which issue(s) does this PR fix

Fixes https://issues.redhat.com/browse/RHIDP-11006

PR acceptance criteria

Please make sure that the following steps are complete:

GitHub Actions are completed and successful
Unit Tests are updated and passing
E2E Tests are updated and passing
Documentation is updated if necessary (requirement for new features)
Add a screenshot if the change is UX/UI related

How to test changes / Special notes to the reviewer

gustavolira · 2025-12-08T14:11:19Z

/review

rhdh-qodo-merge · 2025-12-08T14:11:47Z

PR Reviewer Guide 🔍

(Review updated until commit `b3ffc23`)

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
🏅 Score: 86
🔒 Security concerns Sensitive information handling: common::oc_login echoes "OCP version: $(oc version)". If oc is configured to print server URLs, ensure no tokens are included. Also, several functions manipulate secrets (Postgres credentials) and patch files using sed; confirm no secrets are logged. Add explicit checks to avoid echoing sensitive env vars (like K8S_CLUSTER_TOKEN) on failures.
🔀 Multiple PR themes Sub-PR theme: Extract common, wait, and operator modules and wire into utils.sh Relevant files: .ibm/pipelines/lib/common.sh .ibm/pipelines/lib/k8s-wait.sh .ibm/pipelines/lib/operators.sh .ibm/pipelines/utils.sh Sub-PR theme: Refactor jobs to use common::oc_login and new lib utilities Relevant files: .ibm/pipelines/jobs/auth-providers.sh .ibm/pipelines/jobs/ocp-nightly.sh .ibm/pipelines/jobs/ocp-operator.sh .ibm/pipelines/jobs/ocp-pull.sh .ibm/pipelines/jobs/upgrade.sh Sub-PR theme: Documentation updates for modular pipeline libraries Relevant files: .ibm/pipelines/README.md .ibm/pipelines/lib/README.md
⚡ Recommended focus areas for review Matching Pods k8s_wait::deployment picks the first pod whose name matches the resource string via grep. This can select unintended pods (partial matches, multiple replicas) and miss readiness of Deployments/StatefulSets. Consider scoping by label/owner or using rollout status for Deployment/StatefulSet to avoid flaky waits. for ((i = 1; i <= max_attempts; i++)); do local pod_name pod_name=$(oc get pods -n "$namespace" \| grep "$resource_name" \| awk '{print $1}' \| head -n 1) if [[ -n "$pod_name" ]]; then local pod_ready_status pod_ready_status=$(oc get pod "$pod_name" -n "$namespace" -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}') if [[ "$pod_ready_status" == "True" ]]; then log::success "Resource '$resource_name' is ready in namespace '$namespace'" return 0 fi local container_statuses container_statuses=$(oc get pod "$pod_name" -n "$namespace" -o jsonpath='{.status.containerStatuses}') log::debug "Pod '$pod_name' status: Ready=$pod_ready_status, Containers=$container_statuses" else log::debug "No pods found matching '$resource_name' in namespace '$namespace'" fi
📚 Focus areas based on broader codebase context Missing Dependency Check The function `common::oc_login` calls `log::error`, but this module does not source the logging library. Ensure `lib/log.sh` is sourced or avoid using `log::` calls here to prevent runtime errors when used standalone. (Ref 8) common::oc_login() { if ! command -v oc &> /dev/null; then log::error "oc command not found. Please install OpenShift CLI." return 1 fi oc login --token="${K8S_CLUSTER_TOKEN}" --server="${K8S_CLUSTER_URL}" --insecure-skip-tls-verify=true echo "OCP version: $(oc version)" return 0 Reference reasoning: Other bash utilities in the referenced scripts rely on local logging helpers before calling log functions, demonstrating the pattern of ensuring dependencies are available within the script context.
📄 References redhat-developer/rhdh-operator/hack/validate-image-digests.sh [1-55] redhat-developer/rhdh-operator/hack/validate-image-digests.sh [56-69] redhat-developer/rhdh-operator/hack/validate-image-digests.sh [104-145] redhat-developer/rhdh-operator/hack/validate-image-digests.sh [71-103] redhat-developer/rhdh-operator/hack/validate-image-digests.sh [146-157] redhat-developer/rhdh-operator/hack/validate-image-digests.sh [159-190] redhat-developer/rhdh-operator/hack/validate-image-digests.sh [192-199] redhat-developer/rhdh-operator/config/profile/rhdh/plugin-infra/plugin-infra.sh [1-49]

gustavolira · 2025-12-08T14:51:27Z

/review
-i
--pr_reviewer.require_score_review=true
--pr_reviewer.require_can_be_split_review=true
--pr_reviewer.require_soc2_ticket=false
--pr_reviewer.num_code_suggestions="2"

rhdh-qodo-merge · 2025-12-08T14:51:58Z

Persistent review updated to latest commit b3ffc23

gustavolira · 2025-12-08T14:57:08Z

/improve
--pr_code_suggestions.num_code_suggestions_per_chunk="2"
--pr_code_suggestions.commitable_code_suggestions=true

.ibm/pipelines/lib/common.sh

.ibm/pipelines/lib/k8s-wait.sh

github-actions · 2025-12-08T16:02:10Z

The image is available at:

github-actions · 2025-12-08T16:54:52Z

The image is available at:

zdrapela · 2025-12-09T13:53:30Z

Just testing my privileges /approve

zdrapela · 2025-12-09T13:53:54Z

/approve

zdrapela · 2025-12-09T13:54:32Z

/unapprove

zdrapela · 2025-12-09T13:54:54Z

/remove-approve

zdrapela · 2025-12-09T13:55:18Z

/lgtm

…rator deployment Updated the `deploy_rhdh_operator` function to wait for either a PostgresCluster or StatefulSet resource to be created by the operator. Improved logging to provide clarity on which resource is being checked and added error handling for cases where neither resource is created within the specified wait time. This change enhances the reliability of the deployment process and aids in troubleshooting.

…sources Refined the `deploy_rhdh_operator` function to eliminate unnecessary whitespace and improve the clarity of the wait mechanism for database resource creation. This update enhances the readability of the code while maintaining the existing functionality and logging for resource checks.

github-actions · 2026-01-07T22:49:33Z

The image is available at:

/test e2e-ocp-helm

gustavolira · 2026-01-07T23:54:21Z

/test e2e-ocp-operator-nightly

gustavolira · 2026-01-07T23:54:36Z

/test e2e-ocp-operator-nightly

github-actions · 2026-01-07T23:54:56Z

🚫 Image Push Skipped.

The container image push was skipped because the build was skipped (either due to [skip-build] tag or no relevant changes with existing image)

/test e2e-ocp-helm

gustavolira · 2026-01-08T12:05:54Z

/test e2e-ocp-operator-nightly

Refined the `enable_orchestrator_plugins_op` function to improve the process of enabling orchestrator plugins. This update includes extracting and merging custom and default dynamic plugins, applying the merged configmap, and restarting the Backstage deployment. Enhanced logging and error handling were added to ensure clarity and reliability during the plugin enabling process.

github-actions · 2026-01-08T13:47:39Z

🚫 Image Push Skipped.

The container image push was skipped because the build was skipped (either due to [skip-build] tag or no relevant changes with existing image)

/test e2e-ocp-helm

gustavolira · 2026-01-08T14:39:45Z

/test e2e-ocp-operator-nightly

…r Backstage resource Enhanced the `deploy_rhdh_operator` function to log an error if the Backstage deployment is not created within the specified wait time. Added additional logging to check the status of the Backstage CR and the operator logs for better troubleshooting. This change improves the reliability of the deployment process and aids in identifying issues during the Backstage resource creation.

github-actions · 2026-01-08T15:10:27Z

🚫 Image Push Skipped.

The container image push was skipped because the build was skipped (either due to [skip-build] tag or no relevant changes with existing image)

/test e2e-ocp-helm

gustavolira · 2026-01-08T15:18:22Z

/test e2e-ocp-operator-nightly

gustavolira · 2026-01-08T17:34:44Z

/test e2e-ocp-operator-nightly

…p function Updated the plugin merging process in the `enable_orchestrator_plugins_op` function to utilize yq for improved clarity and efficiency. The new implementation merges default and custom plugins while ensuring deduplication by package name, enhancing the robustness of plugin management and maintaining custom plugin precedence.

github-actions · 2026-01-08T19:29:15Z

The image is available at:

/test e2e-ocp-helm

gustavolira · 2026-01-08T21:28:28Z

/test e2e-ocp-operator-nightly

…utils.sh Removed the wait logic for Backstage deployment readiness after enabling orchestrator plugins. Updated logging to clarify that deployment verification will occur in subsequent calls, enhancing the clarity of the process.

sonarqubecloud · 2026-01-08T23:13:56Z

Quality Gate passed

Issues
4 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

github-actions · 2026-01-09T00:08:55Z

The image is available at:

/test e2e-ocp-helm

openshift-ci · 2026-01-09T00:46:07Z

@gustavolira: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-aks-helm-nightly	`7fef4a8`	link	false	`/test e2e-aks-helm-nightly`
ci/prow/e2e-ocp-operator-nightly	`36b154a`	link	false	`/test e2e-ocp-operator-nightly`
ci/prow/e2e-ocp-helm	`403a04e`	link	true	`/test e2e-ocp-helm`

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci bot requested review from albarbaro and psrna December 8, 2025 14:10

gustavolira temporarily deployed to internal December 8, 2025 14:10 — with GitHub Actions Inactive

rhdh-qodo-merge bot added the Review effort 3/5 label Dec 8, 2025

gustavolira force-pushed the refactor-utils branch from 3d348ac to 40969eb Compare December 8, 2025 14:18

gustavolira temporarily deployed to internal December 8, 2025 14:19 — with GitHub Actions Inactive

gustavolira temporarily deployed to internal December 8, 2025 14:45 — with GitHub Actions Inactive

rhdh-qodo-merge bot added the Possible security concern label Dec 8, 2025

rhdh-qodo-merge bot reviewed Dec 8, 2025

View reviewed changes

.ibm/pipelines/lib/common.sh Show resolved Hide resolved

.ibm/pipelines/lib/k8s-wait.sh Show resolved Hide resolved

gustavolira force-pushed the refactor-utils branch from b3ffc23 to a53e723 Compare December 8, 2025 15:06

gustavolira temporarily deployed to internal December 8, 2025 15:06 — with GitHub Actions Inactive

gustavolira force-pushed the refactor-utils branch from a53e723 to bfbb110 Compare December 8, 2025 16:01

gustavolira temporarily deployed to internal December 8, 2025 16:01 — with GitHub Actions Inactive

openshift-ci bot added the approved label Dec 9, 2025

openshift-ci bot removed the approved label Dec 9, 2025

openshift-ci bot assigned zdrapela Dec 9, 2025

openshift-ci bot added lgtm approved labels Dec 9, 2025

gustavolira temporarily deployed to internal January 7, 2026 21:47 — with GitHub Actions Inactive

gustavolira temporarily deployed to internal January 7, 2026 21:53 — with GitHub Actions Inactive

gustavolira closed this Jan 7, 2026

gustavolira reopened this Jan 7, 2026

gustavolira temporarily deployed to internal January 7, 2026 23:54 — with GitHub Actions Inactive

gustavolira temporarily deployed to internal January 8, 2026 13:47 — with GitHub Actions Inactive

gustavolira temporarily deployed to internal January 8, 2026 15:10 — with GitHub Actions Inactive

gustavolira temporarily deployed to internal January 8, 2026 18:31 — with GitHub Actions Inactive

gustavolira temporarily deployed to internal January 8, 2026 23:13 — with GitHub Actions Inactive

refactor(ci): modularize pipeline utilities into lib/ structure #3817

Are you sure you want to change the base?

refactor(ci): modularize pipeline utilities into lib/ structure #3817

Conversation

gustavolira commented Dec 8, 2025

Description

Which issue(s) does this PR fix

PR acceptance criteria

How to test changes / Special notes to the reviewer

Uh oh!

gustavolira commented Dec 8, 2025

Uh oh!

rhdh-qodo-merge bot commented Dec 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

PR Reviewer Guide 🔍

(Review updated until commit b3ffc23)

Uh oh!

gustavolira commented Dec 8, 2025

Uh oh!

rhdh-qodo-merge bot commented Dec 8, 2025

Uh oh!

gustavolira commented Dec 8, 2025

Uh oh!

Uh oh!

Uh oh!

github-actions bot commented Dec 8, 2025

Uh oh!

github-actions bot commented Dec 8, 2025

Uh oh!

zdrapela commented Dec 9, 2025

Uh oh!

zdrapela commented Dec 9, 2025

Uh oh!

zdrapela commented Dec 9, 2025

Uh oh!

zdrapela commented Dec 9, 2025

Uh oh!

zdrapela commented Dec 9, 2025

Uh oh!

github-actions bot commented Jan 7, 2026

Uh oh!

gustavolira commented Jan 7, 2026

Uh oh!

gustavolira commented Jan 7, 2026

Uh oh!

github-actions bot commented Jan 7, 2026

Uh oh!

gustavolira commented Jan 8, 2026

Uh oh!

github-actions bot commented Jan 8, 2026

Uh oh!

gustavolira commented Jan 8, 2026

Uh oh!

github-actions bot commented Jan 8, 2026

Uh oh!

gustavolira commented Jan 8, 2026

Uh oh!

gustavolira commented Jan 8, 2026

Uh oh!

github-actions bot commented Jan 8, 2026

Uh oh!

gustavolira commented Jan 8, 2026

Uh oh!

sonarqubecloud bot commented Jan 8, 2026

Quality Gate passed

Uh oh!

github-actions bot commented Jan 9, 2026

Uh oh!

openshift-ci bot commented Jan 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

rhdh-qodo-merge bot commented Dec 8, 2025 •

edited

Loading

(Review updated until commit `b3ffc23`)