CORENET-6100: [WIP] Add support for no-overlay mode

[ricky-rav]

No description provided.

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (3)

• WIP
• do-not-merge
• work-in-progress

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Adds templated no‑overlay and managed BGP options to OVN config, FRR‑k8s OperatorPKI and readiness/bootstrap handling, Network CRD updates, dependency replace directives, MTU validation and gating logic, render signature changes, and accompanying unit tests and manifest tweaks.

Changes

Cohort / File(s)	Summary
OVN Kubernetes templates bindata/network/ovn-kubernetes/managed/004-config.yaml, bindata/network/ovn-kubernetes/self-hosted/004-config.yaml	Add conditional transport rendering (DefaultNetworkTransport), a no-overlay block guarded by NoOverlayEnabled with optional outbound-snat and routing, and a bgp.managed block guarded by NoOverlayManagedEnabled with optional as-number and topology.
FRR‑k8s manifests bindata/network/frr-k8s/003-pki.yaml, bindata/network/frr-k8s/frr-k8s.yaml, bindata/network/frr-k8s/monitor.yaml, bindata/network/frr-k8s/node-status-cleaner.yaml, bindata/network/frr-k8s/webhook.yaml	Add two OperatorPKI resources (webhook, metrics); change secret names and service annotations; inject KUBERNETES_SERVICE_HOST/KUBERNETES_SERVICE_PORT env vars; add toleration; set ServiceMonitor TLS to insecureSkipVerify: true; make ValidatingWebhookConfiguration conditional on CA bundle.
Go module go.mod	Update github.com/openshift/api version and add replace directives mapping github.com/openshift/api and github.com/openshift/client-go to forked module versions.
OVN no‑overlay logic & rendering pkg/network/ovn_kubernetes.go, pkg/network/render.go, pkg/network/render_test.go, pkg/network/ovn_kubernetes_test.go	Populate no‑overlay template fields, map BGP managed settings, add isFeatureGateEnabled helper, implement ValidateMTUForNoOverlay, add FRR CA bundle fetcher and FRR readiness gating (isFRRWebhookReady, shouldSkipOVNKUntilFRRReady), update render callsites/signatures and tests, and standardize error message casing.
Operator config controller pkg/controller/operconfig/operconfig_controller.go	After filling defaults, validate MTU for no‑overlay against host MTU; on invalid MTU mark operator config degraded with InvalidOperatorConfig and return (early exit).
FRR readiness tests pkg/network/frr_readiness_test.go	Add unit tests for FRR webhook readiness and for decision logic to skip OVN until FRR is ready, using fake EndpointSlice fixtures.
Network CRD manifests manifests/0000_70_network_01_networks-*.crd.yaml manifests/0000_70_network_01_networks-Default.crd.yaml, ...-DevPreviewNoUpgrade.crd.yaml, ...-TechPreviewNoUpgrade.crd.yaml, ...-CustomNoUpgrade.crd.yaml, ...-OKD.crd.yaml	Add/replace large auto‑generated Network CRD OpenAPI v3 schemas (cluster‑scoped Network CRD variants). OKD variant adds a metadata label.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

• Pay attention to:
  • MTU validation logic and operator controller early‑exit behavior.
  • Feature‑gate checks and new isFeatureGateEnabled helper.
  • Templating parity for no‑overlay and bgp.managed across OVN config files.
  • FRR bootstrap/readiness: OperatorPKI resources, CA bundle retrieval, and conditional webhook rendering.
  • Updated render function signatures and corresponding test updates.
  • go.mod replace directives to confirm intentional forks/versions.
  • Large auto‑generated CRD manifests: scan for accidental manual edits.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci-robot]

@ricky-rav: This pull request references CORENET-6100 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

Details

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[ricky-rav]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ricky-rav
Once this PR has been reviewed and has the lgtm label, please assign kyrtapz for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

pkg/network/ovn_kubernetes.go (1)

99-99: Consider separating error message capitalization changes.

The error message capitalization changes (converting initial capital letters to lowercase) are stylistic improvements unrelated to the NoOverlay feature. While consistency is valuable, mixing these changes with feature work:

• Makes the diff harder to review
• Increases the risk of merge conflicts
• Complicates git blame and bisecting if issues arise

Consider moving these changes to a separate commit or PR focused solely on error message style consistency.

Also applies to: 998-998, 1038-1038, 1042-1042, 1047-1047, 1051-1051, 1056-1056, 1060-1060, 1066-1066, 1071-1071, 1306-1306, 1311-1311, 1317-1317, 1352-1352, 1381-1381, 1410-1410, 2099-2099

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 41be31e and 0d8bdf2.

⛔ Files ignored due to path filters (31)

• go.sum is excluded by !**/*.sum
• vendor/github.com/openshift/api/config/v1/types_infrastructure.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/config/v1/types_node.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/config/v1/types_scheduling.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/console/v1/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/features.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/features/features.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/types_ingress.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/types_network.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/modules.txt is excluded by !vendor/**, !**/vendor/**

📒 Files selected for processing (4)

• bindata/network/ovn-kubernetes/managed/004-config.yaml (4 hunks)
• bindata/network/ovn-kubernetes/self-hosted/004-config.yaml (2 hunks)
• go.mod (1 hunks)
• pkg/network/ovn_kubernetes.go (9 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• bindata/network/ovn-kubernetes/managed/004-config.yaml
• go.mod
• bindata/network/ovn-kubernetes/self-hosted/004-config.yaml
• pkg/network/ovn_kubernetes.go

🔇 Additional comments (2)

bindata/network/ovn-kubernetes/self-hosted/004-config.yaml (1)

16-18: LGTM!

The template changes for NoOverlay mode configuration are well-structured. The conditional blocks properly guard the new configuration sections, and the template variables follow existing naming conventions.

Also applies to: 68-87

bindata/network/ovn-kubernetes/managed/004-config.yaml (1)

16-18: LGTM!

The managed configuration changes mirror the self-hosted configuration and maintain consistency across both ConfigMap instances (for node and control plane). The template structure is correct and follows existing patterns.

Also applies to: 58-77, 121-123, 169-188

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Remove fork dependency before merging.

This replace directive points to a personal fork (github.com/ricky-rav/api). Fork dependencies create supply chain risks, break reproducible builds, and should never be merged to production code. Before removing the [WIP] tag, ensure the necessary API changes are merged upstream to github.com/openshift/api and update this dependency to point to the official repository.

🤖 Prompt for AI Agents

In go.mod around line 178, the replace directive points to a personal fork
(github.com/ricky-rav/api) which must be removed before merging; replace that
directive with the official module (github.com/openshift/api) after the upstream
changes are merged, remove the replace line, update the module version to the
appropriate tag/commit from the official repo, then run go mod tidy and re-run
CI/tests to ensure all imports resolve and builds remain reproducible.

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

pkg/network/ovn_kubernetes.go (1)

369-386: Add validation: BGPManagedConfig requires NoOverlayRouting to be "managed".

When BGPManagedConfig is specified (line 369), there's no validation that NoOverlayRouting is set to "managed". BGP managed configuration is cluster-wide and applies to networks using no-overlay mode with managed routing, so these settings should be consistent.

Consider adding validation to ensure NoOverlayRouting is "managed" when BGPManagedConfig is present:

 	// BGP managed configuration is cluster-wide and applies to any network (default or CUDN)
 	// using no-overlay mode with managed routing.
 	// BGPTopology is required when BGPManagedConfig is specified.
 	if noOverlayFeatureEnabled && c.BGPManagedConfig.BGPTopology != "" {
+		// Validate that routing is set to managed when BGPManagedConfig is present
+		if data.Data["NoOverlayRouting"] != "managed" {
+			return nil, progressing, fmt.Errorf("BGPManagedConfig requires NoOverlayRouting to be set to 'managed'")
+		}
+
 		data.Data["NoOverlayManagedEnabled"] = true
 		klog.V(2).Infof("BGP managed configuration enabled for no-overlay mode")

🧹 Nitpick comments (1)

pkg/network/render_test.go (1)

641-649: FRR capability test adjustment looks consistent with new resources

Updating the FRR-capability expectation to 20 objects and wiring the new renderAdditionalRoutingCapabilities parameters (passing nil client and fakeBootstrapResult()) is coherent with the added OperatorPKI resources and conditional VWC rendering. Just ensure the implementation gracefully handles a nil client on FRR paths (the test will expose any panic here).

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between c162e54 and d653c92.

📒 Files selected for processing (18)

• bindata/network/frr-k8s/003-pki.yaml (1 hunks)
• bindata/network/frr-k8s/frr-k8s.yaml (4 hunks)
• bindata/network/frr-k8s/monitor.yaml (1 hunks)
• bindata/network/frr-k8s/node-status-cleaner.yaml (2 hunks)
• bindata/network/frr-k8s/webhook.yaml (2 hunks)
• bindata/network/ovn-kubernetes/managed/004-config.yaml (4 hunks)
• bindata/network/ovn-kubernetes/self-hosted/004-config.yaml (2 hunks)
• manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml (1 hunks)
• manifests/0000_70_network_01_networks-Default.crd.yaml (1 hunks)
• manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml (1 hunks)
• manifests/0000_70_network_01_networks-OKD.crd.yaml (1 hunks)
• manifests/0000_70_network_01_networks-TechPreviewNoUpgrade.crd.yaml (1 hunks)
• pkg/controller/operconfig/operconfig_controller.go (1 hunks)
• pkg/network/frr_readiness_test.go (1 hunks)
• pkg/network/ovn_kubernetes.go (14 hunks)
• pkg/network/ovn_kubernetes_test.go (11 hunks)
• pkg/network/render.go (9 hunks)
• pkg/network/render_test.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (6)

• bindata/network/ovn-kubernetes/self-hosted/004-config.yaml
• pkg/network/frr_readiness_test.go
• bindata/network/frr-k8s/frr-k8s.yaml
• pkg/controller/operconfig/operconfig_controller.go
• bindata/network/frr-k8s/node-status-cleaner.yaml
• bindata/network/frr-k8s/monitor.yaml

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• bindata/network/ovn-kubernetes/managed/004-config.yaml
• bindata/network/frr-k8s/webhook.yaml
• manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml
• pkg/network/ovn_kubernetes.go
• manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml
• manifests/0000_70_network_01_networks-OKD.crd.yaml
• pkg/network/render.go
• pkg/network/ovn_kubernetes_test.go
• manifests/0000_70_network_01_networks-Default.crd.yaml
• bindata/network/frr-k8s/003-pki.yaml
• pkg/network/render_test.go
• manifests/0000_70_network_01_networks-TechPreviewNoUpgrade.crd.yaml

🧬 Code graph analysis (3)

pkg/network/ovn_kubernetes.go (2)

pkg/hypershift/hypershift.go (1)

• NewHyperShiftConfig (106-125)

pkg/util/util.go (1)

• OVN_CONTROL_PLANE (19-19)

pkg/network/render.go (2)

pkg/client/types.go (1)

• Client (19-31)

pkg/bootstrap/types.go (2)

• BootstrapResult (97-102)
• APIServerDefault (157-157)

pkg/network/ovn_kubernetes_test.go (1)

pkg/network/ovn_kubernetes.go (4)

• OVN_NODE_SELECTOR_DEFAULT_DPU_HOST (63-63)
• OVN_NODE_SELECTOR_DEFAULT_DPU (64-64)
• OVN_NODE_SELECTOR_DEFAULT_SMART_NIC (65-65)
• ValidateMTUForNoOverlay (1149-1177)

🪛 YAMLlint (1.37.1)

bindata/network/frr-k8s/webhook.yaml

[error] 13-13: syntax error: could not find expected ':'

(syntax)

🔇 Additional comments (16)

manifests/0000_70_network_01_networks-OKD.crd.yaml (1)

5-11: OKD feature‑set annotation is consistent and low‑risk

Adding release.openshift.io/feature-set: OKD to the CRD metadata cleanly gates this variant without impacting the CRD’s functional schema.

manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml (1)

240-746: No‑overlay / BGP schema and validations look coherent

The new defaultNetworkTransport, defaultNetworkNoOverlayOptions, and bgpManagedConfig fields, together with their x-kubernetes-validations (immutability, required‑when‑Managed, and NoOverlay gating), form a consistent contract and should prevent misconfiguration of no‑overlay/BGP mode without adding runtime risk.

manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml (1)

1-1046: DevPreview Network CRD definition matches Default semantics

This DevPreviewNoUpgrade Network CRD mirrors the Default variant’s schema and validations, differing only in the feature‑set annotation, which is appropriate for feature‑gated exposure.

manifests/0000_70_network_01_networks-Default.crd.yaml (1)

1-1046: Default Network CRD schema and validations look sound

The new Network CRD for the Default feature set provides a comprehensive, consistent OpenAPI schema and CEL validations (FRR/routeAdvertisements, ipForwarding, migration MTU, etc.) without introducing obvious correctness or security issues.

bindata/network/frr-k8s/webhook.yaml (1)

12-40: Conditional webhook rendering on CA bundle is appropriate

Guarding the ValidatingWebhookConfiguration on .FRRK8sWebhookCABundle and wiring that into caBundle matches the new OperatorPKI-based flow and avoids deploying a broken webhook before CA material is ready.

bindata/network/ovn-kubernetes/managed/004-config.yaml (1)

16-18: No‑overlay and BGP managed blocks are wired correctly into ovnkube.conf

The new transport, [no-overlay], and [bgp.managed] sections are conditionally rendered and symmetric between node/master configs, which matches the no-overlay design and is exercised by the new tests in ovn_kubernetes_test.go. No structural or templating issues stand out.

Also applies to: 58-77, 121-123, 169-188

bindata/network/frr-k8s/003-pki.yaml (1)

1-26: OperatorPKI resources correctly model webhook and metrics TLS

Using OperatorPKI for frr-k8s-webhook and frr-k8s-metrics with service FQDN common names is consistent with avoiding service-ca during bootstrap and with the new webhook CA-bundle handling.

pkg/network/ovn_kubernetes_test.go (1)

76-84: No‑overlay feature‑gate wiring and tests are comprehensive and consistent

Including FeatureGateNoOverlayMode in the default/known feature‑gate sets and adding the new no‑overlay tests (TestRenderOVNKubernetesNoOverlay, defaults/MTU, and TestValidateMTUForNoOverlay) gives good coverage of:

• transport selection and feature‑gate off behavior,
• rendered [no-overlay] and [bgp.managed] sections and value casing,
• MTU defaulting and validation vs host MTU.

The expectations line up with the CRD schema defaults and the ValidateMTUForNoOverlay implementation, and existing tests keep NoOverlay disabled where needed via custom feature‑gate sets.

Also applies to: 929-936, 4483-4922

pkg/network/ovn_kubernetes.go (3)

1145-1177: LGTM: ValidateMTUForNoOverlay is well-structured.

The function correctly validates MTU constraints for no-overlay mode:

• Handles nil config and unset MTU gracefully
• Skips validation when not applicable (non-no-overlay mode)
• Logs a warning instead of failing when hostMTU is unknown
• Validates that MTU doesn't exceed host MTU (correct for no-overlay mode with no encapsulation overhead)

---

1264-1270: LGTM: MTU calculation correctly handles no-overlay mode.

The logic appropriately differentiates MTU calculation:

• No-overlay mode: Uses host MTU directly (no encapsulation overhead)
• Overlay mode: Subtracts encapsulation overhead from host MTU

This aligns with the no-overlay design where packets are not encapsulated.

---

2235-2244: LGTM: Safe feature gate check pattern.

The helper function prevents panics by checking if a feature gate is known before calling Enabled(). This is a good defensive programming pattern that ensures stability when new feature gates are introduced or when feature gate configurations are incomplete.

pkg/network/render.go (5)

52-84: LGTM: FRR webhook readiness check is robust.

The function correctly uses EndpointSlices to check webhook readiness:

• Handles errors gracefully with logging
• Checks for nil conditions before accessing Ready field
• Counts ready endpoints across all EndpointSlices
• Provides diagnostic logging for troubleshooting

This prevents race conditions where OVNK attempts to use the webhook before it's ready.

---

86-132: LGTM: Gating logic correctly prevents race condition.

The function appropriately gates OVNK rendering to prevent race conditions:

• Only applies to fresh installs (OVNK not yet running)
• Requires all conditions to be met (FRR enabled, RouteAdvertisements enabled, webhook not ready)
• Does not interfere with upgrades or existing deployments
• Provides clear logging for operational visibility

This ensures OVNK waits for FRR webhook readiness only when necessary.

---

723-729: LGTM: Integration point correctly handles rendering skip.

The pre-check is properly integrated:

• Placed before rendering logic to prevent unnecessary work
• Returns progressing=true to signal CNO to continue reconciling
• Only applies to OVNKubernetes network type
• Clear comment explains the race condition being prevented

This ensures CNO retries until FRR webhook is ready before rendering OVNK.

---

1077-1102: LGTM: FRR rendering data correctly populated.

The function signature update and data population are appropriate:

• Added client and bootstrapResult parameters enable necessary data fetching
• API server host/port injection solves bootstrap connectivity issue (service IP not routable before CNI is running)
• Webhook CA bundle fetched via dedicated function
• Clear comment explains the bootstrap connectivity challenge

This ensures FRR pods can connect to the API server during initial deployment.

---

1115-1142: LGTM: CA bundle retrieval correctly handles unavailability.

The function safely handles the CA bundle lifecycle:

• Returns empty string when ConfigMap or CA bundle is not yet available
• Base64 encodes the CA bundle for ValidatingWebhookConfiguration
• Provides diagnostic logging

Based on past review discussion, the webhook.yaml template conditionally renders the ValidatingWebhookConfiguration only when FRRK8sWebhookCABundle is non-empty. This design ensures:

• Service is created immediately (outside conditional)
• ValidatingWebhookConfiguration is deferred until CA bundle is available
• No invalid webhook configuration is created

[zhaozhanqi]

/payload-job-with-prs periodic-ci-openshift-cluster-network-operator-master-e2e-metal-ipi-ovn-dualstack-bgp-lgw-no-overlay-test openshift/release#73335 openshift/ovn-kubernetes#2878 openshift/client-go#349

[openshift-ci]

@zhaozhanqi: trigger 0 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

[openshift-ci]

@zhaozhanqi: This PR was included in a payload test run from openshift/ovn-kubernetes#2920
trigger 0 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

[openshift-ci]

@ricky-rav: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-metal-ipi-ovn-dualstack-bgp-local-gw	0c3d2c2	link	true	/test e2e-metal-ipi-ovn-dualstack-bgp-local-gw
ci/prow/e2e-aws-ovn-serial-1of2	0c3d2c2	link	true	/test e2e-aws-ovn-serial-1of2
ci/prow/e2e-ovn-ipsec-step-registry	0c3d2c2	link	true	/test e2e-ovn-ipsec-step-registry
ci/prow/e2e-aws-ovn-upgrade-ipsec	0c3d2c2	link	true	/test e2e-aws-ovn-upgrade-ipsec
ci/prow/security	0c3d2c2	link	false	/test security
ci/prow/frrk8s-e2e	0c3d2c2	link	false	/test frrk8s-e2e

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.