OCPBUGS-76403, CORENET-6055: [release-4.15] Dockerfile: Unpin OVN and consume the latest from FDP#2974
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@igsilya: This pull request references CORENET-6055 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.15.z" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira cherry-pick OCPBUGS-76277 |
|
@igsilya: Jira Issue OCPBUGS-76277 has been cloned as Jira Issue OCPBUGS-76403. Will retitle bug to link to clone. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
Bot
changed the title
openshift-ci-robot
added
jira/severity-important
|
@igsilya: This pull request references Jira Issue OCPBUGS-76403, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retitle OCPBUGS-76403, CORENET-6055: [release-4.15] Dockerfile: Unpin OVN and consume the latest from FDP |
|
/retitle OCPBUGS-76403, CORENET-6055: [release-4.15] Dockerfile: Unpin OVN and consume the latest from FDP |
openshift-ci
Bot
changed the title
|
@igsilya: This pull request references Jira Issue OCPBUGS-76403, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. This pull request references CORENET-6055 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.15.z" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest-required |
|
All passed on re-run. The gofmt/lint/unit jobs seem borked, and will need an override, AFAIU. |
|
/jira refresh |
openshift-ci-robot
added
jira/valid-bug
|
@igsilya: This pull request references Jira Issue OCPBUGS-76403, which is valid. The bug has been moved to the POST state. 7 validation(s) were run on this bug
Requesting review from QA contact: This pull request references CORENET-6055 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.15.z" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest-required |
1 similar comment
|
/retest-required |
OVN-Kubernetes is always lagging behind on the version of OVN it pins. This is causing a lot of trouble with keeping up with bug fixes and especially CVE fixes on older branches, resulting in scanners flagging this image with poor security grades and much longer time for bug fixes to be delivered to customers as the PR backporting process can take weeks or even months. Removing the pin, so every time the new build is released in FDP, it automatically gets into versions of OpneShift that use it. There is a pre-release testing process in place between FDP and OCP QE that ensures the required test coverage before the new build is released through FDP. Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
|
Important Review skippedAuto reviews are limited based on label configuration. 🚫 Review skipped — only excluded labels are configured. (1)
Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
/lgtm |
openshift-ci
Bot
added
the
backport-risk-assessed
openshift-ci
Bot
assigned
asood-rh,
barbora137,
huiran0826,
jechen0648,
meinali566,
mffiedler,
qiowang721,
rbbratta and
weliang1
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: igsilya, jcaamano The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
Bot
added
the
approved
|
@igsilya: This pull request references Jira Issue OCPBUGS-76403, which is valid. 7 validation(s) were run on this bug
Requesting review from QA contact: This pull request references CORENET-6055 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.15.z" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest-required |
|
/verified by CI e2e-aws-ovn-fdp-qe job passed Ginkgo tests /logs/artifacts/junit: total 32 -rw-r--r--. 1 1012240000 1012240000 30838 Mar 20 13:25 import-SDN.xml openshift-extended-test: total: 43 failures: 0 errors: 0 skipped: 5 Cucushift tests /logs/artifacts/serial/junit-report: total 0 Done. 4 files processed. cucushift-e2e: total: 25 failures: 0 errors: 0 skipped: 2 |
openshift-ci-robot
added
the
verified
|
@asood-rh: This PR has been marked as verified by DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest-required |
1 similar comment
|
/retest-required |
|
/retest-required |
|
@igsilya: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
I see the exact same test failure on the current release-4.15 branch, so it is not related to this PR. See the example here: #3105 (https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/openshift_ovn-kubernetes/3105/pull-ci-openshift-ovn-kubernetes-release-4.15-4.15-upgrade-from-stable-4.14-local-gateway-e2e-aws-ovn-upgrade/2039306699600302080) |
|
/override ci/prow/4.15-upgrade-from-stable-4.14-local-gateway-e2e-aws-ovn-upgrade |
|
@pliurh: pliurh unauthorized: /override is restricted to Repo administrators, approvers in top level OWNERS file, and the following github teams:openshift: openshift-release-oversight openshift-staff-engineers openshift-sustaining-engineers. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/test 4.15-upgrade-from-stable-4.14-local-gateway-e2e-aws-ovn-upgrade |
openshift-merge-bot
Bot
merged commit 001b26d
into
openshift:release-4.15
|
@igsilya: Jira Issue Verification Checks: Jira Issue OCPBUGS-76403 Jira Issue OCPBUGS-76403 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Fix included in release 4.15.0-0.nightly-2026-04-10-030227 |
16 participants
OVN-Kubernetes is always lagging behind on the version of OVN it pins. This is causing a lot of trouble with keeping up with bug fixes and especially CVE fixes on older branches, resulting in scanners flagging this image with poor security grades and much longer time for bug fixes to be delivered to customers as the PR backporting process can take weeks or even months.
Removing the pin, so every time the new build is released in FDP, it automatically gets into versions of OpneShift that use it. There is a pre-release testing process in place between FDP and OCP QE that ensures the required test coverage before the new build is released through FDP.
This PR will bring updated OVN builds and will allow picking up newer ones automatically as soon as they are released in the future. Major version upgrades still require a separate PR.
(cherry picked from commit 3771a89)
Manual cherry pick of the change from 4.16: #2972