Add non-payload OTE extension support for run-once-durationoverride-operator

[ropatil010]

This PR adds OpenShift Tests Extension (OTE) support for the run-once-duration-override-operator using the non-payload extension discovery mechanism.

The run-once-duration-override-operator is an optional operator (installed via OLM), not part of the core release payload. Therefore, it uses TestExtensionAdmission to dynamically discover and run tests.

Changes:

• Creates rodoo-extension step registry
• Installs TestExtensionAdmission CRD
• Creates TestExtensionAdmission CR permitting test-extensions/*
• Sets up ImageStream with required annotations
• Runs OTE test suite: openshift/run-once-duration-override-operator/operator/serial

Related:

• CNTRLPLANE-2532: Migrate operator_test to OTE style - OTE infrastructure
• CNTRLPLANE-2532: Add OTE-compatible E2E test files - Ginkgo test migration
• Follows pattern from WIP: non-payload test-extension binary example #76240 (cluster-api example)

---

Summary by CodeRabbit

This PR adds OpenShift Tests Extension (OTE) support for the run-once-duration-override-operator in the OpenShift CI infrastructure. Since run-once-duration-override-operator is an optional operator installed via OLM and not part of the core release payload, the PR implements non-payload extension discovery to enable test execution during the main branch builds.

Changes to Release Configuration

The PR modifies openshift-origin-main.yaml to add a new e2e test job (e2e-aws-operator-serial-ote-rodoo) that:

• Runs on AWS infrastructure (openshift-org-aws)
• Uses the ipi-aws workflow with FIPS enabled
• Specifies EXTENSION_IMAGE pointing to the run-once-duration-override-operator image
• Executes the rodoo-extension test reference
• Includes pre-steps for ipi-aws-pre and fips-check

New Test Step Registry

A new step registry is created under ci-operator/step-registry/rodoo-extension/ with:

• rodoo-extension-ref.yaml: Defines the test step that runs with 3 CPU and 600Mi-10Gi memory, providing detailed documentation of the OTE non-payload discovery flow
• rodoo-extension-commands.sh: Implements the setup and execution logic:
  • Installs the TestExtensionAdmission CRD (improvement over similar PRs)
  • Creates a TestExtensionAdmission CR to permit test-extensions/* ImageStreams
  • Creates an ImageStream with required OTE annotations (component and binary path metadata)
  • Verifies setup before running tests (improvement over similar PRs)
  • Runs the openshift/run-once-duration-override-operator/operator/serial test suite with JUnit output
• OWNERS and metadata.json: Establish ownership and configuration metadata

Technical Details

Test Binary Location

/usr/bin/run-once-duration-override-operator-tests-ext.gz

ImageStream Annotations

testextension.redhat.io/component: "run-once-duration-override-operator"
testextension.redhat.io/binary: "/usr/bin/run-once-duration-override-operator-tests-ext.gz"

TestExtensionAdmission CR

openshift-tests extension-admission create rodoo-extensions \
  --permit=test-extensions/*

Test Suite

openshift/run-once-duration-override-operator/operator/serial

Prerequisites

The operator repository already has the required OTE infrastructure (merged PRs #595 and #596):

• ✅ OTE binary implementation (cmd/run-once-duration-override-operator-tests-ext/main.go)
• ✅ Ginkgo test migration (test/e2e/operator.go, test/e2e/helpers.go)
• ✅ Test suite registration with [Operator] and [Serial] tags

---

The implementation enables the OpenShift CI system to dynamically discover and execute run-once-duration-override-operator tests as part of the main branch pipeline, following the non-payload extension pattern already established in the release repository.

Summary by CodeRabbit

This PR updates OpenShift CI (openshift/release) to discover and run OpenShift Tests Extension (OTE) non-payload tests for the run-once-duration-override-operator (an optional OLM-installed operator not included in the release payload).

What it changes in practical terms

• Adds a step-registry entry rodoo-extension that prepares the cluster and runs the operator's OTE serial tests:

  • Installs the TestExtensionAdmission CRD (via openshift-tests extension-admission install-crd) and creates a TestExtensionAdmission CR (rodoo-extensions) permitting test-extensions/*.
  • Creates a test-extensions namespace and an ImageStream run-once-duration-override-operator-tests:latest that imports from EXTENSION_IMAGE and is annotated with:
    • testextension.redhat.io/component: "run-once-duration-override-operator"
    • testextension.redhat.io/binary: "/usr/bin/run-once-duration-override-operator-tests-ext.gz"
  • Verifies the TestExtensionAdmission resource and ImageStreamTag annotations, then runs the configured OTE test suite (default openshift/run-once-duration-override-operator/operator/serial) via openshift-tests with JUnit output to ARTIFACT_DIR.
  • The ref step runs from the tests image, sets resource requests (cpu: 3, memory: 600Mi) and a memory limit (10Gi), and has a 3600s timeout.

• Adds an optional CI job to the operator's ci-operator config:

  • New test entry e2e-aws-operator-serial-ote wired into the ipi-aws workflow, marked optional/always_run:false, with FIPS_ENABLED: "true", TEST_SUITE set to the operator serial suite, and pre-steps chaining ipi-aws-pre and running fips-check. The test uses the rodoo-extension ref.

• Metadata and OWNERS:

  • Adds OWNERS and rodoo-extension-ref.metadata.json registering approvers and reviewers (ardaguclu, ingvagabund, p0lyn0mial, gangwgr, ropatil010) for the new step-registry.

Why this matters

• Enables CI discovery and execution of OTE tests for an operator that is not part of the release payload, following the non-payload extension pattern (TestExtensionAdmission + annotated ImageStream). This allows the operator's tests to run in OpenShift CI without embedding tests in the release payload.

Files of note (high-level)

• ci-operator/step-registry/rodoo-extension/rodoo-extension-commands.sh — setup and execution script.
• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.yaml — step ref (resources, timeout, env, docs).
• ci-operator/step-registry/rodoo-extension/{OWNERS,rodoo-extension-ref.metadata.json} — ownership/metadata.
• ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml — adds e2e-aws-operator-serial-ote job.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Adds a new ci-operator step-registry entry rodoo-extension with metadata/OWNERS, a bash script to prepare TestExtensionAdmission and ImageStream-based extension discovery, and wires the step into the run-once-duration-override-operator AWS e2e config as an optional serial OTE test.

Changes

OpenShift Tests Extension Step Registry Setup

Layer / File(s)	Summary
Step registry definition and ownership ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.yaml, ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.metadata.json, ci-operator/step-registry/rodoo-extension/OWNERS	Defines the rodoo-extension step, its metadata path and owners (approvers and reviewers lists), timeout, resources, EXTENSION_IMAGE wiring, and documentation for non-payload OTE extension discovery.
Step execution script implementation ci-operator/step-registry/rodoo-extension/rodoo-extension-commands.sh	Bash script enabling strict mode; prepares /tmp/home; installs/creates TestExtensionAdmission; applies inline oc manifest for test-extensions namespace and ImageStream importing ${EXTENSION_IMAGE} with annotations; prints verification data; runs openshift-tests run ${TEST_SUITE} with JUnit output to ${ARTIFACT_DIR}/junit.
Operator test configuration integration ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml	Adds e2e-aws-operator-serial-ote test entry (optional) that sets FIPS_ENABLED, uses pre-steps (ipi-aws-pre, fips-check), and invokes the rodoo-extension step with workflow: ipi-aws.

🎯 3 (Moderate) | ⏱️ ~20 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Script as rodoo-extension-commands.sh
  participant oc as oc
  participant TestAdmission as TestExtensionAdmission
  participant ImageStream as ImageStream
  participant openshiftTests as openshift-tests
  Script->>oc: install CRD / apply TestExtensionAdmission
  Script->>oc: apply namespace + ImageStream manifest (imports ${EXTENSION_IMAGE})
  oc->>TestAdmission: created resource YAML
  oc->>ImageStream: ImageStreamTag annotations set/imported
  Script->>openshiftTests: run ${TEST_SUITE} (JUnit -> ${ARTIFACT_DIR}/junit)

Loading

Suggested labels: rehearsals-ack

Suggested reviewers

• petr-muller

🚥 Pre-merge checks | ✅ 15

✅ Passed checks (15 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	PR adds CI configuration only; no Ginkgo tests defined. All test name references are static with no dynamic values.
Test Structure And Quality	✅ Passed	PR adds CI configuration and bash orchestration script, not Ginkgo test code. Custom check for Ginkgo test structure is not applicable to this PR's content.
Microshift Test Compatibility	✅ Passed	PR adds CI infrastructure (YAML, Bash, OWNERS files) with no new Ginkgo test code. Check applies only to new Ginkgo tests; actual tests are in the operator repository.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	PR adds CI infrastructure only, not new Ginkgo test code. The bash script runs existing tests via openshift-tests, not new test definitions.
Topology-Aware Scheduling Compatibility	✅ Passed	PR adds CI test infrastructure. No deployment manifests, operator code, or workloads with topology-incompatible scheduling constraints are present.
Ote Binary Stdout Contract	✅ Passed	PR contains only CI configuration and bash orchestration scripts, not OTE binary source code. The actual OTE binary is in run-once-duration-override-operator PRs #595/#596.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	No new Ginkgo tests added. PR provides CI infrastructure only. No IPv4 addresses or external connectivity requirements in bash script.
No-Weak-Crypto	✅ Passed	No weak cryptographic patterns found. PR adds CI/CD configuration and shell script for OTE test setup with no cryptographic operations.
Container-Privileges	✅ Passed	No container privilege escalation settings found. Files contain no privileged: true, hostPID/Network/IPC, SYS_ADMIN, allowPrivilegeEscalation, or root user configurations.
No-Sensitive-Data-In-Logs	✅ Passed	No sensitive data exposure found. Script logs only usernames, test paths, and Kubernetes metadata annotations without passwords, tokens, API keys, PII, or internal secrets.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding non-payload OTE extension support for run-once-duration-override-operator, which is the core objective across all file additions.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

ci-operator/step-registry/cli-manager-extension/cli-manager-extension-commands.sh (1)

99-105: ⚡ Quick win

Quote variables to prevent word splitting.

The ${IST} variable should be quoted to prevent potential word splitting and globbing issues when passed to oc get.

♻️ Proposed fix

   IST=$(oc get imagestreamtag -n test-extensions -o name | grep cli-manager | head -1)
   if [ -n "$IST" ]; then
     echo "Found in test-extensions namespace:"
-    oc get ${IST} -n test-extensions -o jsonpath='{.metadata.annotations}' | python3 -m json.tool || true
+    oc get "${IST}" -n test-extensions -o jsonpath='{.metadata.annotations}' | python3 -m json.tool || true
   fi
 fi
 
 if oc get namespace ${OPERATOR_NAMESPACE} &>/dev/null; then
   IST=$(oc get imagestreamtag -n ${OPERATOR_NAMESPACE} -o name 2>/dev/null | grep cli-manager | head -1 || true)
   if [ -n "$IST" ]; then
     echo "Found in ${OPERATOR_NAMESPACE} namespace:"
-    oc get ${IST} -n ${OPERATOR_NAMESPACE} -o jsonpath='{.metadata.annotations}' | python3 -m json.tool || true
+    oc get "${IST}" -n "${OPERATOR_NAMESPACE}" -o jsonpath='{.metadata.annotations}' | python3 -m json.tool || true
   fi
 fi

Also applies to: 107-113

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/step-registry/cli-manager-extension/cli-manager-extension-commands.sh`
around lines 99 - 105, The oc invocations are passing the IST shell variable
unquoted which can cause word-splitting/globbing; update usages of IST (the IST
variable used in the oc get commands inside the
cli-manager-extension-commands.sh snippet—e.g., the oc get ${IST} -n
test-extensions -o jsonpath=... and the similar occurrences around lines
107-113) to use quoted variable expansion ("${IST}") so the entire
imagestreamtag name is treated as a single argument; ensure all other IST
occurrences in that block are similarly quoted.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@ci-operator/step-registry/cli-manager-extension/cli-manager-extension-commands.sh`:
- Around line 35-41: The script assumes .spec.tags[0].name exists and uses
unquoted vars when annotating; update the LATEST_TAG retrieval (symbol
LATEST_TAG and the oc get imagestream call using OPERATOR_IMAGE_NAME and
OPERATOR_NAMESPACE) to validate that tags were returned and fail fast with a
clear error if empty, and then quote variable expansions in the oc annotate
imagestreamtag/${OPERATOR_IMAGE_NAME}:${LATEST_TAG} -n ${OPERATOR_NAMESPACE}
invocation (i.e., quote OPERATOR_IMAGE_NAME, LATEST_TAG and OPERATOR_NAMESPACE)
to prevent word splitting/globbing and ensure the annotate command is only
executed when LATEST_TAG is non-empty.

---

Nitpick comments:
In
`@ci-operator/step-registry/cli-manager-extension/cli-manager-extension-commands.sh`:
- Around line 99-105: The oc invocations are passing the IST shell variable
unquoted which can cause word-splitting/globbing; update usages of IST (the IST
variable used in the oc get commands inside the
cli-manager-extension-commands.sh snippet—e.g., the oc get ${IST} -n
test-extensions -o jsonpath=... and the similar occurrences around lines
107-113) to use quoted variable expansion ("${IST}") so the entire
imagestreamtag name is treated as a single argument; ensure all other IST
occurrences in that block are similarly quoted.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: de66b206-de1c-43d3-a3a8-fca10f6c4f29

📥 Commits

Reviewing files that changed from the base of the PR and between 3347def and c746e9f.

⛔ Files ignored due to path filters (1)

• ci-operator/jobs/openshift/origin/openshift-origin-release-4.22-presubmits.yaml is excluded by !ci-operator/jobs/**

📒 Files selected for processing (5)

• ci-operator/config/openshift/origin/openshift-origin-release-4.22.yaml
• ci-operator/step-registry/cli-manager-extension/OWNERS
• ci-operator/step-registry/cli-manager-extension/cli-manager-extension-commands.sh
• ci-operator/step-registry/cli-manager-extension/cli-manager-extension-ref.metadata.json
• ci-operator/step-registry/cli-manager-extension/cli-manager-extension-ref.yaml

[openshift-merge-bot]

@ropatil010: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml (1)

40-43: ⚡ Quick win

Consider anchoring the bundle.Dockerfile pattern in the regex.

The skip_if_only_changed regex includes bundle.Dockerfile without anchors, which would match partial paths like foo/bundle.Dockerfile or unintended substring matches. Consider using ^bundle\.Dockerfile$ or (^|/)bundle\.Dockerfile$ to ensure it matches only the intended file.

📝 Suggested regex improvement

-  skip_if_only_changed: ^\.tekton/|bundle.Dockerfile|\.md$|^(LICENSE|OWNERS)$
+  skip_if_only_changed: ^\.tekton/|^bundle\.Dockerfile$|\.md$|^(LICENSE|OWNERS)$

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml`
around lines 40 - 43, The current skip_if_only_changed regex contains an
unanchored bundle.Dockerfile token which can match unintended paths; update the
skip_if_only_changed value so the bundle.Dockerfile pattern is anchored (e.g.
use ^bundle\.Dockerfile$ or (^|/)bundle\.Dockerfile$) to ensure it only matches
the intended filename; locate the skip_if_only_changed entry in the YAML and
replace the unanchored bundle.Dockerfile token with the chosen anchored pattern.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.yaml`:
- Around line 12-17: The resources block in rodoo-extension-ref.yaml currently
requests cpu: "3" and limits.memory: 10Gi which is much higher than similar
extension refs; change resources.requests.cpu and resources.requests.memory to
conservative values (e.g., match other extensions like cpu: 100m and memory:
200Mi or a justified intermediate value), set reasonable limits.memory (e.g.,
512Mi or 1Gi) to avoid CI waste, and if high resources are truly required, add a
brief justification comment in the manifest or PR description explaining why
these specific values are necessary (reference keys: resources.requests.cpu,
resources.requests.memory, resources.limits.memory).

---

Nitpick comments:
In
`@ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml`:
- Around line 40-43: The current skip_if_only_changed regex contains an
unanchored bundle.Dockerfile token which can match unintended paths; update the
skip_if_only_changed value so the bundle.Dockerfile pattern is anchored (e.g.
use ^bundle\.Dockerfile$ or (^|/)bundle\.Dockerfile$) to ensure it only matches
the intended filename; locate the skip_if_only_changed entry in the YAML and
replace the unanchored bundle.Dockerfile token with the chosen anchored pattern.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 9c682dfe-3c9a-4eef-8852-8b326d656f5f

📥 Commits

Reviewing files that changed from the base of the PR and between 31ce64b and 271752d.

⛔ Files ignored due to path filters (1)

• ci-operator/jobs/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main-presubmits.yaml is excluded by !ci-operator/jobs/**

📒 Files selected for processing (5)

• ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml
• ci-operator/step-registry/rodoo-extension/OWNERS
• ci-operator/step-registry/rodoo-extension/rodoo-extension-commands.sh
• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.metadata.json
• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.yaml

✅ Files skipped from review due to trivial changes (2)

• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.metadata.json
• ci-operator/step-registry/rodoo-extension/OWNERS

🚧 Files skipped from review as they are similar to previous changes (1)

• ci-operator/step-registry/rodoo-extension/rodoo-extension-commands.sh

[openshift-merge-bot]

@ropatil010: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

[openshift-merge-bot]

@ropatil010: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@ci-operator/step-registry/rodoo-extension/rodoo-extension-commands.sh`:
- Line 15: The current unconditional "|| true" after running openshift-tests
extension-admission install-crd masks failures; replace it by running
openshift-tests extension-admission install-crd and checking its exit status and
output: if it succeeds return normally, if it fails but output/stderr contains
the expected "already exists" message treat as success, otherwise propagate the
failure (exit non-zero) so the step fails. Implement this control around the
openshift-tests extension-admission install-crd invocation (capture its
stdout/stderr and exit code) and remove the unconditional "|| true".
- Line 60: Replace the brittle jsonpath + python tool pipeline with
deterministic JSON + jq: change the oc call that uses "imagestreamtag
run-once-duration-override-operator-tests:latest -o jsonpath='...'" and "python3
-m json.tool || true" to output full JSON and pipe to jq, e.g. use "oc get
imagestreamtag run-once-duration-override-operator-tests:latest -n
test-extensions -o json | jq '.metadata.annotations // {}'" so the annotations
parsing is valid JSON and deterministic (remove the "python3 -m json.tool ||
true" construct).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 15296719-1bca-4bf7-913a-3c27fa1bbcb3

📥 Commits

Reviewing files that changed from the base of the PR and between ed5b01e and 9bd0a7e.

⛔ Files ignored due to path filters (1)

• ci-operator/jobs/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main-presubmits.yaml is excluded by !ci-operator/jobs/**

📒 Files selected for processing (5)

• ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml
• ci-operator/step-registry/rodoo-extension/OWNERS
• ci-operator/step-registry/rodoo-extension/rodoo-extension-commands.sh
• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.metadata.json
• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.yaml

✅ Files skipped from review due to trivial changes (1)

• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.metadata.json

🚧 Files skipped from review as they are similar to previous changes (2)

• ci-operator/step-registry/rodoo-extension/rodoo-extension-ref.yaml
• ci-operator/config/openshift/run-once-duration-override-operator/openshift-run-once-duration-override-operator-main.yaml

[ropatil010]

/pj-rehearse pull-ci-openshift-run-once-duration-override-operator-main-e2e-aws-operator-serial-ote

[openshift-merge-bot]

@ropatil010: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

[ropatil010]

/assign @stbenjam @ingvagabund @gangwgr

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ropatil010
Once this PR has been reviewed and has the lgtm label, please ask for approval from gangwgr. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• ci-operator/config/openshift/run-once-duration-override-operator/OWNERS
• ci-operator/jobs/openshift/run-once-duration-override-operator/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ropatil010
Once this PR has been reviewed and has the lgtm label, please ask for approval from gangwgr. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• ci-operator/config/openshift/run-once-duration-override-operator/OWNERS
• ci-operator/jobs/openshift/run-once-duration-override-operator/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ropatil010]

/pj-rehearse pull-ci-openshift-run-once-duration-override-operator-main-e2e-aws-operator-serial-ote

[openshift-merge-bot]

@ropatil010: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

[openshift-merge-bot]

@ropatil010, pj-rehearse: unable to determine affected jobs. This could be due to a branch that needs to be rebased. ERROR:

couldn't prepare candidate: couldn't checkout base SHA a72d498b30ae8e61b73a4062cef6721112f6b375: error checking out "a72d498b30ae8e61b73a4062cef6721112f6b375": exit status 128 fatal: unable to read tree (a72d498b30ae8e61b73a4062cef6721112f6b375)

Interacting with pj-rehearse

Comment: /pj-rehearse to run up to 5 rehearsals
Comment: /pj-rehearse skip to opt-out of rehearsals
Comment: /pj-rehearse {test-name}, with each test separated by a space, to run one or more specific rehearsals
Comment: /pj-rehearse more to run up to 10 rehearsals
Comment: /pj-rehearse max to run up to 25 rehearsals
Comment: /pj-rehearse auto-ack to run up to 5 rehearsals, and add the rehearsals-ack label on success
Comment: /pj-rehearse list to get an up-to-date list of affected jobs
Comment: /pj-rehearse abort to abort all active rehearsals
Comment: /pj-rehearse network-access-allowed to allow rehearsals of tests that have the restrict_network_access field set to false. This must be executed by an openshift org member who is not the PR author

Once you are satisfied with the results of the rehearsals, comment: /pj-rehearse ack to unblock merge. When the rehearsals-ack label is present on your PR, merge will no longer be blocked by rehearsals.
If you would like the rehearsals-ack label removed, comment: /pj-rehearse reject to re-block merging.

[ropatil010]

/pj-rehearse pull-ci-openshift-run-once-duration-override-operator-main-e2e-aws-operator-serial-ote

[openshift-merge-bot]

@ropatil010: now processing your pj-rehearse request. Please allow up to 10 minutes for jobs to trigger or cancel.

[openshift-ci]

@ropatil010: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/rehearse/openshift/run-once-duration-override-operator/main/e2e-aws-operator-serial-ote	7a69fd4	link	unknown	/pj-rehearse pull-ci-openshift-run-once-duration-override-operator-main-e2e-aws-operator-serial-ote

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[ropatil010]

Execution logs:

https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/openshift_release/79858/rehearse-79858-pull-ci-openshift-run-once-duration-override-operator-main-e2e-aws-operator-serial-ote/2060421203251695616

sig-scheduling][Operator][Serial] RunOnceDurationOverride Operator when webhook is active should set ActiveDeadlineSeconds on pods in labeled namespaces [Suite:openshift/run-once-duration-override-operator/operator/serial]	24s

  {
    "name": "[sig-scheduling][Operator][Serial] RunOnceDurationOverride Operator when webhook is active should set ActiveDeadlineSeconds on pods in labeled namespaces [Suite:openshift/run-once-duration-override-operator/operator/serial]",
    "lifecycle": "blocking",
    "duration": 23971,
    "startTime": "2026-05-29 19:18:24.700330 UTC",
    "endTime": "2026-05-29 19:18:48.672278 UTC",
    "result": "passed",
    "output": "  STEP: Setting up the operator @ 05/29/26 19:18:24.7\n  STEP: Creating test namespace and verifying webhook sets ActiveDeadlineSeconds @ 05/29/26 19:18:48.464\n  STEP: Cleaning up test namespace @ 05/29/26 19:18:48.671\n",
    "source": {
      "commit": "",
      "build_date": "",
      "git_tree_state": "",
      "source_image": "test-extensions/run-once-duration-override-operator-tests:latest",
      "source_binary": "run-once-duration-override-operator-tests-ext"
    }