Skip to content

🐛 OCPBUGS-78455: fix(boxcutter): detect collision when duplicate package is installed after upgrade#2578

Open
camilamacedo86 wants to merge 1 commit intooperator-framework:mainfrom
camilamacedo86:fix-issu-install-package-upgrade-same-box
Open

🐛 OCPBUGS-78455: fix(boxcutter): detect collision when duplicate package is installed after upgrade#2578
camilamacedo86 wants to merge 1 commit intooperator-framework:mainfrom
camilamacedo86:fix-issu-install-package-upgrade-same-box

Conversation

@camilamacedo86
Copy link
Contributor

@camilamacedo86 camilamacedo86 commented Mar 20, 2026
edited
Loading

Problem

After upgrading a ClusterExtension (e.g., v1.0.0 → v1.0.1), installing a
second ClusterExtension with the same package succeeds instead of being
blocked. Boxcutter reports ActionProgressed instead of ActionCollision
because the objects are already owned by the upgraded revision.

Solution

During collision detection, check ActionProgressed objects for controller
ownerRefs pointing to a ClusterExtensionRevision from a different
ClusterExtension. Treat these as collisions.

Before

Two ClusterExtensions referencing the same package both reach Installed: True
after an upgrade on the first one.

After

The second ClusterExtension is blocked with Progressing: True / Reason: Retrying
and a message containing revision object collisions and Conflicting Owner.

Motivated by: https://redhat.atlassian.net/browse/OCPBUGS-78455

Copilot AI review requested due to automatic review settings March 20, 2026 09:22
@netlify
Copy link

netlify bot commented Mar 20, 2026
edited
Loading

Deploy Preview for olmv1 ready!

Name Link
🔨 Latest commit 296ffe3
🔍 Latest deploy log https://app.netlify.com/projects/olmv1/deploys/69c4ff1d4b3abc0008fb86dd
😎 Deploy Preview https://deploy-preview-2578--olmv1.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@openshift-ci openshift-ci bot requested review from OchiengEd and pedjak March 20, 2026 09:22
@openshift-ci
Copy link

openshift-ci bot commented Mar 20, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign grokspawn for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@camilamacedo86 camilamacedo86 changed the title 🐛 fix(Boxcutter-Collision): Fix collision detection bypass after Cluste… 🐛 fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade Mar 20, 2026
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes a Boxcutter collision-detection bypass that could allow a second ClusterExtension to install the same package after the first ClusterExtension upgraded and bumped managed-object revision numbers.

Changes:

  • Treat ActionProgressed results as collisions when the reconciled object is controller-owned by a different ClusterExtensionRevision (foreign ownerRef).
  • Add an E2E scenario covering “upgrade then duplicate install” and a new step to ensure both ClusterExtension resources are cleaned up.
  • Add unit tests validating the new “foreign revision ownerRef” collision behavior.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
internal/operator-controller/controllers/clusterextensionrevision_controller.go Adds foreign-ownerRef collision detection for ActionProgressed objects and tracks sibling CER names during reconcile.
internal/operator-controller/controllers/clusterextensionrevision_controller_test.go Adds unit coverage for foreign/sibling/non-CER controller ownerRef cases.
test/e2e/steps/steps.go Adds a step to track the currently-applied ClusterExtension for cleanup when a scenario applies a second CE.
test/e2e/features/update.feature Adds an E2E scenario asserting collisions are detected after an upgrade when installing a duplicate CE.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from a73cf6d to 8b504c8 Compare March 20, 2026 09:39
@codecov
Copy link

codecov bot commented Mar 20, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 82.75862% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.94%. Comparing base (b240fef) to head (296ffe3).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
...controllers/clusterextensionrevision_controller.go 82.75% 3 Missing and 2 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2578      +/-   ##
==========================================
+ Coverage   67.81%   67.94%   +0.12%     
==========================================
  Files         137      137              
  Lines        9588     9617      +29     
==========================================
+ Hits         6502     6534      +32     
+ Misses       2586     2584       -2     
+ Partials      500      499       -1
Flag Coverage Δ
e2e 38.12% <0.00%> (+0.10%) ⬆️
experimental-e2e 51.16% <82.75%> (+0.20%) ⬆️
unit 53.07% <82.75%> (+0.13%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from 8b504c8 to 36f661c Compare March 20, 2026 14:00
Copilot AI review requested due to automatic review settings March 20, 2026 14:00
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from 36f661c to 2b87748 Compare March 20, 2026 14:13
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 changed the title 🐛 fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade 🐛 OCPBUGS-78455: fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade Mar 20, 2026
@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch 2 times, most recently from 6ad05bf to b7f071a Compare March 23, 2026 16:43
Copilot AI review requested due to automatic review settings March 23, 2026 16:43
Copilot AI reviewed Mar 23, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from b7f071a to 4bc4776 Compare March 23, 2026 17:46
Copilot AI review requested due to automatic review settings March 24, 2026 07:50
@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from 4bc4776 to b3688d3 Compare March 24, 2026 07:50
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from b3688d3 to 296ffe3 Compare March 26, 2026 09:40
@camilamacedo86 camilamacedo86 changed the title 🐛 OCPBUGS-78455: fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade 🐛 OCPBUGS-78455: fix(boxcutter): detect collision when duplicate package is installed after upgrade Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@OchiengEd OchiengEd Awaiting requested review from OchiengEd

@pedjak pedjak Awaiting requested review from pedjak

@perdasilva perdasilva Awaiting requested review from perdasilva

@grokspawn grokspawn Awaiting requested review from grokspawn

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@camilamacedo86 @grokspawn