Skip to content

🐛 OCPBUGS-78455: fix(boxcutter): detect collision when duplicate package is installed after upgrade#2578

Merged
openshift-merge-bot[bot] merged 1 commit intooperator-framework:mainfrom
camilamacedo86:fix-issu-install-package-upgrade-same-box
Mar 27, 2026
Merged

🐛 OCPBUGS-78455: fix(boxcutter): detect collision when duplicate package is installed after upgrade#2578
openshift-merge-bot[bot] merged 1 commit intooperator-framework:mainfrom
camilamacedo86:fix-issu-install-package-upgrade-same-box

Conversation

@camilamacedo86
Copy link
Copy Markdown
Contributor

@camilamacedo86 camilamacedo86 commented Mar 20, 2026
edited
Loading

Problem

After upgrading a ClusterExtension (e.g., v1.0.0 → v1.0.1), installing a
second ClusterExtension with the same package succeeds instead of being
blocked. Boxcutter reports ActionProgressed instead of ActionCollision
because the objects are already owned by the upgraded revision.

Solution

During collision detection, check ActionProgressed objects for controller
ownerRefs pointing to a ClusterExtensionRevision from a different
ClusterExtension. Treat these as collisions.

Before

Two ClusterExtensions referencing the same package both reach Installed: True
after an upgrade on the first one.

After

The second ClusterExtension is blocked with Progressing: True / Reason: Retrying
and a message containing revision object collisions and Conflicting Owner.

Motivated by: https://redhat.atlassian.net/browse/OCPBUGS-78455

Copilot AI review requested due to automatic review settings March 20, 2026 09:22
@netlify
Copy link
Copy Markdown

netlify bot commented Mar 20, 2026
edited
Loading

Deploy Preview for olmv1 ready!

Name Link
🔨 Latest commit 296ffe3
🔍 Latest deploy log https://app.netlify.com/projects/olmv1/deploys/69c4ff1d4b3abc0008fb86dd
😎 Deploy Preview https://deploy-preview-2578--olmv1.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@openshift-ci openshift-ci bot requested review from OchiengEd and pedjak March 20, 2026 09:22
@camilamacedo86 camilamacedo86 changed the title 🐛 fix(Boxcutter-Collision): Fix collision detection bypass after Cluste… 🐛 fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade Mar 20, 2026
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes a Boxcutter collision-detection bypass that could allow a second ClusterExtension to install the same package after the first ClusterExtension upgraded and bumped managed-object revision numbers.

Changes:

  • Treat ActionProgressed results as collisions when the reconciled object is controller-owned by a different ClusterExtensionRevision (foreign ownerRef).
  • Add an E2E scenario covering “upgrade then duplicate install” and a new step to ensure both ClusterExtension resources are cleaned up.
  • Add unit tests validating the new “foreign revision ownerRef” collision behavior.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
internal/operator-controller/controllers/clusterextensionrevision_controller.go Adds foreign-ownerRef collision detection for ActionProgressed objects and tracks sibling CER names during reconcile.
internal/operator-controller/controllers/clusterextensionrevision_controller_test.go Adds unit coverage for foreign/sibling/non-CER controller ownerRef cases.
test/e2e/steps/steps.go Adds a step to track the currently-applied ClusterExtension for cleanup when a scenario applies a second CE.
test/e2e/features/update.feature Adds an E2E scenario asserting collisions are detected after an upgrade when installing a duplicate CE.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from a73cf6d to 8b504c8 Compare March 20, 2026 09:39
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 20, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 82.75862% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.94%. Comparing base (b240fef) to head (296ffe3).
⚠️ Report is 6 commits behind head on main.

Files with missing lines Patch % Lines
...controllers/clusterextensionrevision_controller.go 82.75% 3 Missing and 2 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2578      +/-   ##
==========================================
+ Coverage   67.81%   67.94%   +0.12%     
==========================================
  Files         137      137              
  Lines        9588     9617      +29     
==========================================
+ Hits         6502     6534      +32     
+ Misses       2586     2584       -2     
+ Partials      500      499       -1
Flag Coverage Δ
e2e 38.12% <0.00%> (+0.10%) ⬆️
experimental-e2e 51.16% <82.75%> (+0.20%) ⬆️
unit 53.07% <82.75%> (+0.13%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from 8b504c8 to 36f661c Compare March 20, 2026 14:00
Copilot AI review requested due to automatic review settings March 20, 2026 14:00
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from 36f661c to 2b87748 Compare March 20, 2026 14:13
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 changed the title 🐛 fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade 🐛 OCPBUGS-78455: fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade Mar 20, 2026
@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch 2 times, most recently from 6ad05bf to b7f071a Compare March 23, 2026 16:43
Copilot AI review requested due to automatic review settings March 23, 2026 16:43
Copilot AI reviewed Mar 23, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from b7f071a to 4bc4776 Compare March 23, 2026 17:46
Copilot AI review requested due to automatic review settings March 24, 2026 07:50
@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from 4bc4776 to b3688d3 Compare March 24, 2026 07:50
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@camilamacedo86 camilamacedo86 force-pushed the fix-issu-install-package-upgrade-same-box branch from b3688d3 to 296ffe3 Compare March 26, 2026 09:40
@camilamacedo86 camilamacedo86 changed the title 🐛 OCPBUGS-78455: fix(Boxcutter-Collision): Fix collision detection bypass after ClusterExtension upgrade 🐛 OCPBUGS-78455: fix(boxcutter): detect collision when duplicate package is installed after upgrade Mar 26, 2026
pedjak
pedjak reviewed Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@pedjak pedjak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Mar 27, 2026
@tmshort
Copy link
Copy Markdown
Contributor

tmshort commented Mar 27, 2026

/approve

@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Mar 27, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tmshort

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 27, 2026
@openshift-merge-bot openshift-merge-bot bot merged commit de9700b into operator-framework:main Mar 27, 2026
33 of 34 checks passed
@camilamacedo86 camilamacedo86 deleted the fix-issu-install-package-upgrade-same-box branch March 27, 2026 13:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pedjak pedjak pedjak left review comments

Copilot code review Copilot Copilot left review comments

@OchiengEd OchiengEd Awaiting requested review from OchiengEd

@perdasilva perdasilva Awaiting requested review from perdasilva

@grokspawn grokspawn Awaiting requested review from grokspawn

Assignees

@pedjak pedjak

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@camilamacedo86 @tmshort @pedjak @grokspawn