STP for Live Update NetworkAttachmentDefinition Reference (VEP 140)

[yossisegev]

STP Metadata

VEP issue: https://github.com/kubevirt/enhancements/blob/main/veps/sig-network/hotpluggable-nad-ref.md

What this PR does

STP for covering updating network (NAD) reference on live VMs.

Special notes for your reviewer

Summary by CodeRabbit

• Documentation
  • Added a comprehensive test plan for the Live Update NetworkAttachmentDefinition Reference feature, covering feature overview, scope, test scenarios, testing strategy (functional, automation, performance, security, compatibility, regression, upgrade), environment/tool requirements, risk/limitations, traceability, and sign-off criteria.

[coderabbitai]

Walkthrough

A new test plan document was added for the Live Update NetworkAttachmentDefinition Reference (Hotpluggable NAD Ref) feature, outlining QE strategy, detailed test scenarios, environment/tooling requirements, risk assessment, and requirements-to-test traceability for live-updating a VM's NAD reference.

Changes

Cohort / File(s)	Summary
Test Planning Documentation stps/sig-network/hotpluggable-nad-ref-stp.md	Adds a comprehensive Software Test Plan for the LiveUpdateNADRef feature, covering metadata, feature overview, detailed testing strategies (functional, automation, performance, security, compatibility, regression, upgrade), test environment and tooling, entry criteria, risks/limitations, traceability, and sign-off artifacts.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main change: adding a Software Test Plan (STP) for the Live Update NetworkAttachmentDefinition Reference feature, with VEP reference number for context.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-virtualization-qe-bot-3]

Report bugs in Issues

Welcome! 🎉

This pull request will be automatically processed with the following features:

🔄 Automatic Actions

• Reviewer Assignment: Reviewers are automatically assigned based on the OWNERS file in the repository root
• Size Labeling: PR size labels (XS, S, M, L, XL, XXL) are automatically applied based on changes
• Issue Creation: A tracking issue is created for this PR and will be closed when the PR is merged or closed
• Branch Labeling: Branch-specific labels are applied to track the target branch
• Auto-verification: Auto-verified users have their PRs automatically marked as verified
• Labels: Enabled categories: branch, can-be-merged, cherry-pick, has-conflicts, hold, needs-rebase, size, verified, wip

📋 Available Commands

PR Status Management

• /wip - Mark PR as work in progress (adds WIP: prefix to title)
• /wip cancel - Remove work in progress status
• /hold - Block PR merging (approvers only)
• /hold cancel - Unblock PR merging
• /verified - Mark PR as verified
• /verified cancel - Remove verification status
• /reprocess - Trigger complete PR workflow reprocessing (useful if webhook failed or configuration changed)
• /regenerate-welcome - Regenerate this welcome message

Review & Approval

• /lgtm - Approve changes (looks good to me)
• /approve - Approve PR (approvers only)
• /assign-reviewers - Assign reviewers based on OWNERS file
• /assign-reviewer @username - Assign specific reviewer
• /check-can-merge - Check if PR meets merge requirements

Testing & Validation

• /retest tox - Run Python test suite with tox
• /retest all - Run all available tests

Cherry-pick Operations

• /cherry-pick <branch> - Schedule cherry-pick to target branch when PR is merged
  • Multiple branches: /cherry-pick branch1 branch2 branch3

Label Management

• /<label-name> - Add a label to the PR
• /<label-name> cancel - Remove a label from the PR

✅ Merge Requirements

This PR will be automatically approved when the following conditions are met:

1. Approval: /approve from at least one approver
2. LGTM Count: Minimum 2 /lgtm from reviewers
3. Status Checks: All required status checks must pass
4. No Blockers: No WIP, hold, conflict labels
5. Verified: PR must be marked as verified (if verification is enabled)

📊 Review Process

Approvers and Reviewers

Approvers:

• EdDev

Reviewers:

• Anatw
• EdDev
• azhivovk
• servolkov
• yossisegev

Available Labels

• hold
• verified
• wip
• lgtm
• approve

💡 Tips

• WIP Status: Use /wip when your PR is not ready for review
• Verification: The verified label is automatically removed on each new commit
• Cherry-picking: Cherry-pick labels are processed when the PR is merged
• Permission Levels: Some commands require approver permissions
• Auto-verified Users: Certain users have automatic verification and merge privileges

For more information, please refer to the project documentation or contact the maintainers.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@stps/sig-network/hotpluggable-nad-ref-stp.md`:
- Line 32: Fix the typos across the document by replacing the incorrect tokens
with the corrected spellings: change "NAd reference" to "NAD reference",
"dependecny" -> "dependency", "implmenetation" -> "implementation", "backgrond"
-> "background", "letncy cannot be measured,for example" -> "latency cannot be
measured, for example", "evetually" -> "eventually", "is mot affected" -> "is
not affected", "dependancy" -> "dependency", "migartion" -> "migration",
"refelcted" -> "reflected", "environemnt" -> "environment", and "migratin" ->
"migration"; ensure you update each occurrence of the quoted phrases (e.g., the
header/text containing "NAd reference", the paragraphs with
"dependecny"/"implmenetation", the sentence with "letncy...", etc.) so the
document reads correctly and consistently.
- Around line 156-162: Update the traceability table to add a Requirement row
for the "P1 feature-gate disabled behavior" mapping the in-scope item "Verify
behavior when LiveUpdateNADRef feature-gate is disabled (attempting to change
NAD reference produces failure/error)" to a Test Scenario that attempts a
networkName update with the feature-gate off and asserts failure/error, and add
another Requirement row for "MAC preservation" mapping the in-scope item
"Verifying that guest interface identity (e.g. MAC) is preserved where
applicable" to a Test Scenario that changes NAD reference and verifies the guest
MAC is unchanged; also update the existing VEP-140 (NFR) regression row to
explicitly mention "interface hot-plug regression" in the Requirement
Summary/Test Scenario to reflect the specific regression concern named elsewhere
in the document.

[frenzyfriday]

Thanks for the STP! Lgtm in general, just a few questions/comments

[frenzyfriday]

VM owners can re-assign new networks

new networks but of the same binding type (but maybe that is already clear)

[yossisegev]

@frenzyfriday Your input is correct, but I think it's too detailed to be specified here. WDYT?

[frenzyfriday]

yeah, probably you are right!

[frenzyfriday]

Is it worth mentioning that it needs to be run on a cluster with >=2 nodes (because it will be migrating)? I mention this because we added a similar decorator in the T1 tests, not sure that is applicable here though

[yossisegev]

Such decorator is applicable in pytest, but I consider it as an implementation detail that doesn't belong here; the mentioning of "live migration enabled" covers this requirement.
WDYT?

[frenzyfriday]

With FG off it just adds a restartRequired condition to the VM I think

[yossisegev]

Again - I think that this is an implementation detail, which is out-of-scope here.
And if we test it without the FG and without actively restarting the VM then the test will fail, which is what we want. It is explicitly defined in the user story in the VEP:
As a VM owner, I should be able to re-assign VMs to a new VLAN ID, without having to reboot my VMs.
WDYT?

[frenzyfriday]

ah yes! I thought for some reason the VM would fail 🤦🏽‍♀️ . Yeah the test would fail correct.

[frenzyfriday]

User's scenarios are oblivious to the way DNC is interacted

Yes, but as per the current implementation In-place NAD swap (without migration) will not happen both with/without DNC

[yossisegev]

Actually I think that referring to the DNC method that is used is just confusing.
I am removing this line from the table, let me know what you think.

[azhivovk]

In all relevant columns need to check [x] instead of [V]

[yossisegev]

@azhivovk I am not sure that this is true (if there is an explicit requirement to mark these boxes only with "x" then please refer me to it), but anyway I changed it per your comment.

[azhivovk]

Need to rephrase this because you already mention it in the first test case

[yossisegev]

I am not sure I understand what you are asking for.
Anyway I changed the contents of the "Review Requirement" entry, please see if it make more sense to you now.

[azhivovk]

The view here is confusing so my comment was not clear, sorry
I meant that in Testability you described what's already described in the first test case under ### III. Test Scenarios & Traceability

[Anatw]

Can we consider two additional cases:

1. Negative scenario - when hot-swapping a VM's network, verify that the old network has no connectivity in the VM (e.g., ping to a target on the old network fails).
2. After NAD hot-swap, verify that the VM can be live-migrated successfully and that connectivity on the new network is preserved (same as for any VM on that network)

[yossisegev]

1. I consider this scenario as unexpected behavior, and it should not be tested.
2. Isn't it what I specified in the P0 entry?
   WDYT?

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

stps/sig-network/hotpluggable-nad-ref-stp.md (1)

91-92: ⚠️ Potential issue | 🟡 Minor

Fix remaining spelling errors in strategy table entries.

There are still typos in these rows (exisiting, reqiurement, byt, hance). Please correct them to avoid ambiguity in a formal STP.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@stps/sig-network/hotpluggable-nad-ref-stp.md` around lines 91 - 92, Fix typos
in the strategy table entries: in the row that begins with "Dependencies"
replace "exisiting" with "existing" and "reqiurement" with "requirement" (the
cell containing "KubeVirt virt-controller; Multus (just exisiting functionality,
no new reqiurement); optional DNC"), and in the "Cross Integrations" row replace
"byt" with "by" and "hance" with "hence" (the cell containing "Bridge binding in
VMs is tested byt network SIG, hance changes in bridge binding are also under
the network sig testing domain."); update only those words so the rest of the
phrasing remains unchanged.

🧹 Nitpick comments (2)

stps/sig-network/hotpluggable-nad-ref-stp.md (2)

155-161: Optionally reduce Requirement ID repetition in traceability rows.

For rows under the same epic, consider keeping the first Requirement ID populated and leaving subsequent Requirement ID cells empty to reduce redundancy.

Based on learnings: In the openshift-virtualization-tests-design-docs repository, when documenting test scenarios in the "Test Scenarios & Traceability" table where multiple test scenarios fall under the same epic, it's acceptable and preferred to leave the Requirement ID cells empty for subsequent rows after the first row which contains the epic ID.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@stps/sig-network/hotpluggable-nad-ref-stp.md` around lines 155 - 161, The
table repeats the same Requirement ID "VEP-140" across multiple rows; update the
"Test Scenarios & Traceability" table so only the first row for the epic
contains "VEP-140" in the Requirement ID column and remove (empty) the
Requirement ID cells for the subsequent rows that belong to the same epic (rows
containing the summaries "Change NAD reference on running VM...", "Migration
triggered and completes...", "RestartRequired not set...", "No regression in
secondary network...", and "Guest interface identity preserved...") to reduce
redundancy while keeping the Test Scenario(s), Tier, and Priority columns
unchanged.

---

102-102: Consider using version-range wording for long-lived STP clarity.

Instead of a single fixed version (4.22), consider phrasing as 4.22 onward (and optionally note backportability if applicable) to keep this plan accurate across releases.

Based on learnings: In the openshift-virtualization-tests-design-docs repository, when documenting "OCP & OpenShift Virtualization Version(s)" in STP test environment tables, features may specify "v4.X onward" while also noting "Can be backported to all versions."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@stps/sig-network/hotpluggable-nad-ref-stp.md` at line 102, Update the version
wording in the STP table entry for "OCP & OpenShift Virtualization Version(s)"
where "4.22" is currently used for the LiveUpdateNADRef feature: replace the
fixed "4.22" with a range-style phrase such as "4.22 onward" and optionally
append a short parenthetical note like "(can be backported where applicable)"
next to the LiveUpdateNADRef mention to indicate long-lived applicability and
backportability.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@stps/sig-network/hotpluggable-nad-ref-stp.md`:
- Line 64: The P2 goal "Verify behavior when LiveUpdateNADRef feature-gate is
disabled (e.g. attempting to change NAD reference produces failure/error)" is
not present in the traceability table; either add a corresponding mapping row in
the traceability table that references this exact P2 goal and points to the
related test cases/requirements, or remove that P2 goal line entirely if it is
out of scope; update the traceability table entries that enumerate
goals-to-tests so the P2 feature-gate-disabled scenario is consistently
represented (or removed) throughout the document.

---

Duplicate comments:
In `@stps/sig-network/hotpluggable-nad-ref-stp.md`:
- Around line 91-92: Fix typos in the strategy table entries: in the row that
begins with "Dependencies" replace "exisiting" with "existing" and "reqiurement"
with "requirement" (the cell containing "KubeVirt virt-controller; Multus (just
exisiting functionality, no new reqiurement); optional DNC"), and in the "Cross
Integrations" row replace "byt" with "by" and "hance" with "hence" (the cell
containing "Bridge binding in VMs is tested byt network SIG, hance changes in
bridge binding are also under the network sig testing domain."); update only
those words so the rest of the phrasing remains unchanged.

---

Nitpick comments:
In `@stps/sig-network/hotpluggable-nad-ref-stp.md`:
- Around line 155-161: The table repeats the same Requirement ID "VEP-140"
across multiple rows; update the "Test Scenarios & Traceability" table so only
the first row for the epic contains "VEP-140" in the Requirement ID column and
remove (empty) the Requirement ID cells for the subsequent rows that belong to
the same epic (rows containing the summaries "Change NAD reference on running
VM...", "Migration triggered and completes...", "RestartRequired not set...",
"No regression in secondary network...", and "Guest interface identity
preserved...") to reduce redundancy while keeping the Test Scenario(s), Tier,
and Priority columns unchanged.
- Line 102: Update the version wording in the STP table entry for "OCP &
OpenShift Virtualization Version(s)" where "4.22" is currently used for the
LiveUpdateNADRef feature: replace the fixed "4.22" with a range-style phrase
such as "4.22 onward" and optionally append a short parenthetical note like
"(can be backported where applicable)" next to the LiveUpdateNADRef mention to
indicate long-lived applicability and backportability.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 540b2da and e844d5c.

📒 Files selected for processing (1)

• stps/sig-network/hotpluggable-nad-ref-stp.md

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Align testing goals with traceability mapping.

Line 64 defines a P2 feature-gate-disabled goal, but the traceability table does not map that scenario. Please either add a corresponding row in Lines 155-162 or remove the goal if intentionally out of scope.

Also applies to: 155-162

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@stps/sig-network/hotpluggable-nad-ref-stp.md` at line 64, The P2 goal "Verify
behavior when LiveUpdateNADRef feature-gate is disabled (e.g. attempting to
change NAD reference produces failure/error)" is not present in the traceability
table; either add a corresponding mapping row in the traceability table that
references this exact P2 goal and points to the related test cases/requirements,
or remove that P2 goal line entirely if it is out of scope; update the
traceability table entries that enumerate goals-to-tests so the P2
feature-gate-disabled scenario is consistently represented (or removed)
throughout the document.