OCPBUGS-76961: Extends the time for the extractor liveness probe by jmesnil · Pull Request #1231 · openshift/insights-operator

jmesnil · 2026-02-16T12:54:38Z

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)

do-not-merge/work-in-progress

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d8280248-4100-4f05-909e-f31cd983866a

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests

📝 Coding Plan

Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

jmesnil · 2026-02-16T12:54:51Z

Upstream is #1198

opokornyy · 2026-02-17T07:40:43Z

/retest

Before: * `crictl info` was timing out after 2 seconds * the command was executed every 10 seconds * 2 failures were making the container unhealthy * => 10 seconds of unavailability was making the pod crash This was too constraining as there are occasions where `crictl` can be unavailable for a longer period of time (eg when the TLS CA bundle requires to restart some pods) Now: * `crictl info` is timing out after 10 seconds * the command is executed every 30 seconds * 3 failures (default) are making the container unhealthy * => 1m30s of unaivailability is making the pod crash Note: The liveness probe is used instead of the readiness probe as the container MUST crash if the crictl connection has been changed (eg following a TLS CA bundle update) and at this point, the pod must be recreated to be able to connect to cri-o socket with an updated TLS certificate. This fixes https://issues.redhat.com/browse/OCPBUGS-76961 Upstream issue is https://issues.redhat.com/browse/OCPBUGS-66996 Signed-off-by: Jeff Mesnil <jmesnil@redhat.com>

jmesnil · 2026-02-17T09:33:26Z

/jira refresh

openshift-ci-robot · 2026-02-17T09:33:30Z

@jmesnil: This pull request references Jira Issue OCPBUGS-66996, which is invalid:

expected the bug to target either version "4.20." or "openshift-4.20.", but it targets "4.22.0" instead
expected the bug to be in one of the following states: NEW, ASSIGNED, POST, but it is ON_QA instead
release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.
expected Jira Issue OCPBUGS-66996 to depend on a bug targeting a version in 4.21.0, 4.21.z and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

BaiyangZhou · 2026-02-26T02:54:38Z

/retest

BaiyangZhou · 2026-03-02T02:36:33Z

/override ci/prow/lint

BaiyangZhou · 2026-03-02T02:36:42Z

/label cherry-pick-approved

openshift-ci · 2026-03-02T02:36:49Z

@BaiyangZhou: Overrode contexts on behalf of BaiyangZhou: ci/prow/lint

Details

In response to this:

/override ci/prow/lint

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

BaiyangZhou · 2026-03-02T02:58:58Z

/verified bypass

openshift-ci-robot · 2026-03-02T02:59:09Z

@BaiyangZhou: The verified label has been added.

Details

In response to this:

/verified bypass

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

opokornyy · 2026-03-09T11:26:56Z

/jira refresh

openshift-ci-robot · 2026-03-09T11:27:00Z

@opokornyy: This pull request references Jira Issue OCPBUGS-66996, which is invalid:

expected the bug to target either version "4.20." or "openshift-4.20.", but it targets "4.22.0" instead
expected the bug to be in one of the following states: NEW, ASSIGNED, POST, but it is Verified instead
release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.
expected Jira Issue OCPBUGS-66996 to depend on a bug targeting a version in 4.21.0, 4.21.z and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

ncaak · 2026-03-19T11:11:37Z

/title OCPBUGS-76961: Extends the time for the extractor liveness probe

ncaak · 2026-03-19T11:25:27Z

/retitle OCPBUGS-76961: Extends the time for the extractor liveness probe

ncaak · 2026-03-19T11:25:57Z

/jira refresh

ncaak · 2026-03-19T11:26:11Z

/label backport-risk-assessed

openshift-ci-robot · 2026-03-19T11:26:27Z

@jmesnil: An error was encountered querying GitHub for users with public email (jmesnil@redhat.com) for bug OCPBUGS-76961 on the Jira server at https://redhat.atlassian.net. No known errors were detected, please see the full error message for details.

Full error message.


Post "http://ghproxy/graphql": dial tcp: lookup ghproxy on 172.30.0.10:53: no such host

Please contact an administrator to resolve this issue, then request a bug refresh with /jira refresh.

Details

In response to this:

Categories

Backporting

Before:

crictl info was timing out after 2 seconds

the command was executed every 10 seconds

2 failures were making the container unhealthy

=> 10 seconds of unavailability was making the pod crash

This was too constraining as there are occasions where crictl can be unavailable for a longer period of time (eg when the TLS CA bundle requires to restart some pods)

Now:

crictl info is timing out after 10 seconds

the command is executed every 30 seconds

3 failures (default) are making the container unhealthy

=> 1m30s of unaivailability is making the pod crash

Note: The liveness probe is used instead of the readiness probe as the container MUST crash if the crictl connection has been changed (eg following a TLS CA bundle update) and at this point, the pod must be recreated to be able to connect to cri-o socket with an updated TLS certificate.

This fixes https://issues.redhat.com/browse/OCPBUGS-76961
Upstream issue is https://issues.redhat.com/browse/OCPBUGS-66996

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2026-03-19T11:26:31Z

@jmesnil:

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Categories

Backporting

Before:

crictl info was timing out after 2 seconds

the command was executed every 10 seconds

2 failures were making the container unhealthy

=> 10 seconds of unavailability was making the pod crash

This was too constraining as there are occasions where crictl can be unavailable for a longer period of time (eg when the TLS CA bundle requires to restart some pods)

Now:

crictl info is timing out after 10 seconds

the command is executed every 30 seconds

3 failures (default) are making the container unhealthy

=> 1m30s of unaivailability is making the pod crash

Note: The liveness probe is used instead of the readiness probe as the container MUST crash if the crictl connection has been changed (eg following a TLS CA bundle update) and at this point, the pod must be recreated to be able to connect to cri-o socket with an updated TLS certificate.

This fixes https://issues.redhat.com/browse/OCPBUGS-76961
Upstream issue is https://issues.redhat.com/browse/OCPBUGS-66996

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2026-03-19T11:26:33Z

@ncaak: This pull request references Jira Issue OCPBUGS-76961, which is valid.

7 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.20.z) matches configured target version for branch (4.20.z)
bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)
release note type set to "Release Note Not Required"
dependent bug Jira Issue OCPBUGS-76960 is in the state Closed (Done), which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
dependent Jira Issue OCPBUGS-76960 targets the "4.21.0" version, which is one of the valid target versions: 4.21.0, 4.21.z
bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Jira (jmesnil@redhat.com), skipping review request.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

ncaak · 2026-03-19T11:27:08Z

/approve

ncaak

/lgtm

openshift-ci · 2026-03-19T11:30:31Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jmesnil, ncaak

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [ncaak]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

opokornyy · 2026-03-20T07:48:44Z

/retest

openshift-ci · 2026-03-20T10:48:51Z

@jmesnil: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci-robot · 2026-03-20T10:52:53Z

@jmesnil: Jira Issue Verification Checks: Jira Issue OCPBUGS-76961
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-76961 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

Categories

Backporting

Before:

crictl info was timing out after 2 seconds

the command was executed every 10 seconds

2 failures were making the container unhealthy

=> 10 seconds of unavailability was making the pod crash

This was too constraining as there are occasions where crictl can be unavailable for a longer period of time (eg when the TLS CA bundle requires to restart some pods)

Now:

crictl info is timing out after 10 seconds

the command is executed every 30 seconds

3 failures (default) are making the container unhealthy

=> 1m30s of unaivailability is making the pod crash

Note: The liveness probe is used instead of the readiness probe as the container MUST crash if the crictl connection has been changed (eg following a TLS CA bundle update) and at this point, the pod must be recreated to be able to connect to cri-o socket with an updated TLS certificate.

This fixes https://issues.redhat.com/browse/OCPBUGS-76961
Upstream issue is https://issues.redhat.com/browse/OCPBUGS-66996

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Feb 16, 2026

openshift-ci Bot requested review from ncaak and opokornyy February 16, 2026 12:55

jmesnil force-pushed the OCPBUGS-66996_4.20 branch from 5186e84 to 63dbf6f Compare February 17, 2026 09:32

openshift-ci Bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Mar 2, 2026

openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Mar 2, 2026

openshift-ci Bot changed the title ~~[release-4.20] OCPBUGS-66996: Extends the time for the extractor liveness probe~~ OCPBUGS-76961: Extends the time for the extractor liveness probe Mar 19, 2026

openshift-ci Bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Mar 19, 2026

openshift-ci-robot added the jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. label Mar 19, 2026

openshift-ci-robot removed the jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. label Mar 19, 2026

ncaak approved these changes Mar 19, 2026

View reviewed changes

openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 19, 2026

openshift-ci Bot assigned ncaak Mar 19, 2026

openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Mar 19, 2026

openshift-merge-bot Bot merged commit 385e38c into openshift:release-4.20 Mar 20, 2026
12 checks passed

Conversation

jmesnil commented Feb 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Categories

Uh oh!

openshift-ci-robot commented Feb 16, 2026

Categories

Uh oh!

coderabbitai Bot commented Feb 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Review skipped

Uh oh!

jmesnil commented Feb 16, 2026

Uh oh!

opokornyy commented Feb 17, 2026

Uh oh!

jmesnil commented Feb 17, 2026

Uh oh!

openshift-ci-robot commented Feb 17, 2026

Uh oh!

BaiyangZhou commented Feb 26, 2026

Uh oh!

BaiyangZhou commented Mar 2, 2026

Uh oh!

BaiyangZhou commented Mar 2, 2026

Uh oh!

openshift-ci Bot commented Mar 2, 2026

Uh oh!

BaiyangZhou commented Mar 2, 2026

Uh oh!

openshift-ci-robot commented Mar 2, 2026

Uh oh!

opokornyy commented Mar 9, 2026

Uh oh!

openshift-ci-robot commented Mar 9, 2026

Uh oh!

ncaak commented Mar 19, 2026

Uh oh!

ncaak commented Mar 19, 2026

Uh oh!

ncaak commented Mar 19, 2026

Uh oh!

ncaak commented Mar 19, 2026

Uh oh!

openshift-ci-robot commented Mar 19, 2026

Categories

Uh oh!

openshift-ci-robot commented Mar 19, 2026

Categories

Uh oh!

openshift-ci-robot commented Mar 19, 2026

Uh oh!

ncaak commented Mar 19, 2026

Uh oh!

ncaak left a comment

Choose a reason for hiding this comment

Uh oh!

openshift-ci Bot commented Mar 19, 2026

Uh oh!

opokornyy commented Mar 20, 2026

Uh oh!

openshift-ci Bot commented Mar 20, 2026

Uh oh!

Uh oh!

openshift-ci-robot commented Mar 20, 2026

Categories

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

jmesnil commented Feb 16, 2026 •

edited

Loading

coderabbitai Bot commented Feb 16, 2026 •

edited

Loading