OTA-1548: set up accepted risks

[hongkailiu]

With OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true, a new command oc adm upgrade accept is enabled. It accepts comma-separated risks exposed to an OpenShift release [1].

The risks are stored in clusterversion/version's .specs.desiredUpdate.acceptRisks.

[1]. https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#understanding-clusterversion-conditiontypes_understanding-openshift-updates

Summary by CodeRabbit

• New Features

  • Added a CLI command to manage accepting conditional update risks.

• Improvements

  • Upgrade flow now preserves accepted risks when constructing or clearing updates.
  • Rollback command is now visible in the CLI.

• Tests

  • Added unit tests covering add/remove/replace/clear risk behaviors.

• Chores

  • Updated dependencies.

• Style

  • Expanded describer exceptions for an additional API group/version.

[openshift-ci-robot]

@hongkailiu: This pull request references OTA-1548 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

With OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true, a new command oc adm upgrade accept is enabled. It accepts comma-separated risks exposed to an OpenShift release [1].

The risks are stored in clusterversion/version's .specs.desiredUpdate.acceptRisks.

[1]. https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#understanding-clusterversion-conditiontypes_understanding-openshift-updates

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Walkthrough

Adds a new Cobra subcommand to manage ClusterVersion.spec.desiredUpdate.acceptRisks, wires it behind a feature gate, propagates AcceptRisks handling into upgrade and cancel flows, bumps two dependencies, adds unit tests for risk computation, and makes small CLI/describer test adjustments. (≤50 words)

Changes

Cohort / File(s)	Summary
Accept Risk Command pkg/cli/admin/upgrade/accept/accept.go, pkg/cli/admin/upgrade/accept/accept_test.go	New Cobra command (New) to add/remove/replace/clear accept risks; introduces clusterVersionInterface, options with Complete/Run, getAcceptRisks, patchDesiredUpdate, validation logic, and unit tests for getAcceptRisks.
Upgrade CLI integration & AcceptRisks propagation pkg/cli/admin/upgrade/upgrade.go	Wired new accept subcommand behind OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS; changed update/cancel flows to preserve and propagate spec.desiredUpdate.acceptRisks into patches and update objects rather than always clearing them.
CLI visibility change pkg/cli/admin/upgrade/rollback/rollback.go	Removed Hidden: true from the rollback cobra.Command, making the rollback command visible (minor formatting adjustments).
Tests / Describer exceptions pkg/helpers/describe/describer_test.go	Added {Group: "apiextensions.openshift.io", Version: "v1alpha1"} to MissingDescriberGroupCoverageExceptions.
Dependencies go.mod	Bumped github.com/openshift/api and github.com/openshift/client-go versions in the require block.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI as "oc upgrade accept\n(Cobra cmd)"
    participant Client as "ClusterVersion client"
    participant API as "Kubernetes API / ClusterVersion"

    User->>CLI: invoke command (tokens, --replace/--clear)
    CLI->>CLI: parse flags, validate args
    CLI->>Client: GET ClusterVersion
    Client->>API: request cv
    API-->>Client: return cv (includes spec.desiredUpdate.acceptRisks)
    Client-->>CLI: return cv
    CLI->>CLI: compute new acceptRisks (getAcceptRisks)
    alt changes required
        CLI->>Client: PATCH ClusterVersion (JSON Merge Patch)
        Client->>API: apply patch
        API-->>Client: patched cv
        Client-->>CLI: success
        CLI->>User: print updated acceptRisks
    else no changes
        CLI->>User: print "no changes"
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

---

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (2 warnings, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Test Structure And Quality	⚠️ Warning	Test file accept_test.go lacks comprehensive tests for public methods Complete and Run, only testing internal helper getAcceptRisks function.	Add unit tests for Complete and Run methods with mocked cluster interfaces following rollback_test.go pattern and test patchDesiredUpdate helper function.
Stable And Deterministic Test Names	❓ Inconclusive	Test files referenced in PR summary could not be located in repository for verification of dynamic test name patterns.	Provide access to test files mentioned in PR summary to verify test names contain no dynamic information that changes between runs.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'OTA-1548: set up accepted risks' clearly identifies the main change: introducing a new accept subcommand for managing accepted risks in cluster upgrades, which aligns with the primary objective of the PR.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

pkg/cli/admin/upgrade/accept/accept.go (1)

134-136: Placeholder logic pending API update.

The hardcoded fake risks bypass actual ClusterVersion data. Ensure this is tracked for completion once the o/api dependency is updated.

Would you like me to open an issue to track this TODO?

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between f68dc90 and 42ccc9a.

📒 Files selected for processing (2)

• pkg/cli/admin/upgrade/accept/accept.go
• pkg/cli/admin/upgrade/upgrade.go

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• pkg/cli/admin/upgrade/accept/accept.go
• pkg/cli/admin/upgrade/upgrade.go

🧬 Code graph analysis (2)

pkg/cli/admin/upgrade/accept/accept.go (1)

pkg/cli/admin/upgrade/upgrade.go (1)

• New (56-132)

pkg/cli/admin/upgrade/upgrade.go (1)

pkg/cli/admin/upgrade/accept/accept.go (1)

• New (29-57)

🔇 Additional comments (1)

pkg/cli/admin/upgrade/upgrade.go (1)

28-28: LGTM!

The import and feature gate wiring follow the established pattern used for the status and rollback subcommands.

Also applies to: 126-128

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: hongkailiu
Once this PR has been reviewed and has the lgtm label, please assign atiratree for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[hongkailiu]

I will wait a bit on

• e2e utilities from https://github.com/openshift/oc/pull/2181/files#diff-c3b02e1c6c92fc59f6b49a20a38dbf177d8bf4189579639ab6e08a329b85cf59?target=https://github.com
• bump o/api from the team.

[hongkailiu]

Cluster bot: launch 4.22.0-0.nightly aws,techpreview. Note that the new accept cmd probably wont work with a cluster in 4.21. But i have not tested myself.

Testing results with 583aa51:

CGO_CFLAGS="-I/opt/homebrew/opt/heimdal/include" make oc                   
go build -mod=vendor -tags 'include_gcs include_oss containers_image_openpgp gssapi' -ldflags "-X github.com/openshift/oc/pkg/version.versionFromGit="v4.2.0-alpha.0-2854-g072f397" -X github.com/openshift/oc/pkg/version.commitFromGit="072f397b9" -X github.com/openshift/oc/pkg/version.gitTreeState="dirty" -X github.com/openshift/oc/pkg/version.buildDate="2026-01-26T02:45:16Z" -X k8s.io/component-base/version.gitMajor="1" -X k8s.io/component-base/version.gitMinor="34" -X k8s.io/component-base/version.gitVersion="v1.34.1" -X k8s.io/component-base/version.gitCommit="072f397b9" -X k8s.io/component-base/version.buildDate="2026-01-26T02:45:14Z" -X k8s.io/component-base/version.gitTreeState="clean" -X k8s.io/client-go/pkg/version.gitVersion="v4.2.0-alpha.0-2854-g072f397" -X k8s.io/client-go/pkg/version.gitCommit="072f397b9" -X k8s.io/client-go/pkg/version.buildDate="2026-01-26T02:45:14Z" -X k8s.io/client-go/pkg/version.gitTreeState="dirty"" github.com/openshift/oc/cmd/oc

$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB
info: Accept risks are [riskA, riskB]
$ oc get clusterversion version -o yaml | yq -y .spec.desiredUpdate          
acceptRisks:
  - name: riskA
  - name: riskB
architecture: ''
force: false
image: registry.build07.ci.openshift.org/ci-ln-gz13mrk/release@sha256:9cd1f1b0227f6f61ae6a921a12fedc1d89a73733a12ba2f2b98620c00e6b65cb
version: 4.22.0-0.nightly-2026-01-24-213011
$  OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept --clear                  
info: Accept risks are []
$ oc get clusterversion version -o yaml | yq -y .spec.desiredUpdate      
architecture: ''
force: false
image: registry.build07.ci.openshift.org/ci-ln-gz13mrk/release@sha256:9cd1f1b0227f6f61ae6a921a12fedc1d89a73733a12ba2f2b98620c00e6b65cb
version: 4.22.0-0.nightly-2026-01-24-213011
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB
info: Accept risks are [riskA, riskB]
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade --to-image quay.io/openshift-release-dev/ocp-release@sha256:eea721e62d3a06a742adc3d10d9c430af061694d558da9a8d9a17c52a342ddd4 --force --allow-explicit-upgrade --allow-upgrade-with-warnings
warning: The requested upgrade image is not one of the available updates. You have used --allow-explicit-upgrade for the update to proceed anyway
warning: --force overrides cluster verification of your supplied release image and waives any update precondition failures. Only use this if you are testing unsigned release images or you are working around a known bug in the cluster-version operator and you have verified the authenticity of the provided image yourself.
Requested update to release image quay.io/openshift-release-dev/ocp-release@sha256:eea721e62d3a06a742adc3d10d9c430af061694d558da9a8d9a17c52a342ddd4
$ oc get clusterversion version -o yaml | yq -y .spec.desiredUpdate          
acceptRisks:
  - name: riskA
  - name: riskB
architecture: ''
force: true
image: quay.io/openshift-release-dev/ocp-release@sha256:eea721e62d3a06a742adc3d10d9c430af061694d558da9a8d9a17c52a342ddd4
version: ''
$ ✗ oc adm upgrade status                                            
Unable to fetch alerts, ignoring alerts in 'Update Health':  no token is currently in use for this session
= Control Plane =
Assessment:      Progressing
Target Version:  4.22.0-ec.1 (from 4.22.0-0.nightly-2026-01-24-213011)
...

So we showed that the patchDesiredUpdate function keeps the cv.spec.desiredUpdate.acceptRisks intact.

oc/pkg/cli/admin/upgrade/upgrade.go

Line 688 in 90d7ae6

func patchDesiredUpdate(ctx context.Context, update *configv1.Update, client configv1client.Interface,

[hongkailiu]

Tested with 254493c

launch 4.22.0-0.nightly aws,techpreview

$ CGO_CFLAGS="-I/opt/homebrew/opt/heimdal/include" make oc
$  oc git:(accept-cmd) OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB
info: Accept risks are [riskB, riskC, riskA]
$ oc git:(accept-cmd) OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept --clear    
info: Accept risks are []
$ oc git:(accept-cmd) OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept --clear
info: Accept risks are not changed
$ oc git:(accept-cmd) OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB
info: Accept risks are [riskA, riskB]
$ oc git:(accept-cmd) OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB,riskC
info: Accept risks are [riskA, riskB, riskC]
$ oc git:(accept-cmd) OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB --replace
info: Accept risks are [riskA, riskB]
$ oc git:(accept-cmd) oc get clusterversion version -o yaml | yq -y .spec                                  
clusterID: 47dcb252-4e3b-4eb8-97d7-64ec7dbe4ff4
desiredUpdate:
  acceptRisks:
    - name: riskA
    - name: riskB
  architecture: ''
  force: false
  image: ''
  version: ''
overrides:
  - group: config.openshift.io

[JianLi-RH]

I just noticed an issue that we do not show help info for accept command, same issue to rollback command.
I think both accept and rollback are sub-command to oc adm upgrade, like channel, recommend and status, we should describe them for help.

Right now there are descriptions for channel, recommend and status:

[jianl@jianl-thinkpadt14gen4 422]$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade --help | grep -A5 "Available Commands:"
Available Commands:
  channel       Set or clear the update channel
  recommend     Displays cluster update recommendations.
  status        Display the status of the current cluster version update or multi-arch migration

Options:
[jianl@jianl-thinkpadt14gen4 422]$ 

[JianLi-RH]

#2170 (comment)

@hongkailiu I mean we need a command help info, like what we have for channel, recommend and status, otherwise customer will not know there is subcommand in oc adm upgrade.

[openshift-ci-robot]

@hongkailiu: This pull request references OTA-1548 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

With OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true, a new command oc adm upgrade accept is enabled. It accepts comma-separated risks exposed to an OpenShift release [1].

The risks are stored in clusterversion/version's .specs.desiredUpdate.acceptRisks.

[1]. https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#understanding-clusterversion-conditiontypes_understanding-openshift-updates

Summary by CodeRabbit

Release Notes

• New Features

• Added a new command to accept conditional update risks for cluster upgrades.

• Improvements

• Enhanced upgrade flow to preserve accepted risks during cluster update operations.

• Rollback command is now visible in the CLI.

• Chores

• Updated underlying dependencies.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (2)

pkg/cli/admin/upgrade/upgrade.go (1)

236-236: Use existing request context for the clear patch call.

At Line [236], using context.TODO() bypasses the ctx already established in this method. Prefer passing ctx for cancellation/deadline propagation.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/upgrade.go` at line 236, The Patch call using
context.TODO() should use the existing request context for cancellation/deadline
propagation: replace the context.TODO() argument in
o.Client.ConfigV1().ClusterVersions().Patch(...) with the method's ctx variable
so the Patch operation honors the caller's context.

pkg/cli/admin/upgrade/accept/accept.go (1)

57-57: Remove commented-out command config.

At Line [57], stale commented code (//Hidden: true,) is confusing now that visibility is intentional.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` at line 57, Remove the stale
commented-out command configuration line "//Hidden:  true," from the accept
command definition to avoid confusion; locate the accept command (e.g., the
acceptCmd or NewAcceptCmd command/constructor in accept.go) and delete that
commented line so the command configuration contains only active fields.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pkg/cli/admin/upgrade/accept/accept_test.go`:
- Around line 55-56: The test's diff argument order is inverted: change the
cmp.Diff call in the accept_test.go assertion from cmp.Diff(actual,
testCase.expected) to cmp.Diff(testCase.expected, actual) so the produced diff
matches the "(-want +got)" label; this affects the assertion around
getAcceptRisks() where variables actual and testCase.expected are compared using
cmp.Diff.

In `@pkg/cli/admin/upgrade/accept/accept.go`:
- Line 49: The long help text for the accept command contains a typo: change the
phrase "excepted risks" to "accepted risks" in the long description string (the
Long/LongHelp text associated with the accept command, e.g., in the acceptCmd
declaration or its help variable in accept.go) so the user-facing help displays
"accepted risks".
- Around line 155-156: The call to patchDesiredUpdate currently uses
context.TODO(), which prevents Run(ctx) cancellation/timeouts from propagating;
change the call to pass the incoming context (ctx) instead. Locate the
invocation of patchDesiredUpdate in the accept flow (the call using
patchDesiredUpdate(context.TODO(), acceptRisks,
o.Client.ConfigV1().ClusterVersions(), "version")) and replace the placeholder
context with the Run(ctx) parameter so patchDesiredUpdate receives the caller's
context; ensure any surrounding functions (e.g., Run(ctx)) keep ctx in scope and
thread it through to this call.

In `@pkg/cli/admin/upgrade/upgrade.go`:
- Around line 269-271: The code dereferences cv.Spec.DesiredUpdate.AcceptRisks
without guarding for nil; update the logic around the assignment to
update.AcceptRisks so you first check that cv.Spec != nil and
cv.Spec.DesiredUpdate != nil before reading AcceptRisks (and fall back to a safe
default, e.g. false, when DesiredUpdate is nil). Apply the same nil-check fix at
the other occurrence referencing cv.Spec.DesiredUpdate.AcceptRisks (the second
instance noted) so both reads are protected and cannot panic.

---

Nitpick comments:
In `@pkg/cli/admin/upgrade/accept/accept.go`:
- Line 57: Remove the stale commented-out command configuration line "//Hidden: 
true," from the accept command definition to avoid confusion; locate the accept
command (e.g., the acceptCmd or NewAcceptCmd command/constructor in accept.go)
and delete that commented line so the command configuration contains only active
fields.

In `@pkg/cli/admin/upgrade/upgrade.go`:
- Line 236: The Patch call using context.TODO() should use the existing request
context for cancellation/deadline propagation: replace the context.TODO()
argument in o.Client.ConfigV1().ClusterVersions().Patch(...) with the method's
ctx variable so the Patch operation honors the caller's context.

---

ℹ️ Review info

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 42ccc9a and 2153086.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (6)

• go.mod
• pkg/cli/admin/upgrade/accept/accept.go
• pkg/cli/admin/upgrade/accept/accept_test.go
• pkg/cli/admin/upgrade/rollback/rollback.go
• pkg/cli/admin/upgrade/upgrade.go
• pkg/helpers/describe/describer_test.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix cmp.Diff argument order in failure output.

At Line [55], cmp.Diff(actual, testCase.expected) conflicts with the (-want +got) label and inverts diff semantics.

Proposed fix

-			if diff := cmp.Diff(actual, testCase.expected); diff != "" {
+			if diff := cmp.Diff(testCase.expected, actual); diff != "" {
 				t.Errorf("getAcceptRisks() mismatch (-want +got):\n%s", diff)
 			}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if diff := cmp.Diff(actual, testCase.expected); diff != "" {
	t.Errorf("getAcceptRisks() mismatch (-want +got):\n%s", diff)
	if diff := cmp.Diff(testCase.expected, actual); diff != "" {
	t.Errorf("getAcceptRisks() mismatch (-want +got):\n%s", diff)
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept_test.go` around lines 55 - 56, The test's
diff argument order is inverted: change the cmp.Diff call in the accept_test.go
assertion from cmp.Diff(actual, testCase.expected) to
cmp.Diff(testCase.expected, actual) so the produced diff matches the "(-want
+got)" label; this affects the assertion around getAcceptRisks() where variables
actual and testCase.expected are compared using cmp.Diff.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

User-facing typo in long help text.

At Line [49], “excepted risks” should be “accepted risks”.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` at line 49, The long help text for
the accept command contains a typo: change the phrase "excepted risks" to
"accepted risks" in the long description string (the Long/LongHelp text
associated with the accept command, e.g., in the acceptCmd declaration or its
help variable in accept.go) so the user-facing help displays "accepted risks".

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Use the passed context for patch calls.

At Line [155], context.TODO() ignores the caller context from Run(ctx), so cancellation/timeouts won’t propagate to the API call.

Proposed fix

-		if err := patchDesiredUpdate(context.TODO(), acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version"); err != nil {
+		if err := patchDesiredUpdate(ctx, acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version"); err != nil {
 			return err
 		}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` around lines 155 - 156, The call to
patchDesiredUpdate currently uses context.TODO(), which prevents Run(ctx)
cancellation/timeouts from propagating; change the call to pass the incoming
context (ctx) instead. Locate the invocation of patchDesiredUpdate in the accept
flow (the call using patchDesiredUpdate(context.TODO(), acceptRisks,
o.Client.ConfigV1().ClusterVersions(), "version")) and replace the placeholder
context with the Run(ctx) parameter so patchDesiredUpdate receives the caller's
context; ensure any surrounding functions (e.g., Run(ctx)) keep ctx in scope and
thread it through to this call.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Guard cv.Spec.DesiredUpdate before reading AcceptRisks.

At Line [270] and Line [411], dereferencing cv.Spec.DesiredUpdate.AcceptRisks can panic when cv.Spec.DesiredUpdate == nil (valid state for clusters with no desired update set).

Proposed fix

-		if update != nil {
-			update.AcceptRisks = cv.Spec.DesiredUpdate.AcceptRisks
-		}
+		if cv.Spec.DesiredUpdate != nil {
+			update.AcceptRisks = append([]configv1.AcceptRisk(nil), cv.Spec.DesiredUpdate.AcceptRisks...)
+		}
...
-		update.AcceptRisks = cv.Spec.DesiredUpdate.AcceptRisks
+		if cv.Spec.DesiredUpdate != nil {
+			update.AcceptRisks = append([]configv1.AcceptRisk(nil), cv.Spec.DesiredUpdate.AcceptRisks...)
+		}

Also applies to: 411-411

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/upgrade.go` around lines 269 - 271, The code
dereferences cv.Spec.DesiredUpdate.AcceptRisks without guarding for nil; update
the logic around the assignment to update.AcceptRisks so you first check that
cv.Spec != nil and cv.Spec.DesiredUpdate != nil before reading AcceptRisks (and
fall back to a safe default, e.g. false, when DesiredUpdate is nil). Apply the
same nil-check fix at the other occurrence referencing
cv.Spec.DesiredUpdate.AcceptRisks (the second instance noted) so both reads are
protected and cannot panic.

[hongkailiu]

$ git --no-pager log --pretty=oneline -1
506aaa41ab10afc01415cf65a4d5e1250953d4c8 (HEAD -> accept-cmd) Stop hiding rollback cmd

$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true OC_ENABLE_CMD_UPGRADE_ROLLBACK=true ./oc adm upgrade -h | grep 'Available Commands:' -A 7
Available Commands:
  accept        Accept risks exposed to conditional updates.
  channel       Set or clear the update channel
  recommend     Displays cluster update recommendations.
  rollback      Rollback the cluster to the previous release.
  status        Display the status of the current cluster version update or multi-arch migration

Options:

$ OC_ENABLE_CMD_UPGRADE_ROLLBACK=true ./oc adm upgrade -h | grep 'Available Commands:' -A 7                                        
Available Commands:
  channel       Set or clear the update channel
  recommend     Displays cluster update recommendations.
  rollback      Rollback the cluster to the previous release.
  status        Display the status of the current cluster version update or multi-arch migration

Options:
    --allow-explicit-upgrade=false:

$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade -h | grep 'Available Commands:' -A 7                                    
Available Commands:
  accept        Accept risks exposed to conditional updates.
  channel       Set or clear the update channel
  recommend     Displays cluster update recommendations.
  status        Display the status of the current cluster version update or multi-arch migration

Options:
    --allow-explicit-upgrade=false:

$ ./oc adm upgrade -h | grep 'Available Commands:' -A 7
Available Commands:
  channel       Set or clear the update channel
  recommend     Displays cluster update recommendations.
  status        Display the status of the current cluster version update or multi-arch migration

Options:
    --allow-explicit-upgrade=false:
        Upgrade even if the upgrade target is not listed in the available versions list.

Also did a search: Probable they are hidden because those cmd are deprecated and not yet removed from the code base. I knew it is the case for create_kubeconfig. So the users are not supposed to see them.

$ rg 'Hidden:' -g '!vendor/'
pkg/cli/serviceaccounts/newtoken.go
83:             Hidden:     true,

pkg/cli/serviceaccounts/create_kubeconfig.go
68:             Hidden:     true,

pkg/cli/serviceaccounts/subcommand.go
26:             Hidden:     true,

pkg/cli/serviceaccounts/gettoken.go
63:             Hidden:     true,

[JianLi-RH]

Some invalid behavior need your confirm:

[jianl@jianl-thinkpadt14gen4 422]$ ./oc adm upgrade accept -SomeInfrastructureThing --replace
error: unknown shorthand flag: 'S' in -SomeInfrastructureThing
See 'oc adm upgrade accept --help' for usage.
[jianl@jianl-thinkpadt14gen4 422]$ 
[jianl@jianl-thinkpadt14gen4 422]$ 
[jianl@jianl-thinkpadt14gen4 422]$ 
[jianl@jianl-thinkpadt14gen4 422]$ ./oc adm upgrade accept "-SomeInfrastructureThing" --replace
error: unknown shorthand flag: 'S' in -SomeInfrastructureThing
See 'oc adm upgrade accept --help' for usage.
[jianl@jianl-thinkpadt14gen4 422]$ 
[jianl@jianl-thinkpadt14gen4 422]$ ./oc adm upgrade accept '-SomeInfrastructureThing' --replace
error: unknown shorthand flag: 'S' in -SomeInfrastructureThing
See 'oc adm upgrade accept --help' for usage.
[jianl@jianl-thinkpadt14gen4 422]$ 

[hongkailiu]

[jianl@jianl-thinkpadt14gen4 422]$ ./oc adm upgrade accept -SomeInfrastructureThing --replace
error: unknown shorthand flag: 'S' in -SomeInfrastructureThing

You found a design flaw. We should use riskA- to remove, instead of -riskA. I will fix it tomorrow.

$ oc label -h | grep remov -A3
  # Update pod 'foo' by removing a label named 'bar' if it exists
  # Does not require the --overwrite flag
  oc label pods foo bar-

[openshift-ci-robot]

@hongkailiu: This pull request references OTA-1548 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

With OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true, a new command oc adm upgrade accept is enabled. It accepts comma-separated risks exposed to an OpenShift release [1].

The risks are stored in clusterversion/version's .specs.desiredUpdate.acceptRisks.

[1]. https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#understanding-clusterversion-conditiontypes_understanding-openshift-updates

Summary by CodeRabbit

• New Features

• Added a CLI command to manage accepting conditional update risks.

• Improvements

• Upgrade flow now preserves accepted risks when constructing or clearing updates.

• Rollback command is now visible in the CLI.

• Tests

• Added unit tests covering risk-add/remove/replace/clear behaviors.

• Chores

• Updated dependencies.

• Style

• Expanded describer exceptions for additional API group/version.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[hongkailiu]

$ git --no-pager log --pretty=oneline -1
ddb58895eb8d4ee9fc6edfa6a5b492139e51e0ec (HEAD -> accept-cmd) Use risk- for removal instead of -risk
$ CGO_CFLAGS="-I/opt/homebrew/opt/heimdal/include" make oc

$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB
info: Accept risks are [riskA, riskB]
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept --clear
info: Accept risks are []
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept --clear
info: Accept risks are not changed
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB
info: Accept risks are [riskA, riskB]
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB,riskC
info: Accept risks are [riskA, riskB, riskC]
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB --replace
info: Accept risks are [riskA, riskB]
$ oc get clusterversion version -o yaml | yq -y .spec
channel: simple
clusterID: 250943dd-e3b5-4010-b554-bf67572256d4
desiredUpdate:
  acceptRisks:
    - name: riskA
    - name: riskB
  architecture: ''
  force: false
  image: quay.io/openshift-release-dev/ocp-release@sha256:00000000000000000000000000000000000000000000000000000000003d5ef1
  version: 4.22.1
overrides:
  - group: config.openshift.io
    kind: ClusterImagePolicy
    name: openshift
    namespace: ''
    unmanaged: true
upstream: https://fauxinnati-fauxinnati.apps.ota-stage.q2z4.p1.openshiftapps.com/api/upgrades_info/graph
$ OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true ./oc adm upgrade accept riskA,riskB-
info: Accept risks are [riskA]
$ oc get clusterversion version -o yaml | yq -y .spec
channel: simple
clusterID: 250943dd-e3b5-4010-b554-bf67572256d4
desiredUpdate:
  acceptRisks:
    - name: riskA
  architecture: ''
  force: false
  image: quay.io/openshift-release-dev/ocp-release@sha256:00000000000000000000000000000000000000000000000000000000003d5ef1
  version: 4.22.1
overrides:
  - group: config.openshift.io
    kind: ClusterImagePolicy
    name: openshift
    namespace: ''
    unmanaged: true
upstream: https://fauxinnati-fauxinnati.apps.ota-stage.q2z4.p1.openshiftapps.com/api/upgrades_info/graph

[coderabbitai]

♻️ Duplicate comments (2)

pkg/cli/admin/upgrade/accept/accept.go (2)

154-154: ⚠️ Potential issue | 🟠 Major

Propagate Run(ctx) context to the patch request.

Line [154] uses context.TODO(), so command cancellation/timeouts won’t reach the API patch call.

✅ Proposed fix

-		if err := patchDesiredUpdate(context.TODO(), acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version"); err != nil {
+		if err := patchDesiredUpdate(ctx, acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version"); err != nil {
 			return err
 		}

#!/bin/bash
# Verify there are no remaining patch calls that drop caller context in this file
rg -nP 'patchDesiredUpdate\(context\.TODO\(' pkg/cli/admin/upgrade/accept/accept.go

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` at line 154, The patch call uses
context.TODO() which drops the caller's Run(ctx) cancellation/timeout; change
the call to pass the incoming context (use the Run(ctx) parameter) instead of
context.TODO() so the API patch request inherits caller cancellation. Update the
invocation of patchDesiredUpdate(...) in accept.go to use the ctx variable from
Run(ctx) and ensure any helper wrappers (patchDesiredUpdate) accept and forward
that context if not already.

---

49-49: ⚠️ Potential issue | 🟡 Minor

Fix user-facing typo in help text.

Line [49] says “excepted risks”; this should be “accepted risks”.

✏️ Proposed fix

-		Passing --clear removes all existing excepted risks.
+		Passing --clear removes all existing accepted risks.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` at line 49, Update the user-facing
help text for the --clear flag: find the help/usage string that currently reads
"Passing --clear removes all existing excepted risks." (the --clear flag's
description in the accept command) and change "excepted risks" to "accepted
risks" so it reads "Passing --clear removes all existing accepted risks." Ensure
only the typo in the flag description is changed.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@pkg/cli/admin/upgrade/accept/accept.go`:
- Line 154: The patch call uses context.TODO() which drops the caller's Run(ctx)
cancellation/timeout; change the call to pass the incoming context (use the
Run(ctx) parameter) instead of context.TODO() so the API patch request inherits
caller cancellation. Update the invocation of patchDesiredUpdate(...) in
accept.go to use the ctx variable from Run(ctx) and ensure any helper wrappers
(patchDesiredUpdate) accept and forward that context if not already.
- Line 49: Update the user-facing help text for the --clear flag: find the
help/usage string that currently reads "Passing --clear removes all existing
excepted risks." (the --clear flag's description in the accept command) and
change "excepted risks" to "accepted risks" so it reads "Passing --clear removes
all existing accepted risks." Ensure only the typo in the flag description is
changed.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 7975d16a-f314-43b5-908f-12d70d662137

📥 Commits

Reviewing files that changed from the base of the PR and between 2153086 and ddb5889.

📒 Files selected for processing (2)

• pkg/cli/admin/upgrade/accept/accept.go
• pkg/cli/admin/upgrade/rollback/rollback.go

🚧 Files skipped from review as they are similar to previous changes (1)

• pkg/cli/admin/upgrade/rollback/rollback.go

[openshift-ci-robot]

@hongkailiu: This pull request references OTA-1548 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

With OC_ENABLE_CMD_UPGRADE_ACCEPT_RISKS=true, a new command oc adm upgrade accept is enabled. It accepts comma-separated risks exposed to an OpenShift release [1].

The risks are stored in clusterversion/version's .specs.desiredUpdate.acceptRisks.

[1]. https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#understanding-clusterversion-conditiontypes_understanding-openshift-updates

Summary by CodeRabbit

• New Features

• Added a CLI command to manage accepting conditional update risks.

• Improvements

• Upgrade flow now preserves accepted risks when constructing or clearing updates.

• Rollback command is now visible in the CLI.

• Tests

• Added unit tests covering add/remove/replace/clear risk behaviors.

• Chores

• Updated dependencies.

• Style

• Expanded describer exceptions for an additional API group/version.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

♻️ Duplicate comments (3)

pkg/cli/admin/upgrade/upgrade.go (1)

269-271: ⚠️ Potential issue | 🔴 Critical

Guard cv.Spec.DesiredUpdate before reading AcceptRisks (panic risk).

Both reads dereference cv.Spec.DesiredUpdate without a nil check. Clusters with no desired update can hit a nil-pointer panic.

Proposed fix

-		if update != nil {
-			update.AcceptRisks = cv.Spec.DesiredUpdate.AcceptRisks
-		}
+		if cv.Spec.DesiredUpdate != nil {
+			update.AcceptRisks = append([]configv1.AcceptRisk(nil), cv.Spec.DesiredUpdate.AcceptRisks...)
+		}
...
-		update.AcceptRisks = cv.Spec.DesiredUpdate.AcceptRisks
+		if cv.Spec.DesiredUpdate != nil {
+			update.AcceptRisks = append([]configv1.AcceptRisk(nil), cv.Spec.DesiredUpdate.AcceptRisks...)
+		}

Also applies to: 411-411

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/upgrade.go` around lines 269 - 271, The code reads
cv.Spec.DesiredUpdate.AcceptRisks without guarding cv.Spec.DesiredUpdate which
can cause a nil-pointer panic; update the logic around the assignment to first
check that cv.Spec != nil and cv.Spec.DesiredUpdate != nil before reading
AcceptRisks (e.g., only set update.AcceptRisks =
cv.Spec.DesiredUpdate.AcceptRisks when cv.Spec.DesiredUpdate != nil), and apply
the same nil-check pattern to the other occurrence that reads
cv.Spec.DesiredUpdate.AcceptRisks (the second spot noted in the review).

pkg/cli/admin/upgrade/accept/accept.go (2)

154-155: ⚠️ Potential issue | 🟠 Major

Use ctx in patch call instead of context.TODO().

Run(ctx) receives caller context, but the patch call discards it. This prevents cancellation/timeout propagation.

Proposed fix

-		if err := patchDesiredUpdate(context.TODO(), acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version"); err != nil {
+		if err := patchDesiredUpdate(ctx, acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version"); err != nil {
 			return err
 		}

#!/bin/bash
# Verify whether patch call in accept.Run uses context.TODO instead of ctx.
rg -n --type=go 'patchDesiredUpdate\(context\.TODO\(\)' pkg/cli/admin/upgrade/accept/accept.go
rg -n --type=go 'func \(o \*options\) Run\(ctx context\.Context\)' pkg/cli/admin/upgrade/accept/accept.go

Expected result:

• First command returns a match (current issue present).
• Second command confirms Run(ctx) exists, so ctx should be threaded through.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` around lines 154 - 155, The call to
patchDesiredUpdate is using context.TODO() which discards the caller context;
change the call in the Run(ctx context.Context) method to pass the received ctx
instead of context.TODO() so cancellation/timeouts propagate (update the call to
patchDesiredUpdate(ctx, acceptRisks, o.Client.ConfigV1().ClusterVersions(),
"version")). Locate the call to patchDesiredUpdate in the options.Run (or
accept.Run) function and replace context.TODO() with the ctx parameter.

---

49-49: ⚠️ Potential issue | 🟡 Minor

Typo in user-facing help text.

“excepted risks” should be “accepted risks”.

Proposed fix

-		Passing --clear removes all existing excepted risks.
+		Passing --clear removes all existing accepted risks.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/upgrade/accept/accept.go` at line 49, There's a typo in the
user-facing help text in accept.go: change the phrase "excepted risks" to
"accepted risks" in the help/description string associated with the --clear flag
(look for the string "Passing --clear removes all existing excepted risks"
inside accept.go, likely in the command description or flag help for the Accept
command or NewAcceptCmd); update that literal to "Passing --clear removes all
existing accepted risks".

🧹 Nitpick comments (1)

pkg/helpers/describe/describer_test.go (1)

136-136: Please document why this group-version is exempted.

Adding a new entry to MissingDescriberGroupCoverageExceptions broadens the test allowlist. Add a short inline reason (or issue link) next to this entry so future reviewers know this is intentional.

Proposed tweak

-	{Group: "apiextensions.openshift.io", Version: "v1alpha1"},
+	{Group: "apiextensions.openshift.io", Version: "v1alpha1"}, // intentional temporary exception; see <issue/link>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/helpers/describe/describer_test.go` at line 136, The test allowlist entry
{Group: "apiextensions.openshift.io", Version: "v1alpha1"} in
MissingDescriberGroupCoverageExceptions needs an inline comment explaining why
it's exempted; update the test by adding a brief justification (e.g., "exempt
due to X reason" or an issue/PR link) directly next to that entry so future
reviewers understand the intentional omission and can reassess it later.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@pkg/cli/admin/upgrade/accept/accept.go`:
- Around line 154-155: The call to patchDesiredUpdate is using context.TODO()
which discards the caller context; change the call in the Run(ctx
context.Context) method to pass the received ctx instead of context.TODO() so
cancellation/timeouts propagate (update the call to patchDesiredUpdate(ctx,
acceptRisks, o.Client.ConfigV1().ClusterVersions(), "version")). Locate the call
to patchDesiredUpdate in the options.Run (or accept.Run) function and replace
context.TODO() with the ctx parameter.
- Line 49: There's a typo in the user-facing help text in accept.go: change the
phrase "excepted risks" to "accepted risks" in the help/description string
associated with the --clear flag (look for the string "Passing --clear removes
all existing excepted risks" inside accept.go, likely in the command description
or flag help for the Accept command or NewAcceptCmd); update that literal to
"Passing --clear removes all existing accepted risks".

In `@pkg/cli/admin/upgrade/upgrade.go`:
- Around line 269-271: The code reads cv.Spec.DesiredUpdate.AcceptRisks without
guarding cv.Spec.DesiredUpdate which can cause a nil-pointer panic; update the
logic around the assignment to first check that cv.Spec != nil and
cv.Spec.DesiredUpdate != nil before reading AcceptRisks (e.g., only set
update.AcceptRisks = cv.Spec.DesiredUpdate.AcceptRisks when
cv.Spec.DesiredUpdate != nil), and apply the same nil-check pattern to the other
occurrence that reads cv.Spec.DesiredUpdate.AcceptRisks (the second spot noted
in the review).

---

Nitpick comments:
In `@pkg/helpers/describe/describer_test.go`:
- Line 136: The test allowlist entry {Group: "apiextensions.openshift.io",
Version: "v1alpha1"} in MissingDescriberGroupCoverageExceptions needs an inline
comment explaining why it's exempted; update the test by adding a brief
justification (e.g., "exempt due to X reason" or an issue/PR link) directly next
to that entry so future reviewers understand the intentional omission and can
reassess it later.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 76cca185-dc7d-432e-bb5c-1d7c68b00c93

📥 Commits

Reviewing files that changed from the base of the PR and between ddb5889 and a599f81.

⛔ Files ignored due to path filters (105)

• go.sum is excluded by !**/*.sum
• vendor/github.com/openshift/api/.ci-operator.yaml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/.coderabbit.yaml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/.golangci.yaml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/AGENTS.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/Dockerfile.ocp is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/apiextensions/install.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/apiextensions/v1alpha1/Makefile is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/apiextensions/v1alpha1/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/apiextensions/v1alpha1/register.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/apiextensions/v1alpha1/types_compatibilityrequirement.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/apiextensions/v1alpha1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/apiextensions/v1alpha1/zz_generated.featuregated-crd-manifests.yaml is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/apiextensions/v1alpha1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/config/v1/types_authentication.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_cluster_image_policy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_cluster_version.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_feature.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_image_policy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_infrastructure.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_node.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/types_scheduling.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/console/v1/types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/features.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/features/features.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/features/util.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/install.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machineconfiguration/v1/types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_internalreleaseimage.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/operator/v1/types_ingress.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go is excluded by !**/vendor/**, !vendor/**, !**/zz_generated*
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/azureplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/baremetalplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/clusterimagepolicyspec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/gcpserviceendpoint.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyfulciocawithrekorrootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypkirootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicypublickeyrootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagepolicyspec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagesigstoreverificationpolicy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nutanixplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/openstackplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/ovirtplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/policyrootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vsphereplatformstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatusinternalreleaseimage.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatusinternalreleaseimageref.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolspec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/osimagestreamreference.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/internalreleaseimage.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/internalreleaseimagebundlestatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/internalreleaseimageref.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/internalreleaseimagespec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/internalreleaseimagestatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestream.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamset.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamstatus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/internalreleaseimage.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/osimagestream.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollerspec.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go is excluded by !**/vendor/**, !vendor/**
• vendor/modules.txt is excluded by !**/vendor/**, !vendor/**

📒 Files selected for processing (6)

• go.mod
• pkg/cli/admin/upgrade/accept/accept.go
• pkg/cli/admin/upgrade/accept/accept_test.go
• pkg/cli/admin/upgrade/rollback/rollback.go
• pkg/cli/admin/upgrade/upgrade.go
• pkg/helpers/describe/describer_test.go

🚧 Files skipped from review as they are similar to previous changes (2)

• go.mod
• pkg/cli/admin/upgrade/accept/accept_test.go

[openshift-ci]

@hongkailiu: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.