kms: add readiness check hook to revision controller

[bertinatto]

Summary by CodeRabbit

• New Features
  • Added an optional “revision readiness” callback during revision creation.
  • The callback runs after the revision ConfigMap is created and before the revision is marked ready; it can prevent readiness on error or return value false (default: always ready).
  • Exposed this callback in the static pod controller builder.
• Bug Fixes
  • Updated controller wiring to support the expanded initialization.
• Tests
  • Added coverage for readiness success and failure, including latest-available revision updates and the revision-ready annotation behavior.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 581c9cfc-a594-4a3d-b8ac-b93c16bb3467

📥 Commits

Reviewing files that changed from the base of the PR and between 2aae006 and ae223a7.

📒 Files selected for processing (4)

• pkg/operator/apiserver/controllerset/apiservercontrollerset.go
• pkg/operator/revisioncontroller/revision_controller.go
• pkg/operator/revisioncontroller/revision_controller_test.go
• pkg/operator/staticpod/controllers.go

🚧 Files skipped from review as they are similar to previous changes (4)

• pkg/operator/apiserver/controllerset/apiservercontrollerset.go
• pkg/operator/revisioncontroller/revision_controller_test.go
• pkg/operator/staticpod/controllers.go
• pkg/operator/revisioncontroller/revision_controller.go

---

Walkthrough

ReadinessCheckFunc is added to RevisionController as an optional callback invoked after the revision ConfigMap is created but before the revision is marked ready. NewRevisionController accepts this parameter with a nil-safe default. The staticpod builder exposes WithRevisionControllerReadinessCheck, and existing call sites in the apiserver controllerset and tests pass nil.

Changes

Revision readiness check feature

Layer / File(s)	Summary
ReadinessCheckFunc type contract pkg/operator/revisioncontroller/revision_controller.go	Defines ReadinessCheckFunc(ctx context.Context, revision int32) (bool, error) callback contract.
RevisionController field and constructor pkg/operator/revisioncontroller/revision_controller.go	RevisionController gains revisionReadinessCheck field. NewRevisionController accepts the callback parameter and installs a nil-safe default that always succeeds.
Readiness check invocation in createNewRevision pkg/operator/revisioncontroller/revision_controller.go	Invokes revisionReadinessCheck after revision status ConfigMap is created but before setting the revision-ready annotation. Errors are wrapped and returned; false result prevents the revision from being marked ready.
Builder pattern support in staticpod pkg/operator/staticpod/controllers.go	Adds revisionControllerReadinessCheck field to builder struct, exposes WithRevisionControllerReadinessCheck method on Builder interface, and stores the callback for method chaining.
Wiring callback through ToControllers pkg/operator/staticpod/controllers.go	ToControllers passes the builder's stored readiness check to revisioncontroller.NewRevisionController during revision controller creation.
Call site updates and test cleanup pkg/operator/apiserver/controllerset/apiservercontrollerset.go, pkg/operator/revisioncontroller/revision_controller_test.go	Apiserver controllerset and three test cases update NewRevisionController calls with the new trailing nil argument. Test import block reformatted for consistency.
Test coverage for readiness check behavior pkg/operator/revisioncontroller/revision_controller_test.go	Adds TestSyncWithRevisionReadinessCheck table-driven test validating readiness check error handling, false return behavior, advancement of LatestAvailableRevision, and revision-ready annotation state.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 13 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Test Structure And Quality	⚠️ Warning	New test TestSyncWithRevisionReadinessCheck lacks meaningful failure messages on 3 out of 4 assertions (require.Equal calls), violating criterion 4. Only 1 assertion includes a message.	Add failure messages to require.Equal assertions: line 938 (syncErr), line 941 (LatestAvailableRevision), line 945 (revision-ready annotation).

✅ Passed checks (13 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'kms: add readiness check hook to revision controller' clearly and concisely describes the main change: adding a readiness check hook feature to the revision controller for KMS functionality.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	PR uses standard Go testing (t.Run), not Ginkgo. Check applies only to Ginkgo tests; not applicable here.
Microshift Test Compatibility	✅ Passed	PR adds only standard Go unit tests (testing.T), not Ginkgo e2e tests. The repository has zero Ginkgo tests total; check only applies to Ginkgo e2e tests.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	No Ginkgo e2e tests were added in this PR. Changes are limited to production code (revision controller logic) and standard Go unit tests, making the SNO compatibility check not applicable.
Topology-Aware Scheduling Compatibility	✅ Passed	PR adds a revision readiness check callback to revision controller. No scheduling constraints introduced—changes are purely about validation hooks for revision ConfigMaps/Secrets, not pod/deploymen...
Ote Binary Stdout Contract	✅ Passed	All modified files are library code (pkg/) with no main(), init(), or process-level functions. No stdout writes, fmt.Print calls, or os.Stdout references found in any modified code.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	No Ginkgo e2e tests were added in this PR. The test file uses Go's standard testing package with func TestXXX(t *testing.T) pattern, not Ginkgo framework. The custom check only applies to Ginkgo e2...
No-Weak-Crypto	✅ Passed	No weak cryptographic algorithms, custom crypto implementations, or insecure secret comparisons detected in the code changes. The PR adds a readiness check callback mechanism to the revision contro...
Container-Privileges	✅ Passed	PR contains only Go source code changes for revision controller logic; no Kubernetes manifests or container configurations with privileged settings are present or modified.
No-Sensitive-Data-In-Logs	✅ Passed	No sensitive data (passwords, tokens, API keys, PII, etc.) is exposed in logging. The only new error message wraps a revision number with an error from a callback function, following standard Go pr...

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bertinatto

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• pkg/operator/apiserver/OWNERS [bertinatto]
• pkg/operator/revisioncontroller/OWNERS [bertinatto]
• pkg/operator/staticpod/OWNERS [bertinatto]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

🧹 Nitpick comments (1)

pkg/operator/revisioncontroller/revision_controller_test.go (1)

810-822: ⚡ Quick win

Consider adding test coverage for the postcondition functionality.

The existing tests verify signature compatibility by passing nil, but there are no tests exercising the postcondition behavior (success, failure returning false, and failure returning an error). This mirrors the existing TestSyncWithRevisionPrecondition test structure.

Would you like me to generate test cases for the postcondition functionality similar to TestSyncWithRevisionPrecondition?

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@pkg/operator/revisioncontroller/revision_controller_test.go` around lines 810
- 822, Add test coverage for the postcondition functionality in the revision
controller by creating new test cases that mirror the existing
TestSyncWithRevisionPrecondition test structure. Create tests that exercise the
postcondition parameter (currently set to nil in NewRevisionController) by
implementing mock postcondition functions that cover three scenarios: successful
postcondition execution, postcondition returning false, and postcondition
returning an error. This will ensure the postcondition behavior is properly
validated alongside the existing precondition tests.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@pkg/operator/revisioncontroller/revision_controller_test.go`:
- Around line 810-822: Add test coverage for the postcondition functionality in
the revision controller by creating new test cases that mirror the existing
TestSyncWithRevisionPrecondition test structure. Create tests that exercise the
postcondition parameter (currently set to nil in NewRevisionController) by
implementing mock postcondition functions that cover three scenarios: successful
postcondition execution, postcondition returning false, and postcondition
returning an error. This will ensure the postcondition behavior is properly
validated alongside the existing precondition tests.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 9666444d-ec88-4170-9693-0ad58ff65b5f

📥 Commits

Reviewing files that changed from the base of the PR and between b0f5231 and 7ccf701.

📒 Files selected for processing (4)

• pkg/operator/apiserver/controllerset/apiservercontrollerset.go
• pkg/operator/revisioncontroller/revision_controller.go
• pkg/operator/revisioncontroller/revision_controller_test.go
• pkg/operator/staticpod/controllers.go

[bertinatto]

Proof PR: openshift/cluster-kube-apiserver-operator#2121

[ardaguclu]

This PR looks good to me. But I think we need review from @p0lyn0mial

[bertinatto]

I just realized that Postcondition might not be the best name because the check is done before the operator conditions are set, right before the revision is marked as ready, not after the condition is set. Maybe RevisionReadinessCheck is a better name?

[bertinatto]

I went ahead and renamed it

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@pkg/operator/revisioncontroller/revision_controller_test.go`:
- Around line 940-941: The error return value from the
GetStaticPodOperatorState() call on staticPodOperatorClient is being discarded
with an underscore, which can mask state-fetch failures and cause the status
assertion to run on invalid data. Capture the error return value instead of
ignoring it, and add a require.NoError() assertion immediately after the
GetStaticPodOperatorState() call to ensure the state was successfully fetched
before proceeding with the status assertion.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: ade74ff6-ffa7-4c5f-8ed9-988f11d993ed

📥 Commits

Reviewing files that changed from the base of the PR and between 9261746 and c98b71e.

📒 Files selected for processing (4)

• pkg/operator/apiserver/controllerset/apiservercontrollerset.go
• pkg/operator/revisioncontroller/revision_controller.go
• pkg/operator/revisioncontroller/revision_controller_test.go
• pkg/operator/staticpod/controllers.go

🚧 Files skipped from review as they are similar to previous changes (3)

• pkg/operator/apiserver/controllerset/apiservercontrollerset.go
• pkg/operator/revisioncontroller/revision_controller.go
• pkg/operator/staticpod/controllers.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Handle GetStaticPodOperatorState error before asserting on status.

The error return is currently discarded, which can hide state-fetch failures and make the assertion run on invalid data.

As per coding guidelines, "Never ignore error returns".

✅ Suggested fix

-			_, status, _, _ := staticPodOperatorClient.GetStaticPodOperatorState()
+			_, status, _, statusErr := staticPodOperatorClient.GetStaticPodOperatorState()
+			require.NoError(t, statusErr)
 			require.Equal(t, tc.expUpdatedLatestAvailableRevision, status.LatestAvailableRevision)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	_, status, _, _ := staticPodOperatorClient.GetStaticPodOperatorState()
	require.Equal(t, tc.expUpdatedLatestAvailableRevision, status.LatestAvailableRevision)
	_, status, _, statusErr := staticPodOperatorClient.GetStaticPodOperatorState()
	require.NoError(t, statusErr)
	require.Equal(t, tc.expUpdatedLatestAvailableRevision, status.LatestAvailableRevision)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@pkg/operator/revisioncontroller/revision_controller_test.go` around lines 940
- 941, The error return value from the GetStaticPodOperatorState() call on
staticPodOperatorClient is being discarded with an underscore, which can mask
state-fetch failures and cause the status assertion to run on invalid data.
Capture the error return value instead of ignoring it, and add a
require.NoError() assertion immediately after the GetStaticPodOperatorState()
call to ensure the state was successfully fetched before proceeding with the
status assertion.

Source: Coding guidelines

[openshift-ci]

@bertinatto: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.