Skip to content

DO NOT MERGE [main] telco-core: Add ClusterImagePolicy to install/extra-manifests#673

Draft
greyerof wants to merge 2 commits intoopenshift-kni:mainfrom
greyerof:telco_core_clusterimagepolicy
Draft

DO NOT MERGE [main] telco-core: Add ClusterImagePolicy to install/extra-manifests#673
greyerof wants to merge 2 commits intoopenshift-kni:mainfrom
greyerof:telco_core_clusterimagepolicy

Conversation

@greyerof
Copy link
Copy Markdown

@greyerof greyerof commented Mar 24, 2026
edited
Loading

The ClusterImagePolicy ensures that sigstore signature is always validated for Telco Core RDS Operators. The images and their signatures artifacts are scattered among these repos:

  • registry.redhat.io/cert-manager
    • Cert Manager operator
  • registry.redhat.io/odf4:
    • ODF Operator
  • registry.redhat.io/openshift4:
    • Numa Resources Operator
    • ODF related operators
    • MetalLB Operator
    • SRIOV Operator
    • NMState Operator
  • registry.redhat.io/openshift-logging:
    • Cluster Logging Operator
  • registry.redhat.io/rhceph
    • CEPH operator (needed by ODF)
  • registry.redhat.io/rhel9/postgresql-16
    • Image needed by ODF (ocs-operator)
  • registry.redhat.io/rhel9/support-tools
    • Support tools (Toolbox images)

@greyerof
telco-core: Add ClusterImagePolicy to install/extra-manifests
a7872e1 
The ClusterImagePolicy ensures that sigstore signature is always
validated for Telco Core RDS Operators. The images and their
signatures artifacts are scattered among these repos:

- registry.redhat.io/odf4:
  + ODF Operator
- registry.redhat.io/openshift4:
  + Numa Resources Operator
  + ODF related operators
  + MetalLB Operator
  + SRIOV Operator
  + NMState Operator
- registry.redhat.io/openshift-logging:
  + Cluster Logging Operator
- registry.redhat.io/rhceph
  + CEPH operator (needed by ODF)
- registry.redhat.io/rhel9/postgresql-16
  + Image needed by ODF (ocs-operator)
- registry.redhat.io/rhel9/support-tools
  + Support tools (Toolbox images)

Signed-off-by: Gonzalo Reyero Ferreras <greyerof@redhat.com>
@openshift-ci openshift-ci Bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Mar 24, 2026
@openshift-ci
Copy link
Copy Markdown

openshift-ci Bot commented Mar 24, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: greyerof
Once this PR has been reviewed and has the lgtm label, please assign irinamihai for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Mar 24, 2026
@openshift-ci
Copy link
Copy Markdown

openshift-ci Bot commented Mar 24, 2026

Hi @greyerof. Thanks for your PR.

I'm waiting for a openshift-kni member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Tip

We noticed you've done this a few times! Consider joining the org to skip this step and gain /lgtm and other bot rights. We recommend asking approvers on your previous PRs to sponsor you.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@greyerof
Added scope for the cert-manager operator.
ba4cc3d 
Signed-off-by: Gonzalo Reyero Ferreras <greyerof@redhat.com>
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 1, 2026

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 060765f9-42be-4aaa-918f-89241387f451

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@imiller0
Copy link
Copy Markdown
Collaborator

imiller0 commented Apr 7, 2026

/hold
Pending further testing in next release

@openshift-ci openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 7, 2026
@imiller0
Copy link
Copy Markdown
Collaborator

imiller0 commented Apr 24, 2026

/ok-to-test

@openshift-ci openshift-ci Bot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Apr 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@greyerof @imiller0