ci: add VersionDowngrade and PluginCompatibility validation to kind test#21
ci: add VersionDowngrade and PluginCompatibility validation to kind test#21cooktheryan wants to merge 4 commits into
Conversation
Adds two new validation steps to the kind CI test: VersionDowngrade — simulates a previously-deployed version by writing lastDeployedVersion directly to the status subresource (bypasses the ready guard so no real image tag is required), then patches spec.version down to "2026.6.5" and asserts VersionDowngrade=True appears and that lastDeployedVersion is preserved as a high-water mark at "2026.6.8". PluginCompatibility — creates a separate Claw (instance-compat) with a GCP-type Anthropic credential and spec.version "2026.6.1", which is below the PluginMinVersion threshold of "2026.6.8". The operator sets PluginCompatibility=False at reconcile time without needing the pod to start. Upgrading to "2026.6.8" verifies the condition clears. InitContainerFailure is covered by unit tests; it requires actual plugin download timing and is too fragile for a kind smoke test. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Centralizes the four version constants used by the VersionDowngrade and PluginCompatibility kind test steps so they can be bumped in one place: PLUGIN_MIN_VERSION — must match PluginMinVersion in knownProviders PLUGIN_COMPAT_LOW_VERSION — below threshold to trigger PluginCompatibility=False VERSION_DOWNGRADE_HIGH — recorded as lastDeployedVersion baseline VERSION_DOWNGRADE_LOW — below HIGH to trigger VersionDowngrade=True Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Warning Review limit reached
More reviews will be available in 1 minute and 29 seconds. Learn how PR review limits work. Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file). ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits. 🚦 How do rate limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (5)
📝 WalkthroughWalkthroughThe CI ChangesCI VersionDowngrade and PluginCompatibility validation
Sequence Diagram(s)sequenceDiagram
participant CI as CI Runner
participant K8s as Kubernetes API
participant Op as Claw Operator
rect rgba(173, 216, 230, 0.5)
Note over CI,Op: VersionDowngrade test
CI->>K8s: PATCH status.lastDeployedVersion = VERSION_DOWNGRADE_HIGH
CI->>K8s: PATCH spec.version = VERSION_DOWNGRADE_LOW
K8s->>Op: reconcile triggered
Op->>K8s: set VersionDowngrade condition = True
CI->>K8s: poll until VersionDowngrade=True
CI->>K8s: assert lastDeployedVersion = VERSION_DOWNGRADE_HIGH
CI->>K8s: restore spec.version
end
rect rgba(144, 238, 144, 0.5)
Note over CI,Op: PluginCompatibility test
CI->>K8s: create fake GCP service-account secret
CI->>K8s: apply Claw at PLUGIN_COMPAT_LOW_VERSION with Anthropic Vertex GCP credential
K8s->>Op: reconcile triggered
Op->>K8s: set PluginCompatibility condition = False
CI->>K8s: poll until PluginCompatibility=False
CI->>K8s: PATCH spec.version = PLUGIN_MIN_VERSION
Op->>K8s: clear PluginCompatibility condition
CI->>K8s: poll until PluginCompatibility unset
CI->>K8s: delete Claw and secret
end
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/test-kind.yml:
- Around line 253-259: In the else block where the FAIL condition is detected
(when COND is not empty), add a kubectl get command to dump the full status of
the instance-compat custom resource before exiting with status 1. This will
capture and display the actual CR state for debugging purposes. The dump should
be inserted between the echo "FAIL: ..." statement and the exit 1 command to
ensure the CR status details are visible in CI logs when the PluginCompatibility
condition assertion fails.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Enterprise
Run ID: 91a7e28c-340a-4b12-b580-e3fef8a560e1
📒 Files selected for processing (1)
.github/workflows/test-kind.yml
…ilure Addresses CodeRabbit feedback: show the full CR yaml when the PluginCompatibility-cleared assertion fails so CI logs contain the actual condition state for debugging. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Node 20 is deprecated on GitHub Actions runners. Update all actions to versions that use the node24 runtime: actions/checkout: v4 (node20) → v7 (node24) actions/setup-go: v5 (node20) → v6 (node24) golangci/golangci-lint-action: v8 (node20) → v9 (node24) Pinned SHAs updated accordingly. codecov/codecov-action uses a composite runtime and is unaffected. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 participant
Summary
Extends the kind CI test (
test-kind.yml) with smoke tests for two of the three conditions introduced in PR #13:VersionDowngrade — simulates a previously-deployed version by writing
lastDeployedVersiondirectly to the status subresource (bypasses the ready guard so no real image tag is required), then patchesspec.versiondown and asserts:VersionDowngrade=Truecondition appearslastDeployedVersionis preserved as a high-water mark (not overwritten by the downgraded version)PluginCompatibility — creates a separate Claw (
instance-compat) with a GCP-type Anthropic credential andspec.versionbelow thePluginMinVersionthreshold for the Anthropic Vertex plugin. The operator setsPluginCompatibility=Falseat reconcile time without needing a pod to start. Upgrading to the minimum version verifies the condition clears.Version constants are extracted to job-level env vars so they can be updated in one place when plugin versions change:
PLUGIN_MIN_VERSION2026.6.8(must matchknownProvidersinclaw_providers.go)PLUGIN_COMPAT_LOW_VERSION2026.6.1VERSION_DOWNGRADE_HIGH2026.6.8VERSION_DOWNGRADE_LOW2026.6.5InitContainerFailure is not included — it requires actual plugin download and CrashLoopBackOff timing, making it too fragile for a kind smoke test. It is covered by unit tests.
Test plan
make lintpasses🤖 Generated with Claude Code
Summary by CodeRabbit