Skip to content

feat(ci): enable OCP-ECR image cred for prefetcher#21031

Draft
porridge wants to merge 8 commits into
masterfrom
mowsiany/image-prefetcher-ocp-ecr
Draft

feat(ci): enable OCP-ECR image cred for prefetcher#21031
porridge wants to merge 8 commits into
masterfrom
mowsiany/image-prefetcher-ocp-ecr

Conversation

@porridge

@porridge porridge commented Jun 9, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Description

Enable the image prefetcher to use OCP-ECR kubelet image credential provider
integration when running on OCP clusters backed by AWS. This lets ECR
credentials flow through to image pulls without a separate pull secret.

Changes:

User-facing documentation

Testing and quality

  • the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

  • added unit tests
  • added e2e tests
  • added regression tests
  • added compatibility tests
  • modified existing tests

How I validated my change

Will be validated by the OCP-on-AWS CI jobs (e.g. cr--acs--tests-aws in ocp-4.22-lpMainline-lp-ocp-compat).
On non-AWS OCP clusters the behavior is unchanged (disabled). On non-OCP clusters the code path is not reached.

@porridge @claude
feat(ci): enable OCP-ECR image cred integration for prefetcher
9288518 
Bump image-prefetcher/deploy to feat/ocp-credential-provider branch
which adds OCP-ECR as an accepted value for
--use-kubelet-image-credential-integration. When the image prefetcher
runs on OCP clusters backed by AWS, detect the platform via
`oc get infrastructure cluster` and pass OCP-ECR so that ECR
credentials are available for image pulls.

Partially generated by AI.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@openshift-ci

openshift-ci Bot commented Jun 9, 2026

Copy link
Copy Markdown

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@coderabbitai

coderabbitai Bot commented Jun 9, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: 467c6afe-2f4d-4428-873a-db16fbda5b69

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch mowsiany/image-prefetcher-ocp-ecr

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

github-actions Bot commented Jun 9, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

🚀 Build Images Ready

Images are ready for commit 2b333ee. To use with deploy scripts:

export MAIN_IMAGE_TAG=4.12.x-121-g2b333ee5a6

@porridge @claude
feat(ci): prefetch ECR test image for ImageScanningTest
d128390 
Append the ECR test image used by ImageScanningTest.groovy to the
prefetch list at runtime when AWS_ECR_REGISTRY_NAME and
AWS_ECR_REGISTRY_REGION env vars are available. The image reference
is dynamic (registry ID and region come from vault secrets) so it
cannot be added to the static images-to-prefetch.txt.

Partially generated by AI.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This was referenced Jun 9, 2026
Draft
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@janisz janisz Awaiting requested review from janisz janisz will be requested when the pull request is marked ready for review janisz is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

ai-assisted do-not-merge/work-in-progress

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@porridge