OCPEDGE-2776: feat(agents): add agentic harness foundation with safety guardrails#2804
OCPEDGE-2776: feat(agents): add agentic harness foundation with safety guardrails#2804qJkee wants to merge 3 commits into
Conversation
|
@qJkee: This pull request references OCPEDGE-2776 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the ticket to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: qJkee The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Caution Review failedAn error occurred during the review process. Please try again later. WalkthroughThis PR adds Claude, Cursor, and Copilot guidance files; expands shared repository instructions for builds, CRD changes, testing, and safety boundaries; and updates ADR decision documents and the ADR index to accepted status. ChangesAI tooling guidance
ADR decision documentation
Estimated code review effort: 3 (Moderate) | ~25 minutes Suggested labels: 🚥 Pre-merge checks | ✅ 15✅ Passed checks (15 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2804 +/- ##
==========================================
- Coverage 54.14% 54.00% -0.15%
==========================================
Files 54 54
Lines 4170 4170
==========================================
- Hits 2258 2252 -6
- Misses 1730 1733 +3
- Partials 182 185 +3 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.claude/settings.json:
- Around line 33-35: The Go Bash allow-rules are too broad because the current
go test, go vet, and go build patterns can permit execution of attacker-supplied
tools through flags like -exec, -toolexec, and -vettool. Tighten the matching
entries in .claude/settings.json by restricting them to safer package targets
such as ./... or by explicitly excluding those flags, and keep the change
focused on the three existing rules for go test, go vet, and go build.
In @.github/copilot-instructions.md:
- Around line 71-78: The fenced example in the copilot instructions markdown is
missing a language tag, which triggers markdownlint MD040. Update the example
near the commit-message guidance so the fenced block is labeled with an
appropriate language such as text, keeping the rest of the example content
unchanged.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 42aeed6a-d6aa-4658-83ac-ce1dc676ee6d
📒 Files selected for processing (3)
.claude/settings.json.github/copilot-instructions.mdAGENTS.md
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.claude/rules/reconciliation.md (1)
23-24: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winNarrow the
errgroupguidance.
errgrouponly cancels viaerrgroup.WithContext; this wording is broader than the actual failure mode. Please scope it to the context-canceling variant or the multi-node fan-out case.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.claude/rules/reconciliation.md around lines 23 - 24, Narrow the `errgroup` guidance so it only applies to `errgroup.WithContext` or the multi-node fan-out pattern in reconciliation.md, since plain errgroup usage does not always cancel work. Update the rule text to explicitly say to avoid the context-canceling variant when continuing healthy nodes matters, and keep the recommendation aligned with raw goroutines plus errors.Join for aggregate-error handling.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In @.claude/rules/reconciliation.md:
- Around line 23-24: Narrow the `errgroup` guidance so it only applies to
`errgroup.WithContext` or the multi-node fan-out pattern in reconciliation.md,
since plain errgroup usage does not always cancel work. Update the rule text to
explicitly say to avoid the context-canceling variant when continuing healthy
nodes matters, and keep the recommendation aligned with raw goroutines plus
errors.Join for aggregate-error handling.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 26dd008c-124a-48e3-bd29-255e77938faa
📒 Files selected for processing (18)
.claude/commands/modify-crd.md.claude/commands/new-adr.md.claude/commands/run-e2e.md.claude/rules/api-types.md.claude/rules/reconciliation.md.claude/rules/testing.md.claude/rules/vgmanager.md.claude/settings.json.cursor/rules/lvms.mdc.github/copilot-instructions.md.github/instructions/api-types.instructions.mdAGENTS.mdCONTRIBUTING.mddocs/decisions/0001-single-binary-architecture.mddocs/decisions/0002-v1alpha1-is-stable.mddocs/decisions/0003-finalizer-hierarchy.mddocs/decisions/0004-conservative-device-filters.mddocs/decisions/index.md
✅ Files skipped from review due to trivial changes (11)
- .cursor/rules/lvms.mdc
- .claude/rules/testing.md
- .claude/commands/modify-crd.md
- .claude/commands/new-adr.md
- .claude/rules/api-types.md
- .claude/commands/run-e2e.md
- docs/decisions/0002-v1alpha1-is-stable.md
- .github/instructions/api-types.instructions.md
- docs/decisions/0004-conservative-device-filters.md
- .github/copilot-instructions.md
- docs/decisions/index.md
🚧 Files skipped from review as they are similar to previous changes (1)
- .claude/settings.json
Add Claude Code permissions (deny destructive LVM commands and generated file edits, allow safe build/test commands), PostToolUse hooks (API type change warning, per-package go vet), and PreToolUse secret detection. Add GitHub Copilot instruction file derived from AGENTS.md. Restructure AGENTS.md safety section into three-tier boundaries (Always/Ask/Never) and add explicit build commands.
Add Claude Code rules for api-types, vgmanager, reconciliation, and testing. Add slash commands: /modify-crd, /run-e2e, /new-adr. Fill considered options and promote ADRs 0001-0004 from draft to accepted with 2022-07-01 date.
Add Cursor (.cursor/rules/lvms.mdc) and Copilot path-specific (.github/instructions/api-types.instructions.md) instruction files. Add path-scoped guidance, agent skills, and cross-tool sections to AGENTS.md. Expand AI-assisted contributions in CONTRIBUTING.md with supported tools matrix and slash command documentation.
|
/retest |
|
@qJkee: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Add Claude Code permissions (deny destructive LVM commands and generated file edits, allow safe build/test commands), PostToolUse hooks (API type change warning, per-package go vet), and PreToolUse secret detection.
Add GitHub Copilot instruction file derived from AGENTS.md. Restructure AGENTS.md safety section into three-tier boundaries (Always/Ask/Never) and add explicit build commands.
Summary by CodeRabbit