OSD-28241: Allow building backplane config, login with provided OCM connections #657

nephomaniac · 2025-04-02T20:33:37Z

What type of PR is this?

What this PR does / Why we need it?

This PR allows an OCM connection to be provided to the config building and login functions. ie adding new '*WithConn()' function variants allowing the caller to provide the OCM connection. This PR attempts to allow utils sharing backplane code to interact with clusters which reside in different OCM envs within the same executable. The most relevant use case is testing/developing within pre-production STAGE and INTEGRATION OCM envs, that are serviced by Hive clusters which exist in OCM Production environment(s)

Today as part of the client connection setup/code-path, it is not possible to create a clean separation of OCM config to be provided to multiple backplane connections within a single executable. It appears that through a chain of functions, the use of env vars prevents this from working as desired.
These changes also help avoid rebuilding/tearing down multiple OCM connections during the config + login phases.
This may make the build/login path more consistent with regard to the OCM attributes they use. Rebuilding/refetching OCM attributes may introduce (small) windows for race conditions.

This PR is an attempt at the least intrusive method of allowing a consumer to build and persist an OCM config/connection throughout the lifecycle of a BP-client connection.

Example:

//Example using new '*withConn' functions from this PR...
func CreateBPClient(ocmConnection *ocmsdk.Connection, clusterID string) (*k8sClient, error) {
    bpcfg, err := bpconfig.GetBackplaneConfigurationWithConn(ocmConnection) 
    restcfg, err := bplogin.GetRestConfigWithConn(bpcfg, ocmConnection, clusterID)
    return  k8sclient.New(restcfg, options)
}


// Fake function to create ocm sdk connections using provided ocmConfig. 
// The author can decide how the config is built, this PR allows this config to persist through the BP clients later.  
func RandomOCMSDKConnectionBuilder(*ocmConfig.Config) (*sdk.Connection, error) { ..some code...} 

// Create an OCM connection for each OCM environment...
prodOcmConn := RandomOCMSDKConnectionBuilder( prodOCMConfig)
stageOcmConn := RandomOCMSDKConnectionBuilder( stageOCMConfig)
intOcmConn := RandomOCMSDKConnectionBuilder( intOCMConfig)

// Create the needed Hive BP clients using prod...
hiveBPClientA := CreateBPClient(prodOcmConn, hiveClusterIdA)
hiveBPClientB := CreateBPClient(prodOcmConn, hiveClusterIdB)

// Create the target cluster BP clients using prod, stage, and int...
prodClusterBPClient := CreateBPClient(prodOcmConn, prodClusterIdB)
stagingClusterBPClient := CreateBPClient(stageOcmConn, stageClusterId)
intClusterBPClient := CreateBPClient(intOcmConn, intClusterId)

// Sample use cases with the artifacts created above...
// Today ALL osdctl utils that work with both hive(s) and a target cluster(s) connections can only be used in prod. 
// With this PR these utils no longer have to share the same production OCM environment.
// Some example/sudo use case we have today...
 
func doHiveClusterSyncAndCheckCluster(hiveClient *k8sClient, clusterClient *k8sClient, clusterID string)  {
   doClusterSync(hiveClient, clusterID)
   checkStuff(clusterClient) 
}  

func doFetchCloudStuffForCluster(hiveClient *k8sClient, clusterClient *k8sClient, clusterID string){
   // Requires cluster access...
   clusterResource := fetchClusterResourceThing(clusterClient)
   // Requires Hive access... 
   cloudAPI := getCloudAPIConnection(hiveClient, clusterID) 
   
   fetchCloudResourceBackingClusterResource(cloudAPI, clusterResource)
}

Which Jira/Github issue(s) does this PR fix?

Related Issue # OSD-28241,
SREP-164, SREP-183
Closes #

Special notes for your reviewer

After initial draft review, additional unit tests should be added.

Unit Test Coverage

Waiting for initial draft review, before adding remaining unit tests.
I've manually tested this branch against OSDCTL using both legacy backplane functions, and new OCM sdk connection fed backplane functions. I've connected to clusters using each path, as well as mixing these within a single util. I've also tested basic ocm-backplane login cli connections in the terminal.

Guidelines

If it's a new sub-command or new function to an existing sub-command, please cover at least 50% of the code
If it's a bug fix for an existing sub-command, please cover 70% of the code

Test coverage checks

Added unit tests
Created jira card to add unit test
This PR may not need unit tests

Pre-checks (if applicable)

Ran unit tests locally
Validated the changes in a cluster
Included documentation changes with PR

openshift-ci-robot · 2025-04-02T20:33:41Z

openshift-ci · 2025-04-02T20:33:51Z

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

openshift-ci-robot · 2025-04-02T20:33:52Z

openshift-ci-robot · 2025-04-02T20:34:18Z

openshift-ci · 2025-04-02T20:35:06Z

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: nephomaniac
Once this PR has been reviewed and has the lgtm label, please assign hectorakemp for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

nephomaniac · 2025-04-02T20:58:00Z

/test all

codecov-commenter · 2025-04-02T21:08:26Z

Codecov Report

❌ Patch coverage is 28.07018% with 41 lines in your changes missing coverage. Please review.
✅ Project coverage is 52.54%. Comparing base (1963392) to head (9391fee).

Files with missing lines	Patch %	Lines
cmd/ocm-backplane/login/login.go	25.00%	13 Missing and 2 partials ⚠️
pkg/cli/config/config.go	45.83%	12 Missing and 1 partial ⚠️
pkg/backplaneapi/clientUtils.go	0.00%	8 Missing ⚠️
pkg/ocm/ocm.go	0.00%	5 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #657      +/-   ##
==========================================
- Coverage   52.82%   52.54%   -0.29%     
==========================================
  Files          80       80              
  Lines        6065     6113      +48     
==========================================
+ Hits         3204     3212       +8     
- Misses       2434     2471      +37     
- Partials      427      430       +3

Files with missing lines	Coverage Δ
pkg/ocm/ocm.go	`4.11% <0.00%> (-0.07%)`	⬇️
pkg/backplaneapi/clientUtils.go	`0.00% <0.00%> (ø)`
pkg/cli/config/config.go	`70.83% <45.83%> (-4.42%)`	⬇️
cmd/ocm-backplane/login/login.go	`66.25% <25.00%> (-2.06%)`	⬇️

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

nephomaniac · 2025-04-02T22:07:27Z

/test lint

nephomaniac · 2025-04-02T22:24:49Z

/test all

openshift-ci-robot · 2025-05-12T23:46:11Z

openshift-ci-robot · 2025-05-12T23:47:08Z

openshift-ci-robot · 2025-05-22T19:21:41Z

typeid

Not a detailed review and not a blocker for this PR:
given recent discussions, we really need a refactor the logic we share across tools out of /cmd/ into /pkg/ - and changes to these functions with care and knowledge around their consumers (CAD, osdctl).

pkg/ocm/ocm.go

pkg/cli/config/config.go

pkg/backplaneapi/clientUtils.go

feichashao · 2025-06-25T01:41:08Z

Hi @nephomaniac , could you check the comments by @samanthajayasinghe when you have capacity? Thanks!

samanthajayasinghe · 2025-08-20T02:49:54Z

Let's hold this PR for now

samanthajayasinghe · 2025-08-20T02:50:00Z

/hold

nephomaniac · 2025-08-20T03:13:50Z

Hi @samanthajayasinghe sorry for the delay on this. I took some time to investigate a larger refactor, but not sure it's appropriate for this specific change/benefit. Please let me know if there's anything I can do to move this (or similar/smaller change forward). Thank you!

samanthajayasinghe · 2025-10-01T01:38:51Z

FYI @nephomaniac , we recently merged the singleton OCM connection with a timeout. Does this resolve the original issue?
ocm connection PR: #785

nephomaniac · 2025-10-01T16:33:58Z

Hi @samanthajayasinghe thanks for the heads up. It's possible the PR: #785 can help a little, but at first glance I think it may also introduce new areas for OCM connection inconsistencies(?). (IMO) It would be ideal to separate the config/building-config functions from those that create connections with the config. Allowing the consumer to persist a desired OCM config throughout the life of a BP OcmInterface impl.

It appears that with PR: #785 an OCM connection's config can be inadvertently changed to a completely different connection context/env during the active/ongoing use of the OCM itfc impl (ie due to the timeouts, auto-recreation of the underlying connection)?
Allowing the consumer to persist OCM config, and be deliberate in when/how OCM config changes are applied to the underlying connections may be a nice complement to PR: #785?
Thanks!

… connections

openshift-ci · 2025-10-01T17:56:39Z

@nephomaniac: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

nephomaniac · 2025-10-01T18:35:51Z

/label tide/merge-method-squash

samanthajayasinghe · 2025-10-01T21:06:13Z

Thanks for the info, @nephomaniac. As I understand it, this PR fundamentally addresses switching the OCM environment since stage/int Hive clusters are on the production environment.
I'm not entirely clear about the root issue we're addressing here, but I agree that configuring the OCM token/file can be separate from the backplane configuration.
My understanding is that we may need a DDR to describe the issue and potential solution that satisfies both the managed OpenShift and FredRamp environments.
I'll seek other thoughts on how we can proceed with this PR further.
cc : @bmeng / @smarthall / @feichashao / @xiaoyu74

openshift-ci-robot · 2025-10-01T23:22:06Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

nephomaniac · 2025-10-01T23:26:07Z

Thanks. I've updated the PR description with an example. This PR allows consumers of backplane-cli to create backplane client connections with a provided ocm sdk connection, ...which allows the consumer to separate the ocm config building portions from backplane-cli.
The sudo example I provided above uses the new BP-cli wrapper functions like this...

//Example using new '*withConn' functions from this PR...
func CreateBPClient(ocmConnection *ocmsdk.Connection, clusterID string) (*k8sClient, error) {
    bpcfg, err := bpconfig.GetBackplaneConfigurationWithConn(ocmConnection) 
    restcfg, err := bplogin.GetRestConfigWithConn(bpcfg, ocmConnection, clusterID)
    return  k8sclient.New(restcfg, options)
}

openshift-ci-robot · 2025-10-01T23:27:23Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-10-01T23:28:24Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-10-01T23:31:19Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-10-01T23:53:25Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-10-01T23:56:30Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-10-02T00:26:13Z

@nephomaniac: This pull request references OSD-28241 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

xiaoyu74 · 2025-10-02T05:32:45Z

IIUC, this PR just implemented to create 2 connections (prodConn and stageConn) mainly for osdctl that import bp-cli as a library (not for actual bp-cli end-users) to support multi-ocm-env in one call? Feeling no big arch change?

Also, FedRAMP env should be already isolated with different OCM URLs/infra, looks like this PR doesn't change FedRamp works but just non-gov multi-env testing, so, do we really think it's necessary to have a DDR?

btw, I may miss some context about #785, it should just reuse a single OCM connection and add auto-cleanup while this PR #657 implement to support multiple connection to different OCM env. So, the 2 PRs could be seen as complementary rather than conflicts? cc: @nephomaniac @samanthajayasinghe

samanthajayasinghe · 2025-10-07T21:23:58Z

Thanks @xiaoyu74 and @nephomaniac for your thoughts and for updating the PR desc. If this PR is only for osdctl multi-ocm-env, then let's merge this PR.
I'll defer to you to merge the PR @xiaoyu74 / @bmeng

openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Apr 2, 2025

openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 2, 2025

nephomaniac mentioned this pull request Apr 4, 2025

OSD-28241: Added utils for building OCM config, and backplane clients using provided OCM connections nephomaniac/osdctl#3

Draft

nephomaniac marked this pull request as ready for review May 5, 2025 23:43

openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label May 5, 2025

openshift-ci bot requested review from Dee-6777 and diakovnec May 5, 2025 23:43

typeid reviewed May 22, 2025

View reviewed changes

samanthajayasinghe reviewed Jun 2, 2025

View reviewed changes

pkg/ocm/ocm.go Show resolved Hide resolved

pkg/cli/config/config.go Show resolved Hide resolved

pkg/backplaneapi/clientUtils.go Show resolved Hide resolved

openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 20, 2025

openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Oct 1, 2025

OSD-28241: Allow building backplane connections with provided OCM sdk…

f4fa6b8

… connections

OSD-28241: Remove ineffectual assignment to err

9391fee

nephomaniac force-pushed the OSD-28241 branch from dd35199 to 9391fee Compare October 1, 2025 17:41

openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Oct 1, 2025

openshift-ci bot added the tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges. label Oct 1, 2025

OSD-28241: Allow building backplane config, login with provided OCM connections #657

Are you sure you want to change the base?

OSD-28241: Allow building backplane config, login with provided OCM connections #657

Uh oh!

Conversation

nephomaniac commented Apr 2, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What type of PR is this?

What this PR does / Why we need it?

Example:

Which Jira/Github issue(s) does this PR fix?

Special notes for your reviewer

Unit Test Coverage

Guidelines

Test coverage checks

Pre-checks (if applicable)

Uh oh!

openshift-ci-robot commented Apr 2, 2025 • edited by openshift-ci bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What type of PR is this?

What this PR does / Why we need it?

Which Jira/Github issue(s) does this PR fix?

Special notes for your reviewer

Unit Test Coverage

Guidelines

Test coverage checks

Pre-checks (if applicable)

Uh oh!

openshift-ci bot commented Apr 2, 2025

Uh oh!

openshift-ci-robot commented Apr 2, 2025 • edited by openshift-ci bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What type of PR is this?

What this PR does / Why we need it?

Which Jira/Github issue(s) does this PR fix?

Special notes for your reviewer

Unit Test Coverage

Guidelines

Test coverage checks

Pre-checks (if applicable)

Uh oh!

openshift-ci-robot commented Apr 2, 2025 • edited by openshift-ci bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What type of PR is this?

What this PR does / Why we need it?

Which Jira/Github issue(s) does this PR fix?

Special notes for your reviewer

Unit Test Coverage

Guidelines

Test coverage checks

Pre-checks (if applicable)

Uh oh!

openshift-ci bot commented Apr 2, 2025

Uh oh!

nephomaniac commented Apr 2, 2025

Uh oh!

codecov-commenter commented Apr 2, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

nephomaniac commented Apr 2, 2025

Uh oh!

nephomaniac commented Apr 2, 2025

Uh oh!

openshift-ci-robot commented May 12, 2025 • edited by openshift-ci bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What type of PR is this?

What this PR does / Why we need it?

Which Jira/Github issue(s) does this PR fix?

Special notes for your reviewer

Unit Test Coverage

Guidelines

Test coverage checks

Pre-checks (if applicable)

Uh oh!

openshift-ci-robot commented May 12, 2025 • edited by openshift-ci bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What type of PR is this?

What this PR does / Why we need it?

Which Jira/Github issue(s) does this PR fix?

nephomaniac commented Apr 2, 2025 •

edited

Loading

openshift-ci-robot commented Apr 2, 2025 •

edited by openshift-ci bot

Loading

openshift-ci-robot commented Apr 2, 2025 •

edited by openshift-ci bot

Loading

openshift-ci-robot commented Apr 2, 2025 •

edited by openshift-ci bot

Loading

codecov-commenter commented Apr 2, 2025 •

edited

Loading

openshift-ci-robot commented May 12, 2025 •

edited by openshift-ci bot

Loading

openshift-ci-robot commented May 12, 2025 •

edited by openshift-ci bot

Loading

openshift-ci-robot commented May 22, 2025 •

edited by openshift-ci bot

Loading

openshift-ci-robot commented Oct 1, 2025 •

edited by openshift-ci bot

Loading

nephomaniac commented Oct 1, 2025 •

edited

Loading

openshift-ci-robot commented Oct 1, 2025 •

edited by openshift-ci bot

Loading