Skip to content

OCPBUGS-67303: Validate webhookURL secret for MSTeams receiver in AlertmanagerConfig CRD #358

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-bot merged 1 commit into from
Jan 27, 2026
Merged

OCPBUGS-67303: Validate webhookURL secret for MSTeams receiver in AlertmanagerConfig CRD #358

openshift-merge-bot merged 1 commit into from
Jan 27, 2026
+79 −0

Conversation

@slashpai
Copy link
Member

@slashpai slashpai commented Jan 23, 2026

Validate that the webhookURL secret exists in checkMSTeamsConfigs, consistent with checkMSTeamsV2Configs. This prevents operator degradation when an AlertmanagerConfig references a missing secret.

Since #354 needs go 1.25 adding as downstream patch so we can proceed with backports

(cherry picked from commit 8a8faa8)

@slashpai
alertmanager: add webhookURL secret validation to checkMSTeamsConfigs (
6a07248 
…prometheus-operator#8294)

Validate that the webhookURL secret exists in checkMSTeamsConfigs,
consistent with checkMSTeamsV2Configs. This prevents operator
degradation when an AlertmanagerConfig references a missing secret.

Signed-off-by: Jayapriya Pai <slashpai9@gmail.com>
(cherry picked from commit 8a8faa8)
@openshift-ci-robot openshift-ci-robot added jira/severity-critical Referenced Jira bug's severity is critical for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Jan 23, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Jan 23, 2026

@slashpai: This pull request references Jira Issue OCPBUGS-67303, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @juzhao

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Validate that the webhookURL secret exists in checkMSTeamsConfigs, consistent with checkMSTeamsV2Configs. This prevents operator degradation when an AlertmanagerConfig references a missing secret.

Since #354 needs go 1.25 adding as downstream patch so we can proceed with backports

(cherry picked from commit 8a8faa8)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested a review from juzhao January 23, 2026 12:20
@slashpai
Copy link
Member Author

slashpai commented Jan 23, 2026

/cherry-pick release-4.21

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Jan 23, 2026

@slashpai: once the present PR merges, I will cherry-pick it on top of release-4.21 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick release-4.21

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 23, 2026
@machine424
Copy link

machine424 commented Jan 23, 2026

/lgtm
thanks
(this would result in conflicts in the next syncbot run, but let's merge it as needed)

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jan 23, 2026
@openshift-ci
Copy link

openshift-ci bot commented Jan 23, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: machine424, slashpai

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:
  • OWNERS [machine424,slashpai]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci
Copy link

openshift-ci bot commented Jan 23, 2026

@slashpai: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 6a07248 link false /test security

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@slashpai
Copy link
Member Author

slashpai commented Jan 23, 2026

/lgtm

thanks

(this would result in conflicts in the next syncbot run, but let's merge it as needed)

Ya. But it's looking to be taking time for go 1.25 also the PO patch release has this change that's delayed too.

@juzhao
Copy link

juzhao commented Jan 27, 2026

tested with PR, issue is fixed, see the bug comment
/verified by @juzhao

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Jan 27, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Jan 27, 2026

@juzhao: This PR has been marked as verified by @juzhao.

Details

In response to this:

tested with PR, issue is fixed, see the bug comment
/verified by @juzhao

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-merge-bot openshift-merge-bot bot merged commit d63ef84 into openshift:main Jan 27, 2026
10 of 11 checks passed
@openshift-ci-robot
Copy link

openshift-ci-robot commented Jan 27, 2026

@slashpai: Jira Issue Verification Checks: Jira Issue OCPBUGS-67303
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-67303 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

Validate that the webhookURL secret exists in checkMSTeamsConfigs, consistent with checkMSTeamsV2Configs. This prevents operator degradation when an AlertmanagerConfig references a missing secret.

Since #354 needs go 1.25 adding as downstream patch so we can proceed with backports

(cherry picked from commit 8a8faa8)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Jan 27, 2026

@slashpai: new pull request created: #359

Details

In response to this:

/cherry-pick release-4.21

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Jan 27, 2026
Open
@juzhao
Copy link

juzhao commented Jan 27, 2026

my bad, the upgrade from 4.22 to 4.23 is actually blocked by the missing secret. I think it should be expected, @slashpai please see comment in https://issues.redhat.com/browse/OCPBUGS-67303?focusedId=28903702&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-28903702

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@juzhao juzhao Awaiting requested review from juzhao

@danielmellado danielmellado Awaiting requested review from danielmellado

@simonpasquier simonpasquier Awaiting requested review from simonpasquier

Assignees

@machine424 machine424

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/severity-critical Referenced Jira bug's severity is critical for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@slashpai @openshift-ci-robot @openshift-cherrypick-robot @machine424 @juzhao