NO-ISSUE: Fix Failure Status condition to True when kubeletconfig or container runtime config validation fails

[ngopalak-redhat]

- What I did
Fixed the wrapErrorWithCondition function in both kubelet-config and container-runtime-config controllers to correctly report failure status as True instead of False when validation errors occur.

The function was incorrectly setting Failure condition status to False when errors occurred. According to Kubernetes condition semantics, a condition type should be True when that condition is present. So Failure=True means a failure has occurred, not Failure=False.

- How to verify it

- Description for the changelog

Fix KubeletConfig and ContainerRuntimeConfig Failure condition status to correctly report True when validation errors occur.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[ngopalak-redhat]

/test all

[ngopalak-redhat]

/test unit

[ngopalak-redhat]

/payload-job periodic-ci-openshift-machine-config-operator-release-4.21-periodics-e2e-aws-mco-disruptive-techpreview-1of2

[openshift-ci]

@ngopalak-redhat: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

• periodic-ci-openshift-machine-config-operator-release-4.21-periodics-e2e-aws-mco-disruptive-techpreview-1of2

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/24844ac0-efc9-11f0-9415-bd4d485cb97a-0

[ngopalak-redhat]

/payload-job periodic-ci-openshift-machine-config-operator-release-4.22-periodics-e2e-aws-mco-disruptive-techpreview-1of2

[openshift-ci]

@ngopalak-redhat: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

• periodic-ci-openshift-machine-config-operator-release-4.22-periodics-e2e-aws-mco-disruptive-techpreview-1of2

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/3339db20-efc9-11f0-899d-abca408d040f-0

[sairameshv]

I don't think this fix requires UTs but they are a good to have anyway.

/lgtm

[haircommander]

/retest
makes sense to me
/lgtm

[ngopalak-redhat]

/retitle: NO-ISSUE: Fix Failure Status condition to True when kubeletconfig or container runtime config validation fails
/retest-required

[openshift-ci-robot]

@ngopalak-redhat: This pull request explicitly references no jira issue.

Details

In response to this:

- What I did
Fixed the wrapErrorWithCondition function in both kubelet-config and container-runtime-config controllers to correctly report failure status as True instead of False when validation errors occur.

The function was incorrectly setting Failure condition status to False when errors occurred. According to Kubernetes condition semantics, a condition type should be True when that condition is present. So Failure=True means a failure has occurred, not Failure=False.

- How to verify it

- Description for the changelog

Fix KubeletConfig and ContainerRuntimeConfig Failure condition status to correctly report True when validation errors occur.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@ngopalak-redhat: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/bootstrap-unit	ba52a8d	link	false	/test bootstrap-unit

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[isabella-janssen]

Is only one condition being set here? If we hit an error case here, does it mean that there could still be a mcfgv1.ContainerRuntimeConfigSuccess condition set to True from a previous update that persists?

[ngopalak-redhat]

I see your point. I have raised https://issues.redhat.com/browse/OCPNODE-4040 to fix it. The scope of this fix is to make sure that the reported "Failure" is set to "False"

The scope of this immediate fix is to ensure that the reported 'Failure' condition is set to 'False'.

A larger fix (potentially as part of OCPNODE-4040 or a separate task) might need to define a new status type, such as KubeletConfigAccepted, rather than relying on generic 'Failure' or 'Success' types. That would likely require an API change (see here: [Link]). Therefore, I am limiting the scope of this current change to just fixing the 'Failure' condition logic.

The larger fix as part of https://issues.redhat.com/browse/OCPNODE-4040 might need to define a new status instead of using "Failure" or "Success". It needs to be more meaningful like "KubeletConfigAccepted" or something similar. May be an API change also https://github.com/openshift/api/blob/master/machineconfiguration/v1/types.go#L801.
Hence scope of this fix is to just fix the condition "Failure".

cc: @haircommander @sairameshv

[umohnani8]

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: haircommander, ngopalak-redhat, sairameshv, umohnani8

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [umohnani8]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment