WIP 🐛 OCPBUGS-77829: fix(Boxcutter): Fix ClusterExtension spec changes ignored while revision is rolling out

[camilamacedo86]

What's wrong

When a revision is rolling out, the controller skips the resolver — even if the CE consumer changes the spec. The CE consumer's only option to recover is manually deleting revisions.

What this PR does

Fixes Boxcutter rollout behavior so ClusterExtension spec updates (during an in-progress/stuck rollout) are no longer ignored, by persisting and comparing a catalog-spec fingerprint per revision.

Changes:

• Add a SHA-256 “source digest” annotation on each Boxcutter revision and plumb it through revision state reading.
• Reuse a rolling-out revision only when its stored digest matches the current ClusterExtension catalog spec; otherwise re-resolve.
• Add E2E + controller-unit coverage for “spec changes during rollout triggers re-resolution” and digest normalization behavior.

Backward compatibility

Revisions created before this PR have no fingerprint. The controller detects this and falls back to the old behavior until a new revision is created.

RFC: https://docs.google.com/document/d/1qNjdal3zaz7QTGHPAnPRO1aRnaum5iup0rRyiFar8CM/edit?tab=t.0#heading=h.x3tfh25grvnv
Motivated by: https://redhat.atlassian.net/browse/OCPBUGS-77829

PS: :jira-blocker: by thread: https://redhat-internal.slack.com/archives/C06KP34REFJ/p1774251840822449?thread_ts=1773998183.972329&cid=C06KP34REFJ

[netlify]

✅ Deploy Preview for olmv1 ready!

Name	Link
🔨 Latest commit	c79e8c2
🔍 Latest deploy log	https://app.netlify.com/projects/olmv1/deploys/69f46b047fa44700089c9077
😎 Deploy Preview	https://deploy-preview-2566--olmv1.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[Copilot]

Pull request overview

Fixes operator-controller (Boxcutter runtime) behavior where a ClusterExtension spec change could be ignored while a prior ClusterExtensionRevision is still rolling out, by re-resolving from the catalog when the rolling-out revision no longer matches the current spec.

Changes:

• Update ResolveBundle to reuse the rolling-out revision only when it still matches the current package/version constraints; otherwise re-resolve from the catalog.
• Add rollingOutRevisionMatchesSpec helper to compare rolling-out revision metadata against spec version constraints.
• Add unit and E2E coverage for “spec change while rolling out” behavior.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
internal/operator-controller/controllers/clusterextension_reconcile_steps.go	Implements spec-vs-rolling-out compatibility check and re-resolve behavior.
internal/operator-controller/controllers/clusterextension_controller_test.go	Updates an existing Boxcutter test fixture and adds 2 new tests for re-resolve vs reuse behavior.
test/e2e/features/update.feature	Adds E2E scenario verifying version change during a stuck rollout triggers re-resolution.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[codecov]

Codecov Report

❌ Patch coverage is 70.64220% with 32 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.75%. Comparing base (eea6f95) to head (0f23c6c).
⚠️ Report is 97 commits behind head on main.

Files with missing lines	Patch %	Lines
...er/controllers/clusterextension_reconcile_steps.go	68.93%	25 Missing and 7 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2566      +/-   ##
==========================================
- Coverage   67.81%   67.75%   -0.06%     
==========================================
  Files         137      137              
  Lines        9526     9639     +113     
==========================================
+ Hits         6460     6531      +71     
- Misses       2572     2606      +34     
- Partials      494      502       +8     

Flag	Coverage Δ
e2e	38.37% <34.86%> (+0.22%)	⬆️
experimental-e2e	51.07% <58.71%> (-0.03%)	⬇️
unit	52.95% <66.05%> (+0.03%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[pedjak]

/lgtm

IMHO, the added e2e test could be made faster.

[openshift-ci]

New changes are detected. LGTM label has been removed.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from pedjak. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Copilot]

Pull request overview

This PR fixes Boxcutter’s rollout behavior so ClusterExtension catalog-spec changes made during an in-progress (or stuck) rollout are detected and trigger re-resolution, rather than continuing to reuse a stale rolling-out revision.

Changes:

• Persist a SHA-256 “catalog source spec digest” on each Boxcutter revision and read it back into revision state.
• Reuse an existing rolling-out revision only when its stored digest matches the current ClusterExtension catalog spec; otherwise re-run resolution.
• Add controller unit tests + an E2E scenario covering “spec change during stuck rollout triggers re-resolution” and digest normalization behavior.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
test/e2e/features/update.feature	Adds an E2E scenario ensuring version changes during a stuck rollout cause a new resolution and successful rollout.
internal/operator-controller/labels/labels.go	Introduces a new annotation key constant for storing the source digest on revisions.
internal/operator-controller/controllers/suite_test.go	Adds a test helper to compute digests consistent with CRD defaults in envtest.
internal/operator-controller/controllers/clusterextension_reconcile_steps.go	Implements digest computation/normalization and rolling-out revision reuse vs re-resolve logic; improves version constraint matching when deciding fallback behavior.
internal/operator-controller/controllers/clusterextension_controller_test.go	Adds extensive unit coverage for re-resolution behavior during rollout and digest normalization.
internal/operator-controller/controllers/clusterextension_controller.go	Extends RevisionMetadata to include SourceDigest.
internal/operator-controller/controllers/boxcutter_reconcile_steps.go	Plumbs digest from/to ClusterObjectSet annotations (write on apply, read in revision state getter).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

This PR fixes Boxcutter rollout behavior so ClusterExtension spec changes made during an in-progress/stuck rollout are no longer ignored. It does this by persisting a catalog-spec fingerprint per revision and only reusing a rolling-out revision when its fingerprint matches the current spec.

Changes:

• Add a SHA-256 “source digest” (olm.operatorframework.io/source-digest) annotation to Boxcutter revisions and plumb it through revision state reading.
• Reuse a rolling-out revision only when its stored digest matches the current ClusterExtension.spec.source.catalog inputs; otherwise re-resolve.
• Add unit + E2E coverage for “spec changes during rollout triggers re-resolution” and digest normalization.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
test/e2e/features/update.feature	Adds an E2E scenario validating that changing version during a stuck rollout triggers a new resolution.
internal/operator-controller/labels/labels.go	Introduces the SourceDigestKey annotation constant for revision fingerprinting.
internal/operator-controller/controllers/suite_test.go	Adds a test helper to compute digests consistent with CRD defaulting (for envtest expectations).
internal/operator-controller/controllers/clusterextension_reconcile_steps.go	Implements digest computation/normalization and rolling-out revision reuse vs re-resolve decision logic; improves version constraint handling in resolution error fallback.
internal/operator-controller/controllers/clusterextension_controller_test.go	Adds unit coverage for re-resolve/reuse behavior during rollout and digest normalization behavior.
internal/operator-controller/controllers/clusterextension_controller.go	Extends RevisionMetadata with SourceDigest to carry the fingerprint through controller logic.
internal/operator-controller/controllers/boxcutter_reconcile_steps.go	Reads/writes the source digest annotation on ClusterObjectSet revisions.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Fixes Boxcutter rollout behavior so ClusterExtension catalog-spec changes made during an in-progress rollout are detected and trigger re-resolution instead of continuing to reuse a stale rolling-out revision.

Changes:

• Add per-revision “source digest” annotation (olm.operatorframework.io/source-digest) and plumb it through revision state reading.
• Reuse a rolling-out revision only when its stored digest matches the current ClusterExtension.spec.source.catalog fingerprint; otherwise re-resolve.
• Add controller-unit tests plus an E2E scenario covering “spec changes during stuck rollout triggers re-resolution” and digest normalization cases.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
test/e2e/features/update.feature	Adds an E2E scenario asserting spec version changes during a stuck rollout cause a new resolution and successful install.
internal/operator-controller/labels/labels.go	Introduces the SourceDigestKey annotation constant for persisted revision fingerprints.
internal/operator-controller/controllers/suite_test.go	Adds a test helper to compute digests in a way consistent with CRD defaulting.
internal/operator-controller/controllers/clusterextension_reconcile_steps.go	Implements digest computation + rolling-out revision reuse vs re-resolve decision logic; improves version constraint matching.
internal/operator-controller/controllers/clusterextension_controller_test.go	Adds extensive unit coverage for digest-based re-resolution and selector/channel normalization.
internal/operator-controller/controllers/clusterextension_controller.go	Extends RevisionMetadata with SourceDigest to carry the persisted fingerprint.
internal/operator-controller/controllers/boxcutter_reconcile_steps.go	Reads/writes the source digest annotation when listing revisions and creating new revisions.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.