Skip to content

OCPBUGS-74241: Add null checks to CRB subject #15943

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
logonoff wants to merge 1 commit into
base: main
Choose a base branch
from
Open

OCPBUGS-74241: Add null checks to CRB subject #15943

logonoff wants to merge 1 commit into from
+11 −11

Conversation

@logonoff
Copy link
Member

@logonoff logonoff commented Jan 22, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Bug Fixes
    • Enhanced stability of binding actions by implementing defensive checks that prevent runtime errors when subject data is not available, ensuring reliable operation in edge cases.

✏️ Tip: You can customize this high-level summary in your review settings.

@openshift-ci-robot openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Jan 22, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: This pull request references Jira Issue OCPBUGS-74241, which is invalid:

  • expected the bug to target the "4.22.0" version, but no target version was set

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested review from TheRealJon and rhamilto January 22, 2026 14:05
@openshift-ci openshift-ci bot added component/core Related to console core functionality approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Jan 22, 2026
@logonoff
Copy link
Member Author

logonoff commented Jan 22, 2026

/jira refresh
/cherry-pick release-4.21

/assign @rhamilto

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Jan 22, 2026

@logonoff: once the present PR merges, I will cherry-pick it on top of release-4.21 in a new PR and assign it to you.

Details

In response to this:

/jira refresh
/cherry-pick release-4.21

/assign @rhamilto

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Jan 22, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: This pull request references Jira Issue OCPBUGS-74241, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @yapei

Details

In response to this:

/jira refresh
/cherry-pick release-4.21

/assign @rhamilto

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: This pull request references Jira Issue OCPBUGS-74241, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @yapei

Details

In response to this:

Summary by CodeRabbit

  • Bug Fixes
  • Enhanced stability of binding actions by implementing defensive checks that prevent runtime errors when subject data is not available, ensuring reliable operation in edge cases.

✏️ Tip: You can customize this high-level summary in your review settings.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested a review from yapei January 22, 2026 14:06
@coderabbitai
Copy link

coderabbitai bot commented Jan 22, 2026

📝 Walkthrough

Walkthrough

The pull request adds optional safety guards to subject data access within the useBindingActions hook. The subject parameter now defaults to an empty array when absent, and all references to subject properties transition from direct access (subject.name, subject.kind) to optional chaining (subject?.name, subject?.kind). This includes updates to dependency arrays in memoized logic, conditional guards for User/Group action generation, and impersonation/accessReview operations. The changes defensively handle scenarios where subject data may be undefined at runtime.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and specifically describes the main change: adding null checks to ClusterRoleBinding subject handling, which aligns with the changeset's focus on introducing optional safety guards and optional chaining for subject data.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

Comment @coderabbitai help to get the list of available commands and usage tips.

@logonoff
Copy link
Member Author

logonoff commented Jan 22, 2026

went into cluster-admin role binding, hovered over actions menu and did not see runtime error. clicking all the actions work as expected

/verified by @logonoff

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Jan 22, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: This PR has been marked as verified by @logonoff.

Details

In response to this:

went into cluster-admin role binding, hovered over actions menu and did not see runtime error. clicking all the actions work as expected

/verified by @logonoff

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@rhamilto
Copy link
Member

rhamilto commented Jan 22, 2026

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jan 22, 2026
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jan 22, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: logonoff, rhamilto

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

/retest-required

Remaining retests: 0 against base HEAD b04aada and 2 for PR HEAD c22bf3e in total

@logonoff
Copy link
Member Author

logonoff commented Jan 22, 2026

/verified cancel
/assign @yapei

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: The /verified command must be used with one of the following actions: by, later, remove, or bypass. See https://docs.ci.openshift.org/docs/architecture/jira/#premerge-verification for more information.

Details

In response to this:

/verified cancel
/assign @yapei

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@logonoff
Copy link
Member Author

logonoff commented Jan 22, 2026

/verified cancel

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: The /verified command must be used with one of the following actions: by, later, remove, or bypass. See https://docs.ci.openshift.org/docs/architecture/jira/#premerge-verification for more information.

Details

In response to this:

/verified cancel

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@logonoff
Copy link
Member Author

logonoff commented Jan 22, 2026

/verified remove

@openshift-ci-robot openshift-ci-robot removed the verified Signifies that the PR passed pre-merge verification criteria label Jan 22, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 22, 2026

@logonoff: The verified label has been removed.

Details

In response to this:

/verified remove

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jan 22, 2026

@logonoff: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rhamilto rhamilto Awaiting requested review from rhamilto

@TheRealJon TheRealJon Awaiting requested review from TheRealJon

@yapei yapei Awaiting requested review from yapei

Assignees

@rhamilto rhamilto

@yapei yapei

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. component/core Related to console core functionality jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@logonoff @openshift-ci-robot @openshift-cherrypick-robot @rhamilto @yapei