Skip to content

OLS-2316 - Adding section about reporting periodic tests#592

Open
JoaoFula wants to merge 1 commit intokonflux-ci:mainfrom
JoaoFula:adding-reporting-periodic-tests-section
Open

OLS-2316 - Adding section about reporting periodic tests#592
JoaoFula wants to merge 1 commit intokonflux-ci:mainfrom
JoaoFula:adding-reporting-periodic-tests-section

Conversation

@JoaoFula
Copy link
Copy Markdown

No description provided.

@JoaoFula JoaoFula requested a review from a team as a code owner March 11, 2026 15:45
@snyk-io
Copy link
Copy Markdown

snyk-io bot commented Mar 11, 2026

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a new Tekton pipeline for generating weekly reports on periodic integration tests, along with corresponding AsciiDoc documentation. However, the bash script within the pipeline contains several critical command injection vulnerabilities due to improper handling of user-supplied parameters, including direct command substitution of variable content, unquoted variable usage in shell commands, and the use of unquoted heredocs that evaluate user-controlled data. These issues allow for arbitrary code execution within the CI/CD environment. Besides the security issues, the reporting.yaml file contains invalid YAML syntax that will prevent the pipeline from being parsed and a bug in the shell script that will cause an error during execution. There are also high-severity issues related to hardcoded URLs and redundant package installations. Further improvements are suggested to enhance script efficiency. The documentation in reporting-periodic-tests.adoc has been reviewed against the repository's style guide and contains a high-severity issue with a broken link, along with several medium-severity violations of the style guide and an instance of using a deprecated field in an example.

Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/examples/reporting.yaml Outdated
Comment thread modules/testing/pages/integration/reporting-periodic-tests.adoc Outdated
Comment thread modules/testing/pages/integration/reporting-periodic-tests.adoc Outdated
Comment thread modules/testing/pages/integration/reporting-periodic-tests.adoc Outdated
Comment thread modules/testing/pages/integration/reporting-periodic-tests.adoc Outdated
Comment thread modules/testing/pages/integration/reporting-periodic-tests.adoc Outdated
Comment thread modules/testing/examples/reporting.yaml
Comment thread modules/testing/examples/reporting.yaml Outdated
fi

# Generate log link (OpenShift Console URL)
local log_link="https://konflux-ui.apps.stone-prd-rh01.pg1f.p1.openshiftapps.com/ns/$NAMESPACE/applications/$APPLICATION/pipelineruns/$name"
Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't hardcore konflux deployment URLs into docs

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

or code if this is supposed to be reusable

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So for the log link I should have it depend on a parameter called KONFLUX_UI_URL or something?

Comment thread modules/testing/examples/reporting.yaml Outdated
Copy link
Copy Markdown
Contributor

@MartinBasti MartinBasti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think that this belongs to upstream documentation.

What is the purpose of this for common konflux user? This seems like very specific use case not a general one.

Examples are full of Red Hat specific deployments, that's shouldn't be in doc.

Also, dumping 500 lines script as example doesn't look well. If this is something konflux users desire, then it should be a real well tested task bundle, not a example to be fixed.

@JoaoFula
Copy link
Copy Markdown
Author

The idea around this is to have a general pipeline for users to be able to get their test results. Konflux does not do a good job at providing users with a clear way to visualize test results, especially so when it comes to periodic ones (you have to search through your pipeline runs, looking at the time when your pipeline ran and do this for every single day of the week you want to look at). This is a way for users to be able to pull that information and automate it to get said report on their email weekly.

Furthermore, I'd argue that automated test reporting when you have a section for automated periodic testing is anything but specific. This should always be something that teams strive to have. Tests and clear visualization of the results for those tests.

I agree that this requires a lot of fixing but I still think that having a guideline for anyone wanting to create reporting for their periodic pipelines makes complete sense, especially when visualization of said results is not at all clear.

Adding section about reporting periodic tests
@JoaoFula JoaoFula force-pushed the adding-reporting-periodic-tests-section branch from 574f5ff to 8374f16 Compare March 12, 2026 10:37
@MartinBasti
Copy link
Copy Markdown
Contributor

Konflux does not do a good job at providing users with a clear way to visualize test results, especially so when it comes to periodic ones (you have to search through your pipeline runs, looking at the time when your pipeline ran and do this for every single day of the week you want to look at).

Have you filed a konflux bug?

@JoaoFula
Copy link
Copy Markdown
Author

Hey @MartinBasti , I don't think that's a bug report situation. Potentially a feature request and I can definitely put that in.
What do you reckon we should do with this PR? I reckon that having steps on adopting periodic reporting is valuable, especially as we all are using more and more AI code tools, since testing and visualization are going to be the way to get info on our products qualities.

That being said, I do understand you don't want such a big script in the docs. I suggest us moving this script somewhere else and not paste it here as we do in other places in the docs.
But again, if you don't think this information should be living in these docs, then I'm fine with dropping this.
Thanks

@dirgim
Copy link
Copy Markdown
Member

dirgim commented Apr 1, 2026

@JoaoFula would you consider contributing the proposed pipeline to the https://github.com/konflux-ci/tekton-integration-catalog repository?

@JoaoFula
Copy link
Copy Markdown
Author

JoaoFula commented Apr 8, 2026

@dirgim konflux-ci/tekton-integration-catalog#279 created and tested. We can adapt the docs to mention this pipeline when merged or ignore the docs changes altogether. Up to you

@MartinBasti MartinBasti self-requested a review April 9, 2026 11:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants