USHIFT-6804: AI Skill: Automated Testing - Prow (Phase 2)

[agullon]

Summary

Adds the Phase 2 (Prow CI) release testing skill for MicroShift 4.21+. This replaces the manual workflow of creating PRs, triggering jobs, checking statuses, downloading artifacts, and uploading them to S3.

The skill runs all steps sequentially, asking for confirmation before each mutating action and skipping steps that are already complete. It exposes 7 commands via prow_testing.py, all consumable by /microshift-release:automated-testing <version>:

Step	Command	Purpose
1	create-pr	Create a draft PR with an empty commit on the release branch
2	trigger	Post /test comments to retrigger failed/not-started jobs
3	status	Display CI job statuses (GCS + GitHub check cross-referencing)
4	merge	Undraft PR and post labels — does not post /lgtm (requires human)
5	merge-status	Check if Tide has merged the PR
6	download	Download artifacts from GCS per-job
7	upload	Compress to tar.gz and upload to S3

All mutating commands use a dry-run/--execute pattern. Output is structured JSON for programmatic consumption.

Commit breakdown

1. Library layer — lib/prow.py with GCS job listing, parallel status fetching, version parsing + unit tests
2. CLI orchestrator — prow_testing.py with the 7 commands + prow_testing.sh venv wrapper
3. Skill + packaging — SKILL.md defining the 7-step workflow + plugin version bump to 1.2.0

Example output

Test it with [release-4.22] Release Testing 4.22.0-rc.3 PR and results pushed into S3 directory

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 6693da99-42ea-4605-ac14-b4aa16641fa4

📥 Commits

Reviewing files that changed from the base of the PR and between 2b0f519 and 2236dad.

📒 Files selected for processing (1)

• plugins/microshift-release/skills/automated-testing/SKILL.md

---

Walkthrough

Adds a Prow-focused release-testing feature: a new prow library for version parsing, PR discovery, GCS/GitHub status aggregation; a prow_testing.py CLI with create/trigger/status/merge/download/upload commands; a shell wrapper; unit tests; SKILL documentation; and plugin/README metadata updates.

Changes

Prow Release Testing Workflow

Layer / File(s)	Summary
Skill documentation and metadata plugins/microshift-release/skills/automated-testing/SKILL.md, plugins/microshift-release/.claude-plugin/plugin.json, plugins/microshift-release/README.md	SKILL.md documents the automated-testing workflow and usage; plugin version bumped to 1.2.0; README roadmap entry renamed to automated-testing.
CI job lists and constants plugins/microshift-release/scripts/lib/prow.py	Module-level constants and ci_jobs() job lists for supported minors.
Version parsing and PR discovery plugins/microshift-release/scripts/lib/prow.py	parse_version() validates/normalizes versions (enforces >=4.21, rejects nightly); find_release_testing_pr() and find_pr_any_state() locate PRs via gh.
GCS listing and HTTP helpers plugins/microshift-release/scripts/lib/prow.py	HTTP helper and list_pr_jobs() query GCS job directories for a PR.
Job matching and latest-build lookup plugins/microshift-release/scripts/lib/prow.py	match_ci_jobs() maps expected short names to GCS job directories; get_latest_build() reads latest-build.txt and finished.json to determine build result.
GitHub checks and status aggregation plugins/microshift-release/scripts/lib/prow.py	get_pr_check_statuses() invokes gh pr checks; fetch_all_job_statuses() concurrently fetches builds and merges GCS + GitHub states with override rules.
CLI entrypoint and helpers plugins/microshift-release/scripts/prow_testing.py	Module setup, logging, _require_pr() and human-readable status table formatting.
Create PR and trigger commands plugins/microshift-release/scripts/prow_testing.py	cmd_create_pr creates draft PRs (empty commit workflow) and cmd_trigger posts /test comments for failed/not-started jobs; both support dry-run vs --execute.
Status and merge commands plugins/microshift-release/scripts/prow_testing.py	cmd_status emits JSON or formatted table; cmd_merge undrafts and posts merge labels/approval; cmd_merge_status reports merge outcome.
Artifact download and upload plugins/microshift-release/scripts/prow_testing.py	cmd_download fetches completed job artifacts via gsutil; cmd_upload tars and uploads to S3 via aws.
Argparse wiring and main plugins/microshift-release/scripts/prow_testing.py	Subcommand wiring, --execute gating for mutating actions, JSON error handling in main().
Shell wrapper and test runner plugins/microshift-release/scripts/prow_testing.sh, plugins/microshift-release/scripts/run_unit_tests.sh	Bash wrapper provisions venv and runs CLI; test runner updated to include new tests.
Unit tests plugins/microshift-release/scripts/unit_tests/test_prow.py	Adds unittest coverage for version parsing, job lists/matching, GH check mapping, and status-merge semantics.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Suggested labels: ready-for-human-review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 markdownlint-cli2 (0.22.1)

plugins/microshift-release/skills/automated-testing/SKILL.md

markdownlint-cli2 v0.22.1 (markdownlint v0.40.0)
Finding: plugins/microshift-release/skills/automated-testing/SKILL.md !node_modules/** !two-node-toolbox/**
Linting: 1 file(s)
Summary: 0 error(s)
AggregateError: Unable to import module 'markdownlint-cli2-formatter-pretty'.
at importModule (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:90:11)
at async Promise.all (index 0)
at async outputResults (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:838:9)
at async main (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:1029:5)
at async file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2-bin.mjs:14:22 {
[errors]: [
Error: Cannot find module 'markdownlint-cli2-formatter-pretty'
Require stack:
- /usr/local/lib/node_modules/markdownlint-cli2/node_modules/markdownlint/lib/resolve-module.cjs
at Module._resolveFilename (node:internal/modules/cjs/loader:1476:1

... [truncated 1108 characters] ...

node:internal/modules/esm/resolve:271:11)
at moduleResolve (node:internal/modules/esm/resolve:861:10)
at defaultResolve (node:internal/modules/esm/resolve:988:11)
at #cachedDefaultResolve (node:internal/modules/esm/loader:697:20)
at #resolveAndMaybeBlockOnLoaderThread (node:internal/modules/esm/loader:714:38)
at ModuleLoader.resolveSync (node:internal/modules/esm/loader:746:52)
at #resolve (node:internal/modules/esm/loader:679:17)
at ModuleLoader.getOrCreateModuleJob (node:internal/modules/esm/loader:599:35)
at node:internal/modules/esm/loader:628:32
at TracingChannel.tracePromise (node:diagnostics_channel:362:14) {
code: 'ERR_MODULE_NOT_FOUND',
url: 'file:///markdownlint-cli2-formatter-pretty'
}
]
}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: agullon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [agullon]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[agullon]

/label tide/merge-method-squash

[coderabbitai]

Actionable comments posted: 7

🧹 Nitpick comments (1)

plugins/microshift-release/scripts/unit_tests/test_prow.py (1)

47-49: ⚡ Quick win

Remove redundant test.

test_rejects_bare_minor is redundant with test_rejects_invalid_format (lines 42-45): both test the same input "4.21" expecting a ValueError. One test already validates the error message; the duplicate adds no value.

♻️ Proposed fix

-    def test_rejects_bare_minor(self):
-        with self.assertRaises(ValueError):
-            prow.parse_version("4.21")
-

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@plugins/microshift-release/scripts/unit_tests/test_prow.py` around lines 47 -
49, Remove the redundant unit test function test_rejects_bare_minor which
duplicates test_rejects_invalid_format; delete the entire
test_rejects_bare_minor function so only test_rejects_invalid_format remains to
assert prow.parse_version("4.21") raises ValueError (and preserves its existing
message assertion).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@plugins/microshift-release/scripts/lib/prow.py`:
- Around line 108-117: Create a centralized helper (e.g., get_gh_runner or
run_gh_command) that first resolves the "gh" executable with shutil.which and
raises a clear error if not found, then calls subprocess.run with that resolved
path, sets capture_output=True, text=True, and enforces a sensible timeout
(e.g., timeout=30). Replace direct subprocess.run invocations that call "gh"
(the call building ["gh", "pr", "list", ...] and the other occurrences around
the current pr-list and other gh uses) to use this helper so every GH invocation
uses the resolved executable and a timeout; preserve passing GH_REPO and other
args through to the helper and propagate subprocess.CalledProcessError or return
subprocess.CompletedProcess as before. Ensure the helper is imported/defined
near other utility functions in prow.py so all gh subprocess uses (including the
blocks around the existing subprocess.run calls) are centralized.

In `@plugins/microshift-release/scripts/prow_testing.py`:
- Around line 145-185: The subprocess.run invocations (e.g., the git
checkout/commit/push and gh pr create calls involving variables like
head_branch, repo_dir, v, push_result, pr_result) must be hardened the same way
as in prow.py: resolve executables with shutil.which (use resolved paths for
"git" and "gh") and pass an explicit timeout (and check=True where appropriate)
to avoid indefinite hangs and satisfy Ruff S603/S607; update these calls in
prow_testing.py and the other noted regions (around lines 248-255, 333-353,
484-487, 574-577) to use the resolved command paths and a sensible timeout
value, preserving current arguments and capturing output/text as before.
- Around line 496-501: The output dictionary currently always sets "status":
"completed" regardless of job outcomes; change the logic that builds output (the
variable named output near the end of prow_testing.py and the code that
populates results) to inspect results for any failed gsutil copy (e.g., a
non-zero return code or an explicit failure flag in each job entry) and set
"status" to "failed" (or "partial" per your convention) if any job failed,
otherwise "completed"; update both the block producing output at lines ~496-501
and the similar block at ~508-513 so download_dir and jobs remain the same but
status reflects the aggregated success/failure of results.
- Around line 145-154: The git checkout/commit subprocess.run calls in main()
(the ones using head_branch, v['branch'], v['version'], and repo_dir) must be
wrapped in try/except that catches subprocess.CalledProcessError and emits the
same structured JSON error used elsewhere in this script (preserve exit code and
stderr) instead of letting a traceback print; update both the checkout block and
the commit block (and the similar calls around lines 626-633) to catch
CalledProcessError and call the existing JSON error-emission routine (or the
same logic used elsewhere for structured errors) before exiting.

In `@plugins/microshift-release/scripts/prow_testing.sh`:
- Line 1: Replace the current shebang in
plugins/microshift-release/scripts/prow_testing.sh from #!/usr/bin/env bash to
the repository-required #!/usr/bin/bash and ensure the script enables strict
mode by adding set -euo pipefail near the top (immediately after the shebang) so
the script follows the CONTRIBUTING.md shell script standard.

In `@plugins/microshift-release/skills/automated-testing/SKILL.md`:
- Around line 89-93: Update Step 5 of SKILL.md (the description around running
`bash ${SCRIPTS_DIR}/prow_testing.sh merge-status <version>`) to explicitly
document the `"closed"` outcome as a stop condition: state that if the JSON
returns `"status": "closed"` (closed without merge) the workflow should display
the message and stop the workflow (same behavior as `"open"`), and include this
edge case as a clear safety/stop condition per SKILL-GUIDELINES.md.
- Around line 23-25: Update the example invocation in SKILL.md to include the
required <action> positional argument for the CLI; change the shown command that
references prow_testing.sh to pass <action> before <version> (e.g.,
prow_testing.sh <action> <version>) so the documentation matches the script's
expected arguments and users aren't misled into omitting the action parameter.

---

Nitpick comments:
In `@plugins/microshift-release/scripts/unit_tests/test_prow.py`:
- Around line 47-49: Remove the redundant unit test function
test_rejects_bare_minor which duplicates test_rejects_invalid_format; delete the
entire test_rejects_bare_minor function so only test_rejects_invalid_format
remains to assert prow.parse_version("4.21") raises ValueError (and preserves
its existing message assertion).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: b30973c4-3bde-42cf-a1f0-45b48f1f84b8

📥 Commits

Reviewing files that changed from the base of the PR and between e76bd1a and 61f95aa.

📒 Files selected for processing (8)

• plugins/microshift-release/.claude-plugin/plugin.json
• plugins/microshift-release/README.md
• plugins/microshift-release/scripts/lib/prow.py
• plugins/microshift-release/scripts/prow_testing.py
• plugins/microshift-release/scripts/prow_testing.sh
• plugins/microshift-release/scripts/run_unit_tests.sh
• plugins/microshift-release/scripts/unit_tests/test_prow.py
• plugins/microshift-release/skills/automated-testing/SKILL.md

[coderabbitai]

🧹 Nitpick comments (1)

plugins/microshift-release/scripts/lib/prow.py (1)

222-226: 💤 Low value

Dead exception handlers around _http_get calls.

_http_get already catches requests.RequestException internally and returns None on failure (line 166). The try/except RequestException blocks here will never catch anything since exceptions are already handled.

The None checks at lines 228 and 242-247 correctly handle failures, so these try/except blocks are just dead code.

♻️ Simplify by removing dead exception handlers

-    try:
-        resp = _http_get(f"{base}/latest-build.txt")
-    except requests.RequestException as e:
-        logger.warning("Failed to fetch latest-build.txt for %s: %s", full_job_name, e)
-        return {"job": full_job_name, "status": "ERROR", "url": None, "build_id": None}
+    resp = _http_get(f"{base}/latest-build.txt")

     if resp is None or resp.status_code != 200:
         return {"job": full_job_name, "status": "ERROR", "url": None, "build_id": None}

-    try:
-        finished_resp = _http_get(f"{base}/{build_id}/finished.json")
-    except requests.RequestException:
-        return {"job": full_job_name, "status": "PENDING", "url": prow_url, "build_id": build_id}
+    finished_resp = _http_get(f"{base}/{build_id}/finished.json")

Also applies to: 237-240

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@plugins/microshift-release/scripts/lib/prow.py` around lines 222 - 226, The
try/except blocks around the _http_get calls are dead because _http_get already
catches requests.RequestException and returns None; remove the outer try/except
that wraps _http_get(f"{base}/latest-build.txt") and the similar handler around
the other _http_get call, and rely on the existing None checks (e.g., the
subsequent "if resp is None" logic) to handle failures; update any logger
messages to the existing None-path behavior rather than catching exceptions.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@plugins/microshift-release/scripts/lib/prow.py`:
- Around line 222-226: The try/except blocks around the _http_get calls are dead
because _http_get already catches requests.RequestException and returns None;
remove the outer try/except that wraps _http_get(f"{base}/latest-build.txt") and
the similar handler around the other _http_get call, and rely on the existing
None checks (e.g., the subsequent "if resp is None" logic) to handle failures;
update any logger messages to the existing None-path behavior rather than
catching exceptions.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 87b9ae2c-ab2f-452a-b902-88e266362b28

📥 Commits

Reviewing files that changed from the base of the PR and between 61f95aa and d472c60.

📒 Files selected for processing (2)

• plugins/microshift-release/scripts/lib/prow.py
• plugins/microshift-release/scripts/prow_testing.py

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (2)

plugins/microshift-release/skills/automated-testing/SKILL.md (2)

23-25: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Fix manual invocation to include the required action argument.

Line 24 currently shows prow_testing.sh <version>, but manual mode requires an action first; this example will fail or mislead users.

Suggested doc fix

-bash plugins/microshift-release/scripts/prow_testing.sh <version>
+bash plugins/microshift-release/scripts/prow_testing.sh <action> <version> [--execute]

As per coding guidelines, CONTRIBUTING.md says to “ensure the user-facing workflow docs (e.g., SKILL.md steps and prerequisites) match actual script behavior.”

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@plugins/microshift-release/skills/automated-testing/SKILL.md` around lines 23
- 25, The example invocation in SKILL.md is missing the required action argument
for the prow_testing.sh script; update the example line that currently shows
"bash plugins/microshift-release/scripts/prow_testing.sh <version>" to include
the action parameter (e.g., "manual" or the appropriate action your script
expects) so it correctly demonstrates calling prow_testing.sh with both the
action and the version arguments (refer to the script name prow_testing.sh and
the example line in SKILL.md).

---

89-93: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Document closed as an explicit merge-status stop condition.

Step 5 omits the closed outcome (PR closed without merge). Add it as a stop condition so operators don’t continue to artifact steps incorrectly.

Suggested doc fix

 - If `"status": "merged"` — display the message and continue to Step 6.
 - If `"status": "open"` — display the message and stop the workflow (waiting for human `/lgtm` and Tide merge).
+- If `"status": "closed"` — display the message and stop the workflow (PR was closed without merge).

As per coding guidelines, plugins/docs/SKILL-GUIDELINES.md requires documenting “relevant safety/edge cases” with “clear stop/error conditions.”

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@plugins/microshift-release/skills/automated-testing/SKILL.md` around lines 89
- 93, Step 5's merge-status handling omits the `"closed"` outcome; update the
documentation for the command `bash ${SCRIPTS_DIR}/prow_testing.sh merge-status
<version>` to parse the JSON and treat `"status": "closed"` as an explicit stop
condition (same behavior as `"open"`) so operators do not proceed to artifact
steps; modify the SKILL.md text where the three cases are listed to add a bullet
explaining that `"status": "closed"` should display a clear message and halt the
workflow until human intervention.

🧹 Nitpick comments (1)

plugins/microshift-release/scripts/prow_testing.py (1)

587-590: ⚡ Quick win

Derive public URL from prow.S3_BUCKET to avoid silent breakage.

The replacement hardcodes "s3://release-testing-results" and the region. If prow.S3_BUCKET changes, replace() will silently produce an incorrect URL (the original s3:// URI unchanged or partially mangled).

Proposed fix

-    public_url = s3_dest.replace(
-        "s3://release-testing-results",
-        "https://release-testing-results.s3.us-west-2.amazonaws.com",
-    )
+    # Parse bucket name from S3_BUCKET constant
+    bucket_name = prow.S3_BUCKET.replace("s3://", "")
+    s3_region = "us-west-2"  # or add S3_REGION constant to prow module
+    public_url = s3_dest.replace(
+        prow.S3_BUCKET,
+        f"https://{bucket_name}.s3.{s3_region}.amazonaws.com",
+    )

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@plugins/microshift-release/scripts/prow_testing.py` around lines 587 - 590,
The current public_url computation hardcodes "s3://release-testing-results" and
the region, which breaks if prow.S3_BUCKET changes; update the logic that sets
public_url (derived from s3_dest) to base the replacement on prow.S3_BUCKET
instead of the hardcoded string and construct the HTTPS host from that bucket
value (e.g., use prow.S3_BUCKET to determine the bucket name and build the
https://{bucket}.s3.{region}.amazonaws.com form or a safer transformation of
s3:// to https://), ensuring s3_dest is left unchanged on mismatch and avoiding
silent incorrect URLs; update references in this block (variables public_url,
s3_dest and prow.S3_BUCKET) accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@plugins/microshift-release/scripts/lib/prow.py`:
- Around line 41-46: ci_jobs currently maps any minor >21 to _CI_JOBS_422;
change it to explicitly accept only supported minors and raise on others: in
ci_jobs(minor) parse minor_num as now, then if minor_num == 21 return
_CI_JOBS_421, elif minor_num == 22 return _CI_JOBS_422, else raise a ValueError
(or custom exception) with a clear message about unsupported minor; update/ add
unit tests to assert behavior for 21, 22 and that e.g. 23 raises.

In `@plugins/microshift-release/scripts/prow_testing.py`:
- Around line 59-60: Guard against empty statuses before calling max: replace
the current unconditional max() on the generator with either a check (if
statuses: col_job = max(len(s["short_name"]) for s in statuses) else: col_job =
len("Job")) or use max(..., default=0) and then ensure col_job = max(col_job,
len("Job")). Target the existing code that sets col_job (the two lines
referencing col_job and statuses) so it won't call max on an empty iterable.

---

Duplicate comments:
In `@plugins/microshift-release/skills/automated-testing/SKILL.md`:
- Around line 23-25: The example invocation in SKILL.md is missing the required
action argument for the prow_testing.sh script; update the example line that
currently shows "bash plugins/microshift-release/scripts/prow_testing.sh
<version>" to include the action parameter (e.g., "manual" or the appropriate
action your script expects) so it correctly demonstrates calling prow_testing.sh
with both the action and the version arguments (refer to the script name
prow_testing.sh and the example line in SKILL.md).
- Around line 89-93: Step 5's merge-status handling omits the `"closed"`
outcome; update the documentation for the command `bash
${SCRIPTS_DIR}/prow_testing.sh merge-status <version>` to parse the JSON and
treat `"status": "closed"` as an explicit stop condition (same behavior as
`"open"`) so operators do not proceed to artifact steps; modify the SKILL.md
text where the three cases are listed to add a bullet explaining that `"status":
"closed"` should display a clear message and halt the workflow until human
intervention.

---

Nitpick comments:
In `@plugins/microshift-release/scripts/prow_testing.py`:
- Around line 587-590: The current public_url computation hardcodes
"s3://release-testing-results" and the region, which breaks if prow.S3_BUCKET
changes; update the logic that sets public_url (derived from s3_dest) to base
the replacement on prow.S3_BUCKET instead of the hardcoded string and construct
the HTTPS host from that bucket value (e.g., use prow.S3_BUCKET to determine the
bucket name and build the https://{bucket}.s3.{region}.amazonaws.com form or a
safer transformation of s3:// to https://), ensuring s3_dest is left unchanged
on mismatch and avoiding silent incorrect URLs; update references in this block
(variables public_url, s3_dest and prow.S3_BUCKET) accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 880f8926-8cee-49b0-99f2-c9038f8f5e0c

📥 Commits

Reviewing files that changed from the base of the PR and between 42b58f2 and 2b0f519.

📒 Files selected for processing (8)

• plugins/microshift-release/.claude-plugin/plugin.json
• plugins/microshift-release/README.md
• plugins/microshift-release/scripts/lib/prow.py
• plugins/microshift-release/scripts/prow_testing.py
• plugins/microshift-release/scripts/prow_testing.sh
• plugins/microshift-release/scripts/run_unit_tests.sh
• plugins/microshift-release/scripts/unit_tests/test_prow.py
• plugins/microshift-release/skills/automated-testing/SKILL.md

✅ Files skipped from review due to trivial changes (1)

• plugins/microshift-release/scripts/prow_testing.sh

🚧 Files skipped from review as they are similar to previous changes (4)

• plugins/microshift-release/README.md
• plugins/microshift-release/.claude-plugin/plugin.json
• plugins/microshift-release/scripts/run_unit_tests.sh
• plugins/microshift-release/scripts/unit_tests/test_prow.py