TRT-2372: document the manifest-list verification in the images command

[smg247]

Along with a permanent exception to the rule

Summary by CodeRabbit

Documentation

• Added comprehensive guide for multi-architecture manifest list verification covering amd64, arm64, ppc64le, and s390x architectures
• Documented verification flag requirements and how to configure exceptions through presubmit job workflows
• Included practical examples, exception handling procedures, and best practices for image verification and mirroring

[openshift-ci-robot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: automatic mode

[openshift-ci-robot]

@smg247: This pull request references TRT-2372 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Along with a permanent exception to the rule

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Walkthrough

Documentation updates to the image testing utilities README, adding a new section that specifies multi-architecture manifest list verification requirements, describes the --verify-manifest-lists flag behavior, documents exception handling processes, and provides configuration examples.

Changes

Cohort / File(s)	Summary
Documentation test/extended/util/image/README.md	Added "Multi-Architecture Manifest List Verification" section documenting manifest list requirements across architectures (amd64, arm64, ppc64le, s390x), the --verify-manifest-lists verification flag, exception configuration process via openshift/release presubmit job, and examples of permanent exceptions and image mirroring guidance.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly addresses the main change: documenting manifest-list verification in the images command, which aligns with the README addition that introduces Multi-Architecture Manifest List Verification documentation.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	This PR only modifies test/extended/util/image/README.md, a documentation file with no test code changes.
Test Structure And Quality	✅ Passed	This PR only updates documentation in test/extended/util/image/README.md without modifying any Go test files, making the custom check not applicable and therefore passing by default.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci-robot]

@smg247: This pull request references TRT-2372 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Along with a permanent exception to the rule

Summary by CodeRabbit

Documentation

• Added comprehensive guide for multi-architecture manifest list verification covering amd64, arm64, ppc64le, and s390x architectures
• Documented verification flag requirements and how to configure exceptions through presubmit job workflows
• Included practical examples, exception handling procedures, and best practices for image verification and mirroring

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[neisw]

/lgtm
@bertinatto do you agree?

[coderabbitai]

🧹 Nitpick comments (1)

test/extended/util/image/README.md (1)

40-46: Reduce drift risk by linking to the enforcement source of truth.

Line 40 and Line 53 duplicate values that are likely enforced elsewhere (required architectures and permanent exceptions). Consider replacing hardcoded lists with links to the exact config/location in openshift/release (or the check implementation), so this README does not go stale.

Also applies to: 53-56

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/extended/util/image/README.md` around lines 40 - 46, The README
currently hardcodes the list of required architectures and permanent exceptions
for multi-arch manifest verification; instead, replace those duplicated values
with links to the authoritative enforcement source (e.g., the specific config or
check implementation in openshift/release or the `openshift-tests images
--verify-manifest-lists` verification code) so the README references the
canonical source of truth rather than repeating the lists; update the sections
that list "required architectures" and "permanent exceptions" to link to the
exact file/URL in openshift/release (or the check implementation) and add a
short note that the README mirrors that source to avoid drift.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@test/extended/util/image/README.md`:
- Around line 40-46: The README currently hardcodes the list of required
architectures and permanent exceptions for multi-arch manifest verification;
instead, replace those duplicated values with links to the authoritative
enforcement source (e.g., the specific config or check implementation in
openshift/release or the `openshift-tests images --verify-manifest-lists`
verification code) so the README references the canonical source of truth rather
than repeating the lists; update the sections that list "required architectures"
and "permanent exceptions" to link to the exact file/URL in openshift/release
(or the check implementation) and add a short note that the README mirrors that
source to avoid drift.

---

ℹ️ Review info

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 3c4136c and 1d7bf78.

📒 Files selected for processing (1)

• test/extended/util/image/README.md

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: neisw, smg247
Once this PR has been reviewed and has the lgtm label, please assign tkashem for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• test/extended/util/image/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

Scheduling required tests:
/test e2e-aws-csi
/test e2e-aws-ovn-fips
/test e2e-aws-ovn-microshift
/test e2e-aws-ovn-microshift-serial
/test e2e-aws-ovn-serial-1of2
/test e2e-aws-ovn-serial-2of2
/test e2e-gcp-csi
/test e2e-gcp-ovn
/test e2e-gcp-ovn-upgrade
/test e2e-metal-ipi-ovn-ipv6
/test e2e-vsphere-ovn
/test e2e-vsphere-ovn-upi

[openshift-ci]

@smg247: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-gcp-csi	1d7bf78	link	true	/test e2e-gcp-csi
ci/prow/e2e-aws-ovn-serial-1of2	1d7bf78	link	true	/test e2e-aws-ovn-serial-1of2
ci/prow/e2e-vsphere-ovn	1d7bf78	link	true	/test e2e-vsphere-ovn

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.