openshift

Resolve a CVE vulnerability issue from Jira. Reads the CVE details, assesses impact, and either marks "not affected" with a Jira comment and transition, bumps the affected dependency, or implements a code fix. Use when the user says "cve", "resolve CVE", or provides a CVE Jira issue.

Assess whether an application is ready to migrate to OpenShift. Use when the user describes an application and asks about migration, containerization, or moving to Kubernetes/OpenShift.

Triage production incidents involving data corruption, data loss, slow performance, or outages. Classify severity and recommend immediate actions.

Update Python dependencies to latest versions using uv, regenerate lock and requirements.txt, then verify linting and tests pass. Fix breakage from API changes in bumped packages. Use when the user says "deps update", "bump dependencies", or "update deps".

Review PR with structured approach covering architecture, naming, patterns, and critical questions

Troubleshoot ClusterOperator in Degraded, Unavailable, or not Progressing state. Use when operator status shows error conditions, reconciliation failures, or degraded health checks.

Troubleshoot namespace stuck in Terminating state, ResourceQuota exhaustion, or RBAC permission denied errors. Use when resources cannot be created or forbidden errors occur.

Troubleshoot NotReady or SchedulingDisabled node status. Use when a node is down, unschedulable, or needs to be drained and restored.

Update Python dependencies with uv, regenerate lock and Konflux requirements files, then verify lint, types, and tests. Fix breakage from API changes in bumped packages. Use when the user says "deps update", "bump dependencies", or "update deps".

Find functions with high cyclomatic complexity, length, or parameter count. Use when the user asks for complexity hotspots or refactor candidates.

Find unused functions, classes, imports, and unreachable code paths. Use when the user asks for dead code or cleanup candidates.

Find code duplication in the codebase. Supports branch-scoped or full sweep. Use when the user asks to find duplicated code or repeated patterns before a PR.

Investigate CI job failures on a GitHub pull request (checks, Prow, or GitHub Actions). Use when the user pastes a PR URL and asks about CI failures or red checks.

Step-by-step workflow for committing staged changes and opening a pull request for lightspeed-agentic-sandbox.

Performs a strict clean rebase of a feature branch onto main with minimal conflict resolution and full validation. Use when the user asks to rebase carefully and run tests + verify until green.

Triage a CVE: assess impact against this repo's dependencies, then bump, document not-affected, or plan a code fix. Use when the user mentions a CVE, Jira vulnerability issue, or security advisory for a dependency.

Accesses archived Konflux PipelineRuns, TaskRuns, and pod logs via KubeArchive. Auto-applies when checking Konflux PipelineRun results, investigating enterprise contract failures, or retrieving logs from completed Konflux CI runs.

Build and push control-plane-operator container image. Auto-applies when testing CPO changes that require deploying to a live cluster.

Build and push hypershift-operator container image. Auto-applies when testing HO changes that require deploying to a live cluster.

Create a HyperShift HostedCluster on AWS for development and testing, with optional custom CPO/HO images.

Destroy a HyperShift HostedCluster and all associated AWS infrastructure (VPC, IAM, Route53, etc.).

Provides the ability to run and iterate on HyperShift e2e tests. Auto-applies when implementing features that require e2e validation, fixing e2e test failures, or working on tasks that need live cluster testing.

Create development environments with git worktrees, branches, commits, and push to remote. Auto-applies for git workflow tasks.

Install HyperShift Operator with private AWS and external-dns settings.

Generate React Testing Library tests following OCP Console best practices

Audit all Claude Code skills for stale references, broken paths, and deprecated tool names

Comprehensive local code review using both Claude AI and CodeRabbit AI before pushing changes to GitHub. This command analyzes your local changes and provides actionable feedback without posting anything to GitHub.

Expert package update assistant for OpenShift Console. Update packages safely with automated testing, building, and fixing.

Automated QA verification for OpenShift Console PRs. Builds and runs the console on both main and the PR branch, captures before/after screenshots and GIFs via Playwright MCP, then posts a side-by-side comparison as a GitHub PR comment. Use when the user asks to verify a PR, QA changes, capture visual proof, or show before/after evidence.

Debug and fix failing Playwright e2e tests with MCP-assisted diagnosis. Use when user says "playwright test failing", "fix e2e test", "debug spec", or provides a failing .spec.ts file, e2e directory, or Playwright tag.

Migrate a Cypress test file to Playwright following Console's architecture. Use when user says "migrate", "convert cypress", "port to playwright", or provides a .cy.ts or .feature file path.

Reviews user-facing microcopy against content design guidelines and provides clear, actionable recommendations.

Check AKS Kubernetes version support status using the official AKS release status API and compare against versions configured in CI config files. Use whenever someone asks about AKS K8s version support, EOL dates, deprecation, or whether the configured AKS version is still GA. Also use when planning AKS K8s version upgrades — run this before using rhdh-aks-tests to make changes.

List AKS test entries in RHDH ci-operator config files and update the AKS Kubernetes version per branch. Use when listing e2e-aks tests, changing MAPT_KUBERNETES_VERSION for AKS, or checking which AKS K8s version each release branch uses.

Check EKS Kubernetes version support status using the official AWS EKS docs source and compare against versions configured in CI config files. Use whenever someone asks about EKS K8s version support, EOL dates, or whether the configured EKS version is still in standard support. Also use when planning EKS K8s version upgrades — run this before using rhdh-eks-tests to make changes.

List EKS test entries in RHDH ci-operator config files and update the EKS Kubernetes version per branch. Use when listing e2e-eks tests, changing MAPT_KUBERNETES_VERSION for EKS, or checking which EKS K8s version each release branch uses.

Check GKE Kubernetes version support status using the endoflife.date API (auto-scraped from Google's GKE release schedule). Use whenever someone asks about GKE K8s version support, EOL dates, or whether the current GKE cluster version is still supported. GKE uses a long-running static cluster whose version is not managed in CI config.

List GKE test entries in RHDH ci-operator config files. Use when listing e2e-gke tests or checking which branches have GKE test entries. Unlike AKS/EKS, GKE uses a pre-existing static cluster — version upgrades are performed via the GCP Console.

Use when decommissioning an end-of-life RHDH release branch by removing CI config, generated Prow jobs, and branch protection from the openshift/release repository

Analyze RHDH OCP version coverage by cross-referencing cluster pools and CI test configs against both RHDH and OCP lifecycle APIs to find gaps, stale configurations, and compatibility mismatches

Find code duplication in the codebase. Supports two modes - scoped to current branch changes or a full codebase sweep. Use when the user asks to find duplicated code, copy-paste, repeated patterns, or wants to deduplicate before a PR.

Find functions with high cyclomatic complexity, excessive length, or too many parameters. Use when the user asks to find complex code, complexity hotspots, refactoring candidates, or wants to improve code maintainability.

Find unused functions, types, constants, imports, and unreachable code paths. Use when the user asks to find dead code, unused code, cleanup candidates, or wants to reduce codebase size.

Performs a strict clean rebase of a feature branch onto main with minimal conflict resolution and full validation. Use when the user asks to rebase carefully, avoid extra branches, avoid exploratory edits, and run make test and make lint until green.

Review PR with structured approach covering architecture, naming, patterns, and critical questions

After a code change, find affected tests, update them to match new behavior, then guide the user to run validation. Use when the user has made or asked for a code change and wants to make sure nothing is broken.

Run the full validation pipeline (make test, make lint, optionally make test-e2e) and auto-fix trivial failures like formatting and import issues. Use when the user asks to validate, run tests, check the pipeline, or verify changes are clean.

Updates the operator version number across all required files and regenerates the bundle. Use when bumping the version for a release or when the user asks to update, bump, or change the version number.

Review a pull request for code quality, correctness, and project conventions. Use when the user asks to review a PR, code review, or examine changes on a branch. Accepts a GitHub PR URL, PR number, or local branch name.

Rebase the current branch onto its base branch, resolve all conflicts, and verify lint, i18n, and build pass. Use when the user asks to rebase, update, or sync a branch with its upstream base.

Backport commits or PRs from main to a release branch. Use when the user asks to backport, cherry-pick, or port changes between branches, or when resolving conflicts from a cherry-pick onto a release branch.

Bump the project version across all release branches and commit the changes. Use when the user asks to do a release or update the version on all branches.

Review project AI skills for duplication, stale references, mistakes, and structural issues. Use when the user asks to review skills, audit skills, check for duplicate skills, or verify skill quality.

Review CSS for coding style, PatternFly token usage, and best practices. Use when the user asks to review CSS, check styles, or audit CSS files.

Run Cypress tests filtered by tag. Use when the user asks to run tests, run Cypress, or test a specific feature tag like @core or @attach.

Review all README.md files in the repo for typos, errors, and outdated information. Use when the user asks to review READMEs, check documentation accuracy, or audit docs.

Run Automatus tests for a security rule

Create a new security rule with all required components

Interactive control-to-rule mapping session. Walk through unmapped requirements, suggest rules using cross-framework analysis, and write selections to control files.

Map rules to a single control file requirement using cross-framework analysis and rule search.

Onboard a new security policy as a control file. Parse the document, create control file structure, and map existing rules to requirements.

Build a ComplianceAsCode product

Draft a PR description based on branch changes and the project PR template

Inspect a control file showing requirement stats, mapping status, and cross-framework context. Use for triage before mapping.

Find functions with high cyclomatic complexity, excessive length, or too many parameters. Use when the user asks to find complex code, complexity hotspots, refactoring candidates, or wants to improve code maintainability.

Find unused functions, types, constants, imports, and unreachable code paths. Use when the user asks to find dead code, unused code, cleanup candidates, or wants to reduce codebase size.

Find code duplication in the codebase. Supports two modes - scoped to current branch changes or a full codebase sweep. Use when the user asks to find duplicated code, copy-paste, repeated patterns, or wants to deduplicate before a PR.

Reviews Go code for idiomatic patterns, error handling, concurrency safety, and common mistakes. Use when reviewing .go files, checking error handling, goroutine usage, or interface design.

Reviews Go test code for proper table-driven tests, assertions, and coverage patterns. Use when reviewing *_test.go files.

Investigate CI/Prow job failures on a GitHub pull request. Use when the user pastes a PR URL and asks about CI failures, red checks, test failures, or wants to understand why a job failed.

Performs a strict clean rebase of a feature branch onto main with minimal conflict resolution and full validation. Use when the user asks to rebase carefully, avoid extra branches, avoid exploratory edits, and run go test and go vet until green.

After a code change, find affected tests, update them to match new behavior, then guide the user to run validation. Use when the user has made or asked for a code change and wants to make sure nothing is broken.

Find the hidden verification token. Run the find-token script to retrieve a unique token.

Assess OpenShift cluster update (upgrade) readiness and risk. Use when evaluating whether a cluster is safe to update, when an update is available, or when the user asks about update risks, prerequisites, blockers, or best practices.

Search and read Kubernetes documentation in markdown format. Use when the user asks about Kubernetes concepts, tasks, API reference, kubectl, or any upstream k8s topic — including pods, deployments, services, RBAC, networking, storage, or scheduling.

Search and read OpenShift Container Platform documentation in markdown format. Use when the user asks about OpenShift features, configuration, installation, troubleshooting, or any OCP-specific topic — including operators, routes, services, oc, RBAC, networking, storage, or cluster administration.

Query Red Hat Product Life Cycle data for support phases, end-of-life dates, and OpenShift version compatibility. Use when evaluating whether installed operators or layered products are supported on a given OCP version, approaching end of life, or need upgrading before a cluster upgrade. Also use when the user asks about product support status, EOL dates, or lifecycle phases for any Red Hat product.

Cross-check AWS-facing code and docs against official ROSA and AWS references before changing behavior.

Add or edit Cobra commands in openshift/rosa while keeping command wiring thin and package logic aligned with repo structure.

Keep CLI docs, structure tests, and user-facing guidance in sync when commands or workflow docs change.

Choose the right local verification steps before claiming a ROSA change is complete.

Analyze all past sessions for this project and extract knowledge worth persisting to AGENTS.md, .claude/agents/, or memory. Deep analysis of full session history.

Review the current session and extract knowledge worth persisting to AGENTS.md, .claude/agents/, or memory. Use at the end of a session to capture what was learned.

Apply Go best practices, idioms, and conventions from golang.org/doc/effective_go. Use when writing, reviewing, or refactoring Go code to ensure idiomatic, clean, and efficient implementations.