From e5fe3666216e243ed3d51a2e6d71b26c1e9b94c0 Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@redhat.com>
Date: Thu, 12 Aug 2021 10:23:57 +0200
Subject: [PATCH 1/9] doc: add OWNERS and redhat/ directory

These OWNERS files are needed for the openshift-ci bot to allow members
of the Ceph-CSI team to approve PRs and merge them automatically.

The redhat/ directory contains a README.md with details about the
downstream procedures. A Container file has been added as well, which
will allow running builds on the OpenShift CI for the PRs that are
created.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
---
 .../PULL_REQUEST_TEMPLATE/redhat-backport.md  |  14 +++
 .../redhat-downstream-only.md                 |   5 +
 .github/PULL_REQUEST_TEMPLATE/redhat-sync.md  |   9 ++
 OWNERS                                        |   5 +
 OWNERS_ALIASES                                |   9 ++
 redhat/Containerfile                          |  43 +++++++
 redhat/README.md                              | 105 ++++++++++++++++++
 7 files changed, 190 insertions(+)
 create mode 100644 .github/PULL_REQUEST_TEMPLATE/redhat-backport.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE/redhat-downstream-only.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE/redhat-sync.md
 create mode 100644 OWNERS
 create mode 100644 OWNERS_ALIASES
 create mode 100644 redhat/Containerfile
 create mode 100644 redhat/README.md

diff --git a/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md b/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md
new file mode 100644
index 00000000000..a033610e849
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md
@@ -0,0 +1,14 @@
+**You must EDIT ME! The contents below is an example only.**
+
+Bug 000000 gets hit when the system is out for its birthday party. After
+providing the system with sufficient cake, it returns to normal business the
+next day.
+
+I hereby confirm that:
+
+- [ ] this change is in the upstream project (*reference?*)
+- [ ] this change is in the devel branch of this project
+- [ ] branches for higher versions of the project have this change merged
+- [ ] this PR is not *downstream-only*, if that was the case, I would have
+  explained its need very clearly
+
diff --git a/.github/PULL_REQUEST_TEMPLATE/redhat-downstream-only.md b/.github/PULL_REQUEST_TEMPLATE/redhat-downstream-only.md
new file mode 100644
index 00000000000..22970285dbf
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/redhat-downstream-only.md
@@ -0,0 +1,5 @@
+**You must EDIT ME! The contents below is an example only.**
+
+The downstream CI testing depends on additional settings in the Search
+Optimization so that the project contributors can get a piece of chocolate for
+every merged PR.
diff --git a/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md b/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md
new file mode 100644
index 00000000000..a1a28f4725b
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md
@@ -0,0 +1,9 @@
+**You must EDIT ME! The contents below is an example only.**
+
+Sync the upstream changes from `ceph/ceph-csi:devel` into the `devel` branch.
+The most important recent changes that we want included are:
+
+- the new foz bar baz works flawlessly
+- this addresses a bug where users are facing issues with XYZ
+- ...
+
diff --git a/OWNERS b/OWNERS
new file mode 100644
index 00000000000..4513e2d04d5
--- /dev/null
+++ b/OWNERS
@@ -0,0 +1,5 @@
+approvers:
+  - ceph-csi-team
+
+reviewers:
+  - ceph-csi-team
diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES
new file mode 100644
index 00000000000..b7fe91e2379
--- /dev/null
+++ b/OWNERS_ALIASES
@@ -0,0 +1,9 @@
+aliases:
+  ceph-csi-team:
+    - agarwal-mudit
+    - humblec
+    - madhu-1
+    - nixpanic
+    - rakshith-r
+    - yati1998
+    - yuggupta27
diff --git a/redhat/Containerfile b/redhat/Containerfile
new file mode 100644
index 00000000000..58b595d16d0
--- /dev/null
+++ b/redhat/Containerfile
@@ -0,0 +1,43 @@
+# This Containerfile is used by openshift-ci to build the image, and push it to
+# quay.io/ocs-dev/ceph-csi
+#
+# This image is based on the latest stable Ceph version, which uses CentOS.
+#
+# Note that other tests run on the latest Fedora release. That makes the binary
+# that gets build not necessary compatible with the Ceph version on other
+# distributions. Hence the need to rebuild the executable on the OS that will
+# be used as deployment image.
+#
+# Ideally we use a base container that is very closely like the Red Hat Ceph
+# Storage (RHCS) product. Unfortunately those container images are not publicly
+# available, so we will use the latest Ceph version that is available. If we
+# settle on a particular Ceph version, we might be missing out on backports
+# that the RHCS product contains (and compiling might fail).
+
+FROM docker.io/ceph/daemon-base:latest AS builder
+
+ENV GOPATH=/go
+
+# install dependencies
+RUN dnf -y install \
+        git \
+        golang \
+        make \
+        librados-devel \
+        librbd-devel \
+    && dnf -y update \
+    && dnf clean all \
+    && true
+
+# compile and link the executable
+COPY . /go/src/github.com/ceph/ceph-csi
+RUN cd /go/src/github.com/ceph/ceph-csi && make
+
+# final container to use in deployments
+FROM docker.io/ceph/daemon-base:latest
+
+COPY --from=builder /go/src/github.com/ceph/ceph-csi/_output/cephcsi /usr/local/bin/cephcsi
+
+RUN chmod +x /usr/local/bin/cephcsi
+
+ENTRYPOINT ["/usr/local/bin/cephcsi"]
diff --git a/redhat/README.md b/redhat/README.md
new file mode 100644
index 00000000000..ecea28d2f62
--- /dev/null
+++ b/redhat/README.md
@@ -0,0 +1,105 @@
+# Ceph-CSI Stream
+
+Ceph-CSI Stream is the Red Hat downstream project that contains the pre-release
+state of Ceph-CSI as used in the OpenShift Data Foundation product.
+
+## Git Repository
+
+### Branches
+
+This GitHub repository contains branches for different product versions.
+
+## Backports
+
+All changes in this repository are *backports* from the [upstream
+project][upstream-ceph-csi]. There should be no functional changes (only
+process/CI/building/..) in this repository compared to the upstream project.
+Fixes for any of the release branches should first land in the devel branch
+before they may be backported to the release branch. A backport for the oldest
+release should also be backported to all the newer releases in order to prevent
+re-introducing a bug when a user updates.
+
+### Sync `devel` with upstream `ceph/ceph-csi:devel`
+
+Syncing branches (including the `devel` branch) from upstream should be done
+with a Pull-Request. To create a PR that syncs the latest changes from
+`ceph/ceph-csi:devel` into the `devel branch`, [click here][sync-pr].
+
+### Backporting changes from the `devel` to `release-*` branches
+
+Once a PR has been merged in the devel branch that fixes an issue, a new PR
+with the backport can be created. The easiest way is to use a command like
+
+```
+/cherry-pick release-4.9
+```
+
+The **openshift-cherrypick-robot** will automatically create a new PR for the
+selected branch.
+
+### Pull Requests
+
+Once the product planning enters feature freeze, only backports with related
+Bugzilla references will be allowed to get merged.
+
+To assist developers, there are several Pull Request templates available. It is
+recommended to use these links when creating a new Pull Request:
+
+- [backport][backport-pr]: `?template=redhat-backport.md`
+- [downstream-only][ds-only-pr]: `?template=redhat-downstream-only.md`
+- [sync][sync-pr]: or add `?template=redhat-sync.md`
+
+The `?template=...` appendix can be used when creating the Pull Requests
+through other means than the links above. By appending the `?template=...`
+keyword to the Pull Request URL, the template gets included automatically.
+
+### Downstream-Only Changes
+
+For working with the downstream tools, like OpenShift CI, there are a few
+changes required that are not suitable for the upstream Ceph-CSI project.
+
+1. `OWNERS` file: added with maintainers for reviewing and approving PRs
+1. `OWNERS_ALIASES` file: members of the Ceph-CSI team
+1. `redhat/` directory: additional files (like this `README.md`)
+1. `redhat/Containerfile`: used to build the quay.io/ocs-dev/ceph-csi image
+1. `.github/PULL_REQUEST_TEMPLATE/redhat-*`: guidance for creating PRs
+
+## Continuous Integration
+
+OpenShift CI (Prow) is used for testing the changes that land in this GitHub
+repository. The configuration of the jobs can be found in the [OpenShift
+Release repository][ocp-release].
+
+### Container Images
+
+Images that have been built from a PR that was merged will get automatically
+pushed into [the Qoay.io registry][quay-ceph-csi]. The configuration for the
+mirroring job is part of the [OpenShift Release
+repository][ocp-release-mirror].
+
+When a new release is planned, the mirroring will need to have the new branch
+and tags listed as well.
+
+Consumption of these images does not require any permissions, the images can be
+pulled with podman like:
+
+```
+podman pull quay.io/ocs-dev/ceph-csi:latest
+```
+
+### Bugzilla Plugin
+
+PRs that need a Bugzilla reference are handled by the Bugzilla Plugin which
+runs as part of Prow. The configuration gates the requirement on BZs to be
+linked, before the tests will pass and the PR can be merged. Once a branch is
+added to the GitHub repository, [the configuration][bz-config] needs adaption
+for the new branch as well.
+
+[upstream-ceph-csi]: https://github.com/ceph/ceph-csi
+[sync-pr]: https://github.com/red-hat-storage/ceph-csi/compare/devel...ceph:devel?template=redhat-sync.md
+[backport-pr]: https://github.com/red-hat-storage/ceph-csi/compare/release-4.9...devel?template=redhat-backport.md
+[ds-only-pr]: https://github.com/red-hat-storage/ceph-csi/compare/devel...ceph:devel?template=redhat-downstream-only.md
+[ocp-release]: https://github.com/openshift/release/tree/master/ci-operator/config/red-hat-storage/ceph-csi
+[ocp-release-mirror]: https://github.com/openshift/release/tree/master/core-services/image-mirroring/ceph-csi
+[quay-ceph-csi]: https://quay.io/repository/ocs-dev/ceph-csi?tab=tags
+[bz-config]: https://github.com/openshift/release/blob/master/core-services/prow/02_config/red-hat-storage/ceph-csi/_pluginconfig.yaml

From f7a024cf7b11724147b1308aa37022661804cc24 Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@redhat.com>
Date: Wed, 1 Sep 2021 08:46:09 +0200
Subject: [PATCH 2/9] ci: disable dependabot PR creation

Dependabot does not need to report available updates for vendored
dependencies in the downstream repository. Updates to dependencies are
synced from the upstream repository when needed. There is also the
"Upstream First" requirement, which we follow closely.

See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#open-pull-requests-limit
Signed-off-by: Niels de Vos <ndevos@redhat.com>
---
 .github/dependabot.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 577cc618282..96beec7645f 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -2,6 +2,8 @@
 version: 2
 updates:
   - package-ecosystem: "gomod"
+    # ODF only: disable PR creation, synced from upstream
+    open-pull-requests-limit: 0
     directory: "/"
     schedule:
       interval: "weekly"

From 7aba15aa13d195c862f2e6bb2d44af36a560d5c6 Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@redhat.com>
Date: Tue, 21 Jun 2022 08:40:03 +0200
Subject: [PATCH 3/9] ci: disable dependabot PR creation for Actions

Dependabot does not need to report available updates for vendored
dependencies in the downstream repository. Updates to dependencies are
synced from the upstream repository when needed. There is also the
"Upstream First" requirement, which we follow closely.

See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#open-pull-requests-limit
Signed-off-by: Niels de Vos <ndevos@redhat.com>
---
 .github/dependabot.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 515b856848b..b7722394c32 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -40,6 +40,8 @@ updates:
       - dependency-name: "k8s.io/pod-security-admission"
       - dependency-name: "k8s.io/sample-apiserver"
   - package-ecosystem: "gomod"
+    # ODF only: disable PR creation, synced from upstream
+    open-pull-requests-limit: 0
     directory: "/actions/retest"
     schedule:
       interval: "weekly"
@@ -50,6 +52,8 @@ updates:
     commit-message:
       prefix: "rebase"
   - package-ecosystem: "github-actions"
+    # ODF only: disable PR creation, synced from upstream
+    open-pull-requests-limit: 0
     directory: "/"
     schedule:
       interval: weekly

From 62df6fe21a2632fce620afff254d8db56fe8d37d Mon Sep 17 00:00:00 2001
From: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Date: Tue, 30 Aug 2022 10:20:28 +0530
Subject: [PATCH 4/9] doc: update owners aliases file

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
---
 OWNERS_ALIASES | 1 +
 1 file changed, 1 insertion(+)

diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES
index b7fe91e2379..5e0a4ab93ff 100644
--- a/OWNERS_ALIASES
+++ b/OWNERS_ALIASES
@@ -7,3 +7,4 @@ aliases:
     - rakshith-r
     - yati1998
     - yuggupta27
+    - pkalever

From f2ac88b4078b744942c5c0f431b18ff62d1effc6 Mon Sep 17 00:00:00 2001
From: Madhu Rajanna <madhupr007@gmail.com>
Date: Thu, 1 Sep 2022 08:04:40 +0530
Subject: [PATCH 5/9] ci: remove yug from owners file

Remove yug from owners file.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
---
 OWNERS_ALIASES | 1 -
 1 file changed, 1 deletion(-)

diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES
index 5e0a4ab93ff..ec2da0a0c8b 100644
--- a/OWNERS_ALIASES
+++ b/OWNERS_ALIASES
@@ -6,5 +6,4 @@ aliases:
     - nixpanic
     - rakshith-r
     - yati1998
-    - yuggupta27
     - pkalever

From ed9e4547b1a64a128596900f7975a6a44a157fdc Mon Sep 17 00:00:00 2001
From: riya-singhal31 <rsinghal@redhat.com>
Date: Wed, 19 Oct 2022 14:20:20 +0530
Subject: [PATCH 6/9] doc: update owners aliases file

Update OWNERS_ALIASES.

Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
---
 OWNERS_ALIASES | 1 +
 1 file changed, 1 insertion(+)

diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES
index ec2da0a0c8b..48dfe6a0012 100644
--- a/OWNERS_ALIASES
+++ b/OWNERS_ALIASES
@@ -7,3 +7,4 @@ aliases:
     - rakshith-r
     - yati1998
     - pkalever
+    - riya-singhal31

From b7955ec0eeda4e9deaeb609c4a153dd518608afe Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@redhat.com>
Date: Tue, 28 Feb 2023 09:55:01 +0100
Subject: [PATCH 7/9] ci: disable dependabot PR creation for `/api`
 dependencies

Dependabot does not need to report available updates for vendored
dependencies in the downstream repository. Updates to dependencies are
synced from the upstream repository when needed. There is also the
"Upstream First" requirement, which we follow closely.

See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#open-pull-requests-limit
Signed-off-by: Niels de Vos <ndevos@ibm.com>
---
 .github/dependabot.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 625d6d590eb..48ece239b98 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -53,6 +53,8 @@ updates:
     commit-message:
       prefix: "rebase"
   - package-ecosystem: "gomod"
+    # ODF only: disable PR creation, synced from upstream
+    open-pull-requests-limit: 0
     directory: "/api"
     schedule:
       interval: "weekly"

From 994ad0f9c84c0f8588206a5eab855553c274550d Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@ibm.com>
Date: Tue, 28 Feb 2023 10:27:44 +0100
Subject: [PATCH 8/9] ci: fix markdown linter complaints

Signed-off-by: Niels de Vos <ndevos@ibm.com>
---
 .github/PULL_REQUEST_TEMPLATE/redhat-backport.md | 1 -
 .github/PULL_REQUEST_TEMPLATE/redhat-sync.md     | 1 -
 2 files changed, 2 deletions(-)

diff --git a/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md b/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md
index a033610e849..568f3c46236 100644
--- a/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md
+++ b/.github/PULL_REQUEST_TEMPLATE/redhat-backport.md
@@ -11,4 +11,3 @@ I hereby confirm that:
 - [ ] branches for higher versions of the project have this change merged
 - [ ] this PR is not *downstream-only*, if that was the case, I would have
   explained its need very clearly
-
diff --git a/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md b/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md
index a1a28f4725b..6be341276ae 100644
--- a/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md
+++ b/.github/PULL_REQUEST_TEMPLATE/redhat-sync.md
@@ -6,4 +6,3 @@ The most important recent changes that we want included are:
 - the new foz bar baz works flawlessly
 - this addresses a bug where users are facing issues with XYZ
 - ...
-

From a6a223cc0f8fa78832698910f2992a6af013ee9e Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@ibm.com>
Date: Mon, 21 Aug 2023 14:40:28 +0200
Subject: [PATCH 9/9] [DOWNSTREAM-ONLY] update OWNERS to reflect current team

Karthik joined the team, and Humble left a while ago already.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
---
 OWNERS_ALIASES | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES
index 48dfe6a0012..259917d3c9d 100644
--- a/OWNERS_ALIASES
+++ b/OWNERS_ALIASES
@@ -1,10 +1,10 @@
 aliases:
   ceph-csi-team:
     - agarwal-mudit
-    - humblec
+    - karthik-us
     - madhu-1
     - nixpanic
-    - rakshith-r
-    - yati1998
     - pkalever
+    - rakshith-r
     - riya-singhal31
+    - yati1998