Disable TPNU/DPNU ClientsAllowCBOR for large list decodes.

[benluddy]

There's an arbitrary cap on array length that prevents decoding large lists that needs to be addressed. In the meantime, this disables the client-go gate that causes clients to opt in to receiving CBOR-encoded list responses.

[coderabbitai]

Walkthrough

The changes disable the ClientsAllowCBOR feature gate across multiple deployment profiles by removing explicit enablement from the feature gate definition and moving it from enabled to disabled lists in various manifest files.

Changes

Cohort / File(s)	Summary
Documentation features.md	Removed "ClientsAllowCBOR" row from Features table; updated table structure.
Feature gate definition features/features.go	Removed enableIn call from CBORClientsAllowCBOR feature gate, eliminating explicit enablement for DevPreviewNoUpgrade and TechPreviewNoUpgrade versions.
Deployment profile manifests payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml, featureGate-Hypershift-TechPreviewNoUpgrade.yaml, featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml, featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml	Moved ClientsAllowCBOR from enabled to disabled featureGates lists across all four deployment profiles.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Verify that disabling ClientsAllowCBOR across all deployment profiles is intentional and aligns with the feature gate lifecycle decision.
• Confirm consistency: ensure all four deployment profile manifests are updated uniformly with the same feature gate movement.
• Cross-check that the removal of enableIn from the feature gate definition in features/features.go properly coordinates with the manifest changes.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 0952bf6 and eab2744.

📒 Files selected for processing (6)

• features.md (1 hunks)
• features/features.go (0 hunks)
• payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml (1 hunks)
• payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml (1 hunks)
• payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml (1 hunks)
• payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml (1 hunks)

💤 Files with no reviewable changes (1)

• features/features.go

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml
• payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml
• payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml
• payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml
• features.md

🔇 Additional comments (5)

payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml (1)

17-19: Consistent addition of ClientsAllowCBOR to disabled gates.

The gate has been correctly moved to the disabled list for this DevPreviewNoUpgrade profile, preventing CBOR-encoded responses until the underlying array-length decoding issue is resolved.

payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml (1)

17-19: Consistent across deployment profiles.

SelfManagedHA profile mirrors the Hypershift change, ensuring ClientsAllowCBOR is disabled uniformly for all DevPreviewNoUpgrade deployments.

payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml (1)

17-19: Applied to TechPreviewNoUpgrade profile as intended.

ClientsAllowCBOR correctly added to disabled list for SelfManagedHA TechPreviewNoUpgrade, matching the interim mitigation strategy.

payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml (1)

17-19: Complete coverage across all preview profiles.

The change has been applied uniformly to all four deployment scenarios (Hypershift × {DPNU, TPNU} and SelfManagedHA × {DPNU, TPNU}), ensuring the interim mitigation is consistent.

features.md (1)

3-3: Documentation updated to reflect disabled gate status.

The features.md table now includes ClientsAllowCBOR with empty cells across all profiles, correctly documenting that the gate is disabled by default. This aligns with the manifest changes and interim mitigation strategy.

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, multi-section layouts, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example instruction:

"Divide the high-level summary into five sections:

1. 📝 Description — Summarize the main change in 50–60 words, explaining what was done.
2. 📓 References — List relevant issues, discussions, documentation, or related PRs.
3. 📦 Dependencies & Requirements — Mention any new/updated dependencies, environment variable changes, or configuration updates.
4. 📊 Contributor Summary — Include a Markdown table showing contributions:
   | Contributor | Lines Added | Lines Removed | Files Changed |
5. ✔️ Additional Notes — Add any extra reviewer context.
   Keep each section concise (under 200 words) and use bullet or numbered lists for clarity."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci-robot]

Pipeline controller notification
This repository is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[openshift-ci]

Hello @benluddy! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

[benluddy]

/assign @everettraven

[everettraven]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: everettraven

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [everettraven]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

Scheduling tests matching the pipeline_run_if_changed or not excluded by pipeline_skip_if_only_changed parameters:
/test e2e-aws-ovn
/test e2e-aws-ovn-hypershift
/test e2e-aws-ovn-hypershift-conformance
/test e2e-aws-ovn-techpreview
/test e2e-aws-serial-1of2
/test e2e-aws-serial-2of2
/test e2e-aws-serial-techpreview-1of2
/test e2e-aws-serial-techpreview-2of2
/test e2e-azure
/test e2e-gcp
/test e2e-upgrade
/test e2e-upgrade-out-of-change

[benluddy]

/verified later

[openshift-ci-robot]

@benluddy: /verified later <@username> requires at least one GitHub @username to be specified (it can be a comma delimited list). It indicates the engineer(s) that will be performing the verification. See https://docs.ci.openshift.org/docs/architecture/jira/#premerge-verification for more information.

In response to this:

/verified later

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[benluddy]

/verified later @benluddy

[openshift-ci-robot]

@benluddy: This PR has been marked to be verified later by @benluddy.

In response to this:

/verified later @benluddy

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

/retest-required

Remaining retests: 0 against base HEAD 0952bf6 and 2 for PR HEAD eab2744 in total

[openshift-ci-robot]

/retest-required

Remaining retests: 0 against base HEAD cb382c9 and 1 for PR HEAD eab2744 in total

[benluddy]

/test e2e-aws-ovn-hypershift-conformance

[openshift-ci]

@benluddy: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.