Add default dptp collection in dockerconfigs in gsm-config.yaml

[psalajova]

This should reduce the number of redundant lines in dockerconfgis defined in bundles in gsm-config.yaml, as we always use test-platform-infra collection to store the necessary secrets used in dockerconfigs.

Release repo follow up, after the image is propagated: openshift/release#78405

Summary by CodeRabbit

• New Features

  • Added a top-level secret-manager collection setting for Docker registry authentication.

• Validation

  • Validation now requires the top-level collection when Docker registry credentials are declared and enforces collection-name rules there.

• Refactor

  • Collection selection moved from each registry entry to the central configuration; error messages updated to reference the top-level collection.

• Tests

  • Unit tests and fixtures updated to reflect centralized collection behavior.

[openshift-merge-bot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: automatic mode

[coderabbitai]

📝 Walkthrough

Walkthrough

Move docker registry collection config from per-registry RegistryAuthData.Collection into a top-level GSMConfig.DPTPCollection (add DPTPGSMCollection constant), update validation and resolution to require/use the top-level collection for dockerconfig bundles, and adjust call sites and tests to remove per-registry Collection fields.

Changes

Cohort / File(s)	Summary
API Schema & Validation pkg/api/gsm.go, pkg/api/gsm_test.go	Add GSMConfig.DPTPCollection (dptp_collection) and DPTPGSMCollection constant; make Bundles omitempty; remove RegistryAuthData.Collection; require/validate dptp_collection when any bundle uses dockerconfig.
CI Secret Bootstrap cmd/ci-secret-bootstrap/main.go, cmd/ci-secret-bootstrap/main_test.go	constructDockerConfigJSONFromGSM gains gsmDPTPCollection parameter; constructed gsmSecretRef values and error messages use the top-level collection; tests updated to set GSMConfig.DPTPCollection and remove per-registry Collection fields.
CI Secret Generator Tests cmd/ci-secret-generator/main_test.go	Test fixtures updated to set GSMConfig.DPTPCollection and remove RegistryAuthData.Collection from DockerConfigSpec.Registries.
Multi-stage Resolver Tests pkg/steps/multi_stage/gsm_bundle_resolver_test.go	Tests now set gsmConfig.DPTPCollection and remove per-registry Collection fields from DockerConfigSpec.Registries; expected outputs unchanged.
Other Test Adjustments cmd/..., pkg/.../*_test.go	Additional tests updated consistently to rely on top-level DPTPCollection and to omit per-registry Collection attributes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

🚥 Pre-merge checks | ✅ 12 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Ipv6 And Disconnected Network Test Compatibility	❓ Inconclusive	Unable to retrieve shell command output for test file analysis.	Provide the actual contents of the test files or shell execution results to complete verification.

✅ Passed checks (12 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding a default dptp collection for dockerconfigs in gsm-config.yaml, which is the core objective of this PR.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Go Error Handling	✅ Passed	Error handling patterns are consistent with proper wrapping using fmt.Errorf with %w specifier, all errors checked with if err != nil, no ignored errors, and validation errors include sufficient context.
Test Coverage For New Features	✅ Passed	Existing test suite adequately covers modified validation logic and Resolve defaulting through TestGSMConfigValidate and integration tests in cmd/ci-secret-bootstrap/main_test.go.
Stable And Deterministic Test Names	✅ Passed	PR does not use Ginkgo testing framework; all tests use standard Go testing with testing.T, making the Ginkgo stability requirement not applicable.
Test Structure And Quality	✅ Passed	Test files are standard Go tests, not Ginkgo tests. Custom check explicitly requires Ginkgo test code review.
Microshift Test Compatibility	✅ Passed	No Ginkgo e2e tests found. All test modifications use standard Go unit testing patterns only.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This pull request does not add any new Ginkgo e2e tests. The changes are limited to configuration APIs and command-line utilities with their corresponding unit tests, all using standard Go testing framework rather than Ginkgo patterns.
Topology-Aware Scheduling Compatibility	✅ Passed	Shell script verification confirms modifications limited to Go utility code (cmd/ and pkg/api/) and tests. No Kubernetes manifests, operator code, controllers, or scheduling constructs modified.
Ote Binary Stdout Contract	✅ Passed	PR changes are limited to internal helper functions and API structures; no stdout writes added to process-level code.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[psalajova]

/hold

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (4)

pkg/steps/multi_stage/gsm_bundle_resolver_test.go (1)

247-247: Prefer the shared constant for collection literal in test fixtures.

Use api.DPTPGSMCollection instead of hardcoding "test-platform-infra" to avoid string drift.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/steps/multi_stage/gsm_bundle_resolver_test.go` at line 247, Replace the
hardcoded collection literal "test-platform-infra" used in the test fixture's
GSMDPTPCollection field with the shared constant api.DPTPGSMCollection; locate
the struct initialiser that sets GSMDPTPCollection and substitute the string
with api.DPTPGSMCollection to keep tests aligned with the canonical constant.

pkg/api/gsm_test.go (1)

1328-1347: Add a negative test for invalid gsm_dptp_collection format.

The suite now tests the “missing” case, but it should also assert failure for malformed collection names to cover the new validation branch.

As per coding guidelines "Be very careful with struct field tags, defaults, and validation."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/api/gsm_test.go` around lines 1328 - 1347, Add a new negative table test
case in the gsm_test suite that validates malformed gsm_dptp_collection names:
create a GSMConfig that includes a GSMBundle using DockerConfigSpec (use
RegistryAuthData and a TargetSpec with Type corev1.SecretTypeDockerConfigJson)
and set the top-level gsm_dptp_collection field to an invalid format (e.g. a
string that does not meet the expected collection name pattern). In that test
case set expectError = true and errorContains to the validation message for bad
format (similar to "gsm_dptp_collection must be set when bundles use
dockerconfig" but reflecting the malformed-name message), so the test asserts
that validation in the same code path that checks GSMConfig rejects malformed
gsm_dptp_collection values.

pkg/api/gsm.go (1)

24-27: Coordinate the API shape change with vendored consumers.

GSMConfig/RegistryAuthData shape changed; linked-repo findings indicate openshift/ci-chat-bot vendors these types. Please plan a vendor bump there to avoid drift.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/api/gsm.go` around lines 24 - 27, The public API types in pkg/api/gsm.go
(notably GSMConfig and RegistryAuthData) changed shape—fields like
ClusterGroups, GSMDPTPCollection, Components and Bundles were added/renamed—so
coordinate a vendor bump for downstream consumers (openshift/ci-chat-bot) that
vendor these types: open an issue/PR in that repo referencing this change,
update its imports to the new GSMConfig/RegistryAuthData shape, bump the
dependency to this new version, update vendored code (re-run
dependency/vendoring step in their repo) and run their tests to verify
compatibility; include a short migration note listing the renamed/added fields
to help maintainers adapt.

cmd/ci-secret-bootstrap/main.go (1)

460-460: Coordinate downstream vendored API update.

This file now depends on the new GSM API contract (GSMDPTPCollection + no per-registry Collection). Please plan a vendor bump in openshift/ci-chat-bot (vendor/github.com/openshift/ci-tools/pkg/api/gsm.go and deepcopy/validation files) to avoid cross-repo type drift.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@cmd/ci-secret-bootstrap/main.go` at line 460, The
constructDockerConfigJSONFromGSM function now relies on the new GSM API shape
(GSMDPTPCollection and removal of per-registry Collection) so update downstream
vendoring in openshift/ci-chat-bot: bump the vendor for
github.com/openshift/ci-tools so vendor/.../pkg/api/gsm.go and its
deepcopy/validation outputs match the new GSMDPTPCollection field (and absence
of per-registry Collection); ensure any code that constructs gsmSecretRef or
consumes api.RegistryAuthData aligns with the new types and rebuilds vendor to
eliminate cross-repo type drift.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pkg/api/gsm.go`:
- Around line 272-285: The validation currently treats c.GSMDPTPCollection as
mandatory when any bundle has DockerConfig; instead, if any bundle uses
DockerConfig (the hasDockerConfig loop), resolve the effective collection name
by defaulting to DPTPGSMCollection when c.GSMDPTPCollection is empty, and then
run gsmvalidation.ValidateCollectionName on that resolved name; remove the
unconditional append of the "must be set" error and only append an error if the
resolved collection name is invalid (use the same error message format that
currently references c.GSMDPTPCollection but substitute the resolved value).

---

Nitpick comments:
In `@cmd/ci-secret-bootstrap/main.go`:
- Line 460: The constructDockerConfigJSONFromGSM function now relies on the new
GSM API shape (GSMDPTPCollection and removal of per-registry Collection) so
update downstream vendoring in openshift/ci-chat-bot: bump the vendor for
github.com/openshift/ci-tools so vendor/.../pkg/api/gsm.go and its
deepcopy/validation outputs match the new GSMDPTPCollection field (and absence
of per-registry Collection); ensure any code that constructs gsmSecretRef or
consumes api.RegistryAuthData aligns with the new types and rebuilds vendor to
eliminate cross-repo type drift.

In `@pkg/api/gsm_test.go`:
- Around line 1328-1347: Add a new negative table test case in the gsm_test
suite that validates malformed gsm_dptp_collection names: create a GSMConfig
that includes a GSMBundle using DockerConfigSpec (use RegistryAuthData and a
TargetSpec with Type corev1.SecretTypeDockerConfigJson) and set the top-level
gsm_dptp_collection field to an invalid format (e.g. a string that does not meet
the expected collection name pattern). In that test case set expectError = true
and errorContains to the validation message for bad format (similar to
"gsm_dptp_collection must be set when bundles use dockerconfig" but reflecting
the malformed-name message), so the test asserts that validation in the same
code path that checks GSMConfig rejects malformed gsm_dptp_collection values.

In `@pkg/api/gsm.go`:
- Around line 24-27: The public API types in pkg/api/gsm.go (notably GSMConfig
and RegistryAuthData) changed shape—fields like ClusterGroups,
GSMDPTPCollection, Components and Bundles were added/renamed—so coordinate a
vendor bump for downstream consumers (openshift/ci-chat-bot) that vendor these
types: open an issue/PR in that repo referencing this change, update its imports
to the new GSMConfig/RegistryAuthData shape, bump the dependency to this new
version, update vendored code (re-run dependency/vendoring step in their repo)
and run their tests to verify compatibility; include a short migration note
listing the renamed/added fields to help maintainers adapt.

In `@pkg/steps/multi_stage/gsm_bundle_resolver_test.go`:
- Line 247: Replace the hardcoded collection literal "test-platform-infra" used
in the test fixture's GSMDPTPCollection field with the shared constant
api.DPTPGSMCollection; locate the struct initialiser that sets GSMDPTPCollection
and substitute the string with api.DPTPGSMCollection to keep tests aligned with
the canonical constant.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: b35b0588-75d6-4268-86d9-e5b017fd0782

📥 Commits

Reviewing files that changed from the base of the PR and between 2a2401c and d5ba199.

📒 Files selected for processing (6)

• cmd/ci-secret-bootstrap/main.go
• cmd/ci-secret-bootstrap/main_test.go
• cmd/ci-secret-generator/main_test.go
• pkg/api/gsm.go
• pkg/api/gsm_test.go
• pkg/steps/multi_stage/gsm_bundle_resolver_test.go

[coderabbitai]

♻️ Duplicate comments (1)

pkg/api/gsm.go (1)

272-285: ⚠️ Potential issue | 🟠 Major

Default the effective dockerconfig collection instead of rejecting empty dptp_collection.

Line 280 currently hard-fails when dptp_collection is omitted. That removes zero-value compatibility and undermines the new default-collection behavior. Resolve the effective value first (DPTPGSMCollection), then validate it.

Suggested fix

-	if hasDockerConfig && c.DPTPCollection == "" {
-		errs = append(errs, fmt.Errorf("dptp_collection must be set when bundles use dockerconfig"))
-	}
-	if c.DPTPCollection != "" && !gsmvalidation.ValidateCollectionName(c.DPTPCollection) {
-		errs = append(errs, fmt.Errorf("dptp_collection has invalid collection name: %s", c.DPTPCollection))
-	}
+	collection := c.DPTPCollection
+	if hasDockerConfig && collection == "" {
+		collection = DPTPGSMCollection
+	}
+	if collection != "" && !gsmvalidation.ValidateCollectionName(collection) {
+		errs = append(errs, fmt.Errorf("dptp_collection has invalid collection name: %s", collection))
+	}

As per coding guidelines "Backward compatibility matters — new fields should have zero-value defaults that preserve existing behavior."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/api/gsm.go` around lines 272 - 285, Compute the effective collection
value (the resolved DPTPGSMCollection) before validating and only error if that
effective value is empty when any bundle has DockerConfig; currently the code
checks c.DPTPCollection directly and rejects zero-value, breaking default
behavior. Update the block that sets hasDockerConfig and the subsequent checks
to first derive the effective collection (using the same resolution logic that
produces DPTPGSMCollection), then: if hasDockerConfig and effectiveCollection ==
"" append the error, and if effectiveCollection != "" run
gsmvalidation.ValidateCollectionName on effectiveCollection (not
c.DPTPCollection). Ensure you reference c.Bundles, bundle.DockerConfig,
c.DPTPCollection and the effective DPTPGSMCollection variable when making the
change.

🧹 Nitpick comments (2)

pkg/steps/multi_stage/gsm_bundle_resolver_test.go (1)

247-247: Use the exported default constant in the fixture.

Line 247 hardcodes "test-platform-infra". Prefer api.DPTPGSMCollection to avoid drift.

Suggested cleanup

-				DPTPCollection: "test-platform-infra",
+				DPTPCollection: api.DPTPGSMCollection,

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/steps/multi_stage/gsm_bundle_resolver_test.go` at line 247, The test
fixture currently hardcodes the collection name "test-platform-infra" (in the
DPTPCollection field); replace that literal with the exported constant
api.DPTPGSMCollection so the test uses the canonical default value. Locate the
fixture setting for DPTPCollection in gsm_bundle_resolver_test.go and change the
value to api.DPTPGSMCollection, ensuring the api package is imported where
necessary.

pkg/api/gsm.go (1)

24-27: Coordinate this API change with downstream vendored consumers.

GSMConfig.DPTPCollection addition plus RegistryAuthData.Collection removal changes exported API shape. Please keep the downstream vendor/update (notably openshift/ci-chat-bot) coupled with this PR to avoid type/deepcopy drift.

Also applies to: 77-82

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/api/gsm.go` around lines 24 - 27, The added GSMConfig.DPTPCollection
field and removal of RegistryAuthData.Collection change the public API shape;
coordinate with downstream vendored consumers (e.g., openshift/ci-chat-bot) to
prevent type/deepcopy drift by updating their types and generated deepcopy code
to match these changes, bumping their vendored dependency or submitting a
follow-up PR that consumes this change; ensure all uses of GSMConfig and
RegistryAuthData in consumers are updated to read/write DPTPCollection and to
stop relying on RegistryAuthData.Collection, and run/update codegen
(deepcopy/genclient) and tests in both this repo and downstream to validate
there are no compile or runtime incompatibilities.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@pkg/api/gsm.go`:
- Around line 272-285: Compute the effective collection value (the resolved
DPTPGSMCollection) before validating and only error if that effective value is
empty when any bundle has DockerConfig; currently the code checks
c.DPTPCollection directly and rejects zero-value, breaking default behavior.
Update the block that sets hasDockerConfig and the subsequent checks to first
derive the effective collection (using the same resolution logic that produces
DPTPGSMCollection), then: if hasDockerConfig and effectiveCollection == ""
append the error, and if effectiveCollection != "" run
gsmvalidation.ValidateCollectionName on effectiveCollection (not
c.DPTPCollection). Ensure you reference c.Bundles, bundle.DockerConfig,
c.DPTPCollection and the effective DPTPGSMCollection variable when making the
change.

---

Nitpick comments:
In `@pkg/api/gsm.go`:
- Around line 24-27: The added GSMConfig.DPTPCollection field and removal of
RegistryAuthData.Collection change the public API shape; coordinate with
downstream vendored consumers (e.g., openshift/ci-chat-bot) to prevent
type/deepcopy drift by updating their types and generated deepcopy code to match
these changes, bumping their vendored dependency or submitting a follow-up PR
that consumes this change; ensure all uses of GSMConfig and RegistryAuthData in
consumers are updated to read/write DPTPCollection and to stop relying on
RegistryAuthData.Collection, and run/update codegen (deepcopy/genclient) and
tests in both this repo and downstream to validate there are no compile or
runtime incompatibilities.

In `@pkg/steps/multi_stage/gsm_bundle_resolver_test.go`:
- Line 247: The test fixture currently hardcodes the collection name
"test-platform-infra" (in the DPTPCollection field); replace that literal with
the exported constant api.DPTPGSMCollection so the test uses the canonical
default value. Locate the fixture setting for DPTPCollection in
gsm_bundle_resolver_test.go and change the value to api.DPTPGSMCollection,
ensuring the api package is imported where necessary.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 79308461-8c8b-416c-8753-ef52983a7546

📥 Commits

Reviewing files that changed from the base of the PR and between d5ba199 and 4d65c7f.

📒 Files selected for processing (6)

• cmd/ci-secret-bootstrap/main.go
• cmd/ci-secret-bootstrap/main_test.go
• cmd/ci-secret-generator/main_test.go
• pkg/api/gsm.go
• pkg/api/gsm_test.go
• pkg/steps/multi_stage/gsm_bundle_resolver_test.go

✅ Files skipped from review due to trivial changes (1)

• cmd/ci-secret-bootstrap/main.go

🚧 Files skipped from review as they are similar to previous changes (1)

• cmd/ci-secret-generator/main_test.go

[coderabbitai]

♻️ Duplicate comments (1)

pkg/api/gsm.go (1)

281-294: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Avoid hard-failing empty dptp_collection in Validate()

Line 289 introduces a validation failure for unresolved configs, even though Line 128 already defines a safe defaulting path. Validate the effective collection (defaulting to DPTPGSMCollection when dockerconfig is present) instead of requiring explicit input.

Suggested adjustment

-	if hasDockerConfig && c.DPTPCollection == "" {
-		errs = append(errs, fmt.Errorf("dptp_collection must be set when bundles use dockerconfig"))
-	}
-	if c.DPTPCollection != "" && !gsmvalidation.ValidateCollectionName(c.DPTPCollection) {
-		errs = append(errs, fmt.Errorf("dptp_collection has invalid collection name: %s", c.DPTPCollection))
+	effectiveCollection := c.DPTPCollection
+	if hasDockerConfig && effectiveCollection == "" {
+		effectiveCollection = DPTPGSMCollection
+	}
+	if effectiveCollection != "" && !gsmvalidation.ValidateCollectionName(effectiveCollection) {
+		errs = append(errs, fmt.Errorf("dptp_collection has invalid collection name: %s", effectiveCollection))
 	}

As per coding guidelines "Backward compatibility matters — new fields should have zero-value defaults that preserve existing behavior".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/api/gsm.go` around lines 281 - 294, The Validate() logic currently
hard-fails when any bundle has DockerConfig and c.DPTPCollection is empty;
instead compute the effective collection name (use c.DPTPCollection if
non-empty, otherwise use the default constant DPTPGSMCollection when
hasDockerConfig is true) and run gsmvalidation.ValidateCollectionName against
that effective value; update the block that checks hasDockerConfig and the
subsequent ValidateCollectionName call to validate and append errors based on
the effectiveCollection variable rather than requiring an explicit
DPTPCollection.

🧹 Nitpick comments (1)

pkg/api/gsm.go (1)

24-27: Plan downstream vendor sync before unholding this PR

GSMConfig shape changed (DPTPCollection added / registry collection moved). Please ensure linked consumers with vendored ci-tools API (notably openshift/ci-chat-bot) bump vendor and regenerate deepcopy code in lockstep to avoid cross-repo type/build drift.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/api/gsm.go` around lines 24 - 27, GSMConfig's shape changed (new
DPTPCollection field and moved registry collection), so before unholding this PR
coordinate a downstream vendor sync: notify linked consumers (e.g.,
openshift/ci-chat-bot) to update their vendored ci-tools API, run `go mod
vendor`/vendor bump, and regenerate deepcopy code to match the new GSMConfig
(fields like DPTPCollection, ClusterGroups, Components, Bundles, and
GSMSecretRef) to prevent cross-repo type/build drift; ensure consumers compile
and their generated deep-copy files are committed in the same change that
updates the vendored API.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@pkg/api/gsm.go`:
- Around line 281-294: The Validate() logic currently hard-fails when any bundle
has DockerConfig and c.DPTPCollection is empty; instead compute the effective
collection name (use c.DPTPCollection if non-empty, otherwise use the default
constant DPTPGSMCollection when hasDockerConfig is true) and run
gsmvalidation.ValidateCollectionName against that effective value; update the
block that checks hasDockerConfig and the subsequent ValidateCollectionName call
to validate and append errors based on the effectiveCollection variable rather
than requiring an explicit DPTPCollection.

---

Nitpick comments:
In `@pkg/api/gsm.go`:
- Around line 24-27: GSMConfig's shape changed (new DPTPCollection field and
moved registry collection), so before unholding this PR coordinate a downstream
vendor sync: notify linked consumers (e.g., openshift/ci-chat-bot) to update
their vendored ci-tools API, run `go mod vendor`/vendor bump, and regenerate
deepcopy code to match the new GSMConfig (fields like DPTPCollection,
ClusterGroups, Components, Bundles, and GSMSecretRef) to prevent cross-repo
type/build drift; ensure consumers compile and their generated deep-copy files
are committed in the same change that updates the vendored API.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 0bcb4d11-9a3c-4647-8d6c-9c42ba0e6ffd

📥 Commits

Reviewing files that changed from the base of the PR and between c84051a and 7a666b5.

📒 Files selected for processing (6)

• cmd/ci-secret-bootstrap/main.go
• cmd/ci-secret-bootstrap/main_test.go
• cmd/ci-secret-generator/main_test.go
• pkg/api/gsm.go
• pkg/api/gsm_test.go
• pkg/steps/multi_stage/gsm_bundle_resolver_test.go

🚧 Files skipped from review as they are similar to previous changes (2)

• cmd/ci-secret-generator/main_test.go
• cmd/ci-secret-bootstrap/main_test.go

[psalajova]

/test e2e

[openshift-ci]

@psalajova: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/breaking-changes	7a666b5	link	false	/test breaking-changes
ci/prow/e2e	7a666b5	link	true	/test e2e
ci/prow/images	7a666b5	link	true	/test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[danilo-gemoli]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danilo-gemoli, psalajova

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [danilo-gemoli,psalajova]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[psalajova]

/test e2e

[psalajova]

/unhold

[openshift-merge-bot]

/retest-required

Remaining retests: 0 against base HEAD 2df81d8 and 2 for PR HEAD 7a666b5 in total