CNTRLPLANE-3176: implements operator tls config compliance

[ricardomaraschini]

Refactor metrics server to accept a configv1.GenericControllerConfig for configuration. Key improvements include early bind failure detection, certificate validation at construction time, and support for TLS version and cipher suite configuration.

This is part of PQC compliance work.

[openshift-ci-robot]

@ricardomaraschini: This pull request references CNTRLPLANE-3176 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Refactor metrics server to accept a configv1.GenericControllerConfig for configuration. Key improvements include early bind failure detection, certificate validation at construction time, and support for TLS version and cipher suite configuration.

This is part of PQC compliance work.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 5a30f4fa-f8c0-4d46-b677-3588c758d1bb

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ricardomaraschini]

/retest

[ingvagabund]

/label backport-risk-assessed

[ingvagabund]

/lgtm

[openshift-ci]

@ingvagabund: The label(s) backport-risk-assessed cannot be applied or removed, because you are not in one of the allowed teams and are not an allowed user. Must be a member of one of these teams: openshift-patch-managers, openshift-release-oversight, openshift-staff-engineers, openshift-sustaining-engineers

Details

In response to this:

/label backport-risk-assessed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[aroyoredhat]

/lgtm

/verified by aroyoredhat

/label backport-risk-assessed

[openshift-ci-robot]

@aroyoredhat: This PR has been marked as verified by aroyoredhat.

Details

In response to this:

/lgtm

/verified by aroyoredhat

/label backport-risk-assessed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aroyoredhat, ingvagabund, ricardomaraschini

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [aroyoredhat]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ricardomaraschini]

/retest

[ricardomaraschini]

/jira refresh

[openshift-ci-robot]

@ricardomaraschini: This pull request references CNTRLPLANE-3176 which is a valid jira issue.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[ricardomaraschini]

/label jira/valid-bug

[openshift-ci]

@ricardomaraschini: The label(s) jira/valid-bug cannot be applied or removed, because you are not in one of the allowed teams and are not an allowed user. Must be a member of one of these teams: openshift-patch-managers, openshift-staff-engineers, openshift-release-oversight, openshift-sustaining-engineers

Details

In response to this:

/label jira/valid-bug

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[ricardomaraschini]

/jira refresh

[openshift-ci-robot]

@ricardomaraschini: This pull request references CNTRLPLANE-3176 which is a valid jira issue.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[ricardomaraschini]

/jira refresh

[openshift-ci-robot]

@ricardomaraschini: This pull request references CNTRLPLANE-3176 which is a valid jira issue.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[aroyoredhat]

/label jira/valid-bug

[openshift-ci]

@aroyoredhat: The label(s) jira/valid-bug cannot be applied or removed, because you are not in one of the allowed teams and are not an allowed user. Must be a member of one of these teams: openshift-patch-managers, openshift-staff-engineers, openshift-release-oversight, openshift-sustaining-engineers

Details

In response to this:

/label jira/valid-bug

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[aroyoredhat]

/jira refresh

[openshift-ci-robot]

@aroyoredhat: This pull request references CNTRLPLANE-3176 which is a valid jira issue.

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[shannon]

/label jira/valid-bug

[aroyoredhat]

/retest-required

[aroyoredhat]

/test okd-scos-images

[aroyoredhat]

/test images

[aroyoredhat]

/test all

[ricardomaraschini]

/retest

[ricardomaraschini]

/retest-required

[ricardomaraschini]

/test all

[gangwgr]

/pipeline required

[ricardomaraschini]

/test ci/prow/okd-scos-images

[openshift-ci]

@ricardomaraschini: The specified target(s) for /test were not found.
The following commands are available to trigger required jobs:

/test e2e-aws

/test e2e-aws-operator

/test e2e-aws-ovn-builds

/test e2e-aws-ovn-image-ecosystem

/test e2e-aws-ovn-jenkins

/test e2e-aws-ovn-upgrade

/test images

/test unit

/test verify

/test verify-deps

The following commands are available to trigger optional jobs:

/test e2e-aws-ovn-proxy

Use /test all to run the following jobs that were automatically triggered:

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws-operator

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws-ovn-image-ecosystem

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws-ovn-upgrade

pull-ci-openshift-cluster-samples-operator-release-4.22-images

pull-ci-openshift-cluster-samples-operator-release-4.22-unit

pull-ci-openshift-cluster-samples-operator-release-4.22-verify

pull-ci-openshift-cluster-samples-operator-release-4.22-verify-deps

Details

In response to this:

/test ci/prow/okd-scos-images

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[ricardomaraschini]

/test okd-scos-images

[openshift-ci]

@ricardomaraschini: The specified target(s) for /test were not found.
The following commands are available to trigger required jobs:

/test e2e-aws

/test e2e-aws-operator

/test e2e-aws-ovn-builds

/test e2e-aws-ovn-image-ecosystem

/test e2e-aws-ovn-jenkins

/test e2e-aws-ovn-upgrade

/test images

/test unit

/test verify

/test verify-deps

The following commands are available to trigger optional jobs:

/test e2e-aws-ovn-proxy

Use /test all to run the following jobs that were automatically triggered:

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws-operator

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws-ovn-image-ecosystem

pull-ci-openshift-cluster-samples-operator-release-4.22-e2e-aws-ovn-upgrade

pull-ci-openshift-cluster-samples-operator-release-4.22-images

pull-ci-openshift-cluster-samples-operator-release-4.22-unit

pull-ci-openshift-cluster-samples-operator-release-4.22-verify

pull-ci-openshift-cluster-samples-operator-release-4.22-verify-deps

Details

In response to this:

/test okd-scos-images

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[ricardomaraschini]

/override ci/prow/okd-scos-images

[openshift-ci]

@ricardomaraschini: ricardomaraschini unauthorized: /override is restricted to Repo administrators, approvers in top level OWNERS file, and the following github teams:openshift: openshift-release-oversight openshift-staff-engineers openshift-sustaining-engineers.

Details

In response to this:

/override ci/prow/okd-scos-images

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[petr-muller]

/override ci/prow/okd-scos-images

[openshift-ci]

@petr-muller: Overrode contexts on behalf of petr-muller: ci/prow/okd-scos-images

Details

In response to this:

/override ci/prow/okd-scos-images

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

@ricardomaraschini: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.