Skip to content

ROSA-745: boilerplate-update after openshift/boilerplate#748#276

Closed
MitaliBhalla wants to merge 2 commits into
openshift:mainfrom
MitaliBhalla:rosa-745-boilerplate-update
Closed

ROSA-745: boilerplate-update after openshift/boilerplate#748#276
MitaliBhalla wants to merge 2 commits into
openshift:mainfrom
MitaliBhalla:rosa-745-boilerplate-update

Conversation

@MitaliBhalla

@MitaliBhalla MitaliBhalla commented Jun 11, 2026

Copy link
Copy Markdown

Summary

ROSA-745: make boilerplate-update after openshift/boilerplate#748.

Picks up Dependabot docker template changes (lgtm/approved, Mon 03:00 UTC) and latest boilerplate-managed files.

make boilerplate-update does not refresh an existing boilerplate-managed .github/dependabot.yml; this PR syncs it from the #748 template (docker-only).

Renovate/MintMaker gomod rules are inherited via extends: openshift/boilerplate — no renovate change in this PR.

Test plan

  • CI green (prow + Konflux)
  • Dependabot docker PRs get lgtm/approved after merge

Jira: ROSA-745

Summary by CodeRabbit

Chores

  • Enhanced dependency management configuration with improved scheduling and labeling controls
  • Updated team member roster for code review and approval processes

Pick up Dependabot docker automerge labels/schedule from boilerplate.
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jun 11, 2026
@openshift-ci-robot

openshift-ci-robot commented Jun 11, 2026

Copy link
Copy Markdown

@MitaliBhalla: This pull request references ROSA-745 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the initiative to target the "5.0.0" version, but no target version was set.

Details

In response to this:

Summary

ROSA-745: make boilerplate-update after openshift/boilerplate#748.

Picks up Dependabot docker template changes (lgtm/approved, Mon 03:00 UTC) and latest boilerplate-managed files.

make boilerplate-update does not refresh an existing boilerplate-managed .github/dependabot.yml; this PR syncs it from the #748 template (docker-only).

Renovate/MintMaker gomod rules are inherited via extends: openshift/boilerplate — no renovate change in this PR.

Test plan

  • CI green (prow + Konflux)
  • Dependabot docker PRs get lgtm/approved after merge

Jira: ROSA-745

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@coderabbitai

coderabbitai Bot commented Jun 11, 2026

Copy link
Copy Markdown

Warning

Review limit reached

@MitaliBhalla, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 51 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 65bfef41-1afc-4dcb-9d61-1f9b5db74217

📥 Commits

Reviewing files that changed from the base of the PR and between a1145a5 and 140086c.

📒 Files selected for processing (1)
  • .github/dependabot.yml

Walkthrough

This PR updates two configuration files. Dependabot settings are expanded with boilerplate-managed markers, additional approval labels, and precise scheduling fields, while the boilerplate dependency ignore entry is renamed. The team leads ownership alias list is refreshed with three new members and one removal.

Changes

Configuration Updates

Layer / File(s) Summary
Dependabot configuration and boilerplate dependency ignore
.github/dependabot.yml
Dependabot configuration adds boilerplate-managed boundary comments, extends labels with lgtm and approved, specifies schedule timing fields (day, time, timezone), and changes the ignored boilerplate dependency from app-sre/boilerplate to redhat-services-prod/openshift/boilerplate, while preserving Docker ecosystem configuration and the existing openshift4/ose-operator-registry ignore rule.
Team leads ownership alias update
OWNERS_ALIASES
The srep-team-leads alias list is updated by removing iamkirkbater and adding dustman9000, bmeng, and typeid.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes


Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error, 2 warnings)

Check name Status Explanation Resolution
Ote Binary Stdout Contract ❌ Error The newly added fips.go file contains fmt.Println() in a process-level init() function, which writes non-JSON output to stdout and violates the OTE Binary Stdout Contract. Replace fmt.Println with klog.InfoS or similar structured logging, or redirect to stderr using klog.SetOutput(os.Stderr) before any output.
Microshift Test Compatibility ⚠️ Warning New e2e test uses machine.openshift.io APIs (MachineSet, Machine) and openshift-machine-api namespace, which are unavailable on MicroShift. No MicroShift safeguards ([Skipped:MicroShift], [apigroup... Add [apigroup:machine.openshift.io] tag to test names, or guard with exutil.IsMicroShiftCluster() check to skip on MicroShift. See custom check for recommended remediation options.
Description check ⚠️ Warning The PR description is missing several required template sections: no 'What is being added?' context, no testing checklist items, and no 'Steps To Manually Test' section. Add the missing template sections: fill out 'What is being added?', complete the testing checklist, and provide 'Steps To Manually Test' with clear reproduction steps for validating the Dependabot configuration changes.
✅ Passed checks (12 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately summarizes the main change: running boilerplate-update to incorporate changes from openshift/boilerplate#748, which aligns with the changeset modifications to .github/dependabot.yml and OWNERS_ALIASES.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed All test names in the PR use stable, descriptive strings without dynamic identifiers like generated suffixes, timestamps, UUIDs, or IP addresses. No fmt.Sprintf or string concatenation found in tes...
Test Structure And Quality ✅ Passed No Ginkgo test code was modified in this PR. Changes are limited to configuration and boilerplate files (.github/dependabot.yml, OWNERS_ALIASES, and boilerplate templates). The custom check is not...
Single Node Openshift (Sno) Test Compatibility ✅ Passed No new Ginkgo e2e tests are added in this PR. Changes are limited to configuration files (.github/dependabot.yml and OWNERS_ALIASES), making the SNO Test Compatibility check not applicable.
Topology-Aware Scheduling Compatibility ✅ Passed PR modifies only Dependabot configuration (.github/dependabot.yml) and team aliases (OWNERS_ALIASES), not deployment manifests, operator code, or controllers. Check applies only to scheduling const...
Ipv6 And Disconnected Network Test Compatibility ✅ Passed The e2e test added (test/e2e/managed_node_metadata_operator_tests.go) with //go:build osde2e tag is designed for OpenShift Dedicated E2E environments where external OCM API connectivity is intentio...
No-Weak-Crypto ✅ Passed PR contains only configuration files (.github/dependabot.yml and OWNERS_ALIASES) with no cryptographic code, weak algorithms, or unsafe secret comparisons.
Container-Privileges ✅ Passed PR contains no privileged container settings. Dockerfiles use non-root users (nonroot:nonroot, UID 1001), and K8s deployments enforce runAsNonRoot: true without privileged/hostPID/hostNetwork/hostI...
No-Sensitive-Data-In-Logs ✅ Passed PR modifies only configuration files (.github/dependabot.yml and OWNERS_ALIASES) with no logging statements or sensitive data exposure.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands and usage tips.

@openshift-ci

openshift-ci Bot commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: MitaliBhalla
Once this PR has been reviewed and has the lgtm label, please assign typeid for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@codecov-commenter

codecov-commenter commented Jun 11, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.60%. Comparing base (4394d69) to head (140086c).

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #276   +/-   ##
=======================================
  Coverage   58.60%   58.60%           
=======================================
  Files           5        5           
  Lines         244      244           
=======================================
  Hits          143      143           
  Misses         87       87           
  Partials       14       14           
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Match ose-operator-registry-rhel9 in build/Dockerfile.olm-registry.

Co-authored-by: Cursor <cursoragent@cursor.com>
@openshift-ci

openshift-ci Bot commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

@MitaliBhalla: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@MitaliBhalla

MitaliBhalla commented Jun 11, 2026

Copy link
Copy Markdown
Author

Closing pending MCWV MintMaker pilot validation (openshift/managed-cluster-validating-webhooks#553).

Will reopen a consolidated ROSA-745 PR per repo after #553 merges, including:

  • explicit enabledManagers tekton/gomod in renovate.json
  • docker-only Dependabot with build/-derived ignores
  • boilerplate-update where needed

Jira: ROSA-745

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

jira/valid-reference Indicates that this PR references a valid Jira ticket of any type.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants