Skip to content

TRT-2587: Revert #2219 "CNTRLPLANE-2769: Bump k8s dependencies to 1.35"#2236

Merged
openshift-merge-bot[bot] merged 2 commits intoopenshift:mainfrom
smg247:revert-2219-17742241213N
Mar 23, 2026
Merged

TRT-2587: Revert #2219 "CNTRLPLANE-2769: Bump k8s dependencies to 1.35"#2236
openshift-merge-bot[bot] merged 2 commits intoopenshift:mainfrom
smg247:revert-2219-17742241213N

Conversation

@smg247
Copy link
Member

@smg247 smg247 commented Mar 23, 2026
edited by openshift-ci bot
Loading

Reverts #2219 ; tracked by TRT-2587

Per OpenShift policy, we are reverting this breaking change to get CI and/or nightly payloads flowing again.

This PR is causing blocking job failures (aggregated-hypershift-ovn-conformance-4.22) in the nightly amd64 payload 4.22.0-0.nightly-2026-03-22-134704. 4 sig-cli tests (oc adm new-project, oc adm storage-admin, oc adm ui-project-commands, templates different namespaces) consistently time out after 15 minutes in hypershift clusters. The oc binary hangs in pidfdWait when executing RBAC/project commands against the hosted API server.

Note: PR #2222 (feature gate and major version extraction for manifest inclusion) was also reverted because it depends on API changes introduced by the k8s 1.35 bump.

To unrevert this, revert this PR, and layer an additional separate commit on top that addresses the problem. Before merging the unrevert, please run these jobs on the PR and check the result of these jobs to confirm the fix has corrected the problem:

/payload-with-prs openshift/oc#NNNN aggregated-hypershift-ovn-conformance-4.22

CC: @ardaguclu @JoelSpeed

smg247 added 2 commits March 22, 2026 20:03
@smg247
Revert "Merge pull request openshift#2222 from JoelSpeed/update-relea…
b649913 
…se-extract-inclusion"

This reverts commit a69f827, reversing
changes made to e3f7056.
@smg247
Revert "Merge pull request openshift#2219 from ardaguclu/bump-1.35"
4eef1c9 
This reverts commit 05fa7bb, reversing
changes made to cb542c51e1c9b5b6b1b0c14d0b6c3e5e5f6f7a8b.

Note: The following dependent commit was also reverted because
it conflicts with or depends on the original change:
- a69f827 Merge pull request openshift#2222 from JoelSpeed/update-release-extract-inclusion
  (Implement feature gate and major version extraction for manifest inclusion)
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Mar 23, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 23, 2026
edited by openshift-ci bot
Loading

@smg247: This pull request references TRT-2587 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Reverts #2219 ; tracked by TRT-2587

Per OpenShift policy, we are reverting this breaking change to get CI and/or nightly payloads flowing again.

This PR is causing blocking job failures (aggregated-hypershift-ovn-conformance-4.22) in the nightly amd64 payload 4.22.0-0.nightly-2026-03-22-134704. 4 sig-cli tests (oc adm new-project, oc adm storage-admin, oc adm ui-project-commands, templates different namespaces) consistently time out after 15 minutes in hypershift clusters. The oc binary hangs in pidfdWait when executing RBAC/project commands against the hosted API server.

Note: PR #2222 (feature gate and major version extraction for manifest inclusion) was also reverted because it depends on API changes introduced by the k8s 1.35 bump.

To unrevert this, revert this PR, and layer an additional separate commit on top that addresses the problem. Before merging the unrevert, please run these jobs on the PR and check the result of these jobs to confirm the fix has corrected the problem:

/payload-with-prs openshift/oc#NNNN aggregated-hypershift-ovn-conformance-4.22

CC: @ardaguclu @JoelSpeed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

1 similar comment
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 23, 2026
edited by openshift-ci bot
Loading

@smg247: This pull request references TRT-2587 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Reverts #2219 ; tracked by TRT-2587

Per OpenShift policy, we are reverting this breaking change to get CI and/or nightly payloads flowing again.

This PR is causing blocking job failures (aggregated-hypershift-ovn-conformance-4.22) in the nightly amd64 payload 4.22.0-0.nightly-2026-03-22-134704. 4 sig-cli tests (oc adm new-project, oc adm storage-admin, oc adm ui-project-commands, templates different namespaces) consistently time out after 15 minutes in hypershift clusters. The oc binary hangs in pidfdWait when executing RBAC/project commands against the hosted API server.

Note: PR #2222 (feature gate and major version extraction for manifest inclusion) was also reverted because it depends on API changes introduced by the k8s 1.35 bump.

To unrevert this, revert this PR, and layer an additional separate commit on top that addresses the problem. Before merging the unrevert, please run these jobs on the PR and check the result of these jobs to confirm the fix has corrected the problem:

/payload-with-prs openshift/oc#NNNN aggregated-hypershift-ovn-conformance-4.22

CC: @ardaguclu @JoelSpeed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@coderabbitai
Copy link

coderabbitai bot commented Mar 23, 2026
edited
Loading

Walkthrough

A project-wide downgrade from Go 1.25 and Kubernetes v1.35.2 to Go 1.24 and v1.34.1, with corresponding dependency updates in go.mod. Docker base images are updated to use the earlier Go version. Additionally, feature-gate extraction logic in release tools is simplified, and CLI command handling is refactored with adjusted plugin discovery flow.

Changes

Cohort / File(s) Summary
Go and Kubernetes Version Downgrades
.ci-operator.yaml, Makefile, go.mod		 Updated Go toolchain from 1.25 to 1.24 and Kubernetes from v1.35.2/35 to v1.34.1/34. go.mod reflects extensive dependency downgrades across AWS SDK v2, containers, Kubernetes/staging modules, and OpenShift-specific packages, with new indirect dependencies introduced (go-openapi suite, oklog/ulid, mongo-driver).
Docker Base Image Updates
images/cli-artifacts/Dockerfile.rhel, images/cli/Dockerfile.rhel, images/tools/Dockerfile		 Updated builder base image tags from golang-1.25 to golang-1.24. Updated io.openshift.build.versions metadata label from kubectl=1.35.2 to kubectl=1.34.1.
Recycler Image Update
images/recycler/Dockerfile.rhel		 Changed base image from OpenShift 4.22 CLI to 4.17 CLI.
Release Tools Refactoring
pkg/cli/admin/release/extract.go, pkg/cli/admin/release/extract_tools.go		 Simplified inclusion configuration derivation: removed JSON-based feature-gate extraction and semver logic; findClusterIncludeConfigFromInstallConfig now accepts only context and install config path; removed EnabledFeatureGates and RequiredMajorVersion fields from manifestInclusionConfiguration; updated function signatures and filtering logic.
CLI Command Handling
pkg/cli/cli.go		 Removed klog import and associated PersistentPreRunE wrapper; refactored plugin-command discovery to conditionally handle lookup based on cmd.Find success; adjusted error output formatting; added moved() helper function for marking deprecated/moved commands.
Test Simplifications
pkg/cli/deployer/strategy/support/lifecycle_test.go, pkg/helpers/describe/describer_test.go		 Removed custom watch reactor inspection logic and replaced with default watch reactor; removed MissingDescriberGVKExceptions slice and related control-flow for test coverage exemptions.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands and usage tips.

Tip

You can enable review details to help with troubleshooting, context usage and more.

Enable the reviews.review_details setting to include review details such as the model used, the time taken for each step and more in the review comments.

@openshift-ci openshift-ci bot requested review from ardaguclu and atiratree March 23, 2026 00:05
@smg247
Copy link
Member Author

smg247 commented Mar 23, 2026

/payload-job periodic-ci-openshift-hypershift-release-4.22-periodics-e2e-aws-ovn-conformance

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 23, 2026

@smg247: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

  • periodic-ci-openshift-hypershift-release-4.22-periodics-e2e-aws-ovn-conformance

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/1c9b3620-264c-11f1-975a-1989bf53803b-0

@smg247
Copy link
Member Author

smg247 commented Mar 23, 2026

/payload-aggregate periodic-ci-openshift-hypershift-release-4.22-periodics-e2e-aws-ovn-conformance 5

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 23, 2026

@smg247: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

  • periodic-ci-openshift-hypershift-release-4.22-periodics-e2e-aws-ovn-conformance

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/37b31810-264c-11f1-8acb-250bb962f0c2-0

coderabbitai[bot]
coderabbitai bot reviewed Mar 23, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Around line 194-196: The go.mod currently lists the indirect module
github.com/sigstore/fulcio at v1.4.5 which has known CVEs; update/pin that
indirect dependency to v1.8.5 (github.com/sigstore/fulcio@v1.8.5) once
Kubernetes 1.35 compatibility is resolved—either by running `go get
github.com/sigstore/fulcio@v1.8.5` and `go mod tidy` to refresh go.mod/go.sum or
temporarily adding a go.mod require/replace for github.com/sigstore/fulcio
v1.8.5 to mitigate the vulnerability; after updating, verify there are no
compatibility breaks with the related modules github.com/sigstore/rekor and
github.com/sigstore/sigstore and run tests.

In `@pkg/cli/admin/release/extract_tools.go`:
- Around line 1284-1286: The call in newIncluder to m.Include is missing the
platform filter so platform-specific CredentialsRequests get included when using
--included; update the includer to pass config.Platform into m.Include (i.e.,
call m.Include with config.ExcludeIdentifier, config.RequiredFeatureSet,
config.Profile, config.Capabilities, config.Platform, config.Overrides or
whatever order matches m.Include's signature) so the platform filtering honored
here (the provider-spec-kind filter in extract.go only runs for
--credentials-requests).

In `@pkg/cli/cli.go`:
- Around line 138-161: The error formatting is inconsistent: the earlier call to
kubecmd.HandlePluginCommand writes fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
while the later call uses "Error: %v\n"; update the earlier call to include the
same "Error: " prefix so both HandlePluginCommand failure paths produce
consistent output (modify the fmt.Fprintf call that prints err after
kubecmd.HandlePluginCommand in the first branch to use "Error: %v\n").
ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 1f5a7898-b8e8-45a1-9ae2-e54125c9d81c

📥 Commits

Reviewing files that changed from the base of the PR and between 5fc4a6b and 4eef1c9.

⛔ Files ignored due to path filters (288)
  • go.sum is excluded by !**/*.sum
  • vendor/github.com/asaskevich/govalidator/.gitignore is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/.travis.yml is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/CODE_OF_CONDUCT.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/CONTRIBUTING.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/LICENSE is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/README.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/arrays.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/converter.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/doc.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/error.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/numerics.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/patterns.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/types.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/utils.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/validator.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/asaskevich/govalidator/wercker.yml is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/credentials.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/debug.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/encode.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/error.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/header.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/header_value.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/timeout_read_closer.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/config.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/provider.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/dpop.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/file.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/provider.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/token.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetDynamicData.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetIAMInfo.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetInstanceIdentityDocument.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetMetadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetRegion.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetToken.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetUserData.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/default_read_seeker_write_to.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/default_writer_read_from.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/download.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/pool.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/read_seeker_write_to.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/upload.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/writer_read_from.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/config.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/smithy.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/v4a.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_add.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_compute_input_checksum.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_setup_context.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/middleware.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/arn_lookup.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/response_error.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_AbortMultipartUpload.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CompleteMultipartUpload.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CopyObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucket.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucketMetadataConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucketMetadataTableConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateMultipartUpload.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateSession.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucket.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketAnalyticsConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketCors.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketEncryption.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketIntelligentTieringConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketInventoryConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketLifecycle.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetadataConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetadataTableConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetricsConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketOwnershipControls.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketPolicy.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketReplication.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketTagging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketWebsite.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjectTagging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjects.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeletePublicAccessBlock.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAbac.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAccelerateConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAcl.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAnalyticsConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketCors.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketEncryption.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketIntelligentTieringConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketInventoryConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLifecycleConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLocation.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLogging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetadataConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetadataTableConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetricsConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketNotificationConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketOwnershipControls.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicy.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicyStatus.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketReplication.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketRequestPayment.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketTagging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketVersioning.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketWebsite.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAcl.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAttributes.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLegalHold.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLockConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectRetention.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTagging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTorrent.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetPublicAccessBlock.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadBucket.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketAnalyticsConfigurations.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketIntelligentTieringConfigurations.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketInventoryConfigurations.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketMetricsConfigurations.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBuckets.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListDirectoryBuckets.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListMultipartUploads.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectVersions.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjects.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectsV2.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListParts.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAbac.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAccelerateConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAcl.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAnalyticsConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketCors.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketEncryption.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketIntelligentTieringConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketInventoryConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLifecycleConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLogging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketMetricsConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketNotificationConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketOwnershipControls.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketPolicy.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketReplication.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketRequestPayment.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketTagging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketVersioning.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketWebsite.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectAcl.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLegalHold.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLockConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectRetention.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectTagging.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutPublicAccessBlock.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_RenameObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_RestoreObject.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_SelectObjectContent.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UpdateBucketMetadataInventoryTableConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UpdateBucketMetadataJournalTableConfiguration.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UpdateObjectEncryption.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPart.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPartCopy.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_WriteGetObjectResponse.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/auth.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/bucket_context.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/bucketer.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/deserializers.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_default.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/generated.json is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/options.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/presign_post.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/serializers.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/enums.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/errors.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/types.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/s3/validators.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/api_client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/api_op_CreateOAuth2Token.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/auth.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/deserializers.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/doc.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/generated.json is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/options.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/serializers.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/types/enums.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/types/errors.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/types/types.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/signin/validators.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoot.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetDelegatedAccessToken.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetWebIdentityToken.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/Makefile is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/README.md is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/metrics/nop.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/middleware/eventstream_middleware.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/middleware/ordered_group.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/middleware/step_build.go is excluded by !vendor/**, !**/vendor/**
  • vendor/github.com/aws/smithy-go/middleware/step_deserialize.go is excluded by !vendor/**, !**/vendor/**
📒 Files selected for processing (12)
  • .ci-operator.yaml
  • Makefile
  • go.mod
  • images/cli-artifacts/Dockerfile.rhel
  • images/cli/Dockerfile.rhel
  • images/recycler/Dockerfile.rhel
  • images/tools/Dockerfile
  • pkg/cli/admin/release/extract.go
  • pkg/cli/admin/release/extract_tools.go
  • pkg/cli/cli.go
  • pkg/cli/deployer/strategy/support/lifecycle_test.go
  • pkg/helpers/describe/describer_test.go
💤 Files with no reviewable changes (1)
  • pkg/helpers/describe/describer_test.go

go.mod
Comment on lines +194 to +196
github.com/sigstore/fulcio v1.4.5 // indirect
github.com/sigstore/rekor v1.3.6 // indirect
github.com/sigstore/sigstore v1.8.4 // indirect
Copy link

@coderabbitai coderabbitai bot Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check which direct dependencies pull in sigstore/fulcio
go mod why -m github.com/sigstore/fulcio 2>/dev/null || echo "Run 'go mod why -m github.com/sigstore/fulcio' locally to trace dependency"

Repository: openshift/oc

Length of output: 227

🌐 Web query:

GO-2025-4193 sigstore fulcio vulnerability SSRF

💡 Result:

GO-2025-4193 is not the Fulcio SSRF issue. It maps to CVE-2025-66506 / GHSA-f83f-xpx7-ffpw and is a DoS-style bug where Fulcio can allocate excessive memory while parsing a malicious token (affected <= v1.8.2, fixed in v1.8.3). [1][2]

The Fulcio SSRF you’re referring to is a different advisory: CVE-2026-22772 / GHSA-59jp-pj84-45mr (published Jan 12–13, 2026). It’s caused by metaRegex() using an unanchored regex, allowing a crafted issuer (iss) to bypass MetaIssuer validation and ultimately trigger blind SSRF (GET-only; response not returned) to internal services (e.g., cloud metadata 169.254.169.254, internal Kubernetes APIs). Affected <= 1.8.4, fixed in 1.8.5; workaround: upgrade to v1.8.5. [3][4]

Sources
[1] https://pkg.go.dev/vuln/GO-2025-4193
[2] GHSA-f83f-xpx7-ffpw
[3] GHSA-59jp-pj84-45mr
[4] https://advisories.gitlab.com/pkg/golang/github.com/sigstore/fulcio/CVE-2026-22772/

🌐 Web query:

GO-2026-4311 sigstore fulcio vulnerability memory exhaustion

💡 Result:

GO-2026-4311 for github.com/sigstore/fulcio is not a memory-exhaustion issue—it’s an SSRF (server-side request forgery) vulnerability caused by a MetaIssuer regex bypass, tracked as CVE-2026-22772 / GHSA-59jp-pj84-45mr. It affects Fulcio versions before v1.8.5; upgrade to v1.8.5+ to fix. [1][2]

If what you meant is Fulcio memory exhaustion / excessive allocation, that is a different vuln: CVE-2025-66506 (GHSA-f83f-xpx7-ffpw), where parsing a malicious OIDC identity token can trigger excessive memory allocation; it affects versions before 1.8.3 and is fixed in 1.8.3+. [3]

🌐 Web query:

sigstore fulcio v1.4.5 vulnerabilities OSV

💡 Result:

Fulcio v1.4.5 is listed in OSV as affected by at least these vulnerabilities:

Citations:

Indirect dependency sigstore/fulcio v1.4.5 has known vulnerabilities.

v1.4.5 is affected by CVE-2025-66506 (HIGH severity, DoS via excessive memory allocation during token parsing) and CVE-2026-22772 (MEDIUM severity, SSRF via regex bypass). Both are fixed in v1.8.5. Since this is an indirect dependency restored by the revert, track for update once k8s 1.35 compatibility constraints are resolved.

🧰 Tools
🪛 OSV Scanner (2.3.3)

[HIGH] 194-194: github.com/sigstore/fulcio 1.4.5: Fulcio allocates excessive memory during token parsing in github.com/sigstore/fulcio

(GO-2025-4193)

[HIGH] 194-194: github.com/sigstore/fulcio 1.4.5: Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass in github.com/sigstore/fulcio

(GO-2026-4311)

[HIGH] 194-194: github.com/sigstore/fulcio 1.4.5: Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass

(GHSA-59jp-pj84-45mr)

[HIGH] 194-194: github.com/sigstore/fulcio 1.4.5: Fulcio allocates excessive memory during token parsing

(GHSA-f83f-xpx7-ffpw)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@go.mod` around lines 194 - 196, The go.mod currently lists the indirect
module github.com/sigstore/fulcio at v1.4.5 which has known CVEs; update/pin
that indirect dependency to v1.8.5 (github.com/sigstore/fulcio@v1.8.5) once
Kubernetes 1.35 compatibility is resolved—either by running `go get
github.com/sigstore/fulcio@v1.8.5` and `go mod tidy` to refresh go.mod/go.sum or
temporarily adding a go.mod require/replace for github.com/sigstore/fulcio
v1.8.5 to mitigate the vulnerability; after updating, verify there are no
compatibility breaks with the related modules github.com/sigstore/rekor and
github.com/sigstore/sigstore and run tests.

pkg/cli/admin/release/extract_tools.go
Comment on lines 1284 to +1286
func newIncluder(config manifestInclusionConfiguration) includer {
return func(m *manifest.Manifest) error {
return m.Include(config.ExcludeIdentifier, config.RequiredFeatureSet, config.Profile, config.Capabilities, config.Overrides, config.EnabledFeatureGates, config.RequiredMajorVersion)
}
}

// extractFeatureGatesFromFiles extracts FeatureGate manifests from the release payload
// cached files and returns the set of enabled feature gates for the specified version and profile.
func extractFeatureGatesFromFiles(files []extractedFile, version, featureSet, profile string) (sets.Set[string], *uint64, error) {
enabledFeatureGates := sets.Set[string]{}

// Validate the version
if version == "" {
return enabledFeatureGates, nil, fmt.Errorf("version cannot be empty")
}

featureGateManifests := []configv1.FeatureGate{}
releaseMetadata := struct {
Version string `json:"version"`
}{}

for _, file := range files {
// Extract the release metadata so that we can work out the release version.
if file.name == "release-metadata" {
if err := json.Unmarshal(file.rawData, &releaseMetadata); err != nil {
return enabledFeatureGates, nil, fmt.Errorf("unable to load release metadata from release payload: %w", err)
}

continue
}

// Process each manifest in the file
for _, m := range file.manifests {
if m.GVK.Group == "config.openshift.io" && m.GVK.Version == "v1" && m.GVK.Kind == "FeatureGate" {
// Extract feature gate data
featureGate := &configv1.FeatureGate{}
if err := k8sruntime.DefaultUnstructuredConverter.FromUnstructured(m.Obj.Object, featureGate); err != nil {
klog.V(4).Infof("Failed to convert FeatureGate %s: %v", file.name, err)
continue
}

featureGateManifests = append(featureGateManifests, *featureGate)
}
}
}

if releaseMetadata.Version == "" {
return enabledFeatureGates, nil, fmt.Errorf("release metadata version is empty")
}

parsedVersion, err := semver.Parse(releaseMetadata.Version)
if err != nil {
return enabledFeatureGates, nil, fmt.Errorf("failed to parse release metadata version %s: %w", releaseMetadata.Version, err)
}

for _, featureGate := range featureGateManifests {
if !appliesToVersion(&featureGate, parsedVersion.Major) ||
!appliesToClusterProfile(&featureGate, profile) ||
!appliesToFeatureSet(&featureGate, featureSet) {
continue
}

// There will only be a single version in the feature gate manifests.
for _, featuregateVersion := range featureGate.Status.FeatureGates {
for _, enabled := range featuregateVersion.Enabled {
enabledFeatureGates.Insert(string(enabled.Name))
}
}
return m.Include(config.ExcludeIdentifier, config.RequiredFeatureSet, config.Profile, config.Capabilities, config.Overrides)
Copy link

@coderabbitai coderabbitai bot Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Platform-specific CredentialsRequests are no longer filtered for plain --included.

Line 1286 ignores config.Platform, even though both config builders still populate it. The remaining provider-spec-kind filter lives in extract.go and only runs when --credentials-requests is set, so oc adm release extract --included now over-extracts cloud-specific credential requests.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/admin/release/extract_tools.go` around lines 1284 - 1286, The call in
newIncluder to m.Include is missing the platform filter so platform-specific
CredentialsRequests get included when using --included; update the includer to
pass config.Platform into m.Include (i.e., call m.Include with
config.ExcludeIdentifier, config.RequiredFeatureSet, config.Profile,
config.Capabilities, config.Platform, config.Overrides or whatever order matches
m.Include's signature) so the platform filtering honored here (the
provider-spec-kind filter in extract.go only runs for --credentials-requests).

pkg/cli/cli.go
Comment on lines 138 to +161
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, 1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
os.Exit(1)
}
}
}
// Command exists(e.g. kubectl create), but it is not certain that
// subcommand also exists (e.g. kubectl create networkpolicy)
// we also have to eliminate kubectl create -f
if kubecmd.IsSubcommandPluginAllowed(foundCmd.Name()) && len(foundArgs) >= 1 && !strings.HasPrefix(foundArgs[0], "-") {
subcommand := foundArgs[0]
builtinSubcmdExist := false
for _, subcmd := range foundCmd.Commands() {
if subcmd.Name() == subcommand {
builtinSubcmdExist = true
break
} else if err == nil {
// Command exists(e.g. kubectl create), but it is not certain that
// subcommand also exists (e.g. kubectl create networkpolicy)
// we also have to eliminate kubectl create -f
if kubecmd.IsSubcommandPluginAllowed(foundCmd.Name()) && len(foundArgs) >= 1 && !strings.HasPrefix(foundArgs[0], "-") {
subcommand := foundArgs[0]
builtinSubcmdExist := false
for _, subcmd := range foundCmd.Commands() {
if subcmd.Name() == subcommand {
builtinSubcmdExist = true
break
}
}
}

if !builtinSubcmdExist {
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, len(cmdPathPieces)-len(foundArgs)+1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
os.Exit(1)
if !builtinSubcmdExist {
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, len(cmdPathPieces)-len(foundArgs)+1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
os.Exit(1)
}
Copy link

@coderabbitai coderabbitai bot Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Inconsistent error output formatting.

Line 139 omits the "Error: " prefix while line 159 includes it, though both handle the same HandlePluginCommand failure scenario.

Proposed fix to make error formatting consistent

Either add the prefix to line 139:

-				fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
+				fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)

Or remove it from line 159:

-				fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
+				fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, 1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
os.Exit(1)
}
}
}
// Command exists(e.g. kubectl create), but it is not certain that
// subcommand also exists (e.g. kubectl create networkpolicy)
// we also have to eliminate kubectl create -f
if kubecmd.IsSubcommandPluginAllowed(foundCmd.Name()) && len(foundArgs) >= 1 && !strings.HasPrefix(foundArgs[0], "-") {
subcommand := foundArgs[0]
builtinSubcmdExist := false
for _, subcmd := range foundCmd.Commands() {
if subcmd.Name() == subcommand {
builtinSubcmdExist = true
break
} else if err == nil {
// Command exists(e.g. kubectl create), but it is not certain that
// subcommand also exists (e.g. kubectl create networkpolicy)
// we also have to eliminate kubectl create -f
if kubecmd.IsSubcommandPluginAllowed(foundCmd.Name()) && len(foundArgs) >= 1 && !strings.HasPrefix(foundArgs[0], "-") {
subcommand := foundArgs[0]
builtinSubcmdExist := false
for _, subcmd := range foundCmd.Commands() {
if subcmd.Name() == subcommand {
builtinSubcmdExist = true
break
}
}
}
if !builtinSubcmdExist {
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, len(cmdPathPieces)-len(foundArgs)+1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
os.Exit(1)
if !builtinSubcmdExist {
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, len(cmdPathPieces)-len(foundArgs)+1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err)
os.Exit(1)
}
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, 1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
os.Exit(1)
}
}
} else if err == nil {
// Command exists(e.g. kubectl create), but it is not certain that
// subcommand also exists (e.g. kubectl create networkpolicy)
// we also have to eliminate kubectl create -f
if kubecmd.IsSubcommandPluginAllowed(foundCmd.Name()) && len(foundArgs) >= 1 && !strings.HasPrefix(foundArgs[0], "-") {
subcommand := foundArgs[0]
builtinSubcmdExist := false
for _, subcmd := range foundCmd.Commands() {
if subcmd.Name() == subcommand {
builtinSubcmdExist = true
break
}
}
if !builtinSubcmdExist {
if err := kubecmd.HandlePluginCommand(o.PluginHandler, cmdPathPieces, len(cmdPathPieces)-len(foundArgs)+1); err != nil {
fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err)
os.Exit(1)
}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@pkg/cli/cli.go` around lines 138 - 161, The error formatting is inconsistent:
the earlier call to kubecmd.HandlePluginCommand writes
fmt.Fprintf(o.IOStreams.ErrOut, "%v\n", err) while the later call uses "Error:
%v\n"; update the earlier call to include the same "Error: " prefix so both
HandlePluginCommand failure paths produce consistent output (modify the
fmt.Fprintf call that prints err after kubecmd.HandlePluginCommand in the first
branch to use "Error: %v\n").

@stbenjam
Copy link
Member

stbenjam commented Mar 23, 2026

/lgtm
/label approved
/hold

The payload agent went back and forth a couple times if this was the cause of permafailing hypershift, but it didn't pick any other PR's. Tagging in case testing confirms

@openshift-ci openshift-ci bot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Mar 23, 2026
@openshift-ci openshift-ci bot added lgtm Indicates that a PR is ready to be merged. and removed approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Mar 23, 2026
@smg247
Copy link
Member Author

smg247 commented Mar 23, 2026

/retest

@ardaguclu
Copy link
Member

ardaguclu commented Mar 23, 2026

That is unfortunate but currently there is no other way
/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 23, 2026
@ardaguclu
Copy link
Member

ardaguclu commented Mar 23, 2026

/lgtm
In case you decide to merge it

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 23, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ardaguclu, smg247, stbenjam

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 23, 2026
@smg247
Copy link
Member Author

smg247 commented Mar 23, 2026

/hold until we hear back from hypershift

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 23, 2026
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 23, 2026

@smg247: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@stbenjam
Copy link
Member

stbenjam commented Mar 23, 2026

/hold cancel
/verified by CI

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 23, 2026
@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Mar 23, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 23, 2026

@stbenjam: This PR has been marked as verified by CI.

Details

In response to this:

/hold cancel
/verified by CI

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-merge-bot openshift-merge-bot bot merged commit 55b9cad into openshift:main Mar 23, 2026
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@ardaguclu ardaguclu Awaiting requested review from ardaguclu

@atiratree atiratree Awaiting requested review from atiratree

Assignees

@stbenjam stbenjam

@ardaguclu ardaguclu

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@smg247 @openshift-ci-robot @stbenjam @ardaguclu