Update boilerplate

[abyrne55]

Sync with latest boilerplate (61dbfdf)

Summary by CodeRabbit

• Chores
  • Updated CI build root image version to image-v8.3.6
  • Enabled automated Docker dependency update checks on a weekly schedule
  • Updated team ownership configuration (alias adjustments)

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 514eb8a5-beff-404c-b43b-7a13543ed7c3

📥 Commits

Reviewing files that changed from the base of the PR and between 3784cb9 and 152057d.

⛔ Files ignored due to path filters (3)

• boilerplate/_data/backing-image-tag is excluded by !boilerplate/**
• boilerplate/_data/last-boilerplate-commit is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/OWNERS_ALIASES is excluded by !boilerplate/**

📒 Files selected for processing (3)

• .ci-operator.yaml
• .github/dependabot.yml
• OWNERS_ALIASES

💤 Files with no reviewable changes (1)

• OWNERS_ALIASES

✅ Files skipped from review due to trivial changes (2)

• .github/dependabot.yml
• .ci-operator.yaml

---

Walkthrough

Bump CI build root image tag from image-v8.3.4 to image-v8.3.6; add a Dependabot configuration to perform weekly Docker updates for the /build directory with labels and ignore rules; remove three entries from OWNERS_ALIASES.

Changes

CI Operator Build Image Update

Layer / File(s)	Summary
Build Configuration ./.ci-operator.yaml	build_root_image.tag updated from image-v8.3.4 → image-v8.3.6 (single-line change).

Dependabot Configuration

Layer / File(s)	Summary
Dependency Automation ./.github/dependabot.yml	New Dependabot v2 config added: Docker ecosystem, directory /build, weekly schedule, labels area/dependency and ok-to-test, and ignored packages redhat-services-prod/openshift/boilerplate and openshift4/ose-operator-registry.

OWNERS Aliases Cleanup

Layer / File(s)	Summary
Team Membership ./OWNERS_ALIASES	Removed abyrne55 from aliases.srep-functional-team-aurora and aliases.srep-functional-leads; removed jharrington22 from aliases.srep-architects.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 9 | ❌ 3

❌ Failed checks (3 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The pull request description is minimal and lacks the required template sections such as PR type, detailed explanation of changes, test coverage, and pre-checks.	Complete the pull request description template with PR type (documentation/other), detailed explanation of boilerplate updates, test coverage information, and applicable pre-checks.
Test Structure And Quality	⚠️ Warning	Ginkgo tests lack assertion messages. 118+ Expect() calls (e.g., Expect(err).ToNot(HaveOccurred())) have no failure messages, violating requirement #4 for meaningful diagnostic messages.	Add diagnostic messages to Expect assertions throughout test files: Expect(err).ToNot(HaveOccurred(), "failed to initialize") to enable better failure diagnostics when assertions fail.
Ipv6 And Disconnected Network Test Compatibility	⚠️ Warning	New e2e tests have IPv4-only code and external connectivity. aws.go has hardcoded "0.0.0.0/0" IPv4 CIDR. Tests require real PagerDuty and OCM APIs, failing offline.	Add IPv6 support "::/0" to aws.go. Add [Skipped:Disconnected] to test or mock external services instead.

✅ Passed checks (9 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Update boilerplate' accurately reflects the main change across all files, which involves syncing with the latest boilerplate repository.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	All Ginkgo test names in the PR are stable and deterministic. No dynamic content (fmt.Sprintf, variable interpolation, timestamps, IPs, UUIDs, generated identifiers) detected in test titles.
Microshift Test Compatibility	✅ Passed	No new Ginkgo e2e tests added. PR modifies only configuration files and boilerplate metadata. MicroShift Test Compatibility check not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	The PR adds one Ginkgo e2e test testing cluster management APIs. No multi-node assumptions detected. Test is compatible with SNO.
Topology-Aware Scheduling Compatibility	✅ Passed	PR updates only boilerplate configuration (.ci-operator.yaml tag), Dependabot setup, and OWNERS_ALIASES. No deployment manifests or operator code with scheduling constraints were modified.
Ote Binary Stdout Contract	✅ Passed	This PR is for Configuration Anomaly Detection (CAD), not an OTE binary. The check for OTE Binary Stdout Contract is not applicable to this project.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: abyrne55
Once this PR has been reviewed and has the lgtm label, please assign raphaelbut for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[MateSaary]

/retest

[openshift-ci]

@abyrne55: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 41.01%. Comparing base (a5e902e) to head (152057d).
⚠️ Report is 11 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #812      +/-   ##
==========================================
+ Coverage   38.38%   41.01%   +2.63%     
==========================================
  Files          67       68       +1     
  Lines        6313     6995     +682     
==========================================
+ Hits         2423     2869     +446     
- Misses       3747     3959     +212     
- Partials      143      167      +24     

see 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[RaphaelBut]

Thanks for the PR!
I did not realize the dependabot config is from boilerplate when i moved this logic to konflux's renovate.

Looks like boilerplate now has both a renovate config and dependabot, which should result in duplicate PRs
https://github.com/openshift/boilerplate/blob/master/.github/renovate.json
https://github.com/openshift/boilerplate/blob/master/boilerplate/openshift/golang-osd-operator/dependabot.yml

https://github.com/openshift/configuration-anomaly-detection/blob/main/.github/renovate.json
Currently we have ^ config extending the one from boilerplate, which should make dependabot obsolete. If it does work as intended, we should probably move it to boilerplate and remove dependabot. ( it would require boilerplate consumers to be on konflux though )

We may want to hold this PR for a bit and figure out whats a good course of action. ( to fix cad, we can probably remove https://github.com/openshift/boilerplate/blob/master/boilerplate/openshift/osd-container-image/dependabot.yml from boilerplate as cad was the only consumer last time i checked :D

[joshbranham]

I think it's because this repo uses boilerplate/openshift/osd-container-image vs the operator one. Either way, +1 for using renovate with Konflux and removing the boilerplate config imo.