ROSA-745: boilerplate-update after openshift/boilerplate#748

[MitaliBhalla]

Summary

ROSA-745: make boilerplate-update after openshift/boilerplate#748.

Picks up Dependabot docker template changes (lgtm/approved, Mon 03:00 UTC) and latest boilerplate-managed files.

make boilerplate-update does not refresh an existing boilerplate-managed .github/dependabot.yml; this PR syncs it from the #748 template (docker-only).

Renovate/MintMaker gomod rules are inherited via extends: openshift/boilerplate — no renovate change in this PR.

Test plan

• CI green (prow + Konflux)
• Dependabot docker PRs get lgtm/approved after merge

Jira: ROSA-745

Summary by CodeRabbit

• Chores
  • Updated dependency management configuration to include new metadata labels and explicit weekly scheduling for Docker ecosystem updates
  • Enhanced pre-commit configuration documentation with improved quick-start guidance and updated version pinning for consistency
  • Updated project team configuration by adjusting team leads list

[openshift-ci-robot]

@MitaliBhalla: This pull request references ROSA-745 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the initiative to target the "5.0.0" version, but no target version was set.

Details

In response to this:

Summary

ROSA-745: make boilerplate-update after openshift/boilerplate#748.

Picks up Dependabot docker template changes (lgtm/approved, Mon 03:00 UTC) and latest boilerplate-managed files.

make boilerplate-update does not refresh an existing boilerplate-managed .github/dependabot.yml; this PR syncs it from the #748 template (docker-only).

Renovate/MintMaker gomod rules are inherited via extends: openshift/boilerplate — no renovate change in this PR.

Test plan

• CI green (prow + Konflux)
• Dependabot docker PRs get lgtm/approved after merge

Jira: ROSA-745

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Warning

Review limit reached

@MitaliBhalla, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 56 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 8cfd2b6b-248f-44d4-b386-97c3ecba7c0e

📥 Commits

Reviewing files that changed from the base of the PR and between 49b2e56 and ef2f0c0.

📒 Files selected for processing (1)

• .github/dependabot.yml

Walkthrough

This PR updates repository infrastructure configuration and team ownership metadata. Changes include dependabot schedule refinement with UTC timezone and PR labels, pre-commit installation documentation with uv support and pinned version, a git-blame configuration reference, and removal of one team lead from the owner aliases.

Changes

Infrastructure Configuration

Layer / File(s)	Summary
CI and dependency tool configuration .github/dependabot.yml, .pre-commit-config.yaml	Dependabot weekly schedule now explicitly runs Mondays at 03:00 UTC with lgtm and approved labels. Pre-commit installation docs add uv quick-start and pin pre-commit==4.6.0. Git-blame ignore-revs-file capability documented.
Team lead roster update OWNERS_ALIASES	Removed iamkirkbater from srep-team-leads alias group.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 15

✅ Passed checks (15 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title references ROSA-745 and boilerplate#748, accurately reflecting the PR's purpose of incorporating upstream boilerplate changes including Dependabot docker template updates and file synchronization.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	This PR contains no Ginkgo tests. All test files added/modified use standard Go testing.T framework with t.Run() subtests. The check for stable/deterministic Ginkgo test names is not applicable.
Test Structure And Quality	✅ Passed	PR contains only configuration file updates (.github/dependabot.yml, .pre-commit-config.yaml, OWNERS_ALIASES) with no test code modifications; Ginkgo test quality check is not applicable.
Microshift Test Compatibility	✅ Passed	PR contains only configuration file changes (.github/dependabot.yml, .pre-commit-config.yaml, OWNERS_ALIASES) with no new Ginkgo e2e tests, so MicroShift compatibility check does not apply.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	PR adds no new Ginkgo e2e tests. New test files use standard Go testing/testify, not Ginkgo BDD patterns. SNO compatibility check is not applicable.
Topology-Aware Scheduling Compatibility	✅ Passed	PR is a boilerplate configuration update with no deployment manifests or operator code changes that introduce scheduling constraints. Deployment has single replica with no affinity/anti-affinity/to...
Ote Binary Stdout Contract	✅ Passed	PR only modifies YAML/config files (.github/dependabot.yml, .pre-commit-config.yaml, OWNERS_ALIASES); no Go source code changed, so OTE Binary Stdout Contract check is not applicable.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	No Ginkgo e2e tests are added in this PR. Modified test files are standard Go unit tests using testing.T, not Ginkgo-based e2e tests. Check not applicable.
No-Weak-Crypto	✅ Passed	PR modifies only YAML configuration files (.github/dependabot.yml, .pre-commit-config.yaml, OWNERS_ALIASES) with no cryptographic code or weak crypto patterns detected.
Container-Privileges	✅ Passed	PR modifies only Dependabot/pre-commit configuration and team aliases; no K8s manifests with container privilege settings were changed or added.
No-Sensitive-Data-In-Logs	✅ Passed	PR contains only configuration file updates (.github/dependabot.yml, .pre-commit-config.yaml, OWNERS_ALIASES) with no logging statements or sensitive data exposure.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: MitaliBhalla
Once this PR has been reviewed and has the lgtm label, please assign smarthall for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 43.28%. Comparing base (e33c4cf) to head (ef2f0c0).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #323   +/-   ##
=======================================
  Coverage   43.28%   43.28%           
=======================================
  Files          11       11           
  Lines         834      834           
=======================================
  Hits          361      361           
  Misses        424      424           
  Partials       49       49           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[openshift-ci]

@MitaliBhalla: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/validate	ef2f0c0	link	true	/test validate

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[MitaliBhalla]

Closing pending MCWV MintMaker pilot validation (openshift/managed-cluster-validating-webhooks#553).

Will reopen a consolidated ROSA-745 PR per repo after #553 merges, including:

• explicit enabledManagers tekton/gomod in renovate.json
• docker-only Dependabot with build/-derived ignores
• boilerplate-update where needed

Jira: ROSA-745