added recommended resource conf to kubeauthproxy

[resoluteCoder]

Description

JIRA: RHOAIENG-40618

How Has This Been Tested?

Screenshot or short clip

Merge criteria

• You have read the contributors guide.
• Commit messages are meaningful - have a clear and concise summary and detailed explanation of what was changed and why.
• Pull Request contains a description of the solution, a link to the JIRA issue, and to any dependent or related Pull Request.
• Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• The developer has manually tested the changes and verified that the changes work
• The developer has run the integration test pipeline and verified that it passed successfully

E2E test suite update requirement

When bringing new changes to the operator code, such changes are by default required to be accompanied by extending and/or updating the E2E test suite accordingly.

To opt-out of this requirement:

1. Please inspect the opt-out guidelines, to determine if the nature of the PR changes allows for skipping this requirement
2. If opt-out is applicable, provide justification in the dedicated E2E update requirement opt-out justification section below
3. Check the checkbox below:

• Skip requirement to update E2E test suite for this PR

4. Submit/save these changes to the PR description. This will automatically trigger the check.

E2E update requirement opt-out justification

no need

Summary by CodeRabbit

• Chores
  • Updated container resource specifications for authentication proxy components. Increased CPU requests to 500m and memory requests to 128Mi. Memory limits adjusted to 128Mi with CPU limits removed. These optimizations improve service performance and resource efficiency.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Resource specifications are updated in two Kubernetes deployment templates for the kube-auth-proxy components. Container CPU requests increase from 10m to 500m, memory requests increase from 32Mi to 128Mi, CPU limits are removed, and memory limits increase from 64Mi to 128Mi across both deployments.

Changes

Cohort / File(s)	Summary
Kube-auth-proxy deployment resource updates internal/controller/services/gateway/resources/kube-auth-proxy-oauth-deployment.tmpl.yaml, internal/controller/services/gateway/resources/kube-auth-proxy-oidc-deployment.tmpl.yaml	Increased container CPU requests from 10m to 500m and memory requests from 32Mi to 128Mi. Removed CPU limit specification and increased memory limit from 64Mi to 128Mi.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

• Both files contain identical, straightforward resource specification changes with no logic modifications
• Homogeneous pattern across files reduces review complexity
• Simple numeric value adjustments with no behavioral impact

Poem

🐰 Hop, hop, more resources we've got!
From tiny requests to a generous lot,
Five hundred millicores, one twenty-eight megs,
No CPU limits—now stretch out those legs!

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: increased resource configuration for kube-auth-proxy components as reflected in both modified deployment templates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign sefroberg for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

internal/controller/services/gateway/resources/kube-auth-proxy-oauth-deployment.tmpl.yaml (1)

68-73: Add inline documentation for the resource configuration rationale.

If these values are officially recommended by upstream or your organization's standards, add a brief comment explaining the source and rationale. This helps future maintainers understand the design decision.

          resources:
            requests:
              cpu: "500m"      # Recommended by RHOAIENG-40618; allows burst handling
              memory: "128Mi"  # Based on profiling; monitor for OOM events
            limits:
              memory: "128Mi"  # No CPU limit; see RHOAIENG-40618 for rationale

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9a4994c and 5546e23.

📒 Files selected for processing (2)

• internal/controller/services/gateway/resources/kube-auth-proxy-oauth-deployment.tmpl.yaml (1 hunks)
• internal/controller/services/gateway/resources/kube-auth-proxy-oidc-deployment.tmpl.yaml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Build/push catalog image
• GitHub Check: golangci-lint
• GitHub Check: kube-linter
• GitHub Check: Run tests and collect coverage on internal and pkg

🔇 Additional comments (1)

internal/controller/services/gateway/resources/kube-auth-proxy-oauth-deployment.tmpl.yaml (1)

68-73: Verify justification for substantial resource increases and CPU limit removal.

The resource specifications show increased CPU and memory requests with CPU limits removed entirely. The PR description lacks detailed rationale for these values, and E2E testing updates were reportedly skipped.

Specific concerns:

1. No documented rationale in the PR description—are these based on upstream recommendations, performance testing, or cluster policies?
2. Removing CPU limits allows unbounded consumption. Confirm this aligns with your cluster resource policies and namespace quotas.
3. Memory limit equals memory request, leaving no headroom for temporary spikes; any overage triggers pod eviction.
4. E2E test updates were skipped. Resource changes warrant testing to catch scheduling or performance regressions.

Please provide:

• Link to or excerpt from JIRA RHOAIENG-40618 documenting the resource values as "recommended".
• Confirmation that removing CPU limits aligns with your cluster resource policies.
• Evidence of testing that validates these resource values are sufficient for the oauth2-proxy workload.