Fake bump

[bertinatto]

Summary by CodeRabbit

• Tests

  • Updated end-to-end encryption tests to use context-aware helper calls and a shared fake KMS provider.
  • Updated performance, rotation, type, and turn-on encryption tests to pass explicit context to helpers.

• Chores

  • Reformatted module directives and added a replace entry in go.mod to redirect a library dependency.

[bertinatto]

/test all

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: bd76ed83-a64e-4c46-9076-00088aeebbd7

📥 Commits

Reviewing files that changed from the base of the PR and between 3f17c34 and d15ae7a.

⛔ Files ignored due to path filters (3)

• go.sum is excluded by !**/*.sum
• vendor/github.com/openshift/library-go/test/library/encryption/kms/vault.go is excluded by !**/vendor/**, !vendor/**
• vendor/modules.txt is excluded by !**/vendor/**, !vendor/**

📒 Files selected for processing (1)

• go.mod

---

Walkthrough

go.mod adds a replace redirect for openshift/library-go; e2e encryption tests now pass context.TODO() to library helpers, and KMS tests use librarykms.DefaultFakeVaultEncryptionProvider instead of constructing providers inline.

Changes

Library-go Context and Provider Alignment

Layer / File(s)	Summary
Dependency update and redirect go.mod	Replace directive for ginkgo/v2 is reformatted into a parenthesized replace (...) block, and a new replace entry redirects github.com/openshift/library-go to github.com/bertinatto/library-go at a pinned pseudo-version.
KMS encryption provider refactoring and context integration test/e2e-encryption-kms/encryption_kms.go	Removes configv1 import and replaces inline KMS provider construction with librarykms.DefaultFakeVaultEncryptionProvider; updates testKMSEncryptionOnOff, testKMSEncryptionProvidersMigration, and the shuffled providers list to use context.TODO() and the shared fake provider.
Context parameter additions across remaining e2e tests test/e2e-encryption/encryption_test.go, test/e2e-encryption-perf/encryption_perf_test.go, test/e2e-encryption-rotation/encryption_rotation_test.go, test/e2e/encryption.go	Add context imports where needed and update library.Test* helper invocations to pass context.TODO() as the first parameter.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• dgrisonnet

🚥 Pre-merge checks | ✅ 8 | ❌ 4

❌ Failed checks (3 warnings, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 37.50% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Microshift Test Compatibility	⚠️ Warning	Test in test/e2e/encryption.go uses openshift-kube-apiserver namespace, which is not available on MicroShift and lacks protection mechanisms like [Skipped:MicroShift] or exutil checks.	Add [Skipped:MicroShift] label to the test name or guard with exutil.IsMicroShiftCluster() check to protect from running on MicroShift clusters.
Topology-Aware Scheduling Compatibility	⚠️ Warning	The deployment manifest uses nodeSelector targeting control-plane nodes (node-role.kubernetes.io/master), which breaks on HyperShift where no nodes carry control-plane labels.	Either remove the nodeSelector and let the tolerations suffice, or make the nodeSelector topology-aware by checking infrastructure.Status.ControlPlaneTopology.
Title check	❓ Inconclusive	The title 'Fake bump' is vague and generic, providing no meaningful information about the changeset. It does not describe the actual changes (go.mod dependency updates and encryption test helper refactoring) or their purpose.	Use a descriptive title that summarizes the primary change, such as 'Update encryption test helpers to use context parameter' or 'Add library-go dependency override and update e2e tests'.

✅ Passed checks (8 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	All test names in modified files are stable and deterministic. No dynamic information (generated IDs, timestamps, node names, etc.) found in Ginkgo test titles or Go test function names.
Test Structure And Quality	✅ Passed	Tests meet all quality requirements: single responsibility, delegated cleanup, proper timeouts, detailed assertions through library functions, and consistent patterns.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	No new Ginkgo e2e tests are being added in this PR; all changes are modifications to existing encryption tests' helper function calls and argument wrapping.
Ote Binary Stdout Contract	✅ Passed	All PR changes are in test execution code (TestXxx and It blocks), not process-level code. No stdout violations detected in main(), init(), BeforeSuite(), or initializers.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	New Ginkgo tests show no hardcoded IPv4 addresses, CIDRs, external connectivity, or improper URL building. Tests manage cluster-internal resources only via delegated library functions.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign everettraven for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[bertinatto]

{  fail [github.com/openshift/library-go@v0.0.0-20260520123929-8dbb42ebf1e9/test/library/encryption/e_log.go:63]: May 21 18:41:58.474: 
	Error Trace:	github.com/openshift/library-go@v0.0.0-20260520123929-8dbb42ebf1e9/test/library/encryption/helpers.go:200
	            				github.com/openshift/library-go@v0.0.0-20260520123929-8dbb42ebf1e9/test/library/encryption/helpers.go:115
	            				github.com/openshift/library-go@v0.0.0-20260520123929-8dbb42ebf1e9/test/library/encryption/helpers.go:83
	            				github.com/openshift/library-go@v0.0.0-20260520123929-8dbb42ebf1e9/test/library/encryption/scenarios.go:79
	            				github.com/openshift/library-go@v0.0.0-20260520123929-8dbb42ebf1e9/test/library/encryption/scenarios.go:145
	Error:      	Received unexpected error:
	            	failed waiting for key encryption-key-openshift-kube-apiserver-1 to be used to migrate [secrets configmaps], due to timed out waiting for the condition
	Test:       	[sig-api-machinery] kube-apiserver operator TestKMSEncryptionOnOff [OCPFeatureGate:KMSEncryption][Serial][Timeout:120m]}

/test e2e-gcp-operator-encryption-kms

[bertinatto]

/test e2e-gcp-operator-encryption-kms

[ardaguclu]

/test e2e-gcp-operator-encryption-kms

[openshift-ci]

@bertinatto: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-aws-ovn-serial-1of2	8803cd6	link	true	/test e2e-aws-ovn-serial-1of2
ci/prow/e2e-aws-ovn	8803cd6	link	true	/test e2e-aws-ovn
ci/prow/e2e-gcp-operator-encryption-perf-single-node	8803cd6	link	false	/test e2e-gcp-operator-encryption-perf-single-node

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[openshift-ci]

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.