STOR-2762: Bump all deps for 4.22

[rhrmo]

Bump all deps for 4.22
Updating all dependencies using

go get -u ./...

cc @openshift/storage

[openshift-ci-robot]

@rhrmo: This pull request references STOR-2762 which is a valid jira issue.

Details

In response to this:

Bump all deps for 4.22
Updating all dependencies using

go get -u ./...

cc @openshift/storage

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request updates go.mod: the Go toolchain directive is bumped from 1.24.4 to 1.25.3, many direct dependencies are upgraded (AWS SDK v2 modules, Gophercloud, OpenShift/Kubernetes-related modules, github.com/spf13/cobra, github.com/onsi/gomega, etc.), numerous indirect dependencies are refreshed (OpenAPI, CEL, gRPC/protobuf, OpenTelemetry, etcd, structured-merge-diff, etc.), github.com/aws/aws-sdk-go-v2/service/signin was added and github.com/stoewer/go-strcase removed. Additionally, Dockerfile.create_efs updates its builder and runtime base images from OpenShift 4.20/go1.24 to 4.22/go1.25. Lines changed: +88/-88; no exported API changes.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rhrmo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [rhrmo]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

go.mod (1)

3-149: Ensure comprehensive testing after bulk dependency upgrade.

This bulk dependency upgrade touches critical components including Kubernetes, AWS SDK, OpenTelemetry, gRPC, and etcd. While the versions appear internally consistent within their respective families, the scope of changes requires thorough testing:

1. Run the full test suite to catch any regression or compatibility issues
2. Verify integration with external services (AWS, Kubernetes clusters)
3. Test observability pipelines (OpenTelemetry traces, metrics)
4. Validate gRPC communication with dependent services
5. Consider running smoke tests in a staging environment before production deployment

The bulk upgrade approach (go get -u ./...) is convenient but can introduce unexpected breaking changes that may not surface until runtime.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` around lines 3 - 149, The bulk dependency bump in go.mod (notably
k8s.io/api, k8s.io/client-go, github.com/aws/aws-sdk-go-v2,
go.opentelemetry.io/otel, google.golang.org/grpc, go.etcd.io/etcd and related
modules) requires comprehensive verification: run the full unit/integration test
suite (including go test ./... and CI pipelines), exercise integration flows
with AWS and Kubernetes clusters, validate OpenTelemetry traces/metrics and gRPC
interactions end-to-end, perform staging smoke tests, and if any breakages
appear, pin or roll back the offending modules (e.g., k8s.io/*,
github.com/aws/aws-sdk-go-v2, go.opentelemetry.io/otel, google.golang.org/grpc,
go.etcd.io/etcd) and update go.sum via module tidy before re-running tests.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Line 3: Replace the invalid Go version directive in the go.mod's module Go
version line: change the existing "go 1.25.3" go directive to the correct
release "go 1.25.8" so the module uses a real Go toolchain; locate the go
directive in go.mod (the line containing "go 1.25.3") and update it to "go
1.25.8".

---

Nitpick comments:
In `@go.mod`:
- Around line 3-149: The bulk dependency bump in go.mod (notably k8s.io/api,
k8s.io/client-go, github.com/aws/aws-sdk-go-v2, go.opentelemetry.io/otel,
google.golang.org/grpc, go.etcd.io/etcd and related modules) requires
comprehensive verification: run the full unit/integration test suite (including
go test ./... and CI pipelines), exercise integration flows with AWS and
Kubernetes clusters, validate OpenTelemetry traces/metrics and gRPC interactions
end-to-end, perform staging smoke tests, and if any breakages appear, pin or
roll back the offending modules (e.g., k8s.io/*, github.com/aws/aws-sdk-go-v2,
go.opentelemetry.io/otel, google.golang.org/grpc, go.etcd.io/etcd) and update
go.sum via module tidy before re-running tests.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 07a01c2c-a603-4e18-b2f0-7d76e2833e30

📥 Commits

Reviewing files that changed from the base of the PR and between ab09ffa and 9b53cdf.

⛔ Files ignored due to path filters (299)

• go.sum is excluded by !**/*.sum
• vendor/github.com/aws/aws-sdk-go-v2/aws/credentials.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/config.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/provider.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/dpop.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/file.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/provider.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/logincreds/token.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_client.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetDynamicData.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetIAMInfo.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetInstanceIdentityDocument.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetMetadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetRegion.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetToken.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetUserData.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/config.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_AssociateNatGatewayAddress.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_AttachVolume.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateCapacityReservation.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateInterruptibleCapacityReservationAllocation.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateIpamPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateNatGateway.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreatePlacementGroup.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateSecondaryNetwork.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateSecondarySubnet.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateTransitGatewayMeteringPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateTransitGatewayMeteringPolicyEntry.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateVpc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateVpcEncryptionControl.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateVpnConcentrator.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_CreateVpnConnection.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteIpamPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteSecondaryNetwork.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteSecondarySubnet.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteTransitGatewayMeteringPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteTransitGatewayMeteringPolicyEntry.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteVpcEncryptionControl.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DeleteVpnConcentrator.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeCapacityBlockOfferings.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeInstanceAttribute.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeInstances.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeIpamExternalResourceVerificationTokens.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeIpamPolicies.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeIpamResourceDiscoveries.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeIpamResourceDiscoveryAssociations.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeSecondaryInterfaces.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeSecondaryNetworks.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeSecondarySubnets.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeTransitGatewayMeteringPolicies.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeVpcEncryptionControls.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DescribeVpnConcentrators.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DetachVolume.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_DisableIpamPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_EnableIpamPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_GetCapacityReservationUsage.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_GetEnabledIpamPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_GetIpamPolicyAllocationRules.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_GetIpamPolicyOrganizationTargets.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_GetTransitGatewayMeteringPolicyEntries.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_GetVpcResourcesBlockingEncryptionEnforcement.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ListVolumesInRecycleBin.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyInstanceCpuOptions.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyInstanceMetadataDefaults.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyInstanceMetadataOptions.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyIpamPolicyAllocationRules.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyTransitGatewayMeteringPolicy.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyVolume.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_ModifyVpcEncryptionControl.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_RestoreVolumeFromRecycleBin.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_RunInstances.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_SearchTransitGatewayRoutes.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/api_op_UpdateInterruptibleCapacityReservationAllocation.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/deserializers.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/generated.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/serializers.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/types/enums.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/types/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ec2/validators.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/generated.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/efs/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/middleware.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/LICENSE.txt is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/api_client.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/api_op_CreateOAuth2Token.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/deserializers.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/generated.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/serializers.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/types/enums.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/types/errors.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/types/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/signin/validators.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetDelegatedAccessToken.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetWebIdentityToken.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/strings.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/uri.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/go_module_metadata.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/middleware/eventstream_middleware.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/middleware/step_build.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/middleware/step_deserialize.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/middleware/step_finalize.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/middleware/step_initialize.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/aws/smithy-go/middleware/step_serialize.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/coreos/go-systemd/v22/daemon/sdnotify_other.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/coreos/go-systemd/v22/daemon/sdnotify_unix.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/coreos/go-systemd/v22/daemon/watchdog.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/coreos/go-systemd/v22/journal/journal_unix.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/.cliff.toml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/.gitignore is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/.golangci.yml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/CODE_OF_CONDUCT.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/CONTRIBUTORS.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/LICENSE is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/NOTICE is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/SECURITY.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/errors.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonpointer/pointer.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/.editorconfig is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/.gitignore is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/.golangci.yml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/CODE_OF_CONDUCT.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/CONTRIBUTORS.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/NOTICE is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/SECURITY.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/internal/normalize_url.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/jsonreference/reference.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/.gitignore is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/.golangci.yml is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/CODE_OF_CONDUCT.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/CONTRIBUTORS.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/SECURITY.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/TODO.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/cmdutils/cmd_utils.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/cmdutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/cmdutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv/convert.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv/convert_types.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv/format.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv/sizeof.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv/type_constraints.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/conv_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/fileutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/fileutils/file.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/fileutils/path.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/fileutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/go.work.sum is excluded by !**/*.sum, !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonname/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonname/name_provider.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonname_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/ifaces.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/registry_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/registry.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/adapter.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/lexer.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/ordered_map.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/pool.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/register.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/writer.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/concat.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/json.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/ordered_map.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/jsonutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading/errors.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading/json.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading/loading.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading/yaml.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/loading_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/BENCHMARK.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/initialism_index.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/name_lexem.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/name_mangler.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/options.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/pools.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/split.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/string_bytes.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling/util.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/mangling_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/netutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/netutils/net.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/netutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/stringutils/collection_formats.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/stringutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/stringutils/strings.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/stringutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/typeutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/typeutils/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/typeutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/errors.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/ordered_map.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/yaml.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/go-openapi/swag/yamlutils_iface.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/cel/BUILD.bazel is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/cel/library.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/cel/optimizer.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/checker/checker.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/checker/env.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/checker/scopes.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/ast/ast.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/debug/debug.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/env/BUILD.bazel is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/env/env.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/BUILD.bazel is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/bool.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/bytes.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/double.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/duration.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/int.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/json_value.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/google/cel-go/common/types/list.go is excluded by !vendor/**, !**/vendor/**

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify Go 1.25.3 is a valid release

# Check if Go 1.25.3 exists and get release information
curl -s https://go.dev/dl/?mode=json | jq -r '.[] | select(.version == "go1.25.3") | {version, stable}'

# If not found, list available 1.25.x versions
echo "Available Go 1.25.x versions:"
curl -s https://go.dev/dl/?mode=json | jq -r '.[] | select(.version | startswith("go1.25")) | .version'

Repository: openshift/csi-operator

Length of output: 104

---

Update Go version from 1.25.3 to 1.25.8.

Go 1.25.3 does not exist in the official Go releases. The available version in the 1.25.x series is 1.25.8. This will cause build failures when the module is used. Update line 3 to go 1.25.8.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` at line 3, Replace the invalid Go version directive in the go.mod's
module Go version line: change the existing "go 1.25.3" go directive to the
correct release "go 1.25.8" so the module uses a real Go toolchain; locate the
go directive in go.mod (the line containing "go 1.25.3") and update it to "go
1.25.8".

[rhrmo]

/retest-required

[rhrmo]

/test e2e-aws-ovn-upgrade

[rhrmo]

/test images

[rhrmo]

waiting for ART PRs to merge (some operators still build with go 1.24...)

[rhrmo]

/retest

[rhrmo]

/retest

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

Dockerfile.create_efs (1)

6-14: ⚠️ Potential issue | 🟠 Major

Add explicit non-root USER instruction to enforce least privilege.

The final stage lacks a USER instruction, so the create-efs-volume binary runs as the base image's default user (likely root). Since the binary only performs AWS API calls and writes files, it does not require root access. Add USER 65532:65532 after the COPY instruction.

Suggested patch

 FROM registry.ci.openshift.org/ocp/4.22:base-rhel9
 COPY --from=builder /go/src/github.com/openshift/csi-operator/bin/create-efs-volume /usr/bin/
+USER 65532:65532
 
 # This is the image that's used to _generate_ the upstream test manifest.
 # Store the OCP specific test manifests here too, so they're available on the same place.
 COPY test/e2e/aws-efs/* /usr/share/aws-efs-csi-driver/

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Dockerfile.create_efs` around lines 6 - 14, The image runs as the base image
default (likely root); add an explicit non-root USER to enforce least privilege
by inserting a USER 65532:65532 directive into the final stage after the COPY of
/usr/bin/create-efs-volume (and before ENTRYPOINT) so that the create-efs-volume
binary and any writes to /usr/share/aws-efs-csi-driver run as UID/GID 65532
instead of root; update the Dockerfile around the COPY and ENTRYPOINT lines
referencing create-efs-volume and the test/e2e/aws-efs path.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@Dockerfile.create_efs`:
- Around line 6-14: The image runs as the base image default (likely root); add
an explicit non-root USER to enforce least privilege by inserting a USER
65532:65532 directive into the final stage after the COPY of
/usr/bin/create-efs-volume (and before ENTRYPOINT) so that the create-efs-volume
binary and any writes to /usr/share/aws-efs-csi-driver run as UID/GID 65532
instead of root; update the Dockerfile around the COPY and ENTRYPOINT lines
referencing create-efs-volume and the test/e2e/aws-efs path.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 39541541-a08f-4816-8894-14d3e3bfed51

📥 Commits

Reviewing files that changed from the base of the PR and between b75c22a and 92ad569.

📒 Files selected for processing (1)

• Dockerfile.create_efs

[openshift-ci]

@rhrmo: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[dfajmon]

/lgtm

[duanwei33]

/verified by @duanwei33

CI results look good, which should be sufficient for merging from QE side.

[openshift-ci-robot]

@duanwei33: This PR has been marked as verified by @duanwei33.

Details

In response to this:

/verified by @duanwei33

CI results look good, which should be sufficient for merging from QE side.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.