NO_JIRA: chore(dependencies): Update dependencies to be aligned with Hypershift repo

[jparrill]

Why we need this PR

• Dependency bump
• Konflux pipelines updated
• Added the .work to the gitignore file

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Updated .gitignore; bumped Go toolchain and many module dependencies in go.mod; updated builder/base images and added build-time flags and RHSM handling in Dockerfiles; refreshed Tekton task bundle references, converted many tasks to matrix-based multi-platform execution, and removed several conditional gates. No public/exported API changes.

Changes

Cohort / File(s)	Summary
Ignore Patterns \.gitignore	Re-added .dccache (restored newline boundary) and added a new .work/ ignore entry under an AI section.
Go module manifest go.mod	Bumped Go toolchain to go 1.25.3; upgraded numerous direct and indirect dependencies (k8s.io/, controller-runtime, sigs.k8s.io/, golang.org/x/*, prometheus, fxamacker/cbor, etc.); updated/added replace directives. No API signature changes.
Docker build images Dockerfile, Dockerfile.oadp	Updated builder/base image tags to golang-1.25 variants; added ARG/ENV for CONTAINER_SUB_MANAGER_OFF and RHSM subscription handling in Dockerfile.oadp; adjusted follow_tag annotations. Build flow and final image layout preserved.
Tekton pipelines .tekton/oadp-hypershift-oadp-plugin-main-*.yaml, .tekton/...	Refreshed many task bundle image references and digests; replaced many when-condition gates with matrix-driven configurations for multi-platform/arch execution; removed legacy gating parameters (e.g., rebuild) and simplified task wiring; added CONTAINER_SUB_MANAGER_OFF to build args and updated LABELS/metadata.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jparrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [jparrill]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[muraee]

/lgtm

[jparrill]

/retest

Now that this got merged:

• CNTRLPLANE-2763: bump 4.22 golang builders to 1.25 openshift-eng/ocp-build-data#8980

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@Dockerfile.oadp`:
- Around line 22-23: The final stage still runs "RUN unlink /etc/rhsm-host"
which can fail if the file doesn't exist; change that command to safely remove
the file only if present (e.g., check existence or use a no-error removal) so
the build won't fail, and keep the existing conditional registration line "RUN
if [ -e \"/activation-key/org\" ]; then subscription-manager register --org
$(cat \"/activation-key/org\") --activationkey $(cat
\"/activation-key/activationkey\"); fi" unchanged except ensuring it follows the
safe unlink removal; update the Dockerfile final stage where "unlink
/etc/rhsm-host" appears (the RUN unlink /etc/rhsm-host invocation) to use the
safe removal approach.
- Around line 11-12: The Dockerfile uses unlink /etc/rhsm-host which fails if
the file/symlink is absent; change that RUN step to safely remove the path
(e.g., test for existence or use a no-fail removal) so the build doesn't error,
e.g. replace the unlink invocation with a conditional removal (check -e or -L)
or a force-remove (rm -f) before the subscription-manager register line; keep
the subscription-manager register logic (the RUN that checks /activation-key/org
and calls subscription-manager register) unchanged so the activation-key flow
still executes.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

unlink may fail if /etc/rhsm-host does not exist.

The unlink /etc/rhsm-host command will fail with a non-zero exit code if the symlink doesn't exist, breaking builds in environments without RHSM host configuration.

Proposed fix

-RUN unlink /etc/rhsm-host
+RUN rm -f /etc/rhsm-host || true

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	RUN unlink /etc/rhsm-host
	RUN if [ -e "/activation-key/org" ]; then subscription-manager register --org $(cat "/activation-key/org") --activationkey $(cat "/activation-key/activationkey"); fi
	RUN rm -f /etc/rhsm-host || true
	RUN if [ -e "/activation-key/org" ]; then subscription-manager register --org $(cat "/activation-key/org") --activationkey $(cat "/activation-key/activationkey"); fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Dockerfile.oadp` around lines 11 - 12, The Dockerfile uses unlink
/etc/rhsm-host which fails if the file/symlink is absent; change that RUN step
to safely remove the path (e.g., test for existence or use a no-fail removal) so
the build doesn't error, e.g. replace the unlink invocation with a conditional
removal (check -e or -L) or a force-remove (rm -f) before the
subscription-manager register line; keep the subscription-manager register logic
(the RUN that checks /activation-key/org and calls subscription-manager
register) unchanged so the activation-key flow still executes.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Same unlink issue in the final stage.

Apply the same fix here to avoid build failures when /etc/rhsm-host doesn't exist.

Proposed fix

-RUN unlink /etc/rhsm-host
+RUN rm -f /etc/rhsm-host || true

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	RUN unlink /etc/rhsm-host
	RUN if [ -e "/activation-key/org" ]; then subscription-manager register --org $(cat "/activation-key/org") --activationkey $(cat "/activation-key/activationkey"); fi
	RUN rm -f /etc/rhsm-host || true
	RUN if [ -e "/activation-key/org" ]; then subscription-manager register --org $(cat "/activation-key/org") --activationkey $(cat "/activation-key/activationkey"); fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Dockerfile.oadp` around lines 22 - 23, The final stage still runs "RUN unlink
/etc/rhsm-host" which can fail if the file doesn't exist; change that command to
safely remove the file only if present (e.g., check existence or use a no-error
removal) so the build won't fail, and keep the existing conditional registration
line "RUN if [ -e \"/activation-key/org\" ]; then subscription-manager register
--org $(cat \"/activation-key/org\") --activationkey $(cat
\"/activation-key/activationkey\"); fi" unchanged except ensuring it follows the
safe unlink removal; update the Dockerfile final stage where "unlink
/etc/rhsm-host" appears (the RUN unlink /etc/rhsm-host invocation) to use the
safe removal approach.

[coderabbitai]

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@Dockerfile.oadp`:
- Line 11: The RUN unlink /etc/rhsm-host step can fail the build if the file
doesn't exist; change it to a guarded removal such as checking existence before
unlinking (e.g., test -e /etc/rhsm-host && unlink /etc/rhsm-host) or append a
no-fail fallback (e.g., unlink /etc/rhsm-host || true) so the Docker build won't
error when /etc/rhsm-host is absent.

[rayfordj]

Suggested change

	value: "false"

[rayfordj]

Suggested change

	value: "false"

[jparrill]

/retest

[jparrill]

/retest

[openshift-ci]

@jparrill: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[rayfordj]

/retest

[rayfordj]

/lgtm